Welcome to Byte Sized Security! 🌐 In this digital age, the world of cybersecurity can seem daunting and mysterious, but Byte Sized Security is here to change that. Our mission? To make cybersecurity simple and accessible, breaking down complicated concepts into bite-sized actionable insights that can help you improve your everyday security. From tech enthusiasts to beginners, we simplify online security for all.
What You'll find here: 🔹 Videos: Complex topics made easy-to-understand. 🔹 Insights: Practical steps for robust online safety. 🔹 Writeups: Ethical Hacking Writeups and Tutorials.
Comment, engage, and let's enhance digital safety together!
Value online security? 🔔 Subscribe and be part of our mission.
Thanks for being here! Together, we make the internet safer, One Byte at a Time. 💡
Hello brother, hope you're doing great. I passed the OSCP exam last week and your videos were very very helpful in my learning journey, so keep up the great content!
great walkthrough; did they change the machine? weird i don't see s flag for php www-data@gravity:/usr/bin$ ls -lah | grep php ls -lah | grep php -rwxr-xr-x 1 root root 3.0K Oct 27 2019 jsonlint-php lrwxrwxrwx 1 root root 21 Mar 29 2023 php -> /etc/alternatives/php -rwxr-xr-x 1 root root 4.6M Jun 17 13:22 php7.4 www-data@gravity:/usr/bin$
I wonder what was going on at the end with that dll 🤔 seems like WerTrigger thinks the exploit failed too which obviously it didn't. Either way really great video as always
Its funny I watched it yesterday. The dll was there, I'm just clumsy. I tried cat instead of type. And I didnt search properly. The WerTrigger output isn't too important. At least, thats how i saw it yesterday. I was like 'WHATS HE DOING' 😂
@@ByteSizedSec oh okay I was seriously confused thinking I've never used cat on windows 😂 sometimes once I get to the end of a box similar things happen to me like my brain needs to Ctrl alt del and clear up some space
One thing I notice watching your videos, is you do not make use of a clipboard manager. I know a lot of ways exist to find that damn IP every time, but I would be lost without the clipboard manager lol
I do use all of these tools just in different scenarios. Nmap i use a lot but its wrapped in autorecon. Essentially auto recon, as the name implies, does a whole bunch of different enumeration techniques at once so you can get to hacking quicker. Whats important is tho that you always know whats running. Ffuf i use mainly for various types of fuzzing. And evil-winrm is very specifically for when you have valid credentials that can remote into a server via winrm. Thats when evil-winrm is really powerful. The main importance is to have a wide range of tools for all scenarios. Thank you for the question and support ! 🙏🏾
Hi mate is it possible to make a discord channel where we all like minded people can connect and learn from each other. What I love about your channel is that you take everything in a slow pace which is easier to understand. Keep it up man.
Thank you for the kind words. It is my plan to set this up soon. Videos will return beginning of october as I am in the process of moving at the moment and it will take a bit of time until I am all setup.
Amazing job yet again, did you maybe try godpotato in this scenario? I've always had problems with godpotato not returning fully functional shell (things like whoami would not work etc.) but since RDP is open you could create a user, place him in both Administrators and RDP user groups and log in as that new user?
Yeah I'm on the process too, I fall on my first attempt on May till now I continued preparation I do OSCP A, OSCP B, OSCP C after fail this one teaching me a lot of things the I practice every Tj Null list it amazing 👏 🤩 then my second I will tackle easily this exam
@ByteSizedSec I waiting till December or January to passed my second attempt and before I will do to Altered security AD course to develop more approaches and Methodology but I learn to much OSCP Approaches
Hello man, I just want to tell you that I just got the OSCP !! and part of it was because of your methodology. If I was able to do it you will most definetly have it next time.
Lets f***ing go, congratulations🎊! I'm very, very VERY happy to hear that and very proud of you man! 👏🏾 glad I was able to contribute in some way. All the best for you going forward!
The actual route was to do the proper reverse engineering of the binary, which i clearly was also too lazy to do. Strings, i guess, is the second intended path. PwnKit works on too many boxes as an unintended path.
@@ByteSizedSec Haha might come back to the reverse engineering at a later date. Ah thanks for the tip, Ill definitely avoid pwnkit then! Guess that will be the last resort on the exam! Good luck on your 2nd attempt I'm sure you’ll crush it!
In Linux, you have the possibility to set up keyboard binds. Normally, prntscr is assigned to the default Linux app for screenshots. You can unassign that application and just assign 'flameshot'.
Some of these web pages we get to hack look absolutely beautiful. There's been a time or two where it's given me some ideas on how I want to design a webpage. :-)
I’ll be honest I completely copied your way of taking notes using sublime and obsidian, it works so much better than how I was doing it before so thanks 🙏
What a legend ....It was supposed to be on Hard but you made it easy my solution was a little different.. I used PwnKit CVE-2021-4034 And he made me straight into a root ( It was a hint I got From a linpeas )
Could you make a video setting up just the notes itself? I use obsidian too and I'm thinking of setting up a template that looks just like this. But the way you did this was way too easy and had everything I keep looking for. Possibly hosted on github?
@@ByteSizedSec Awesome! I set up some templates, but the way you were so easily able to do everything and already had the folders set up, I want to create a script that will allow me to open the folders with everything I need inside so I can run through what I did and capture everything. I just gotta get to that part of my journey I guess.
For real? I would be very interested in looking into that. It might be time to create that soon. Build a little community. How can I reach you? Mind dropping me a mail?
@@ByteSizedSec totally bro shoot me a DM and we can definitely talk about it I'm I'm down to just do it just to help you mod and stuff because I definitely enjoy your content and you're very helpful in the security and networking. I can do any type of dev work you need. I've helped mod a bunch of communities over the years and I have one of my own personal ones that I used to just test various spots and scripts and stuff like that. I think she's the two of us can kick some ass Jim.
Honestly, was just wondering about you yesterday and when there would be a new video. Love your methodology, your last video like this helped me tremendously.
Glad you're back man! After 2 attempts myself at the OSCP, I'm also going through these PG Practice machines. I feel like they should have made these machines mandatory during the training. I would also say that there are PG Practice machines not on this list you are showing that absolutely should be. I feel like Offsec knows about this list, so really any of the 154 PG Practice machines "could" be incredibly useful to go through.
I unfortunately do not share the notes. They are a collection of paid courses and free ones, way too much content to post. Its part of the journey to compile your own! But thank you for the support!
Making professional moves. Ill be back, dont worry, I just have to focus on other things at the moment. As soon as I can, I will be back with an update!
Great videos boss. I didn’t want to pay for pg-practice so watched all your walkthroughs instead. You have what it takes to pass the exam. I passed last week 🎉
NetExec is just rebranded CrackMapExec with new maintainers, since the original guy has retired from maintaining the tool. Keep up the good work man, your videos are great!