TryHackMe! Looking Glass... with PWNCAT
HTML-код
- Опубликовано: 13 сен 2024
- Hang with our community on Discord! johnhammond.or...
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: paypal.me/johnh...
GitHub: github.com/Joh...
Site: www.johnhammond...
Twitter: / _johnhammond
Liked this box, it has more puzzle-solving rather than actually hunting for vulnarabilities, which is quite a breath of fresh air.
you have no idea how much i'm learning here . Please never stop doing this.
Big Brother John
Really enjoyed the dive into the unknown territory at the end. Thank you for all your amazing work John.
That thing with Alice private key- that's why I ALWAYS run "ls -laR /home"
But without read permission it wouldn't show any files in alice home directory.
You are a true king John. Thank you for your efforts to teach us. Hope you get to 1 millions subs soon
That last segment you did is what changes the game for me, and all other aspiring hackers out there :) really appreciate it John !
John not recognizing the Jabberwock poem even AFTER decrypting it was both painful and hysterical. That's probably what I get watching these videos with an arts degree....
Or the reference "looking glass", and tweedledum, alice, it all makes reference to Lewis Carroll's work!
Awesome walkthrough, all those open ports were messing with me when I first started the room
Love the deep dive! very educational
Scrolling through the Linpeas output isn't so bad (except the 3k ports on this one lol), you stop and explain things when you see them. Gives me idea of what I can look for in the future and what it might mean.
There was more puzzle than hacking for the first 21 mins 😆
Aaarggh, How can you have never heard of the Jabberwocky. But apart from that - awseome as usual.
That poem is so etched into my soul that I knew what it was by the char counts of the first line ;)
Seriously I've been binge watching your videos all day.
spamming connections is what lead to the 10600 ban list on my server, I had initially set it to 3 tries max, until I lowered it down to 1 try.
the total was around 5000 different IP being blocked (mostly from China/Russia). What really stopped this useless waste of bandwidth was just changing the port for a couple of minutes :)
Anyway in my eyes the amount of reasonable attempt you really need to connect to a server is around 1, 2 at most (for critical servers like the one that holds all the pw).
That's also how I got banned from my registar :)
I fired up a script that would connect back to the tiny VPS I had set up and forgot a character, and sure enough after 4 tries I got kicked off.
I really like all the videos I've watched so far, because they really go into details and highlight some of the things that can go wrong in security, but also, most of the issues arise from either easy passwords, or storing the password in plain text on the server, the real juicy parts are random exploitation of an underlying program.
So fare I think I'm still secured with my boxes :)
I love these videos. Every time I watch one of your videos I wonder if you know about clipboard managers lol Clipboard history is SO good.
Simple and easy to understand every step well explained thnx for your efforts 😀😀
tryhackme videos from you always teached me new things. thanks john
I know some script languages and shell commands but never touched Python. Your'e video are so inspiring that i will start to learn some Python language. Wrote already 4 simple scripts to learn a bit about the syntax just for fun. Thanks for the video!
amazing video again had an amazing learning experience you rock man
Great video John, thanks - learnt a lot!
really liked this room and your pwncat thanks for this ❤❤
I live for that hair
6:30 yea... we both asking the same questions.
You could use tac command. It's the reverse of cat. No need to explicitly pipe rev
Nice informative video. Kudos to box Creator.
Thanks boss! Great content ;)
on fire these last 4 days
Just like california
@@user-rc3tm4of7c HAHAHAHHHAHA
Nice Job. Good to see those.
@JohnHammond I really like the pwncat deep dive it was nice to see you not just you complete a challange but modify a tool when it did not meet your needs that is what I feel like hacking is at the core! No?
Do you run linux in wsl or do you have it installed as your main OS?
11 hours, cant wait!
6:30 Maybe I'm too high?
very nice video thanks for share :)
What a beautiful video ❤️
heard the intro before i looked at the screen... could've sworn this was seth rogans voice.
Very excited. I will be in class while watching your video tomorrow lol. I am so far behind on your videos. SUCKS
Im also too far behind him , i just started to solve boxes but due to university assignments and all that shit i wasn't able to stay focused
Great video... I have to try pwncat ;-)
- Some ideas for pwncat :
In the old days we run Satan on Unix systems (Worked with SCO,Ultrix and HPUX)
Today we run "Lynis" on our Linux systems and pipe to to a mail. It gives alot for fail config info and missing updates.
Also look for an old nmap or proftpd server....etc (just ask the package system for versions and find the exploit !)
love when u ranting!
I see there's a lot of deciphering going on here... Any good recommendations for cryptographic courses?
good Tutorial:)
12:21 nmap has script for leet speak. is the direction i would have went. maybe the gobbledygook is base64 or something.
You're soooo awesome!
How do you do that prompt --fancy thing in pwncat
Are you just slaying the content or what, I see you out there trying the hacks like every day now. GG, John your one of my favorite content creates out there I learn how to be more productive && tactful after MAKE INSTALL your content to the /brain.
9:00 you could do this with binary search algorithm
that's what he did , he even said logn
This is interesting ....
can someones help me. i downloaded pwncat and everything works fine except the privesc command i re downloaded it and it still does't work. is this something i have to add myself or how do i do this?
Nice bro ket it up
great man .. jest great
I am at reboot, I want to solve it myself before watching this video but no cluess, can't wait
Haitt..Hacker
@@kirandawadi4202 ko ho yo pheri
6:30 - that's what I thought to myself after trying to run linPeas on a windows machine
Does anyone else watch him because he sounds like Seth Rogen... no? Just me? Alright..
why not to use binary search in connecting script?
I would've watched whole stream of you going through this the first time. My opinion is that you create a different channel for streaming these rooms and later use clips from them to create video for this channel.
Would love it also
U d best john❤❤
I lost the connection twice to the machine by
1.rebooting with a typo in my reverse shell command
2. Hitting ctrl c on nc shell ( forgot to stabalize)🥺🥺😭 #poorme
automate the process with a bsearch
Are u using ubuntu 16.04 or 20.04 with unity desktop?
You should make long videos
It's great
They don't teach The Jabberwocky at USCGA?
59 minute video wooooo XD
u could have done a binary search to find that mid port way faster
editing: ohh you have done that
Finally with pwncat xD
you're the best
"I hope you enjoy this"? Really?? 🙂 I was - freaking - applauded standing 🧍♀️ 👏👏👏👏👏👏👏👏👏
Thanks, John! 🤝
Best vid so far. Thanks
What’s the config of the pwncat you’re using ?
9224 though, hope you fixed it, although it's not a huge error xD
youtube allgorithm thing! ;-)
rabbit hole
vin-ie-ehre
Kep*
Cant you just get around the changing password by injecting your ssh key into the .ssh/authorized_keys before rebooting? (30:45)
It's not writable by other users. That wouldn't work.
The perms for authorized_keys are "-rw-r--r--" (644) which only allows the owner to write to the file (which is alice). The group and others are only able to read it.
Am I the only one that created a python script for the ssh port game ? 😅 Btw thanks to this box I now always do cat /home/*/.ssh/id_rda on each box 😀
I've been trying to use pwncat for shells but i doesn't work like it does in this clip, it just gives me a shell that is less stable than netcat. I have it downloaded and also the environment but it doesn't seem to run like this clip
Can you give me a bit more detail? What is doing that is different than the video? Are there any errors messages, or strange output? How exactly is it less stable that netcat and what target are you using it against?
@@_JohnHammond I removed it and reinstalled it according to the README on the github and now whenever I run it i get a module not found error
and I am most likely doing something wrong because I just started learning this stuff.
What Linux Os is he using?
Ubuntu, but just don't...
I thought this was gonna involve KVM looking-glass :/ dissapointed to say the least.
Nice ❤️❤️🌹
The discord link says it is invalid
Works now ^^P
Port 9224
StrictKeyHeck...
Why `cat | rev` instead of `tac `?
It looks Like tac will reverse line order, but not character order. You could read with 'tac ' and get the same output but it would still need to be piped to 'rev'
Can someone help me out am trying to do hackthebox machines and tryhackme using wls2 but am having difficulty when doing web related tasks i can seem to get the ip of machine to work on my Windows host browser
Hey, thanks to the recommendation to me of @ magical hack on Instagram, I unlocked my iCloud in 30 minutes.
You will need to connect your machine to THM's network to use the local IP address provided to you. On the Sidebar go to Access Machines >> Open VPN and follow the instructions there to set up an Open VPN connection. Once done you will be able to connect to any active room on the network.
try monitoring ssh conversations first
find . -not -user alice -ls
:D
Lewis Carroll. Pretty interesting stuff, clearly the nonsense poem. Cmon Hammond go take an English course!
for i in $(seq 9000 100 13000); do ssh -o StrictHostKeyChecking=no -p $i IP ; done ; echo "John Hammond do the best content of security" :)
This was a fun room!
Not sure if anyone else had this issue but i was getting the "No matching host key type found. Their offer: ssh-rsa" error message when attempting to SSH to the ports.
To get around this I had to add the '-o' switch with 'HostkeyAlogrithms=+ssh-rsa' as the argument
so, my working ssh command was:
ssh -p 9001 -o HostKeyAlogrithms=+ssh-rsa user@victim.ip
hopefully this helps anyone!