I've been working as web developer for 3 years now and always knew deep inside that security passionated way more than building apps. I didn't now where to start neither had the balls to. With this article you encouraged me to start once and for all, thanks a lot!!!
I love this and I will continue supporting you! Thank you for all the information that you provide us with. Could you please talk about the smiling hacker “Hamza Bendelladj” he’s in prison but I think his story is interesting.
@mrtechie6810 they would see that an alarm was pulled and it would be suspicious. Better to use some "smoke detector testing powder" and use that to set off a detector since it's scent free.
That's just an absolutely wonderful misdirection to throw off someone...like this guy....who was somewhat experienced, but still got kinda flustered and seemed to slip up after the normal shit doesn't't work. I know of a few companies that I have been with and inside that do some sneaky tricks with their security, surprisingly.
Agree, it’s so good. I got cyber security management certificate and showing some of these videos in class as examples of concepts we talked about would have been great.
As a former network engineer from the old days I loved this listen. Incredible how advanced the technology has actually become and yet the rules haven’t changed
I have a "Writing" playlist on RUclips. Half of those videos talk about writing advice, expertise, tips & tricks, etc. The other half is non-fiction storytelling which provide inspiration for my own fiction writing. This video fulfilled both criteria: A 3-act structure, the hero's journey, a tale of the hacker that couldn't, and even a moral. Truly a podcast where fairytales are born.
Wow, this episode of Darknet Diaries was intense! I couldn't believe the level of dedication and determination that Tinker had as he went undercover as a marketing temp. The way he was able to hack into the company's network by any means necessary was impressive. The frustration and tension throughout the story made it an emotional roller coaster. A definite must-listen episode, in my opinion.👏
Wired Magazine ran a great article on 'Net vulnerability. At the time, domain manes were not protected enough. (I'm not a techie so I'll probably describe some of this incorrectly.) A guy had a bike accident and broke his ankle. While on prescribed pain killers his mind, was, well, high and disconnected. He suddenly had an insight that panicked him. He called one important exec (to something) and described the problem, and the man told him this was going to be a priority fix and NEVER discuss this on a cell phone again. The anecdote I remember is that he could have emptied the entire French treasury into his personal bank account and there'd be no way for anyone to know why France was suddenly bankrupt. They fixed it, and Wired ran the article.
Pentesters are a great sort in my experience, I learned a helluva lot from every single one that's been on our site. They can learn a thing or 2 from us Sysadmins too however, 1st guy I supervised "mysteriously lost connection" and started querying our blocking of IP scans etc. - Told him I'd need to confirm with Networks, but that 1st he should plug back in the LAN cable from his machine that he'd just kicked out of the floorport under the desk... 😅
wow, i normally don’t listen to hacking related podcasts, although i do watch a fair bit of shorter youtube videos about similar topics … but this was just entirely captivating and it could have easily been another hour! great job!!
One of the best episodes I've listened to and was fascinating to listen to a true Account of a professional pen tester. Quality show and thank you for sharing 🙏
Even as a very technical person, I love your ability to properly explain everything. I'm a Web Developer Instructor, and I find it difficult to explain things to my students without overwhelming them. So I've been digging through your blogs and everything, and I really appreciate what you do sir.
> _"I find it difficult to explain things to my students without overwhelming them"_ yeah, me to my peers too! the biggest gap is that i dont know what they know or dont know. so, either i become tooooo dependent on using the keywords, and forget the layman terms; or i start explaining in layman even the terms they already know.
When I learned about pentesting about 5 years ago it was like a light bulb went off and something was like finally a job for me and my criminal mind. Now just to learn absolutely everything to do with computer science, networking, programming, web apps etc. Almost 5 years later and although I've gotten so many skills and done a bunch of CTFs I still know I wouldn't be a great pentester just yet
Many other admin/engineer/hacking videos that I watch always feel either too basic or too complicated. Rarely do I find a video that happily sits in the middle. This is like the donut media of hacking. I love it
As a federal government employee, the thing I find most amazing is that he was able to get a laptop AND access to the network within a week, let alone on the first day!
Jeremy from Marketing thought he was going to spend five minutes at his desk and say, "I'm in!" LOL. But for real though, that's some INSANE security they had. I don't know who that company is but they definitely did their homework.
imo they focussed on plausibility based rules and detections, I don't know if it was truly written down as a rule somewhere in their sec handbook, but it suspect it was really a design principe there. if they'd had turned off netbios broadcasts and locked down the master browser shit 90s-style they'd have driven him completely nuts.
@@udirt right, I give that company a 9 out of 10, Tinker was even using msfconsole instead of writting his own reverse shells, so maybe a 4 out of 10 for Tinker on his end... i rate it script kiddie with military experience out 10.. his story telling was 10 out of 10... if he had more patience he wouldn't even have been caught..
These episodes keep getting better and better! Loving the growth! I’m just getting into infosec and coding and your show definitely keeps me motivated to learn more!
Ok, this episode is so helpful and motivating to me. Currently I’m a cs uni student specifically focused on networking. This videos gives me an entry point to develop my own roadmap. Thank you for such a nice content!
I bet if he sat tight and waited it out for a few days, he could have gotten that IT access that he needed to continue on with the powershell and nobody probably would have caught it.
Yes maybe...but almost nobody would be that patient...considering all those stressful situation he was in...not just 'pressuring' stress, but 'annoying' stress. (weird configuration like admin is not admin, SSO that is abnormal and requires MFA, only IT team doesn't go to lunch, etc.) At least in 'pressuring' stress, one can keep cool and be rational, but these kinds of annoying situations, I bet almost nobody can keep his/her cool.
Even at that point he had already admitted that the place was pretty secure. He just really wanted to get them with something. Personally I believe I.T was tipped off and told to be readily on defense.
Really enjoyed this one. Super cool guy too. Loved that part when he got caught; the intensity, and overall his laughter behind it with the “scream” 😂 thanks for this one you guys 🙏🏽
These are some of my favorite videos you make. Sure, hearing all the insane nation-state hacks are very interesting & eye-opening…but this gives insight into what a single person might aspire to become. Thank you for all of your great & hard work! You have become an awesome storyteller.
This was an amazing story. You really feel Tinkers frustration building and I myself was longing for the catharsis of him finally catching a break. And then being caught red handed instead. The satisfaction instead coming from IT saying, "well, Finance doesnt use Powershell."
Thank you Tinker for sharing that story. You did a amazing Pentesting job. Myself as being a Hacker, I like how you shared many places where a lot of your hacks didn't work. They never show this side of failed hacking in the movies. Great job man!
had a pentester on one of our sites... learned a lot that day... what a incredible bunch.... it highlithed some or our flaws but also brough security to the atention of the right people to get the founding to fix it
How much would you say, percentage wise of the entire online/cyber budget, was routed to enhancing security capabilities after the evaluation? And how much is an evaluation such as that cost, if you dont mind me asking.
@@MrNecryptic I don't know specifics but it wasn't cheap since it is a 13 stores car dealership. The hacker could lateral move between them after hacking a server that had vpn access across all the network
@@PinguimFU Immediately doubled, wow. That's extreme but I guess no expense can be spared after such an event, within reason. I can see why federal charges often apply to such events, the amount of resources used for recovery are immense.
I loved this episode for both the technical and human parts. Tinker - what an awesome guy! I totally felt his agony and energy as he told the story. Hacking tales arent exactly lame, but rarely this engaging, vibrant and vivid.
Loved this. I am a developer with a good amount of networking knowledge and have been tasked with pentesting our sites and testing our lan/wans. So I was able to get immersed when he was using tools I know and excited for him when he had any “wins.” This guy sounds solid and would be a joy to work with.
I am finding all of this so interesting! I’m learning hacking now that I have better seizure control, but I’m basically starting from scratch because concussion accumulation screws with many things. So even basic things like balancing and programming/languages I knew are having to be relearnt and playing the 7 instruments I played before, so yeah, having to re learn stuff sucks, but just as exciting and intriguing as before:) thanks, friend, for AWESOME CONTENT!
This story was amazing!! Such a cool guy to have on. I just found your RUclips channel and am already down the rabbit hole, great content man. Love from the UK 😄👌
i listend to this on spotify. but i needed to levae a comment here. this story had me glued to my phone. i can not remmember when some form of media had me catched that mutch. generaly i love this podcast keep up the great work. and thx you
A question regarding password cracking. Okay at around the 19 minute mark a program like hashcat is mentioned. It was mentioned it can go through the dictionary in under a second, but what happens if the software or hardware only allows a maximum amount of passwords. For example, my friends phone allows 10 or rather 9 failed password attempts. On the 10th failed attempt it initialises the phone. I know there's other software & hardware that does something similar. Wouldn't something like this cause a problem?
I've only recently begun my study of ethical hacking this last year but, I'm pretty sure I heard him mention that what he found is hashes for some passwords. Hashing is a form of obfuscating the actual plaintext password by running the password through an algortihm where it becomes unitelligible from the original. If you have the hash of a password and figure out what encryption scheme was used, then you can crack the password offline in your own environment using tools such as hashcat or johntheripper. Hopefully this helps a little!
I'm leaving this comment so I can tell you later, I'll look into it. Edit:sorry just remembered this comment, but so: They use things like botnets and parallelization to increase the number of guesses per second and distribute it among computers and other resources. IP rotation allows a hacker to have a new identity when reaching a limit by using proxy's, Tor or VPN's. Credential stuffing, which are made with dedicated tools and software to automate the process of leaked credentials, these use things like IP rotation mentioned above and random intervals between attempts to bypass detection mechanisms. There is also a possibility of vulnerabilities present in target system that allows the bypass of those restrictions, these can involve such things as software bugs, misconfigurations, or vulnerabilities on the authentication system itself. Hope it helped.
I was given your channel by the algorithm today and I am 4 videos in so far. What I have watched is great for energizing the creative mind and getting into that flow. It probably came from all the scam baiting I have been watching but I am happy the math worked out, I will be catching up on your videos for sure.
Hey Jack, you need to audition for NPR or something out of WBUR or WNYC. Your voice, interview style and production quality is perfect for a public radio broadcast. Send this episode in as an audition tape. You are just that damn good.
Awesome story. Thank you very much for the content. I am studying right now for the comptia security + certification, trying to change careers. This story gave me alot of information and insights. Again, thank you!
Daaaaammn What a nice story, what a great storytelling, I loved everything about it The thing I liked the most is to finally hear a story of a pentester that actually cannot break in
Great ep and story telling as always. Wasn’t terribly technical and where there was tech jargon thrown around you explained it briefly and eloquently. Well done!
I'm not sure how I came across this user's RUclips page, was just a random click and I'm SOOOO glad I did. That was four hours ago... Since the very first, I went right to the next, and to the next. Very well put together, and I'm loving the stories enough that I'm definitely subscribed and hitting that like button! Then there was this one... Yup, You've got a few like's, a subscribe, and now a comment. I will also be sharing this page to a few people I believe will be interested as well! Keep up the good work!!!!!
P.S. in-between the video I just watched and the comment section there are like 15ish suggestions of videos for me to watch.... HOW DO I PICK?!?!?! I want to watch most if not all of them!! LMAO!!
I remember when I was young n trying to join a group of hackers to possibly learn more... the people wanted me to help target and keylogg younger girls... I was about 15 at the time and that just completely disgusted me and turned me off to the whole thing and I never pursued learning anything else. I regret not just ignoring them n continue learning
This is the best story I have heard. When he said Citrix I just lit up and thought he had it then when he said there was nothing my hart dropped. I feel your pain
I've listened to all episodes on Spotify and this is one of the best stories you've told - coming from a fellow red teamer. Haven't done "malicious insider" scenario yet but here I have a nice blueprint of how to approach that in the future. Thanks!
The first time I worked for a big company I was anoyed by all their security measures, now I'm use to it, but after listening to this it just makes sense, nice story it touches everything and is told in an interesting way
the funny thing is, even i can break my company's security, even with good security in place, and I am just l1 employee working remotely... (once i even got ssh access to some random server) so i am amazed by which ever company that is , with this much security in place....
@@vaisakh_km I guess it depends from company to company, how big they are, what kind of information they handle, and what their third party partners expect from them.
I know nothing about computers or did but listening to you I have learned a lot about the digital world and how scarily easy it is to compromise your security
Wow so cool. These interviews are really awesome and even tho the feds usually come for them. They are really inspiring stories too. makes me wanna try my hand at c++ and teach myself about cybersecurity. Thanks for all your work on these!
My last employer locked down a development tool I needed so I stayed late to find a workaround. It was a convoluted workaround but I went home happy thinking I could use it. The next day my boss confronted me. It turned out all my activities started throwing up red flags. I offered to show him what I did, but they already knew 😂. I wasn’t allowed to use the workaround since it bypassed their security 😮
Your videos are really great. You have such a quality voice. I had no idea no life was like this for you. I hope you reach your goal. Would you ever consider doing a video on NES game 'Skate or die' or Nes game 'Spy Hunter'? I gotta go through your entire channel to see if you did them already. Good luck man.
Oh by the way. If you want to get started in InfoSec I wrote an article on it. darknetdiaries.com/breakingintoinfosec
I've been working as web developer for 3 years now and always knew deep inside that security passionated way more than building apps. I didn't now where to start neither had the balls to. With this article you encouraged me to start once and for all, thanks a lot!!!
I love this and I will continue supporting you! Thank you for all the information that you provide us with. Could you please talk about the smiling hacker “Hamza Bendelladj” he’s in prison but I think his story is interesting.
going to have look as i start my journey
I am in cyber security too. Pleased to meet you.
Man this is awesome, thanks Jack. I'm jumping into a SANS institute program, but I'll be using your suggestions in your article in tandem.
This story was a roller-coaster of emotions. I half expected him to literally walk up to IT and shout at them for being at their desks during lunch.
Legit lol! "Go to fkn Arby's, damn you!!" As he tosses $20's to each of them.
I thought he might pull the fire alarm.
@@YerBrwnDogAteMyRabit un
@@johnm9899 Sri Lanka
@mrtechie6810 they would see that an alarm was pulled and it would be suspicious. Better to use some "smoke detector testing powder" and use that to set off a detector since it's scent free.
My favorite line is "what kind of locked down prison is this". Great work
Apple Inc
Ooo dang os x hostile af
This is, in my opinion, one of the 3 best episodes. An absolute gem! Another great one is Ep 21 "Black Duck Eggs". Phenomenal work!
Ya this one is a classic great one
Thanks Jack. Your content is one of the best I've heard. It's like listening to a movie!!
Hacked his way into a broom closet 😂
@@goldnutter412 Just got to that point, I find it hilarious !
Black duck eggs was great as well, whats the other top 3 episode
This was an incredible story, i could almost feel the frustration while listening. Hearing a win for the blue team is a nice change of pace!
yep, i am literally crying...
Me too. Holy shiznish feel my brain pulsing this dude is great
@@poppy2244 L😊😊ppp P K looking b K K K k killing kill B
One of my favorite stories.
Hacking into a broom closest. Admin isn't admin. The silent rage building leading to a mistake being made.
If admin isnt admin then who's the admin !!?
@@miss_tech Well, not the admin.
@@miss_tech admin_2
hahahahahahhahaha
That's just an absolutely wonderful misdirection to throw off someone...like this guy....who was somewhat experienced, but still got kinda flustered and seemed to slip up after the normal shit doesn't't work. I know of a few companies that I have been with and inside that do some sneaky tricks with their security, surprisingly.
I love this guy so determined and when he gets frustrated and desperate it made me laugh. Really good example of some good security.
And it cause him to break character 😂
@@johnsmith60 fucking Citrix!!!!!
@@johnsmith60 ¹1¹
This should be emulated and become bare minimum standard to everyone else, with some additional tricks and minor differences.😂😂😂
Honestly this is my favorite channel now
Agree, it’s so good. I got cyber security management certificate and showing some of these videos in class as examples of concepts we talked about would have been great.
As a former network engineer from the old days I loved this listen. Incredible how advanced the technology has actually become and yet the rules haven’t changed
I absolutely respect Tinker for sharing his story. I was at the edge of my seat the entire time!
I have a "Writing" playlist on RUclips. Half of those videos talk about writing advice, expertise, tips & tricks, etc. The other half is non-fiction storytelling which provide inspiration for my own fiction writing. This video fulfilled both criteria: A 3-act structure, the hero's journey, a tale of the hacker that couldn't, and even a moral. Truly a podcast where fairytales are born.
Totally addicted to your work Jack! Geek heaven!
Me to.
I'm speechless! this episode should be a MUST listen to everyone in the InfoSec domain! so many lessons to be learned here! phenomenal!
Wow, this episode of Darknet Diaries was intense! I couldn't believe the level of dedication and determination that Tinker had as he went undercover as a marketing temp. The way he was able to hack into the company's network by any means necessary was impressive. The frustration and tension throughout the story made it an emotional roller coaster. A definite must-listen episode, in my opinion.👏
Wired Magazine ran a great article on 'Net vulnerability. At the time, domain manes were not protected enough. (I'm not a techie so I'll probably describe some of this incorrectly.)
A guy had a bike accident and broke his ankle. While on prescribed pain killers his mind, was, well, high and disconnected. He suddenly had an insight that panicked him. He called one important exec (to something) and described the problem, and the man told him this was going to be a priority fix and NEVER discuss this on a cell phone again.
The anecdote I remember is that he could have emptied the entire French treasury into his personal bank account and there'd be no way for anyone to know why France was suddenly bankrupt.
They fixed it, and Wired ran the article.
Pentesters are a great sort in my experience, I learned a helluva lot from every single one that's been on our site. They can learn a thing or 2 from us Sysadmins too however, 1st guy I supervised "mysteriously lost connection" and started querying our blocking of IP scans etc. - Told him I'd need to confirm with Networks, but that 1st he should plug back in the LAN cable from his machine that he'd just kicked out of the floorport under the desk... 😅
Always the most basic things when you think you’re stumped.
wow, i normally don’t listen to hacking related podcasts, although i do watch a fair bit of shorter youtube videos about similar topics … but this was just entirely captivating and it could have easily been another hour! great job!!
I felt like I was in the office with them, great story and great story telling !!
This episode was especially dope! Big up to both of You!
I have recommended this episode to so many people in the office. Love your podcast!
Thank you for putting so much effort into your videos keep it up. Always looking forward to the next one ☺️
One of the best episodes I've listened to and was fascinating to listen to a true Account of a professional pen tester. Quality show and thank you for sharing 🙏
Even as a very technical person, I love your ability to properly explain everything. I'm a Web Developer Instructor, and I find it difficult to explain things to my students without overwhelming them. So I've been digging through your blogs and everything, and I really appreciate what you do sir.
> _"I find it difficult to explain things to my students without overwhelming them"_
yeah, me to my peers too! the biggest gap is that i dont know what they know or dont know.
so, either i become tooooo dependent on using the keywords, and forget the layman terms; or i start explaining in layman even the terms they already know.
When I learned about pentesting about 5 years ago it was like a light bulb went off and something was like finally a job for me and my criminal mind. Now just to learn absolutely everything to do with computer science, networking, programming, web apps etc. Almost 5 years later and although I've gotten so many skills and done a bunch of CTFs I still know I wouldn't be a great pentester just yet
Keep practicing bro....rent on pc environment and do your thing or just use the real world.... Have fun brother
@@kareemcallender1930 thank you
Where can I learn how to start doing any of this? Can be illegal or legal I just want to learn something new and challenging
@@elon.evans228 the Internet is full of information
@@elon.evans228 "learn absolutely everything to do with computer science, networking, programming, web apps etc."
Many other admin/engineer/hacking videos that I watch always feel either too basic or too complicated. Rarely do I find a video that happily sits in the middle. This is like the donut media of hacking. I love it
As a federal government employee, the thing I find most amazing is that he was able to get a laptop AND access to the network within a week, let alone on the first day!
Hands down my most listened to episode of Darknet Diaries!
I am so happy that there is another episode out!
Jeremy from Marketing thought he was going to spend five minutes at his desk and say, "I'm in!" LOL. But for real though, that's some INSANE security they had. I don't know who that company is but they definitely did their homework.
imo they focussed on plausibility based rules and detections, I don't know if it was truly written down as a rule somewhere in their sec handbook, but it suspect it was really a design principe there. if they'd had turned off netbios broadcasts and locked down the master browser shit 90s-style they'd have driven him completely nuts.
@@udirt right, I give that company a 9 out of 10, Tinker was even using msfconsole instead of writting his own reverse shells, so maybe a 4 out of 10 for Tinker on his end... i rate it script kiddie with military experience out 10.. his story telling was 10 out of 10... if he had more patience he wouldn't even have been caught..
These episodes keep getting better and better! Loving the growth! I’m just getting into infosec and coding and your show definitely keeps me motivated to learn more!
Ok, this episode is so helpful and motivating to me. Currently I’m a cs uni student specifically focused on networking. This videos gives me an entry point to develop my own roadmap. Thank you for such a nice content!
I bet if he sat tight and waited it out for a few days, he could have gotten that IT access that he needed to continue on with the powershell and nobody probably would have caught it.
Cant agree moree.....
Yes maybe...but almost nobody would be that patient...considering all those stressful situation he was in...not just 'pressuring' stress, but 'annoying' stress. (weird configuration like admin is not admin, SSO that is abnormal and requires MFA, only IT team doesn't go to lunch, etc.) At least in 'pressuring' stress, one can keep cool and be rational, but these kinds of annoying situations, I bet almost nobody can keep his/her cool.
Even at that point he had already admitted that the place was pretty secure. He just really wanted to get them with something. Personally I believe I.T was tipped off and told to be readily on defense.
Where can I learn how to start doing any of this? Can be illegal or legal I just want to learn something new and challenging
@@elon.evans228 wtf my comment got deleted
Damn this is the best emotional rollercoaster I have heard. Need more episodes like this. Pure awesomeness.
Really enjoyed this one. Super cool guy too. Loved that part when he got caught; the intensity, and overall his laughter behind it with the “scream” 😂 thanks for this one you guys 🙏🏽
These are some of my favorite videos you make.
Sure, hearing all the insane nation-state hacks are very interesting & eye-opening…but this gives insight into what a single person might aspire to become.
Thank you for all of your great & hard work! You have become an awesome storyteller.
This is my second full listen, can’t wait to save the rest to listen to while I work. You’re awesome, tinker is awesome, MobMan is awesome!
This was an amazing story. You really feel Tinkers frustration building and I myself was longing for the catharsis of him finally catching a break. And then being caught red handed instead. The satisfaction instead coming from IT saying, "well, Finance doesnt use Powershell."
One of the best interviews I've every listened to. I was extremely interested the whole way through.
Thank you Tinker for sharing that story. You did a amazing Pentesting job. Myself as being a Hacker, I like how you shared many places where a lot of your hacks didn't work. They never show this side of failed hacking in the movies. Great job man!
Patience is not simply the ability to wait - it's how we behave while we're waiting.
The IT staff at this place sound like they have shoulder holsters and loose fitting suit jackets. Love it.
had a pentester on one of our sites... learned a lot that day... what a incredible bunch.... it highlithed some or our flaws but also brough security to the atention of the right people to get the founding to fix it
How much would you say, percentage wise of the entire online/cyber budget, was routed to enhancing security capabilities after the evaluation? And how much is an evaluation such as that cost, if you dont mind me asking.
@@MrNecryptic budget almost dobled... Old sonic wall boxes replaced and a old 2008 server replaced after that was the entry point for the hack etc...
@@MrNecryptic I don't know specifics but it wasn't cheap since it is a 13 stores car dealership. The hacker could lateral move between them after hacking a server that had vpn access across all the network
@@PinguimFU Immediately doubled, wow. That's extreme but I guess no expense can be spared after such an event, within reason. I can see why federal charges often apply to such events, the amount of resources used for recovery are immense.
I loved this episode for both the technical and human parts. Tinker - what an awesome guy! I totally felt his agony and energy as he told the story. Hacking tales arent exactly lame, but rarely this engaging, vibrant and vivid.
Loved this. I am a developer with a good amount of networking knowledge and have been tasked with pentesting our sites and testing our lan/wans. So I was able to get immersed when he was using tools I know and excited for him when he had any “wins.”
This guy sounds solid and would be a joy to work with.
I am finding all of this so interesting! I’m learning hacking now that I have better seizure control, but I’m basically starting from scratch because concussion accumulation screws with many things.
So even basic things like balancing and programming/languages I knew are having to be relearnt and playing the 7 instruments I played before, so yeah, having to re learn stuff sucks, but just as exciting and intriguing as before:) thanks, friend, for AWESOME CONTENT!
This was one of the most informative cybersec pieces I’ve ever seen. Well done on all counts. 🎉
This episode is so good I feel ashamed to have not started supporting you yet. I'll fix this shame right now. Keep up the great work!
Love the work DnD, keep up the effort.
I have never listened to an IT story like this with more excitement, this was amazing.
wow awesome jack! really like to ear thoses stories!! keep it up!!
Love listening to this at night. Keep up the great work!!!
This story was amazing!! Such a cool guy to have on. I just found your RUclips channel and am already down the rabbit hole, great content man. Love from the UK 😄👌
I'm totally not a tech guy, but this channel is one of my favorites.
Nerdy and technical talks are the BEST! I learn so much more from them.
i listend to this on spotify. but i needed to levae a comment here. this story had me glued to my phone. i can not remmember when some form of media had me catched that mutch. generaly i love this podcast keep up the great work. and thx you
I love this episode so much. Goals for my cyber security career! "Hi I'm Nick from accounting 🙂"
A question regarding password cracking. Okay at around the 19 minute mark a program like hashcat is mentioned. It was mentioned it can go through the dictionary in under a second, but what happens if the software or hardware only allows a maximum amount of passwords. For example, my friends phone allows 10 or rather 9 failed password attempts. On the 10th failed attempt it initialises the phone. I know there's other software & hardware that does something similar. Wouldn't something like this cause a problem?
I've only recently begun my study of ethical hacking this last year but, I'm pretty sure I heard him mention that what he found is hashes for some passwords. Hashing is a form of obfuscating the actual plaintext password by running the password through an algortihm where it becomes unitelligible from the original. If you have the hash of a password and figure out what encryption scheme was used, then you can crack the password offline in your own environment using tools such as hashcat or johntheripper. Hopefully this helps a little!
I'm leaving this comment so I can tell you later, I'll look into it.
Edit:sorry just remembered this comment, but so:
They use things like botnets and parallelization to increase the number of guesses per second and distribute it among computers and other resources.
IP rotation allows a hacker to have a new identity when reaching a limit by using proxy's, Tor or VPN's.
Credential stuffing, which are made with dedicated tools and software to automate the process of leaked credentials, these use things like IP rotation mentioned above and random intervals between attempts to bypass detection mechanisms.
There is also a possibility of vulnerabilities present in target system that allows the bypass of those restrictions, these can involve such things as software bugs, misconfigurations, or vulnerabilities on the authentication system itself.
Hope it helped.
Game over
Thanks Jack for this new one, had be checking this channel for days and Finally!!!
I get a big smile on my face when I get an alert for new Jack Rhysider!
Hell yeah, my favorite thing on the internet! I've never been this early to an upload I feel lucky haha 😄
I was given your channel by the algorithm today and I am 4 videos in so far. What I have watched is great for energizing the creative mind and getting into that flow. It probably came from all the scam baiting I have been watching but I am happy the math worked out, I will be catching up on your videos for sure.
Hey Jack, you need to audition for NPR or something out of WBUR or WNYC. Your voice, interview style and production quality is perfect for a public radio broadcast. Send this episode in as an audition tape. You are just that damn good.
haha I was thinking the same thing, this sounds like something I could hear on NPR, right after wait wait don't tell me lol
@@TheMrDrMs Yeah, Jack has that "Moth Radio Hour" vibe going.
Awesome story. Thank you very much for the content. I am studying right now for the comptia security + certification, trying to change careers. This story gave me alot of information and insights. Again, thank you!
This was absolutely amazing. Great story, well constructed, well related, and I really enjoyed the technical dive.
Best "war story" I've heard from a penetration tester, thanks for interbiewing Tinker, and thanks to Tinker for sharing this roller coaster ride👍👍
Daaaaammn
What a nice story, what a great storytelling, I loved everything about it
The thing I liked the most is to finally hear a story of a pentester that actually cannot break in
Great ep and story telling as always. Wasn’t terribly technical and where there was tech jargon thrown around you explained it briefly and eloquently. Well done!
This is my favorite episode! I know nothing about IT but this is great content. Thank you!
You should make a playlist for these type of stories… felt like I was inside the network myself just by listening
Another absolute banger Jack! Love this one, keep them coming.
BlueTeam Go! ✊🏼 💙 💻
I'm not sure how I came across this user's RUclips page, was just a random click and I'm SOOOO glad I did. That was four hours ago... Since the very first, I went right to the next, and to the next. Very well put together, and I'm loving the stories enough that I'm definitely subscribed and hitting that like button! Then there was this one... Yup, You've got a few like's, a subscribe, and now a comment. I will also be sharing this page to a few people I believe will be interested as well! Keep up the good work!!!!!
P.S. in-between the video I just watched and the comment section there are like 15ish suggestions of videos for me to watch.... HOW DO I PICK?!?!?! I want to watch most if not all of them!! LMAO!!
Amazing content bro, it’s crazy the different approaches and elaborate hacks.
All week at work I’ve been anxiously checking to see if a new episode is up on Spotify 🤣🤣 keep up the good work
This was an absolutely awesome episode. Great work. The hacking into the broom closet was probably my favorite.
I remember when I was young n trying to join a group of hackers to possibly learn more... the people wanted me to help target and keylogg younger girls... I was about 15 at the time and that just completely disgusted me and turned me off to the whole thing and I never pursued learning anything else. I regret not just ignoring them n continue learning
Really cool to hear details of tools and methods he tries. Good way to make that blue hat fit a little better.
This just got recommended to me. Super stoked, subbed!
What a suspenseful Story... Great Hacks & Social engineering from Tinker and Great work from the Blue-Team..Now I know only the IT run powershell 🔥
This is the best story I have heard. When he said Citrix I just lit up and thought he had it then when he said there was nothing my hart dropped. I feel your pain
Whoa new intro narrator I wasn't expecting that!
I've listened to all episodes on Spotify and this is one of the best stories you've told - coming from a fellow red teamer. Haven't done "malicious insider" scenario yet but here I have a nice blueprint of how to approach that in the future.
Thanks!
Great episode! Doing some catch-up post #DEFCON30. It was nice chatting with you at the VetCon party.
DC30 was an absolute blast
What a great story. I was so invested that at the end when he got caught I literally yelled, “Ha! They got him!” in the middle of work 😅
The first time I worked for a big company I was anoyed by all their security measures, now I'm use to it, but after listening to this it just makes sense, nice story it touches everything and is told in an interesting way
the funny thing is, even i can break my company's security, even with good security in place, and I am just l1 employee working remotely... (once i even got ssh access to some random server)
so i am amazed by which ever company that is , with this much security in place....
@@vaisakh_km I guess it depends from company to company, how big they are, what kind of information they handle, and what their third party partners expect from them.
~ 55:08: "I let out this high pitched 7th grade girl scream", killed me!! 🤣
This is amazing, new favorite podcast for sure
I'm very tickled.😊 great episode. I needed this.
I know nothing about computers or did but listening to you I have learned a lot about the digital world and how scarily easy it is to compromise your security
Wow so cool. These interviews are really awesome and even tho the feds usually come for them. They are really inspiring stories too. makes me wanna try my hand at c++ and teach myself about cybersecurity.
Thanks for all your work on these!
Awesome story! Now i wanna be a hacker myself! The built up and the frustration that led for him being caught is exciting!
_Awesome_ story. 😎
_Please_ do _more_ of these!
My last employer locked down a development tool I needed so I stayed late to find a workaround. It was a convoluted workaround but I went home happy thinking I could use it. The next day my boss confronted me. It turned out all my activities started throwing up red flags. I offered to show him what I did, but they already knew 😂. I wasn’t allowed to use the workaround since it bypassed their security 😮
which development tool?
I guess you pspause their software....
Dude...this podcast is crazy awesome.
Your videos are really great. You have such a quality voice. I had no idea no life was like this for you. I hope you reach your goal. Would you ever consider doing a video on NES game 'Skate or die' or Nes game 'Spy Hunter'? I gotta go through your entire channel to see if you did them already. Good luck man.
Really good episode! Thank you
I love your videos! Thank you for making them. 🤩
Nice Mr. Robot reference at the end lol
Very nice story. This talk deserves a full animated movie. : )
This is now my favourite episode, this is a great story.
Oh man this story was intense 😅!!!! Absolutely awesome
I have to listen to this all over again and take notes 📝 ... Great knowledge from both the hacker and the company... Great video!!!