TryHackMe! Sudo - CVE-2019-14287
Рет қаралды 52,822
Күн бұрын
@ProfessorParno 4 жыл бұрын
1:44 - port scanning /w nmap 2:43 - Web vulnerability scanning w/ Nikto 2:50 - finding web dir /w gobuster 6:18 - cracking password /w hydra 7:11 - FTP login 10:17 - doing some forensic stuff 11:20 - cracking zip file 14:54 - SSH & finding task 4 answer 20:48 - Privilege Escalation Always fun to watch John Hammond doing some TryHackMe room, hope my channel can grow as good as John Hammond
@DDBAA24 4 жыл бұрын
I was just watching an ippsec vid and he has chapters with titles and descriptions that display when you hover over the seek bar. I guess this is a new feature in KZbin , at least its the first time I've noticed it. The feature should save you some keystrokes 👍🏻
@_JohnHammond 4 жыл бұрын
This is AWESOME! Thank you so much for the timestamps, I really need to put stuff like this in my other videos!
@anantikatokas7149 2 жыл бұрын
All your videos are amazing 👍!!
@Kimbojangles 4 жыл бұрын
I don’t know why, but I find your TryHackMe! videos to be super relaxing. I only vaguely understand what you’re doing, because I don’t possess any of this IT knowledge that you’re implementing. Thanks for the great content.
@_JohnHammond 4 жыл бұрын
Happy to hear that! You'll definitely pick up the skills and the IT knowledge if you keep watching more, I think! Thanks so much for watching and thanks for all the kind words!
@cosmintibuleac969 3 жыл бұрын
Agent Sudo is so awesome, especially if you're like me and have never gotten into steganography. Not to mention seeing you doing it with your knowledge is even more awesome! Thank you, John!
@QzSG 4 жыл бұрын
It makes me happy that what you did was more or less what I wrote in my writeup as a beginner back in December, awesome that I did it like you too!
@1nd0m1t 10 ай бұрын
nice!! In this machine Linpeas reported permissions in lxd so I mounted a container and get root. I didn't know about this CVE :')
@matncerqueira 4 жыл бұрын
I just got here (on your channel) this week and i'm learning a lot from your videos, thank you! Keep doing them, they are awesome!
@neilthomas5026 4 жыл бұрын
I love how every morning I wake up and there is a new video waiting and new things to learn!! Very cool video :)
@_JohnHammond 4 жыл бұрын
Hopefully I can keep up the every-week-day uploads! Thanks so much for watching!
@mangalangnanasegaram6536 10 ай бұрын
Addicted to John's explanations
@benkato_ 4 жыл бұрын
Your videos are rlly chill and I like to watch solve CTFs that I solved :D Thanks for uploading :3
@Noah-hk4ec 4 жыл бұрын
Du auch hier
@_JohnHammond 4 жыл бұрын
Happy to hear that! Thanks so much!
@benkato_ 4 жыл бұрын
@@Noah-hk4ec Schon lange xD
@MultiBiggie007 2 жыл бұрын
thanks for making these videos. helpfull to see someone elses sollution!
@cristhianz91 4 жыл бұрын
Nice room John! I've learned some nice stuff with this video. I'm new in the hacking world, I started in THM a week ago and I'm learning a lot. Keep up with the good content, greetings from Argentina!
@davidraymond7420 4 жыл бұрын
Nice one, thanks, always cool to watch 👍
@SAinTIdiVAca 2 жыл бұрын
How did you know to try curling the website with an added header? That seems so random is that a very common technique?
@prohat7674 4 жыл бұрын
You make very good tutorials 🖒
@_JohnHammond 4 жыл бұрын
Thank you so much! Appreciate all the kind words!
@damienkali 4 жыл бұрын
@@_JohnHammond Hi John, would love to see more Windows side stuff, Im currently studying for OSCP & I know there is a lot of Windows based, most of the stuff we tend to learn from CTF is all linux based, which is fine, for e.g. Could you do a review or something along the lines of using tools like psexec.py, crackmapexec etc... More Active Directory based attacks (or your next video for Attactive Directory) :) Thank you
@daheck81 4 жыл бұрын
19:26 *"2.2.3 Crash at Corona."* Theyve planned this whole thing back then already 😦
@zeg0noidpils26 4 жыл бұрын
Lol
@dwpersGC 3 жыл бұрын
say it with me John - 'autoSPY'...the box is agent sudo after all :D
@Prim1TiveCH 4 жыл бұрын
enumeration videos like this is great to learn file extractions and finding hidden stuff
@thatcrockpot1530 4 жыл бұрын
Of course I never get to exploit this bug when I want to find it, but I watch a video and there it is :) Good video tho!
@_JohnHammond 4 жыл бұрын
Thanks so much! And thanks for watching!
@thatcrockpot1530 4 жыл бұрын
@@_JohnHammond I'm 22 but I wanna be like you when I grow up hahaha
@DHIRAL2908 3 жыл бұрын
Those fonts at 0:42 look cool!!! What are they called?
@code4720 4 жыл бұрын
thanks i learned so much
@anonded 4 жыл бұрын
omg very informative... like even for starters. greatwork!
@tentra7548 4 жыл бұрын
damn dude, subscribing forsure! Awesome content in all your videos. Thanks a mil for the knowledge. :)
@kumarniloy3893 4 жыл бұрын
ngl I was also fetching Alien_autopsy.jpg , fun room and great video as always !
@therealgunny 4 жыл бұрын
your videos are very entertaining, keep going D:
@alexfullstop 4 жыл бұрын
You are amazing
@ElChowDinamico 4 жыл бұрын
Had to come here for the image title lmao
@Godmil 8 ай бұрын
oh man, I spent sooo long trying to find a steno tool that would work with PNG files... when I eventually tried binwalk I then spent ages trying to work out how to extract the extra data... had no idea binwalk would do that for me :D
@orgozlan323 4 жыл бұрын
Great video!
@MaximusIA 4 жыл бұрын
Thanks man
@MD4564 4 жыл бұрын
Thank you very much, how long does hydra normally take?
@mi2has 4 жыл бұрын
hydra part was great. i watched your CTF videos from 2018 and it was very useful? Do you have a place where all your past videos can be listed?
@cocosloan3748 4 жыл бұрын
Very cool!
@zeg0noidpils26 4 жыл бұрын
Really cool!
@ghadeeralhayek4373 4 жыл бұрын
dud ,what is the name of the music in the end of the video ?
@maxabbasov9016 4 жыл бұрын
John, how do you use kali tools on Ubuntu? You installed them with Katoolin?
@checknate8820 4 жыл бұрын
Why did you immediately chose binwalk when you found that string in the png? I personally spent time using stegcracker on both images hoping there was some regular form of stenagraphy
@malifalitiko495 4 жыл бұрын
You can also do this with lxd privesc.
@pedrofontes8441 4 жыл бұрын
what terminal emulator are u using john?
@SunDevilThor 2 жыл бұрын
I got stuck on the zip file section. I did not see anything related to that. I’ll have to research the “binwalk” command, since this is the first time I’m hearing about it.
@bulutkumbul_ 4 жыл бұрын
i used burp suite for change the user agent to C in repeater but it didnt work?
@munakk1981 4 жыл бұрын
Thanks for the tutorial.....
@khalidaldrouby719 4 жыл бұрын
What type of machine are you using ? is it a ubuntu VM if yes would you share the tools installed on it. i also assume your using tmux. great content btw
@arwl 4 жыл бұрын
John uses Terminator rather than tmux
@waheedmurad4223 4 жыл бұрын
your cam is on the command way
@knowledgeboy6137 4 жыл бұрын
Hi can you make walkthrough the burp suite room. it is not free but want to learn this badly.
@sebi9721 4 жыл бұрын
Sry for this question, but I am really knew to this stuff. How can I access to the scripts which you are using?
@tannercampbell 4 жыл бұрын
I’m sure your asked a lot but do you have a link or guide to install the tools on Ubuntu your using?
@Laflamablanca969 4 жыл бұрын
The pain in this entire video is the exact reason I purchased a subscription with Tryhackme lol... so much faster and a lot more stable.
@SARAVANATECH 4 жыл бұрын
Super.....
@ca7986 4 жыл бұрын
♥️
@richieparkerich9202 4 жыл бұрын
when trying crack the zip2john file i named " cracked.txt" is not working any ideas ? i have the output john --wordlist=/usr/share/wordlist/rockyou.txt cracked.txt Using default input encoding: UTF-8 Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x]) No password hashes left to crack (see FAQ)
@sanlan9755 4 жыл бұрын
I have the same problem. Did you find a solution?
@ashutoshpanda4336 4 жыл бұрын
After ubuntu 20 arch you came back to 16 why 🙄🙄
@TEAM4o4 3 жыл бұрын
❤️❤️😍
@floatingblaze8405 4 жыл бұрын
2 openvpn connection just like in the king of the hill live
@_JohnHammond 4 жыл бұрын
I'm so bad with that -- I really need to script that to kill it and bring it back as just one instance! Thanks for watching!
@yashpatel-vf8zq 4 жыл бұрын
make videos editing hangout streams !! 😀
@dreamlands627 2 жыл бұрын
13:03
@padaloni 4 жыл бұрын
cool vid, but it's super annoying having your face over the commands your typing lol can you move the active console pane to the top or hide your camera when typing?
@sgaleta 4 жыл бұрын
I feel like the last couple of videos have been unpolished at the begining. I feel like i takes 0 effort to clear stuff from previous videos, deploy the machine, make a directory and open a text file with the IP copied. In my opinion this can all be done before the video starts thus avoiding the first/first and a half minute of the video.
@nangianilkumar1428 4 жыл бұрын
I'ld like to learn basics for free give me advice as soon as possible pls
@bhagyalakshmi1053 Жыл бұрын
Bash files open
@mattplaygamez 4 жыл бұрын
Im the 1000 liker
@Anth0ny001 4 жыл бұрын
good tutorial.. but too fast.
@0x2fd Жыл бұрын
it was not easy :s
@VeNoM____ 3 жыл бұрын
Everything goes smoothly until i have to use John The Ripper piece of crap software that is completely broken and bugged lol
@alexpearce3083 4 жыл бұрын
ahahhahaha, cringe. i dont wanna see that!!!!!
@clementhenriet9779 4 жыл бұрын
Your videos are Nice to watch but You're way too fast and don't explain very much Sadly
Family Games Media
Рет қаралды 55 МЛН
THẾ GIỚI 24H
Рет қаралды 10 МЛН
Kate Brush
Рет қаралды 45 МЛН
Jason Derulo
Рет қаралды 14 МЛН
Tyler Ramsbey || Hack Smarter
Рет қаралды 6 М.
DEFCONConference
Рет қаралды 427 М.
Family Games Media
Рет қаралды 55 МЛН