This is our continuation series of Junior pentesting learning path on tryhackme.com. We are exploiting! Lets have some fun! Patreon to help support the channel! Thank you so much! / stuffy24 Hacker Discord / discord
I've been watching all your Jr. Pentest videos and I'd love to say that I really appreciate the amount of explanation and information you provide. Keep it up!!
Oh man, I spent a lot of time to find what is not explained anywhere: When you run payload 2, then "run"- you have reverse shell (cmd) on the target machine, but I couldn't find how to run Meterpreter on the same time (or only Meterpreter) to use it and find a file or run hashdump - It was so not clear in every explanation of this part (most of people give results but without explanation how they run Meterpreter and how exaclty they find a file and hash) - I don't want to jump steps without really do it by myself and understand process and details. Nobody explains so important details as good as you show on this great video. Thanks a lot! :) Have a great day!
hey stuffy, great coverage on this room. i've found that if i work through the steps of the room on my own and then come back and watch your discussion of the exercises it really helps cement the concepts because you're not just racing to the flag. even if you sounded rushed here, you take the time to verbalize your approach and establish a good level of comprehension. really appreciate this. only seen a couple of your videos but i'm sure i will be exploring more.
thats what i do too haha i do the room then watch this and get all the extra little bits of info like what parts are usefull or not in an actual pentest . great channel indeed
think i commented on your past videos before, but still, thank you again, i was having some trouble on my own doing the questions, got stuck for a day, thanks, you added a lot more useful information ;D have a good one!
@@omrimizrachi2752 yeah definitely! i'm a visual and hands on learner too so following along helped. it was also placed in the course a little weird as well imo. there was a big leap in difficulty going into this room from previous ones. at least for a beginner to all of this like i am.
for anyone getting the "segmentation fault" error when trying to run the payload on the target machine... set the proper payload before running the multi handler. 26:05 i was stuck on this for like 3 hours and im not fond of walkthroughs but time is important to me.
Great video, thank you. Unfortunately, I have run into numerous issues with using a loal machine through the VPN to complete these challenges, so if you are having issues and doing the same, try using the THM attack box.
ive done the ethernalblue room prior so I could tell what task 5 was about, but in practice when I ran nmap -sC or nmap -sV or nmap --script vuln it did not come up with ms17-010. I remember in the ethernal blue room it did show when running the 'script vuln' . Not sure if my room had an issue or if i was suppose to find ms17-010 from looking up weakneedes on the OS witch for me showed as (OS: Windows 6.1 (Samba 4.7.6-Ubuntu)
Really awesome walkthrough you put together @stuffy24 , i was stuck at the ssh bit of the series, and you made it clear what i had to do. Thanks buddy!
Champ Stuffy, I love your effort and sincerity , feedback- Please use light pastel shades on Kali screen and also increase the font size while presenting ...
Hey sorry i just saw this. It means you dont need to still be connected. You can crack it without having any connections which means you can set it and forget it and not worry about anything.
For the NTLM hash, why was it only a part of it that's the answer? I was stuck on this and got the hash but couldn't figure it out... Isnt all of it a hash?
Do i have to setup a server when establishing a session cos i'm not able to even when I set payload to 2 and use eternalblue exploit and set RHOSTS. I think I may have gotten my LHOST wrong or smth
Thanks for the walkthrough. Maybe it's because i'm not using the attackbox, but i'm not getting a meterpreter session when i run the eternal blue exploit. I get Windows system 32 shell and I can not for the life of me figure out how to get the meterpreter session. I'm going to try it on the attackbox instead of through the vpn and see if that changes anything.
Hey thanks so much for the support. I would revalidate all the parameters and run it multiple times to see if it fails over and over. A lot of payloads may need ran more than once.
@@stuffy24 Firstly, thank you for the reply I am confused though, when we scan port 137 with nmap it gives nothing because it says it is closed. However when we scan port 139 with nmap it gives the information we want. How can metasploit netbios scan work on port 137 when nmap doesn’t and vice versa for port 139?
@@user-qx7gh6ff1e as we get into more detailed information. It's very hard to explain on RU-vid comments. Feel free to hop in the discord and ask questions with screenshot examples and get more detailed answers. Make sure to have timestamps to help also for the video
It doesn't work when I cat the flag on meterpreter. I tried using cat c:\Users\Jon\Documents\flag.txt also cat flag.txt. It doesn't work. I think it may be a bug. Any ideas?
I was having a similar issue using 7777 as my LPORT for the shell script and handler value. Changing that value to something else (I used 8888 instead) fixed it, so maybe give that a go.
Because the video is geared to learn metasploit not how hashing works. I appreciate your feedback and I have a lot of videos on hashes that you can review. I try to keep my videos focused on the point that I'm teaching and not go on tangents of each specific piece to keep the videos as short as possible. I appreciate it's not complicated to you but breaking it down to complete beginners adds time to the video and I have to cut in places it was just where I chose not to dive deeper in the content. Could be the wrong choice but it's where I did it in this one. Thanks again for the feedback
@@stuffy24 no now that you explain it it seems like the right choice. smart move to keep it on point to not make it too overwhelming . thats why youre the best. i stand corrected
@@stuffy24 true. i only started making progress when i started learning one thing at a time and at the right order, so i think your view on it aligns with that.
Usually I like your videos but this one was frustrating and not very helpful. The reason I was watching this was because I needed help and you skipped over key parts because you were annoyed you were doing the video again. Also, it would be great if you walked through the process as you were initially doing it instead of having the answers already written. Thanks for doing the videos but they could be more helpful.
Appreciate the feedback. If you have specific parts you want broke down feel free to hop in the discord and I can try and walk through them. Most of these boxes I've done multiple times over the years so the answers are almost always going to already be filled in.
@@stuffy24 Wow thank you very much! I will have to look into Discord for this because I have only used it for Midjourney. Thank you again for all that you do to help us, you are very much appreciated!!!
Once the rev_shell.elf file is downloaded to target box. When returning to the attack box the "http server session" was the last thing initiated. What is the key/command to get back to "exploit (windows/smb/ms17_010_eternalblue)? If I hit Ctl Z , attempting to background the http session, it stops the msfconsole.
Don´t work...msf6 exploit(windows/smb/ms17_010_eternalblue) > run ....FAIL FAIL FAIL......This is the problem with metasploit....mostly the shit don´t work!!!
Lol that's why you need a background in troubleshooting. Metasploit is one of the greatest tools ever invented in reality because before that you couldn't just get exploits like that
@@stuffy24 Hey stuffy, thanks for the answer! I thought about the problem. Can it be, that the problem was the LHOST? There was my Ip, automatically placed, I think! Maybe I have to change to the THM IP! There is always a problem with RHOSTS an LHOSTS...for a beginner. It´s confusing sometime, what IP where to place! Also, when I did a room with a friend of mine,,, we did all correct, but we need 6 RUNS to have a WIN and success??? How can it be??
@@sharky9493 metasploit is just a tool for hackers. It runs the payloads for you. If you didn't have metasploit you wouldn't even be able to attack anything unless you manually got the exploit yourself or coded it. So metasploit isn't the tool that's having those issues it's the payloads. There are many payloads and exploits that aren't always successful. That's because your taking a service and making it do something it's not meant to do. That can cause computers to crash, services to shut down etc. That's why if you don't truly know what your doing aka script kiddies. You will make a ton of mistakes and get caught often. Pentesting is an art and takes years and years to become great.
@@stuffy24 Thank you for the answer! You are the FASTEST ytuber!!👍👍I agree totaly, but you know, that in OSCP you can use MS one TIme. But sorry you didn´t answer my question, about the trys you need sometime! You face the same problems? Running MS over and over, with the same settings, 5 times FAIL,,6th time WIN. Sorry I don´t understand this,,,either the payload works of not! Greetings from germany!
@@sharky9493 yes the oscp requires you to not be a script kiddies that's why. Metasploit is a script kiddies dream! Yes I did when running a payload it is using a system to do something it's not supposed to. This doesn't always work especially due to how successful the attacks are and metasploit actually tells you how good the exploits are.