I'm enjoying this series, it's interesting to see the game through the eyes of a person who teaches cybersecurity. A few more tips I thought of while watching the video. ls -la to see the file permissions and hidden files. Local escalation can be done by exploiting one of the local libs such as net.so, init.so, etc. You are more likely to get user and root access with local exploits - you don't need access to the /lib folder to use them. Users online is based on processes running on the system, you can check this with ps. You can trigger this yourself by starting something on the remote machine, similar to your idea in the video. The exploits are randomly generated, so any individual lib might have something helpful. You missed a root shell without any requirements at the end for example, 32:50.
listen man this game is so hard. i sit for 2 hours with out doing anything but after seeing your chanel man believe me i love this game a lot. thx for giving me advices about haking and stuf i hope you complete the game thx bro
very interesting series so far subscribed have yet to look at your other videos yet but as someone who used to study networking and programing very interesting
I feel like the game is at a weird place... where it's too complicated for the "casual" audience... but also not as realistic as RL so it confuses the "professionals"... so it's kinda hard to figure out the "target audience"...
I think that's fair. The game could benefit from a tutorial in single user mode. Missions are already delineated into tiers, but perhaps also a re-alignment of these levels to make tier 0 jobs dead simple to ramp up difficulty on a more graduated curve.
It's great to see more Grey Hack Videos. It's a bit of a niche game but I think it could use more exposure. The next update cycle includes custom player made CTFs. Maybe once it's live you'll do another vid? Any plans to poke around multiplayer?
I'm going to start a season 2 run of Grey Hack once summer starts in a couple weeks. I'm looking forward to seeing how the game has changed since this series.
Yeah, happy to help. You said before you were still on the first mission? When you take the job it will give you a target in the form of an IP address. You need to find a way to connect to that IP address, so you will need a port scanner (nmap.) If you run namp on that IP, it will show you which ports are open and which services are running (including a version.) Let's say that your nmap says http version 1.0.1. Now you have a service and version, so you can find an exploit. Head to the hack shop and search for an exploit for that service and version (libhttp v 1.0.1) - you're looking for one that gets you some kind of access. Root access is best, but its often trivial to elevate. Run the exploit against the IP and you should be all set.
@@AFascinatingChap thank you very much for replying yesterday I did my second job and learned how to use exploits my program now is how to find stuff on the targets computer and and delete or add stuff you don’t have to help me I’m sure I’ll figure it sometime but thank you for getting back to me
I'm enjoying this series, it's interesting to see the game through the eyes of a person who teaches cybersecurity.
A few more tips I thought of while watching the video.
ls -la to see the file permissions and hidden files.
Local escalation can be done by exploiting one of the local libs such as net.so, init.so, etc. You are more likely to get user and root access with local exploits - you don't need access to the /lib folder to use them.
Users online is based on processes running on the system, you can check this with ps. You can trigger this yourself by starting something on the remote machine, similar to your idea in the video.
The exploits are randomly generated, so any individual lib might have something helpful. You missed a root shell without any requirements at the end for example, 32:50.
Thanks! I've just put up a part 4. I'm going to put a couple more hours into the game to learn more about it. Having a great time so far.
listen man this game is so hard. i sit for 2 hours with out doing anything but after seeing your chanel man believe me i love this game a lot. thx for giving me advices about haking and stuf i hope you complete the game
thx bro
Glad you enjoyed the video and thanks for watching. Grey Hack is definitely worth playing so stick with it!
@@AFascinatingChap tell me how u know all this shit man
i really wanna learn
Awesome dude, thanks for helping
No problem 👍
very interesting series so far subscribed have yet to look at your other videos yet but as someone who used to study networking and programing very interesting
Thanks for watching!
I feel like the game is at a weird place... where it's too complicated for the "casual" audience... but also not as realistic as RL so it confuses the "professionals"... so it's kinda hard to figure out the "target audience"...
I think that's fair. The game could benefit from a tutorial in single user mode. Missions are already delineated into tiers, but perhaps also a re-alignment of these levels to make tier 0 jobs dead simple to ramp up difficulty on a more graduated curve.
It's great to see more Grey Hack Videos. It's a bit of a niche game but I think it could use more exposure. The next update cycle includes custom player made CTFs. Maybe once it's live you'll do another vid? Any plans to poke around multiplayer?
I'm going to start a season 2 run of Grey Hack once summer starts in a couple weeks. I'm looking forward to seeing how the game has changed since this series.
hello I love the videos and the game but I'm really stuck on what to do if anyone could help or point me in the right directions
Yeah, happy to help. You said before you were still on the first mission? When you take the job it will give you a target in the form of an IP address. You need to find a way to connect to that IP address, so you will need a port scanner (nmap.) If you run namp on that IP, it will show you which ports are open and which services are running (including a version.) Let's say that your nmap says http version 1.0.1. Now you have a service and version, so you can find an exploit. Head to the hack shop and search for an exploit for that service and version (libhttp v 1.0.1) - you're looking for one that gets you some kind of access. Root access is best, but its often trivial to elevate. Run the exploit against the IP and you should be all set.
@@AFascinatingChap thank you very much for replying yesterday I did my second job and learned how to use exploits my program now is how to find stuff on the targets computer and and delete or add stuff you don’t have to help me I’m sure I’ll figure it sometime but thank you for getting back to me