Hide a Hacker's Reverse Shell in ONE Command
Рет қаралды 84,777
Күн бұрын
@laurenlewis4189 Жыл бұрын
Grzegorz is pronounced "gSehgoS" where the capital "S"s are pronounced like the "s" in "treasure"/"pleasure"/"vision." Tworek is easier: "tforek" - just remember that most european languages pronounce "w" the way english speakers pronounce "v," and in some words that can get the "voice" (the hum) taken out of it to become an "f" I highly recommend learning the International Phonetic Alphabet. It makes sense of those weird pronunciation symbols on Wikipedia and Wiktionary, and you'll look like you're a smart cookie who speaks multiple languages when you just have figured out how to read pronunciation guides. Knowing how to pronounce words in other languages and knowing what phonemes are commonly used in certain languages also helps you fake an accent and better socially engineer people, if that's the type of hacker you're aiming to be.
@PR1V4TE Жыл бұрын
That's a great explanation right there my friend. 😂👍🏻
@amine_jbz 9 ай бұрын
Hello man, I'm from Belgium and as a native French speaker, we don't pronounce the w like a v for an English-speaker, but It's right for some European-language like German and more. Btw, thank you for your good explanations and your advices !
@panchakosha Жыл бұрын
Yes, that's correct \0 is a null character. \1 would be a null character but with an index of 1, so \0\1 would be two null terminated strings. Modifying the registry doesn't affect the RDP query commands directly. It just allows you to customize the output with the key and value. The query commands retrieve the information from multiple sources: WMI, RDS, TS configs, registry, system data structures like Process Management, etc.
@keylanoslokj1806 Жыл бұрын
Meaning exactly?
@panchakosha Жыл бұрын
@@keylanoslokj1806 I was responding to questions he was asking in the video. Null characters can be used to separate multiple strings stored as a single value in the registry. For example, /d 0\01\0LOLBin\0calc.exe. He was also wondering where the RDP query commands were pulling their info. A more concrete example would be WMI providers specific to RDP, such as the Win32_TerminalService or Win32_TerminalServiceSetting classes.
@coltonthomas3658 Жыл бұрын
@@panchakosha can you explain the null character indexing? Can a reg value be "string/0hello/1world/2"? Is this why they show up as newlines when you view the key in regedit?
@dineshpavar1724 Жыл бұрын
🎉🎉🎉😊🎉
@list1726 Жыл бұрын
Thanks for posting
@ReligionAndMaterialismDebunked Жыл бұрын
AMSI reminds me of Jamsey and Wamsey, an inside joke my friend's friend started. Haha
@guyincognito9009 Жыл бұрын
Dude this guy is incredible. Just like you, thanks so much for All your Videos john
@Vort3X-tech 10 ай бұрын
How can you run that payload on the target machine without them noticing?
@donttrusttheape Жыл бұрын
It will be Gregor in English, actually one of few Polish chaps worth, following!
@andreadistasi8842 Жыл бұрын
Great one! I like that you kept it slim!
@oildiggerlwd Жыл бұрын
Love the comments about webroot. Made me laugh because that’s what our MSP has installed on our endpoints.
@kazhiroma9736 Жыл бұрын
I was just watching your video on hoaxshell
@ruthvikas Жыл бұрын
Still waiting for picoCTF 2023 🙃
@PR1V4TE Жыл бұрын
John himself need a walkthrough first 😂.
@panchakosha Жыл бұрын
Does CLR Hooking to bypass AMSI still work in Windows 11?
@OfficialAfterLifeEdits 4 ай бұрын
the vrisu got me
@mikaeleriksson6504 Жыл бұрын
Am I missing something. You need to have admin rights to add the query command right?
@MasterOfMisc Жыл бұрын
Yeah your right. You still need admin access to write to the registry. Which makes this kind of moot
@bogutkghbkng12 Жыл бұрын
Irshad
@FuzzerHash Жыл бұрын
Heavy nice content, already waiting next videos.
@MrClawt Жыл бұрын
What if you can't write to HKLM?
@keylanoslokj1806 Жыл бұрын
Dear mr Hammond our favourite security expert. How can the simple, total beginner user, check if someone has hijacked any device of his network? Smartphone, laptop, smart TV etc. How do we detect a compromise or even foreign users?
@CyberDevilSec Жыл бұрын
That is epic Jhon keep up the great work!
@groundwalker2162 Жыл бұрын
Love your content Inspired me to learn
@lancemarchetti8673 Жыл бұрын
Nery Vice!
@HxN0n3 Жыл бұрын
Superb! man
@dariusvlogs3634 Жыл бұрын
How to bypass amsi
@ScottPlude Жыл бұрын
Are you telling us how?
@ygx6 Жыл бұрын
@@ScottPlude nah he's asking
@MrEndzo Жыл бұрын
Hacking Windows is cheating.
@trojankit Жыл бұрын
Wym?
@Exotic69420 Жыл бұрын
literally
@Exotic69420 Жыл бұрын
@@trojankit too easy
@bc100dev Жыл бұрын
True. Better make Linux malware instead of Windows malware
@ggsap 9 ай бұрын
@@bc100dev How? That is so much easier
@franman6831 Жыл бұрын
Top tier content John
@Gobillion160 Жыл бұрын
write ur report with chatgpt
@stevegreen2753 Жыл бұрын
I like it :)
@rodricbr Жыл бұрын
awesome
@biocode2856 Жыл бұрын
It's a nkritid viris😂😊
@anilbangera1 Жыл бұрын
❤
@alexandrohdez3982 Жыл бұрын
👏👏👏
@tyrojames9937 Жыл бұрын
👍🏾
@d8rh8r35 Жыл бұрын
noice
@Mezzosd Жыл бұрын
Windows defender its work lol
@Repossessionn Жыл бұрын
ayyy
@ReligionAndMaterialismDebunked Жыл бұрын
Early :3
@adonyz666 Жыл бұрын
first
@averagejoe404 Жыл бұрын
Who asked?
@SolitaryElite Жыл бұрын
@@averagejoe404 me
@wha-yuanfh Жыл бұрын
useless
Harley Quinn with the Joker
Рет қаралды 26 МЛН
ANA THike
Рет қаралды 1,1 М.