TryHackMe! Sudo - CVE-2019-14287

it was not easy :s

Bash files open

How did you know to try curling the website with an added header? That seems so random is that a very common technique?

I got stuck on the zip file section. I did not see anything related to that. I’ll have to research the “binwalk” command, since this is the first time I’m hearing about it.

thanks for making these videos. helpfull to see someone elses sollution!

Agent Sudo is so awesome, especially if you're like me and have never gotten into steganography. Not to mention seeing you doing it with your knowledge is even more awesome! Thank you, John!

❤️❤️😍

Everything goes smoothly until i have to use John The Ripper piece of crap software that is completely broken and bugged lol

say it with me John - 'autoSPY'...the box is agent sudo after all :D

Im the 1000 liker

ngl I was also fetching Alien_autopsy.jpg , fun room and great video as always !

You can also do this with lxd privesc.

Your videos are Nice to watch but You're way too fast and don't explain very much Sadly

i used burp suite for change the user agent to C in repeater but it didnt work?

I love your self control hahaha

ahahhahaha, cringe. i dont wanna see that!!!!!

thanks i learned so much

It makes me happy that what you did was more or less what I wrote in my writeup as a beginner back in December, awesome that I did it like you too! <3

when trying crack the zip2john file i named " cracked.txt" is not working any ideas ? i have the output

john --wordlist=/usr/share/wordlist/rockyou.txt cracked.txt
Using default input encoding: UTF-8
Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x])
No password hashes left to crack (see FAQ)

Sry for this question, but I am really knew to this stuff. How can I access to the scripts which you are using?

Why did you immediately chose binwalk when you found that string in the png? I personally spent time using stegcracker on both images hoping there was some regular form of stenagraphy

Had to come here for the image title lmao

what terminal emulator are u using john?

You are amazing

I just got here (on your channel) this week and i'm learning a lot from your videos, thank you! Keep doing them, they are awesome!

I'ld like to learn basics for free give me advice as soon as possible pls

The pain in this entire video is the exact reason I purchased a subscription with Tryhackme lol... so much faster and a lot more stable.

I don’t know why, but I find your TryHackMe! videos to be super relaxing. I only vaguely understand what you’re doing, because I don’t possess any of this IT knowledge that you’re implementing. Thanks for the great content.

Really cool!

your cam is on the command way

Very cool!

Nice one, thanks, always cool to watch 👍

2 openvpn connection just like in the king of the hill live

I feel like the last couple of videos have been unpolished at the begining.
I feel like i takes 0 effort to clear stuff from previous videos, deploy the machine, make a directory and open a text file with the IP copied.
In my opinion this can all be done before the video starts thus avoiding the first/first and a half minute of the video.

Thank you very much, how long does hydra normally take?

John, how do you use kali tools on Ubuntu? You installed them with Katoolin?

cool vid, but it's super annoying having your face over the commands your typing lol can you move the active console pane to the top or hide your camera when typing?

make videos editing hangout streams !! 😀

I’m sure your asked a lot but do you have a link or guide to install the tools on Ubuntu your using?

good tutorial.. but too fast.

Nice room John! I've learned some nice stuff with this video. I'm new in the hacking world, I started in THM a week ago and I'm learning a lot. Keep up with the good content, greetings from Argentina!

damn dude, subscribing forsure! Awesome content in all your videos. Thanks a mil for the knowledge. :)

Hi can you make walkthrough the burp suite room. it is not free but want to learn this badly.

your videos are very entertaining, keep going D:

Thanks for the tutorial.....

Thanks man