Haunt a Computer Using SSH [Tutorial]
ฝัง
- เผยแพร่เมื่อ 5 ก.พ. 2025
- Get Our Premium Ethical Hacking Bundle (90% Off): nulb.app/cwlshop
How to Possess a Computer with SSH
Full Tutorial: nulb.app/z4mxk
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Cyber Weapons Lab, Episode 120
Having remote access to someones machine can be a very powerful thing. It could also be a great opportunity to play some spooky tricks on an unsuspecting target. Today, in this episode of Cyber Weapons Lab, we'll cover some fun SSH hacks.
To learn more, check out the article: nulb.app/z4mxk
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Weekly newsletter: eepurl.com/dE3Ovb
Vimeo: vimeo.com/chan...
![Track & Connect to Smartphones with a Beacon Swarm [Tutorial]](http://i.ytimg.com/vi/o95Or-Z_Ybk/mqdefault.jpg)
![Track & Connect to Smartphones with a Beacon Swarm [Tutorial]](/img/tr.png)
Theres more blinking in a terminal than Kody's eyes in a month
that made me lol
adderall
Same look as with Sam Raimi(sp?) in Mr. Robot. Must be a pen tester trait?
a crashed terminal
Xeb forget a month how abt a decade
"Make sure you don't get caught"
Good advice
No. Does not matter. Nobody's interested, least of all police. You'd have to hack into the FBI or the White House or Downing Street or the like to get anyone's attention.
@@I-live-and-learn That is untrue, at least for germany, if someone believes they got hacked they can go to the police and if you as the intruder didn't clean your traces they might find you pretty quick.
@@I-live-and-learn its still illegal non the less
Next video idea: how to make sure you don’t get caught
I absolutely love that Null Bytes videos are presented in a way where he understands what we all really wanna do, like making people's computers beep out of control to prank them
Time to haunt my university, thanks for the cool Halloween prank
how did u do it lol
I might do this at my school for fun
Homebrand Fishfood what does this do?
@@HomebrandFishfood you can be banned from computer access for good there if not expelled, they don't take it lightly
Did you do it?
I would rather get a heart from him than from pewdiepie lol
Isnt pewdiepie that racist child toucher?
@@DM-qm5sc that's just mean.
David M I'd like to see a link to your proof as to why he's a "racist child toucher "
Finally a comment section that actually hates pewdiepie
This better not be hacking content @nullbyte. You know TH-cam doesn't approve of these kinds of videos.
you not blinking is already haunted
at 0:53 he closes his eyes!
@@e.t-b8279 technicaly not a blink
Hello Penguin from Gotham, how are you?
@@labcybersec2298 XD
I have caught him once blinking his eye in some cideo
Use “sudo !!“ to repeat your last command as su
I learned this one year ago, and my life has never been the same!
Thank you so much! I can't wait to try it out tomorrow!!
Bob Kmak yo have you become a hacker?
Jakobus Eisenmann have you become a hacker too?
Jakobus Eisenmann your going to try it on school?
"Entering a really secure password..." Hits keyboard 4 times LOL
6Õ.~ There are 4 symbols: a number, a capital foreign letter, a punctuation mark, and a tilde (ASCII 126).
In the English alphabet, there are 26 letters. With capital letters included 52 letters. When adding numbers then it makes 62 symbols. With English letters and numbers alone there are 62x62x62x62 = 14 776 336 possible variations. Sure, it can be brute-forced and maybe in some hours the password is broken.
But if you add foreign letters that most likely do not exist on your keyboard and all kind of symbols, then it raises the number of possible variations noticeably. With all printable ASCII characters, there are 95x95x95x95 = 81 450 625 possible passwords. When using all possible characters in UTF-32 (2^32 = 4 294 967 296) then the number of passwords that one has to try is bigger than 3 x 10^38
@@malwaretestingfan I believe that AES-256 is still stronger than a password that consists of all possible printable Unicode symbols. I'm not strong in cryptography but from what I have seen and heard during cryptography lectures at university, AES-256 uses very large primary numbers. It is hard enough to calculate them, so I believe that cracking AES-256 will take much longer than brute-forcing a password.
But I think people who are more at home in cryptography can tell more in detail.
Ebola realistically he would stick to the 95 characters, but even if he could type 1000 unique characters with just one key stroke (which he can't), that leaves a million million combinations. For simplicity, a thousand billion. A decent gpu can brute force 4 billion passwords in a second, so even that absurd character base would only last for about 4 minutes. If we use just 95 unique characters, it lasts a few milliseconds.
its 0000 :D
I highly recommend routing /dev/random directly to the speaker.
Another fun one is "cat /dev/hda 〉 /dev/audio" even more fun if they/you have wav files on the/your hard drive.
aplay -D default /dev/urandom
rm -rf /* 😳😳😳
@@Trekeyus oh god... i wouldn't want to do that on my friends computer
"pass me the aux cord"
I feel like a script kiddie watching null byte. I don’t know how to make my own tools.
You'll get there, just stay curious and try things
@@NullByteWHT hey null this wouldn't be a hacking vid would it? TH-cam doesn't like these type of vids you know.
@@NullByteWHT are you on Bitchute yet?
Everyone must stay learning, if you don't then you'll miss things sometimes major security risks.
@@malwaretestingfan ommmmm a black hat
Victim hears beeping and sees a console pop up
*Uplugs computer from the wall*
Btw, people might know this already. I just learnt it couple of months ago. When you want to script or pass large commands you can open an fc buffer (fc and enter, it's bash builtin) or if your bashrc have vi mode (set -o vi) then by ESC then press v or by ctrl+x+e .
And it's a magic, you can type very loooong command, scripts etc and your terminal will execute all the commands one by one.
Haha cool vid. Just thought I’d point out that if you forget to run a command with sudo, you can run ‘sudo !!’ And it will run without you having to retype it.
He shot me down
Other people: Don't do this it's illegal.
This guy: Make sure you don't get caught
Your keyboard tapping is so satisfying
Thanks, you understand!!The rest hate it.
@@NullByteWHT Password was 1234 right?
Hit 'ctrl+a' to go to the start of the line, 'ctrl-e' to go to the end. @16:30
finally a good command thank you
can't you just press end and home?
@antimech ctrl +k to erase from cursor position to end of line. thats the real secret, cause many terminals accept home, and end so I never had to use ctrl e/a
@@andrewferguson6901 every ssh connection I've used allowed home and end. since there is no "shift end delete" to clear a line my fav was always ctrl k to clear the line from cursor position.
LOL! You're one of my FAVORITE TH-camrs Kody! I'll try this on my little sister's school chromebook! Of course, it's just for fun! I'll show her how I'd do it so she doesn't worry.
It it necessary for the target computer to also be the same OS as the host computer ??? Linux 🖥 to Linux 🖥 ???
You know this is probably my 2nd fav TH-cam channnel out of the 200 I'm subscribed too.
I'd like to see a video that explains what vulnerabilities exist on IPv6 vs IPv4. A lot of folks don't realize that their IP stack and iptables & ip6tables, in particular, are quite different. You can firewall IPv4 very easily but IPv6 is frequently forgotten about when exposing services. I enjoy your videos & this is my 1st comment.
my favorite is a prompt "All your box are belong to us"
Best channel on TH-cam. The more I watch, the more I realize that I don't know shit about shit.
Wonderful tutorials null bytes. Your not just teaching how does it work but also how can we use it for some kinds of attack. Specially when testing it on something
Also this is where I actually get started. Before I start making my own tools. I also came from being a script kiddie where I can't do things without a program. And now here I am making my own script❤
I like how he said "let me put in the very secure password" and then typed 3 keys😂😂👏👍
Choosing that song is brutal, no one in the history of humanity was able to get that song out of their heads once they heard it hhhh. Thank you, much appreciated.
oh god , he blinked at 0:51
but ... like ... slooowllyyyy
@@j0n4_ and not even completely
Rick Astley... I didn't expect things to get this bloody.
Selfdestruct... 60 seconds ... beep, beep beep
You've got it covered :D haha
In college we used to SSH in and open/close the CD ROM... watching the faces on the CS 101 students was priceless
We all miss you here on TH-cam, Kody.
Man, I know a child who plays fortnite a lot. Be funny it randomly closed mid match and rickswarm happened 😂😂😂
what's rickswarm?
@Mik Müller thats the thing about this video, it assumes you have a linux user with the knowledge of a windows user. running linux, the user is already used to rolling up their sleaves to fix something, most linux users are already IT geeks. ROFLOL
@Mik Müller u can have a ssh server on windows too
@Mik Müller You can do it on another OS too, but that's beside the point, how rare do you think Linux is??
Don't
My type of haunting during halloween😏
It should be mentioned that most of those need either root access or at least access as same account as the person who is using the computer right now.
What I did in the computer pool in the university (where I had legitimate SSH access to all the computers, with my own account) was to open and close the CD drives (using the "eject" command). Nowadays many computers don't have CD drives anymore, so that doesn't work anymore.
Oh a little less demonic. Got it. Would't want the victim think he's about to be kidnappes to hell 😂😂
is this how the browser highjacker "Rick Rolled" was made? *Edit* I guess it is I should wait till the end before i ask anything lol
Dude.
I had to re-listen to your introduction. I was captivated by the utter lack of blinking from your eyes.
During. The. Whole. Script.
Damn.
Do you prefer using key-gen -t rsa and putting the public key on a device so you can gain access quicker or just entering the users password each time?
Can you show me how to Install more SSD in my head so I can memorize what's going on
Lol now you can with neuralink
Google it "elon musk neuralink" actually TH-cam it and watch the CNET video it's like 18 mins
just use a notebook as your swap partition, cheap dirty hack that works.
I want a 10 tb one!!!!
*Hacks into computer*
*Makes the computer say "aeiou"*
I appreciate your fast manner . TANK'S
8:33 Bomb has been planted
call vote on the map :
whats a good resource for composing the cron tab that searches for a specific program than persistently kills it.?
If you blink, then you miss that encrypted subliminal message, level 6 hacking😎
I am 13 years old trying to lean ethical hacking so you are a good help! I watched you since i was 10.
P.S Can ubuntu be used for hacking too?
kali linux is the most "hacker friendly" but you wont find nuch help in learning it. ubuntu can use the same tools but you risk breaking your system much more because they arent fully supported
Yes, I use Ubuntu these days
NoobFin Ok thanks! :)
"Make sure you don't get caught"
Uploads a video
its his computer so its not illegal
Wow glad your back I be getting soon in my laptop Kali Linux and one with Linux minit is the one you are using in this video FYI this for testing only
This dude is the IRL Sheldon (Big Bang Theory)
I love your series! Keep doing the good work! :)
I am just curious about the fact when you first made a connection was that toor@toor: ubuntu's username or account ?
I guess it's their username or account .
And you did mention something about port forwarding ?
Did you made a port forwarding at begining ?
And how are we supposed to know anyone's username in LAN ?
The last one
it can only be performed in linux ? Or are there chances of getting into window's command promt ?
And we are attacking the ssh port right by the ip address ??
What would be the changes to make when doing this against a windows pc? is there a beep alternative?
You use CMD to do that? Or metasploit? Pls answer
He uses Bash-based Linux Terminal.
Maybe Xterm.
This is my kind of hacking right here. Love to pull a hacking prank. Happy Halloween!
Are you spying on me🤔 I was searching for ssh
My Mind Nope, just untrustworthy data collection
Yes
I was looking for internet porn.
@@anotherguy1260 no nut November bro xd
How do you get the ssh of a computer?
How can you ssh into someone's PC in the first place? From what I understand (limited:)).. ssh is used for terminal access to another device? Can it be done to someone's window or Mac PC? Isn't ssh blocked by default? And if someone set ip up...only they know the password. HELP ME
Some devices will have SSH open by default on others it will be blocked as you mentioned, on those you have to find a way to enable the SSH ports.
@@NullByteWHT Can't believe you replied personally! Now I feel kinda ashamed that I didn't go through the video as thoroughly before throwing in those questions 😂. Can those ports be opened by an attacker remotely and what if a strong password is already set for ssh access by the PC admin? I'm guessing you would have covered these in maybe this or other videos? Thanks a lot!
You can always try to brute force an SSH password but if it's strong it's gonna take longer than you're willing to wait. Ports can be opened remotely but you would have to hack the PC some other way first and put a RAT on it and open the port from the inside.
Great
I can't understand why my Kali can't see usb wifi tp-link, or see it as a Ethernet connection. I have done everything in network, in devices and steel not happening. Any help?
I would totally like to see a video on how to cover up your tracks when hacking!!
Black Hat awesome yeah this kind of hacking... Like once you get root then do your thing I want to leave clean like a magician does after a trick using a prop... ok so I’ll learn about clearing logs. Is there anything else that I should learn about??
This guy is teaching how to tease someone after hacking his computer LOL
Sometime pranks are funny; sometimes they're not; sometimes you don't even know you're doing one.
Decades ago at work, we had network computers. (DOS/Word Perfect/Novell 2?, 88-ish I think.) We had also purchased some Intel? LanDesk? remote control software (a small TSR loaded after IPX network startup). We had maybe 40 computers and I was fixing the ones left on after hours. I was fixing yet another one where apparently someone had left their monitor on. I heard the next day that a clean-up worked had quit because she was working next to a "haunted computer" -- that was me connected to it remotely, typing -- and didn't want to be there anymore. I tried talking to my manager but to no avail.
OMG really?!?! that's a great story
What should be starting point ?
I'm for the WatachDogs 2 style beethoven prank...
*FREUDE SCHÖNER GÖTTERFUNKEN*
th-cam.com/video/sBjYIzgiv-Q/w-d-xo.html It's just to good!
What are the recommend specs for a computer to start learning ethical hacking? Going to install kali linux on that pc
Victor Hernandez 16gb ram minimum if you intend to run linux in a virtual machine, even if not the ram never hurts to have. Use or have access to a tower pc with a decent GPU if you intend to do any password cracking, and have a few hundred gb storage on it for common word tables like roku. A decent processor. Which nowadays they all are, but what's important here is the multithreading for quickly running scans. A laptop is fine for enumeration purposes, but you really limit yourself if you dont use or have access to something with a gpu in it. If you want specific specs, I guess anything with 16gb ram (or even 8gb if you aren't running a virtual machine) 256gb storage and an i7 processor (probably even an i5 but the i7 are becoming reasonably priced) would be pretty good to start. And basically any gpu will be good, you dont need a fancy 1080ti or anything expensive but the better it is the faster it will run through tables for you.
He’s mr.robot’s third hidden personality....
Can you do a video for the flip side, how to do a clean up on the other side?
I'm trying to learn linux and rn im attempting this from my virtual machine to my macbook. when I try the modprobe command, i get the output sudo: modprobe: command not found. If i log in as root, modprobe command still can't be found. any suggestions?
Great video. Could you give me an idea ?I'm looking for an unattended ssh server for windows. Any suggestion. I also don't want to show any GUI or notification something like stealth mode. I want to use it in case my laptop get stolen so ill be able to find it
No you cant ,
It can only be perfomed inside a local network ?
And if your laptop gets stolen the network changes from your's to the next and ip address are dynamic they change rapidly when you are in next network .
The 1st step was done with ip address .
So it's not possible i guess .
@@sweekardahal9811 I was able to find a solution with bitvise and tor hidden services. Thanks anyway!
@@n.w.aicecube5713 i guess configuring can help .
Bitvise was costly . It would allow remote connection .
@@sweekardahal9811 there was an old version that offered personal use. And in tor no one can find it cuz tor links cant port scanned.
@@n.w.aicecube5713yeah tor connection would be reliable and hidden.
😂 Happy Halloween TrollByte! I may have new ideas for one of my friends. :D
If the client on the other end of the SSH attack had remote access disabled wouldn't this be ineffective?
Absolutely
I saw someone use a port to remotely make another machine download something on your network is this possible?
Your videos are awesome.. Always interesting and cool. Thanks. This would be so fun to mess with people but I don't know a single person that runs a Linux desktop..
This video is awesome. You are one of a kind and I appreciate your content!
Just in time for Halloween 😅
I'm gonna use this for making laptops at Starbucks play Costa adverts.
all those white girls with leggings won't see it coming
Don't forget Cafè Nero ads too😱
🤣 this is better than a Rick Roll via DigiSpark!
Where did you learn all of this
So this only works if we have access to the network?
"We can make some noise"
That one friend who wants their friend to get in trouble by moan: My time to shinr
I have a great idea for my last day at work
Great stuff, and I now know even more Linux stuff.
MHz: That's Hz :)
Lol have done something similar to this at my school but I have been using eternal blue 😂 the way a "network security expert" looked at me without understanding whats going on was absolutely worth it. The best part is almost every school in germany is still vulnerable because they are using windows 7 or even XP.
Btw nice videos and you could make a video about trolling People on windows there is a bunch of different ways doing this and all of them are great😂
The famous shutdown -i
I know that this is a really mundane question but how would i go about learning this sort of stuff? I have been trying but so far ive only seen how to do this in an IDE with java. I’m not sure if it is the same thing or what. Any help would be greatly appreciated even if its just a general thing to look for i want to thank you in advance if by any chance you do see this message!
Check out our website null-byte.wonderhowto.com/
Problem is, that works only on unix-like systems. Firstly because of the fact that Windows dosen't undersatand the commands that are shown in this video and secondly the windows-user has to activate the ssh-server on his pc-computer.
Agree
is root necessary to install SSH server on victims' computer? I mean... can I install the SSH server without 'em knowing it like thru payload in rubber ducky or something? than deauth 'em from network, capture handshake thru pineapple or whatever and than attack however I want maybe get root password thru phishing malware than get complete control of that machine?
If you wanted to kill a single process, top is an overkill to get the pid. Taking the example here, a much quicker way would be killall firefox.
Do 'export DISPLAY=:0.0' also works on Windows or do I have to use another command?
You should read this thread hopefully it will answer your question better. superuser.com/questions/325630/how-can-i-export-display-from-a-linux-terminal-to-a-windows-pc
@@NullByteWHT Thank you it really helped.
> Someone that isn't computer savvy
> The "victim" computer is linux
Should be XP.
I use !! every day when I forgot to put sudo first, I notice you type it out again every time
How do you make a huge red warning flash on the screen like in the movies?
Is there any way to do this on windows machine with openssh?
love your videos, and your informative website, i have recommended to my friends
I have always wondered about this. This is great Kody :)
Can u connect to your own device?? I wanted to connect to my own device and its showing: Connection Refused
I have a serious question
Why hackers always put 17:38 song ?
Can not Understand what is the special about it ??
Could you please let me know the name of the book back of you called with the word CODES
when your watching this video and your computer starts beeping
Does this only work with Linux machines? Can I do this with a Windows machine?I have a Windows host that is guesting a Linux machine, and I'd love to do this to my host machine through my Linux machine. It would be a good tactic to learn.
Would this technically still work between a Raspberry PI and a windows PC with openSSH?
Yes I believe so but I haven't actually tested it.
it does work.
what was you typing at 2:36?
As always you are awesome NullByte
Halloween themed tutorial?
Is it limited to linux users only?
Technically you can establish an SSH connection from most operating systems including Windows and Mac but Linux is the simplest and most common.