I didn't see the challenge... But I feel like there's no way a channel of your size that has made multiple videos on hacking and viruses wouldn't have multiple people that know how to perform a basic NMAP scan and brute forcing SSH. Seems weird
Thought the same. Additionally, the laptop was open to the internet. If viewers weren't gonna scan the machine, some malicious attackers would. There's simply no shot the device was not compromised, especially by a bot which scans the entire internet. I would highly recommend you put the next laptop behind a VPN and only let actual viewers have a go at the machine, not some random botnet or something.
I put in a lot of work, but its not just basic nmap scan because ports are in ignored states (basically you dont know if it's open or closed port its ignoring connection and it takes much more knowledge to get passed that then simple nmap scan)@@kexerino
i think it’s hilarious that i’ve been watching this channel since highschool and im now in my second year of college completing my computer information systems major in cyber security. And seeing him learn how to “penetrate test” on the fly makes me feel like i was always meant to watch this channel.
I was thinking the exact same thing. I have been watching this channel forever and just this year got into college for Cyber Security and just last week learned about brute force attacks and nmap. Crazy how these things happen
@@yewchicken2298 Jesus is king✝️Turn to Christ and repent for Jesus is the only true God and only true way to heaven God loves you he loves all of us he loves everyone
Then for the whole location concern he could've just had a VPN that was running on the host machine (assuming its virtualized) and connect it to the guest machine.
@@TheNodeChannel if he gives out a VPN IP address hackers wouldn't touch it and wouldn't be able to do anything to it. Basic hackers will see if the IP is a VPN or not.
Dude that car stealing story is actually so relatable. I'm going through the same thing right now. Esspecially since they don't take anything REALLY valuable, it's actually cute af how polite they are. idk maybe I'm weird, but I find it funny when I see the glove compartment slightly disorganized, but orderly. Like I know they pulled shit out, but they put it back, and tried to put it back the same way it was! lmao
Plot twist: the guy that disconnected the cams actually put a backdoor on the cams, so the next time you plug them in the hacker is in your home network and hacks your home PC
@@randomuserame A computer's MAC address is kinda like a serial number, so the MAC won't do anything. As for on-board memory. It has to store it's software somewhere, right? Additionally, many cameras, and even IP cameras end up having some serious weak points in terms of security. Soo, yeah. It's still not likely, but it's definitely not something that's an impossibility
that was my thought too. beeing able to do that comes probably along with some other skills like patching the computer or devices firmware or to set up a boot override of the pc or changing the platform key etc....
That 90 second hacking tutorial was probably the best hacking tutorial i have ever seen. Straight to the point, no bs, and was super quick and informative at the same time!!!!!
I do understand sarcasm unlike these other guys but! PRO tip: (from someone who knows literally nothing about this stuff) if you actually really want to watch and follow along videos like this but your scared of the viruses and malware and you have windows 10/11 pro/exp its as easy as enabling "windows sandbox" and running that. this creates a virtual machine no third party needed, you can go to all the sketch sites you want and download all the scary viruses and then when you've inevitably fucked up just close and reopen the VM, to be safe I recommend creating a restore point for your machine first, you shouldn't need it but its peace of mind. Obviously don't try to do anything malicious, the IP of the VM is still easily traced back to you and any network related things affect your entire network so I, as someone who doesn't know anything, would recommend not messing with that.
any decent hacker would automatically assume the challenge was just a honeypot and steer far away from it, that's probably why it didn't see much action
@@K-Anator its not about getting in trouble, its about someone logging every command/ thing you do. honeypots are usually used to see what attacks/ 0 days hackers might be using. Why risk someone knowing your avenue of attack
@@aRockOrSomething2 This setup wouldn't have required the use of any 0days, it should have been penetrable using known methods. Besides, this was technically done as a whitehat operation, the kind where you make 0days public knowledge and get them patched.
I think the main deterrent for many people who might've participated otherwise is that we can't know for sure that you're the actual owner of that IP address. It could very well have been someone else's IP and there's no way we could've known. It's also possible that you could've misconfigured your system, and ended up giving us a dynamic IP. If that's the case, then we might not even be hacking the right device, even if you did own the device that had that IP at the moment. A domain name eliminates a lot of this uncertainty, so I suggest you use one for future experiments like this. It's always great to see creators engage with their community like this, so hopefully you'll do this again in the near future 😁
I encourage you to look up IP class ranges public and private, there's no way that IP could've been a dynamic IP since DHCP gives out dynamic IP's which is for private networks. The IP he provided falls into the class A public IP range meaning it was a public IP, it wasn't a private dynamic IP just not possible.
I literally love that people could have done this via a Kali linux vm, and any basic beginners pentest guide involving Kali linux. It is possible to hack someone via their public facing IP address only, but like the majority of the comments have pointed out, unless you actually create those vulnerabilities, it's not that easy or simple to access a device on the private network connected to the public IP. If it was that simple, there would be no need for for hackers to create viruses which create vulnerabilities in devices, so I believe this video was made to prove that the majority of your community was all mouth and no action, which you seem to have proved, but as mentioned the claim that you can hack "anyone" with nothing but their IP, complete BS.
Except that it isn't bs. It's obviously hard to do, especially if it's a secure system, but claiming "It's not possible" like those comments did is entirely wrong from the get go - and you can be certain that most people who claimed it's not possible didn't even know it's possible while running their system on admin the whole time and having every other port forwarded for that matter. Which on its own isn't the issue, the claims that an IP wouldn't be enough however is an issue. A huge one at that. Granted its also bs to be scared about IP leaks for obvious reasons like no one needs to leak your IP, but yeah.
Your internal network is NAT'd out to the internet through your ISP - hence your public facing IP address. By default ports are not opened to the internet. Hence all the cyber security peeps telling you that getting hacked with just a public IP is not a realistic reflection of the average person's home network.
that’s the point of the video, it was purposefully made much easier than your average pc would be and yet all the people who apparently knew so much still failed
@@loaf5025 I'm of the opinion no one bothered trying because next to no one sets up 5+ port forwards to a personal laptop in their home network. The typical home user public IP NMAP scan results are a glorious closed/filtered fest. The video felt presented like a criticism of viewers to prove them wrong somehow. What do I know though.
im no security expert but even if you open ports and arent cg-natted the chances of someone actually going after you are extremely little. if you enable shh never ever use passwords, block remote passwrod login nstead use an ssh key stored on an USB drive. if you want a website, only open port 443 and point it to a loadbalancer, than point that loadbalancer to reverse proxy, so other ports can be configured to be accessed without opening more ports. set that load balancer as a VLAN so its that some sort of isolation from your main network and you should be fine.
Same, had no idea till today. Would've been pretty simple to get in, but idk how he had the site hidden so it could've been a pretty difficult challenge to find it.
For anyone interested, its generally safe (not advisable) to leave a desktop IP in the open. Windows has pretty low target surface unless you are running services inside that make it vulnerable. out of the box windows has very very little ports that accept information, and one generally must be used to get inside. with just an ip address there is mostly one way to attack a machine and that's through ports, which have to be open to allow attack. running a server or even some games on your pc can open those ports leaving you vulnerable however windows out of the box is quite secure. unless you do what was done here and intentionally create attack vectors.
Perfect description. And especially the games part gave me PTSD from all the people that has a ton of games running on their PC with a ton of ports open but then being extremely worrysome about a kernel level anti-cheat because of their important data...
I was sitting here going, "How did nobody even try throwing metasploit at it for over 10 days." You have cured the imposter syndrome I've felt as an IT "Professional."
how'd you use metasploit for this? most of the time, 22 is always ssh, and you can verify with the handshake. you can then bruteforce with hydra or anything else i might just be stupid, idrk. i don't really do pentesting, mostly just c/c++/asm maldev and reverse engineering
because it's fake. has to be. there's no possible way 10 days go by and nobody tried hacking it. if it was real the laptop would've been hacking within 5 minutes tops.
@@sosleepy512 Yeah, right. Or people commenting on youtube just claim a lot but don't even really know how to do basic tests if allowed to try a system.
Seeing odoo sponsor a bunch of youtubers I follow is hilarious because I once signed up for a trial, forgot about it and then got a REALLY passive aggressive email from one of their sales guys.
The fart jar will contain a fart for 10+ years. I sealed mine like 15 years ago and opened it in 2020 and it smelled exactly like someone had just ripped it 2 seconds ago
The fact that you put that laptop online through a cellular hotspot instead of some sort of terrestrial ISP (cable, fiber, etc.) increased difficulty of this challenge exponentially. The majority of cell providers use CGNAT, which means the public IP address you provided was not actually yours, but rather belonged to either a firewall or router that is sitting in a data center somewhere. The WAN IP address shown on your phone/hotspot is, 99% of the time, actually a Class-C address that is NAT'd through a public IP belonging to the cell provider. Essentially, everyone who tried hacking you was actually trying to hack AT&T/T-Mobile/etc.
SSH brute-forcing is not something I'd do personally, most setups have a rate limit and/or will trigger a canary and/or block your IP. So unless you have done recon and have a list of possible users and passwords to spray, It's a very skid-ish method
Honestly super surprised no one was able to do this. I feel like some "easy" boxes on Hack The Box are more difficult then this challenge haha Great video as always
The jesus talk at the wnd was fantastic. You should do a little segment at the end of every video where you give out a little bit of wisdom/dad advice type of thing. Kind of like Garand thumb does at the end of his videos, but from you instead.
Oh man, I wish I had stumbled upon this competition when it was happening. I would have been all over this! When's the next competition, Basically Homeless?
I haven’t watch homeless in a minute, but upon coming back, I love how he dedicates even just a few seconds for god. It’s not something you see often on UA-cam. Kudos to you.
It's not just about ports being open. A vulnerable service has to be running on that port. Those ports are just the typical ports those services run on. Like how http runs on 80 and https runs on 8080. But you can open port 80 on your computer without setting up an http server on it.
@@nordgaren2358you mean like ssh or telnet? And actually if you have port 80 open on the inbound on your firewall then that's a security issue but having port 80 on the outbound is a different story.
@@nordgaren2358 EXACTlY., This is what everyone missunderstands. All they care about are "open ports" but in reality there has to actually be something listening on that port that has a vulnerability that can be exploited
i know you mentioned this in the video, but i feel like it bears repeating. this is pretty unrealistic as almost no device you use will be this insecure and vulnerable unless you make it that way. most people have their ports closed (not to mention theyre generally closed by default). not only that, most people dont have their usernames and passwords THAT easy nowadays. i mean, the easiest passwords you might find is a pet name + birthday combo (more common than you think). that said, this video is very entertaining and im looking forward to seeing an update to it. maybe it can even get turned into a sort of mythbusting series lol
also people who do open ports first disable password login on ssh. its nearly impossible to bruteforce an ssh key, if you could bf that, SSL would become pointless, as both ssl and ssh keys use similar algorithms. if someone's on your prem, you have bigger problems than your ssh key being stolen. second, ideally, you'd only open ONE other port, and load balance and/or reverse proxy that for any other needed port there are service spoofing tools so you can say your port 22 is telnet for an example, and your actual ssh port is 1234 (example) u can also disable icmp response, so if someone tries to ping itll ping out and it'll seem as if you're offlne. openng ports isn't scary either
this is the best incorporation for a sponsor ive ever seen before in a vid, so much better than someone just cutting to it and talking about it for 2 minutes.
@@Slipstreamm_ 10 months late. But I'd not even call that hacking. Bruteforce is what we resort to by default if we cant figure a combination out and have unlimited tries, so it's just natural to do it as well on systems where you can just try to get the password/user combo as well.
You had me in the first half, not gonna lie. I don't believe in Santa, God, the Tooth Fairy, or other children's stories. That shit is so unbelievably out of place in a video like this. Makes you seem crazy.
To answer your question one of the common compounds in a fart that makes it smell is hydrogen sulfide, hydrogen sulfide does not according to my knowledge decompose meaning that at least part of the smell could be contained indefinitely depending on the container.
Your IP is like an information highway. Everything you do online is sent through it. If someone has a giant, really strong net, and catches an armored truck going by on said highway, guess what was in that truck? The couple thousand dollars you sent to your bank account, including all the keys and information needed to get in.
12:29 It's true. I've seen hackers run programs on other computers that take under 20% to mine crypto on the background. You'd never know unless you were a gamer and noticed your game was running shittier than usual (even then, you'd probably gaslight yourself into thinking the devs just suck at optimizing). Stay safe, use a VPN, and consider re-installing windows every few years if you suspect anything.
brother i once fully believed i could breathe through my butt. Thing is, I was so stubborn, I might have actually been breathing through my butt. I ask you this- if i can breathe through my butt, can I not install a virus on a phone?
Depends on the definition of breathing. It means to take in air into your lungs and exhale it out. The butt does let out gas but very rarely does anything come in. So although I have never heard of breathing through your backside, I’m sure either you can sit on top of a fan and try and let it in or you can inject air inside of you. Or you can be smart and have some sort of surgery in which you can intake air from there. It can be done if you actually are committed to it but if you already have been, then that means yes, a phone can get a virus. When will the video be made?
That guy that stole your money was nice fella for locking your car. He wanted to make sure no one else stole anything from you.. so caring.. honestly if he was re organizing your car for you and locking it.. he deserved the 3 dollars.. he was doing you a service 😂
The internal network is NAT'd (Network Address Translated) to the internet via the ISP, resulting in a public-facing IP address. By default, internet-facing ports remain closed, a standard security measure. This is why cybersecurity experts emphasize that the risk of being hacked with just a public IP is not a practical scenario for the average person's home network
The IP address itself isn't dangerous - it just allows you to identify one of the countless computers out there on the internet as yours. But if your firewall is set up correctly and you have no (possibly vulnerbale) web services running (such as SSH, FTP, Apache2 or Nginx, etc.) it's not more dangerous than when a hacker crawling the internet for reachable IP addresses is stumbling across yours.
This is such an awesome video. Thank you for making this. Its pretty insightful and sheds some light on what some folks are really scared to. Keep on with the awesome content :)
Bro! Not only did I love the video but it was so cool to put yourself out there and share your faith. I’m a Christian and It’s so cool to see someone with your platform spreading the good news. Keep it up man!
TLDR: he cares about your soul A lot of creators wouldn't dare mention their faith or stance on religion. He's putting himself out there and inviting you to learn a bit more. If it's what you believe, you would worry about your followers not believing especially when you can do something about it. His risk of losing subs due to his stance says that your soul is more important the a subscriber.
yeah right, everybody knows you can only hack the chinese govertnement if you have the scepter of russian justice which can only be found in my fart jar that has never been seen by human eyes DUH
FINALLY, I WAS HACKED - winner announced at the end of this video ua-cam.com/video/OaXvEqEPhPM/v-deo.html
11 months... 😭
this is 11 months ago (the vid)
Holy shit
lol
PEOPLE COULD EASYLY USED ARMITAGE
F for that chad who has severe chronic diarrhea
F
nice pfp dude
f
F
Eph
I didn't see the challenge... But I feel like there's no way a channel of your size that has made multiple videos on hacking and viruses wouldn't have multiple people that know how to perform a basic NMAP scan and brute forcing SSH. Seems weird
Thought the same. Additionally, the laptop was open to the internet. If viewers weren't gonna scan the machine, some malicious attackers would. There's simply no shot the device was not compromised, especially by a bot which scans the entire internet. I would highly recommend you put the next laptop behind a VPN and only let actual viewers have a go at the machine, not some random botnet or something.
Those htb guys would just laugh 😂.
@@chrome1157true
@@chrome1157 Yeah, even if nobody from the channel solved it, it should've been detected by automated scanners.
I put in a lot of work, but its not just basic nmap scan because ports are in ignored states (basically you dont know if it's open or closed port its ignoring connection and it takes much more knowledge to get passed that then simple nmap scan)@@kexerino
i think it’s hilarious that i’ve been watching this channel since highschool and im now in my second year of college completing my computer information systems major in cyber security. And seeing him learn how to “penetrate test” on the fly makes me feel like i was always meant to watch this channel.
"wen i started watching this channel 2 years ago idda never thought id like it so much!" durrhurr
Man if youtube notified you of the other dude in the replies fuck that guy i appreciate your story
Skiddy...
@@ryshellso526 bro called someone actively studying cybersecurity a skid. the internet never fails to amaze
I was thinking the exact same thing. I have been watching this channel forever and just this year got into college for Cyber Security and just last week learned about brute force attacks and nmap. Crazy how these things happen
watching this channel slowly spiral in to madness is one of the most intriguing long term storylines
Homeless either has infinite money that he's just okay giving away or has absolutely no money available to steal. What is he doing???
that's damn right
went from siege to this, i like it
@@yewchicken2298 Jesus is king✝️Turn to Christ and repent for Jesus is the only true God and only true way to heaven God loves you he loves all of us he loves everyone
he was mad since the beggining
my guys an engineer, hacker, programmer, gamer, editor, and now a rapper. holy shit
True every man
Did you just forgot "youtuber"???😂😂😂
And bible thumper.
arguably, the rapper part is the simplest
Use a honeypot for the next one, if you want to properly monitor what's going on within the machine.
Ahh the Classic "HoneyPot" a Pc honeypot is like a Firewall but made of ICE!
@@ps2killer1 made out of internal combustion engine
he is kind of a script kiddie that may be beyond his knowledge lol
Then for the whole location concern he could've just had a VPN that was running on the host machine (assuming its virtualized) and connect it to the guest machine.
@@TheNodeChannel if he gives out a VPN IP address hackers wouldn't touch it and wouldn't be able to do anything to it. Basic hackers will see if the IP is a VPN or not.
Dude that car stealing story is actually so relatable. I'm going through the same thing right now. Esspecially since they don't take anything REALLY valuable, it's actually cute af how polite they are. idk maybe I'm weird, but I find it funny when I see the glove compartment slightly disorganized, but orderly. Like I know they pulled shit out, but they put it back, and tried to put it back the same way it was! lmao
bruh i would be absolutely terrified if that happened to me
Just to be sure, check if you got MPD
bro please lock your car
leave a little note for the person breaking in saying hi
@@goober_985 "hi, i know you've been entering my car for a while... wanna be friends? :)" LMAAOOO
Plot twist: the guy that disconnected the cams actually put a backdoor on the cams, so the next time you plug them in the hacker is in your home network and hacks your home PC
Imagine
not a hacker but wouldnt that only work if it had on-board memory or was an IP or had its own MAC?
@@randomuserame they are required by law to have their own mac 😘
@@randomuserame A computer's MAC address is kinda like a serial number, so the MAC won't do anything. As for on-board memory. It has to store it's software somewhere, right? Additionally, many cameras, and even IP cameras end up having some serious weak points in terms of security. Soo, yeah. It's still not likely, but it's definitely not something that's an impossibility
that was my thought too. beeing able to do that comes probably along with some other skills like patching the computer or devices firmware or to set up a boot override of the pc or changing the platform key etc....
That 90 second hacking tutorial was probably the best hacking tutorial i have ever seen. Straight to the point, no bs, and was super quick and informative at the same time!!!!!
If your network had exposed vulnerable services running on open ports, then of course they could be comprised.
brother I think you're about to get dumped on by a bunch of cybersecurity professionals for giving accurate information
that is scary
@@BasicallyHomeless
@@BasicallyHomeless just wait for the stack exchange users
no shit smart ass how else will this be possible
@@BasicallyHomeless im a cybersecurity professional i keep all the wireless waifu safe on the mainframe
“Your PC is safer than mine” HAHA JOKES ON YOU I’VE BEEN FOLLOWING YOUR VIDEOS STEP BY STEP, and now my 4070 is unusable 😢
I can't tell whether you're proud of this or sad because of it.
what happened to it? how'd it brick?
@@shaikeau5451 youareanidiot.exe (not an insult towards you lol) somehow managed to get on to it
I do understand sarcasm unlike these other guys but! PRO tip: (from someone who knows literally nothing about this stuff) if you actually really want to watch and follow along videos like this but your scared of the viruses and malware and you have windows 10/11 pro/exp its as easy as enabling "windows sandbox" and running that. this creates a virtual machine no third party needed, you can go to all the sketch sites you want and download all the scary viruses and then when you've inevitably fucked up just close and reopen the VM, to be safe I recommend creating a restore point for your machine first, you shouldn't need it but its peace of mind. Obviously don't try to do anything malicious, the IP of the VM is still easily traced back to you and any network related things affect your entire network so I, as someone who doesn't know anything, would recommend not messing with that.
any decent hacker would automatically assume the challenge was just a honeypot and steer far away from it, that's probably why it didn't see much action
Many decent hackers and script kiddies have big egos, I like this guys content but this sorta gives me fake vibes
There was express written permission given to penetrate his network. No one's going to get in trouble for participating in a public penetration test.
@@K-Anator its not about getting in trouble, its about someone logging every command/ thing you do. honeypots are usually used to see what attacks/ 0 days hackers might be using. Why risk someone knowing your avenue of attack
@@aRockOrSomething2 This setup wouldn't have required the use of any 0days, it should have been penetrable using known methods. Besides, this was technically done as a whitehat operation, the kind where you make 0days public knowledge and get them patched.
@@aRockOrSomething2 who is going to willingly waste a 0 day on something like this
I think the main deterrent for many people who might've participated otherwise is that we can't know for sure that you're the actual owner of that IP address. It could very well have been someone else's IP and there's no way we could've known.
It's also possible that you could've misconfigured your system, and ended up giving us a dynamic IP. If that's the case, then we might not even be hacking the right device, even if you did own the device that had that IP at the moment.
A domain name eliminates a lot of this uncertainty, so I suggest you use one for future experiments like this. It's always great to see creators engage with their community like this, so hopefully you'll do this again in the near future 😁
🖕
bro this is some hard cap, it was just skill issue from y'all
I encourage you to look up IP class ranges public and private, there's no way that IP could've been a dynamic IP since DHCP gives out dynamic IP's which is for private networks. The IP he provided falls into the class A public IP range meaning it was a public IP, it wasn't a private dynamic IP just not possible.
nope, the hackers fumbled straight up
a 15 minute ad that's crazy
This video is going to expose a ton of security vulnerabilities in ODU’s code
The fart in a jar caught me off guard 😂😂😅
Yeah lmao
Spoiler alert!!!😢😢😢
same thing happened here😂😂😂
@@cedricmunschauerI just started watching, I have no idea what the hell they are talking about
He think he Martin
Really glad I watched to the end. Talk about encouragement. Beautiful to see iron sharpening iron. Praying you thrive brother!
Bravo for the last 15 seconds of the video there. Caught me off guard but was so great to hear. Keep it up !!
I literally love that people could have done this via a Kali linux vm, and any basic beginners pentest guide involving Kali linux. It is possible to hack someone via their public facing IP address only, but like the majority of the comments have pointed out, unless you actually create those vulnerabilities, it's not that easy or simple to access a device on the private network connected to the public IP. If it was that simple, there would be no need for for hackers to create viruses which create vulnerabilities in devices, so I believe this video was made to prove that the majority of your community was all mouth and no action, which you seem to have proved, but as mentioned the claim that you can hack "anyone" with nothing but their IP, complete BS.
Except that it isn't bs.
It's obviously hard to do, especially if it's a secure system, but claiming "It's not possible" like those comments did is entirely wrong from the get go - and you can be certain that most people who claimed it's not possible didn't even know it's possible while running their system on admin the whole time and having every other port forwarded for that matter.
Which on its own isn't the issue, the claims that an IP wouldn't be enough however is an issue. A huge one at that. Granted its also bs to be scared about IP leaks for obvious reasons like no one needs to leak your IP, but yeah.
Your internal network is NAT'd out to the internet through your ISP - hence your public facing IP address. By default ports are not opened to the internet. Hence all the cyber security peeps telling you that getting hacked with just a public IP is not a realistic reflection of the average person's home network.
Yeah, he definitely doesnt get it. This video sucked.
would this change if an IPv6 address was shared?
that’s the point of the video, it was purposefully made much easier than your average pc would be and yet all the people who apparently knew so much still failed
@@loaf5025 I'm of the opinion no one bothered trying because next to no one sets up 5+ port forwards to a personal laptop in their home network. The typical home user public IP NMAP scan results are a glorious closed/filtered fest. The video felt presented like a criticism of viewers to prove them wrong somehow. What do I know though.
im no security expert but even if you open ports and arent cg-natted the chances of someone actually going after you are extremely little.
if you enable shh never ever use passwords, block remote passwrod login nstead use an ssh key stored on an USB drive.
if you want a website, only open port 443 and point it to a loadbalancer, than point that loadbalancer to reverse proxy, so other ports can be configured to be accessed without opening more ports. set that load balancer as a VLAN so its that some sort of isolation from your main network and you should be fine.
Man I'm sad I missed this My first though was just do an ssh and try some common passwords lmao
you literally would have won
dude fr like if I wasn't on vacation when he posted that video i would've won lmfao
@@Pink_Charsureeee
@@SnoopCreature17 i'm serious lol
@@BasicallyHomelessplease do it again
If you made a dedicated video announcement, you would have been hacked in 10 minutes 🙂
No one simply saw the challenge :(
Yeah I knew nothing about this lol
same smh
real
He should check the logs. Im sure a bot got in the first day
Same, had no idea till today. Would've been pretty simple to get in, but idk how he had the site hidden so it could've been a pretty difficult challenge to find it.
Big W to you for adding the end of the video in. I appreciate what you're doing
For anyone interested, its generally safe (not advisable) to leave a desktop IP in the open. Windows has pretty low target surface unless you are running services inside that make it vulnerable. out of the box windows has very very little ports that accept information, and one generally must be used to get inside. with just an ip address there is mostly one way to attack a machine and that's through ports, which have to be open to allow attack. running a server or even some games on your pc can open those ports leaving you vulnerable however windows out of the box is quite secure. unless you do what was done here and intentionally create attack vectors.
This is the best one paragraph description any comment has given so far.
Perfect description.
And especially the games part gave me PTSD from all the people that has a ton of games running on their PC with a ton of ports open but then being extremely worrysome about a kernel level anti-cheat because of their important data...
The jeff song is a vibe, spotify release when?
LOL open.spotify.com/track/4SX6sIbpEWUZwmQYZ2U9Gn?si=5c5ef220056943fc
@@BasicallyHomeless amazing, i need to add this to my playlist.
I was sitting here going, "How did nobody even try throwing metasploit at it for over 10 days."
You have cured the imposter syndrome I've felt as an IT "Professional."
Probably no one even bothered to even try it
how'd you use metasploit for this? most of the time, 22 is always ssh, and you can verify with the handshake. you can then bruteforce with hydra or anything else
i might just be stupid, idrk. i don't really do pentesting, mostly just c/c++/asm maldev and reverse engineering
Shouldve left 3389 open lmao
because it's fake. has to be. there's no possible way 10 days go by and nobody tried hacking it. if it was real the laptop would've been hacking within 5 minutes tops.
@@sosleepy512 Yeah, right.
Or people commenting on youtube just claim a lot but don't even really know how to do basic tests if allowed to try a system.
Mmm good hummus. Very epic. Much happy.
oh wow how did you get here so fast hahaha ;)
Hacking skills 🤫
😳
wait wha
How
Seeing odoo sponsor a bunch of youtubers I follow is hilarious because I once signed up for a trial, forgot about it and then got a REALLY passive aggressive email from one of their sales guys.
thats the best and creative way to advertise yet ngl
The fart jar will contain a fart for 10+ years. I sealed mine like 15 years ago and opened it in 2020 and it smelled exactly like someone had just ripped it 2 seconds ago
The fact that you put that laptop online through a cellular hotspot instead of some sort of terrestrial ISP (cable, fiber, etc.) increased difficulty of this challenge exponentially. The majority of cell providers use CGNAT, which means the public IP address you provided was not actually yours, but rather belonged to either a firewall or router that is sitting in a data center somewhere. The WAN IP address shown on your phone/hotspot is, 99% of the time, actually a Class-C address that is NAT'd through a public IP belonging to the cell provider. Essentially, everyone who tried hacking you was actually trying to hack AT&T/T-Mobile/etc.
then how did he hack it? most times it wont matter.
Ah crap I missed this one and I'm bummed. I love doing CTFs/pentests and this one actually looked so fun.
Fr... I'm a cybersecurity student and would have srsly loved to had been apart of this. His website says there may be another so let's hope for that!
Utmost respect for openly talking about your faith at the end :)
Loved the message at the end of the video.❤ keep it up man, love your content and your humor
Looks like the competition is over now. I can't wait for the next one man. This is the stuff I love and I'll be checking back for the details.
kek, you in bro?
This is such a you move, but I am still shocked and extremely impressed by this stunt you pulled! You are, dare I say, based.
SSH brute-forcing is not something I'd do personally, most setups have a rate limit and/or will trigger a canary and/or block your IP. So unless you have done recon and have a list of possible users and passwords to spray, It's a very skid-ish method
well, in this case it was a CTF so anything would be acceptable to gain access to the system no matter how u do it
You need to rent this store front and keep a 24/7 live stream just to see what creatures be popping up 😂
fr those creatures go crazy
Love the part at the end, %100 agree. Keep making the banger content and professing your faith 💯
Honestly super surprised no one was able to do this. I feel like some "easy" boxes on Hack The Box are more difficult then this challenge haha Great video as always
this guy is clinically insane i love it
the random guy you see at Walmart in the tech section
the guy that crop dusts you on the way to the register
@@BasicallyHomeless yea lol very true
@@BasicallyHomelessik I gotta stop
The jesus talk at the wnd was fantastic. You should do a little segment at the end of every video where you give out a little bit of wisdom/dad advice type of thing. Kind of like Garand thumb does at the end of his videos, but from you instead.
I had no idea he did this, I wish I couldve participated. Sounds like a fun time
#1 rule in cyber security, nothing is unhackable.
even my Samsung fridge?
I don't think any cyber security specialist would agree with you on that.
I'm not a computer hacker, but troubleshooting has taught me I'm definitely a hacker.
what about a brick wall
@@StrawberrySodapaw Even the Samsung fridge. :)
Super cool and encouraging to see your boldness to share your faith on your youtube channel!
Every video is straight up a movie, I love it.😂😂
“I’ve never heard so much conflicting information.”
Sounds about right lol.
POV: The hacker added a backdoor access to the laptop so when you put it back to your house he has access to your geolocation and cameras
Haven't watched your videos in a while and forgot how hilarious you were lol. Great stuff dude
Best part of the video starting at 14:35. Preach brother 🤙🏼
your videos consistently make me laugh. thank you
Oh man, I wish I had stumbled upon this competition when it was happening. I would have been all over this! When's the next competition, Basically Homeless?
I haven’t watch homeless in a minute, but upon coming back, I love how he dedicates even just a few seconds for god. It’s not something you see often on UA-cam. Kudos to you.
fr
What ending a video talking about your faith? Nice! Not many times do I see something like that in a video in this niche, so that's awesome
I will try out the website builder
first time watching ur channel, now love it!!!!
Fun video but best part was the end talking about Jesus! Haha love it bro!
The only thing I got from this video is that he's still probaly not over the 3$ he lost and he has a weird thing for farts and jars. 10/10
Please don’t preach to me. It doesn’t have a place in a UA-cam video. I come here for entertainment not indoctrination.
Yeah that ending was crazy proselytizing
If you had any ports open, then yes you can definitely just be hacked with just your network ip address
WOAH WOAH pal, take it easy with sharing correct information like that. There's ladies on this floor.
It's not just about ports being open. A vulnerable service has to be running on that port. Those ports are just the typical ports those services run on. Like how http runs on 80 and https runs on 8080. But you can open port 80 on your computer without setting up an http server on it.
@@nordgaren2358you mean like ssh or telnet? And actually if you have port 80 open on the inbound on your firewall then that's a security issue but having port 80 on the outbound is a different story.
@@nordgaren2358 https uses port 443 by default tho?
@@nordgaren2358 EXACTlY., This is what everyone missunderstands. All they care about are "open ports" but in reality there has to actually be something listening on that port that has a vulnerability that can be exploited
Love the ending! To God be the glory! Thank-you for posting that!
Man im sure odoo loved to sponsor a video of someone giving a publically available tutorial on how to hack!
Next video: "I let viewers try to delete my channel"
Another fun, informative video and I, for one, appreciate the last section about your faith and trust in Christ :)
i know you mentioned this in the video, but i feel like it bears repeating. this is pretty unrealistic as almost no device you use will be this insecure and vulnerable unless you make it that way. most people have their ports closed (not to mention theyre generally closed by default). not only that, most people dont have their usernames and passwords THAT easy nowadays. i mean, the easiest passwords you might find is a pet name + birthday combo (more common than you think). that said, this video is very entertaining and im looking forward to seeing an update to it. maybe it can even get turned into a sort of mythbusting series lol
also people who do open ports first disable password login on ssh. its nearly impossible to bruteforce an ssh key, if you could bf that, SSL would become pointless, as both ssl and ssh keys use similar algorithms. if someone's on your prem, you have bigger problems than your ssh key being stolen.
second, ideally, you'd only open ONE other port, and load balance and/or reverse proxy that for any other needed port
there are service spoofing tools so you can say your port 22 is telnet for an example, and your actual ssh port is 1234 (example)
u can also disable icmp response, so if someone tries to ping itll ping out and it'll seem as if you're offlne.
openng ports isn't scary either
this is the best incorporation for a sponsor ive ever seen before in a vid, so much better than someone just cutting to it and talking about it for 2 minutes.
Brute force is insane actually that's genius. I do same thing on DayZ with 3-dial combinations because it unlocks as soon as you type right number.
Sounds like crap security. Would that work in Rust?
no thats basic hacking
@@Slipstreamm_ 10 months late.
But I'd not even call that hacking. Bruteforce is what we resort to by default if we cant figure a combination out and have unlimited tries, so it's just natural to do it as well on systems where you can just try to get the password/user combo as well.
Jesus jump scare 😱
Wow, I was pleasantly surprised at the end with you sharing your faith in Jesus. God bless you brother.
so glad there’s a funny creator who doesn’t hide his faith
You had me in the first half, not gonna lie. I don't believe in Santa, God, the Tooth Fairy, or other children's stories. That shit is so unbelievably out of place in a video like this. Makes you seem crazy.
To answer your question one of the common compounds in a fart that makes it smell is hydrogen sulfide, hydrogen sulfide does not according to my knowledge decompose meaning that at least part of the smell could be contained indefinitely depending on the container.
the rap is insane
Amen preach it brother.
12:25 nice forehead bro
Your IP is like an information highway. Everything you do online is sent through it.
If someone has a giant, really strong net, and catches an armored truck going by on said highway, guess what was in that truck?
The couple thousand dollars you sent to your bank account, including all the keys and information needed to get in.
12:29 It's true. I've seen hackers run programs on other computers that take under 20% to mine crypto on the background. You'd never know unless you were a gamer and noticed your game was running shittier than usual (even then, you'd probably gaslight yourself into thinking the devs just suck at optimizing).
Stay safe, use a VPN, and consider re-installing windows every few years if you suspect anything.
I reinstall Windows every 3 months because it's just awful and breaks.
this song is a banger
i pushed a old person down the stairs
Oh!! How lovely
He should try putting viruses on a phone because I’ve never seen a phone with a virus so it might not be possible
brother i once fully believed i could breathe through my butt. Thing is, I was so stubborn, I might have actually been breathing through my butt.
I ask you this- if i can breathe through my butt, can I not install a virus on a phone?
@@BasicallyHomelessMy question is should I breathe through my butt?
Depends on the definition of breathing. It means to take in air into your lungs and exhale it out. The butt does let out gas but very rarely does anything come in. So although I have never heard of breathing through your backside, I’m sure either you can sit on top of a fan and try and let it in or you can inject air inside of you. Or you can be smart and have some sort of surgery in which you can intake air from there. It can be done if you actually are committed to it but if you already have been, then that means yes, a phone can get a virus. When will the video be made?
@@BasicallyHomeless i wont doubt it, breathing through your butt is totally rad
@@Choccy_Donutthe air would have to travel through entire digestive tract and enter ur respiratory tract
My god that end sobg went insanely hard
That guy that stole your money was nice fella for locking your car. He wanted to make sure no one else stole anything from you.. so caring.. honestly if he was re organizing your car for you and locking it.. he deserved the 3 dollars..
he was doing you a service 😂
He was like "this place is a fuckin mess, I can't find anything to steal in here! might as well clean up..."
Honestly i would never drive in that car again.
OH DUDE LETS GOOOOOO what a king for the outro- The Lord be with you brother
Amen bro talkin bout Jesus is a HUGE W . I love that so much.
The internal network is NAT'd (Network Address Translated) to the internet via the ISP, resulting in a public-facing IP address. By default, internet-facing ports remain closed, a standard security measure. This is why cybersecurity experts emphasize that the risk of being hacked with just a public IP is not a practical scenario for the average person's home network
As a professional hacker, I can confirm that this video was actually a top-tier tutorial on how NOT to get hacked
The IP address itself isn't dangerous - it just allows you to identify one of the countless computers out there on the internet as yours. But if your firewall is set up correctly and you have no (possibly vulnerbale) web services running (such as SSH, FTP, Apache2 or Nginx, etc.) it's not more dangerous than when a hacker crawling the internet for reachable IP addresses is stumbling across yours.
This is such an awesome video. Thank you for making this. Its pretty insightful and sheds some light on what some folks are really scared to. Keep on with the awesome content :)
The way all the random references and jokes get tied in all the way to the end is so great.
Imagine him getting his ip held offline for leaking the ip LOL 😂 SOMEONE SHOULD HAVE DONE THAT
Probably dynamic IP so he could just change it😭
@@Anony556 it said static in the video
That ending though? BASED!
Bro! Not only did I love the video but it was so cool to put yourself out there and share your faith. I’m a Christian and It’s so cool to see someone with your platform spreading the good news. Keep it up man!
either hes stupid or hes the greatest content creator ever.
Maybe both
This made me wanna change my password to something even more secure and obscure than ever before!
I love how this guy just, doesn't give a fuck. I aspire to be this chill
Great video, bit of a weird unexpected ending tho
TLDR: he cares about your soul
A lot of creators wouldn't dare mention their faith or stance on religion. He's putting himself out there and inviting you to learn a bit more. If it's what you believe, you would worry about your followers not believing especially when you can do something about it. His risk of losing subs due to his stance says that your soul is more important the a subscriber.
You're lucky I was busy hacking the Chinese government or I would have downloaded that dog pic 20000 times
yeah right, everybody knows you can only hack the chinese govertnement if you have the scepter of russian justice which can only be found in my fart jar that has never been seen by human eyes DUH
@@BasicallyHomeless so you arent human?
very epic. love to see christian prescence online! keep it up dude!