Mind Blowing 🤯 Reverse Shell Demo with DNS data bouncing exfiltration!
Ғылым және технология
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/DavidBombal
The First 200 people that sign up will get a special discount.
Disclaimer: This video is for educational purposes only.
// Jakoby’s SOCIAL//
KZread: / iamjakoby
LinkedIn: / i-am-jakoby
X: x.com/i_am_jakoby
Instagram: / i_am_jakoby
GitHub: github.com/I-Am-Jakoby
TikTok: / i_am_jakoby
// KZread Video REFERENCE //
Next Gen Hacker?: • Next Gen Hacker?
The best Hacking Courses & Certs? Your 2024 roadmap to Pentester success: • The best Hacking Cours...
// David's SOCIAL //
Discord: / discord
X: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZread: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming Up
00:57 - Sponsored Section
03:01 - Intro
03:19 - Power Shell Gallery
05:05 - Modules
06:28 - Microsoft Patch
08:04 - Consulting with the Cybersecurity Community
08:58 - Microsoft Honeypot
10:09 - Models by Jakoby
11:33 - Running Models
12:01 - How Models Function
13:43 - The Vulnerability of The Site
15:30 - Ransomware
18:20 - Owning Models
19:13 - Bug Bounty Program
22:23 - Reverse Shell Generator
29:25 - Methods For Execution
31:49 - How To Solve
33:47 - Engage with the Ethical Hackers
34:20 - Exfiltration Data Bouncing
39:12 - Demo
39:56 - Capture DNS Traffic
41:01 - Running Vanish
50:05 - Running A lot of Testing, No Man’s Land
52:29 - Get ahold of IamJakoby
54:08 - Hak5 Payload
55:57 - Imposter Syndrome
57:41 - Background Story into Hacking
01:07:27 - Stationed in Hawaii
01:10:00 - Conclusion
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#hak5 #cybersecurity #microsoft
Пікірлер: 206
Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/DavidBombal The First 200 people that sign up will get a special discount. Disclaimer: This video is for educational purposes only. // Jakoby’s SOCIAL// KZread: kzread.info LinkedIn: www.linkedin.com/in/i-am-jakoby X: x.com/i_am_jakoby Instagram: instagram.com/i_am_jakoby/ GitHub: github.com/I-Am-Jakoby TikTok: www.tiktok.com/@i_am_jakoby // KZread Video REFERENCE // Next Gen Hacker?: kzread.info/dash/bejne/aJ6lrJmAkZipn6g.html The best Hacking Courses & Certs? Your 2024 roadmap to Pentester success: kzread.info/dash/bejne/Y2SElsOoiMe-hKw.html // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 00:57 - Sponsored Section 03:01 - Intro 03:19 - Power Shell Gallery 05:05 - Modules 06:28 - Microsoft Patch 08:04 - Consulting with the Cybersecurity Community 08:58 - Microsoft Honeypot 10:09 - Models by Jakoby 11:33 - Running Models 12:01 - How Models Function 13:43 - The Vulnerability of The Site 15:30 - Ransomware 18:20 - Owning Models 19:13 - Bug Bounty Program 22:23 - Reverse Shell Generator 29:25 - Methods For Execution 31:49 - How To Solve 33:47 - Engage with the Ethical Hackers 34:20 - Exfiltration Data Bouncing 39:12 - Demo 39:56 - Capture DNS Traffic 41:01 - Running Vanish 50:05 - Running A lot of Testing, No Man’s Land 52:29 - Get ahold of IamJakoby 54:08 - Hak5 Payload 55:57 - Imposter Syndrome 57:41 - Background Story into Hacking 01:07:27 - Stationed in Hawaii 01:10:00 - Conclusion Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hak5 #cybersecurity #microsoft
@neo_the_chosen_one777
Ай бұрын
thanks for the premium trial....
@jaden8573
Ай бұрын
you leaked the ip in the obfuscated code he generates, just deobfuscate and its in plain text. maybe blur 25:38
@unlucky1307
Ай бұрын
I have some concerns about the coverage here, it seems looking at the github for the project InfosecREDD was deliberately removed from all credits by Jakoby despite working on this project.
@digitalcivilulydighed
Ай бұрын
This was brilliant!
The fact bro here is still doing the right thing after taking the shaft on huge bags speaks volumes to his character. The bazaar will gladly offer fair value for your work ❤
@davidbombal
Ай бұрын
Exactly. We need Ethical Hackers in this world to help better protect us. And companies need to look after the good people like Jakoby.
@neiltropolis
Ай бұрын
He was a marine sniper, served his country and disrespected big time. The man is a prince.
@swoodc
Ай бұрын
what huge bag
@gyp.
Ай бұрын
@@swoodcwhat he spoke of towards the start of this video was a pretty huge exploit, that he made Microsoft aware of, they *tried* to patch it. He worked around it in 10 mins, he finally spoke to someone directly and disclosed it again, with some of his own suggestions. He never even heard a word back from Microsoft but when they "patched" it again he said at best Microsoft looked directly at some of his code in his GitHub, and used it on their patch. Again he heard nothing back from Microsoft and they kinda bit some of his own code in the patch. Anyway an exploit of this level at Microsoft, especially with how many machines this can affect and the permission they would get. This is a $100k bounty that Microsoft didn't pay him out. He is still trying to get the actual credit for the disclosure so he can earn his bounty. He could have sold this on the black market, he could have just dumped it on the Internet but he understood how much damage that could do. He is trying to do the right thing by helping Microsoft by doing responsible disclosures, and because this work takes time and because companies know that other people would pay money for these exploits. Many companies offer "bug bounties" for responsible disclosures of bugs that their software/web sites have. That is the money others are talking about.
@mattrogers6646
29 күн бұрын
@@swoodcDidn't get his rightfully earned bug bounties.
Great video thanks David! Jakoby did an excellent job of explaining Data Bouncing. We have submitted a CFP to Defcon for the rest of the research we have been doing in this space so fingers crossed that gets accepted. It's awesome to see Data Bouncing being absorbed and built on by the community.
Jakoby, you are born to tell stories. Thank you for sharing yours.
@IamJakoby
28 күн бұрын
This comment warmed my heart to read, I appreciate you 😊
The dns exfiltration is crazy! Thanks for sharing and shame to Microsoft
Jakoby is legit a one-man army!! If Michelangelo were alive today, he'd be Jakoby. This is a guy I wanna learn from!
@IamJakoby
28 күн бұрын
❤❤❤
im amazed that jakoby has the right set of morals and doesnt allow the fact that he was screwed by the bounty, and is still fighting the good fight. godspeed jakoby.
@IamJakoby
28 күн бұрын
The only thing it takes for evil to succeed is for good men to do nothing. This world is full of people I care about and want them to have the best lives possible
@vrts
19 күн бұрын
@@IamJakoby just wanted to let you know that your attitude and perseverance is inspiring. Keep it up.
Thx for sharing Jakoby, you got your heart and passion in the right place !
Great show.. love these really simple callouts. It was eye opening seeing those modules which could be made by anyone. MS is going to have a headache grabbing control back of all those modules.. but now that they are out, they will need to change Powershell and UAC as well to fix this. Man.. Anyway, great guest and show today!
@davidbombal
Ай бұрын
Glad you enjoyed the video! Jakoby is doing amazing work!
This guy deserves more appreciation.
I understood about 1% of this but I cannot quit watching your videos.
Amazing video David as always! I'm curious to know about how it would hold up against ThreatLocker and the heuristic-based detection.
Heyyy nice to see you guys together!! I'm psyched to watch!
@davidbombal
Ай бұрын
Jakoby is amazing!
@PuffnPlayProductions
Ай бұрын
he's the fucking man@@davidbombal
Great video. Thanks David and Jakoby !!!
This guy is my mentor even though I am far older than you. I will be in the state for cyber security course and I will be looking for you. Greetings from Ghana
@davidbombal
Ай бұрын
Jakoby is amazing! We can all learn from him :)
Thanks for the heads up. Scary 😮 and bad from MS to not compensate for the support they receive from people like IamJakoby. And thanks David to give them the time sharing the risks.
Powerful stuff David...good job man
Epic! I've learned a ton! Thanks for sharing your expertise! 👑
Ooh wee, I'm learning so much... ❤ instantly hooked
Thank you for your service. ❤
Thank you for the interview. I am speechless.
Heyyy happy to see him here!! 🎉
Wow! This cool educational information! Thank you!
How about making a map of the all sites like adobe that support that, and send the chunks of a file to the all sites, an then just listen the response from all of them and combine the chunks in the order of the mapped sites? Man, this is insane, this video is in the list of the best ever in my opinion. Congrats Jakoby brilliant mind, thanks David!
@IamJakoby
28 күн бұрын
Yuuuup so that ls what the team I was working with did actually. Its pretty much all sites that use akamai And then yup you can just blast it across as many domains as you would like and rebuild from there
This is amazing content thanks so much for sharing
Este sujeto es increíble. La realidad es que me quede por detrás, si bien entiendo superficialmente lo que dice, también siento que no entendí nada haha Agradezco que esta clase de persona quieran defender al resto de personas honestas. Realmente lo aprecio muchísimo y me encantaría seguir viendo videos de Jakoby
we LOVE jakoby! thanks for having him on david!
Thank you , David
:O WOW. So many amazing factors! Bounty very deserved.. Kinda scary providing the public even this much information in a video like this lol
DNA data bouncing is the worm hole for the clear web.
@csexecutiveservices
Ай бұрын
@DavidBombay & Jakoby, Curious about possibly making this even stealthier using something other than TXT records, hint: dig | grep ad
@IamJakoby
28 күн бұрын
Yuuuuuuup potential is pretty insane
@IamJakoby
28 күн бұрын
@@csexecutiveservicesEXACTLY. You are headed in the right direction
Such an interesting video for a student who’s studying IT security, even though I probably only understood about 50% of the things mentioned in this video haha. Thank you for sharing this and letting us find out about Jakoby!
Thank you David💯👍🏽
@davidbombal
Ай бұрын
You're welcome!
That’s crazy I’m a junior majoring in cybersecurity and I live in Waipahu! Crazy small world thank you for sharing your stories your demonstrations on reverse shell was mind blowing and I’m excited to get into the cybersecurity field
@IamJakoby
28 күн бұрын
I miss Hawaii sooooo very much 😢
I first saw iamjakoby here a few weeks ago when i built a pico rubber ducky. Amazing to see the guy himself, never thought to look up his name on anything except the ducky script repository.
@IamJakoby
28 күн бұрын
Congrats on your build and I'm happy I could help in some way 😊
There you go Michael. Way to get on David Bombals' channel. Great collaboration
Thank you Very motivating. Imposter syndrom is hard to get over at times. I especially was happy to hear that there is good people out there, That something I need to hear more of due to all the evil people in the world. Thank you both again
I'm sure, especially in this community, it's incredibly hard to share the personal experiences that inspired people down this path. Very much appreciated and inspiring in return. Thanks for bringing both the technical (which I barely understand enough to follow along), and some much needed humanity. Theoretically, it's the only thing that separates us from AI at this point, right? 😅
I like old-fashioned hackers, with phrases, and colors on their terminals, what good times.
@IamJakoby
28 күн бұрын
I am a terminal diva ha
man this helped me so much thank you ..
Jakoby is the man!
THANKS
Great video David Jack is a great guest
Genius. Great and inspiring video. Thank you.
@davidbombal
Ай бұрын
Glad you enjoyed it!
Woohoo!!!! Jakoby love your name brother love your work keep it up!!!
Polymorphic reverse shell...thats amazing
@IamJakoby
28 күн бұрын
Thank you kind sirrr 😊
That intro was awesome.
Happy Easter!
Hi david would love to see stuff on defensive tools and solutions e.g YARA rules, EDR systems. Thanks again for the OSCP course on Udemy!
When youre a bricklayer but started your comp sci degree last years and understand every term mentioned in the sponsor segement 😃🥳
Do you have a tool that can be used to scan for vulnerabilities on the reflection sites so those sites can be added to a blacklist?
i can say this guy is brilliant /genius....
What an amazing story. I would also say he's definitely on the right path!
Messaged some guys at Microsoft that I grew up with. Well played on the ethical hacking. I pray I messaged the right people for you.
Dude is AMAZING!
Interesting thanks 💯
@davidbombal
Ай бұрын
I hope you enjoyed the video!
Thanks
jakoby is the man.
what an inspiration
This dude is something else
How would I explain something that's happening just like this to people or customer service who don't believe it's possible?
He is on another level!
This was absolutely AMAZING! Jakobi 1000% needs a bounty award for this, and Microsoft should be kissing his ass and hiring him for whatever salary he desires lol. Also, everyone should be made aware how sh1tty MS is being by making everyone so vulnerable.
@definitelyno
Ай бұрын
If he reported a vulnerability that meets the criteria set up by Microsoft's bug bounty program yes he should get a reward, otherwise not. From what I understand Microsoft did not think whatever he reported was worthy a bounty and from the video I don't see why they would be wrong.
@scottspa74
Ай бұрын
I guess, if you support the letter of the law, rather than the spirit of the law (obviously we're not talking about "laws",but in principle). If someone made MS aware how vulnerable their SW is, they should be kneeling down to him. I did an internship with someone who was pretty instrumental with creating UAC for MS, and he always stated how bad MS code is in terms of just accepting bad code and moving on without addressing the underlying bad code, due to how many things would break as a result of trying to fix it. @@definitelyno
@scottspa74
Ай бұрын
@@definitelynoalso, MS is the primary SW of nearly all users of computers; they should be VERY concerned and want to address the issue, and reward the whistleblower.
@definitelyno
Ай бұрын
@@scottspa74Still, what is the issue.
AWS paid a bounty I saw when I was there, that to me wasn't really warranted but they paid it anyway. I respect that. Micro$oft you are going to produce black hats onto you than whitehats
I love jakoby.❤
as always the best it channel
@davidbombal
Ай бұрын
Thank you!
Genius
OMG, what a fantastic guy!
@David Bombal & @Jakoby - Is it worth the time to block "Powershell Gallery" in the Windows "hosts" file? Or will this do nothing?
@50PullUps
Ай бұрын
The PSGallery is no more a vector for malware than the entire Internet is a vector for malware. On your personal systems, use the PSGallery as much as you want. In a corporate environment, Allow for specific whitelisted PCs and then Deny All for all other PCs.
@IamJakoby
28 күн бұрын
Yea that guy pretty much nailed it. There will always be vectors to look out for its just learning about mitigating the risk.
hydra: error while loading shared libraries: libx264.so.164: cannot enable executable stack as shared object requires: Permission denied While starting hydra this error is shown in non rooted nethunter also tried sudo but still not working
Very useful ❤
@davidbombal
Ай бұрын
Glad you think so!
What a great video about such an interesting topic 😊 i can literally imagine how it was to think hours in sleepless nights about such a challenge. After the cryptophones topic became public, I was fascinated of the idea to construct a secure data exchange method which is using a bunch of alternating channels like social media platforms and others. Even if I am not a hacker, the idea of chunking up the data and either include meta data or being able to link it felt like a lottery win 😊
Jacobys shellsync git repo iss empty how can I use that
Its like looking at the stern of a boat. Green is starboard, red is port.
1:11:35 I have to be that guy about the semantic expressions being used wherefore the focus of developers in the cybersecurity space is 'how COULD this be broken' to sanitize or use some other weak security measure to set up the best digital reaction to a cyber threat. Ethical hacking or generally all hacking is about the 'how WILL I destroy this system'.
Would be nice to see a metamorphic shell.
insane
David these are fantastic topics but can we get a 1 or 2 minutes at the start of the video explaining core concepts quickly so we can be same page or have general idea what video is about? many people may not even know what powershell is
@davidbombal
Ай бұрын
Great suggestion - difficult with some of these more advanced videos. This is one of those advanced topics.
@furkankaraslan9040
Ай бұрын
bro took words out of my mouth well said
@remedygrime
Ай бұрын
I like where this comment was going but how does someone even watch this channel without knowing what power shell is 😂
Thanks god he is in our side 😂
David, Microsoft is evil in what they did to Jakoby. Great video. Thanks.
@davidbombal
Ай бұрын
Glad you enjoyed the video! I hope that Microsoft rewards Jakoby for his hard work!
@MrPenguin098
Ай бұрын
@@davidbombal Me Too! He is Brilliant. I learned a lot.
This is nice
Big ups David for supporting the hacker community and for helping to give people like Jakoby a voice!
GOOD VIDEO🎉
Geez do Fidelity, Schwab or Robinhood use Akamai. What about spoofing NTP?
Thank you sir i am working in dns reverse shell by using powershell so this video is so important to me thank you.your are great teacher thank you.god bles you❤❤❤❤❤❤❤i am suppoting you
DNS filtering that can parse these queries would act as a notifier? Yes/No?
@IamJakoby
28 күн бұрын
Potentially yes, they are just really hard to detect unless you have a very clearly defined white list
Hi David sir
47:51 🤣
Wow, even his facial jewelry looks Reverse Engineered!
Anyone please tell me which AI course is best to learn with ethical hacking
davidbomball looks so worried lol.
Hol' up. Did homie just imply that you can plant potentially incriminating files on remote systems?
@IamJakoby
28 күн бұрын
Yes that is correct, it's just you have to do some extra recon on your target to see what else could interest with these packets
what is the terminal emulator being used?
@IamJakoby
28 күн бұрын
It's called Termius It's the SSH client I use
Hi david sir can u help me with a course with is on ur website ethical hacking guide A-Z and kindly give me some guidance for offensive security and one more suggestion if u like i did ur ccna from udemy and my suggestion is can u do it for firewalls or scor courses
Sir, discuss .xz please !!
I know people always say this and now I finally will. I have been in the industry for 30 years. This guy is great. So tired of fakers on the web. It's refreshing to see real talent. Keep pushing bro! Saving the world one shell at a time.🔥🏴☠
@IamJakoby
28 күн бұрын
It's really refreshing to read a comment like this. Social media has been getting oversaturated with fake or really watered down cybersecurity content. I appreciate your appreciation
Sounds like a supervillain origin story. They screwed you over. I’m not saying “Go Get ‘Em…” but if you diiiiiiiiiid…many of us would understand 👍🏾
should alias whoami to "echo 'Ghost in the Shell'" instead - or better yet: if your goal is to piss off hackers who get into your machine and run that command just alias it to `exit` lmao
@IamJakoby
28 күн бұрын
Lol exactly Now you are in the spirit
⭐️⭐️
bro it took me 3 sites to visit and total 6 minutes to understand the title 😮💨
@davidbombal
Ай бұрын
This is a more advanced topic. But a lot of it is explained in the video. People complain that I only show basic stuff in videos.... well... here is something more advanced :)
@IamJakoby
28 күн бұрын
OK I laughed at this comment a lot. I can relate
Oh Microsoft, you are so funny...