Hey John, I've been following you for a while now and watched almost every video of you because you really have a high quality content and I learned a lot from it. Way back 2019, I didn't really have the money to get a laptop and what I did was just watch your videos and I learned a lot even though I was just watching. Today, a hiring manager called me and told me that I am now officially hired and a part of an international bank's cybersecurity team. You played a big part of my success. You just don't know it. Thank you so much man. Don't stop leading us to the right path

Great video, John. Something to also note is that this challenge could be solved with the "oleobj" script from the oletools package (same package that olevba comes from). Running it on the PowerPoint will instantly spit out the malicious payload and then it's just a matter of doing the URL decoding and Base64 decoding as you showed. Thanks again for all the great content!

That was so quick and masterful I didn`t even notice when it was over! Awesome!

CMD: What is my job? Invoke powershell

NO DOUBTS ! one of the best youtube channel ever !

I never got to chance to thank you, so thank you John Hammond for your time, your devotion, for teaching us ! You deserve respect !

The man, the legend, The Hammond! You're the man bro! This inspired me.

Great Video! I have gained so much knowledge by just watching your videos and then trying them myself.

Hi John, I'm new to your channel and I'm loving it so far. I work as a C# .Net Developer, but don't know much about networking and would really like to start learning more about cyber security and how to use my programming knowledge for it. Any advice on where to start? Maybe any book or website to get me started?

Thanks for these videos John. I have learned a ton from you that I can apply to my day job.

"You can unzip PowerPoint file" The more you know~ For real though didn't know that haha

You taught me that Office suite files are binary blobs that could be extracted/unzipped. In return, I offer that usually the newer Office suite extensions either have x or m; m stands for macro-enabled. (i.e: pptx (powerpoint) / pptm (macro-enabled powerpoint); xlsx / xlsm)

Just commenting because I find it funny. Not criticism or anything :P 2023 requires disclaimers 1) worried about security, download subl extensions without checking if they are safe at least on high level 2) unregistered subl version. Totally agree with that after they started forcing users into undesired upgrades and charging full price again

Thanks fella. This was one that I managed to follow and understand quite easily for once.

appreciate ur knowledge..

You are magic. Thanks for teachings

I notice the fake "download URL" doesn't seem to be well formed - there's only 1 / instead of 2 ...

I never knew about URL safe base 64 encoding... nice

Oh My phuking god , So much to learn!!

Thank you

John, could you please do a video on the Obsidian note taking app? I usually write my CTF notes on paper but it would be so much better doing it on the computer.

the newer office docs. are like zip archives. use didier stevens tool, zipdump

Thanks for that base64 tricks at the end

good stuff, nice vid!

Well Done

Thank you!

Please tell which linux distro 2021 is best for ( Raspberry pi 4 model B 8 GB ram) for ethical hacking pentesting or cyber security

wow amazing

I can not seem to find a video of john hammond where her reverse engineer a malware, then he analyses the shell that the malware opens, and after that john hijacked that shell to hack back the C2 server, and he got a reverse shell with the C2 server if anyone knows the video's name, plz write it down

Very cool

Bro how do you do this so easily. I've been using Kali for a while now and barely no the basis. I saw you used some sort of "app store" when searching for a XML decoder. Does Kali have that option built-in or is it something I can GIT.

Nice content ...

Good music though at the outro

Very interesting content

I learned so much thanky ou.

Hi john If some one challenged you to create a script virus and he should clean That virus without reading the script he can use what ever tools to clean that virus he can scan that virus with some restrictions , would you take that challenge ?

Awesome!

Hey , I am solving machines by reading and wathcing many walkthroughs still having problems solving machines by researching on my own , would you please provide some seris of boxes wher i can go and work on .

cool man.

Anyone know which os he is using?

There is a Base64 that’s URL safe?? Holy shit

How this attack works in real world. Is there any blog for reference using powerpoint without macros for phishing? Or how to add these xmls in powerpoint?

Cool!

OP

I can't imagine how this Guy master this hacks

"Nice and easy" yea right easy 😂😂 omg man this is crazy haha

nice

Who the is this 4 guy 😡

🤴🤴🤴🤴🤴🖤🖤🖤🖤🖤

Noice

I can unzip Office files 🤯

Plz improve your montage skills

Thank you