I love how Optional gave his big YEES on a question whether box was patched :)
@ssh17hx0r3 жыл бұрын
You popped up in my feed and I have to say I'm really happy. Damn you're good. It was a blast watching you work.
@troybaird4044 жыл бұрын
Love the KOTH games, keep them coming!
@EndisuKKJJ Жыл бұрын
11:58 "NOOO" KKJKKKKJKK
@D3fconNull4 жыл бұрын
I love the way u mess with john :)
@TheMoogleee4 жыл бұрын
More videos please, I learn a lot from just watching you brotha. Keep it up
@optionalctf4 жыл бұрын
Plenty more coming! Finally settling into a schedule which means I can balance everything!
@mdemonhasan20473 жыл бұрын
Excellent video
@Yusuf-sq5xc4 жыл бұрын
Amazing content bro loved it
@mdemonhasan20473 жыл бұрын
Love this game
@TheFunny7074 жыл бұрын
I love your content. Keep them coming.
@vargnaar2 жыл бұрын
The video that brought me to Johnny Hamhands which brought me to THM. It's Optional's fault, everyone :D ♥
@usha42204 жыл бұрын
I didn't expected this from nahamsec 🙃
@armandkruger9113 жыл бұрын
You can edit the PHP file where the command injection is , just before the "else" statement , you can add "die();" which will just kill the PHP execution flow before it gets to the command injection The find SUID is running under the context of the user , not root so it will be fruitless. But what you did by replacing the users' ssh keys was the right way to go , but the user can run /usr/bin/python as sudo.. So if you run "sudo python -c 'import pty;pty.spawn("/bin/bash")' you will be root Also remove the SUID from lucky_shell with "chmod 777 Then chmod -s" xD & kill all user process with "pkill -U www-data" , it will kill all their processes The root.txt file is also being replaced with John , so he is probably running a cron and when you ran ps aux , you can see that the other root user (John) is running /bin/bash -p , so he made /bin/bash a SUID. He can literally run /bin/bash -p as any non-privileged user and be root
@mdemonhasan20473 жыл бұрын
Beautiful
@irumidesu92364 жыл бұрын
i seriously just feel happy that you showed your face. i dunno why. does talking while leaning right or left automatically change the mic output? like when you move you head to the right they can hear you, but when you move your head to your left it's like they can't hear anything why you talk with people on the stream chat
@maisydinosaur4 жыл бұрын
It looks like he's hitting a keybind when he leans to the side to mute himself in the voice chat.
@mdemonhasan20473 жыл бұрын
Nice video
@mdemonhasan20473 жыл бұрын
Good video
@username-wh2ux4 жыл бұрын
13:14 "G" - moves to the last line of the file, "o" - creates a new line for text entering ;)
@markgacoka97043 жыл бұрын
I didn't know Dominic Toretto and Seth Rogen were into koth
@garrettblackard22884 жыл бұрын
Didn’t know it was rce in url I get in a whole diff way lol
@criticalfando4 жыл бұрын
instaliked optionalsensei
@Daf-wk5zy4 жыл бұрын
kairos in greek means weather!
@gwnbw4 жыл бұрын
11:56 lol
@optionalctf4 жыл бұрын
the "nooo" really hits different
@corporateLabour4044 жыл бұрын
How do you copy to system clipboard in tmux??? I m new to tmux...and i m having this problem of copy paste between clipboards... Can u help me🙁🙁
@ManjotSingh-ih7gi4 жыл бұрын
How you guys found the king.txt flag
@technocrats23604 жыл бұрын
How can you run gobuster so fast?
@HMUP74 жыл бұрын
fsat fingers goes bshhhhh
@HMUP74 жыл бұрын
+ Tab is actually good in auto fill :)
@arshiyakhan67894 жыл бұрын
You are more talented than these guy's
@optionalctf4 жыл бұрын
I wish that were the case, it's just different mindsets. Nahamsec and STOK are both insanely talented bug hunters and John is just amazing at everything. If it was a level field I dare say I'd of been slapped around more