Video editor suggestion: Don't use kdenlive. I recommend you use Davinci Resolve the free version but it is proprietary. Their is another open source video editor called *olive video editor,* this is still in alpha and more features is being updated, but while I edit my videos I got a small unusual chance for the program crashed. Although it is actually a great software that let's me do what I want to do it without limits.
Awesome video! I saw this and clicked very click. Enjoying the face cam to, pleasant to look at. Thank you for the great guides! Whenever I search a video for pentesting, if I see your name I click instantly.
Great stuff. I have a silly, somewhat unrelated question. Let's say I fill up my hard drive completely. Obviously, this is going to slow down and affect performance on my computer. Then let's say, I free up space on my drive and the speed and performance is improved. My question is if this complete fill-up of my hard drive will have had a lasting affect on the performance and speed of my PC, due to those writes to disk (on an SSD)? Or to put it more clearly, can you fill up your hard drive, delete everything, repeat, and expect performance not be affected? I have too many VM's, bro.
To use this vulnerability you need to edit the sudoer file from /etc file To edit this you need sudo passwd If you have sudo passwd why would you do this Can anyone explain me this ! Btw Informative video Cheers mate
when a hacker or pentester gets into a machine. and if the owner of the machine has given ALL priv to the users. it can be exploited into becoming root. lets say there's a special binary made by the team that can be executed by all users in a team . n the binary is owned by root. the user can use this vulnerability to escalate priv to root.
But isn't the point of using "sudo" to execute commands as root? If root gave me root permissions anyway then there's no problemy right? Can someone explain why someone would need sudo without root privileges?
I think the vulnerability lets you execute commands that you weren't previously allowed to execute. Although im not sure if this exploit is really that useful, as it only works if you have been allowed to execute all commands.
Great Demo of the bug... but it should also be mentioned that Different distributions have different versions of the sudo package and it's not specific to this version. in Debian this vulnerability was patched 2 days before the release of this video (Oct 14 2019) and the sudo package version is not 1.8.28 it's slightly different. I'm also certain that for older versions of Ubuntu and its derivatives the package versions vary slightly. This needs to be clarified and users need to go to their distribution's security announcement site or mailing list so they can verify the version of the patched sudo package and install it asap. I know that for Debian users the DSA regarding this bug is here: lists.debian.org/debian-security-announce/2019/msg00194.html Otherwise great job with the demo. Keep up the good work.
Can you make a video on the new RCE vulnerability found in WhatsApp, by sending the victim a malicious gif and get access to the storage and even WhatsApp chats. Thankyou
@@DHIRAL2908 seems more like their fan ISN'T running fast enough, hence the high heats under load. Bios is good place to start to UP the fan speeds, info would be helpful (laptop model, linux distro) then I could suggest fan management software. Also, laptops use notoriously bad thermal paste badly applied. Re-pasting the CPU and GPU can drop temps 10 degrees easily. Does OP have same issue with whatever other OS they use on the laptop under heavy load? Yes, probably fixable in BIOS. No, fan control software in the linux install should fix.
Kelvin Brooks Yes that’s my point. If his password is not strong enough there is a possible security risk. It’s just an attack vector. Just wanted to point that out. Could be mentioned in the video that people with bad/short passwords should not share their hashes.
Excellent explanation!!! One of best videos on RUclips on this subject! Keep it up!!
That's really awesome, I got the alert just now, the first thing i checked for is your explanation on it... You are awesome 💓
Thanks a lot for teaching something new
I want to get in the field of cyber security can you suggest where I should start from .
Great video man, no other video I saw on this cve was anywhere near as clear and helpful as this 👍
This was very amazing how quickly a system could be compromised by this security flaw. And how easy to replicate once you see it performed
I would say it was an ideal explanation. Just perfect.
Once again, amazing video bro, keep up the good work !
HOLY ShIt Your new intro is amazing
Thanks! My students were worried, I can always count on you to see things through.
Learning a LOT from your video's ! Thanks !!
Thank you for the explanation.
I going to Experiment with my own environment.
Thank you brother I am your big fan....
Thanks I really appreciate you... From Pakistan 🇵🇰🇵🇰🇵🇰
Video editor suggestion:
Don't use kdenlive.
I recommend you use Davinci Resolve the free version but it is proprietary.
Their is another open source video editor called *olive video editor,* this is still in alpha and more features is being updated, but while I edit my videos I got a small unusual chance for the program crashed. Although it is actually a great software that let's me do what I want to do it without limits.
I have been testing out Olive, not yet ready though. I will have to stick to Kdenlive
Hello sir did you post the video about the obfuscation of apk payloads because i can't find it.
Awesome video! I saw this and clicked very click. Enjoying the face cam to, pleasant to look at. Thank you for the great guides! Whenever I search a video for pentesting, if I see your name I click instantly.
isn't this thing patched on version 1.18.28 ?
Wawoo amazing. So easy to explain.
Perfect :)
Does this apply to IOT deices?
I this applicable to Kali Linux?
great video, direct to the point
Great stuff. I have a silly, somewhat unrelated question. Let's say I fill up my hard drive completely. Obviously, this is going to slow down and affect performance on my computer. Then let's say, I free up space on my drive and the speed and performance is improved. My question is if this complete fill-up of my hard drive will have had a lasting affect on the performance and speed of my PC, due to those writes to disk (on an SSD)? Or to put it more clearly, can you fill up your hard drive, delete everything, repeat, and expect performance not be affected? I have too many VM's, bro.
What was the unsigned no.?
(2^32)-1
thanks ! need more video like this !
another about bluekeep or ms17010 ?
Which OS do you use ?
One of the best video
Ah finally I get it, thanks mate!
wow! your Linux is beautiful and cool, would you mind if I ask that which Linux distribution or theme do you use?
My Sudo version in 1.8.28 so I want to recover to old Sudo version
Have you analyse the source code to know where is the problem ?
To use this vulnerability you need to edit the sudoer file from /etc file
To edit this you need sudo passwd
If you have sudo passwd why would you do this
Can anyone explain me this !
Btw Informative video Cheers mate
when a hacker or pentester gets into a machine. and if the owner of the machine has given ALL priv to the users. it can be exploited into becoming root. lets say there's a special binary made by the team that can be executed by all users in a team . n the binary is owned by root. the user can use this vulnerability to escalate priv to root.
@@mohinparamasivam5189 oh thanks a lot got it !!
Fantastic video! Thank you.
But isn't the point of using "sudo" to execute commands as root?
If root gave me root permissions anyway then there's no problemy right?
Can someone explain why someone would need sudo without root privileges?
I think the vulnerability lets you execute commands that you weren't previously allowed to execute. Although im not sure if this exploit is really that useful, as it only works if you have been allowed to execute all commands.
Yes thank uu so so for this video Good job
bro can u please help me with installing mitmf in kali i am having lot of errors and tried every solution over the internet
Excellent video. 👍
Much appreciated
Dear hackersploit
you had the advance phising method in your channel but i don't see it Any more . i need the video pls
@Quad rill i don't remember
Great Demo of the bug... but it should also be mentioned that Different distributions have different versions of the sudo package and it's not specific to this version. in Debian this vulnerability was patched 2 days before the release of this video (Oct 14 2019) and the sudo package version is not 1.8.28 it's slightly different. I'm also certain that for older versions of Ubuntu and its derivatives the package versions vary slightly. This needs to be clarified and users need to go to their distribution's security announcement site or mailing list so they can verify the version of the patched sudo package and install it asap. I know that for Debian users the DSA regarding this bug is here: lists.debian.org/debian-security-announce/2019/msg00194.html
Otherwise great job with the demo. Keep up the good work.
fantastic video ! thanks a lot !
the best of all
Hackerssploit ,, 👍👍👍
Great video Alexis!
Clarify one thing for me, please. The user HAS to be listed in the sudoera file correct?
Yes, the user needs sudo permissions
Can you make a video on the new RCE vulnerability found in WhatsApp, by sending the victim a malicious gif and get access to the storage and even WhatsApp chats. Thankyou
hi bro are you the shadow brokers guy?
Bro I'm waiting for u r video....u r videos are upgrading. ...
Hey hackesploit i recently bought a gaming laptop, the problem is while using linux it heats up a lot
Is there any way to control fanspeed
You should check your BIOS. Maybe its locking the fan speed to max.
@@DHIRAL2908 seems more like their fan ISN'T running fast enough, hence the high heats under load. Bios is good place to start to UP the fan speeds, info would be helpful (laptop model, linux distro) then I could suggest fan management software. Also, laptops use notoriously bad thermal paste badly applied. Re-pasting the CPU and GPU can drop temps 10 degrees easily. Does OP have same issue with whatever other OS they use on the laptop under heavy load? Yes, probably fixable in BIOS. No, fan control software in the linux install should fix.
CVE-2019-3568 exploitation vdo ?
it keeps asking me for password even after editing the sudoers file :\
Use the u#-1 id
is there any chance of a windows form of this exploit?great video very interesting concept.
Lol no
Windows handles permissions quite differently. But probably the same issue exists on macOS
ChillerDragon depends on if debian is impacted.
Please,can anyone give me a help to find affected versions of linux to try this on my own ? 🙏🙏
My Mint and raspbian were patched yesterday
Love from India
ধন্যবাদ দেখার জন্য
add it as well
translated from English to Bangla
love from Bangladesh :D
SSH Tehty suomessa!
Bro pls make a video on simjacker
Wurd gefixt, bevor es puplikt wurde. 🤙🏼
Und nicht annähernd alle haben geupdated.
Thnx man ur the best ❤️
Use ssh keys :)
Rolling release ftw
10:31 did you leak your hashed root password? :/
Yes, but its sha2. If his password isn't easy to dictionary/bruteforce and has tons of of entropy then good look cracking it.
SHA-512
Kelvin Brooks Yes that’s my point. If his password is not strong enough there is a possible security risk. It’s just an attack vector. Just wanted to point that out. Could be mentioned in the video that people with bad/short passwords should not share their hashes.
Pretty cool
“I just leave it in the description section.”
4294967295
please don't say the news, you're a better than that
use SUDO to run LIBRE OFFICE as root, make me looks like hacker
#NerdLife
Bro how to hack Pubg game android mobile without ban
Num 2 comment
Bro please tell me that how can we realy hack any game?
Sir, Will you please check your Facebook inbox? I have written a problem to you. :)
Like and OMG!
You're talking too bro ...
Try to make short one ...