Seeing your "mistakes" is arguably more helpful than the "actual" content :)

"I dont need to say all those nines, thats the point of saying quad" lol, Good ole Hammond keeping it real

Seeing you stumble around and just go on a tangent is like such a vibe, just reminds me that you are like a chill dude under all that genius lol but yes good video very cool ty

I found the coding portion of this tutorial fascinating. I would love to see more in depth tutorials on coding and its implementation in computer hacking!

I really enjoy watching your videos. I am in the process of learning about cybersecurity and your videos are very helpful! Thank you

Just wanna say thank you for your content, learning a lot. Best of luck always ;)

Hey John! Thanks for the content, love your work! Best of luck

Love it when you try to solve stuff with python. Keep up good work!

I'd love to see more videos with you using pwncat! Great vid 👍🏽

"Hello everyone my name is john hammond"

Great video!! well, as usual.. :D Glad to see you subs are rapidly growing, it's well-deserved! And, btw, I did yelled when you forgot to replace the username :D

Love your videos :D really enjoy it

i like your videos. amazing to see how it works and how much backdoors could be implemented in that system.

Juicy work by any two guys.

Very funny, thanks John

I started this box yesterday and deliberately waited until I finished it today before watching this. I used Hydra for the brute force, You reverse engineering the login and creating a custom brute force was interesting to observe. Keep up the good work I am enjoying your video's :)

I am a freshman in college in Pennsylvania and I would love a video just explaining some of the various programs and tools you use and how you know when to use them. I have been using your videos to learn about the terminal and practicing using the various commands. I would really love to get into hacking within the next couple of years and as someone who is willing to spend a couple of hours a day on it, I believe I can. That is why I think the video would be incredibly helpful. Also, if nothing else, can you tell me if tryhackme pathways would be worth my money?

Hello John. I know I am bit late for the reply but I enjoy your content immensely as it is a great way to improve my general understanding of exploits and the thought processes. Can I know what song you are using for your outro or if is your custom order because it slaps REALLY hard.

Very good video, with very good contents and well explained. Also learnt with your mistakes. 😀

Why am i just finding rustscan i like that thanks for that little nugge john

Love your content. Can I ask, how did you achieve the neat animation for pwncat? Also, does the shell stabilization script dump chars into keyboard device file, or how does it work? So many questions... :D

clicked for inferno titan

great video!

That was fun. Going to look back at poor man's pentest. Teach that, if you're cool with it.

Hi, Could you please do a video on your top 10-20-50 used tools.. and how to learn about the best tools for doing various CTF things... i am super new, and building my toolkit. and have learnt loads from your videos, but for example up till today, i didn't know about RustScan! where do you learn about these new tools!?

Thanks again mr hammond!

Love you sir 😘. I am from India you and your video was amazing...

Good stuff thanks bro

I spared no expense

When using nc to listen for the reverse shell, which IP did you use? It was exposed? Also what is op a s tun0?

Great video

20:25 NOO.. You were the Chosen One! It was said that you would destroy HTB, not join them. Bring balance to the Infosec, not leave it in darkness.

Awesome 👍

Perfect

Can you help me on how to stabalize shell

This is so nice! 💗🙂

Hi John! I completely understood "chmod +s /bin/bash". It allows us to run /bin/bash, with the priveleges of the creator/owner of the executable, which is root. Here is the question though: why is "-p" is required?

buenos videos :D

I'm using your video to explain my clients why it's bad to have a password as "Password1234" :D

19:42 cat

Could you start linking the respective web pages in the description? Like the Tryhackme Tartarus url

Hacker man strikes again

Just started coding, don't always understand what's happening but I enjoy watching it!

Can someone please explain why the when I tried to use the reverse php oneliner from testmonkey the cheat sheet it showed me the text of the file and didn't send me a shell?

Whoaaah, u smart sir 😎👍

On another note I’m thinking about making a simple gui in python for beginners using nmap I’m aware there’s other applications but it would be a good little project for me to learn tkinker. Thinking a few drop down boxes for type of scan Ip range box & option to save output to a txt file. All things that will be handy for myself to program and hopefully someone will find it useful for beginning. Thinking it will work on both Linux and windows but I’m unsure on windows with nmap as I’ve never used it.

Damn thank you , Even though im confused :D

when I run the command "nc -lnvp 9999", it says : listening on any 9999 ... and doesn't do anything (I've the correct ip adress in the reverse-shell.php btw and refresh the page). Does anybody has the same problem as me ?

Are you using a VM for your Linux ,dual-boot, or main OS?

I think this room has been removed. I can't find it =(

yow john - i love your work.... but one thing just getting my nuts cracked all the time watching your newer videos.... get that pictures in the back fixed - they are not in a horizontal line :D

Hello 🤩

If he had called a nc to connect to his nc listener instead of adding the SUID to bin/bash, would he have still got root shell on his nc listener?

What OS version are u using

Good video, how about not just hacking the boxes but show what you can do to protect against the attacks you do. Like the bruteforcing you did of the username and password. How can you protect against that?

hey jhon .. I am trying to build a new desktop setup for pentesting .. any advice ?

he is owsome

Can you do a video on your terminal tricks / shortcuts

HOLY SHIT, I THAT A MOTHERFUCKING GD REFERENCE??

Do you exploit “stuff“ with Upnp ? .....can you make a video ? It would be great ✌️🤑

Kali moving towards zsh. Are other distro's getting off bash?

How would you hack 2 factor authentication? thanks a lot for your videos

you are ubuntu wizard

what programming language is this based on

I know a little bit of hacking but soon ill be a great hacker! After seeing this guy: Nope im done

my script only runs one user name help

Okays

Do some hack the box also

oh my god, very2 powerfull hacker :D

Which linux is he using?

creating a python script instead of python3 .........aha..... i like these kind of crazy :)

whats that? hydra......nope i'll create my own brute force with Python 😄

Inferno titan? based mtg player

uh he didn't do it

dont use plural for variable names it is more error prone

hahaha, that login template! I made a request to one site that hosted a "simple php login page" with the exact same login page I told then about this exact problem of saying "incorrect password" or "incorrect username". that's the edit I added: $stmt->bind_result($id, $password); $stmt->fetch(); if (password_verify($_POST['password'], $password)) { session_regenerate_id(); $_SESSION['loggedin'] = TRUE; $_SESSION['name'] = $_POST['username']; $_SESSION['id'] = $id; header('Location: home.php'); } else { echo 'Try again'; } Although my server gets you banned after 2 fails for around 2 month, so you might as well switch IP... unless drum roll please: you're already in my network with the same key. I really like watching those videos, it gives me a glimpse at what could go wrong in my security, and what I really don't need to worry about. What I really see is a whole lot of leaving the password out there... what I don't see is figuring out what port or server does what. the reason I say that is because I came a cross one example of a project from 2007 that hid the server by responding to every ports available as "[insert random server] [random port] [random service]" that project got shut down by a DMCA

*nmap? More like slowmap*

We need more python scripting tutorials for web CTF's

john literally doing his ctfs with his custom scripts.. skid me who is using pentest tools invented by others:(

Hey man i realy enjoy your videos, i have a question for you, with this codes and stuff can you baypas icloud iphones ?

The sulky apple admittedly trade because germany namely terrify following a exciting exclusive calculator. glistening glorious, absent snowboarding

We need more python scripting tutorials for web CTF's

We need more python scripting tutorials for web CTF's

We need more python scripting tutorials for web CTF's

We need more python scripting tutorials for web CTF's

We need more python scripting tutorials for web CTF's