Тёмный

Vulnerability Research and Exploitation | TryHackMe Junior Penetration Tester 

Motasem Hamdan | Cyber Security & Tech
Подписаться 49 тыс.
Просмотров 12 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

In this video walk-through, we covered exploiting vulnerabilities and vulnerability capstone rooms as part of TryHackMe Junior Penetration Tester pathway.
*********
Receive Cyber Security Field Notes and Special Training Videos
/ @motasemhamdan
**********
Answers to the room
motasem-notes....
TryHackMe Vulnerability Research and Exploitation
tryhackme.com/...
********
Google Profile
maps.app.goo.g...
LinkedIn
[1]: / motasem-hamdan-7673289b
[2]: / motasem-eldad-ha-bb424...
Instagram
/ motasem.hamdan.official
Twitter
/ manmotasem
Facebook
/ motasemhamdantty
******

Опубликовано:

 

28 сен 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 28   
@danosullivan2964
@danosullivan2964 2 года назад
Just an FYI for people, I didn't need to setup a nc listener and could run commands from the shell offered by the python script in my terminal. Only difference was I ran it using python3, then you can ls the contents and the flag is there :)
@Bracara
@Bracara 2 года назад
Did exactly the same thing.
@raiders18dr
@raiders18dr 2 года назад
hell yeah
@jeremycheong8036
@jeremycheong8036 2 года назад
Hi Motasem, could you help me i am stuck on using 50477.py RCE 3 instead. I have seen other youtubers and they end up with the same result. (i.e output "system") and I did not receive a shell. Seems like something is wrong with the encoding portion of the script. Script contains quote(cmd) in plain text instead of encoding. I think that's the error. I also ran a listener but no avail.
@tomkraus1610
@tomkraus1610 2 года назад
I keep getting an error when trying to execute the 47138.py. Traceback (most recent call last): File "PATH ON PC/47138.py", line 23, in xxxx = raw_input('cmd:') NameError: name 'raw_input' is not defined I only edited the py file, by replacing the target URL and removing the proxy. Same as you. Any help?
@tomkraus1610
@tomkraus1610 2 года назад
i found the error, ended up changing "raw_input" to "input" and "urllib.quote" to "urllib.parse.quote" because python3 got shell
@namelastname3492
@namelastname3492 2 года назад
Are your notes available for download from somewhere?
@MotasemHamdan
@MotasemHamdan 2 года назад
Hello, Notes are available as part of the channel memberships. ru-vid.com/show-UCNSdU_1ehXtGclimTVckHmQjoin
@namelastname3492
@namelastname3492 2 года назад
@@MotasemHamdan Got it. Thanks. By the way your contents are really good and understandable. I start recently dealing with Cyber Security and I'm finding your channel for a really good resource. Keep going :D
@myname-mz3lo
@myname-mz3lo Год назад
you made that waaaay too complicated. once you have the shell just do ls and cat the flag.txt file ... dont know why you went and did all that extra stuff
@otojonkhudayarov9111
@otojonkhudayarov9111 2 года назад
sometimes i say : "what a hell is that 🥲" , exactly same code , exactly same ide , same python version.Buttttt it works in Motasem and gives error for me , lol
@MotasemHamdan
@MotasemHamdan 2 года назад
You must be doing something wrong :)
@iCyberVenom
@iCyberVenom Год назад
@@MotasemHamdan Idk man...I ran EXACTLY what you ran and it doesn't work. Same python script gives all kinds of errors for "print" and "raw_input"
@figurxfigur8935
@figurxfigur8935 Год назад
@@iCyberVenom probably you have to run script using python2 or change syntax to python3 in code
@gihandilshara847
@gihandilshara847 2 года назад
First view and like
@Max-hi4tc
@Max-hi4tc 2 года назад
Traceback (most recent call last): File "47138.py", line 23, in xxxx = raw_input('cmd:') NameError: name 'raw_input' is not defined what went wrong?
@kevinweeks3824
@kevinweeks3824 2 года назад
i removed raw_ then reran the code and it worked. xxxx = input('cmd:')
@tomkraus1610
@tomkraus1610 2 года назад
Check my reply
@otojonkhudayarov9111
@otojonkhudayarov9111 2 года назад
run with python2 instead of python3 => $python2 47138.py
@Blu3yyy
@Blu3yyy Год назад
Thank you Motasem, great video as always. Much appreciated!
@pratikdograma4322
@pratikdograma4322 2 года назад
Hi Motasem thanks for your effort,Is there a way to exploit any unguarded windows 10? I couldn't do this in no way excluding msfvenom ...
@mohamedali8605
@mohamedali8605 2 года назад
Thank you so much ,Gazakom Allah 5ayeraaan
@mohammedkhaledabdullahbend4514
@mohammedkhaledabdullahbend4514 2 года назад
ليش م تنزلهن بالعربية وهل في ترجمة للفيديوهات؟؟
@ibrahimiam
@ibrahimiam 2 года назад
Thanks for all your contributions
@Fullstackdev-
@Fullstackdev- 2 года назад
thank you for sharing
@huuloc8719
@huuloc8719 2 года назад
Thank you so much Motasem.
@healingsoundsandaffirmatio655
@healingsoundsandaffirmatio655 2 года назад
How to bypass payment on paid website any ideas plz?
Далее
SQL Injection Vulnerability Explained | TryHackMe Junior Penetration Tester | OSCP
46:09
SQL Injection Vulnerability Explained | TryHackMe Junior Penetration Tester | OSCP
Просмотров 31 тыс.
Vulnerability Capstone - TryHackMe Junior Penetration Tester: 6.3
12:07
Vulnerability Capstone - TryHackMe Junior Penetration Tester: 6.3
Просмотров 2,4 тыс.
Гусарская палата | Уральские пельмени 2024
1:13:57
Гусарская палата | Уральские пельмени 2024
Просмотров 205 тыс.
Я КУПИЛА КВАРТИРУ !!! Девочка из общаги
50:55
Я КУПИЛА КВАРТИРУ !!! Девочка из общаги
Просмотров 822 тыс.
Подземелья Чикен Карри #30 "Ультиматум Сфинктериона" (Воронин, Куруч, Малой, Гудков)
2:33:31
Подземелья Чикен Карри #30 "Ультиматум Сфинктериона" (Воронин, Куруч, Малой, Гудков)
Просмотров 464 тыс.
Lp. Сердце Вселенной #20 ЖИВАЯ ЭЛЬФИЙКА [JDH] • Майнкрафт
30:38
Lp. Сердце Вселенной #20 ЖИВАЯ ЭЛЬФИЙКА [JDH] • Майнкрафт
Просмотров 1,1 млн
Command Injection Vulnerability | TryHackMe Junior Penetration Tester
12:13
Command Injection Vulnerability | TryHackMe Junior Penetration Tester
Просмотров 13 тыс.
Metasploit: Exploitation - TryHackMe Junior Penetration Tester: 7.2
53:02
Metasploit: Exploitation - TryHackMe Junior Penetration Tester: 7.2
Просмотров 9 тыс.
Vulnerability research as a lifestyle - Faraz
31:12
Vulnerability research as a lifestyle - Faraz
Просмотров 4,6 тыс.
Decrypting SSL to Chinese Cloud Servers - Hacking the VStarcam CB73 Security Camera
19:45
Decrypting SSL to Chinese Cloud Servers - Hacking the VStarcam CB73 Security Camera
Просмотров 276 тыс.
Tactics of Physical Pen Testers
44:17
Tactics of Physical Pen Testers
Просмотров 903 тыс.
When you Accidentally Compromise every CPU on Earth
15:59
When you Accidentally Compromise every CPU on Earth
Просмотров 828 тыс.
File Inclusion Vulnerability Explained | TryHackMe Junior Penetration Tester | OSCP
33:40
File Inclusion Vulnerability Explained | TryHackMe Junior Penetration Tester | OSCP
Просмотров 63 тыс.
Finding 0day in Apache APISIX During CTF (CVE-2022-24112)
12:41
Finding 0day in Apache APISIX During CTF (CVE-2022-24112)
Просмотров 87 тыс.
Server Side Request Forgery | Junior Penetration Tester TryHackMe SSRF
20:51
Server Side Request Forgery | Junior Penetration Tester TryHackMe SSRF
Просмотров 26 тыс.
TryHackMe - Metasploit: Introduction Walkthrough (CompTIA PenTest+)
21:44
TryHackMe - Metasploit: Introduction Walkthrough (CompTIA PenTest+)
Просмотров 10 тыс.
Гусарская палата | Уральские пельмени 2024
1:13:57
Гусарская палата | Уральские пельмени 2024
Просмотров 205 тыс.