Hey Mr Ash, i'm new to this and watching your videos has helped me alot. I'm really inspired to learn and re-learn all the room that i've done!! amazing stuff you're doing.
Definitely helped out with your video but man this one had me stumped but I was able to figure out what I was doing wrong on some occasions. I didn't go along with some of the extra tricks you had just so I don't get further lost but please continue to share more videos.
Glad you got there in the end! And good on you for keeping it simple, there's nothing wrong with that. Appreciate you leaving a comment, I'm currently doing the Advent of Cyber 2022 event. If you've got time, it's worth doing! I've learnt heaps in such a short time.
Thank you for this. I had a problem with the bash file. Using wget changes the permissions on the file. Likewise using the cp command. So, what I did was to add the -p to preserve the permissions when copying to the mount folder
Most commands have a manual page, aka a man page. If you use `man $command` or try either `-h` or `--help` after the command you'll most likely get a help page for the command you're trying to use. Or there's websites that list out what each command does... Can't remember them off the top of my head tho.
Hope someone can help with this one I am not sure why but when I do ./bash -p nothing happens. I did exactly how its suppose to be for the bash file. I did chmod +s /tmp/mount/cappucino/bash then chmod +x bash, though for some reason I get groups are able to write on bash so what I do is chmod g-w to remove write on groups but for some reason nothing happens after the bash command. Any help would be appreciated!
same here I was able to get the bash file over through copying it to /home directory but cant get it to the exact file number for bash which has root privileges. The hardest task so far....
This is what I did based on getting an exact answer for the "-rwsr-sr-x" part and making sure "./bash -p" gets executed on target machine on the ssh connection correctly: 1) On your machine (your personal kali linux or similar machine) make sure you are the root (I do it using "sudo -i" personally) and you are properly mounted to the target machine on "/tmp/mount" directory. 2) Make sure the "bash" file from Github provided by THM is added via your machine's mount point directory "/tmp/mount/cappucino", DO NOT do it though the ssh connection of the target machine. Though if you do, go to your machine to the mount point and do this: "chown root:root bash". This is essential to get the "bash" file to execute on the target machine once you assign the correct permissions. I don't know why the file works this way. BTW you should "man chown" but at a glance: "chown OwnerName:GroupName fileName". 3) To get the exact permisson based on answer "-rwsr-sr-x" (Do this on your machine as root at mount point directory on "cappuncio/"): -> "chmod 644 bash" which results in "-rw-r--r--" on "ls -la bash". -> "chmod +sx bash" which results in "-rwsr-sr-x" on "ls -la bash". 4) Go to the ssh connection to the target machine under the "cappucino" directory then execute "./bash -p". If you did this right, this should work. It did for me.
@@mrashco Honestly I totally forgot I left this comment here haha. Anyway I will try what @GeekTechWolf did see if I can get this finally worked out. Thanks for the help everyone! 😊
That's the name of the "share" were connecting too. So it's like the folder name we want to see on the remote computer. And no need to apologise for asking!!
I wish that the rooms for this path werent so bugged. I've been having issues running certain commands or options while going through and i'm not sure if im getting all the material. I used same line of code you used but for some reason my mount kept timing out and not working.
I have to admit, I don't really understand 100% what the point of all this was. 1/First we get access to an NFS share, all good. 2/With this NFS share, we find a private ssh key that helps us establish an ssh connection onto the user cappucino 3/Then i get lost with what is root sqash and SUID, and why we do all this Can someone explain please? Thanks!
Followed the vid to the T to see if I was doing something wrong from the room. I'm able to do the mount command but nothing shows up in the tmp/mount/ dir. I've even tried using the ip:home/cappucino to see if that would work but not successful. any tips?
oh my god, this room was too hard. Thanks much for make this videos!!!
Hey Mr Ash, i'm new to this and watching your videos has helped me alot. I'm really inspired to learn and re-learn all the room that i've done!! amazing stuff you're doing.
the nfs was the hardest for me so far lol. did it at 4 am and was sleepy
same thing here haha
I agree! This is the biggest hurdle I've seen in my THM path. Grateful for the resources.
I'm not even halfway done with this video & had to show love. Extremely helpful for a Linux newbie.
Awww thanks for the message ♥️
I've referred back to your videos a ton when running into complications (just as you did here). Thanks for the help!
That's awesome, glad the vid helped you out. I appreciate you leaving a comment!!
Thank you for the walkthrough. I got some issues at the end of the room but thanks to you I found out my mistakes. :)
No worries! Glad you got through the room, keep on going and have a nice holiday 😀
Definitely helped out with your video but man this one had me stumped but I was able to figure out what I was doing wrong on some occasions. I didn't go along with some of the extra tricks you had just so I don't get further lost but please continue to share more videos.
Glad you got there in the end! And good on you for keeping it simple, there's nothing wrong with that.
Appreciate you leaving a comment, I'm currently doing the Advent of Cyber 2022 event. If you've got time, it's worth doing! I've learnt heaps in such a short time.
This was the first network hacking exercise i really struggled with thank you for the video and the free python lesson 😅
No worries! Glad I could be of assistance.
You're a legend, mate! 🌟
Another banger M8, thx 4 the great content!
Thank you for this. I had a problem with the bash file. Using wget changes the permissions on the file. Likewise using the cp command. So, what I did was to add the -p to preserve the permissions when copying to the mount folder
Ayyye, thanks for letting me know. Always keen to learn new flags/switches for commands.
I was trying to find what -p mean.... thank you. where can i look this up in any documentation?
Most commands have a manual page, aka a man page. If you use `man $command` or try either `-h` or `--help` after the command you'll most likely get a help page for the command you're trying to use. Or there's websites that list out what each command does... Can't remember them off the top of my head tho.
dude! awesome video keep up the funny yet informational content! you are a life saver my friend good on ya!!
Aw thanks for the comment. When education is fun, it's the best. Appreciate you
Thank you for the python3 server way, I liked the other perspective.
No worries. I've recently learnt how to do it with nc too. But I still like the python web server way more.
This is an awesome guide - Really appreciate the content!
Glad it was helpful!
Your TryHackMe's videos are amazing!
Awww thank youuu!
I see you are doing this work while inside of another room. is this an add on/mod that you use?
Amazing content buddy. At 25:30, while doing ssh why was cappuccino chosen as user to login? Cappuccino was a mount
Yeah they've used the same name as a user and a mount
that was not a beginner-friendly.
Hope someone can help with this one I am not sure why but when I do ./bash -p nothing happens. I did exactly how its suppose to be for the bash file. I did chmod +s /tmp/mount/cappucino/bash then chmod +x bash, though for some reason I get groups are able to write on bash so what I do is chmod g-w to remove write on groups but for some reason nothing happens after the bash command. Any help would be appreciated!
same
same here I was able to get the bash file over through copying it to /home directory but cant get it to the exact file number for bash which has root privileges. The hardest task so far....
Hey, sorry for the late reply, this message slipped through the UA-cam comment cracks. How did you go, did you get it working?
This is what I did based on getting an exact answer for the "-rwsr-sr-x" part and making sure "./bash -p" gets executed on target machine on the ssh connection correctly:
1) On your machine (your personal kali linux or similar machine) make sure you are the root (I do it using "sudo -i" personally) and you are properly mounted to the target machine on "/tmp/mount" directory.
2) Make sure the "bash" file from Github provided by THM is added via your machine's mount point directory "/tmp/mount/cappucino", DO NOT do it though the ssh connection of the target machine. Though if you do, go to your machine to the mount point and do this: "chown root:root bash". This is essential to get the "bash" file to execute on the target machine once you assign the correct permissions. I don't know why the file works this way. BTW you should "man chown" but at a glance: "chown OwnerName:GroupName fileName".
3) To get the exact permisson based on answer "-rwsr-sr-x" (Do this on your machine as root at mount point directory on "cappuncio/"):
-> "chmod 644 bash" which results in "-rw-r--r--" on "ls -la bash".
-> "chmod +sx bash" which results in "-rwsr-sr-x" on "ls -la bash".
4) Go to the ssh connection to the target machine under the "cappucino" directory then execute "./bash -p". If you did this right, this should work. It did for me.
@@mrashco Honestly I totally forgot I left this comment here haha. Anyway I will try what @GeekTechWolf did see if I can get this finally worked out. Thanks for the help everyone! 😊
SUID bit permission was +x not +s then. I was fighting it until my session expired lol
sorry for asking but i dont Understand the :home on 20:28 of your video why we need that command
That's the name of the "share" were connecting too. So it's like the folder name we want to see on the remote computer. And no need to apologise for asking!!
Could not work out how to get the bash file over to the NFS share. Thanks for uploading this
their way was so weird, you can literally just `cp` it to the mount
which the command `cp ~/Downloads/bash .` was listed
@@ooliver Yeah, I have never done that before, so it was useful getting a visual demonstration of how he solved it.
Hi Ash...thanks for your tutorials. I am very newbee in cyber sec. Just one question, how do you create /Documents/thm/networkservices2 directory?
mkdir name
YOUR A LIFE SAVER, thank you
Naw thanks!
I wish that the rooms for this path werent so bugged. I've been having issues running certain commands or options while going through and i'm not sure if im getting all the material. I used same line of code you used but for some reason my mount kept timing out and not working.
Ah true true!
Great video, mate!
What shortcut do you use to clear the console and move the command line to the very top ?
Hey thanks mate, CTRL + L, it's like using the 'clear' command. Oh and CTRL + C to cancel is useful too!
I have to admit, I don't really understand 100% what the point of all this was.
1/First we get access to an NFS share, all good.
2/With this NFS share, we find a private ssh key that helps us establish an ssh connection onto the user cappucino
3/Then i get lost with what is root sqash and SUID, and why we do all this
Can someone explain please?
Thanks!
To escalate your user privilege to root in a target machine.
this is great help bud!
Glad it's helped 😃
you are a legit hero
Idk about "hero" but thanks for the comment! Im glad the video helped!
Your awesome 😎
Awwww thanks for the encouragement!!
thanks a lot
You're welcome! Thanks for leaving a comment
tnx
Good Job :)
Thanks 😁 Enjoy your Cyber Sec learning.
If you have a second, I've started making 100daysofctfs.com I'd love your feedback. If you can't, no stress.
great great
Thanks for leaving a comment, appreciate it! Happy hacking...
idk if i'm dumb or what , but i didn't went back in the file system loool
@@mrashco thanks for your videos tho
Ssh user cappucino password password with hydra sudo su ... id 0 whoami root
You are a big help!
saved my bash to downloads. Used cp ~/Downloads/bash . from attack machine mount /tmp/mount/cappuccino to copy over to NFS
Awesome! Glad its working
Followed the vid to the T to see if I was doing something wrong from the room. I'm able to do the mount command but nothing shows up in the tmp/mount/ dir. I've even tried using the ip:home/cappucino to see if that would work but not successful. any tips?
Hmmmm dam, maybe restart the machine? I've heard people having issues with some of these older rooms.
How can i get bash over to root directory? I am still seeing bash in Cappucino after running mv /tmp/mount/cappucino to /tmp/mount/cappucino/bash
Explain what you mean please in more details