I recently started following you because I love your content and have a growing interest in cybersecurity. Although I'm a beginner, your work has inspired me to dive deeper into the field. Keep up the fantastic work!
@@AlexCantor-v4l Yes, it is possible the root hash is supplied or another privileged user. If they are using a weak password, then we can escalate privileges. But the main point is to show off the power of SUIDs, some SUIDs can even give direct root access. But base64 was just the example.
@@pebble1 I was not super familiar with SUIDs before watching this video. That being said, I was just working on a CompTIA Linux+ course, and I got to the part where they discussed SUIDs! I think it is super exciting to be thinking about these sorts of vulnerabilities/exploits WHILE learning about how it is used from an IT perspective! This was awesome timing!
aura bro is glowin
glowing you say
What does glowin mean?
You were born after 2010 weren't you
Bro this is one of the best explanations I have seen on here! thank you for sharing
I recently started following you because I love your content and have a growing interest in cybersecurity. Although I'm a beginner, your work has inspired me to dive deeper into the field. Keep up the fantastic work!
Thank you 🙏 and best of luck in your journey
Try hack me has been clutch bro !
good video recently interested in privilege escalation and this is very informative will use some of these 👍
Bro you make things seem easy
It takes years of studying/practice
Yeah bro but the secret is to enjoy it while doeing it
keep on
I try to get root permission without root permission and I can't execute the commad 'base64 /etc/shadow | base64 -d'
Base64 must have the SUID bit set. This was just an example of a suid attack, different CTFs may require different attacks.
How does seeing the hashes of the passwords in /etc/shadow help us? Do we run it in hopes that it is a weak hash/something similar?
@@AlexCantor-v4l Yes, it is possible the root hash is supplied or another privileged user. If they are using a weak password, then we can escalate privileges. But the main point is to show off the power of SUIDs, some SUIDs can even give direct root access. But base64 was just the example.
Is this even legal???? That seems like something you could only do for the wrong reasons
@@chrisjones2737 It’s absolutely legal if you have permission. Many companies will hire pentesters or red teamers to test their security
@@pebble1 I was not super familiar with SUIDs before watching this video. That being said, I was just working on a CompTIA Linux+ course, and I got to the part where they discussed SUIDs! I think it is super exciting to be thinking about these sorts of vulnerabilities/exploits WHILE learning about how it is used from an IT perspective!
This was awesome timing!
first command was more like sudo whoami
whene i can learn good hacking skills ? and whne you learn hacking ?
this is good
interesting
this is ain't working
na-huh
heall no
na root
ерфе фштеэе тщ цфн