Vulnerability Research and Exploitation | TryHackMe Junior Penetration Tester

Рет қаралды 12,265

Motasem Hamdan | Cyber Security & Tech

Күн бұрын

In this video walk-through, we covered exploiting vulnerabilities and vulnerability capstone rooms as part of TryHackMe Junior Penetration Tester pathway.
*********
Receive Cyber Security Field Notes and Special Training Videos
/ @motasemhamdan
**********
Answers to the room
motasem-notes....
TryHackMe Vulnerability Research and Exploitation
tryhackme.com/...
********
Google Profile
maps.app.goo.g...
LinkedIn
[1]: / motasem-hamdan-7673289b
[2]: / motasem-eldad-ha-bb424...
Instagram
/ motasem.hamdan.official
Twitter
/ manmotasem
Facebook
/ motasemhamdantty
******

Пікірлер: 27

@danosullivan2964 2 жыл бұрын

Just an FYI for people, I didn't need to setup a nc listener and could run commands from the shell offered by the python script in my terminal. Only difference was I ran it using python3, then you can ls the contents and the flag is there :)

@Bracara 2 жыл бұрын

Did exactly the same thing.

@raiders18dr 2 жыл бұрын

hell yeah

@Blu3yyy Жыл бұрын

Thank you Motasem, great video as always. Much appreciated!

@ibrahimiam 2 жыл бұрын

Thanks for all your contributions

@huuloc8719 2 жыл бұрын

Thank you so much Motasem.

@Fullstackdev- 2 жыл бұрын

thank you for sharing

@Max-hi4tc 2 жыл бұрын

Traceback (most recent call last): File "47138.py", line 23, in xxxx = raw_input('cmd:') NameError: name 'raw_input' is not defined what went wrong?

@kevinweeks3824 2 жыл бұрын

i removed raw_ then reran the code and it worked. xxxx = input('cmd:')

@tomkraus1610 2 жыл бұрын

Check my reply

@otojonkhudayarov9111 2 жыл бұрын

run with python2 instead of python3 => $python2 47138.py

@jeremycheong8036 2 жыл бұрын

Hi Motasem, could you help me i am stuck on using 50477.py RCE 3 instead. I have seen other youtubers and they end up with the same result. (i.e output "system") and I did not receive a shell. Seems like something is wrong with the encoding portion of the script. Script contains quote(cmd) in plain text instead of encoding. I think that's the error. I also ran a listener but no avail.

@pratikdograma4322 2 жыл бұрын

Hi Motasem thanks for your effort,Is there a way to exploit any unguarded windows 10? I couldn't do this in no way excluding msfvenom ...

@tomkraus1610 2 жыл бұрын

I keep getting an error when trying to execute the 47138.py. Traceback (most recent call last): File "PATH ON PC/47138.py", line 23, in xxxx = raw_input('cmd:') NameError: name 'raw_input' is not defined I only edited the py file, by replacing the target URL and removing the proxy. Same as you. Any help?

@tomkraus1610 2 жыл бұрын

i found the error, ended up changing "raw_input" to "input" and "urllib.quote" to "urllib.parse.quote" because python3 got shell

@mohammedkhaledabdullahbend4514 2 жыл бұрын

ليش م تنزلهن بالعربية وهل في ترجمة للفيديوهات؟؟

@myname-mz3lo Жыл бұрын

you made that waaaay too complicated. once you have the shell just do ls and cat the flag.txt file ... dont know why you went and did all that extra stuff

@mohamedali8605 2 жыл бұрын

Thank you so much ,Gazakom Allah 5ayeraaan

@namelastname3492 2 жыл бұрын

Are your notes available for download from somewhere?

@MotasemHamdan 2 жыл бұрын

Hello, Notes are available as part of the channel memberships. kzbin.info/door/NSdU_1ehXtGclimTVckHmQjoin

@namelastname3492 2 жыл бұрын

@@MotasemHamdan Got it. Thanks. By the way your contents are really good and understandable. I start recently dealing with Cyber Security and I'm finding your channel for a really good resource. Keep going :D

@gihandilshara847 2 жыл бұрын

First view and like

@otojonkhudayarov9111 2 жыл бұрын

sometimes i say : "what a hell is that 🥲" , exactly same code , exactly same ide , same python version.Buttttt it works in Motasem and gives error for me , lol

@MotasemHamdan 2 жыл бұрын

You must be doing something wrong :)

@iCyberVenom Жыл бұрын

@@MotasemHamdan Idk man...I ran EXACTLY what you ran and it doesn't work. Same python script gives all kinds of errors for "print" and "raw_input"

@figurxfigur8935 Жыл бұрын

@@iCyberVenom probably you have to run script using python2 or change syntax to python3 in code