TryHackMe! PickleRick - BYPASSING Denylists

Рет қаралды 285,262

4 жыл бұрын

If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: paypal.me/johnhammond010
GitHub: github.com/JohnHammond
Site: www.johnhammond.org
Twitter: / _johnhammond

Пікірлер: 333

@KoalaPlaying 4 жыл бұрын

I wish to understand what is happening on my screen right now, but I love watching stuff like this

@Jib420 3 жыл бұрын

i dont know why im watching this... i just am

@tanyayadav15 3 жыл бұрын

Same ..

@Nossody 3 жыл бұрын

Lookup Red Hat courses if you want to learn linux :)

@senseifr0st819 3 жыл бұрын

@@Nossody or just use linux and consume someones legg because that also helps

@panicswitch1271 3 жыл бұрын

@@Jib420Half way through the video I asked myself, "how the hell did I get here?"

@ReySoMLB 7 ай бұрын

John, I know you're a professional and im still a beginner .. but this was the first 'CTF' that i faced in THM and its labeled as easy. This was impressive but watching you fly through this was very discouraging lol. I've gone through the rooms up to this point in the "complete beginner" path, ive taken notes, studied, and re-read rooms... and i got to this and my brain just fried watching you do this. I couldn't follow what you were doing, you were running so many cmd pages and dropping commands left and right, it was hard to keep up. This is 100% educational and inspiring at least, but holy Christ. I'm subbing now... lol

@kutloano.mp4 3 ай бұрын

I will come back to this video in the future and I vow to be able to understand this video

@laronthomas2006 2 ай бұрын

I just got lost. I was doing well with easy rooms but now im initimidated

@Alberto-ww7vb Ай бұрын

I'm pretty sure he mention that he did the room previously to making the video, but still It wouldn't surprise me if he flew through it. I just did the ctf after around 3 months of learning in the junior pentest path and got stuck in various places running around in circles hahaha. Still I think is a great way to learn to watch someone so experienced to things because we can learn so fu...ng much. Good luck on your learning journey

@David-iu3ep 3 жыл бұрын

Me: Omg, Jon! How many command lines do you know??? Jon: Yes.

@sindrejensen665 3 жыл бұрын

John

@vaishnav3735 Жыл бұрын

@@sindrejensen665 cena

@pleonexia4772 Жыл бұрын

That question doesn't even make sense

@IllusionAI Жыл бұрын

The amount of knowledge this guy possesses is just crazy

@jacquescilliers4511 Жыл бұрын

To be honest as an absolute beginner in the cyber security space, watching videos like this makes me doubt myself, but excites and scares me all the same time

@angeatgr Жыл бұрын

Its like learning to code, I remember feeling like shit when learning OOP, today is a second nature and so is ethical hacking, there is a lot to learn, networking, pentesting tool, a bit of programming, linux, windows etc.. but you will get there ! It takes time, lot of it and more with practice

@blazingfalcon7387 Жыл бұрын

I feel the same way lol

@iCyberVenom Жыл бұрын

Well he's absolutely ripping through the challenge at one million miles per hour, so....don't feel bad. He clearly posted this video to showcase his skills and speed, not to teach others. He couldn't possibly type, switch screens/apps, speak any faster than the pace he's moving in this video. Change the playback speed to 1/4 speed and you'll still see he's moving quickly.

@john_wick_catcher26 Жыл бұрын

how is it going after 9 months ?

@IGORDYES 11 ай бұрын

@@iCyberVenomhe clearly stated he spent a while in this before recording. The video is nearly 20 minutes and the box is just about as easy and beginner friendly as they come. He was not trying to show off his skill. It’s clear you need to practice alot. Good luck and cheer up.

@4ag2 4 жыл бұрын

Big fan ! I do learn a lot from you, I'll make sure to support whenever I'll be able to do that. GREAT JOB

@RossMitchell 2 жыл бұрын

John - absolutely loving the videos dude. I'm an absolute level 0 n00b so some of this was over my head, but trying my best to work hard and grasp the basics! Appreciate the effort you put into your videos and the time you spend to explain things, you're a top dude. Peace!

@adriasanchez6633 Жыл бұрын

Thanks John! That was my first ctf, i learned a lot trying stuff and your video gave me the tips i’m not aware of at the moment to run forward.

@Laflamablanca969 4 жыл бұрын

What a great series. Please keep doing these! :)

@giovanniromio2767 4 жыл бұрын

Loved the recap at the end. Also perfect editing of the video.

@yankeesouth 2 жыл бұрын

Your content has helped me learn so many things. My brain has one wrinkle in it now. Thank you

@CybrJames 4 жыл бұрын

Kind of cool to see the Thumbnail work you did yesterday live today. Great video. Keep up the great work you're doing.

@Steefie70 3 жыл бұрын

Thank you, every day I learn something new, also thanks to you John, you are very fast, but there is no limit to repeat the video (haha). All the best from Rotterdam.

@Godmil Ай бұрын

Oh wow, that took me hours 😆 I'm going to write down everything you did here because that was just beautiful seeing how efficiently you got through it.

@CleanCivilian Жыл бұрын

I really wanted to do this room without help, but man... there is just some things i do not know and the 'basic' room did not teach! Thanks for the walkthrough, took notes while following along and trying to figure out as you gave info.

@jalajkumar9955 4 жыл бұрын

Hey John! Please create more THM videos, as they are very good for understanding new concepts and ways to exploit a box. Thank You !

@kentharris7427 Жыл бұрын

I like the way you take notes. I am going to implement it since I can use text files over different operating systems. I used Burp suite which didn't work for this room. Typically Burp suite will show the pages of a website which was not the case for this room. I joined THM about a week ago, with a background in IT hardware, so this has been a challenge. Thank you for your video.

@lwc3648 2 жыл бұрын

Tomorrow is my first day of hopefully many on THM. Really enjoyed this and will be sure to check all your content out.

@masterbloon9812 8 күн бұрын

Ahhhhhhhhhhhh thanks for the tipp with the reverse shell, i was really stuck at that point XD

@real.xplo1t 2 жыл бұрын

strings also helps in the portal.php page. Good stuff

@patrickavognon2850 29 күн бұрын

Thanks John, this is video is very helpful

@ggmaxx66 2 жыл бұрын

excellent presentation John!

@capivaradeprograma 8 ай бұрын

At first I was kind of afraid of not manage to complete this room. But watching your video makes me understand every concept tha I have been through in the path "Web fundamentals" and make this room way less scarier 🤣🤣🤣 Great video

@BenKadel 4 жыл бұрын

Love your videos dude! This was awesome!!!

@andrevwebb 6 ай бұрын

Wow…..thank you. This is great

@rodriquh 4 жыл бұрын

This was an excellent example of owning a box. Great job using the poor mans pentest, it’s really an awesome accomplishment.

@su8z3r03 Жыл бұрын

What is the poor man pentest ?

@rellsw02 4 жыл бұрын

A great video that you made look very simple.

@CybrJames 4 жыл бұрын

Damn, you make it look so easy. Hard to follow as a beginner, as I don't always understand. But I will get there. NICE

@sergiohernandez273 2 жыл бұрын

All this it's awesome, at the beginning, I didn't know how to upload rev' sh, but from now on I can see it's very easy. 'E= Congratulations!

@the_offsec_noob1120 3 жыл бұрын

You are an awesome mentor.. Thanx you helped a lot and know i started my own channel..

@SeaDraGraphics 4 жыл бұрын

man i would love to see another king of the hill livestream

@nicolaslaborie5015 4 жыл бұрын

for the cat "file" that didn't work, less did :) Very nice walkthrough. It was a fun box :)

@silf6950 2 жыл бұрын

Thanks for the help!

@tizkit1 Жыл бұрын

Thank you for this helpful vid

@peptobepto 10 ай бұрын

i come back to this video about once a week to see how much more of it i understand. I finally get why hes doing what hes doing and why hes doing it in that specific order.

@icoldblooded5196 6 ай бұрын

Hi, I am just starting out myself. Is there a route that you suggest me to follow to achieve what you are achieving?

@jamaledineamarir6724 3 жыл бұрын

netcat is actually in there. You can redirect the STDERR output to STDOUT (as no result were shown in the portal.php page). Here's the command for that <a href="#" class="seekto" data-time="650">10:50</a> : $ nc --version 2>&1 $ nc -h 2>&1 $ man nc That way, any error (stderr) will be prompted in the web page (stdout), instead of staying blank ^^. $ nc --version doesn't exist

@bcordone 19 күн бұрын

Yep. I found out netcat was on there via man nc, and then I used msfvenom to get the reverse shell. The part that had me stumped was how to get ROOT, ironically. "sudo -s" gave me some sort of error (forgot what it was exactly), su root prompted me for a password I couldn't figure out (I don't think ROOT even has a password in this one. I wonder if it works if you just hit enter without typing anything in) so I never would have thought of trying "sudo su root" which worked without asking for a password. When I saw "you can run all, nopasswd" I thought it meant you could run all commands that don't require a password (i.e. guest access) so I spent a while trying to dig around to see if there was some sort of local privilege escalation exploit but gave up and was asking for help on the discord, then I frustratedly tried sudo cat /etc/shadow after someone pointed out "Doesn't one thing stick out?" and it worked, then I tried sudo su root and got root.

@CuteTransGirlxD 3 жыл бұрын

I didnt know this was a thing. I wish my college classes was this cool when it came to doing this

@talio-5469 4 жыл бұрын

Liked, already subscribed, and I'm typing things to then press enter.

@felipecg6587 2 жыл бұрын

gracias amigo, you rock!

@cooliceman0001 3 жыл бұрын

Really enjoy your videos

@omerahmed463 Жыл бұрын

You are awesome Love you John

@4rikkkk 3 ай бұрын

I'm beginner and this is my 3rd machine, I completed it without running a reverse shell, but the fact is I tried to :') I will keep this way to run a revershe shell, thanks!

@TRD_Mike 2 жыл бұрын

Type things in and hit the enter button to submit a comment. Thanks for making this video my dude.

@sfxElrick 3 жыл бұрын

@John Hammond you can also use wildcards to evade that type of blacklist: /bin/ca? *.txt will work

@oussamanbou1090 4 жыл бұрын

i love what you are doing

@mr.meatbeat9894 Ай бұрын

Thanks dude

@phoenixbird09 3 жыл бұрын

Thank you!!!

@cyberdevil657 Жыл бұрын

Holuy shit John you are a ninja at this! Ive seen the intervieuws with networkchuck & David Bombal. And what u do is amazing!

@lugasiyt899 2 жыл бұрын

love ur videosss keep up the good work btw i just did less clue.txt its worked well :)

@haXez_org Жыл бұрын

Cheers John

@zacktzeng8569 2 жыл бұрын

Hi John thanks for the awesome video! Out of curiosity, how do you split the terminal? Is that the native Ubuntu terminal or did you use something else?

@onlylikenerd 3 жыл бұрын

Fantastic video!

@Micahs0day 2 жыл бұрын

Excellent video!

@DrRedrum 2 жыл бұрын

that... was.. TOTALLY AWESOME!!! I wanna do stuff like this too! By the way your typing speed is insane!

@Zeeshan220dtsi 3 жыл бұрын

Helped me alot !!

@pascalkasparian1316 Жыл бұрын

It's seems so easy for you.. i'am a beginner and it was a little hard for me to understand all stuff ;) Love your vidéo Thx

@keithreynolds4108 3 жыл бұрын

Gotta say, it's impossible for me to follow that without pausing this but bravo!

@kylemagness5172 3 жыл бұрын

nice stuff! ive gotten into linux a little, have it running on my laptop and RasPI but nothing as cool as this!

@robertoquinones785 3 жыл бұрын

I tried using head, cat and less, and less was the only one who worked. But happy to learn the grep . approach. !

@natking1u1z99 Жыл бұрын

The first two flags were simple. But the third was stuck on because i couldn't figure out how review the source code for the php page, even though we didn't need it. Python3 didn't work for me so i had to see if the perl and php commands work which they did. A php shell wouldnt connect but perl reverse shell worked. I going to revisit this room once i really all fet a hold of what im learning . Been working on the support side of IT for 9 years so this is a new realm for me.

@dopy8418 4 жыл бұрын

Hey i've see that thumbnail somewhere...

@lance_lot2866 3 жыл бұрын

Hello, when I walked through this room, I googled commands to output the file contents and one of them was "nl". It is not forbidden and is on the system. And file "second ingredients" I read with the command: "nl /home/rick/second\ ingredients". It's great that you can go through it in different ways.

@skinhoe 3 жыл бұрын

Are you on the Redteam at VZ? I loved this video, can't wait for more; subed and all notifications on

@xorinzor 3 жыл бұрын

<a href="#" class="seekto" data-time="450">7:30</a> searching for incredibly difficult workarounds, while all he had to do was just add the filename to the base URL since they're located in the webroot, lol.

@im_typ0563 2 жыл бұрын

Commands: less and tac work to read the files. Also everything was doable from the website, aka without a shell

@iCyberVenom Жыл бұрын

I remember thinking, "It's impressive he knows multiple paths to get where he wants to go, but there's no way this is the easiest path"

@nayeemislam574 2 жыл бұрын

Love the way he teaches these stuff.

@justangryvideos47 3 жыл бұрын

This is not even close to how I did this ctf. But thats the cool part, there are so many ways to tackle the same room

@shubhamsoin2429 4 жыл бұрын

Thanks for the super neat walkthrough John. Could you please share the link to the video on setting up a stable reverse shell?

@UsamaAli-kr2cw 4 жыл бұрын

python -c 'import pty;pty.spawn("/bin/bash")' Ctrlz stty raw -echo fg Enter key 2 times export TERM=xterm

@comedytime9010 Жыл бұрын

Superb sir ❤️❤️

@osmanisiktas 2 жыл бұрын

He is in another dimension!

@Sami-xv8ve 4 жыл бұрын

great video man.

@TheTubejunky Жыл бұрын

Well made video!

@nothingreallymatters7530 3 жыл бұрын

i love watching this

@sean_reyes 4 жыл бұрын

Loved it.. it inspires me do to some CTF.. question.. do you really recommend using linux OS for doing stuffs likes this? if so.. what distribution?

@keepercool98 3 жыл бұрын

Kali

@HackSyndicate Жыл бұрын

less works better than cat for me, in most situations. Great video, thank you!

@GiQQ 4 жыл бұрын

Most of the time you could use the built-in regex of bash to evade blacklists. /bin/c''a? Will translate to /bin/cat

@brogrande9620 4 жыл бұрын

whoaaaa, that's super cool

@maherazzzouzi279 4 жыл бұрын

it's /bin/ca"t not /bin/c"a

@maherazzzouzi279 4 жыл бұрын

or /bin/c"a"t -_- or whatever u want

@GiQQ 4 жыл бұрын

Maher Azzzouzi You probably want to look up what regexs are.

@francoramirezcastillo8075 Жыл бұрын

doing it I only got to the part where the command can be executed, where the reverse shell was done, but then I had to watch this video and even so it took me about 2 hours in total to complete this CTF, and that was an easy level...

@s1ked_416 10 ай бұрын

hey how do you get your shell to give you some colors on the text whether it be directories or files and stuff? I saw when you were at "second ingredient" the text was in green, on my shell it didn't gve me that at all... is that dependent of the OS you use or something? if it wasn't for that I wouldn't have been able to figure out that you had to "cat *" the thing to get the 2nd one....

@edgarchan5251 3 жыл бұрын

I appreciate you fully prepared before you start recording. but... its better to clear your browser caches on those text boxes, which shows your submission histories~

@asherfitness Жыл бұрын

Great video! By the way you can solve the entire thing from the website command panel (without any reverse shell)

@Noeth 3 жыл бұрын

Very nice. I actually used strings to cat out.

@nestorvillafane7737 11 ай бұрын

What a ninja.

@RicondaRacing 2 жыл бұрын

I started getting lost after you popped the reverse shell...lol

@rafaeldacosta8581 3 жыл бұрын

<a href="#" class="seekto" data-time="442">7:22</a> i felt so dumb seeing you have a lil harsh on reavealing txt info when i just entered the full URL with the filename...I felt dumb, because a not even closer being at the same level as you, but i'm working on and i have to start from somewhere right?

@ryzein8450 3 жыл бұрын

i don't understand what is he doing, but it's so fun to watch.

@Nixamina 4 жыл бұрын

I didn't understand anything but i still watched the whole video.

@Melvin420x12 4 жыл бұрын

It’s worthy to do the basic rooms in TryHackMe. OpenVPN, Linux Basics and Vulnversity. Just those three are enough to understand everything. Personal experience haha

@alsongadizo1692 7 ай бұрын

Great video you kind of lost me when it came to python3 and using reverse shell engineering...but thanks..Could you please do a video on reverse shells...much appreciated

@chrisshevlin7771 Жыл бұрын

I've been trying for ages to use gtfo bins for privilege escalation in the command line, I'm assuming now having watched this video that it won't work and I'm looking in the wrong place and only a reverse shell is the answer?

@starcloister4651 Жыл бұрын

I still haven't learned all the stuff he did in the last few minutes. I did the web app hacking path and it taught me a lot but I still feel like it didn't prepare me for this exercise.

@Jsfun Жыл бұрын

Rough seeing LastPass knowing what we now know.

@user-lz3tc9mj8m 2 жыл бұрын

To bypass blacklist in command panel we could just use "less" command

@fongjon 3 жыл бұрын

A question, at <a href="#" class="seekto" data-time="825">13:45</a> ish when quake is used the commands in the script (stablize_shell.sh) are echoed on the other netcat shell, how is this happening? If I do the same on my system the script writes out the commands on the guake shell. What am I missing? Thanks to anyone who can help

@rafaelpedroso7002 Жыл бұрын

that was nice to do with John

@championparrots2476 Жыл бұрын

Is cybersecurity or software more advantageous? Which should we specialize in

@David-iu3ep 3 жыл бұрын

Damn... it looks powerful to use commands like that

@Angiie180 3 жыл бұрын

thanksssssss

@nullpwn 4 жыл бұрын

thanks man, now i know where i suck at..

@SDavies2010 3 жыл бұрын

Oh man as a noob, I tired to follow getting the stable shell and can't get it to work.. Went to the poor mans pentest video and still didn't know what was going on 😂

@rud2k881 2 жыл бұрын

good stuff, just one question. at <a href="#" class="seekto" data-time="175">2:55</a> how did you pull up the website source like that? thats the one thing thats stumping me about this CTF.

@reidjohnson3964 Жыл бұрын

ctrl + u

@unknwonyes3345 2 жыл бұрын

WTF the voice of this guy is deep af

@DoorThief 4 жыл бұрын

A web server that executes arbitrary commands, with a couple command blacklists? Man. They should have used a restricted shell for those results.

@emanuele6 3 жыл бұрын

<a href="#" class="seekto" data-time="420">7:00</a> echo < clue.txt this shell code will not print the contents of the clue.txt file. You probably got confused with this (bash only): echo "$(< clue.txt)" Thanks for the video, very nice to watch :)

@bmbiz 3 жыл бұрын

Which is equivalent to the command substitution "$(cat clue.txt)" ... but faster.

@emanuele6 3 жыл бұрын

@@bmbiz No... The whole point of using that instead of cat in the context of the video was that you couldn't use cat... echo "$(< clue.txt)" will print the contents of clue.txt without external programs

@bmbiz 3 жыл бұрын

@@emanuele6 Not sure how you read what I wrote and concluded that I was unaware of that. My comment is a simple fact that people who aren't well-versed in Bash probably don't know.

@emanuele6 3 жыл бұрын

@@bmbiz That is what he was trying to do in the video; printing the contents of clue.txt, so it is obvious that that is what this shell code is doing in my opinion :/ Also you wrote "is equivalent, but faster": 1. that is arguably true: it's not guaranteed anywhere that $(

@bmbiz 3 жыл бұрын

@@emanuele6 Oh, yes, sure, make your long, clueless, point-missing statement then say "we don't need to discuss it any more". Trust me, Skippy, having a continued dialog with someone is obviously socially inept, if not crippled, is not high on my list. Ponder, though, whether your reaction to what is a harmless post about some Bash facts is appropriate. That's right "facts"...everything I said can be found in the Bash man page, you amazing Whiz Kid. LOL.