Bruteforcing MFA & Fail2ban Manipulation - TryHackMe! (Biteme)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video we are taking a look at the bite me room from try hack me just released a few days ago and without any further Ado let's get to it so hey over on my screen here I have a terminal open I'm running the Kali Linux virtual machine I'm going to end up creating a directory called bite me and I'll be using that as the kind of hub for all of my notes and files and folders as I connect and work with the try hack me machine here I am of course connected to their VPN sudo openvpn John Hammond uh or at least the name of myuser.openvpn you can do the very same on your side but just make sure you are connected and the room that we're going to be taking a look at is bite me the description here is stay out of my server and it's relatively recent has about 75 thumbs ups at the time of recording uh medium difficulty couple people on the scoreboard I will admit I'm gonna go through this in retrospect I have completed this room already but I've spun up the machine here is the IP address we'll go ahead and work with and this actually has a task again at the time of recording that I think is just a filler one has changed me has update me with no actual values here uh so we'll mark that as complete for the sake of doing that uh and then we'll go ahead hey I'm glad I increased my streak now let's go ahead and start the machine and get the flags I have already started the machine with this button here and we just need to go ahead and break into this thing it asks what is the user flag what is the root flag the question is to prove hey you have gained initial access and you have compromised the machine so let's get back to our terminal and I'm going to move into that bite me directory I'll go ahead and create a readme even though I know I won't end up using it because I just tend to do it out of habits uh we'll go ahead and zoom in here as quick as we can at least keep track of the IP address we'll go ahead and throw that as a variable so we might be able to use that maybe in bash or something there we go take notes of it and now we can go ahead and actually slap that in as a variable to use with that let's go ahead and create an nmap directory excuse me an nmap directory because I know I am going to want to scan the machine uh nmap is that command and program to do Network mapping or to scan for open ports on a specific box I'm going to use Tac SC for default scripts Tac SV to enumerate versions and attack on to Output in the nmap full rat and I'm going to save it in that nmap directory that I just gone ahead and created we'll call that initial and then we can use the IP address that we just made as a environment variable or just a variable for us to use I should have actually ran that with tacv so I could have increased the verbosity verbosity and I would have been able to see the output as it comes through but anyway I just hit V on my keyboard and that'll allow me to increase it just as well it looks like it did find two services not gonna tell me what they are just yet maybe I should have increased that verbosity even more um okay and that started some scans whatever ever whatever whatever looks like it found a couple options so we found Port 22 open which is SSH or the secure shell Linux kind of remote control functionality in that protocol we also have Port 80 or HTTP an open web server and a website running on that host so that gives us some good Insight we could go ahead and actually navigate to that in our web browser I'm going to go ahead and create a new tab and I'll go to that URL looks like it just has an Apache 2 Ubuntu default page which is again just kind of hey the native by default installation page for installing the web server Apache just that service that's that server software I'm scrolling through the HTML in case I hit anything in here I don't think that they did all I did was hit control U on my keyboard to access that or right click in view page source so with that said there's not a whole lot to actually access here on this page uh I don't know where any other files might be so what we can do is we can go ahead and do some like directory busting or content dirt busting to try and guess what other locations might be present on this actual server now a good way we could do that is by using a tool like go Buster or dirtbuster or derb or brute whatever I am a new fan of fairox Buster fairox Buster is actually a rust based rendition of a you know directory brute forcing I could have very well had ran uh Rus scan rather than nmap if I wanted to continue on that hey super fast hip mainstream uh rust Fanboy stuff but Fair Oaks Buster is actually just genuinely really good um and Ruskin kind of would have done the very same thing we wouldn't have had to wait just as much so I'm on GitHub I believe this is epies epi052 or Ben um puts out a lot of incredible stuff it has an installation and quick start guide right here you should be able to just go ahead and install this as part of your repositories if you wanted to pseudo apt update and then install ferox Buster fingers crossed it will be readily available inside of your repositories if you're using apt like a Debian based system or Cali Ubuntu Etc I actually didn't see it on Ubuntu when I ran this previously I did have to go ahead and install it just from like oh um the releases which it offers just there on the page if you wanted to even do the gross and disgusting pipe curl to bash run arbitrary code from a foreign location without looking at it whatever it's nice and easy but uh this should go ahead and download and install just fine for us through the repositories let that come through oh and it will retrieve secless just as well if you aren't familiar with seclists cyclists is a list of security words or common things that might be known and present within security put together by Daniel misler and I'm going to get your name right this time Daniel I know I always say micellar and I totally say it wrong niesler from what I understand so forgive me if I'm still wrong somehow uh but this will help you get through specific things that you might be looking for like if you're brute forcing passwords or usernames or potential file system locations Etc uh in this case we're going to be brute forcing different locations like hey what are common file names uh given a web server etc default.php index.php etc etc etc verexbuster will be recursive by default so if I actually just go ahead and run fairox Buster it needs a URL which we know going back to our web browser is just that 10 10 112 44 IP address paste it in there and it should just carve through stuff I'll let this go you can see okay it's going to end up grabbing the SEC lists Discovery web content raft medium directories that it would have found uh I can see just at the very very top here and oh I might have uh bumped it a little bit but console was a new page that it had found and that is better than us where we were beforehand when we just didn't have any idea what we were looking at anywhere uh so I'll just let that continue it will start to carve through that console page oh it even found another uh secure image this guy here my face is in the way but let's go navigate and explore what slash console might be I'll let that keep running so we have enumeration going in the background and we'll go to slash console oh okay here we have a login um we can just do a stupid Guess admin admin and looks like we actually have a capture to work through I am notoriously bad at captures no okay incorrect details um let me view the source the web page oh it wants me to resubmit that because I did make a post request to submit whatever that's totally fine let's go ahead and review the HTML present here again I hit control U on my keyboard or right clicked uh view page source so I don't see any glaring HTML comments sticking out um I do see the form developed here to grab a username and a password we also have the captcha that seems to be generated by a console secure image secure image play.php uh oh that downloaded a WAV file which is kind of weird I'll open that up I think it might just be an audio rendition like if you were to try and press play on this oh okay I I don't know how much is really going to go into building out the captcha um I will break the fourth wall just a bit and refer to the fact hey I did go ahead and explore and play with the secure image show uh while I was going through this naturally when I went through the very very first time depending on the hash that you choose you end up like specifying hey a new capture that might be rendered or if it's even random each time uh but these Pages here the secure image showed up PHP and the secure image uh files just have directory indexing on so when I was doing some research there was a a couple things that could be done with this uh looks like there is an authentication bypass that could be done uh there's even another blog post from I don't play darts who I often refer to for like PHP filter file inclusion but this is way back in 2011 so it's kind of an old gimmick thing um it actually has an exploit or something that you might be able to do in PHP itself so you have to run that through PHP but as far as I can tell all it does is lets you bypass the captcha which isn't going to give us a whole lot if I don't know we aren't doing that I don't it depends if we just try to retrieve their password are we trying to impersonate the account Etc but if you want to do some research there is some stuff that is I guess well known vulnerable in Secure image in that PHP capture software with that said I have uh rambled for a little bit way too long you can explore some of this if you wanted to uh but there was more here that we could actually pull out of this you might have noticed because you're quick and smart and actually very observant that there is a JavaScript function right here at the very very top it's JavaScript code so it's going to run client-side within our web browser it actually has a handle submit function defined which interestingly enough is defined as the on submit like Handler for when it is submitted the form is submitted right and it runs the function handle submit now this is with obfuscated and uh packed JavaScript code you might be able to notify it or detect that hey it's function with Packer spelled out as the argument letters p-a-c-k-e-r and all of the code in here looks a little bit obfuscated and not as easily readable however if you scroll all the way to the end there's some weird strings in here it says hey uh I'll zoom in on this for just a quick moment document clicked value yes console log Fred I turned on PHP file syntax highlighting for you to review Json uh which seems kind of odd so if you wanted to you could go ahead and copy and paste this there is a JavaScript excuse me uh de-obfuscater and we could go to really any of these or like a JavaScript beautifier if I just go ahead and slap this in let's see if it actually returns anything out for me that one didn't do much uh I wonder if there is a packer that's actually used here yeah we can click on Packer and there we go that that has something new this actually displays kind of what we've read aloud moments ago was oh if the document clicked set to yes Fred I turned on PHP file syntax highlighting for you to review from Json um now bear in mind we don't have any PHP syntax highlighting displayed for us at the moment looking through this HTML it's just HTML it's not the PHP syntax that we might expect but uh something that I noticed is that we were in fact accessing an index.php file and actually looking at the headers of these requests here if I try and load the page I hit F12 on my keyboard to open the developer tools you can see scrolling down hey you know requesting these Pages this is Apache I was hoping it might tell me oh this is PHP but you can see a PHP session cookie and plenty of others so we are in fact loading PHP if PHP syntax highlighting were on sometimes maybe in some cases you'll find a phps file or the file extension is Dot phps and this requires maybe a leap of faith or maybe just a little bit of you knowing oh that's indicated by file syntax highlighting but it's worth checking if you see any dot PHP files maybe sometimes I don't know there could be a DOT PHP s file that will actually show you again the source code of the PHP script and give you that syntax highlighting this actually gives us the behind the scenes look at what the server the Apache web server might have been running and executing server side because PHP is server side code we didn't get to see that we only got to see JavaScript client-side code in the HTML the markup language so what the PHP page is doing in the background is very very interesting to us because that might explain oh how are we going to end up determining what the username and password really are so here we go we can see this does start a PHP session we include a couple functions uh and part of me wonders if we can go ahead and read these now that we know we could use just an S at the very very end of the file yes looks like we can oh so I'll dive into that in just a moment I kind of want to read through the rest of the code here um I wonder if we could do the very very same for all of the secure image PHP stuff no uh oh that should have been through console should that not have yeah let me paste that in so you can see the PHP file is there but the s file is not there and we would have been able to see that in our directory listing so that's not all that interesting but let's get back to our index.phps and continue to read through this code we have a variable show error show capture error we're checking if the user is set in the post request and if it is in fact set and we have clicked set to yes which our JavaScript should end up doing right then we create a new secure image that defines the captcha and we can check else if valid user post is valid user is about password and it will set a cookie based off the username and the password and then go to the mfa.php page ooh so that's kind of interesting because we might just be able to straight up go to mfa.php nothing else in that HTML that's all that interesting but we could very well just maybe navigate to mfa.php no how about PHP S no doesn't show us that so that probably needs the cookie right but now that we know how the authentication works with this code here and we actually saw those is valid user and is valid password functions inside of this functions.php script that is included we could try and copy that out that takes that S at the end right of course and then we have an is valid user user argument that's passed in as a function and then we take the bin to hex okay so it's just going to end up working with the hex data or hexadecimal and then we check if user is equal to the login user um but login user is not defined anywhere else so that must be present in this config.php could we find that just as well yes okay and that actually defines it in hexadecimal right here and we could simply explore that in our terminal if we Echo out this hexadecimal value just get it into standard output let's pipe it into a quick way to be able to decode hex from your bash command line you can use a built-in xxd and if you reverse it attack R you still want to be able to print it out with Tac P so xxd Tech R attack p with the standard input will uh as from hex will give you it on hexified I think you can also do this with a like read it from centered in this way does that work it does so you don't even need to if you wanted to just run xxt attack rtacp and then use the less than less than less than syntax everyone's favorites that will decode hex for you so a little bit quicker a little bit faster better than opening up cyber Chef like a normie uh better than firing up python like a weirdo like me uh it's good to do that in Bash and now we have another function here Fred let's talk about ways to make this more secure but still flexible what is valid password this is a function that was determined if it had a correct password right you saw in the authentication process it'll take the md5 hash of this password and then check if the substring negative 3 is equal to 0 0 1 uh uh what is that is that just checking if it has like the last values we're in that that is PHP code bear in mind so if we wanted to we could check out hey if I had PHP installed you could use Tac a to interact with this in interactive mode Let's just say oh you have a a string here we'll call that variable equal that now I wanted to Echo this variable out it's simply a string but if we took substring of a variable and then negative 3 it's just the last three letters it's the last three characters of ing for a string so all it's doing is taking a hash whatever it is and it will return true if it ends in zero zero one uh so we could probably fake that on our own right like if we wanted to get this to work we could just make we could just figure out what hashes into something that is going to end in zero zero one right let's do that let's go ahead and create I guess like a well we'll just make it a scribhasher.pi I'm going to make python code so forgive me let's go ahead and add a shebang line because that is good practice and people that don't think so can do something else I'm kidding I'm kidding uh and let's go ahead and import hashlim which is that built-in python library for creating hashes we actually could just probably do from hashlid import md5 that way we could use just hey an md5 object um and I'm actually going to do something stupid where I'm going to import uh enter tools and I guess it's the strings because let's say hey I want to be able to enter a password that is um printable characters right letters numbers something that I can enter on my keyboard not just bytes so A B C D E F G H I J like it'd be handy if we had the alphabet so I'm going to import string I guess let's do uh from string import ASCII lowercase how about that yeah so ASCII lowercase is going to end up giving me if you aren't familiar um all of the string values in Python so can I split this nice and easy yeah okay cool string value for letters in the English alphabet now we could actually use itter tools and use like combinations with replacement and this looks awful I know but if we said hey let's continually add new things to our um string let's continue to add new things because I want to get the hash of a and then okay sorry I want to get the hash of a and then a b and then a a c and keep growing this until I eventually find what string will have a hash that meets the criteria of ending 0 0 1. does that make sense I'm sorry I know I think I'm beating this to death so let's go ahead and write the code here let's say while uh count let's do a while true right because we can just spin for Infinity to end up making this let's say our counter yeah can equal um what at the end of this all let's do counter plus equals one because I want to get the combinations with replacement of all of the potential letters with how many times I want them all included and that will be our counter right because I will eventually be able to go ahead and say you know this is our combination how about that and let's mix this combination or join it all together combination so now we have a new string so if I print this out I will um eventually if I try and run that oh no expected string instance Tuple found low what what is combination isn't combination oh do we have to Loop through that don't we don't we sorry I'm gonna quick do a simple Candlelight debugging and print out what the heck is my combination value we don't need to Loop that because I know I'm just going to spiral out to Infinity so we have a combination with replacement objects and then we can say four I think I think it does make an iterator or something so let's do four combo in combination and that should be combinations I suppose then we can print out that combo and that needs plural okay so this puts it all together with one as you can see as the length maybe I'm overworking this but it's probably a good exercise to learn so with that I actually let's let's print that all together and that will be our combo I will rapidly oh come on Spaces you didn't have to do that in Sublime Text I'm going to hit Ctrl shift p and then set the indentation to spaces because Python 3 likes to whine about that so let me run that super quick and now you should see oh am I I'm not iterating I'm not incrementing my counter so let's do that at the very end now you should see as I rapidly grow all the potential strings with a varying length of characters with English alphabet yeah so let's take the hash of each of those right now we could say m can be a new md5 object and let's actually pass in the string and I think that needs that as bytes so let's go ahead and encode that as utf-8 good so now if I print out m hex digest these are the functions that will come out of an md5 object from hashlib that will allow me to actually see okay what is the hash of each of these so now all we need to do is check if that hash ends with r001 right um we'll call it the hash because hash is a keyword in Python so we'll say if the hash dot ends with um zero zero one right what we want to end up doing is we want to go ahead and print out the original string and I guess the hash just as well and then we can exits because we if we were to break we would still be inside the for Loop and then still iterating so let's just go ahead and kill the program with an exit with that I can just run this and now on the right hand side I didn't have to print anything so I could just get a single result looks like a b k r will return an md5 hash that ends in zero zero one so abkr is a fine string for us and we know that we need the username of Json test account from our previous xxd uh work here Json test account let's go back and actually use this now let's do Json test account with akbr or something and now let's hope that I can get this captcha right yeah okay so now we are at mfa.php we have a cookie set for us um can I see that I have cookie manager installed so yeah I do have these two variables and values set now we need to go ahead and I guess allegedly Brute Force a MFA code do we not oh looking at the page here I hit control U on my keyboard again so yeah can I use the very very same uh JavaScript the obfuscator and that's not matched what are you talking about well I guess we can still read it just like we did earlier console log Fred we needed to put some Brute Force protection on here remind me in the morning Jason so yeah okay so we are going to be brute forcing this um question is going to be four values one two three four so a four digit code we could brood it like procedurally like one at a time counting up from zero zero zero zero to nine nine nine nine so let's try honestly just probably the boring and basic baby way to do it and just procedurally send four digit codes um this honestly shouldn't be too bad we could probably just do this in bash to be honest um we know hey let's take a look at the page here this is going to end up sending a code uh variable like for part of the HTTP post request this is going to end up sending a post request to MFA to this page here so let's try to use Curl and post to that uh actually we need to supply a cookie I think that's what's happening here we're getting redirected are we not uh we we should be supplying our cookie yeah it ends up sending back the location.php so let's use a cookie we need our user to equal what is it Json test account and we saw open our cookie editor here let's go back to that page Json test account Json test account and abkr as our password and I think that's all that we need PWD equals ABK I don't know if we need to supply oh yeah we don't so we don't need to supply the PHP session ID because that'll do that naturally for us so that works and we're getting the response back but it would be great if we could actually go ahead and post now Tech x with the data of our code being like zero zero zero zero we'll submit that okay now we see the result incorrect code right so we'll just simply Loop through that uh the way that we could probably do that is do a 4i in in bash um excuse me and then we'll go ahead and use our zero zero zero zero so it's already padded it already adds the four potential digits that it could be and then we use a do 2 on this and then end it with a done separating it by our semicolons here now obviously we'll need to change the code that we Supply we'll add just a dollar sign I being our iterator there and then we hit enter on this and we will repeatedly see hey incorrect code incorrect code and correct code uh this might Jitter a little bit as we're downloading new things but the best way for us to see this is realistically probably going to be like piping this to word counts oh and actually we should make we should make curl silent so there we go now we have just the word counter results so a single line to determine one page uh and what we could do is we could check oh if this value changes like if there is any different amount of words present on the page or characters or lines right if there's anything different about the page at all then we probably got something worth looking at right so I know I've just built out kind of this gross and disgusting thing but let's actually grep Tac V on that output for exactly that line so we won't see any results right away right other than uh if we were to actually check with an if statement if and inside of the square braces A bash kind of quote here if the exit or return code of the previous command if that was equal to a zero that means it succeeded that means there was something other than that previous line present in the output which tells us that the page had changed so in a horrible way we could then do Echo found it and then probably break and then end our if statement with an fi right so if I run this still no output still nothing changes nothing's going on but what we could do is actually Echo the current iterator that we are on right now so now we can see our progress as we increment zero zero zero zero zero one Etc et cetera Etc until we eventually find it and we'll see that the page has changed in its output and response so I'll let this run for a little bit again because it's procedural it's slapping this thing one number at a time which is kind of not as good and maybe we could spend some time trying to script out some asynchronous like multi-threaded concurrent thing to beat this up uh but maybe that's another video just as well I'll pause the recording and I'll get back to you once this is done okay so it says it found it with the response of nothing I'm assuming it's going to end up being a redirect for number 1335 in my case uh that number might be different for you I don't know but okay entering that in that looks like that is the correct thing and now I am in a file browser and file viewer um seemingly application here so if I I'm going to try to browse ooh just the root directory I entered the forward slash there to represent oh the root of the file system uh you could see anything Etc interesting could you see anything in like home oh yeah so there's Fred and Jason what is in home Fred's directory nothing what is in home Jason's directory oh he has a user.text and an SSH directory so maybe we could actually retrieve some of those if I did home Jason user.txt hello can I retrieve that yes yes I can okay so that is how we could kind of say hey we found our user flag although it's not a full shell just yet please submit you got this you can figure it out try hack me I know you can whatever we're moving on um I'm also wanting to check out Jason's um SSH directory does he have I guess authorize keys right ooh okay so that failed permission denied uh how about is public dot Pub oh then I actually came back um could we get his private key then yes apparently we can okay so because we knew that SSH is open and we have these user accounts that have their credentials here uh we can actually use this private key as a means to get on the machine knowing that okay we will see a user Json uh we'll have to enter a new line at the very very end of this file but if we actually make that only readable by us so it's a valid idrsa key and then we know that this is protected by the way you can see this says encrypted at the very very top so we'll have to run something like SSH to John uh something with John the Ripper right can I actually locate that okay here it is so SSH to John on this Json file and all of this output we can redirect it and say oh you know what we'll give that for John dot text perfect and then we can run uh John the Ripper in all reality on for John dot text I do have Rock U already set up in my user share word list directory so if I run that maybe John the Ripper we'll be able to crack that and determine the password looks like it did one a2b3c40 so with that we know the password for this SSH key we have the SSH key and we know that SSH is running so we could SSH into this machine let's go ahead and SSH to Json at that the IP address with json's idrsa file and we know the password up above here is this yes I'm totally cool with connecting to it here is the password I hit Ctrl shift V to paste it and we are in so now we could have a genuine shell readout user.txt and say that we have got on the box uh but the next course of action is going to be getting to hack me to submit this flag no trying to prevask trying to become the root user okay it's just not gonna so we can go ahead now and try some basic Prevost stuff we can check if we can pseudo attack l or sudo with any other permissions it looks like we can which is interesting um we can run anything as Fred without a password so we could just straight up specify Fred is the user that we want and then run Bash and now we're Fred so that was a good one we could of course run like Lin peas or do any another enumeration or check out set uid binaries or any of the other low-hanging fruit but let's quickly check oh what Fred can do he can actually run as root uh fail to ban ooh so that's an interesting one system CTL you might think oh that's got a batfo bins and you would be right um but it only when you can like do something specific with systemctl if you could Supply the arguments or do something interesting that could be worthwhile but we only have the capability to do that as the single command restart failed to ban so if you don't know what failed to ban is by the way filter bin is a sort of ips or an intrusion prevention system or software from right to protect computer servers from Brute Force attacks um in Linux you could use this to hey determine whether or not you're being Hammer you're being attacked by some SSH brute forcing or FTP or port scan blah blah blah uh it actually probably could be used as a privilege escalation Vector you know so it looks like there are some research already out and about on this here's an example um if we could modify failed to bans configuration settings it is running right is it not systemctl status failed to ban hey he's cooking he's going um Fields have been put stuff in Etc failed to ban so if I wanted to check out all of these I don't have right permissions and all of these are owned by root I'm looking at that last octet to see hey do I have right permission is there a w anywhere action.d is where other stuff could be but again I don't have any right permission on any of these files oh Fred why does Fred own this one iptables multiple has anyone done anything weird with that no it looks just like a regular fail to ban thing but we can read it and write to it so maybe that'll give us some access right so if it were blocking a machine which it could be like we could just hammer it with SSH kind of like they're doing in this example here um it'll get added to IP tables and oh actually they use the very same multi-port one so when a machine is banned or unbanned we would have right access to that file for one thing because we own it and because action.d like this directory is kind of writable by us so could we not just hey touch anything yeah so we can create files or modify anything that we really want in there I'll do like Vim on npf add a couple comments hello even if it says Hey changing your read only you're writing a read-only file it will still write should I not oh did I just kill the thing uh I just did I just obliterate that I'm pretty sure I did all right how about if I try to write to this hello right file change while writing W quit save exclamation point file has been changed since I read it yeah that's fine yeah see so it'll it will keep it will keep my file rights because even if I can't write to the file I can write to the folder which somehow grants me that permissions anyway anyway anyway the gimmick here is that we have the ability to run a command when a machine is banned so what we could do is we'd actually Vim the IP tables uh multi-port one and let's actually modify where a machine is banned I actually want to do something different I want to say action ban can equal a previsc let's actually set bash to be set uid binary and that way we can just print it as needed that's one of my favorite tricks it's stupid but it works so action unbanned will also just for the sake hey you know I don't want to break anything let's go ahead and make bash set uid binary perfect that's written and we know that we could modify now that we've made this configuration changes we can restart the service from fail to ban as root right with sudo without a password so let's run that there we go and now let's go ahead and actually check out the permissions on bin bash right now it's not a set uid binary but if I watch this good let's actually make another terminal down below and let's try an SSH to like John at uh whatever the IP address is let's ban ourselves now let's grab this and it needs a password whatever whatever I don't know how quickly do I need to keep spamming this thing can I use like SSH pass yeah so let's use tacp for anything and then let's use SSH John at that so that will fail oh oh and that saw it right away I don't know if you noticed it up top but now our bin bash has changed and I could run simply bashtag p and now I am root because we banned ourselves we're able to make take advantage of that fail to band configuration file and now if I move into the root directory I have that root dot text and that is the end of this box super cool that was fun I really liked that one um I don't know why Try hack me is not letting me submit these I guess we can momentarily copy these and try and reload the page how about that triag me come back maybe the machine I feel like the room got changed because now the task the previous task above it just went away remember the one at the very very start when we started recording this was like oh it changed me or update me but no we did it we win we've completed that room and man oh man I hope you had some fun uh I hope there were some little nuggets in there I hope there was some learning some good education but uh if you feel like there were or if you got anything out of this video thanks for sticking with me please do all those YouTube algorithm things you know I would love if you could like the video leave a comment subscribe dude there's a statistic YouTube Studio analytics shows you this and I know everyone says this and it's like the dumbest thing like oh however many of you aren't subscribed and some of you are the numbers for me 55 of you are not subscribed which is more than half there's like whatever a smaller half smaller portion than are subscribed so if we had all of you that aren't subscribed just oh you know click the the red button right there dude you get more content we have more fun it could be a better life experience for everyone you should do it you should consider it all I'm asking hit the red button thanks so much everybody hope you had fun I love you I'll see in the next video take care [Music] [Music] happy birthday [Music] [Music]
Info
Channel: John Hammond
Views: 91,585
Rating: undefined out of 5
Keywords: cybersecurity, learn, programming, coding, capture the flag, ctf, malware, analysis, dark web, how to learn cybersecurity, beginners
Id: vAlkrw-o7m4
Channel Id: undefined
Length: 44min 37sec (2677 seconds)
Published: Wed Mar 16 2022
Related Videos
TryHackMe! Skynet - Wildcard Injection
John Hammond
107K
Mozi Malware - Finding Breadcrumbs...
John Hammond
195K
HackTheBox - "Remote" - Umbraco & Windows
John Hammond
80K
Free Coding Tool Distributes Malware
John Hammond
66K
Coding a Web Server in 25 Lines - Computerphile
Computerphile
230K
Uncovering NETWIRE Malware - Discovery & Deobfuscation
John Hammond
88K
Gitlab LFI to RCE - HackTheBox "Laboratory"
John Hammond
112K
Discord Malware - "i hacked MYSELF??"
John Hammond
191K
TryHackMe! Abusing SETUID Binaries - Vulnversity
John Hammond
139K
How to protect Linux from Hackers // My server security strategy!
Christian Lempa
199K
BLOODHOUND Domain Enumeration (Active Directory #06)
John Hammond
70K
TLS Handshake Deep Dive and decryption with Wireshark
David Bombal
264K
Fail2ban Tutorial | How to Secure Your Server
Akamai Developer
52K
Reverse Shell UNDETECTED by Microsoft Defender (hoaxshell)
John Hammond
154K
Information Stealer - Malware Analysis (PowerShell to .NET)
John Hammond
50K
Free Hacking API courses (And how to use AI to help you hack)
David Bombal
55K
TryHackMe! PickleRick - BYPASSING Denylists
John Hammond
276K
TryHackMe! Bypassing Upload Filters & DirtySock
John Hammond
67K
Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
John Hammond
484K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.