No video
Network Services 2 TryHackMe Part 1 NFS
Рет қаралды 17,043
Күн бұрынBack with Network Services 2 TryHackMe Walkthrough Part 1 NFS, are you ready to hack? THis room is all about enumerating NFS and exploiting NFS along with other common Network Services and misconfigurations. I hope you enjoy this TryHackMe Walkthrough of Network Services 2 Part 1 NFS.
FREE $5 TryHackMe Credit - go.mrash.co/tr...
#networkservices2 • #tryhackme • #walkthrough
Writeup: Coming Soon
Room: tryhackme.com/...
Website: mrash.co
Newsletter: mrash.co/newsl...
Twitter: go.mrash.co/tw
- - - - - - - - - -
0:00 Intro
1:25 Task 1 Get Connected
2:25 Task 2 Understanding NFS
9:10 Task 3 Enumerating NFS
27:00 Task 4 Exploiting NFS
38:00 Reflection + Outro
- - - - - - - - - -
My Software
$60 off Speechify Premium - go.mrash.co/sp...
Brain Music $1 Pro - go.mrash.co/br...
Managed Web Hosting 20% Off - go.mrash.co/cl...
Cheap Domain Names - go.mrash.co/na...
Automated Email Marketing - go.mrash.co/gist
Blog Autopilot - go.mrash.co/lettr
Screenshot & Record Everything - go.mrash.co/cl...
Google's Pro Suite - go.mrash.co/go...
- - - - - - - - - -
My Hardware
Asus Z690M+ MoBo - go.mrash.co/Z690M
Cooler Master CPU Cooler - go.mrash.co/ML...
Corsair 2TB M.2 SSD - go.mrash.co/MP600
Corsair DDR4 32GB RAM - go.mrash.co/CM...
Gigabyte 850W PSU - go.mrash.co/GP...
Intel i7 12700K CPU - go.mrash.co/12...
Intel WiFi 6 AX210 - go.mrash.co/AX210
MSI RTX 3070 Ti - go.mrash.co/30...
SilverStone Case Fans - go.mrash.co/AB...
Razer Blade i7 Laptop - go.mrash.co/RA...
Samsung Tab S6 Lite - go.mrash.co/s6...
PRISM+ 34" QLED Monitor - go.mrash.co/XQ...
Samsung 34" QLED Monitor - go.mrash.co/3K...
Bose QC35 II Headphones - go.mrash.co/qc...
Corsair Harpoon Mouse - go.mrash.co/ha...
Cooler Master Keyboard - go.mrash.co/SK622
Mic Arm - go.mrash.co/nm...
- - - - - - - - - -
Music - go.mrash.co/music
All of my opinions in this video are my own, I was not paid to make this video. Whenever there is a link in any of my videos, if there is an affiliate program available, it's safe to assume that you are clicking on an affiliate link. Please check my website for any associated bonus I may be offering, for supporting me or ask in the comments below.
@rebycfa5673 2 жыл бұрын
the nfs was the hardest for me so far lol. did it at 4 am and was sleepy
@xavierdupuis2719 10 ай бұрын
same thing here haha
@ShadowNoIT 4 ай бұрын
I agree! This is the biggest hurdle I've seen in my THM path. Grateful for the resources.
@ShadowNoIT 4 ай бұрын
I'm not even halfway done with this video & had to show love. Extremely helpful for a Linux newbie.
@mrashco 2 ай бұрын
Awww thanks for the message ♥️
@ktahack8064 2 жыл бұрын
oh my god, this room was too hard. Thanks much for make this videos!!!
@neoleonard7544 2 жыл бұрын
Hey Mr Ash, i'm new to this and watching your videos has helped me alot. I'm really inspired to learn and re-learn all the room that i've done!! amazing stuff you're doing.
@phang93 Жыл бұрын
Thank you for the walkthrough. I got some issues at the end of the room but thanks to you I found out my mistakes. :)
@mrashco Жыл бұрын
No worries! Glad you got through the room, keep on going and have a nice holiday 😀
@amyjohnson4725 Жыл бұрын
I've referred back to your videos a ton when running into complications (just as you did here). Thanks for the help!
@mrashco Жыл бұрын
That's awesome, glad the vid helped you out. I appreciate you leaving a comment!!
@Sparkling.Sylveon 24 күн бұрын
Another banger M8, thx 4 the great content!
@netcastr22 Жыл бұрын
Definitely helped out with your video but man this one had me stumped but I was able to figure out what I was doing wrong on some occasions. I didn't go along with some of the extra tricks you had just so I don't get further lost but please continue to share more videos.
@mrashco Жыл бұрын
Glad you got there in the end! And good on you for keeping it simple, there's nothing wrong with that. Appreciate you leaving a comment, I'm currently doing the Advent of Cyber 2022 event. If you've got time, it's worth doing! I've learnt heaps in such a short time.
@chaya6344 Жыл бұрын
Thank you for the python3 server way, I liked the other perspective.
@mrashco Жыл бұрын
No worries. I've recently learnt how to do it with nc too. But I still like the python web server way more.
@jaybiddy955 Жыл бұрын
This was the first network hacking exercise i really struggled with thank you for the video and the free python lesson 😅
@mrashco 11 ай бұрын
No worries! Glad I could be of assistance.
@ademolaadebambo9475 Жыл бұрын
Thank you for this. I had a problem with the bash file. Using wget changes the permissions on the file. Likewise using the cp command. So, what I did was to add the -p to preserve the permissions when copying to the mount folder
@mrashco Жыл бұрын
Ayyye, thanks for letting me know. Always keen to learn new flags/switches for commands.
@YukisomeVideo Жыл бұрын
I was trying to find what -p mean.... thank you. where can i look this up in any documentation?
@mrashco Жыл бұрын
Most commands have a manual page, aka a man page. If you use `man $command` or try either `-h` or `--help` after the command you'll most likely get a help page for the command you're trying to use. Or there's websites that list out what each command does... Can't remember them off the top of my head tho.
@wertkus 2 жыл бұрын
that was not a beginner-friendly.
@JavierCollazo-ok8di 9 ай бұрын
dude! awesome video keep up the funny yet informational content! you are a life saver my friend good on ya!!
@mrashco 8 ай бұрын
Aw thanks for the comment. When education is fun, it's the best. Appreciate you
@kevinalvarez8847 7 ай бұрын
Your TryHackMe's videos are amazing!
@mrashco 5 ай бұрын
Awww thank youuu!
@DatMemeBoi1738 7 ай бұрын
This is an awesome guide - Really appreciate the content!
@mrashco 5 ай бұрын
Glad it was helpful!
@user-qx7gh6ff1e 3 ай бұрын
I have to admit, I don't really understand 100% what the point of all this was. 1/First we get access to an NFS share, all good. 2/With this NFS share, we find a private ssh key that helps us establish an ssh connection onto the user cappucino 3/Then i get lost with what is root sqash and SUID, and why we do all this Can someone explain please? Thanks!
@itzyaboyj4199 6 ай бұрын
YOUR A LIFE SAVER, thank you
@mrashco 5 ай бұрын
Naw thanks!
@javi3830 2 жыл бұрын
SUID bit permission was +x not +s then. I was fighting it until my session expired lol
@kamalsharma2839 10 ай бұрын
Amazing content buddy. At 25:30, while doing ssh why was cappuccino chosen as user to login? Cappuccino was a mount
@mrashco 9 ай бұрын
Yeah they've used the same name as a user and a mount
@cecilcostanza9221 2 жыл бұрын
Could not work out how to get the bash file over to the NFS share. Thanks for uploading this
@ooliver 2 жыл бұрын
their way was so weird, you can literally just `cp` it to the mount which the command `cp ~/Downloads/bash .` was listed
@cecilcostanza9221 2 жыл бұрын
@@ooliver Yeah, I have never done that before, so it was useful getting a visual demonstration of how he solved it.
@paythet0ll 6 ай бұрын
I see you are doing this work while inside of another room. is this an add on/mod that you use?
@aldrinwong6160 Жыл бұрын
this is great help bud!
@mrashco Жыл бұрын
Glad it's helped 😃
@platiniumcbd4942 Жыл бұрын
Great video, mate! What shortcut do you use to clear the console and move the command line to the very top ?
@mrashco Жыл бұрын
Hey thanks mate, CTRL + L, it's like using the 'clear' command. Oh and CTRL + C to cancel is useful too!
@Randyorton98ful Жыл бұрын
sorry for asking but i dont Understand the :home on 20:28 of your video why we need that command
@mrashco Жыл бұрын
That's the name of the "share" were connecting too. So it's like the folder name we want to see on the remote computer. And no need to apologise for asking!!
@alexyoung545 Жыл бұрын
you are a legit hero
@mrashco Жыл бұрын
Idk about "hero" but thanks for the comment! Im glad the video helped!
@WolfIonGaming Жыл бұрын
Hope someone can help with this one I am not sure why but when I do ./bash -p nothing happens. I did exactly how its suppose to be for the bash file. I did chmod +s /tmp/mount/cappucino/bash then chmod +x bash, though for some reason I get groups are able to write on bash so what I do is chmod g-w to remove write on groups but for some reason nothing happens after the bash command. Any help would be appreciated!
@djdookiefruit4526 Жыл бұрын
same
@smarteasyaccessories9974 Жыл бұрын
same here I was able to get the bash file over through copying it to /home directory but cant get it to the exact file number for bash which has root privileges. The hardest task so far....
@mrashco Жыл бұрын
Hey, sorry for the late reply, this message slipped through the KZbin comment cracks. How did you go, did you get it working?
@LoneWolf5960 Жыл бұрын
This is what I did based on getting an exact answer for the "-rwsr-sr-x" part and making sure "./bash -p" gets executed on target machine on the ssh connection correctly: 1) On your machine (your personal kali linux or similar machine) make sure you are the root (I do it using "sudo -i" personally) and you are properly mounted to the target machine on "/tmp/mount" directory. 2) Make sure the "bash" file from Github provided by THM is added via your machine's mount point directory "/tmp/mount/cappucino", DO NOT do it though the ssh connection of the target machine. Though if you do, go to your machine to the mount point and do this: "chown root:root bash". This is essential to get the "bash" file to execute on the target machine once you assign the correct permissions. I don't know why the file works this way. BTW you should "man chown" but at a glance: "chown OwnerName:GroupName fileName". 3) To get the exact permisson based on answer "-rwsr-sr-x" (Do this on your machine as root at mount point directory on "cappuncio/"): -> "chmod 644 bash" which results in "-rw-r--r--" on "ls -la bash". -> "chmod +sx bash" which results in "-rwsr-sr-x" on "ls -la bash". 4) Go to the ssh connection to the target machine under the "cappucino" directory then execute "./bash -p". If you did this right, this should work. It did for me.
@WolfIonGaming Жыл бұрын
@@mrashco Honestly I totally forgot I left this comment here haha. Anyway I will try what @GeekTechWolf did see if I can get this finally worked out. Thanks for the help everyone! 😊
@smarteasyaccessories9974 Жыл бұрын
Hi Ash...thanks for your tutorials. I am very newbee in cyber sec. Just one question, how do you create /Documents/thm/networkservices2 directory?
@doomed8573 Жыл бұрын
mkdir name
@draganaveljkovic8086 23 күн бұрын
tnx
@Fish_Uber Жыл бұрын
I wish that the rooms for this path werent so bugged. I've been having issues running certain commands or options while going through and i'm not sure if im getting all the material. I used same line of code you used but for some reason my mount kept timing out and not working.
@mrashco Жыл бұрын
Ah true true!
@oshadabasnayake 8 ай бұрын
thanks a lot
@mrashco 8 ай бұрын
You're welcome! Thanks for leaving a comment
@georgiankali1225 Жыл бұрын
great great
@mrashco Жыл бұрын
Thanks for leaving a comment, appreciate it! Happy hacking...
@MrMoomoo87 Жыл бұрын
Good Job :)
@mrashco Жыл бұрын
Thanks 😁 Enjoy your Cyber Sec learning. If you have a second, I've started making 100daysofctfs.com I'd love your feedback. If you can't, no stress.
@user-cy8bd3vw7g 6 ай бұрын
You are a big help! saved my bash to downloads. Used cp ~/Downloads/bash . from attack machine mount /tmp/mount/cappuccino to copy over to NFS
@mrashco 2 ай бұрын
Awesome! Glad its working
@kiranchaitanya8850 Жыл бұрын
Your awesome 😎
@mrashco Жыл бұрын
Awwww thanks for the encouragement!!
@ehouaiscestdwiouaiscestbie2528 Жыл бұрын
idk if i'm dumb or what , but i didn't went back in the file system loool
@ehouaiscestdwiouaiscestbie2528 Жыл бұрын
@@mrashco thanks for your videos tho
@ivanomaras2776 12 күн бұрын
Ssh user cappucino password password with hydra sudo su ... id 0 whoami root
@shadowsage5125 Жыл бұрын
Followed the vid to the T to see if I was doing something wrong from the room. I'm able to do the mount command but nothing shows up in the tmp/mount/ dir. I've even tried using the ip:home/cappucino to see if that would work but not successful. any tips?
@mrashco Жыл бұрын
Hmmmm dam, maybe restart the machine? I've heard people having issues with some of these older rooms.
@smarteasyaccessories9974 Жыл бұрын
How can i get bash over to root directory? I am still seeing bash in Cappucino after running mv /tmp/mount/cappucino to /tmp/mount/cappucino/bash
@LoneWolf5960 Жыл бұрын
Explain what you mean please in more details
Family Games Media
Рет қаралды 30 МЛН
SALEM EPISODES
Рет қаралды 612 М.