Love how gobuster just chugged along in the background the entire video trying to find more directories/files xD It was on a quest, even if it was no longer needed xD
Being a newbie I found the hash easy enough after discovering the directories and crawling around through them. Once I was logged in I did realize I'd have to look for exploits and did find several for SweetRice. At that point I had no idea how do do what I figured I needed to do. So, I read a walk through. Saw I needed to do RCE and get a shell. Bailed out. Later watching YTVids and saw this one. Chuckled a bit at how long it took you to find the SQL backup but then you took off like a rabbit and I had a real hard time following the rest. I kind of learned the script trick for stabilizing a shell a few nights ago but will need to do it a bunch to retain it. Well... at least I know I'm not gonna do this all by myself yet. Have to watch, read and learn some more.
Hey John, I appreciate all your hard work and the content you've been releasing as of late, I am new to the world of pentesting and am learning a great deal from your videos! May I ask what theme you're using for sublime text, I have the default but would love an explanation on how to colour coordinate certain symbols and the like, for a better viewing and typing exp. Cheers man, keep up the great work!
Very happy to hear that! Thanks so much for watching! I use the `monokai` theme in Sublime Text. If you don't have a file saved with a specific extension and it cannot auto-detect what syntax highlight to use, you can enter Ctrl+Shift+P to enter the Sublime Text prompt and then type in something like "bash" or "python" or "html" to find the option to "Set Syntax Hilighting To" and you can specify what it might highlight the code words with. Hope that helps a bit!
Your channel is the future man ,u rocks... Make a vídeo teaching us how to join in the rooms of TryHackMe without subscribe, the tools that you use most to do the test. And how we use python, because i se u always open 2 tabs, i want to learn how to do that, sorry but i am a newbie but a love to watch your videos and im learn a lot thanks.
Dá uma olhadinha em um canal chamado LiveOverflow. Também tô aprendendo Binary Exploitation, lá encontrei um conteúdo excelente! Ele tem uma playlist só de Assembly pra Iniciantes!
After 3 months you should be able to understand basic topics and after a year you should be comfortable with what you doing at decent level. Of course if you willing to spent 5 hours per day studying and practising.
It allows you use auto tab , like if you got a shell and when you try to use up and down arrow key it would show just random character like "[^A" so to avoid it we stabilize shell for our ease of use it is not necessary
Hi Brother , in my terminal ever stunk when I input "stty raw -echo " and then ctrl +z ,fg %1 It don't respond back nc -lvnp 9001. how to solve please explain me
when you get a non stabilize shell press ctrl+z on that terminal then on the same terminal "stty raw -echo" then "fg "press enter also if you want clear command to work "export TERM=xterm"
Guess the person who built this box had tested in their own network before they pushed it to THM. There are many more boxes with references to internal IPs other than class A ones.
14:40 my terminal does weird shit when I try to foreground the session, and getting: "Error opening terminal: unknown. " when trying to modify /etc/copy.sh to get a shell for the root.
In zsh, you will need to combine the two stty raw command and the fg command into just one line, with a semi-colon. So it looks like: stty raw -echo; fg
@@_JohnHammond I've tested it on the root me box on tryhackme the crash is gone but the shell is not stable I can't copy and I can't see what I'm typing and it doesn't create enters. Even the export XTERM didn't word when I execute reset it worked somehow 😎
Love how gobuster just chugged along in the background the entire video trying to find more directories/files xD It was on a quest, even if it was no longer needed xD
It's dangerous to go alone -- take this!
why is ginger Seth Rogan teaching me computer security?
Go for Gun Gamers if you want a buffed up Seth Rogan teaching you about guns and airsoft lol. They even have the same glasses: v=uZMMAXugI7E
The voice lol. I knew I recognized it.
Thanks again for an awesome walkthrough! 💪🏼🙌🏼
Thanks for these videos. I’m learning programming Right Now and you give me motivation to keep going cause one day I might be like you.
use of searchsploit and script technique was slick, new tools to learn..cool
Being a newbie I found the hash easy enough after discovering the directories and crawling around through them. Once I was logged in I did realize I'd have to look for exploits and did find several for SweetRice. At that point I had no idea how do do what I figured I needed to do. So, I read a walk through. Saw I needed to do RCE and get a shell. Bailed out. Later watching YTVids and saw this one. Chuckled a bit at how long it took you to find the SQL backup but then you took off like a rabbit and I had a real hard time following the rest. I kind of learned the script trick for stabilizing a shell a few nights ago but will need to do it a bunch to retain it. Well... at least I know I'm not gonna do this all by myself yet. Have to watch, read and learn some more.
I just practice My English listening
I love watching those videos, even though I don't understand much
I have been requesting for your stabilize shell script for a long time. Thanks John.
Brawl Stars
@@gametimewitharyan6665 old logo, I miss it
@@thecaretaker0007 Ahhh, Old Memories :)
11:54 a short way to memorize it is TUNA please: ss -tunapl
AHAHAH that is awesome. Thanks so much!
wow thanks for that
Great video hope you're doing well don't over work yourself to much!!
Just did this box and found your walkthrough for this later xD
I like this video and I am not just typing this to kick in the Al Go Rhythm
Hey John, I appreciate all your hard work and the content you've been releasing as of late, I am new to the world of pentesting and am learning a great deal from your videos!
May I ask what theme you're using for sublime text, I have the default but would love an explanation on how to colour coordinate certain symbols and the like, for a better viewing and typing exp.
Cheers man, keep up the great work!
Very happy to hear that! Thanks so much for watching! I use the `monokai` theme in Sublime Text. If you don't have a file saved with a specific extension and it cannot auto-detect what syntax highlight to use, you can enter Ctrl+Shift+P to enter the Sublime Text prompt and then type in something like "bash" or "python" or "html" to find the option to "Set Syntax Hilighting To" and you can specify what it might highlight the code words with. Hope that helps a bit!
Your channel is the future man ,u rocks...
Make a vídeo teaching us how to join in the rooms of TryHackMe without subscribe, the tools that you use most to do the test.
And how we use python, because i se u always open 2 tabs, i want to learn how to do that, sorry but i am a newbie but a love to watch your videos and im learn a lot thanks.
You have to use a terminal emulator called TERMINATOR. Then search for shortcuts.
awesome highquality content. keep going like this 👍🏽
man i just love your videos !!!!
Where i can find these stabilize shell scripts?
Once again awesome content!
What's this setup that you use? Your main machine or something else? It's not a standard Kali vm. Also, it's a much nicer output when using linpeas
In this video I'm running Ubuntu installed on my laptop, with the Terminator terminal emulator. Thanks for watching!
i love this kind of videos ! :)
no idea what he is talking about but still find it fum to watch
JOHN CAN YOU PLEASE MAKE VIDEOS ABOUT BINARY EXPLOITATION AND ASSEMBLY FOR BEGINNERS? I'VE BEEN STRUGGLING A LOT TO LEARN ABOUT IT. LOVE YOUR VIDS
Dá uma olhadinha em um canal chamado LiveOverflow. Também tô aprendendo Binary Exploitation, lá encontrei um conteúdo excelente! Ele tem uma playlist só de Assembly pra Iniciantes!
@@gibrael_ Opa, vlw pela dica ;)
Ur just awesome
How are you running these stabilize shell scripts etc?
check out his poor man's pentest video
Guys i want to learn all of this so quickly. How long does it take to learn/study this?
Anywhere between a year and 12 years :p
After 3 months you should be able to understand basic topics and after a year you should be comfortable with what you doing at decent level. Of course if you willing to spent 5 hours per day studying and practising.
🔥🔥
How do you bring on your own terminal back to tty (after stty raw -echo)?
fg %1
Amazing vid though 🚩
Can anyone explain what stabilizing shell can do? I didn't follow it was so fast HAHAHA
It allows you use auto tab , like if you got a shell and when you try to use up and down arrow key it would show just random character like "[^A" so to avoid it we stabilize shell for our ease of use it is not necessary
Hi Brother ,
in my terminal ever stunk when I input "stty raw -echo " and then ctrl +z ,fg %1
It don't respond back nc -lvnp 9001.
how to solve please explain me
when you get a non stabilize shell press ctrl+z on that terminal then on the same terminal "stty raw -echo" then "fg "press enter also if you want clear command to work "export TERM=xterm"
My question isn't why is there a reverse shell, but why the hell does it point to a class C IP address? I thought THM uses class A networks.
Guess the person who built this box had tested in their own network before they pushed it to THM.
There are many more boxes with references to internal IPs other than class A ones.
14:40 my terminal does weird shit when I try to foreground the session, and getting: "Error opening terminal: unknown.
" when trying to modify /etc/copy.sh to get a shell for the root.
same issue
Can someone explain me why my terminal crashes in tmux and zsh when i do the CTRL+Z; stty raw -echo fg ?
In zsh, you will need to combine the two stty raw command and the fg command into just one line, with a semi-colon. So it looks like:
stty raw -echo; fg
@@_JohnHammond damn your fast :-) thanks for you quick answer. love your vids !
@@_JohnHammond I've tested it on the root me box on tryhackme the crash is gone but the shell is not stable I can't copy and I can't see what I'm typing and it doesn't create enters. Even the export XTERM didn't word when I execute reset it worked somehow 😎
My comment
.
cevaplara bakanlar +1
I have never found suid binary exploit in real life the only way to esculate your privlege is with Kernel's exploit 😂😂
where do I find the script John used to stable the shell "stabilize_shell.sh"