To be real hacking is more like sex. Sometimes the other party just won't participate and there is nothing to gain, however once they do participate you will likely go in and out each time deeper and deeper multiple times until something brakes and you're done. Yes some times you can try brute forcing things, but it only works if the other party is weak. If you can't brute force things and well things don't go anywhere, you should try various other approaches and see if taking your time will make a difference.
Its crazy to think this was the exact video that got me into cybersecurity a little over 1 year ago and this week i just landed a job in the industry. Much love to the UA-cam algorithm!
@@halzoun6195 yeah I was in University studying information systems. So i already had a background in web development and some other programming. Also I wouldn't say i picked it up in a year because i am still trying to learn every day.
Great to see a higher level pentest explanation type video which doesn't bore you to death with every tiny detail but still goes over each of your steps. If we see a tool or vector that's new to us we can follow up at a lower level later. For a 30 min video you kept up a speed and momentum that was so easy to follow and engaging it seemed like its was much shorter. To me the sign of good video making is when you realise what you thought was short 5 or 10 min of viewing was actually half an hour or more. Definitely leaving a deserved Thumbs Up on this Video and I'm now off to check out you other content. If this video is a typical I will be subscribing for sure.
I totally agree with this random stranger on the internet. I hope there's more videos on this try hack me stuff on your channel! Nice video and hope to be seeing more of those!
my machine had port 8009 open so i spent most of the hour researching apache tomcat "ghostcat" vulnerability and was completely lost. humbled once again..
I knew cybersec/pentesting was a challenge and a puzzle, but I never knew it was like this! Thank you for confirming that it's something I'd like to do with my life!
I took a class in Cyber Security during my Bachelor's some years ago. This was a cool way of seeing some of those concepts actually applied. I found your way of solving the problem very informational, and it was definitely very entertaining
The phrase I expect to hear after "really opened my eyes to what must be done to gain access" is you DON'T want to do cybersecurity (or your own hacking). I have a hard time imagining what you mean. Is it: "cybersecurity sounds like a really easy job, because I can sit back and know there are so many defences already in place"? I can't imagine any other way you get from your first thought to the second. Are you just lazy, or really excited about learning how to invade the privacy of others? Nothing else makes sense here.
@@cdev-kz3lj yeah, I don't get invited to parties anymore since all the fatalities at the last one. But you can hardly blame me, the axe was right there, just begging to be used!
im very new to pen testing but I am learning. Even though I can barely follow what your doing, seeing how you actually go about the process is incredibly enlightening.
I didn't understand a single thing of what you were doing over there and I don't like programming/ hacking/whatever at all but I somehow still watched it entirely. That's a big like from me :)
Currently a cybersecurity student and just recently finished a class on pentesting and will be participating in pentesting tournaments soon with my school. Amazing job and what a great resource that you have shared hopefully we will be using this site to practice! Thank you!
i know im in delay of 4 years but just wanted to say it is one of the most helpful videos i even seen in this video you shows so much tools that i can use for pentesting and ctfs thank you very much! learned so much from this video!
I have recently discovered your channel and there is no way for me to leave any watched video without thumbs up. I really like your style and way how you share knowledge. Awesome work! There's so much to learn!
First time I watched this video I didn't understand a single thing. After less than a month of hard study, now I get 100% of it! That's so satisfying, even though it's considered an easy challenge.
Oh man. John coming at us AGAIN with the great info! This is exactly what I was looking for. I've done a few HTB challenges. But I usually need help during them, because there are basic fundamentals I don't understand. And there are tools I didn't know exist. I can fumble my way through some boxes, but I'm usually pulling out my hair. This is a wonderful service. And will hopefully solve exactly that issue for me. Thank you!
@@UnknownSend3r HTB is still great, and I highly advise it. It's super fun. I'm still quite unfamiliar with the Linux system as a whole. The syntax of many of the tools. And which tools to use, why, and when. Sometimes I simply don't know where to look. But. The more practice I do, the more I learn. Hack The Box is great, but it just kinda throws you in and you just like - do it. I like that. Try Hack Me has stepping stones. Give them both a shot. DuckDuckGo and UA-cam have been extremely helpful though! xD
@@user-yd7ug3jb4t thanks, really appreciate the advice. Il definitely give HTB a go along with THM. Before I start any of them I plan to complete overthewire (along with my RHCSA studies) to get me familiar with the Linux command line. I also think since you're unfamiliar with the Linux system OTW would be a great place to start. It's geared towards those with little Linux experience who are interested in cybersec/hacking, and provides you with what commands you might need to complete each task. Goodluck on your journey.
I've watched several videos about cybersecurity or "hacking" but never actually found anything really useful or interesting. Let's just say I'm glad I found yours, because I've just learned more in 30 minutes than I have in any of the other videos I've watched!
I watched this the first time and got motivated (Had no idea what was going on though). So I went over to overthewire bandit and after reading TONS of articles I was able to finish all the levels(I had zero experience in this field, also had to see 4 solutions). Now I'm in picoCTF checking out different fields(Whilst reading TONS of articles). I came back here and surprisingly I understood most of the things that you did (Not that I know the tools you used or anything but I can relate to the concept itself). The only thing that I have to read about to understand more is the ssh2john part. Anyways Just letting you know that your videos are an inspiration. I have been training since 1st October and I will be joining a capture-the-flag competition which is for middle east. I'll keep you updated with the results (I am not expecting to get a good rank but want to see how well I can do).
This is excellent!! Liked, of course. So I’ll be watching again and again-not until I like it but until I completely understand it! Really good content, pace, insight and quality. Thank you so much.
Thanks for teaching me about gobuster, enum4linux, basic Hydra usage, linpeas and ssh2john. It might seem simple to use these tools, but not knowing about their existence is a hurdle to overcome. Cheers!
I've been using computers my whole life and my entire career is in software but I have never really dabbled in pen testing or "hacking" even though I am familiar with the concepts. I am so glad I came across your video because it really inspired me to learn more about it and it seems like TryHackMe! is the exact type of platform that I do best on when trying to learn new concepts. You gave a very brief explanation each time you used a new utility in your toolkit but to save us time scrubbing your video and searching for everything, would mind updating the description and listing out and/or linking to what was used? Thanks for posting this video - I love your style.
Its like a gamer trying to play dwarf fortress for the first time. Its completely gibberish to an untrained eye and it probably takes months or years to begin to understand. All in good practice though I assume.
Honestly the most important thing too understanding this video is becoming familiar with Linux. I'm not at all interested in pen-testing as a career, my only involvement is watching these videos. However, I'm able to keep up with the videos just with my existing knowledge of Linux. All the special tools he uses to brute force accounts are pretty self explanatory with a quick Google search.
Thanks for everything John Hammond. You inspired me a lot as a cybersecurity student. I hope one day i will be like you. You are the GOAT. A great fan from FRANCE ❤
John Thank you brother for the walk thru I wanted I'm on hackthebox atm but I'm more or less a kiddy Been learning last 2 years ty for showing so much of your work where it is 2nd nature to you it is foreign for me so Thank you very much!!!
@@brotherindeed992 const f = "H"; let u = "E"; let c = "L"; let k = "LO"; let y = "W"; let o = "O"; console.log(f + u +c + k); let u = "RLD"; console.log(y + o + u); This took me so long to type
Little sad that my university's IT program didn't have a pen testing course or introduction aside from mentioning it as a side topic. I took some Linux security courses focused on policies and configuration but I never really got exposed to tools such as these. However, I did take some digital forensics courses, so this was very similar to that with respect to data investigation. Also decent hint for threat modelers and network admins to pay attention to their policies considering how easily these tools can slip through.
I've just discovered your channel. I'm super super new at learning coding, hacking and all this, but your videos are really enjoyables! and you help a lot to familiarize with all the technical words and stuff (yeah, I'm not that technical for now XD). Thanks for explaining what you do and what you see, I've already subscribed.
I love how free from shame TryHackMe is. I tried to get into pentesting very early on, I think this was the early 00's, with a similar service. But back then, there was so much snobbery. The site was meant to be used to learn, but you got no hints, no instructions. You just loaded up the first page and was supposed to know what to do already. This was when search engines were still in their very early versions, so trying to look up writeups wasn't an option either. Going on forums would give you one of two responses: Why are you hacking? and You don't even know the basics? So yeah, it was hard getting into pentesting 15-20 years ago, unless you shelled out a few thousand on courses. You couldn't really go for the books, since nobody would tell you what you needed to research. But today, with services like TryHackMe, it's much more open. Free, or close to free education for the masses. And Internet has become a much more secure place thanks to it.
Hey John, I've recently been made redundant and I was in two minds of a career change at age of 41. I started looking into cybersecurity your channel popped up in the search results. I watched this video to the very end, I sat back in my chair, I took a sip of my tea thinking, that was f@£king cool!! I want to do that for a career. I'm now on the long path to become an expert in cybersecurity just because of your video, thank you.
@@IkkeBareAnders Hi Anders, tbh at the beginning information overload to pick theough. The path I decided to go down is Hack the box learning path. Ive come to grips with the tool about 2 months ago I'm doing bug bounties hacker1 im still along way off my goal one hack at a time.
New subscriber here. I saw you on Network Chuck’s stream “Learn how to hack” from Dec 2020. I was a communication/electrical engineer for my career and worked on network design and implementation. I really enjoy learning how things work and this is interesting stuff. All the best!
I’m 15:00 in and I’ve come to realize that being able to build a PC, overclock it’s hardware, instal an OS and other hardware monitoring programs is not very impressive in the world of PCs. I understood a very minimal amount of what you were doing. Looking at the source code of a website, and using the program similar to a command prompt. What you were telling the program to search for - no idea. The significance of those 4 numbers you noted down is - no idea. I imagine it would take years of practise to actual be able to hack something. My 34 year old brain isn’t a sharp as it used to be and is only going to get worse. The ship may have sailed for me regarding the ability to hack. I have enjoyed what I’ve watched so far! Well done!
@@ekonomija8718 Very good but most machines have private ip addresses within a single network space, that has its own public ip address. This is because with IPv4, around 4 billion addresses are possible, and yet we have billions of IoT devices, so we use the public one as the "gateway" into the network, usually a router, and each individual device has its own private ip address within the network
wow, I loved how you did all of this in a 30 min video while it took me over a day to get it. But I didn't know about many of these tools you mentioned here. Thanks for the video and keep up the good work.
He probably already completed it on its own. I also didn't knew about some of the tools. But for example Nmap and dir/gobuster are very frequently used for recon
Just found this video after looking into THM. I've always had easier learning from watching something get done than to just read about it theoretically. I know it's a bit over a year old but this still gave me some valuable knowledge and a few ideas on how to do things on my own later on. Thank you. Subbed ofc. 10/10 channel!
It would be great if you made a catalog of all the tools you have ready in opt. Although I know most of them I never actually install them in my Linux machine and would be great to have a place where everything is kept for a rainy day :)
Thank you brother your funny as heck. Man, I appreciate your openness throughout this walk-through. Also your willingness to help others who may not be as far along as you are in this Field. What are your Goals after this, and have you reached them, or are you still going to make Quality Content for us Viewers to enjoy? I want to say thank you for your time and the Passion that you have for this.
liked after 1 playthrough with intent to re watch because I enjoyed the first round so much I want to savor the sweet flavor of knowledge that is so refreshing to see and hear, videos are the new TEACHING method that work. Thank you so very much for making this!
Thank you @John for another great tutorial. Want to add that new version of gobuster require to point out what type of bruteforcing mode we will use example gobuster dir -w -u Many thanks, cheers
Hi John. Amazing videos. Hardly had any clue what was going on but found it fascinating nonetheless. Just out of curiosity, do you know or would recommend any resources to learn absolute basics from?
John, you are great! it's funny this video it's around 30 minutes but it took me about a week to actually do it! lol. You had multiple programs already install and since I didn't, I was forced to stop all the time and quickly install them and then continue with your video. Regardless I felt like a pro once I completed the video and the room in TryHackMe. Therefore, thank you, John! I'm planning on following your content closely and practicing as much as possible in Try Hack me!!
@@andrefreewill4730 awesome. I yried metasploit on my own android but I couldnt get access. Or at least results. I tried the camera and a few others. But thats why we are always learning, right? It's fun
As far as I know, no -- it is not in their Exam Restrictions. support.offensive-security.com/oscp-exam-guide/ I had used LinEnum without an issue. Thanks for watching!
i'm a C# game dev in Unity, never done any kind of hacking related stuff but this is still amazing to watch. and i actually understand half the things!
that is basic, thhe users had weak passwords like 'armando' no capitals no numbers no special chars and a short password. It's just asking to get broke into :D
@@muath1125 If you use in a 7 char length passwort only lowercase letters, the password can easy brutforced. (26)^7 = 8,031,810,176 password combinations. Lower and uppercase letters (26+26)^7 = (52)^7 = 1,028,071,702,528 password combinations. Lower & upper & numbers (52+10)^7 = (62)^7 = 3,521,614,606,208 combinations. Lower & upper & numbers & special chars (62+26)^7 = (88)^7 = 40,867,559,636,992 combinations. With those kind of combinations, its extremly hard to brutforce. I recommend a password length of minimum 18 chars with lower & upper & numbers & special chars: 88^18 = 100,158,566,165,017,531,560,835,501,527,138,304 possible password combinations.
![Conduct a Penetration Test Like a Pro in 6 Phases [Tutorial]](/img/n.gif)
he never said "Im in" when hacking.... Very dissapointed
epic letdown
Looks like a amature hacker, no i'm in is a big no
Saying I’m in is the difference between a good and great hack. He will seriously need to work on this if he wants to improve.
Nice
To be real hacking is more like sex. Sometimes the other party just won't participate and there is nothing to gain, however once they do participate you will likely go in and out each time deeper and deeper multiple times until something brakes and you're done. Yes some times you can try brute forcing things, but it only works if the other party is weak. If you can't brute force things and well things don't go anywhere, you should try various other approaches and see if taking your time will make a difference.
This is not hacking. All the texts are not in bright green color and doesn't have that "pip" sound on every letter pressed
Agreed, no Mr.Robot here
@@natking1u1z99 mr robot is accurate tho
@@natking1u1z99 Sorry Mr Robot is too accurate for this
@@natking1u1z99 wdym, mr.robot is actually pretty accurate when it comes to hacking (so no green colors or pip sounds)
@@natking1u1z99 ?????? did you even watch mr robot?
i didn't understand a single shit of what was happening but i loved every single bit of it
You and me both lol
Haha same, hopefully one day most of this stuff doesn't fly over my head!
Start learning linux. That alone will make a lot of this stuff very clear.
"a single shit" I lold
i dont even know how to program and i find this very interesting even tho i dont understand whats going on :D
Its crazy to think this was the exact video that got me into cybersecurity a little over 1 year ago and this week i just landed a job in the industry. Much love to the UA-cam algorithm!
Do you have relative backgrounds of computer science before that? bc it sounds incredible to pick up cybersecurity within a year
@@halzoun6195 yeah I was in University studying information systems. So i already had a background in web development and some other programming. Also I wouldn't say i picked it up in a year because i am still trying to learn every day.
Man you really made me watch 30 min and I didn`t even get bored xD. Great video.
same!
before reading this comment i didnt even think this video was 30 mins long well those 30 mins were well spent...
I am now in anonymous
hello Mr. Blizy i am big fan pls send me csgo knife please yes?
yes
Lol
elo blizy give naif yez
@@nahomgetiye2468 No you can't.
Yes we can.
Nope!
Great to see a higher level pentest explanation type video which doesn't bore you to death with every tiny detail but still goes over each of your steps.
If we see a tool or vector that's new to us we can follow up at a lower level later.
For a 30 min video you kept up a speed and momentum that was so easy to follow and engaging it seemed like its was much shorter. To me the sign of good video making is when you realise what you thought was short 5 or 10 min of viewing was actually half an hour or more.
Definitely leaving a deserved Thumbs Up on this Video and I'm now off to check out you other content. If this video is a typical I will be subscribing for sure.
Thanks so much! Appreciate all the kind words, I am happy to hear the video is well-received. Thanks for watching!!
I totally agree with this random stranger on the internet. I hope there's more videos on this try hack me stuff on your channel! Nice video and hope to be seeing more of those!
Hello
Ok boomer 🤣
Yeah yeah it was lit 👍
A real hacker would be wearing sunglasses in a dark room and listening to techno.
And big black hood
@@dermottobin9 I think you mean Doritos.
@@hematogen50g damn you beat me to this comment lol
aw man they missed out on the chance to call it 'trypenetrateme!'
I was gonna like your comment but it's sitting at 69 likes... nice
update... someone already fucked it up :/
lets get it to 420 then
It's so akward when you have to explain what pentester means..
@@xiampiii It's at 420 likes now.
my machine had port 8009 open so i spent most of the hour researching apache tomcat "ghostcat" vulnerability and was completely lost. humbled once again..
You: And boom! we just completed the basic room!
Me: WTF was basic about that!?
Kkkkkkk mesma coisa irmão
Hermínio Cossa tf
Apenas Hackermans entendem Hackermans
@@herminiocossa3475 ne
It stops being basic when you have to develop your own tools and exploits lol
I knew cybersec/pentesting was a challenge and a puzzle, but I never knew it was like this! Thank you for confirming that it's something I'd like to do with my life!
I took a class in Cyber Security during my Bachelor's some years ago. This was a cool way of seeing some of those concepts actually applied. I found your way of solving the problem very informational, and it was definitely very entertaining
I've been thinking of pursuing cyber security in uni, what's it like?
Starting my degree in Cyber Security this year, can't wait.
How did that turn out? 😁
😂😂@@dinnerwithjayz
Wow seeing this walkthrough has really opened my eyes to what must be done to gain access. I'm definitely getting into cybersecurity now. Great video!
Excellent, I am very happy to hear that! Thanks so much for watching!
The phrase I expect to hear after "really opened my eyes to what must be done to gain access" is you DON'T want to do cybersecurity (or your own hacking). I have a hard time imagining what you mean. Is it: "cybersecurity sounds like a really easy job, because I can sit back and know there are so many defences already in place"? I can't imagine any other way you get from your first thought to the second. Are you just lazy, or really excited about learning how to invade the privacy of others? Nothing else makes sense here.
@@squirlmy He probably just thinks that this was cool ^^
@@squirlmy you're great at parties I bet
@@cdev-kz3lj yeah, I don't get invited to parties anymore since all the fatalities at the last one. But you can hardly blame me, the axe was right there, just begging to be used!
Just started pen-testing in school whilst learning network security. Learned more during this than I did during 1 month of lectures+labs. Thank you!
I can't believe I haven't heard of tryhackme before but I'm so excited to go try it out! Great video, can't wit to learn some new stuff!
I hope you enjoy it, I think it is a blast! Thanks for watching!
And also hack the box ,just try that
Are u a experienced hacker ?
@@AkashwithUS google
I like it because it is like a puzzle game so you can have fun while you training.
im very new to pen testing but I am learning. Even though I can barely follow what your doing, seeing how you actually go about the process is incredibly enlightening.
I didn't understand a single thing of what you were doing over there and I don't like programming/ hacking/whatever at all but I somehow still watched it entirely. That's a big like from me :)
Thanks for showing this site off, I'm about a month out from OSCP exam and I am going to run through the OSCP prep path.
Heck yeah! That's a solid plan! Hopefully I can get some videos out for the OSCP path soon. Thanks for watching!
Nate Golick good luck on OSCP exam Nate!
@@aqeebhussain9032 Thank you 🙏
All the best!
How did it gooo? :D
i just got a basic knowledge on priv esc but this video just got me know much more that i learned in my whole life before
Currently a cybersecurity student and just recently finished a class on pentesting and will be participating in pentesting tournaments soon with my school. Amazing job and what a great resource that you have shared hopefully we will be using this site to practice! Thank you!
That is excellent, awesome to hear that!! Thanks so much for the kind words, I do hope you use TryHackMe to learn more and more!
added to my to-do list about a year ago then forgot about it and today I finally completed the room. Thanks to you.💯
I'm in IT administration for 20 years but never went in-dept in that stuff. Now you left me speechless.
if youre an admin for 20 years chances are really high that you never even properly learned about cyber security at all
i know im in delay of 4 years but just wanted to say it is one of the most helpful videos i even seen
in this video you shows so much tools that i can use for pentesting and ctfs
thank you very much! learned so much from this video!
John, thanks for making this video. Was really great to VPN in and use my own kali box as the attack box. Learned a lot of cool stuff.
I have recently discovered your channel and there is no way for me to leave any watched video without thumbs up. I really like your style and way how you share knowledge. Awesome work! There's so much to learn!
John you made by life so easier by posting these videos and explaining everything in details!Thanks a lot it really helps newbies to learn ctfs!
Totally agree!
First time I watched this video I didn't understand a single thing. After less than a month of hard study, now I get 100% of it! That's so satisfying, even though it's considered an easy challenge.
Oh man. John coming at us AGAIN with the great info!
This is exactly what I was looking for. I've done a few HTB challenges. But I usually need help during them, because there are basic fundamentals I don't understand. And there are tools I didn't know exist. I can fumble my way through some boxes, but I'm usually pulling out my hair.
This is a wonderful service. And will hopefully solve exactly that issue for me. Thank you!
I was looking forward to starting HTB, what fundamentals would you say you were missing so that I may check if I'm on the same boat as you.
@@UnknownSend3r HTB is still great, and I highly advise it. It's super fun. I'm still quite unfamiliar with the Linux system as a whole. The syntax of many of the tools. And which tools to use, why, and when.
Sometimes I simply don't know where to look. But. The more practice I do, the more I learn.
Hack The Box is great, but it just kinda throws you in and you just like - do it. I like that.
Try Hack Me has stepping stones.
Give them both a shot.
DuckDuckGo and UA-cam have been extremely helpful though! xD
@@user-yd7ug3jb4t thanks, really appreciate the advice. Il definitely give HTB a go along with THM. Before I start any of them I plan to complete overthewire (along with my RHCSA studies) to get me familiar with the Linux command line. I also think since you're unfamiliar with the Linux system OTW would be a great place to start. It's geared towards those with little Linux experience who are interested in cybersec/hacking, and provides you with what commands you might need to complete each task. Goodluck on your journey.
@@UnknownSend3r I'll check it out! Good luck on your endeavours!
Please make more of these videos of you explaining the steps. This video motivated me to get off my couch and turn on my laptop at 1am. Thank you!!!
no "I'm attacking the firewall" and visualization of tetris being played to break said wall....disappointed
I've watched several videos about cybersecurity or "hacking" but never actually found anything really useful or interesting.
Let's just say I'm glad I found yours, because I've just learned more in 30 minutes than I have in any of the other videos I've watched!
I watched this the first time and got motivated (Had no idea what was going on though).
So I went over to overthewire bandit and after reading TONS of articles I was able to finish all the levels(I had zero experience in this field, also had to see 4 solutions).
Now I'm in picoCTF checking out different fields(Whilst reading TONS of articles).
I came back here and surprisingly I understood most of the things that you did (Not that I know the tools you used or anything but I can relate to the concept itself).
The only thing that I have to read about to understand more is the ssh2john part.
Anyways Just letting you know that your videos are an inspiration.
I have been training since 1st October and I will be joining a capture-the-flag competition which is for middle east.
I'll keep you updated with the results (I am not expecting to get a good rank but want to see how well I can do).
ssh2john is just a command for John the Ripper for bruteforcing ssh2 passwords
This is excellent!! Liked, of course. So I’ll be watching again and again-not until I like it but until I completely understand it! Really good content, pace, insight and quality. Thank you so much.
Thanks a lot for giving the overview. Really helpful for n00bs like me.
Happy to hear that! Thanks so much for watching!
Thanks for teaching me about gobuster, enum4linux, basic Hydra usage, linpeas and ssh2john. It might seem simple to use these tools, but not knowing about their existence is a hurdle to overcome. Cheers!
I've been using computers my whole life and my entire career is in software but I have never really dabbled in pen testing or "hacking" even though I am familiar with the concepts. I am so glad I came across your video because it really inspired me to learn more about it and it seems like TryHackMe! is the exact type of platform that I do best on when trying to learn new concepts. You gave a very brief explanation each time you used a new utility in your toolkit but to save us time scrubbing your video and searching for everything, would mind updating the description and listing out and/or linking to what was used? Thanks for posting this video - I love your style.
Great video. I followed along and learnt a lot but would never be able to do it on my own. Yet
Him: "obviously this is some kind of beginner room here"
Me: Doesn't understand at all what he is doing and just sees random letters and numbers.
Its like a gamer trying to play dwarf fortress for the first time. Its completely gibberish to an untrained eye and it probably takes months or years to begin to understand. All in good practice though I assume.
Honestly the most important thing too understanding this video is becoming familiar with Linux. I'm not at all interested in pen-testing as a career, my only involvement is watching these videos. However, I'm able to keep up with the videos just with my existing knowledge of Linux. All the special tools he uses to brute force accounts are pretty self explanatory with a quick Google search.
This video randomly came up while i left my phone aside while playing a video ..
great content on this page 🙌🏻
Seems like a more organized version of Hack The Box. Definitely giving this a spin.
I tend to agree -- I'm sure you will love it if you try it out, there is a lot of great activities in there!
Yeah, I visited the site today and it does feel more organized and also If we subscribe we can get paths which is amazing for newbies like myself.
More focused on learning
Thanks for everything John Hammond. You inspired me a lot as a cybersecurity student. I hope one day i will be like you. You are the GOAT.
A great fan from FRANCE ❤
John Thank you brother for the walk thru I wanted I'm on hackthebox atm but I'm more or less a kiddy Been learning last 2 years ty for showing so much of your work where it is 2nd nature to you it is foreign for me so Thank you very much!!!
Just realized how much I've got to learn.
I appreciate your work. I am currently taking an Ethical Hacking course and find it very helpful watching you quickly go through the steps.
me - print("hello world")
*I AM HACKER*
#Include
Int main();
{
std::cout
@@brotherindeed992 Weird flex but ok
@@brotherindeed992 const f = "H";
let u = "E";
let c = "L";
let k = "LO";
let y = "W";
let o = "O";
console.log(f + u +c + k);
let u = "RLD";
console.log(y + o + u);
This took me so long to type
@@brotherindeed992 Wait, how do you use std::cout with lol
Either std::cout from or printf() from
@@h-0058 I learnt c++ on my own but my college demands I write all programs in c, hence the mindfuck.
Used this video as reference the two times I got stuck - helped me not rabbit hole inefficiently - thank you!
I have no clue what just happened, but it was very entertaining!
Great video. I like your style. Thanks. Can't wait to see your next one.
Little sad that my university's IT program didn't have a pen testing course or introduction aside from mentioning it as a side topic. I took some Linux security courses focused on policies and configuration but I never really got exposed to tools such as these. However, I did take some digital forensics courses, so this was very similar to that with respect to data investigation. Also decent hint for threat modelers and network admins to pay attention to their policies considering how easily these tools can slip through.
simple and enough for beginner level . good videos
I've just discovered your channel. I'm super super new at learning coding, hacking and all this, but your videos are really enjoyables! and you help a lot to familiarize with all the technical words and stuff (yeah, I'm not that technical for now XD). Thanks for explaining what you do and what you see, I've already subscribed.
i just tried this challenge today, and it was good to follow your techniques and procedures.
I love how free from shame TryHackMe is. I tried to get into pentesting very early on, I think this was the early 00's, with a similar service.
But back then, there was so much snobbery. The site was meant to be used to learn, but you got no hints, no instructions. You just loaded up the first page and was supposed to know what to do already.
This was when search engines were still in their very early versions, so trying to look up writeups wasn't an option either. Going on forums would give you one of two responses: Why are you hacking? and You don't even know the basics?
So yeah, it was hard getting into pentesting 15-20 years ago, unless you shelled out a few thousand on courses. You couldn't really go for the books, since nobody would tell you what you needed to research.
But today, with services like TryHackMe, it's much more open. Free, or close to free education for the masses. And Internet has become a much more secure place thanks to it.
Don’t stop these videos they are amazing!!!
Hey John, I've recently been made redundant and I was in two minds of a career change at age of 41. I started looking into cybersecurity your channel popped up in the search results. I watched this video to the very end, I sat back in my chair, I took a sip of my tea thinking, that was f@£king cool!! I want to do that for a career. I'm now on the long path to become an expert in cybersecurity just because of your video, thank you.
Rock on! I had the same experience when corona hit. Got hired four months ago. Employees market for sure.
Just noticed you posted 11m ago. How is it going?
@@IkkeBareAnders Hi Anders, tbh at the beginning information overload to pick theough. The path I decided to go down is Hack the box learning path. Ive come to grips with the tool about 2 months ago I'm doing bug bounties hacker1 im still along way off my goal one hack at a time.
Cheers Mate. That was awesome. To be honest this was my first PEN test video I have ever watched and thought that it was magic.
Ed Sheeran when he isn't making music.
Ginger : *exists*
People : eD sHeErAn
@@CobraunieSC true 😂
Great stuff and good explained... 2 Months ago did not understand anything until went through all the Tools which were used in this tutorial.
Great vid! Should do a series of these lessons, showing the tools and the capabilities and tryhackme is a perfect site to test them with.
Absolutely plan to-- just gotta make the time for it! Thanks so much for watching!
John Hammond yes please do more video like these. Really like your approach and note taking. Hoping to learn more best practices
New subscriber here. I saw you on Network Chuck’s stream “Learn how to hack” from Dec 2020. I was a communication/electrical engineer for my career and worked on network design and implementation. I really enjoy learning how things work and this is interesting stuff. All the best!
I’m 15:00 in and I’ve come to realize that being able to build a PC, overclock it’s hardware, instal an OS and other hardware monitoring programs is not very impressive in the world of PCs. I understood a very minimal amount of what you were doing. Looking at the source code of a website, and using the program similar to a command prompt. What you were telling the program to search for - no idea. The significance of those 4 numbers you noted down is - no idea. I imagine it would take years of practise to actual be able to hack something. My 34 year old brain isn’t a sharp as it used to be and is only going to get worse. The ship may have sailed for me regarding the ability to hack. I have enjoyed what I’ve watched so far! Well done!
@@ekonomija8718 Very good but most machines have private ip addresses within a single network space, that has its own public ip address. This is because with IPv4, around 4 billion addresses are possible, and yet we have billions of IoT devices, so we use the public one as the "gateway" into the network, usually a router, and each individual device has its own private ip address within the network
Not true if you can read you can learn it.
wow, I loved how you did all of this in a 30 min video while it took me over a day to get it. But I didn't know about many of these tools you mentioned here. Thanks for the video and keep up the good work.
He probably already completed it on its own. I also didn't knew about some of the tools. But for example Nmap and dir/gobuster are very frequently used for recon
Just found this video after looking into THM. I've always had easier learning from watching something get done than to just read about it theoretically. I know it's a bit over a year old but this still gave me some valuable knowledge and a few ideas on how to do things on my own later on. Thank you. Subbed ofc. 10/10 channel!
The only video about any code related that didn't bore me for 30 mins. Great video! Keep it up!!
The best channel that UA-cam has recommended to me in a long time
John Hammond is crazy!!
Starting to fall in love with you, for those detailed walkthrough videos.
Keep going John..
It would be great if you made a catalog of all the tools you have ready in opt. Although I know most of them I never actually install them in my Linux machine and would be great to have a place where everything is kept for a rainy day :)
Very interesting video. Have never seen how someone goes about hacking. Defiently has peaked my interest to learn more.
Thank you brother your funny as heck. Man, I appreciate your openness throughout this walk-through. Also your willingness to help others who may not be as far along as you are in this Field. What are your Goals after this, and have you reached them, or are you still going to make Quality Content for us Viewers to enjoy? I want to say thank you for your time and the Passion that you have for this.
liked after 1 playthrough with intent to re watch because I enjoyed the first round so much I want to savor the sweet flavor of knowledge that is so refreshing to see and hear, videos are the new TEACHING method that work. Thank you so very much for making this!
would love a series going through some of these machines.
I'll see what I can do! Thanks for watching!
@@_JohnHammond how to made bugs cyber
pretty cool this site gives you a platform to hone in your skills and continue to learn
was expecting "i'm in" but i still love ya xd
after 3 years, it still feels like a video just released. thank you🕊️
🙂make more awesome videos especially on the basics ... It's was even challenging for such a beginner like me to understand most of the magic you did 👍
Great content brother
You’re like a more intelligent, ginger Seth Rogan. Love the video man. I’ll have to *start using tryhackme too!
Ha, thanks for the kind words! I definitely recommend it!
I was thinking the EXACT same thing lol.
Great Stuff John! you are helping a bunch by making this fun and understandable....Kinda...lol
"there is no shame"
that goes right through my heart xd
Thank you very much for this video sober Seth Rogan!
This dude must be a legit hacker...stole Seth Rogen's identity AND his voice.
I have no idea what happened here, but I enjoyed every second of it. Thank you!
man, this was fascinating!!!!!!!!!!!!!
Thank you @John for another great tutorial.
Want to add that new version of gobuster require to point out what type of bruteforcing mode we will use
example gobuster dir -w -u
Many thanks, cheers
Hi John. Amazing videos. Hardly had any clue what was going on but found it fascinating nonetheless. Just out of curiosity, do you know or would recommend any resources to learn absolute basics from?
John, you are great! it's funny this video it's around 30 minutes but it took me about a week to actually do it! lol. You had multiple programs already install and since I didn't, I was forced to stop all the time and quickly install them and then continue with your video. Regardless I felt like a pro once I completed the video and the room in TryHackMe. Therefore, thank you, John! I'm planning on following your content closely and practicing as much as possible in Try Hack me!!
After taking a linux course and Redhat, you will think this is a basic room xD
Where from?!
I'd enjoy watching, you made it seen so easy, but the thing is to learn from it. THANK YOU.
definitely fake because i neves saw the green "ACCESS GRANTED" text showing
Awesome. What I like is how simple he makes it. Its a tour, explanation amd example all rolled together.
@@andrefreewill4730 awesome. I yried metasploit on my own android but I couldnt get access. Or at least results. I tried the camera and a few others. But thats why we are always learning, right? It's fun
Amazing. Thank you. Awesome. Do you know if "linPEAS is allowed in the OSCP exam?
As far as I know, no -- it is not in their Exam Restrictions. support.offensive-security.com/oscp-exam-guide/
I had used LinEnum without an issue. Thanks for watching!
As a beginner just watching this i learned a lot!!will definitely go do this box and try to do it on my own
this is the level of badass I want to achieve
Great demo of the tools and well deserved sub! Thanks.
U sound like Seth rogan 😂😂
he looks like Seth rogan
@@azulamazigh2789 he is seth rogan
You're actually mentally crooked if you seriously think that
Scrolled down to find this. Not disappointed
@@azulamazigh2789 glasses and a beard, yeah sure he does....
i'm a C# game dev in Unity, never done any kind of hacking related stuff but this is still amazing to watch. and i actually understand half the things!
"Basic"
that is basic, thhe users had weak passwords like 'armando' no capitals no numbers no special chars and a short password. It's just asking to get broke into :D
@@denislavkaragiozov5876 Why would capital letters or special chars make it difficult i don't get it?
@@muath1125 If you use in a 7 char length passwort only lowercase letters, the password can easy brutforced. (26)^7 = 8,031,810,176 password combinations.
Lower and uppercase letters (26+26)^7 = (52)^7 = 1,028,071,702,528 password combinations. Lower & upper & numbers (52+10)^7 = (62)^7 = 3,521,614,606,208 combinations. Lower & upper & numbers & special chars (62+26)^7 = (88)^7 = 40,867,559,636,992 combinations. With those kind of combinations, its extremly hard to brutforce.
I recommend a password length of minimum 18 chars with lower & upper & numbers & special chars: 88^18 = 100,158,566,165,017,531,560,835,501,527,138,304 possible password combinations.
do you think hacking is just clicking buttons and done?
Most people who make these videos are pretty dull and monotone but you seemed genuinely into this which made it fun to watch, keep it up! Subbed :)