TryHackMe! Skynet - Wildcard Injection

Come play the GuidePoint Security CTF! go.guidepointsecurity.com/202...
For more content, subscribe on Twitch! / johnhammond010
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
PayPal: paypal.me/johnhammond010
E-mail: johnhammond010@gmail.com
Discord: johnhammond.org/discord
Twitter: / _johnhammond
GitHub: github.com/JohnHammond

Пікірлер: 246

  • @jonny-mp3
    @jonny-mp33 жыл бұрын

    That python bruteforcer is a lifesaver

  • @nullpwn
    @nullpwn3 жыл бұрын

    john: makes a py script out of nothing in less than 2 minutes

  • @Mosern1977
    @Mosern19773 жыл бұрын

    As a developer - very interesting to see your approach to finding weaknesses. I can sort of see the fun in this kind of activity, the lure of the dark side :)

  • @stevenhernandez3243
    @stevenhernandez32433 жыл бұрын

    love the content and the way you explain everything so thoroughly! id also much rather see you walk through a script like that than if you didnt

  • @Urzgag
    @Urzgag3 жыл бұрын

    Nice vid John :)

  • @compromyse
    @compromyse3 жыл бұрын

    RIP all terminator references.

  • @karangadhave9002
    @karangadhave90023 жыл бұрын

    Learnt a lot through this live walkthrough, well narrated and explained.

  • @Deathfreeze14
    @Deathfreeze143 жыл бұрын

    John, I must say please do more of these vids are awesome and the talking through your process is exceptional

  • @takeiteasyeh
    @takeiteasyeh3 жыл бұрын

    heretic, not confirming with ls after mkdir.

  • @christianmanalaysay
    @christianmanalaysay2 жыл бұрын

    wow... exploiting the tar wildcard to set the SUID bit on /bin/bash is so freaking smart and cool man, I was stunned by how amazing that was. I'm trying to better myself at pentesting and John, you are teaching me amazing things! Thank you so much!

  • @mikee.
    @mikee.3 жыл бұрын

    That tar exploit is INSANE, how have I

  • @mattstorr
    @mattstorr3 жыл бұрын

    Love this approach John. Its raw, honest and not contrived (i.e. doesnt come over as you've already completed it and are now just going back through the motions!). Its far more enjoyable to listen to your thought process this way, and you still seem to manage to keep things easy to understand. Nice work :-) Subbed.

  • @alexclarke6839
    @alexclarke68393 жыл бұрын

    Hey John, been loving how much detail you go into when doing these videos. Keep up the great content!

  • @AhmedMohamed-kn9sf
    @AhmedMohamed-kn9sf

    I wanted it for 1 time and will be watching it for a few more times to note all the things taught here. Thank you so much for your efforts. I do respect you and your talent. 😇

  • @meeDamian
    @meeDamian3 жыл бұрын

    This is probably the most educational video on the topic I've ever seen, and I've seen a lot. Amazing.

  • @durzua07
    @durzua073 жыл бұрын

    Holyyyy that curl to python requests and the bruter you wrote just blew my mind. Good stuff John I really love your videos.

  • @salimzavedkarim230
    @salimzavedkarim2302 жыл бұрын

    Been loathing reading all those articles about wildcard injection....

  • @bryttontsai6068
    @bryttontsai60683 жыл бұрын

    Amazing videos with great explanations to beginners instead of just cruising through all the answers without explaining the reasoning behind anything.

  • @aspxDEFINED
    @aspxDEFINED3 жыл бұрын

    This was incredible. Thanks for the content John!

  • @Child0ne
    @Child0ne2 жыл бұрын

    this video was awesome! i learned Sooooo much! thank you so much john, your the man brother!