1:44 - port scanning /w nmap 2:43 - Web vulnerability scanning w/ Nikto 2:50 - finding web dir /w gobuster 6:18 - cracking password /w hydra 7:11 - FTP login 10:17 - doing some forensic stuff 11:20 - cracking zip file 14:54 - SSH & finding task 4 answer 20:48 - Privilege Escalation Always fun to watch John Hammond doing some TryHackMe room, hope my channel can grow as good as John Hammond
I was just watching an ippsec vid and he has chapters with titles and descriptions that display when you hover over the seek bar. I guess this is a new feature in UA-cam , at least its the first time I've noticed it. The feature should save you some keystrokes 👍🏻
I don’t know why, but I find your TryHackMe! videos to be super relaxing. I only vaguely understand what you’re doing, because I don’t possess any of this IT knowledge that you’re implementing. Thanks for the great content.
Happy to hear that! You'll definitely pick up the skills and the IT knowledge if you keep watching more, I think! Thanks so much for watching and thanks for all the kind words!
Agent Sudo is so awesome, especially if you're like me and have never gotten into steganography. Not to mention seeing you doing it with your knowledge is even more awesome! Thank you, John!
Nice room John! I've learned some nice stuff with this video. I'm new in the hacking world, I started in THM a week ago and I'm learning a lot. Keep up with the good content, greetings from Argentina!
@@_JohnHammond Hi John, would love to see more Windows side stuff, Im currently studying for OSCP & I know there is a lot of Windows based, most of the stuff we tend to learn from CTF is all linux based, which is fine, for e.g. Could you do a review or something along the lines of using tools like psexec.py, crackmapexec etc... More Active Directory based attacks (or your next video for Attactive Directory) :) Thank you
oh man, I spent sooo long trying to find a steno tool that would work with PNG files... when I eventually tried binwalk I then spent ages trying to work out how to extract the extra data... had no idea binwalk would do that for me :D
I got stuck on the zip file section. I did not see anything related to that. I’ll have to research the “binwalk” command, since this is the first time I’m hearing about it.
Why did you immediately chose binwalk when you found that string in the png? I personally spent time using stegcracker on both images hoping there was some regular form of stenagraphy
What type of machine are you using ? is it a ubuntu VM if yes would you share the tools installed on it. i also assume your using tmux. great content btw
when trying crack the zip2john file i named " cracked.txt" is not working any ideas ? i have the output john --wordlist=/usr/share/wordlist/rockyou.txt cracked.txt Using default input encoding: UTF-8 Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x]) No password hashes left to crack (see FAQ)
cool vid, but it's super annoying having your face over the commands your typing lol can you move the active console pane to the top or hide your camera when typing?
I feel like the last couple of videos have been unpolished at the begining. I feel like i takes 0 effort to clear stuff from previous videos, deploy the machine, make a directory and open a text file with the IP copied. In my opinion this can all be done before the video starts thus avoiding the first/first and a half minute of the video.
1:44 - port scanning /w nmap
2:43 - Web vulnerability scanning w/ Nikto
2:50 - finding web dir /w gobuster
6:18 - cracking password /w hydra
7:11 - FTP login
10:17 - doing some forensic stuff
11:20 - cracking zip file
14:54 - SSH & finding task 4 answer
20:48 - Privilege Escalation
Always fun to watch John Hammond doing some TryHackMe room, hope my channel can grow as good as John Hammond
I was just watching an ippsec vid and he has chapters with titles and descriptions that display when you hover over the seek bar. I guess this is a new feature in UA-cam , at least its the first time I've noticed it. The feature should save you some keystrokes 👍🏻
This is AWESOME! Thank you so much for the timestamps, I really need to put stuff like this in my other videos!
All your videos are amazing 👍!!
I don’t know why, but I find your TryHackMe! videos to be super relaxing. I only vaguely understand what you’re doing, because I don’t possess any of this IT knowledge that you’re implementing. Thanks for the great content.
Happy to hear that! You'll definitely pick up the skills and the IT knowledge if you keep watching more, I think! Thanks so much for watching and thanks for all the kind words!
Agent Sudo is so awesome, especially if you're like me and have never gotten into steganography. Not to mention seeing you doing it with your knowledge is even more awesome! Thank you, John!
It makes me happy that what you did was more or less what I wrote in my writeup as a beginner back in December, awesome that I did it like you too!
I love how every morning I wake up and there is a new video waiting and new things to learn!! Very cool video :)
Hopefully I can keep up the every-week-day uploads! Thanks so much for watching!
Addicted to John's explanations
I just got here (on your channel) this week and i'm learning a lot from your videos, thank you! Keep doing them, they are awesome!
Your videos are rlly chill and I like to watch solve CTFs that I solved :D
Thanks for uploading :3
Du auch hier
Happy to hear that! Thanks so much!
@@Noah-hk4ec
Schon lange xD
nice!!
In this machine Linpeas reported permissions in lxd so I mounted a container and get root. I didn't know about this CVE :')
enumeration videos like this is great to learn file extractions and finding hidden stuff
19:26 *"2.2.3 Crash at Corona."*
Theyve planned this whole thing back then already 😦
Lol
Nice room John! I've learned some nice stuff with this video. I'm new in the hacking world, I started in THM a week ago and I'm learning a lot. Keep up with the good content, greetings from Argentina!
thanks for making these videos. helpfull to see someone elses sollution!
say it with me John - 'autoSPY'...the box is agent sudo after all :D
Nice one, thanks, always cool to watch 👍
You make very good tutorials 🖒
Thank you so much! Appreciate all the kind words!
@@_JohnHammond Hi John, would love to see more Windows side stuff, Im currently studying for OSCP & I know there is a lot of Windows based, most of the stuff we tend to learn from CTF is all linux based, which is fine, for e.g. Could you do a review or something along the lines of using tools like psexec.py, crackmapexec etc... More Active Directory based attacks (or your next video for Attactive Directory) :) Thank you
How did you know to try curling the website with an added header? That seems so random is that a very common technique?
Of course I never get to exploit this bug when I want to find it, but I watch a video and there it is :)
Good video tho!
Thanks so much! And thanks for watching!
@@_JohnHammond I'm 22 but I wanna be like you when I grow up hahaha
Had to come here for the image title lmao
oh man, I spent sooo long trying to find a steno tool that would work with PNG files... when I eventually tried binwalk I then spent ages trying to work out how to extract the extra data... had no idea binwalk would do that for me :D
damn dude, subscribing forsure! Awesome content in all your videos. Thanks a mil for the knowledge. :)
thanks i learned so much
omg very informative... like even for starters. greatwork!
ngl I was also fetching Alien_autopsy.jpg , fun room and great video as always !
You are amazing
Thanks man
your cam is on the command way
Very cool!
Great video!
Really cool!
your videos are very entertaining, keep going D:
Thanks for the tutorial.....
I got stuck on the zip file section. I did not see anything related to that. I’ll have to research the “binwalk” command, since this is the first time I’m hearing about it.
Thank you very much, how long does hydra normally take?
You can also do this with lxd privesc.
Those fonts at 0:42 look cool!!! What are they called?
The pain in this entire video is the exact reason I purchased a subscription with Tryhackme lol... so much faster and a lot more stable.
hydra part was great. i watched your CTF videos from 2018 and it was very useful? Do you have a place where all your past videos can be listed?
Hi can you make walkthrough the burp suite room. it is not free but want to learn this badly.
Super.....
dud ,what is the name of the music in the end of the video ?
i used burp suite for change the user agent to C in repeater but it didnt work?
Sry for this question, but I am really knew to this stuff. How can I access to the scripts which you are using?
John, how do you use kali tools on Ubuntu? You installed them with Katoolin?
Why did you immediately chose binwalk when you found that string in the png? I personally spent time using stegcracker on both images hoping there was some regular form of stenagraphy
What type of machine are you using ? is it a ubuntu VM if yes would you share the tools installed on it. i also assume your using tmux. great content btw
John uses Terminator rather than tmux
2 openvpn connection just like in the king of the hill live
I'm so bad with that -- I really need to script that to kill it and bring it back as just one instance! Thanks for watching!
I’m sure your asked a lot but do you have a link or guide to install the tools on Ubuntu your using?
♥️
what terminal emulator are u using john?
make videos editing hangout streams !! 😀
After ubuntu 20 arch you came back to 16 why 🙄🙄
when trying crack the zip2john file i named " cracked.txt" is not working any ideas ? i have the output
john --wordlist=/usr/share/wordlist/rockyou.txt cracked.txt
Using default input encoding: UTF-8
Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x])
No password hashes left to crack (see FAQ)
I have the same problem. Did you find a solution?
❤️❤️😍
I'ld like to learn basics for free give me advice as soon as possible pls
cool vid, but it's super annoying having your face over the commands your typing lol can you move the active console pane to the top or hide your camera when typing?
Bash files open
13:03
I feel like the last couple of videos have been unpolished at the begining.
I feel like i takes 0 effort to clear stuff from previous videos, deploy the machine, make a directory and open a text file with the IP copied.
In my opinion this can all be done before the video starts thus avoiding the first/first and a half minute of the video.
good tutorial.. but too fast.
it was not easy :s
Everything goes smoothly until i have to use John The Ripper piece of crap software that is completely broken and bugged lol
Im the 1000 liker
ahahhahaha, cringe. i dont wanna see that!!!!!
Your videos are Nice to watch but You're way too fast and don't explain very much Sadly