I startet using THM because of you, I even got the VIP supscription now to learn a lot in this quarantine situation. I have beaten blue and ice yesterday, but still excited to watch you and learn more. Excited how you tackled this, please make more HTB or THM videos
I also started thm after watching a few tutorials from John. It's a great branch from my core engineering spec and incredibly relevant in the world we live in.
This is really great stuff for people who are just getting started and can get insight into how you think through attacking a machine. I find this the most useful way to get started...learn a path well and then deviate from it as you learn more. THANK YOU
you are using awesome simple teaching method, it's easy to understand even a sutudent who did not have good sound of english...thank you..! do more try hack me rooms, from srilanka
Just had a chance to go through this tutorial using tryhackme, just fantastic stuff. I was a teacher for about 17 years, your teaching style is fantastic.
Some people have that ability to teach / show concepts. You can be a guru on your field and not being able to communicated that. John has both! I love this channel. His and CyberMentor's channel are my two best TH-cam resources for PenTest.
Hey, this actually was a good vid to watch. Interesting, even though I completed the machine before watching this, I still find it helpful to see how you took notes. Also I had to restart the machine about 5 times before it actually worked..
When I first started with thm and htb I needed a helping hand to root even the simplest of boxes. Now I am getting used to the tools so it is getting easier than where I first started.
Hey that's not a bad thing! Taking it slow means you can learn more, absorb new concepts and gain a bit more exposure, take better notes... all the good stuff. I just try and breeze through them so it can fit into a video that people would realistically watch ahaha. Thanks for watching!
You got me hooked in this site!! I have learned so much from you. I started from the bottom and within a couple of weeks I have majorly progressed in my skills as a ethical hacker. Keep up the good work!
You probably figured this out but for everyone who hasn't . At 9:01 nmap scan kept growing because brute force scripts got included. You wanna do this nmap --script="smb* and not brute"
If you have problems successfully running the exploit ( /windows/smb/ms17_010_eternalblue) you probably need to change the LHOST option. Initially it is set to something like 192.168.x.x (you can confirm that with 'show options' or from the first log message in your terminal after running the exploit, as our lord and senpai John shows, which should be something like [*] Started reverse TCP handler on 192.168.1.12:4444. You need to change that to the IP that TryHackMe assigned for your machine when you connected to their VPN, so the reverse shell can actually find you. So, just follow John's steps and before running the exploit type "set LHOST 10.9.x.x"
thanks for the video..yesterday i was trying this machine but i was unable to create a meterpreter session...it was my first time using metasploit....thanks also make videos on other machines too
I am currently doing some machines there. There is one that was really interesting, with priv escalation included. But I would be happy to get a FULL review from John, if he is able to finish the whole OSCP learning path there of course.
@U X Enough to know that you like your own comments lmao, don't too greedy man, just go to the CVE list or exploitdb to find other exploits. They wont be as critical as this exploit
Hey John, where did you learn most of the basics? Like the tools you use and they are used for, etc? but also, where do I learn more about history about past hacks?
A lot of it has been practice and exposure -- looking at TH-cam videos, seeing people use new tools, reading writeups and solutions and picking up on new techniques and tricks -- it all accumulates and you keep growing! History on past hacks -- I would recommend Googling and reading a lot of articles about what you are interested in. Thanks so much for watching!
Alex L he has stated multiple times that he is a beginner to this. When people first start it is necessary to use these scripts so they can learn how and why they work so in the future they can make their own. Nobody starts at anything being an expert in the field.
Hey John!, Love your videos!. I think they are supper interesting, well explained and entertaining. If you ever consider to develop content in Spanish , let me know!. I would love to help you with that. Cheers!
ı dont know english very well but ı can learn too much things from you. my own language videos sucks they dont know anything or they dont want to teach people. Anyway thanks for the videos
Really cool vid even if it's an old 7 hack, it's interesting to see how powerfull is metasploit and eternal blue too. Did you go deep into metasploit functions ? I mean in the code, how a functionnality works... Nice vid. I like your work.
short way to do this CTF once you find the username and password in task4 there is 3389 port open its for RDP you can use rdesktop and login and search for file named flag .. you'll find all 3 flags easily
from speech import success as s youtube_comment = s.write(''' I finally did it!!! I changed the IP address of the reverse TCP handler and it worked!! Thanks for the priv esc in Vulnersity. I would have had no idea where to find a good one ''') print(youtube_comment)
After I type the command "nmap -Pn -sC -sV -oN nmap/initial 10.10.82.251" in the terminal, I get this as a result and it's totally different from yours. >>>> "Starting Nmap 7.80 ( nmap.org ) at 2020-04-26 22:34 EDT Stats: 0:00:03 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan Connect Scan Timing: About 1.00% done; ETC: 22:39 (0:04:57 remaining) Nmap scan report for 10.10.82.251 Host is up. All 1000 scanned ports on 10.10.82.251 are filtered Service detection performed. Please report any incorrect results at nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 202.25 seconds"
I startet using THM because of you, I even got the VIP supscription now to learn a lot in this quarantine situation.
I have beaten blue and ice yesterday, but still excited to watch you and learn more. Excited how you tackled this, please make more HTB or THM videos
Happy to hear that!!
I'll have to go through Ice real soon. Thanks for watching! I'll definitely try and get some more out there!
Hey can you give me your review about thm vip? Cuz I'm planning to get em too
I also started thm after watching a few tutorials from John. It's a great branch from my core engineering spec and incredibly relevant in the world we live in.
Dude, I love how modest you are and i'm enjoying these video's, KEEEP UP
Thank you Mr John for quick and useful learning
I would have never got through this exercise without you John.
Please keep up the amazing work
This is really great stuff for people who are just getting started and can get insight into how you think through attacking a machine. I find this the most useful way to get started...learn a path well and then deviate from it as you learn more. THANK YOU
Happy to hear that! Thank you so much for watching!
Loving this content. THM is so fun and engaging, can't wait to see some more!
Very happy to hear that! Thanks so much for watching!
Im learning a lot by doing and practicing from you
I absolutely love this content, I want to study cyber security when I go to college so these videos just make me more excited
you are using awesome simple teaching method, it's easy to understand even a sutudent who did not have good sound of english...thank you..! do more try hack me rooms, from srilanka
Just had a chance to go through this tutorial using tryhackme, just fantastic stuff. I was a teacher for about 17 years, your teaching style is fantastic.
Some people have that ability to teach / show concepts. You can be a guru on your field and not being able to communicated that. John has both! I love this channel. His and CyberMentor's channel are my two best TH-cam resources for PenTest.
Hey, this actually was a good vid to watch. Interesting, even though I completed the machine before watching this, I still find it helpful to see how you took notes. Also I had to restart the machine about 5 times before it actually worked..
When I first started with thm and htb I needed a helping hand to root even the simplest of boxes. Now I am getting used to the tools so it is getting easier than where I first started.
These videos are awesome! Quick and straight to the point, keep them up! Thanks for teaching us
woww, just like attitude and positive energy, I'm starting to watch all of your videos, much to learn!!!
Awesome as always man! I've done this one just earlier but you've done it 100x quicker than me!
Me such noob! >.
Hey that's not a bad thing! Taking it slow means you can learn more, absorb new concepts and gain a bit more exposure, take better notes... all the good stuff. I just try and breeze through them so it can fit into a video that people would realistically watch ahaha. Thanks for watching!
Nobody:
Me: Thinking about how join this room to hack this machine
You got me hooked in this site!! I have learned so much from you. I started from the bottom and within a couple of weeks I have majorly progressed in my skills as a ethical hacker. Keep up the good work!
Watching this after I finished mine for 3hours. But you sir finished it less than 30mins. Salute! Instant subscribe hehe
You probably figured this out but for everyone who hasn't . At 9:01 nmap scan kept growing because brute force scripts got included. You wanna do this
nmap --script="smb* and not brute"
nice
You sir are an absolute pleasure to watch and learn from, thank you.
Some people listen to asmr to go to sleep, I watch this tryhackme series, it’s soooo relaxing idk why 🤣
If you have problems successfully running the exploit ( /windows/smb/ms17_010_eternalblue) you probably need to change the LHOST option.
Initially it is set to something like 192.168.x.x (you can confirm that with 'show options' or from the first log message in your terminal after running the exploit, as our lord and senpai John shows, which should be something like [*] Started reverse TCP handler on 192.168.1.12:4444. You need to change that to the IP that TryHackMe assigned for your machine when you connected to their VPN, so the reverse shell can actually find you.
So, just follow John's steps and before running the exploit type "set LHOST 10.9.x.x"
N1, this needs more upvotes
Thx a lot!
Συμβαινει διοτι το network διαχωριζεται απο το vpn οποτε πρεπει να βαλεις το tun0 συνηθως
thanks for the video..yesterday i was trying this machine but i was unable to create a meterpreter session...it was my first time using metasploit....thanks also make videos on other machines too
Oh boy, congrats on using Metasploit for the first time! Thanks for watching -- hope to have more videos out on TryHackMe soon enough!
I finished it. It was kinda easy. And now I'm watching your video to find if I missed anything 😁😄
i really like it, your methodologies it's very simple and anyone can understand, very cool
Subscribed right now with out any hesitation...... Best man on youtube
Newly joined on this channel. Im absolutely loving this series. Please keep these coming!
Hello John! I am very thankful for this educating video. I have learned a lot.
very understandable, I like the style, definetely stickign around
That's very cool. wish more people would learn this, and in that how to configure their machines against it. This is a very cool learning site.
Definitely agreed, TryHackMe is great! Thanks for watching!
The beginning of every legend
great video john...love from india🙂✌️you are doing great thing for the community
Thank you so much! I've been looking for a way to play CTFs from my Android running nethunter and this is exactly what I've been looking for.
Hi John, I just saw that try hack me had a learning path for OSCP can we have your thought on it please?
I can certainly try to take a look at it soon! Thanks for watching!
@@_JohnHammond Thank you !!
I am currently doing some machines there. There is one that was really interesting, with priv escalation included. But I would be happy to get a FULL review from John, if he is able to finish the whole OSCP learning path there of course.
@U X make your own
@U X Enough to know that you like your own comments lmao, don't too greedy man, just go to the CVE list or exploitdb to find other exploits. They wont be as critical as this exploit
I like your videos ,and you are super fast in typing
thanks
johm hammond just the everset of ethical hacking
Thanks john for this cool walkthrough
Brilliant work!!!👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👍🏻👍🏻👍🏻👍🏻👍🏻👍🏻👍🏻
im learning so much with those videos! ty so much!
Nice to see some Lua in the wild.
Thank you so much. Loved it. I am a newbie and ur explanations are perfect
I love TryHackMe, It's really helped me with my Cyber Security learning
me too
Hey John, where did you learn most of the basics? Like the tools you use and they are used for, etc? but also, where do I learn more about history about past hacks?
A lot of it has been practice and exposure -- looking at TH-cam videos, seeing people use new tools, reading writeups and solutions and picking up on new techniques and tricks -- it all accumulates and you keep growing!
History on past hacks -- I would recommend Googling and reading a lot of articles about what you are interested in. Thanks so much for watching!
he doesn't know anything, silly kid just googled, installed a hacking tool made by someone else and showed up here ))
Alex L he has stated multiple times that he is a beginner to this. When people first start it is necessary to use these scripts so they can learn how and why they work so in the future they can make their own. Nobody starts at anything being an expert in the field.
@@withincode6848 I'm a beginner. I'll do this for 50 years and I'll still be a beginner. There is always more to learn and practice. :)
Mario, is/was your MOS related to IT? Former 0651 here
This one is so much more fun when using the stand alone python exploit
U want to use your own exploits?? Huh did I get that right or what cuz dats impossible
Flags:
🏳Flag 1 {C:/}
🏴Flag 2 {C:/Windows/System32/Config/flag2.txt}
🏳Flag 3 {C:/Users/Jon/Documents/flag3.txt}
i love your tryhackme series a lot. thank u
More of this please. You're helping me a lot trying to learn hacking.
Greetings from Germany
Much love man, really impressed by your arsenal
dont stop this work! we love it!
love this website series. I definitely need more
Was about to write tht u could use search but u did lmfao great vid man
Thank you good lesson. 👍👍👍👍🇱🇰
Appreciate it, thanks for watching!
ohh the lovely xps15
Please more of TryHackMe!!!
Thank for your help
Awesome Mr John
awesome video as always! learned lots of new things keep making more!
Thank you! i love these videos
Happy to hear that! I'll try and get more of them out soon!
I LOVE IT! DO MORE VIDEOS
More on the way! Thanks for watching!
nice explanation
Thanks for this content.
EternalBlue!!! One of my favorite exploits! Great video :) keep up the awesome work
Such an easy gun ahaha. Thanks for watching!
@@_JohnHammond very much so lol. my pleasure!
Hey John!, Love your videos!. I think they are supper interesting, well explained and entertaining. If you ever consider to develop content in Spanish , let me know!. I would love to help you with that. Cheers!
I love these so much !
Very happy to hear that! Thanks for watching!
ı dont know english very well but ı can learn too much things from you. my own language videos sucks they dont know anything or they dont want to teach people. Anyway thanks for the videos
Awesome video, thank you!
Thanks!
Ready,
Great work , John.
Best in the Business!!!
Good explain learn lot of 🌿
Yeah I’m on this tomorrow morning.
Very nice tutorial, please keep going
Happy to hear that! Thank you so much!
thank you!
Thanks , keep going
Good one.
great video and a great platform, love ur video!
Really cool vid even if it's an old 7 hack, it's interesting to see how powerfull is metasploit and eternal blue too. Did you go deep into metasploit functions ? I mean in the code, how a functionnality works...
Nice vid. I like your work.
I have not yet for the Eternalblue exploit but I can try and do that in a future video. Thanks for watching!
this video is awesome
Nice work!
Had no idea Seth Rogan was into computers as well
short way to do this CTF
once you find the username and password in task4 there is 3389 port open its for RDP you can use rdesktop and login and search for file named flag .. you'll find all 3 flags easily
Clever
OOooh, that is awesome! Good call!
Don't mind me, just doing my share of TH-camr algorithm things...
Watching this is fun
Awesome video. What shell are you using? It doesn't look like tmux. Also what is your distro?
Thanks
Thanks so much for watching! I use Ubuntu and I'm using Terminator as my terminal emulator.
Thank You Boss!!!
from speech import success as s
youtube_comment = s.write('''
I finally did it!!! I changed the IP address of the reverse TCP handler and it worked!! Thanks for the priv esc in Vulnersity. I would have had no idea where to find a good one
''')
print(youtube_comment)
how
Going back and doing this again for the reverse shell section you have to use MSF v5, right now v6 errors out and has some known issues.
Thanks
The thank you goes to you! Thank you for watching!
After I type the command "nmap -Pn -sC -sV -oN nmap/initial 10.10.82.251" in the terminal, I get this as a result and it's totally different from yours. >>>>
"Starting Nmap 7.80 ( nmap.org ) at 2020-04-26 22:34 EDT
Stats: 0:00:03 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 1.00% done; ETC: 22:39 (0:04:57 remaining)
Nmap scan report for 10.10.82.251
Host is up.
All 1000 scanned ports on 10.10.82.251 are filtered
Service detection performed. Please report any incorrect results at nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 202.25 seconds"
Hi John, I'm not sure if you covered this question before, but could you share with us what's your equipment setup for this channel?
Smb skills eay
when I try run my metasploit it fails 3 times and says it completed but no session was created
Clear
All apps one madel work headel 👍 nice
Can you please help? I am getting FAIL while running the exploit everytime.
awesome !!!!!!!
Thank you! And thanks for watching!
Ever consider making OSCP videos? More specifically, what you suggest to do/before diving into pwk course?
Your usage of 'tak' does my head in.
thanks you:)
Keep up the good work! My flag2.txt was also missing from the C:\Windows\System32\Config dir, I wonder how that happened :s
Thank u very much
Thank YOU for watching!