While sitting on the John eating Johnny cakes

sounds like he forget his gmail password and trying to hack in lol

John inception

@@atanki5682 johnception

He also do singing l love his song perfect

Of the six thousand languages on earth, you chose to speak Facts

totally agree. it's the fumbly bits that I enjoy. mistakes are where the learning is at.

Yes! The fumbling makes it real life and shows how easy mistakes are. It's like bloopers, love it.

Thanks for the boop! xD

good idea!

Ooooh, that's a good call! That would do the trick too. Thanks!

@U X I hope to god that my website doesn't do that I got some servers open to the web, and I know a friend of mine is really paranoid about leaving open ports and what not. But the more I learn about different ways people exploit and the more I get into the security aspect, the more I get confident about my practice. Though one thing I learned from this is the cron job part. I got two cron job that could give a hint as so what's going on the network, so I might need to check if there's some thing that a non root user might be able to see. *edit: looking at my crontab, nothing seems visible unless you're root :D I'm really relying on not having any major security issues based on the fundemental programs, rather then trying to implement too much on either security though obscurity, or sticking my head down the sand and hoping nobody notices me.

@@svampebob007 I've thought about setting up my own home-server with the same approach: keep things simple. Security by utilizing only the most simple, secure methods. nothing more or less.

@@cdellio just chipping in to point out that hosting on a free low resource cloud alternative would be much more recommended.

thats just the linux (and friends) experience in general

Yes i was just going to post that

Me too plz

Hey there, not a dumb question at all :) I just tend to use it out of habit, that's what I like to use. I don't have all the Vim keybindings memorized, and I like the magic tricks I can do with Sublime Text for multiple line cursors and find and replace without typing out the full s///g regex etc. I've tried Vim more than a few times, but always end up just going back to Sublime, I guess ahaha. Totally whatever the user likes to use, I'd say :)

and watching the reworks when things go wrong 😂 #real-life

What is $TERM before you ssh into the victim? It might be because the victim doesn't have the terminfo for your terminal emulator. Just change it to xterm or use another terminal emulator before you ssh. Something like: TERM='xterm' ssh john@victimip

I have not tried naabu admittedly! I will have to give it a try. So far rustscan has been working great for me. Thanks for watching!

John Hammond thanks for your great videos too :) please inform me if you try naabu as well! Have fun ^^

Ooooh, that's a good call! That would do the trick too. Thanks!

I had a script that busted my balls over this! I'll try to keep it in mind next time I creat a clusterfuc.. a script :)

Another solution that IMO is simpler: cat > /mnt/root/etc/passwd Paste and then hit

i mean it is hidden, so id say it is like putting it under a rubber footmat... with holes in it

my thoughts

Plain http might be faster? It's a bit more user friendly as you don't need to authenticate, then again with an ssh key it shouldn't be an issue. However the key is pass protected so unless the password is stored in a keyring you would have to bother to type the password. It all comes down to personal preference.

@@Sfhgscvg you could also change the password of that key since you now know the ssh passkey: ------------------------------------------- ssh-keygen -p -f sshkeyfile ------------------------------------------- it will ask for the current password, then you can just leave it blank. if you have to connect a lot of times with ssh, you could add something to the .ssh/config Host client client.example.com HostName client.example.com IdentityFile ~/.ssh/client_rsa # private key for client (like "sshkeyfile" in my previous example) User remoteusername Host otherclient other.example.org HostName other.example.org IdentityFile ~/.ssh/otherclient_rsa # different private key for other client User otherremoteusername ------------------------------------------- then you can just use ssh otherclient or scp files client:~/ really useful if you don't want to always have to add the -i option, or if you want to set a custom name for that connection and have it separated with multiple id files. on another note you could also add it as an alias in the .bash, but that's up to you, the point is that you can simple remove the passkey once you know the passkey and then use it as a regular key withough password.

You can mount directories from the host inside the container. This is done for example to have persistent data since the container isn't. Since / is a directory and the container is run with root privileges (privileged container) / can be mounted in the container. Same thing also applies to docker. The documentation warns you or it should at least.

@@Sfhgscvg so if i mount a directory from the host to a privileged container and write to that directory the changes are also being done in the host?

@@SpiderPigXL yeah, try it out, it's fun to play with and fairly simple to try.