Instead of typing print(f"our_alphabet = {our_alphabet}") you could use this syntax instead: print(f"{our_alphabet=}"). Love your videos, keep it up! ❤️
You should explain boolean algebra, truth tables and karnaul maps. And include logic gates AND OR NOT XOR bla bla etc.. I would also say base2 to base6 to base10 , but probably too much for one video
Import Viewer Video.append(f"{silence.play()}...{silence.stop()}hey everybody, my name is John Hammond") Viewer.heartattack() Video.append(f"{rest of the video}")
I was screaming at the screen "just use an identity string!". As in, just run through all the bytes between 00000000 and 11111111, convert that to a string, send it, and you'll get out their key right away, which is practically what you did, but with like 5 levels of indirection lol
You nail it every time John. (Even though you get nervous about it). Showcasing your METHODOLOGIES(including the rabbit holes helps the Noobs) is why I watch ALL your videos!
John your CTF projects have been so informative and great fun to watch. This is helping shape the way to a more "outside of the box" way of tackling certain issues we may experience in the infosec pathway. (HTB pun intended)
I have no idea what's happening but it's really cool and I've been binging all of your videos. And honestly, with my limited programming knowledge, I am learning a lot! You're amazing bro!
I can’t say I really followed along with the Python at the end, BUT honestly it makes me feel better knowing that John struggled with it too the first time. Appreciate the content as always!
man found your channel yesterday and I'm really liking thoses challanges, will start doing some in the weekend when I have free time, keep the great work
With an transparent image (like this one) you could also encode stuff as colors and set them as opacity = 0 - essentialy hiding the information within the images fully transparent pixels.
What an adventure, great content. Btw I think the trailing = are because you included them in your payload. It's for padding so their encoded message has to encode the padding char.
Please use drak reader or something so i don't get flash banged whenever you go to google or Wikipedia :P Also nice video i was so lost with all the Alphabet stuff :P
Hi John. Can use encode a Python .exe file with C++? I mean encode it to antiviruses couldn't recognize the app as malware :| Is there any documentation?
Cool solution, though I think you could have use your original solution. You had your alphabet and your encoded string, that showed you the offset or the index in the alphabet, and their encoded string gave you what character should be at that offset or index. This means you could have rebuild the alphabet a letter at a time, though it’s not an elegant solution, I think it would have worked.
Nice video Butt wouldn't it be much easier to directly send the bytes from 0 to FF as message? The result should be the used alphabet plus the equal sign. As I understand how base64 works.
That's basically what he ended up doing, in a super roundabout way. By taking the normal base64 letters in order and decoding them, you'd just end up with bytes 00-FF.
@@renemertinsful oh for sure. Just sending the raw bytes 00-FF is way more straight-forward, and would actually demonstrate how base64 works in a very nice, visual way. I was trying not to yell at my screen when he started doing it this way. Lol. I think he was just overthinking the problem a little bit.
Hey John or others; How do you manage to access the CTF after the event is over? My vpn access no longer works since the ctf has terminated. Cheers I always love your videos
Hi John, I watch your videos and have zero experience in this field, basic knowledge. I have a question, Is it possible to write some kind of virus or malicious program that sits on my network. Then when I get hacked or attacked it basically defends by frying the attackers CPU or anything like that. What would that look like? This is kind of a wet dream of mine, making the blackhats cry and die inside.
I had to rewatch the first 13 seconds of the video a number of times. What's happening with your mouth? Are you a vertriloquist (or however you spell that)?
This rig has 64 GB of RAM, 28 TB storage, and 48 hyperthreaded cores. My wallet still hurts. Windows on the host in this case, and yeah like 16 GB of RAM or so for the guest.
Import Viewer Video.append(f"{silence.play()}...{silence.stop()}hey everybody, my name is John Hammond") Viewer.heartattack() Video.append(f"{rest of the video}")
Instead of typing print(f"our_alphabet = {our_alphabet}") you could use this syntax instead: print(f"{our_alphabet=}"). Love your videos, keep it up! ❤️
HOLY CRAP. I had no idea that was a thing. That is so awesome, thank you!!!
@@_JohnHammond makes sense, that was added in python3.8
You should explain boolean algebra, truth tables and karnaul maps. And include logic gates AND OR NOT XOR bla bla etc.. I would also say base2 to base6 to base10 , but probably too much for one video
f string ❤
Import Viewer
Video.append(f"{silence.play()}...{silence.stop()}hey everybody, my name is John Hammond")
Viewer.heartattack()
Video.append(f"{rest of the video}")
John: “You might already know the answer”
Me: “googles what does #!/usr/bin/env means”
what does it mean xD
@@jonny-mp3 select the interpreter from the environment. Basically find the interpreter binary from PATH variables.
thank you! i needed this comment :D
I was screaming at the screen "just use an identity string!". As in, just run through all the bytes between 00000000 and 11111111, convert that to a string, send it, and you'll get out their key right away, which is practically what you did, but with like 5 levels of indirection lol
I love this channel.
+1
I dont
You nail it every time John. (Even though you get nervous about it). Showcasing your METHODOLOGIES(including the rabbit holes helps the Noobs) is why I watch ALL your videos!
John your CTF projects have been so informative and great fun to watch. This is helping shape the way to a more "outside of the box" way of tackling certain issues we may experience in the infosec pathway. (HTB pun intended)
Stumbled onto your channel. Love your breaking apart of malware. Honestly you couldn’t make enough of it, so good
I have no idea what's happening but it's really cool and I've been binging all of your videos. And honestly, with my limited programming knowledge, I am learning a lot! You're amazing bro!
I really like seeing your thought process it really helps me to learn more. Thanks John
I can’t say I really followed along with the Python at the end, BUT honestly it makes me feel better knowing that John struggled with it too the first time. Appreciate the content as always!
man found your channel yesterday and I'm really liking thoses challanges, will start doing some in the weekend when I have free time, keep the great work
Its nice to see the whole thought proces going on and learn from it. Thanks for the video.
Your videos encourage me to try harder. Thank You !
1 glass of wine while watching this and I kept up, but my brain was melting by the end :P
Got me interested in joining THM and practicing my skills again
Thats fun to watch your thinking processes 😂 Helps me to learn and shows me new ways Thanks 👊😎🤟
With an transparent image (like this one) you could also encode stuff as colors and set them as opacity = 0 - essentialy hiding the information within the images fully transparent pixels.
What an adventure, great content.
Btw I think the trailing = are because you included them in your payload. It's for padding so their encoded message has to encode the padding char.
I’ve been trying for so long to find how not to show the ‘connecting to host’ message. You’re a saviour.
New videos coming on back to back!
That intro was legendary!! 😂😂😂
For the algorythm!!
I need further explanation why decoded regular alphabet after encoding with custom alphabet returns that alphabet. Why this is working that way?
John kindly tell about your windows privesec methodology
#stress_full_windows-privesec🥺
Was waiting for this! Thank you!
Cool Guide, I probably have to re-watch it !!
I love this person
I clicked because of Kirby :)
I stayed for the coding.
Thanks
CTF...long time 🥳
Doing it for the almighty Algo
thats gonna be good
why do you import a library to use xor? does python don't have it by default?
I miss playing with these things! Including hackthebox, but never get time nowadays!
Jeez man!!! That jump scare right at the beginning!?!?! Not cool! 🤣
Please use drak reader or something so i don't get flash banged whenever you go to google or Wikipedia :P Also nice video i was so lost with all the Alphabet stuff :P
Hi John. Can use encode a Python .exe file with C++? I mean encode it to antiviruses couldn't recognize the app as malware :| Is there any documentation?
very skiddy
why wouldn’t you be able too?
Thank you so much
haha what a intro appear from no where!!!
Cool solution, though I think you could have use your original solution. You had your alphabet and your encoded string, that showed you the offset or the index in the alphabet, and their encoded string gave you what character should be at that offset or index. This means you could have rebuild the alphabet a letter at a time, though it’s not an elegant solution, I think it would have worked.
Nice video
Butt wouldn't it be much easier to directly send the bytes from 0 to FF as message? The result should be the used alphabet plus the equal sign. As I understand how base64 works.
That's basically what he ended up doing, in a super roundabout way. By taking the normal base64 letters in order and decoding them, you'd just end up with bytes 00-FF.
@@alexmeyer4598 but my brain hurts when I have to think this way. Bit shifting would be so much easier and more explaining
@@renemertinsful oh for sure. Just sending the raw bytes 00-FF is way more straight-forward, and would actually demonstrate how base64 works in a very nice, visual way.
I was trying not to yell at my screen when he started doing it this way. Lol. I think he was just overthinking the problem a little bit.
This one is good and fun.
whats that ending song ?
How are you getting all this malware samples pleas tell
A random John appears!
Is 'tack' what a hyphen is called in the command line, or is this a Hammond'ism?
Many People Call It Tack. You Can Also Call It Dash Or Hyphen...
@@PreetisKitchenltr thank you!
Hey John or others; How do you manage to access the CTF after the event is over? My vpn access no longer works since the ctf has terminated. Cheers I always love your videos
Also wondering
Nice t-shirt 👌
isnt decode() same as decode('utf-8') ?
I really need a guide or book about python for CTF. I am always stuck with challenge that need python or other like bash etc
Read the documentation
i missed this CTF bcoz of my exams 😔😔
Hi John, I watch your videos and have zero experience in this field, basic knowledge. I have a question,
Is it possible to write some kind of virus or malicious program that sits on my network. Then when I get hacked or attacked it basically defends by frying the attackers CPU or anything like that. What would that look like?
This is kind of a wet dream of mine, making the blackhats cry and die inside.
Woooooow
What were you doing down there John?
Peculiar
can u make a video on how to make VM and install all tools for CTF
Is this machine you are working on the one that you recently build ?
I had to rewatch the first 13 seconds of the video a number of times. What's happening with your mouth? Are you a vertriloquist (or however you spell that)?
@@fdsafdsafdsafdsafd sometimes magic is more appealing
👀
👀
👀
👀
👀
👀
you look tired in this video John :) great video as always though! keep them coming
How is your vm running that smooth tho? Did you give it like exta graphics or 32 GB of RAM? What's the Host OS ?
This rig has 64 GB of RAM, 28 TB storage, and 48 hyperthreaded cores. My wallet still hurts. Windows on the host in this case, and yeah like 16 GB of RAM or so for the guest.
@@_JohnHammond damn bro, you gettin' kinda serious (⊙_⊙;) 😂😂
Just send over the base64-decoded base64-alphabet to the server and get the answer back.
I was right wooo
Nah man, show us every thing
I like to see the thought process
Does he have ubuntu or kali im alittle confused does ubuntu have pen tools ?
I'm using Ubuntu. You can install any tools you'd like :)
wow
do you complete CTF-s before recording?
18:12's in Try English.
hONNjAMMOND
WHERE DID YOU COME FROM??!
I need to get involved in python
Import Viewer
Video.append(f"{silence.play()}...{silence.stop()}hey everybody, my name is John Hammond")
Viewer.heartattack()
Video.append(f"{rest of the video}")
Hehe
Hi
More like Kirby sucked up the flag. This comment is sponsored by LastPass