Watch this hacker break into a company

Поділитися
Вставка
  • Опубліковано 23 гру 2024

КОМЕНТАРІ • 2,9 тис.

  • @adamd0ggg2
    @adamd0ggg2 7 років тому +494

    A cyber security guy gave a lecture in my class once and he said "The most difficult part of cyber security is the people". "You can rewrite code, you can isolate networks, but people like to be helpful and that is all it takes for a hacker to get in"

    • @YTStoleMyUsername
      @YTStoleMyUsername 2 роки тому +1

      This is true. People believe that most people are not very trusting of others but in fact, studies have shown that people are much more trusting of strangers than we'd assume.
      One of the studies I remember they called a bunch of random people, told them to flip a coin, and if it was heads, they win money. If it was tails, they didn't win.
      It was split evenly 50/50 on who reported heads and tails, meaning people weren't lying to say they got heads just to win the fake prize. They actually believed the caller and flipped a coin. Pretty interesting.
      This sort of psychology can be quite fascinating, especially since we don't know exactly how or why it all works the way it does.

    • @stefHin
      @stefHin Рік тому

      A quote that I remember is "if there is a conflict between security and usability, usability always wins".
      An example for this is that if employees are required to use long and complicated passwords, they will start writing them down on a piece of paper on their workplace.
      I also know a company where there was a requirement to use second factor authentication to access certain data, and the session regularly expired while looking through the data. Only took 1 day until someone wrote a "stay alive" script that prevented the expiry.
      If you restrict the user rights on computers too much (e.g. keep them from installing software they actually need), employees will start working on their private PCs and transfer data.
      If employees are required to change their passwords regularly, they will only change a minor detail about it (e.g. change a digit at the end of it)
      I think this goes in a similar direction - you can totally make an IT system quite secure, but you really need to be careful how it impacts usability. This, combined with, as you said, general helpfulness and trust in other people's good intentions will always be a weakness.
      Imo, if social engineering is done well (involving publicly available information about a company or private data that makes things seem plausible, almost everyone will fall for it. I include myself here btw. If someone really did his research on me and crafts an email with believable content from a person or company I interact with, without any obvious red flags, it is quite likely that I will click a link or open an email attachment...

    • @LeonHuang-nj2nr
      @LeonHuang-nj2nr Рік тому +2

      Yes sir 😺

    • @budgetarms
      @budgetarms 3 місяці тому +1

      yeah, it's said all the time, it's not surprising, I think that is has been said too much, everyone knows it

  • @ScipioWasHere
    @ScipioWasHere 8 років тому +5619

    Spoiler Alert: The company was Yahoo

    • @dah5096
      @dah5096 8 років тому +48

      home depot and target on episode 2 and 3

    • @plpchlr8688
      @plpchlr8688 8 років тому +16

      or microsoft....

    • @williamdillery2740
      @williamdillery2740 8 років тому +147

      Microsoft tech support is like 90% Indian

    • @markwhoeverdafuck4114
      @markwhoeverdafuck4114 8 років тому +63

      Yeah the fake tech support William

    • @videogyar2
      @videogyar2 8 років тому +2

      It could be any company, really.

  • @alida004
    @alida004 8 років тому +2782

    i wish i had this lads social skills

    • @Claytonnn
      @Claytonnn 8 років тому +106

      Rhandy it's not even social skills, it's just lying. You have the skills to do this haha

    • @jona823a
      @jona823a 8 років тому +206

      Everything is easy, if you know what you're doing

    • @bloodynachos
      @bloodynachos 7 років тому +6

      just stick to the script and its easy as hell

    • @kukuricapica
      @kukuricapica 7 років тому +27

      I recommend you to watch some defcon presentations on social engineering. It's really easy to convince people to give you the information. You have to understand that all he does was asking a guy to search a web-site. What they didn't tell you that somebody had to find that exploit, wrote a code/script... Not to mention they need to mess around his/theirs system and dig deep for flaws.

    • @michael_c137
      @michael_c137 7 років тому +31

      guys, I think he was being sarcastic

  • @alprazo
    @alprazo 4 роки тому +182

    "Oh btw, Ken was fired"

    • @alprazo
      @alprazo 8 місяців тому

      @matthewmorrison3703 Nigga I don't even remember what this video is about

    • @ayushpandey8766
      @ayushpandey8766 5 місяців тому

      😂😂

  • @allmyducksinarow
    @allmyducksinarow 4 роки тому +291

    When used for crime, these kinds of people are called manipulators and sociopaths. This guy was smart enough to make a good living off of being conniving and convincing. Pretty cool dude.

    • @V-ANews
      @V-ANews 3 роки тому +13

      Ya alot of the top hackers change sides after they are caught by fbi and are asked for a good plea deal or no jail at all if they would instead use their knowledge and help the government

    • @centurion_ratslayer
      @centurion_ratslayer 3 роки тому

      It's just fun

    • @callofdutyblackops9
      @callofdutyblackops9 3 роки тому +25

      That's not sociopathy, Sociopathy is someone who doesn't have the ability to form their own emotions, and can't really comprehend why emotions are important, and they can become great a miming emotions, so yes sociopaths are great manipulators, but there's a whole bunch of impulse stuff that comes along with it.

    • @paogruniverse
      @paogruniverse 3 роки тому +2

      @@callofdutyblackops9 agreed, and I'll add to grace that Being used for crime or not it's still manipulation.

    • @narcleptik
      @narcleptik 2 роки тому

      What a crockof shit he's stealing

  • @jesperrasmussen4047
    @jesperrasmussen4047 8 років тому +2075

    Watch this hacker break into a company > Watch this random guy make a phone call and install remote desktop.

    • @clarencedf1100
      @clarencedf1100 8 років тому +41

      lol yeah that is what I thought too

    • @adamwebster1652
      @adamwebster1652 7 років тому +68

      I like to think he had Social Engineering Toolkit on Kali on that laptop installing his own propagating java backdoor.

    • @BantuBeiraMar
      @BantuBeiraMar 7 років тому +21

      Hardly a random guy.

    • @BantuBeiraMar
      @BantuBeiraMar 7 років тому +5

      Adam Webster well, he did write it.

    • @pauolive7239
      @pauolive7239 7 років тому +40

      never heard about privilege escalation? if he hacks a pc inside a company, he can access to the whole

  • @cscarlton24
    @cscarlton24 8 років тому +1319

    I need to hack into my customer's brains

    • @himenchiemsp2086
      @himenchiemsp2086 8 років тому +1

      I think that's impossible

    • @Khatisgood
      @Khatisgood 8 років тому

      njice nice meme nice nice meme nice meme

    • @smekminfisk
      @smekminfisk 8 років тому +1

      Yes, learn your marketing.

    • @nightsinder
      @nightsinder 8 років тому +5

      its not impossible, its possible. We have something called a brain inplant where a chip gets inplanted in your brain, after thats done you can hack it. They inplant these chips into paralyzed people in some countrys like America so they can gain control of parts of their body. So with a chip inplanted in your brain hackers can manipulate the signals and make harm. This tech is many years old so google it if you dont believe me.
      You can do same thing with cookroaches and other insects aswell, Google cyber cookroach, inplant a chip into his antennas and you can control the cookroach like a robot.

    • @sebastiankohleroberg2980
      @sebastiankohleroberg2980 8 років тому +2

      Bro that just mimics the electricity sent by a nerve. It doesn't posess the power to control the brain but rather mimic some signals the brain sends out. Trust me it's not the same.

  • @_exttt
    @_exttt 8 років тому +1799

    2:18
    "We gotta grow up a bit"
    *sees spider-man blanket and mannequin in background"
    ok

    • @uc1hamadara13
      @uc1hamadara13 8 років тому +18

      The day an Age where being a gee is still "Childish "

    • @andrewdimonda10
      @andrewdimonda10 8 років тому +3

      Extritio I thought this same exact thing and scrolled down to see someone else did too lol

    • @PravSrpski
      @PravSrpski 8 років тому +57

      It's not childish to be a fan of something

    • @mightymorphinetime
      @mightymorphinetime 8 років тому +3

      lmfaaooooo

    • @Reiiyne
      @Reiiyne 8 років тому +26

      That joke was actually a lil more funny because it's comin' from a weeb, haha.

  • @dylann9719
    @dylann9719 3 роки тому +144

    The most ironic sentence that came out of his mouth “I really suck with computers man” 😂😂😭

  • @kylemossi
    @kylemossi 11 місяців тому +24

    I find it very hard to believe that this script could, with a *single* input from a person, grant any useful access to anything, let alone enough to 'bring down the company'. This is hyperbolic to say the least.
    I've worked in Operations and tech support, I would never go to a page one of my clients told me to go to, I would vet it on a virtual machine....for THIS very reason.

    • @Pizza793
      @Pizza793 8 місяців тому

      I know right, this is news doing scare bs once again. Just clicking a link doesn’t give them access to your whole computer. Otherwise it be completely unsafe to surf the web, since clicking links is the entire process of surfing the web. These scam sites are always trying to get you to run executables. Why the heck would they bother if just clicking the link for the executable download was enough?

    • @Michael_Jackson187
      @Michael_Jackson187 3 місяці тому +5

      Yea it’s mostly bullshit unless he had some kind of zero-day that allowed him to get a reverse shell onto this dudes pc through RCE but I really doubt that.

  • @mrlevinielsen
    @mrlevinielsen 6 років тому +1014

    "What do you think of when I say the word hacker?"
    um
    *inspect element*

    • @Dark_Rizz
      @Dark_Rizz 5 років тому +14

      Yeah keep *inspecting robux in roblox dude*

    • @nightviper7354
      @nightviper7354 5 років тому +1

      +MrLeviNielsen
      lmao😂😂😂

    • @nightviper7354
      @nightviper7354 5 років тому +1

      but that's true

    • @blakebarbee7224
      @blakebarbee7224 5 років тому +3

      @@Dark_Rizz Moron you can't hack robux by messing with inspect element. The currency is stored on secured roblox servers. I already tried with picto and failed.

    • @Dark_Rizz
      @Dark_Rizz 5 років тому +12

      @@blakebarbee7224 that was a joke don't take it too serious you'll get heart attack LOL

  • @kylechoi56
    @kylechoi56 8 років тому +157

    So CNN learned clickbait...

    • @ikennaunamadu4692
      @ikennaunamadu4692 7 років тому +2

      Kyle Choi how was this Click Bait??

    • @jayson16
      @jayson16 6 років тому +2

      ikenna unamadu title watch this hacker break into a company instead he just calls a bussiness man and let him go through a computer..

    • @jayson16
      @jayson16 6 років тому

      Marcus 5_887_4 lol so the computer broke in the company?

    • @visvge4934
      @visvge4934 4 роки тому

      Boy does this comment age well

  • @stillmillionair
    @stillmillionair 7 років тому +1106

    For each thing he hacked he lost a single hair

  • @multiwebinc
    @multiwebinc 4 роки тому +27

    I'm guessing the real problem here is not that Ken from support visited a website, it's that the remote desktop software on his computer wasn't configured to ask for authentication. All the website did was provide his computer's local IP address and then the hacker used that to connect to his computer. He could have easily done this completely without Ken from support's assistance by simply scanning the local network for computers that respond on whatever port they are using for RDP. That whole call to Ken from support was nothing but added dramatic effect.

    • @dominickhart3435
      @dominickhart3435 Рік тому +1

      What if he wasnt given the local ip of the company?

    • @kylemossi
      @kylemossi 11 місяців тому +1

      @annaparker8234 I think this video give the wrong portrayal. I'm in tech so I know what you are talking about, which is totally logical, but this video definitely made it look like the user interaction was all it took to completely own them.

  • @mrvic3952
    @mrvic3952 4 роки тому +21

    There are several levels of hack.
    He hacked his browser this way and that is all you need bro...

    • @m4n4nm4n4n
      @m4n4nm4n4n 4 роки тому

      i need hackers worldwide m4n4n@hotmail.com

  • @OkoYT
    @OkoYT 8 років тому +885

    "we gotta grow up a bit" *he says sitting in front of a giant spiderman"

  • @shannoninalaska
    @shannoninalaska 6 років тому +107

    "There are very, very bad people, which means it falls to the good people to try to fight it. We have so much potential to shape our culture, our values, our safety - if not us, then who?"
    Exactly the confirmation I needed to hear to clear up my own dilemma, and feelings of responsibility for others in my situation. I was unsure whether to pursue fighting a seemingly small issue, or concede to someone who is blatantly abusing their power and position because it would be much easier to just give in and a LOT less stressful. But, this guy just gave me more motivation to keep me going. And he is right.

    • @AlexYazanGames
      @AlexYazanGames 3 роки тому +1

      wth?

    • @shannoninalaska
      @shannoninalaska 3 роки тому

      @@AlexYazanGames nevermind, they won. I lost. But I gave them hell in the meantime. Evil does win sometimes.

    • @shannoninalaska
      @shannoninalaska 2 роки тому

      @@puchu_5001 nevermind. It's in the past. Evil neighbors and evil HOA in my old neighborhood in Florida. They attacked a single mom (and others before me too), vandalized my property, and I had to cash in what little retirement I had worth thousands of dollars in order to hire lawyers to fight them. My own lawyers scammed me too. I only lived in my house for 4 years. That was enough for me. You can't win against an evil HOA. Don't bother fighting them. There is no law that will protect you against them. 4 years of hell and that was the last straw. I moved to Alaska. No more HOA ever again.

    • @5kr3aminMunk33
      @5kr3aminMunk33 2 роки тому +7

      @@puchu_5001 she's in Alaska so she was probably in the midst of fighting with a bear; the bear obviously won, took her phone, then made this comment while pretending to be her. It's a very tragic story, and we watched it play out.

    • @AlexYazanGames
      @AlexYazanGames 2 роки тому

      @@5kr3aminMunk33 That’s very tragic. I feel very sad that Shannon died. 😔

  • @shostakovich1234
    @shostakovich1234 8 років тому +438

    I think of the Hacker known as 4chan.

    • @mr.q7
      @mr.q7 8 років тому +60

      He's the 400 pound man in the basement, right?

    • @aquaexnar3093
      @aquaexnar3093 7 років тому +13

      Yeah, his real name is Chuck, and it's his mother's basement.

    • @zipzapfrik_shun6759
      @zipzapfrik_shun6759 7 років тому +1

      Spooky euH

    • @hustlerzNcake
      @hustlerzNcake 7 років тому +4

      Uh 4chan is a chat service.. not a hackers name.

    • @Zag22
      @Zag22 7 років тому +13

      Broken Logic whoosh...

  • @tequilatyrant3992
    @tequilatyrant3992 4 роки тому +50

    "we should all grow up..." Says the guy with all the spiderman stuff in his living room loool

    • @ItsCrypticc
      @ItsCrypticc 4 роки тому +6

      Tequila Tyrant spider man isn’t just for kids, how could u think that? That is so stereotypical 😹😹😹

    • @tequilatyrant3992
      @tequilatyrant3992 4 роки тому +1

      It's just a joke bro.

    • @SparkzFortnite
      @SparkzFortnite 4 роки тому

      i was just about to say that🤣🤣🤣

  • @chamalcabraal2619
    @chamalcabraal2619 4 роки тому +34

    Plot twist : The company was Twitter

  • @surlado9467
    @surlado9467 7 років тому +1341

    ***Clicks link***
    Hacker: LMAO JUST HACKED YOU NOOB

    • @Arctic740
      @Arctic740 6 років тому

      BOI DONT TRUST THE LINK I GOT RATTED!!!!!!

    • @untriptrip7542
      @untriptrip7542 6 років тому

      lol you cant do that thats impossbile is this like some windows 7?

    • @surlado9467
      @surlado9467 6 років тому

      untrip trip you’re brain dead. You’d need a JavaScript RCE exploit (all of them are patched) so it’s impossible

    • @P35-h4s
      @P35-h4s 6 років тому

      leaking RC4 isnt hard lol no where near it

    • @trolltunes4286
      @trolltunes4286 6 років тому

      go to d99q.cn if you want to get hacked lol
      Edit: actually don't go

  • @ittotaq
    @ittotaq 8 років тому +97

    Takes more than 2 minutes to reach a human voice when calling tech support...

    • @kenm908
      @kenm908 8 років тому +34

      not when you work in the company

    • @LilaBear
      @LilaBear 5 років тому

      No company I've ever worked for has had automated tech support. Every time I've called it's been a human straight away.

    • @CitizenPerkins
      @CitizenPerkins 4 роки тому +1

      Our internal "customers" were supposed to open problem tickets for help, not call someone in IT. Yea, that rarely worked -- especially for managers and higher. 🤣🤣🤣

  • @tjinspace7001
    @tjinspace7001 8 років тому +348

    That's not a social problem it's an un-patched-browser problem..

    • @hnoobsho
      @hnoobsho 8 років тому +36

      He could just as easily asked the operator to try an download a program to see if it works on his computer instead of leading him to a phishing website.

    • @tjinspace7001
      @tjinspace7001 8 років тому +18

      Chuck Norris If it was that easy cybercrime statistics would be exponential.. Software bugs that can be leveraged are world-class-hard which is why bounties are so high and so sporadically claimed.. Social-engineering is very hit and miss that's why in the rare instances it works it usually doesn't get the attacker that far in to infrastrucure before getting response.
      The headlines you see every month or two are like one out of tens of thousands for that months. At the very least.

    • @robbywilliams8571
      @robbywilliams8571 7 років тому +1

      nigga browser exploitation is trivial. just because people aren't partcipating in pwn2own or whatever fucking competition doesn't mean there aren't hundreds of fucking exploits being vantaged in the wild.
      computer security is a fucking joke. a 120k line program isn't ever going to be secure unless the entire fucking world audits it and every modification made is signed off on by every1

    • @tjinspace7001
      @tjinspace7001 7 років тому

      yeah that's why world class hackers are digging in to nvidia driver code looking for sandbox escapes.. Stuff people pay bounties on is way bigger than 120k lines..

    • @PeterAbt
      @PeterAbt 7 років тому +2

      TJ DEV as far i i understood the support guy opened a file... that he downloaded​ from that website... So i guess it wasn't the browser's fault...

  • @davidd8747
    @davidd8747 4 роки тому +41

    “Hello world”
    I’m in boys

  • @revivalamt6991
    @revivalamt6991 4 роки тому +33

    for anyone wondering, he used metasploitable to create a reverse shell onto his computer

    • @steez4778
      @steez4778 4 роки тому +7

      *metasploit not metasploitable

    • @revivalamt6991
      @revivalamt6991 4 роки тому +4

      @@steez4778 the vm image is called metasploitable...

    • @steez4778
      @steez4778 4 роки тому +7

      @@revivalamt6991 metasploitable is a machine meant to be created to practice exploitation and pentesting, on the other hand metasploit is the one handles the exploits

    • @revivalamt6991
      @revivalamt6991 4 роки тому +3

      @@steez4778 yeah man i got confused

    • @pauljessica971
      @pauljessica971 4 роки тому +1

      Having tried all hack tools on UA-cam,I must say @andrewhack4 on Instagram is the only working one.

  • @MaritaDiary
    @MaritaDiary 7 років тому +528

    In my case, with great power comes great electric bills. fml.

  • @cybercrimetoday4729
    @cybercrimetoday4729 5 років тому +10

    I see a lot of off comments here, this man is bringing awareness, and considering just how many people and companies are affected every day, I support this work, and will now invite him to appear as a speaker at out awareness summit, well done.

  • @KevtechITSupport
    @KevtechITSupport 8 років тому +8

    social engineering (people) are easy to manipulate, this is why you need to have IT meetings and educate users on all these items.

  • @LifeIsNotWorth
    @LifeIsNotWorth 4 роки тому +7

    me: going on the website and clicking here
    my brain: i hope its the wrong website

  • @nirvaangoel8172
    @nirvaangoel8172 7 місяців тому +1

    How did he make the website? What did he use?
    That was insane!

  • @Zoxeo
    @Zoxeo 6 років тому +37

    I truly believe that hackers will actually become our only protection in the future since the world evolves more around technology now

  • @basnijland
    @basnijland 7 років тому +9

    That guy he hacked was genuinely nice

  • @simonedaniel
    @simonedaniel 8 років тому +134

    Social skills? That spiderman house will scare anybody off.

  • @purvaramteke5436
    @purvaramteke5436 4 роки тому +9

    So we are gonna ignore the boys or scammers reposting their comments?

    • @m4n4nm4n4n
      @m4n4nm4n4n 4 роки тому

      i need hackers worldwide m4n4n@hotmail.com

  • @Mika-85
    @Mika-85 3 роки тому +13

    That's unrealistic. If that IT guy simply visited the site without downloading anything and the companies corporate IT is even slightly up to date, there's no way he gained access to the computer just by opening a website...
    Either they're making up a story or the IT guy had automatic downloads enabled in his browser which resulted in him catching a drive by download. However no one working in IT should have automatic downloads enables anyway...

    • @thestarz5190
      @thestarz5190 Рік тому

      Yeah

    • @Romy---
      @Romy--- Рік тому

      Ahhh yes because hackers aren't masterminds. You have no clue what you're talking about. It definitely IS possible, and it's not about having "automatic downloads" enabled.

    • @thestarz5190
      @thestarz5190 Рік тому +2

      It isn’t possible to get your computer hacked by opening a website

    • @thestarz5190
      @thestarz5190 Рік тому

      Unless there’s a vulnerability but Microsoft would fix it fast

    • @lordreno8911
      @lordreno8911 Рік тому

      I agree with this comment, unless that IT guy has a fully disabled firewall and has all the network ports in his pc fully open and unsecured, there is no way just entering a website would get you hacked.

  • @AdrianJayeOnline
    @AdrianJayeOnline 6 років тому +12

    This isn't an ordinary hack, by some random person. So it's more LIKELY to succeed. So let's see the mistakes. (our company practices) 1> Having an internal company number means nothing, we ask whose calling and verify that person. 2> If that person has a COMPANY asset. we would log onto that machine only 3> Generally we would not CLICK on any links, before doing so, we would CHECK the link by hovering over it 4> EVEN if we did, we have secure software/AV etc, which WILL and has detected rootkits, trojans etc, so if my machine was infected, IT security would get an alarm and lock us out, and/or our own machine software would do the same. 5> Permissions on the machine would pop up asking for a piece of software to be installed. 6> remoting into another machine we are the other machine, anything I click on, will install on that machine not mine, mine is behind a firewall............ basically a BS article, not realistic, of course companies get hacked, but this example is totally not real world, as a front line IT tech, we generally know everyone we work with and get a feeling for when something is wrong, of course things happen, but this particular example is non-sense. WELL it's American, what else do you expect... You guy's better wake up on your own government messing with you they are the real hackers... PEACE

    • @nightviper7354
      @nightviper7354 5 років тому

      well, not all companies have AVs
      some are just too stupid
      and maybe we could use something like powersploit, to avpid AV?
      and as security developes, so does exploits
      just make an invisible 0-day exploit, and u're good to go
      no AV alarms

    • @stillmillionair
      @stillmillionair 2 роки тому

      Mate, im a bit late here but i know companies today who's ''databases'' are still run on fucking excel spreadsheets. Don't come all high and proud about your startup having good security practices. This is miles more common than you think.

    • @L_Lawliet1907
      @L_Lawliet1907 2 роки тому

      @@stillmillionair A bit late? Its been 4 years my guy

  • @sayyamjain1607
    @sayyamjain1607 7 років тому +154

    A known hacker is a failed hacker.

    • @ElynourRummyng
      @ElynourRummyng 7 років тому +2

      Sayyam Jain how?

    • @syndicate286
      @syndicate286 6 років тому +26

      Sayyam Jain not necessarily... it really depends on if your a white hat or black hat hacker

    • @lehends5683
      @lehends5683 6 років тому +15

      You probably don't know what hacking is, there is 3 types of hackers, black hat hackers which as you said if they are know they are a failure, there is the grey hat they are neutral they hack but they do not steal any money they just do it for fun then there is the white hat like this guy, he helps companies to protect against black hat hackers

    • @nightviper7354
      @nightviper7354 5 років тому +1

      not necessarely
      if I'm gonna be a black hat hacker, (there's 20% chance that I'll be one) and I'm known as for example: *3xploit* (my alias), that doesn't mean that I've failed
      as long as I am free and anonymous (my real identity isn't known), I'm successful hacker

    • @captainunderpants2816
      @captainunderpants2816 5 років тому +4

      your on the FBI hit-list

  • @raccgti73
    @raccgti73 8 років тому +541

    all he did was RAT the dude xD

    • @CodeCommand
      @CodeCommand 8 років тому +5

      lmao

    • @piziskewl
      @piziskewl 8 років тому +93

      and got paid.

    • @therealorberon
      @therealorberon 8 років тому +47

      with a link to a website? I didn't know you can do that so easily. unless the IT guy clicked on a prompt triggering some js code.

    • @raccgti73
      @raccgti73 7 років тому +7

      I do cyber security for the USAF lol

    • @GiQQ
      @GiQQ 7 років тому

      Pikachu Fizz So true

  • @chrisalister2297
    @chrisalister2297 3 роки тому

    @0:41 Problem number one....the company (IT Department) does not authenticate the employee. Some verbal passcode, plus a MFA(text code to cell# on file). Do that and you plug that hole fast. You've shut it down instantly and you also become aware of this hole that is occurring.

  • @ajc-ff5cm
    @ajc-ff5cm 2 роки тому

    The most vulnerable part of any network is the people.

  • @Sana_a04
    @Sana_a04 5 років тому +91

    I find it funny how a guy called David Kennedy ends up on the line with a guy called "Ken"

  • @Stotic_Reader
    @Stotic_Reader 7 років тому +5

    His mom sounds like she was a super hero.
    Great moral values.

  • @my_dixie_rect8865
    @my_dixie_rect8865 6 років тому +27

    I'd love to know how clicking a 'here' hyperlink gives somebody full access to another persons computer. This is over simplifying it to the extreme.

    • @peejpeejpeej
      @peejpeejpeej 6 років тому +9

      i know right. complete bs. missing 1/2 the story

    • @Manman-wl1gj
      @Manman-wl1gj 4 роки тому +1

      @cat and lasagna the guy made a rat and that is what was installed on the victims computer the victim never executed the file so how does that work??? It doesn’t so yeah

    • @SchoolforHackers
      @SchoolforHackers 4 роки тому +2

      Actually it’s simple. The Browser Exploit Framework (BeEF) does exactly this, as well as other tools in Kali Linux.

  • @bnoksheikonyak6703
    @bnoksheikonyak6703 3 роки тому

    Lea.... The world is talking about hacking.... Here I don't even know how to on and off the computer 😂😂

  • @iriswealth2658
    @iriswealth2658 3 роки тому +6

    I've always told the men I've had relationships with, the moment you are unfaithful is the moment you end our relationship. If I've ever felt so disconnected from my partner that I have felt myself drawn even into a hypothetical affair in my mind, I end the relationship. I've been in many abusive relationships (that I ultimately ended) but never once have I been unfaithful. Why? Because no failing relationship is worth sacrificing my morals and integrity for. No matter how it unfolds with a partner, there should be a base level of respect and empathy towards them as a human being. A failed relationship will not pollute your mind and foster insecurities anywhere near as much as being on the receiving end of adultery. I dind't know what was happening all along for years that she's been cheating until I met explore.hacker thanks guys..

    • @ForrestDix
      @ForrestDix 3 роки тому

      I heard an interesting thought experiment recently. If we were to live thousands of years, most of us would eventually become polyamorous. Because, you're bound to eventually meet/know more than one person who you love. And, it's essentially impossible for one person to meet all of your needs indefinitely. I think consensual non-monogamy is underrated.

  • @danb7001
    @danb7001 8 років тому +32

    I just watched 3 minutes of explaining the word pentest. It's not that interesting.

    • @xSiiefHDx
      @xSiiefHDx 6 років тому

      damn phrazzal tropix here

  • @thehimboman
    @thehimboman 7 років тому +8

    This dude has a strong Dax Shepard voice and I love it

  • @stponyt
    @stponyt 7 років тому +12

    Watch this hacker break into my heart

  • @Yetipfote
    @Yetipfote 4 роки тому +24

    not gonna lie. The interviewer got a little bit wet when he told her he successfully hacked the entire company.

  • @davesantos9473
    @davesantos9473 3 роки тому

    A hacker doesn't want to be known ever until death

  • @MentalMonkey2525
    @MentalMonkey2525 7 років тому +5

    I really like the Josh Corman guy. All that Spider-Man stuff. He seems genuinely nice

  • @I7itI3ullT
    @I7itI3ullT 7 років тому +25

    Hasnt Devid Kennedy written the SEToolkit?

  • @MrStephane9
    @MrStephane9 8 років тому +23

    lol i went on the link and it opened 3 "node.js" files runing silently on my pc xD

  • @luiytheninja3655
    @luiytheninja3655 Місяць тому +1

    The IT guy is yiiiiikes.

  • @WhiteEvo6
    @WhiteEvo6 Рік тому

    Good example of the struggle IT staff have. He’s running as an admin on his machine without functional AV as a non admin would have less chance of running code and AV should have picked it up or apps aren’t being patched daily, weekly, monthly as management refuse to allow IT teams to do their jobs so the remote code is using a known exploit. ,
    NO staff in a business including admins should be logged in as admins, everyone should be non admins (zero excuses for this) and admins should elevate any tasks they need to admin. If your IT department and staff aren’t working like this as a basic config, assume you’ve already been hacked or will be

  • @jordanlemon5115
    @jordanlemon5115 8 років тому +78

    This dude is talking about growing up but he still got a life size statue of spiderman

    • @donibeh
      @donibeh 8 років тому +23

      ain't nothing wrong with that.

    • @mud2479
      @mud2479 8 років тому +14

      hey, he bought that statue, that`s what adults do, buy shit with your own money.

    • @isaiahdaniels5643
      @isaiahdaniels5643 7 років тому +3

      Yeah, and you have a picture of Aleks as your profile pic. You also have a username Gravity Sandwich. Also, you failed to punctuate your sentence. Did you fail the fifth grade?
      Ever read spiderman? It's not aimed towards children.

    • @ClockworkRBLX
      @ClockworkRBLX 6 років тому +2

      too many manchildren here, defending the grown adult with spiderman merch

    • @agu9302
      @agu9302 6 років тому

      @@ClockworkRBLX Who cares about Spider-Man merch lol

  • @clutch_cadyy8628
    @clutch_cadyy8628 7 років тому +6

    "Just by clicking that link hes given David full access to his computer"

  • @XxBillyGoatNinjaxX
    @XxBillyGoatNinjaxX 7 років тому +15

    "Some creepy dude in a basement?"
    *Shows a guy with a fedora. Lel

  • @Serjo777
    @Serjo777 4 місяці тому

    Just by visiting a site, without doing _anything_ else, he was able to access his PC? How is that supposed to work?

    • @Redwan777
      @Redwan777 3 місяці тому

      It's more smoke than fire. He probably did run a malicious script and gained some control of his browser but no way did he take control of the computer in 2 minutes. Trusting he actually knows thing or two, it's probably the first step to getting full access of the computer and not the last

  • @kirstinetermansen
    @kirstinetermansen Рік тому

    Were you in Denmark , Germany
    Johan

  • @maxim87
    @maxim87 5 років тому +22

    0:24 "can I jus just get your credit card number" ffs lmao

  • @asmcriminaL
    @asmcriminaL 8 років тому +9

    ha we have been using these techniques since AOL. This is not "Hacking" this is "social engineering" most social engineers suck with real hacking skills, and real hackers suck at social engineering.

    • @Ausar0
      @Ausar0 8 років тому +2

      asmcriminaL
      Social engineering is not separate from hacking.
      It's a different branch, sure, but social engineering is still technically hacking.

  • @fluueW
    @fluueW 6 років тому +4

    "what do you think when i say the word hacker? some creepy dude in a basement?" wtf no xD

  • @Edenthedjguy-wedding-djs
    @Edenthedjguy-wedding-djs 4 роки тому

    Why is a senior technology correspondent surprised by this?

  • @jakemartinez6894
    @jakemartinez6894 4 роки тому +10

    That Spider-Man guy was high on himself

  • @Speedster404
    @Speedster404 7 років тому +61

    A true captain America!

  • @Mrwiseguy101690
    @Mrwiseguy101690 8 років тому +21

    No command prompt? This guy's a noob

    • @Texnoable
      @Texnoable 6 років тому

      1. It's called jokes

    • @itsMarcell
      @itsMarcell 4 роки тому

      No Inspect Element too? what a noob jk dont take this seriously

  • @AntAnt
    @AntAnt 8 років тому +5

    did anyone go to the website he said

  • @HoldFastFilms
    @HoldFastFilms 2 роки тому

    My manager wanted me to provide some sensitive information, like server passwords, screenshots of various thing. I refused because it smelled like a pentest. She didn’t know but found out it was. Silly people.

  • @redditman9267
    @redditman9267 4 роки тому +13

    They literally showed him using metasploit, he was in a meterpreter command promt

    • @SakshamGaming
      @SakshamGaming 4 роки тому

      was he in kali linux?

    • @redditman9267
      @redditman9267 4 роки тому

      Saksham Gaming we can’t tell but at the beginning it showed a meterpreter prompt so it could be anything, windows Mac kali etc

  • @MemoriesDestroyUs
    @MemoriesDestroyUs 8 років тому +204

    remote desktop isnt hacking lol

    • @MemoriesDestroyUs
      @MemoriesDestroyUs 8 років тому +11

      lolman8776 click bait title

    • @qualitytunes7369
      @qualitytunes7369 8 років тому +29

      ur a fucking idiot, hes a social engineer do you even understand what hacking even is

    • @Ausar0
      @Ausar0 8 років тому +14

      MemoriesDestroyUs
      Fucking hell there are way too many elitists when it comes to hacking.
      Bro, "hacking" is LITERALLY just gaining unauthorized access to something. It does not matter how you do it. Even watching somebody type in their password is technically hacking.

    • @superchargemario
      @superchargemario 8 років тому +5

      well techniqally it is, hacking is a term meaning you gain access to somthing you shouldn't be able to and that what the hacker did and What he did was trick a person to go to a malicious website he created it a bit like spear phishing. Probably used abit of java script to make the victim to download a file that let the hacker to gain access.

    • @persiangulfcat
      @persiangulfcat 8 років тому +4

      Remote desktop IS hacking if the person was not willing to provide you with a login in the first place.

  • @otto.x5328
    @otto.x5328 8 років тому +59

    00:34 Lmfao this "hacker" doesn't even know how to escalate privileges when "getsystem" doesn't work. You can see he just gives up and spawns a shell anyways with shit privileges. And LOL he fuckin' misspelled "getsystem" twice! xD

    • @outviteslb8143
      @outviteslb8143 8 років тому +28

      BAHAHAHAHAHAHAHAHA DUDE im like that when chicks around i wanna fucking stick my usb in her 3.0

    • @stevenw2933
      @stevenw2933 8 років тому +20

      thats actually unlikely to be the same person. years ago i was interviewed by global news in canada and when the crew came to my house a lot of the stuff was edited and sometimes if things were not shot the way they want they will just have a pair of hands and make it look like its you to the casual viewer. They tell you that they are doing this upfront.

    • @fire_breathing_turtle
      @fire_breathing_turtle 7 років тому +4

      It's the guy with the vape shirt. You can see his sleeve tattoo.

  • @hamzashar2750
    @hamzashar2750 5 років тому +40

    imagine the guy he called watching this video 😂😂😂🤘

  • @SakshamGaming
    @SakshamGaming 4 роки тому

    0:34 is he using kali linux and meterpreter to hack into?

  • @Servergmr
    @Servergmr 7 місяців тому +1

    Apparently the stereotypical hackers use MacBooks with Kali Linux, that is so based. It's a literal Hackintosh, that is the opposite of the definition of Hackintosh, ironically enough.

  • @HiBruv
    @HiBruv 8 років тому +4

    Hey guys what's up its Scarce here and today we got a lot of news now this ones from David Kennedy you all know who David Kennedy is, a huge channel with 6 subs well he actually managed to hack into a company thats right this guy actually hacked into a company through IT support. That's all guys thanks for watching peace.

  • @Ace-qx3mu
    @Ace-qx3mu 8 років тому +5

    Social engineering is something I practice on a daily basis. It is easy, if you know what your doing. You have to have the right mindset. Just because you know how to do it, doesn't mean you can do it effectively.

  • @jacobmyszka8869
    @jacobmyszka8869 8 років тому +58

    Ha "I'm not good at computers." 😂😂😂

    • @bodybagz677
      @bodybagz677 7 років тому +3

      Cool Videos its a fact doe all he did was make him install a keylogger

  • @willthomas5953
    @willthomas5953 2 роки тому

    My moms ex bf does the exact same thing these guys do. He protects major businesses from attacks/cyber security. And it was scary when I heard the stuff he was able to hack and do if he wanted to and do it easy. Ppl have no clue

  • @388note2
    @388note2 4 роки тому

    2:17 "We've got to grow up a bit" meanwhile behind him is a full-size spiderman toy

    • @dawnmarsh8579
      @dawnmarsh8579 4 роки тому

      388 Note he might have a child that likes spiderman

  • @daanboleij7289
    @daanboleij7289 8 років тому +57

    am i the only one who thought is was the company instead of a company as in prison break

    • @RealityClubX
      @RealityClubX 8 років тому +5

      Daan Boleij How do you even remember that rofl

    • @mullenrocks23
      @mullenrocks23 8 років тому +5

      lol thats funny you remember that. Prison break is coming back!

    • @daanboleij7289
      @daanboleij7289 8 років тому +2

      SP_23 haha ikr i also dunno how i just thought about that xD

  • @maxfitzy1371
    @maxfitzy1371 7 років тому +4

    Now +900k know how to hack into the pentagon

  • @DystopicEdits
    @DystopicEdits 7 років тому +40

    0:43 "How my I help you" lmao

  • @easiersaidthandone836
    @easiersaidthandone836 3 роки тому

    What program did he use to create the link to gain access to the guys computer?

  • @asharullah353
    @asharullah353 3 роки тому

    So what was the IT guy supposed to do?

  • @TheOne-fu1nh
    @TheOne-fu1nh 5 років тому +6

    Well, i need a hacker to give me back my 2 minutes and 55 seconds

  • @terrencetunnock9046
    @terrencetunnock9046 7 років тому +10

    "We have to grow up a bit" with spider man pillow and cut out behind him lol

  • @holden_tld
    @holden_tld 7 років тому +11

    who is this 4chan guy?

    • @3-bits286
      @3-bits286 5 років тому

      LMAO. Love that clip

  • @zeusdigger2775
    @zeusdigger2775 4 роки тому +6

    PLEASE READ { Hire A Private Investigator}
    Establishing your company’s best defense is much like dealing with natural disasters, the best defense against cybercriminals is being proactive. You won’t know when or how a disaster may hit, but you can minimize the damage and recover quickly if it does.
    Attackers have grown creative over the years by requiring payments that are nearly impossible to trace, which helps cybercriminals remain anonymous. Prevention for DDOS attacks and ransomware attacks typically involves setting up and testing backups as well as applying ransomware protection in security tools. Security tools such as email protection gateways are the first line of defence, while endpoints are a secondary defence. Intrusion Detection Systems (IDSs) are sometimes used to detect ransomware command-and-control to alert against a ransomware system calling out to a control server.This type of services requires an expertise and that's where we come in.
    Alright listen up if you have experienced any of these.. Over the years, attackers have grown creative over the years by requiring payments that are nearly impossible to trace, which helps cybercriminals remain anonymous.Webghost33 on teleegram , is a cyberspace expert and professional cyberspace expert. They can help if you're ever exposed to internet scams and cybersecurity breach such as Business Email Compromise too.They can can help get it restored and track down the person who did it in many cases. Do you want to install spyware on a cellphone, smartphone or computer? Do you know if you have spyware on your computer or mobile devices? Reputation Management? Control your online reputation but removing false information and getting your positive message out. Cyber Stalkers? Don’t be harassed or stalked online. Find the person responsible and put an end to it all. Cheating Spouse? Find out for sure what your spouse is up to with our Digital Investigation services. Perhaps my hacking professionalism has helped in various aspects like; Removing links and posts, eradicate being Cyber Bullied or Cyber Stalked, Locate Missing People, Computer Security Training, Background Checks, Cyber Extortion, Relationships, Nationwide Employment Background Check, Tracking, Online Dating Scams, Cyber Frauds, cyber-espionage, criminal gangs or the pursuit of data. We aim to make all kind online protections for our valuable clients. Reach out on w'app 1 414 909 3913

    • @miragemerchant3795
      @miragemerchant3795 4 роки тому

      thanks for the info. I've also heard of Webghost

    • @mattjakob8838
      @mattjakob8838 4 роки тому +1

      That's true. I was a victim of scam and someone gave me webghost's contact, i was able to recover my funds from a scammer in South Africa.
      great and professional hacker. There are scammers and there are hackers. Great hacker will help you recover your funds and hack scammers . webghost33 would help you clear any virus detection and security threat. very good and i have confirmed it

  •  3 роки тому +3

    1:49 "to show you this demo, WE'VE AGREED to not use the company's name" this is how you know that neither the journalist nor the company are based within the EU, where GDPR is in place.

    • @sao5060
      @sao5060 2 роки тому

      Good for you?

    • @sao5060
      @sao5060 2 роки тому

      Might not even mean that- I doubt it does. It’s just text.

  • @MarkelFacts
    @MarkelFacts 6 років тому +8

    and people think i’m a hacker when i open inspect element

  • @radoadam4774
    @radoadam4774 2 роки тому +10

    The government and government officials are the biggest hackers. That is why we need such people (hackers) to be able to defend ourselves against those who are trying to control us. Beautiful video. I wish a lot of success in my career.

  • @uniqueuser6707
    @uniqueuser6707 8 років тому +5

    Dark is the absence of light. Cold is the absence of heat... Was going to comment that this came from Albert Einstein, but that was a fictional story... Where did this quote come from? lol

  • @sk4434
    @sk4434 4 роки тому +1

    Did anyone try out the link in the beginning?

  • @morrisjepekeijr1
    @morrisjepekeijr1 Рік тому +1

    Damm.. thats some good social skills.... if you came here from the havard course , hit the like button.

  • @stan2880
    @stan2880 7 років тому +7

    "That was easy" lmao

  • @pastasam4069
    @pastasam4069 6 років тому +5

    0:35 look at his console as it comes into focus "get system": Unknown Command. "getsystem": Operation Failed lmao

    • @fury3600
      @fury3600 4 роки тому

      brute forcing commands manually is the way to go

  • @095andrija
    @095andrija 8 років тому +8

    OMG I"m not amazed that you tell this to your audience, I'm amazed that they buy this crap :D

  • @lgsh18
    @lgsh18 3 роки тому

    can anyone explain how to take control of a computer from clicking a malicious website?

    • @rohithninan8785
      @rohithninan8785 3 роки тому

      Exactly. They probably didnt show some intermediary steps. Maybe ran an exe file or something. But asking tech support to download and run a file isnt very conincing. Pretty sus…

  • @gaiseric9518
    @gaiseric9518 2 роки тому +1

    This happens to roblox all the time and the company does nothing about it.