I Let My Viewers Try to Hack Me
Vložit
- čas přidán 4. 06. 2024
- I let my viewers try to hack me for a prize. Yoooooo 😬
Check out Odoo and create a free website to support this channel www.odoo.com/basicallyhomeless
Chapters
00:00 HACK ME
00:20 Why tho?
01:12 Fart in jar
02:40 What this felt like
03:18 PRIZES
04:00 Preparing the laptop
04:55 Giving out my IP address
05:30 Leasing a storefront
07:10 GETTING HACKED
08:15 ...hacked?
09:03 How to Hack
10:30 HACK-ING
11:25 What does this mean
12:00 You're invited - HACK ME
12:58 Jeff Visit's the Dark Web - Amongst Whom
open.spotify.com/track/4SX6sI...
14:34 My Faith in Jesus
• My Faith - Where I Got...
business: nick@zbtsol.com
Support me on Patreon / basicallyhomeless
All of my socials and Discord are here - zbtsol.com - Věda a technologie
F for that chad who has severe chronic diarrhea
F
nice pfp dude
f
F
Eph
I didn't see the challenge... But I feel like there's no way a channel of your size that has made multiple videos on hacking and viruses wouldn't have multiple people that know how to perform a basic NMAP scan and brute forcing SSH. Seems weird
Thought the same. Additionally, the laptop was open to the internet. If viewers weren't gonna scan the machine, some malicious attackers would. There's simply no shot the device was not compromised, especially by a bot which scans the entire internet. I would highly recommend you put the next laptop behind a VPN and only let actual viewers have a go at the machine, not some random botnet or something.
Those htb guys would just laugh 😂.
@@chrome1157true
@@chrome1157 Yeah, even if nobody from the channel solved it, it should've been detected by automated scanners.
I put in a lot of work, but its not just basic nmap scan because ports are in ignored states (basically you dont know if it's open or closed port its ignoring connection and it takes much more knowledge to get passed that then simple nmap scan)@@kexerino
watching this channel slowly spiral in to madness is one of the most intriguing long term storylines
Homeless either has infinite money that he's just okay giving away or has absolutely no money available to steal. What is he doing???
that's damn right
went from siege to this, i like it
@@yewchicken2298 Jesus is king✝️Turn to Christ and repent for Jesus is the only true God and only true way to heaven God loves you he loves all of us he loves everyone
he was mad since the beggining
my guys an engineer, hacker, programmer, gamer, editor, and now a rapper. holy shit
True every man
i think it’s hilarious that i’ve been watching this channel since highschool and im now in my second year of college completing my computer information systems major in cyber security. And seeing him learn how to “penetrate test” on the fly makes me feel like i was always meant to watch this channel.
"wen i started watching this channel 2 years ago idda never thought id like it so much!" durrhurr
Man if youtube notified you of the other dude in the replies fuck that guy i appreciate your story
Skiddy...
@@ryshellso526 bro called someone actively studying cybersecurity a skid. the internet never fails to amaze
I was thinking the exact same thing. I have been watching this channel forever and just this year got into college for Cyber Security and just last week learned about brute force attacks and nmap. Crazy how these things happen
Use a honeypot for the next one, if you want to properly monitor what's going on within the machine.
Ahh the Classic "HoneyPot" a Pc honeypot is like a Firewall but made of ICE!
@@ps2killer1 made out of internal combustion engine
he is kind of a script kiddie that may be beyond his knowledge lol
Then for the whole location concern he could've just had a VPN that was running on the host machine (assuming its virtualized) and connect it to the guest machine.
@@TheNodeChannel if he gives out a VPN IP address hackers wouldn't touch it and wouldn't be able to do anything to it. Basic hackers will see if the IP is a VPN or not.
I think the main deterrent for many people who might've participated otherwise is that we can't know for sure that you're the actual owner of that IP address. It could very well have been someone else's IP and there's no way we could've known.
It's also possible that you could've misconfigured your system, and ended up giving us a dynamic IP. If that's the case, then we might not even be hacking the right device, even if you did own the device that had that IP at the moment.
A domain name eliminates a lot of this uncertainty, so I suggest you use one for future experiments like this. It's always great to see creators engage with their community like this, so hopefully you'll do this again in the near future 😁
“Your PC is safer than mine” HAHA JOKES ON YOU I’VE BEEN FOLLOWING YOUR VIDEOS STEP BY STEP, and now my 4070 is unusable 😢
Plot twist: the guy that disconnected the cams actually put a backdoor on the cams, so the next time you plug them in the hacker is in your home network and hacks your home PC
Imagine
not a hacker but wouldnt that only work if it had on-board memory or was an IP or had its own MAC?
@@randomuserame they are required by law to have their own mac 😘
@@randomuserame A computer's MAC address is kinda like a serial number, so the MAC won't do anything. As for on-board memory. It has to store it's software somewhere, right? Additionally, many cameras, and even IP cameras end up having some serious weak points in terms of security. Soo, yeah. It's still not likely, but it's definitely not something that's an impossibility
that was my thought too. beeing able to do that comes probably along with some other skills like patching the computer or devices firmware or to set up a boot override of the pc or changing the platform key etc....
Dude that car stealing story is actually so relatable. I'm going through the same thing right now. Esspecially since they don't take anything REALLY valuable, it's actually cute af how polite they are. idk maybe I'm weird, but I find it funny when I see the glove compartment slightly disorganized, but orderly. Like I know they pulled shit out, but they put it back, and tried to put it back the same way it was! lmao
bruh i would be absolutely terrified if that happened to me
Just to be sure, check if you got MPD
bro please lock your car
leave a little note for the person breaking in saying hi
@@goober_985 "hi, i know you've been entering my car for a while... wanna be friends? :)" LMAAOOO
Wow, I was pleasantly surprised at the end with you sharing your faith in Jesus. God bless you brother.
Bravo for the last 15 seconds of the video there. Caught me off guard but was so great to hear. Keep it up !!
If your network had exposed vulnerable services running on open ports, then of course they could be comprised.
brother I think you're about to get dumped on by a bunch of cybersecurity professionals for giving accurate information
that is scary
@@BasicallyHomeless
@@BasicallyHomeless just wait for the stack exchange users
no shit smart ass how else will this be possible
@@BasicallyHomeless im a cybersecurity professional i keep all the wireless waifu safe on the mainframe
This video is going to expose a ton of security vulnerabilities in ODU’s code
#1 rule in cyber security, nothing is unhackable.
even my Samsung fridge?
I don't think any cyber security specialist would agree with you on that.
What ending a video talking about your faith? Nice! Not many times do I see something like that in a video in this niche, so that's awesome
any decent hacker would automatically assume the challenge was just a honeypot and steer far away from it, that's probably why it didn't see much action
Many decent hackers and script kiddies have big egos, I like this guys content but this sorta gives me fake vibes
There was express written permission given to penetrate his network. No one's going to get in trouble for participating in a public penetration test.
@@K-Anator its not about getting in trouble, its about someone logging every command/ thing you do. honeypots are usually used to see what attacks/ 0 days hackers might be using. Why risk someone knowing your avenue of attack
@@aRockOrSomething2 This setup wouldn't have required the use of any 0days, it should have been penetrable using known methods. Besides, this was technically done as a whitehat operation, the kind where you make 0days public knowledge and get them patched.
@@aRockOrSomething2 who is going to willingly waste a 0 day on something like this
The fart in a jar caught me off guard 😂😂😅
Yeah lmao
Spoiler alert!!!😢😢😢
same thing happened here😂😂😂
@@cedricmunschauerI just started watching, I have no idea what the hell they are talking about
He think he Martin
14:35 Wow!!! Amen to that. I had no idea, I just saw this video on the home page and it looked interesting. I mean, wow oh wow!! I subscribed because of that ending! I am glad to hear that. God bless you!
Haven't watched your videos in a while and forgot how hilarious you were lol. Great stuff dude
The jeff song is a vibe, spotify release when?
LOL open.spotify.com/track/4SX6sIbpEWUZwmQYZ2U9Gn?si=5c5ef220056943fc
@@BasicallyHomeless amazing, i need to add this to my playlist.
Man I'm sad I missed this My first though was just do an ssh and try some common passwords lmao
you literally would have won
dude fr like if I wasn't on vacation when he posted that video i would've won lmfao
@@Pink_Charsureeee
@@SnoopCreature17 i'm serious lol
@@BasicallyHomelessplease do it again
Your videos always make me audibly laugh. Love your stuff.
this guy is clinically insane i love it
Your internal network is NAT'd out to the internet through your ISP - hence your public facing IP address. By default ports are not opened to the internet. Hence all the cyber security peeps telling you that getting hacked with just a public IP is not a realistic reflection of the average person's home network.
Yeah, he definitely doesnt get it. This video sucked.
would this change if an IPv6 address was shared?
that’s the point of the video, it was purposefully made much easier than your average pc would be and yet all the people who apparently knew so much still failed
@@loaf5025 I'm of the opinion no one bothered trying because next to no one sets up 5+ port forwards to a personal laptop in their home network. The typical home user public IP NMAP scan results are a glorious closed/filtered fest. The video felt presented like a criticism of viewers to prove them wrong somehow. What do I know though.
im no security expert but even if you open ports and arent cg-natted the chances of someone actually going after you are extremely little.
if you enable shh never ever use passwords, block remote passwrod login nstead use an ssh key stored on an USB drive.
if you want a website, only open port 443 and point it to a loadbalancer, than point that loadbalancer to reverse proxy, so other ports can be configured to be accessed without opening more ports. set that load balancer as a VLAN so its that some sort of isolation from your main network and you should be fine.
Mmm good hummus. Very epic. Much happy.
oh wow how did you get here so fast hahaha ;)
Hacking skills 🤫
😳
wait wha
How
Best part of the video starting at 14:35. Preach brother 🤙🏼
Ah crap I missed this one and I'm bummed. I love doing CTFs/pentests and this one actually looked so fun.
Fr... I'm a cybersecurity student and would have srsly loved to had been apart of this. His website says there may be another so let's hope for that!
Really glad I watched to the end. Talk about encouragement. Beautiful to see iron sharpening iron. Praying you thrive brother!
I was sitting here going, "How did nobody even try throwing metasploit at it for over 10 days."
You have cured the imposter syndrome I've felt as an IT "Professional."
Probably no one even bothered to even try it
how'd you use metasploit for this? most of the time, 22 is always ssh, and you can verify with the handshake. you can then bruteforce with hydra or anything else
i might just be stupid, idrk. i don't really do pentesting, mostly just c/c++/asm maldev and reverse engineering
Shouldve left 3389 open lmao
because it's fake. has to be. there's no possible way 10 days go by and nobody tried hacking it. if it was real the laptop would've been hacking within 5 minutes tops.
I had no idea he did this, I wish I couldve participated. Sounds like a fun time
Bro W ending to the video! Love ya homeless!
your videos consistently make me laugh. thank you
Looks like the competition is over now. I can't wait for the next one man. This is the stuff I love and I'll be checking back for the details.
kek, you in bro?
Loved the message at the end of the video.❤ keep it up man, love your content and your humor
Big W to you for adding the end of the video in. I appreciate what you're doing
Every video is straight up a movie, I love it.😂😂
If you made a dedicated video announcement, you would have been hacked in 10 minutes 🙂
No one simply saw the challenge :(
Yeah I knew nothing about this lol
same smh
real
He should check the logs. Im sure a bot got in the first day
Same, had no idea till today. Would've been pretty simple to get in, but idk how he had the site hidden so it could've been a pretty difficult challenge to find it.
Seeing odoo sponsor a bunch of youtubers I follow is hilarious because I once signed up for a trial, forgot about it and then got a REALLY passive aggressive email from one of their sales guys.
Amen preach it brother.
The fart jar will contain a fart for 10+ years. I sealed mine like 15 years ago and opened it in 2020 and it smelled exactly like someone had just ripped it 2 seconds ago
This is such a you move, but I am still shocked and extremely impressed by this stunt you pulled! You are, dare I say, based.
Wow that was really entertaining. Thanks man. That rap at the end lol yes.
Thank you for the message at the end. I’ve been trying to work on my faith and relationship with the Lord
Love the part at the end, %100 agree. Keep making the banger content and professing your faith 💯
the random guy you see at Walmart in the tech section
the guy that crop dusts you on the way to the register
@@BasicallyHomeless yea lol very true
@@BasicallyHomelessik I gotta stop
Love the message at the end Amen!
Damn last video I’ve seen was the homemade virus glad you doing better now wit these new videos still up
SSH brute-forcing is not something I'd do personally, most setups have a rate limit and/or will trigger a canary and/or block your IP. So unless you have done recon and have a list of possible users and passwords to spray, It's a very skid-ish method
Honestly super surprised no one was able to do this. I feel like some "easy" boxes on Hack The Box are more difficult then this challenge haha Great video as always
That 90 second hacking tutorial was probably the best hacking tutorial i have ever seen. Straight to the point, no bs, and was super quick and informative at the same time!!!!!
Aw, i wish i saw this before it was over. I love these kinds of challenges.
You need to rent this store front and keep a 24/7 live stream just to see what creatures be popping up 😂
Amen bro talkin bout Jesus is a HUGE W . I love that so much.
That cool tune at the end was awesome!
The way all the random references and jokes get tied in all the way to the end is so great.
This is such an awesome video. Thank you for making this. Its pretty insightful and sheds some light on what some folks are really scared to. Keep on with the awesome content :)
Super cool and encouraging to see your boldness to share your faith on your youtube channel!
that song was lowkey dope man.... 10/10 would listen again. whens the spotify drop? XD
very goated channel! One of the best videos!
The fact that you put that laptop online through a cellular hotspot instead of some sort of terrestrial ISP (cable, fiber, etc.) increased difficulty of this challenge exponentially. The majority of cell providers use CGNAT, which means the public IP address you provided was not actually yours, but rather belonged to either a firewall or router that is sitting in a data center somewhere. The WAN IP address shown on your phone/hotspot is, 99% of the time, actually a Class-C address that is NAT'd through a public IP belonging to the cell provider. Essentially, everyone who tried hacking you was actually trying to hack AT&T/T-Mobile/etc.
then how did he hack it? most times it wont matter.
Utmost respect for openly talking about your faith at the end :)
What a sense of humour especially you rap is dope
a 15 minute ad that's crazy
Next video: "I let viewers try to delete my channel"
The jesus talk at the wnd was fantastic. You should do a little segment at the end of every video where you give out a little bit of wisdom/dad advice type of thing. Kind of like Garand thumb does at the end of his videos, but from you instead.
this song is a banger
Yo your a Christian! That's awesome! God bless you brother!
Love the end of the video man ❤
Fun video but best part was the end talking about Jesus! Haha love it bro!
the rap is insane
Another fun, informative video and I, for one, appreciate the last section about your faith and trust in Christ :)
I think this is the best video I’ve seen on CZcams ever hands-down
What was that rap at the end xD that was awesome
I literally love that people could have done this via a Kali linux vm, and any basic beginners pentest guide involving Kali linux. It is possible to hack someone via their public facing IP address only, but like the majority of the comments have pointed out, unless you actually create those vulnerabilities, it's not that easy or simple to access a device on the private network connected to the public IP. If it was that simple, there would be no need for for hackers to create viruses which create vulnerabilities in devices, so I believe this video was made to prove that the majority of your community was all mouth and no action, which you seem to have proved, but as mentioned the claim that you can hack "anyone" with nothing but their IP, complete BS.
The only thing I got from this video is that he's still probaly not over the 3$ he lost and he has a weird thing for farts and jars. 10/10
bro the ending is sooo wholesome i reely like this guy
My god that end sobg went insanely hard
Mr. Hummus going into this wearing the Full Armor of God, farming the Fruit of the Spirit. I would like to buy you coffee one day.
If you had any ports open, then yes you can definitely just be hacked with just your network ip address
WOAH WOAH pal, take it easy with sharing correct information like that. There's ladies on this floor.
It's not just about ports being open. A vulnerable service has to be running on that port. Those ports are just the typical ports those services run on. Like how http runs on 80 and https runs on 8080. But you can open port 80 on your computer without setting up an http server on it.
@@nordgaren2358you mean like ssh or telnet? And actually if you have port 80 open on the inbound on your firewall then that's a security issue but having port 80 on the outbound is a different story.
@@nordgaren2358 https uses port 443 by default tho?
@@nordgaren2358 EXACTlY., This is what everyone missunderstands. All they care about are "open ports" but in reality there has to actually be something listening on that port that has a vulnerability that can be exploited
Last 30 seconds is what made me sub🔥
WISH I SAW THIS CHALLENGE WHEN IT CAME OUT... LOVE HACK THE BOX CHALLENGES.
OH DUDE LETS GOOOOOO what a king for the outro- The Lord be with you brother
I'm confused, you asked them to try and hack your IP Address but didn't even have a basic NAT firewall blocking port 22? I mean... with just a basic router in a basic NAT config (like basically everyone has) this would not be a problem, and I feel like you're trying to make it seem like computers are more hackable than they actually are.... furthermore... no mom-and-pop laptop is going to have SSH server installed anyway for any reason.
🤓
He literally said it’s like leaving his car unlocked. Watch the video.
Dang, this video was really good! I make educational cybersecurity videos on another YT channel and I really like how entertaining this video was along with being able to teach viewers a little about security/hacking/cybersecurity. I definitely want to be able to make videos like this. Thank you for the inspiration!
This made me wanna change my password to something even more secure and obscure than ever before!
i pushed a old person down the stairs
Oh!! How lovely
That ending though? BASED!
Really love the channel direction… now when is deviant coming on
Bro was like: here is the easiest way to get on a watch list
so glad there’s a funny creator who doesn’t hide his faith
Props for not being ashamed to be Christian.
The song at the end.. about people with bad credit. That hit where it hurts lmao a hacker wouldnt even want my identity
The song at the end was crazy bro. Fire song 🔥
I haven’t watch homeless in a minute, but upon coming back, I love how he dedicates even just a few seconds for god. It’s not something you see often on CZcams. Kudos to you.
fr
Respect to you for talking about your faith and sharing it on your platform
Can confirm, I saw the announcement with a countdown to when it goes live... and promptly forgot about it once I got home from work
Mr. Homeloss can you please make a vid of you training AI to shitpost? That would be pretty dope. Unlimited shitpost potential. Too much power for one man to weild
i know you mentioned this in the video, but i feel like it bears repeating. this is pretty unrealistic as almost no device you use will be this insecure and vulnerable unless you make it that way. most people have their ports closed (not to mention theyre generally closed by default). not only that, most people dont have their usernames and passwords THAT easy nowadays. i mean, the easiest passwords you might find is a pet name + birthday combo (more common than you think). that said, this video is very entertaining and im looking forward to seeing an update to it. maybe it can even get turned into a sort of mythbusting series lol
also people who do open ports first disable password login on ssh. its nearly impossible to bruteforce an ssh key, if you could bf that, SSL would become pointless, as both ssl and ssh keys use similar algorithms. if someone's on your prem, you have bigger problems than your ssh key being stolen.
second, ideally, you'd only open ONE other port, and load balance and/or reverse proxy that for any other needed port
there are service spoofing tools so you can say your port 22 is telnet for an example, and your actual ssh port is 1234 (example)
u can also disable icmp response, so if someone tries to ping itll ping out and it'll seem as if you're offlne.
openng ports isn't scary either
loved the last bit, Thank you so much for expressing your faith!!