One of the most interesting and beginner friendly challenge as well as solve on the internet.... Amazing job!
@hasnahasna42204 жыл бұрын
Beginner? Ouf that makes think about my life again XD
@VIVEVIEV3 жыл бұрын
1 year ago John Hammond got me weak 💀💀 😂😂😂😂
@bugr33d0_hunter85 жыл бұрын
Wow, no way!!! I was waiting for you to start this. Sweet. I've done a few easy ones, but didn't record it, cause I take hours. I'm not that great .😟
@infinit3i5 жыл бұрын
I love the way you solved this.
@ashishsingh-ty6kf5 жыл бұрын
keep this coming sir!
@Raekh_4 жыл бұрын
Using zsh as well, you just need to chain commands : stty raw -echo; fg you can then reset, export your shell and you'll have a working shell with zsh. =)
@pixldznr21514 жыл бұрын
This is the comment I've been searching for for months. Thank you!
@cryswerton-silva5 ай бұрын
Very cool, man. Please, keep it up.
@ScreamingElectron2 жыл бұрын
I was today years old when I learned John Hammond pronounces GIFF with a soft G
@rodriquh4 жыл бұрын
Very cool JH, good find on the enumeration. It looked like fun. How long did it actually take you to get there?
@Reecepbcups5 жыл бұрын
What is your terminal gray auto complete package called? Or what I can look up to do the same for my box
@_JohnHammond5 жыл бұрын
I'm using zsh, and that plugin is called: "autosuggestions". You can get it started with OhMyZsh and then getting the autosuggestions package on GitHub.
@mcawalid5495 жыл бұрын
Amazing job detective
@JASDKA15 жыл бұрын
Been wondering if you had done any. Good job.
@silvertroop74 жыл бұрын
That HelpDeskZ code was absolutely terrible, no wonder nobody has touched that in 4 years
@io_punk82754 жыл бұрын
34:07 if you use "less -R" you will get a colored output
@Tekionemission2 жыл бұрын
(3:28)-Dirbuster to enumberate web pages. (36:58)-Kernel exploit, priv esc.
@Aischyl0s4 жыл бұрын
Just do more! Well Done!
@bugr33d0_hunter85 жыл бұрын
You have to use Johnny Longs methods, it will definitely work.
@TsukiCTF5 жыл бұрын
John's hackthebox!! Awesome
@patrickdee73655 жыл бұрын
Love it, and yours too Tsuki!
@hackandcode34743 жыл бұрын
I need help on this topic Linux fundamenta is HackTheBox Question: What is the path to htb-student's home directory
@Mpcrossley5 жыл бұрын
Thanks for this! I was actually thinking after user, there would be something with npm / node, since all the files are owned by root but world writeable. I'll have to check what I could do there, see if there's a node system() equivalent.
@MisterL2_yt4 жыл бұрын
I'm curious, why do you do all the boxes before? And how do you sell so convincingly that you are seeing all of this for the first time :D
@mikea6835 жыл бұрын
I used to love hackthebox back in the day and managed to get into the top 10 for a good few weeks (Mike2PointOh)... But I found the free tier to be swamped with too many resets. I think the VIP tier is well worth the investment if you are looking to avoid the frustration of bypassing a waf, gaining rce, popping a reverse shell, executing a hit and miss race-condition based priv-esc like dirtyC0w, only to have someone reset the box because they assume that the 403 they are getting means the box has crashed -_-
@Laflamablanca9694 жыл бұрын
How do you get the autocomplete/suggestive text in the terminal?
@gashone4 жыл бұрын
What keyboard you're using @John Hammond ?
@_JohnHammond4 жыл бұрын
I use just my DELL XPS 15, my laptop itself ahaha. Thanks so much for watching!
@gashone4 жыл бұрын
John Hammond , Thank You for quick respond. I just register to the site. I'm CEH but I don't have experience with programming and Linux - Any tips for the beginning?
@_JohnHammond4 жыл бұрын
@@gashone Have you tinkered with PicoCTF or anything to get started? Or OverTheWire is great for learning the basics of Linux!
@gashone4 жыл бұрын
John Hammond I will try, thank you.
@sheldongroom184 жыл бұрын
How do you get your previous commands to show up as you type in the terminal?
@Viralvideo201234 жыл бұрын
I have one question..do i need to port forwad after get access of the machine for future metasploit reverse connection..
@slendi96235 жыл бұрын
Why not use cat log.txt | less?
@AdamTheGuitarist5 жыл бұрын
What is your experience with zsh so far?
@_JohnHammond5 жыл бұрын
I like zsh a lot! The plugins are great, especially for working in a Git repo and having these autosuggestions
@AdamTheGuitarist5 жыл бұрын
@@_JohnHammond thanks for answer! I moved to zsh recently myself and so far, it has been one of the best decisions I made :)
@nayeemurrehman79415 жыл бұрын
Which shell are you working with? Is is zsh.?
@_JohnHammond5 жыл бұрын
Yes! This is OhMyZsh with the autosuggestions plugin, on Terminator.
@vtvtify5 жыл бұрын
JohnHammond??? HTB??? YAY!!!!!!! ~lior5654 from UUT
@ajthedaddy5964 жыл бұрын
I have watched most of your videos why you using Ubuntu why not kali or parrot.? Or you like Ubuntu more causr you have to install most of the softwares righy? Looking for a technical response.
@calebsykes48985 жыл бұрын
John, brutha do some crackme reverse engineering challenges
@emirkanesme45744 жыл бұрын
which terminal does he usin ?
@ArianAngel15 жыл бұрын
Script kiddie, script kiddie, Little ball of fur. Happy kiddie, sleepy kiddie, Purr, purr, purr. Just a joke ;). Great job.
@_JohnHammond5 жыл бұрын
i mean u right tho
@letscode53675 жыл бұрын
Ctf and ctf 👌👌👌👌
@scubasteve1174 жыл бұрын
Why remove the color codes? Why not use VIM and get a prettier output?
@user-lk5qz4wx4q4 жыл бұрын
Jiff file :D
@nareshg72923 жыл бұрын
i heard some people say not to use kernal exploits in OSCP ... i think there might be another way here to get root
@d1gBR5 жыл бұрын
IppSec disliked this video. Jk jk jk. Nice to see both writeups
@patrickdee73655 жыл бұрын
They use different vulnerabilities, one uses SQLInject and the other use PHP Shell Upload. I love it to see both.
@bugr33d0_hunter85 жыл бұрын
John I need to come by so we can work on a f,ew project's.
@_JohnHammond5 жыл бұрын
I told you I wanted to catch that Bsides event up in the northeast, that's my hometown! When I'll reach out for sure the next time I am in the area.
@bugr33d0_hunter85 жыл бұрын
@@_JohnHammond Nice. I'm just happy your on hackthebox now. So ill. Hehe.
@stevie1da_4 жыл бұрын
I would have run ls on the original rce you had to get the name of the new php reverse shell without using the python script
@ritikprime4 жыл бұрын
Sir mujhe fb account hack kar na hai
@rj_21905 жыл бұрын
That was fun to go through. Anyone know the autocomplete tool he uses with zshell idk if he mentioned it?
@therenaissance83225 жыл бұрын
Check out ippsec! He just did a video on this.
@_JohnHammond5 жыл бұрын
IppSec is the man. His videos are going to be a lot more thorough than mine, but I figured I'd at least toss my hat in the ring.
@shallercryz88955 жыл бұрын
Просто русский комментарий
@VVCHK9935 жыл бұрын
Invite pls
@bhagyalakshmi1053 Жыл бұрын
4wiondoor open is a files open 4one time files your experience 🕐 login 4 opening 🪟 one window attached hydel files