when i was a kid i didnt have internet service. i did have a modem. i got an AOL disk in the mail. used aol to download boserve and got to chatting. then found a local chat room and commenced to making a list of local internet provider passwords. I would like to thank my classmates for never getting on the internet. (90's)
Haa played around with netsh after seeing that same Tweet... 🤓😆 And as much as i love these short bit videos i miss the old +1H videos where you just went mental on some project - Watching people fail and rethinking their approach often learns more than anything else. But again, thanks for the videos John! Keep up the great work, hope you are having fun on the journey!
Hi John! I tried the same thing, and it didn't work, even though I manipulated the win/reg. I generated the shellcode with the sliver and tried to run the implant. However, when you run your implant, you might have Rav endpoint protection pre-installed on your machine. It comes with Windows installation. How could you configure the implant to bypass more external protections?
Non-technical question (or maybe that is a technical question, after all), how are you zooming in on your screen? I take it, the reason you installed via curl (instead of kali repoisitories), is to make sure you had the most recent code?
Hi John, just a question. What is the difference of this sliver C2 from metasploit and why not to use msf for those demos ? Cobalt Strike is different because the client is windows based but for those Linux based C2 clients I really do not see the difference 😢 in fact, it sometimes looks harder to do stuff on those rather than msf
I have the exact same opinion. Had a look at Mythic and Havoc C2 as well which felt more exploitation C2 as compared to Covenant C2 which seemed more like post-exploitation focused. Please correct me if I'm wrong.
Could you have used something like Shellter to inject this shell code into netsh.exe or a DLL for the binary? - also it looks like you're able to generate the payload in the shellcode format now so you don't have to use the nim script to convert it. Maybe this was added in an update to sliver
golang is awesome because its really easy to statically compile a single binary on any system. victim doesnt need additional stuff already installed like c# sometimes does.
You could say the same for c and rust now two golang is just the child but I agree it is okay for cross compatibility much more easier then using c but both can be the same
This one is just too deep for me, within the first 4 mins there was so many different acronyms and phrases I just had no clue what was going on. Shame, I used to like John's channel, but it is just assuming the average viewer knows so much these days. I am sure for the knowledgeable it is very interesting, but they already know this stuff, so who is the target audience? Does anyone have any recommendations for some lower level content?
Anyone know how to resolve this: ┌──(root㉿kali)-[/opt/binnim] └─# nimble build --verbose Verifying dependencies for binnim@0.1.0 Error: Unsatisfied dependency: nim (>= 1.6.14) ┌──(root㉿kali)-[/opt/binnim] └─# apt-get upgrade nim Reading package lists... Done Building dependency tree... Done Reading state information... Done nim is already the newest version (1.6.10-2). Calculating upgrade... Done The following packages were automatically installed and are no longer required: python3-ajpy python3-pysmi python3-pysnmp4 Use 'apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
"Because it is over 9000." LOL
true man of culture 🐉🔮
He got me too. Lol
@@lumosyobtrueeee!
when i was a kid i didnt have internet service. i did have a modem. i got an AOL disk in the mail. used aol to download boserve and got to chatting. then found a local chat room and commenced to making a list of local internet provider passwords. I would like to thank my classmates for never getting on the internet. (90's)
Haa played around with netsh after seeing that same Tweet... 🤓😆
And as much as i love these short bit videos i miss the old +1H videos where you just went mental on some project - Watching people fail and rethinking their approach often learns more than anything else.
But again, thanks for the videos John! Keep up the great work, hope you are having fun on the journey!
same here man!
A
Hi john! love ur vids!
Hi John! I tried the same thing, and it didn't work, even though I manipulated the win/reg. I generated the shellcode with the sliver and tried to run the implant. However, when you run your implant, you might have Rav endpoint protection pre-installed on your machine. It comes with Windows installation. How could you configure the implant to bypass more external protections?
does netsh start automtically when windows starts? thats why it is a persistence ?
Non-technical question (or maybe that is a technical question, after all), how are you zooming in on your screen? I take it, the reason you installed via curl (instead of kali repoisitories), is to make sure you had the most recent code?
John your computer Specs ?
Superb video 🔥.
so how to block this ? being netsh attack all the time and setting up LAN connection behind my back
Hi John, just a question. What is the difference of this sliver C2 from metasploit and why not to use msf for those demos ? Cobalt Strike is different because the client is windows based but for those Linux based C2 clients I really do not see the difference 😢 in fact, it sometimes looks harder to do stuff on those rather than msf
I have the exact same opinion. Had a look at Mythic and Havoc C2 as well which felt more exploitation C2 as compared to Covenant C2 which seemed more like post-exploitation focused. Please correct me if I'm wrong.
I wonder if you leverage changeling to swap your shell code out on the fly
Could you have used something like Shellter to inject this shell code into netsh.exe or a DLL for the binary? - also it looks like you're able to generate the payload in the shellcode format now so you don't have to use the nim script to convert it. Maybe this was added in an update to sliver
golang is awesome because its really easy to statically compile a single binary on any system. victim doesnt need additional stuff already installed like c# sometimes does.
You could say the same for c and rust now two golang is just the child but I agree it is okay for cross compatibility much more easier then using c but both can be the same
Great video. I've been at this for a min, and I learn lots from all you videos. Thanks for the great content!
Early crew! I love the shirt btw! I saw Jurassic Park in the theatres as a 90s kid, born in 89. :3 Hehe. Dinosaur 🦖🦕. 🐁
What type of VPN do you use?
nice and early, another good video ^^
how we can get can you help??? pls!!!!
Nice work. Thanks from Germany...
🇩🇪
hei ahmed from greece
nice job john love you always prof and vocal
11:41 yeah that’s what I though haha. Because MDE immediately blocks this haha.
Nice Tee John
How many virtual machine you have John ? 😅
virtual machines are programs, not hardware
@@robertroussakov9395 yes i understand that 😌
Really Great BRO!
Not only hackers :) feds too
I love being "required" to watch hacking videos for work, at work.
More Sliver? Sure, more Sliver in the name of Bishop Fox!)
ITS OVER 9000!
Interesting, I've only ever used this with physical access to get wifi passwords. Cewl stuff.
who remembers Back orifice ?
amazing, gotta try this at work
Ur the man..that was so cool...pentesting is more than i could imagine
this app its not on market but l tried to find it so l wanted to share it with you
Super cool and exciting video! Thank you for sharing! ❤️
Hi mister perfect 🎉
दुनिया की सबसे बड़ी योद्धा मां होती है।🧑🍼
कौन कौन मानता है इस बात को
Love U Maa😘😘🥰
Why "apt install sliver" when you can curl pipe to bash like a an absolute maniac!
Really good
Video To hack scammers .... Process video...... How scammers playback channel hack in the scammers system
Sir thank you for the binnim tool thank you so much❤❤❤😢
Plz make more video like this
damn thx for this great content!
super cool
This one is just too deep for me, within the first 4 mins there was so many different acronyms and phrases I just had no clue what was going on.
Shame, I used to like John's channel, but it is just assuming the average viewer knows so much these days.
I am sure for the knowledgeable it is very interesting, but they already know this stuff, so who is the target audience?
Does anyone have any recommendations for some lower level content?
What is the sort of content and approachability you would rather see?
its crazy that you talk about how hard it was for the 'average viewer' to watch and when asked what he can do to improve, you stay silent.
Have you noticed you're very lookalike to the guy from LowLevelLearning? Am I crazy?
Awsome
🤨
im the first!!!!
If you don’t know what he’s saying then don’t watch it stop complaining we need more advanced videos bruh
Bro hit the gym also
NO idea what's going on here. John's gotten worse. Next video he'll be programming his own AI in python and saying how easy it was....
Anyone know how to resolve this:
┌──(root㉿kali)-[/opt/binnim]
└─# nimble build --verbose
Verifying dependencies for binnim@0.1.0
Error: Unsatisfied dependency: nim (>= 1.6.14)
┌──(root㉿kali)-[/opt/binnim]
└─# apt-get upgrade nim
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
nim is already the newest version (1.6.10-2).
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
python3-ajpy python3-pysmi python3-pysnmp4
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
How scammers hack there system UA-cam: scammerplayback
1:08 , oldie but goodie ,, real friends dont let friends pipe bash 🤌