TryHackMe! Ghostcat CVE-2020-1938
Вставка
- Опубліковано 4 чер 2020
- If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: paypal.me/johnhammond010
GitHub: github.com/JohnHammond
Site: www.johnhammond.org
Twitter: / _johnhammond
Can you please make a video about tools and shortcuts you use in terminal ,subl and other related stuff for beginners to get advance .
This would be great! Good suggestion!
I sent an email asking about this exact thing. Of all the people I follow, he moves the most fluidly through his system/applications
Brent Ford practice!
He has a video that may help. How to move fast in linux.
I have a very VERY small understanding of what you are doing, but still watching you fly through this difficult course with such ease is amazing to watch, also scary knowing that a single exploit can give someone all that info
hey man i just found your channel and you're so entertaining im honestly surprised you haven't got more subs!
11:55 . Who do you think doesn't like your videos? You are out GURU! Man keep it going. We all love your content. Keep rocking 🔥🔥🔥The 13 dislikes are from the people who are jealous.
Great Video! Ran into this vuln on a recent pen test.
Great vid John :) I never knew johntheripper could do GPG, I've always been doing it manually rip
Cool one! Looking forward to some NahamCon footage :)
Hey John,
Love your videos, they have greate educattional value for me and you bring great value for new-commers to the community.
One thing i would love to see is your setup. so:
- What hardware are you using,
- What Dist(ubuntu)
- What packages and so forth....
i know it kind of a noob question but the best way to improve is to learn from other people and how they opearate..
But i see you use certain packages such as GostBuster instead of dirbuster and i am just curious why you chose the tools, and hardware you did.
Great Video.
ur AMAZING
Lol..It took hours for me and he just made it look soo easy..
Nobody: I didn't like this
John: Uhhh...well...... I don't know what to tell you
I do not understand a thing you just did but it looked fun.
True😂😂😂😂
😂😂😂 that's what makes it fun
If people don't like you... they just left the video... putting a down thumb... Because they are mad.
Great again. Continue as you use to, you're doing it great!
Hey, love your content alot. I'm into cyber security myself aswell. The only thing that I think could give you more views is definitely the thumbnails. They look very messy I'm sure if you were to make them more simple people would watch them more often.
Nice outro music
Please explain what you did after decrypting the hashes_for_john.txt?
I haven't seen John swear so much in 1 video. 😄
Hi! Just wondering, why did you use gpg2john and what did it do? I believe that file was a private or a public key right? Does that mean If we use ssh2john on a private / public ssh key, we can retrieve thr user password???
The end 😂😂
Apparently you didn't need to log in to merlin to go to his folder and cat out the user.txt file lol
First time I've heard you swear and it was super casual. What kind of username was that?!
I must learn to grease my fingers like the master. goal utf-9001 *whispers fading ~finger grease
Did you try the wonderland CTF on Try Hack Me, I'm busting my brains over it at 2:30 am.
just dont go to rabbit hole
When is the next king of the hill live stream, I have never seen it live. This time I am not gonna sleep the night and watch it live
This weekend is NahamCon and I am hosting the NahamCon CTF (register here! ctf.nahamcon.com ) so unfortunately not one this weekend, but perhaps after? Thanks so much!
@@_JohnHammond Hi John! Thanks for the great content. Question: Which else files except /WEB-INF/web.xml are there to read? Cause on my target this file is a standard web.xml file without any valuable information?
what a coincidence I just completed this ctf😀 and did learn about pgp encryption 🤓
Could you please make a video about how to setup Ubuntu for hacking? I know that there is katoolin3 but it doesn't install wordlists and stuff…
Hiii John! From Philippines ♥️
Hey Erman! Love from the US! Thanks so much for watching!
Hi can someone help me to download armitage on kali linux 2020.2 I have the root account and got armitage but got the error datafile does not exist connection refused to database. Error is from Metasploit-framework. I would thank you if anyone could help me.
Is nahamcon beginner friendly
Great exploit! But I am not getting any credential :(
U can do -w instead of --wordlist
One general question .. I thought UA-cam forbid „hacking“ videos? Or is this some kind of educational hacking?
this is not a real target buddy it is a ctf challenge
dark knight you don’t say .. but does it matter? I thought it was „hacking“ in general.
Dude, all you do is relying on the work of others. You do nothing with your own knowledge. Just the use of some common tools and googling an exploit is what you do.
why reinvent the wheel?
@@UsamaAli-kr2cw I can use nmap, a text editor and google allredy by myself.
If you enjoy Videos where a guy explains exactly that to you I've a pity on you...
Hi! Just wondering, why did you use gpg2john and what did it do? I believe that file was a private or a public key right? Does that mean If we use ssh2john on a private / public ssh key, we can retrieve thr user password???
gpg2john converts the ASC file to a file that can be passed to John The Ripper for a brute force attack. It is not guaranteed to retrieve the password in this manner; in this case, the private key was protected by a weak password contained in the RockYou.txt word list.