Someone commented "Watching John makes me realize just how little i actually know about cyber-security". Thanks for giving me a reality check xDDD

0day was so good in the manner he prepared the box

I've been following you for a bit now and I love those "long and boring" parts! Your videos gave me the spark I needed to dive into InfoSec. Keep it going, i'm feeling a little less dumb each time you get a video out! Cheers!

Thanks for sharing real way of thinking instand of just showing off the answers eventhough you had already pawnd it. Supporting to you!

Great stuff man - very entertaining! One thing I'm glad for is that you didn't obsessively jot down every detail in a markdown file. It helps the video stay interesting. I suppose the documentation is the video itself. Otherwise documentation is purely for *personal* use. I like it.

man i love your videos about ctfs, it's really inspiring and motivates me to keep going i like your dynamic of explaining the videos. and you also demystify the idea that to be a good hacker you have to be an elliot alderson keep going all the love in the world

good content mate!! plz keep uploading such next level crazy stuff

To sum up the things I've learned and needed to learn from this video: God bless you, John Hammond!!

Me: Satisfying yt algo. Also me: enjoying every minute watching JH.

Educational and entertaining. Excellent.

There's that beautiful pea-head!

Okay. I do not understand all of this YET. but this makes me excited to go deeper into it. Lol I can follow along and it actually makes sense to me 😂. Wow this is awesome. Subbed!

Just wow, it was awesome seen this in action!

Great job great tutorial so far i found about try hack mee series. Go ahead John

Hi John, great job !

I really enjoy with you and ippsec. You guys are amazing. Like your voice man... See you around

The reaaaal realty hack! Awesome i love it ❤️‍🔥

solving the machine was fun but infinite scrolling which i didn't knew and I now know was damn good

I didn't know shit about hacking, and this video give me so many insight how to do offensive hacking (metasploit, cve, the cve poc, etc). This is literally goldmine. I recommend this channel to any software engineer trying to make sense the "hacking world". I tried to watch LifeOverflow channel and most of the time, the content just went over my head because he mostly doing low level stuff. This channel on the other hand, hits closer to home because I use linux daily, so I already familiar with it.

Oh yeah legend in action 😂😊 waiting John bro ☺️

John Hammond .... +1 You ROCK!!!!!!!!!

No.. I understood a lot more than I thought I would ❤❤❤

amazing dude

I Really love your energies ngl. Big fan here haha could you maybe give me some tips on how to get better in cyber security? A beginner here haha. Again big fan

0days box was fun

The next room is OWASP Juice Shop. It would by fun

(18:57)-SHELL shock reference (20:00)-Need to be an absolute path, cmd using curl (23:41)-Using Metasploit console (26:03)-Upload linpeash via meterpreter (31:04)-searchsploit tack m to mirror the dot c file and upload the dot c file via meterpreter

I have looked to see if you did a rust scan set up. Could you show how to set up rust scan on kali?

Wow there's race to be 1st or 2nd didn't know that XD

that sad moment when he forgets that "export TERM=xterm" allows him to clear screen from the shell

MORE! THE MOB DEMANDS MORE

Lots of fun

you were an inspiration to me to start a yt channel in my native language for OffSec and general comluter stuff

Dope

I'm wondering what is the music name n the end!

That was cool

John will you showcase HTB battlegrounds ?

i love you so much sir

Why not use tab completion on files and folders in your terminal?

thx good joooooooobbb🐯🐯🐯

Ryan and john big fan ♥️♥️

Hi John, I want to know is there a way to take priv esc without using kernel exploit on this box?

love you love from India...........

Fun fact: As you know linux sometimes dosen't let you to "do clear screen command". Clear your terminal screen anytime using this guide. Guide: (1)Open terminal and click on 3 dots, then click on preference (2)Then click on 'shortcuts' and then find option named 'reset and clear' option could be 'disabled' (3)Click on "disabled" and enter a special key that you don't use in terminal. (I suggest you use this key)"i am using ''END'' key". And whenever you press that key it will clear terminal screen anywhere.

🙏🙏🙏

wait so what if spoofed the dhcp instead of targeting the service

Hi ,unfortunately my nikto is not showing any shellshock vulnerability, I could only know from your video ,so then in other cases /cgi-bin/test.cgi can be vulnerable then .If I see these somewhere I should try shellshock

29:55? Green screen?

anybody saw the irony that john himself couldn't find ssh2john XP.

❤️

why does he prounounce room as rum or rim but not door as dur or dir

19:04 who else checked their discord?

I had no idea Seth Rogan had this side to him

Which os you are using ?

I'm a little late but I'm here

no idea what the fuck im watching but cool i want to do things now

What does WAAAAAAAK mean LMAO

31:24 nice nice thats why they pay me the big backs XD

ssh2john is located on /usr/share/john/ssh2john ❤️

ssh2john, just like other john scripts is located at /usr/share/john/ssh2john.py

I hate when already solve it without us

Dud, try Turtles? as the password? maybe??

I’m getting the ‘cc1’ error message you said you got before filming. Shame you wasn’t able to quickly show what you did to solve it. Made this challenge far too frustrating. I tried to watch your video as less as possible and do it on my own. I thought I was doing something wrong and you ended up using the same exact file as I did, so I knew I didn’t make a mistake. Clearly a bug. Just annoying :(

hi

hey john while I try to upload the .c file I'm getting an error "4: Operation failed: 1" and I am using metasploit 6 . Anyone who reads it if he has the solution for this can help me It will be a great pleasure from my side. Please help me with this situation.

car . secret ahhahaaha

Spoiler alert: 32:58

Im a 12th grade programming student and seeing this kinda overwhelms me lol

In spirit, metasploit is as much cheating as using google. If anything should be considered cheating or cheap, shouldn't it be linpeas? Because you should already know where to check for privesc vectors, whereas expecting you to know every exploit in every language is ridiculous.

msf5 1337

Hello, my fifa21 Account got a transfermarket ban. Could you remove it with nmap or could you show me how i could remove it. Greetings from Germany

6th

1st 😎😁

0th

2st

USE TAB FFS typing filenames in full is anoying asf, type some of it then hit tab!!!! easy!!!!