I startet using THM because of you, I even got the VIP supscription now to learn a lot in this quarantine situation. I have beaten blue and ice yesterday, but still excited to watch you and learn more. Excited how you tackled this, please make more HTB or THM videos
I also started thm after watching a few tutorials from John. It's a great branch from my core engineering spec and incredibly relevant in the world we live in.
This is really great stuff for people who are just getting started and can get insight into how you think through attacking a machine. I find this the most useful way to get started...learn a path well and then deviate from it as you learn more. THANK YOU
Hey, this actually was a good vid to watch. Interesting, even though I completed the machine before watching this, I still find it helpful to see how you took notes. Also I had to restart the machine about 5 times before it actually worked..
Just had a chance to go through this tutorial using tryhackme, just fantastic stuff. I was a teacher for about 17 years, your teaching style is fantastic.
Some people have that ability to teach / show concepts. You can be a guru on your field and not being able to communicated that. John has both! I love this channel. His and CyberMentor's channel are my two best UA-cam resources for PenTest.
When I first started with thm and htb I needed a helping hand to root even the simplest of boxes. Now I am getting used to the tools so it is getting easier than where I first started.
you are using awesome simple teaching method, it's easy to understand even a sutudent who did not have good sound of english...thank you..! do more try hack me rooms, from srilanka
Hey that's not a bad thing! Taking it slow means you can learn more, absorb new concepts and gain a bit more exposure, take better notes... all the good stuff. I just try and breeze through them so it can fit into a video that people would realistically watch ahaha. Thanks for watching!
You got me hooked in this site!! I have learned so much from you. I started from the bottom and within a couple of weeks I have majorly progressed in my skills as a ethical hacker. Keep up the good work!
You probably figured this out but for everyone who hasn't . At 9:01 nmap scan kept growing because brute force scripts got included. You wanna do this nmap --script="smb* and not brute"
thanks for the video..yesterday i was trying this machine but i was unable to create a meterpreter session...it was my first time using metasploit....thanks also make videos on other machines too
If you have problems successfully running the exploit ( /windows/smb/ms17_010_eternalblue) you probably need to change the LHOST option. Initially it is set to something like 192.168.x.x (you can confirm that with 'show options' or from the first log message in your terminal after running the exploit, as our lord and senpai John shows, which should be something like [*] Started reverse TCP handler on 192.168.1.12:4444. You need to change that to the IP that TryHackMe assigned for your machine when you connected to their VPN, so the reverse shell can actually find you. So, just follow John's steps and before running the exploit type "set LHOST 10.9.x.x"
I am currently doing some machines there. There is one that was really interesting, with priv escalation included. But I would be happy to get a FULL review from John, if he is able to finish the whole OSCP learning path there of course.
@U X Enough to know that you like your own comments lmao, don't too greedy man, just go to the CVE list or exploitdb to find other exploits. They wont be as critical as this exploit
Hey John, where did you learn most of the basics? Like the tools you use and they are used for, etc? but also, where do I learn more about history about past hacks?
A lot of it has been practice and exposure -- looking at UA-cam videos, seeing people use new tools, reading writeups and solutions and picking up on new techniques and tricks -- it all accumulates and you keep growing! History on past hacks -- I would recommend Googling and reading a lot of articles about what you are interested in. Thanks so much for watching!
Alex L he has stated multiple times that he is a beginner to this. When people first start it is necessary to use these scripts so they can learn how and why they work so in the future they can make their own. Nobody starts at anything being an expert in the field.
ı dont know english very well but ı can learn too much things from you. my own language videos sucks they dont know anything or they dont want to teach people. Anyway thanks for the videos
Hey John!, Love your videos!. I think they are supper interesting, well explained and entertaining. If you ever consider to develop content in Spanish , let me know!. I would love to help you with that. Cheers!
short way to do this CTF once you find the username and password in task4 there is 3389 port open its for RDP you can use rdesktop and login and search for file named flag .. you'll find all 3 flags easily
After I type the command "nmap -Pn -sC -sV -oN nmap/initial 10.10.82.251" in the terminal, I get this as a result and it's totally different from yours. >>>> "Starting Nmap 7.80 ( nmap.org ) at 2020-04-26 22:34 EDT Stats: 0:00:03 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan Connect Scan Timing: About 1.00% done; ETC: 22:39 (0:04:57 remaining) Nmap scan report for 10.10.82.251 Host is up. All 1000 scanned ports on 10.10.82.251 are filtered Service detection performed. Please report any incorrect results at nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 202.25 seconds"
Really cool vid even if it's an old 7 hack, it's interesting to see how powerfull is metasploit and eternal blue too. Did you go deep into metasploit functions ? I mean in the code, how a functionnality works... Nice vid. I like your work.
from speech import success as s youtube_comment = s.write(''' I finally did it!!! I changed the IP address of the reverse TCP handler and it worked!! Thanks for the priv esc in Vulnersity. I would have had no idea where to find a good one ''') print(youtube_comment)
Dude, I love how modest you are and i'm enjoying these video's, KEEEP UP
I startet using THM because of you, I even got the VIP supscription now to learn a lot in this quarantine situation.
I have beaten blue and ice yesterday, but still excited to watch you and learn more. Excited how you tackled this, please make more HTB or THM videos
Happy to hear that!!
I'll have to go through Ice real soon. Thanks for watching! I'll definitely try and get some more out there!
Hey can you give me your review about thm vip? Cuz I'm planning to get em too
I also started thm after watching a few tutorials from John. It's a great branch from my core engineering spec and incredibly relevant in the world we live in.
Thank you Mr John for quick and useful learning
This is really great stuff for people who are just getting started and can get insight into how you think through attacking a machine. I find this the most useful way to get started...learn a path well and then deviate from it as you learn more. THANK YOU
Happy to hear that! Thank you so much for watching!
I would have never got through this exercise without you John.
Please keep up the amazing work
Loving this content. THM is so fun and engaging, can't wait to see some more!
Very happy to hear that! Thanks so much for watching!
I absolutely love this content, I want to study cyber security when I go to college so these videos just make me more excited
Im learning a lot by doing and practicing from you
Hey, this actually was a good vid to watch. Interesting, even though I completed the machine before watching this, I still find it helpful to see how you took notes. Also I had to restart the machine about 5 times before it actually worked..
Just had a chance to go through this tutorial using tryhackme, just fantastic stuff. I was a teacher for about 17 years, your teaching style is fantastic.
Some people have that ability to teach / show concepts. You can be a guru on your field and not being able to communicated that. John has both! I love this channel. His and CyberMentor's channel are my two best UA-cam resources for PenTest.
These videos are awesome! Quick and straight to the point, keep them up! Thanks for teaching us
When I first started with thm and htb I needed a helping hand to root even the simplest of boxes. Now I am getting used to the tools so it is getting easier than where I first started.
you are using awesome simple teaching method, it's easy to understand even a sutudent who did not have good sound of english...thank you..! do more try hack me rooms, from srilanka
You sir are an absolute pleasure to watch and learn from, thank you.
Awesome as always man! I've done this one just earlier but you've done it 100x quicker than me!
Me such noob! >.
Hey that's not a bad thing! Taking it slow means you can learn more, absorb new concepts and gain a bit more exposure, take better notes... all the good stuff. I just try and breeze through them so it can fit into a video that people would realistically watch ahaha. Thanks for watching!
Nobody:
Me: Thinking about how join this room to hack this machine
You got me hooked in this site!! I have learned so much from you. I started from the bottom and within a couple of weeks I have majorly progressed in my skills as a ethical hacker. Keep up the good work!
woww, just like attitude and positive energy, I'm starting to watch all of your videos, much to learn!!!
Some people listen to asmr to go to sleep, I watch this tryhackme series, it’s soooo relaxing idk why 🤣
Subscribed right now with out any hesitation...... Best man on youtube
Watching this after I finished mine for 3hours. But you sir finished it less than 30mins. Salute! Instant subscribe hehe
You probably figured this out but for everyone who hasn't . At 9:01 nmap scan kept growing because brute force scripts got included. You wanna do this
nmap --script="smb* and not brute"
nice
i really like it, your methodologies it's very simple and anyone can understand, very cool
Hello John! I am very thankful for this educating video. I have learned a lot.
thanks for the video..yesterday i was trying this machine but i was unable to create a meterpreter session...it was my first time using metasploit....thanks also make videos on other machines too
Oh boy, congrats on using Metasploit for the first time! Thanks for watching -- hope to have more videos out on TryHackMe soon enough!
im learning so much with those videos! ty so much!
dont stop this work! we love it!
If you have problems successfully running the exploit ( /windows/smb/ms17_010_eternalblue) you probably need to change the LHOST option.
Initially it is set to something like 192.168.x.x (you can confirm that with 'show options' or from the first log message in your terminal after running the exploit, as our lord and senpai John shows, which should be something like [*] Started reverse TCP handler on 192.168.1.12:4444. You need to change that to the IP that TryHackMe assigned for your machine when you connected to their VPN, so the reverse shell can actually find you.
So, just follow John's steps and before running the exploit type "set LHOST 10.9.x.x"
N1, this needs more upvotes
Thx a lot!
Συμβαινει διοτι το network διαχωριζεται απο το vpn οποτε πρεπει να βαλεις το tun0 συνηθως
Thank you so much! I've been looking for a way to play CTFs from my Android running nethunter and this is exactly what I've been looking for.
Thanks john for this cool walkthrough
Newly joined on this channel. Im absolutely loving this series. Please keep these coming!
That's very cool. wish more people would learn this, and in that how to configure their machines against it. This is a very cool learning site.
Definitely agreed, TryHackMe is great! Thanks for watching!
Much love man, really impressed by your arsenal
very understandable, I like the style, definetely stickign around
The beginning of every legend
Brilliant work!!!👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👍🏻👍🏻👍🏻👍🏻👍🏻👍🏻👍🏻
Thank you so much. Loved it. I am a newbie and ur explanations are perfect
great video john...love from india🙂✌️you are doing great thing for the community
I finished it. It was kinda easy. And now I'm watching your video to find if I missed anything 😁😄
I love TryHackMe, It's really helped me with my Cyber Security learning
me too
Nice to see some Lua in the wild.
i love your tryhackme series a lot. thank u
Flags:
🏳Flag 1 {C:/}
🏴Flag 2 {C:/Windows/System32/Config/flag2.txt}
🏳Flag 3 {C:/Users/Jon/Documents/flag3.txt}
Thank for your help
This one is so much more fun when using the stand alone python exploit
U want to use your own exploits?? Huh did I get that right or what cuz dats impossible
Thank you good lesson. 👍👍👍👍🇱🇰
Appreciate it, thanks for watching!
I like your videos ,and you are super fast in typing
thanks
Thank you! i love these videos
Happy to hear that! I'll try and get more of them out soon!
johm hammond just the everset of ethical hacking
love this website series. I definitely need more
Hi John, I just saw that try hack me had a learning path for OSCP can we have your thought on it please?
I can certainly try to take a look at it soon! Thanks for watching!
@@_JohnHammond Thank you !!
I am currently doing some machines there. There is one that was really interesting, with priv escalation included. But I would be happy to get a FULL review from John, if he is able to finish the whole OSCP learning path there of course.
@U X make your own
@U X Enough to know that you like your own comments lmao, don't too greedy man, just go to the CVE list or exploitdb to find other exploits. They wont be as critical as this exploit
Awesome Mr John
I love these so much !
Very happy to hear that! Thanks for watching!
Thanks for this content.
More of this please. You're helping me a lot trying to learn hacking.
Greetings from Germany
Was about to write tht u could use search but u did lmfao great vid man
Awesome video, thank you!
Great work , John.
Had no idea Seth Rogan was into computers as well
thank you!
ohh the lovely xps15
Please more of TryHackMe!!!
Thanks , keep going
I LOVE IT! DO MORE VIDEOS
More on the way! Thanks for watching!
awesome video as always! learned lots of new things keep making more!
Thanks!
EternalBlue!!! One of my favorite exploits! Great video :) keep up the awesome work
Such an easy gun ahaha. Thanks for watching!
@@_JohnHammond very much so lol. my pleasure!
Hey John, where did you learn most of the basics? Like the tools you use and they are used for, etc? but also, where do I learn more about history about past hacks?
A lot of it has been practice and exposure -- looking at UA-cam videos, seeing people use new tools, reading writeups and solutions and picking up on new techniques and tricks -- it all accumulates and you keep growing!
History on past hacks -- I would recommend Googling and reading a lot of articles about what you are interested in. Thanks so much for watching!
he doesn't know anything, silly kid just googled, installed a hacking tool made by someone else and showed up here ))
Alex L he has stated multiple times that he is a beginner to this. When people first start it is necessary to use these scripts so they can learn how and why they work so in the future they can make their own. Nobody starts at anything being an expert in the field.
@@withincode6848 I'm a beginner. I'll do this for 50 years and I'll still be a beginner. There is always more to learn and practice. :)
Mario, is/was your MOS related to IT? Former 0651 here
Thank You Boss!!!
Best in the Business!!!
nice explanation
Good one.
Very nice tutorial, please keep going
Happy to hear that! Thank you so much!
this video is awesome
Thanks
The thank you goes to you! Thank you for watching!
Good explain learn lot of 🌿
Yeah I’m on this tomorrow morning.
Amazing !!
Watching this is fun
great video and a great platform, love ur video!
Nice work!
ı dont know english very well but ı can learn too much things from you. my own language videos sucks they dont know anything or they dont want to teach people. Anyway thanks for the videos
Thank u very much
Thank YOU for watching!
awesome !!!!!!!
Thank you! And thanks for watching!
thanks you:)
Your usage of 'tak' does my head in.
Hey John!, Love your videos!. I think they are supper interesting, well explained and entertaining. If you ever consider to develop content in Spanish , let me know!. I would love to help you with that. Cheers!
Don't mind me, just doing my share of UA-camr algorithm things...
Ready,
Awesome
Thanks for watching!
short way to do this CTF
once you find the username and password in task4 there is 3389 port open its for RDP you can use rdesktop and login and search for file named flag .. you'll find all 3 flags easily
Clever
OOooh, that is awesome! Good call!
Going back and doing this again for the reverse shell section you have to use MSF v5, right now v6 errors out and has some known issues.
Clear
All apps one madel work headel 👍 nice
Keep up the good work! My flag2.txt was also missing from the C:\Windows\System32\Config dir, I wonder how that happened :s
Would be good if people said why they disliked.
After I type the command "nmap -Pn -sC -sV -oN nmap/initial 10.10.82.251" in the terminal, I get this as a result and it's totally different from yours. >>>>
"Starting Nmap 7.80 ( nmap.org ) at 2020-04-26 22:34 EDT
Stats: 0:00:03 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 1.00% done; ETC: 22:39 (0:04:57 remaining)
Nmap scan report for 10.10.82.251
Host is up.
All 1000 scanned ports on 10.10.82.251 are filtered
Service detection performed. Please report any incorrect results at nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 202.25 seconds"
Tes le meilleur
Really cool vid even if it's an old 7 hack, it's interesting to see how powerfull is metasploit and eternal blue too. Did you go deep into metasploit functions ? I mean in the code, how a functionnality works...
Nice vid. I like your work.
I have not yet for the Eternalblue exploit but I can try and do that in a future video. Thanks for watching!
I just couldn't get pass `Triggering free of corrupted buffer`
did you find any way out?
from speech import success as s
youtube_comment = s.write('''
I finally did it!!! I changed the IP address of the reverse TCP handler and it worked!! Thanks for the priv esc in Vulnersity. I would have had no idea where to find a good one
''')
print(youtube_comment)
how
when I try run my metasploit it fails 3 times and says it completed but no session was created