Teaching My Wife to Hack…Maybe

okay you keep I'm just gonna chill over here Smasher you've been waiting for first buddy I've seen you in here for like at least the last 30 minutes so I'm impressed you're ready for the circus show that's one one thing to call it it's gonna be a circus show she doesn't know what she's doing whatsoever no do you want to start do you are you ready do you want the people it's not 8 o'clock hey you want to give the people a minute you want to hit the tweet button you might just hit it yeah just hit the button oh look at you you just tweeted Wow I tweeted before but you just tweeted Wow what's up Lane how you doing buddy babe don't you remember names no we're going over this last time o greatest came in here I see grannies on xanies what's up you're trying to get art ready for pentesting are you a madman what's wrong with you sir what are you doing yeah too bad does a nice generic yes you know jannat the wrong with generic they're cheaper not a good trip and then it's very particular in what people can and can't use oh is that your notification that I'm streaming solid well people we are gonna get started here so the wife gave her rules she is only going to appear for one hour I told her that I asked her I begged her I said please stay on as long as we can we can get through a box so we're gonna get through a box it's gonna be it's gonna be a little bit self-guided but we're gonna get there you are you excited yeah you know excited which box are we doing that's a great question we're not doing heck back so we go to screen we are going to be doing the legacy y legacy because legacy is the easiest box that we could possibly do that's in the top 20 so we've I thought they had brought in the VIP where you can do the new beta but apparently I'm not part of that so we're gonna pick pick legacy otherwise I probably would pick something like Jerry for her but I think this is this is good enough for now what's up burnt toast how's it going what's up MTX so what we're gonna do is we're going to do this legacy box now it is a Windows machine you've used two windows before yeah yeah yeah every day yeah every day you're good so we've got this and we've got what is this IP address are you reading the column no I know what that is you know what that is what what's an IP address enlighten me is it's like your specific computer right when you'd like all of your things have an IP address yes now how you know people know that you're doing it that's correct that's why you use a VPN so people don't know she knows some things all right so yes we've got an IP address here and they're saying we should do lame but super easy and fun I don't know is it easier than legacy are we are we sure are we sure I haven't scoped out lame legacies got some pretty pretty popular votes here but we'll start we'll start with legacy so okay they're pushing they're pushing for lame I don't know what's on line I've done it before apparently but so what we're gonna do we want to attack this IP address right here right okay okay well this is a Linux machine they're gonna have you cheat with Linux I like cheating I wouldn't call it cheating but alright uh no we're gonna stick I'm going back to my guns or gonna stick a lazy I'm gonna keep you on a platform that you're familiar with okay so I'm taking my hands off I got my own teacher instructor mouse over here and guess she goes crazy goes rogue but you go ahead you can click the mouse so what you're gonna do is I want you to open a terminal okay so right click on that hit new window and then can you make it bigger for the people thank you our so have bacon shortcuts yes that's great okay so that's as far as it's gone in our lesson yeah so so there's there's what are called the five steps of hacking so tonight we're gonna be doing two of them right the first step is information gathering we're not going to gather any information other than what we already see here we don't need to gather anything we know it's a Windows machine we know the IP address so the second step is gonna be enumeration and scanning so that's what we're gonna be doing here gonna be doing some scanning and then we're going to enumerate what we find so I have a look at the things that we find see what they tell us from there we're gonna do exploitation so exploitation let's go actually get us on to the machine the other two are post exploitation and cleanup so things that we do once we're exploiting and then cleaning up everything we were never there cleanup attracts okay that makes sense yeah okay so we're sitting here in this terminal and you have no idea how to use Linux right okay so I'm gonna give you give you some commands I'm gonna talk you through it so the first command we're going to use is called nmap so I just want you to type nmap okay and then you can put a space after that now a map stands for network mapper so what we're gonna be doing is we're gonna be scanning the specific IP for open ports do you know the port is no okay so your services your services run on ports right so let's let's talk about something easy like let's talk about a website you go out to a website now the websites by default if you type in HTTP what's the other thing if there's HTTP what's the more secure version that HTTP because okay so HTTP runs on port 80 so if you see port 80 come up you know that's a website wch GPS that runs 1 4 4 3 so if you see 443 you know it's on each GPS that's also a website so things like that that pop up different ports use different things how do you remember all you just learn you learn as you go you memorize as you go you take enough CompTIA tests you learn all the stupid part numbers for testing purposes sick in the mind says hello and signal mind says think of a port as an open door or window in a house that's accurate these are these are things that are open to you so you're gonna try to exploit and get your way in through that port ok so we don't know what's going to be here when we scan it but we're gonna see what's there and then we're going to do some research on these open ports and these services and then we're going to try to find a vulnerability and exploit it ok so another thing that we need to talk about so there are two different types of protocols that we're going to be that we could scan against really so there's TCP and there's UDP so you don't need to know the difference is too much okay just know that a TCP is a connection protocol right it's connection oriented so a website is TCP okay so you're connecting out to that website it needs to be stable you need to have like a guaranteed communication right UDP it's not connection oriented its connection was so therefore like more faster things but it's not always guaranteed so when we have TCP we have something when we connect to it it's called a handshake so you want to shake my hand all right here's how this works it's called a 3-way handshake okay it's my kind of handshake so what you do is you say okay I want to connect to you so I say I'm gonna say sin right I want to connect you and you're gonna say yes or no that you can connect so you'll say if you say yeah I can connect you're gonna say syn/ack that means I acknowledged your sit right sy and by the way and then I will acknowledge you back and say I acknowledge it I do want to connect to you that's a three-way handshake wait give me right to Mew to me right so I say hey I want to come in I want to connect to your port you say yeah you can connect to my port and I said okay I will connect to your boy and we established this connection okay right so what we're gonna be doing here is is something along the lines of that handshake it's called a stealth scan now it used to be stealthy back in the day it's not stealthy anymore and so that's just what it was called so instead of doing the full handshake so I'm gonna say hey I wanna connect to you here we say yeah you can connect to me I'm gonna say never mind it's called a reset on rst so we're going to reset that connection and that means I never actually connect to you but you offered it up to me to connect so I know that ports there okay so that's how these ports are showing up they're showing up because you're offering that connection I never actually make the connection and is supposed to be stealthy because since we're not making the connection you're not necessarily knowing I'm scanning against you but it's detectable nowadays so all right aren't you guys supposed to be drinking also I have a beer Cheers she's got a beer as well so back to our end map mm-hmm all right so there's a couple things that we're gonna want to type in here so you're gonna want to use a dash or attack just a – put a capital A there okay space another – capital T and then a for space a – lowercase P lower or another – and then I want you to do one more space do the IP address of that machine okay which it was 10.10 got 10.4 hold on oh sorry all right hit enter okay so what are we doing here okay we're using this end map tool this network mapper I'm gonna use the mouse just a point okay using the end map tool this – a stands for all right so we're doing everything we're running all different kinds of service enumeration we're trying to see as much information as we can find out about this and also it's gonna try to guess the operating system that's running give us as much information as possible right this t4 is a speed you've got an option between t1 and t5 now t4 is like where I like to to scan with basically the the higher the number the faster your speed but maybe the more likelihood you might miss something so t1 would be like a really slow scan and then t4 is you know kind of okay okay – P – this stands for the port's that we're scanning now this scans every single port there are 65,000 somebody in the chat can quote directly but there are sixty-five thousand plus ports that are that are out there right and we're gonna scan all of them so we're gonna go out and we're gonna do – every port we're gonna say sin and eventually one's gonna say Cenac and everything that reset okay okay so and then it's gonna populate that those in here with the open ports against that machine that we're scanning here okay so other than that we can hit the up arrow or any button I like to hit the up arrow right now yeah right now here at ninety five ninety eight point five seven on this they're not always as fast don't be impressed is it cuz it's t4 what is t4 has faster timeouts of the port doesn't respond with a shorter time limit it's assumed it's closed thank you sick in the mind okay right meow yeah she is ready to go full Sun guys hit up again super rad okay that didn't go there so no shots no shots no we all have to work tomorrow we all we all howl all of us so if you missed the beginning she's going to exploit this machine and then she's leaving she's done she's uh she hates us I did know I said I don't want to be on stream any longer than I have to be I didn't say that I'm just tired so she's tired she's little tired what's up alpaca the pakka yeah you can hit up again it might take it might take a minute definitely thought it was down it doesn't matter think what LS is she exploiting she is exploiting a Windows machine here very very soon are we doing lane I don't think we're doing lame lanes not a Windows machine lame is Linux machine we are doing legacy all right while we wait what are we doing explain back to me this process okay so we're doing this and maxing network mapping yes to find ports with a three-way handshake kind of a modify it for you a hand sneaky okay we're going at a speed of t4 yeah yeah we're looking and everything all of it okay and we're looking for ports and we're gonna say can I go inside you any money yes and if they say yes then we're gonna say never but I like I'm gonna use that analogy for every every time now can I go inside you and yes okay so that's that's good okay while we wait can we do a recap on the five stages of hacking do you remember the five steps job don't know what they're called exactly no just give me the lowdown all right um so we're gonna scan thanks scanning is step two okay step one you said we weren't gonna do we didn't do step one but what is step one I identify the IP address information gallery okay so that's where we go out and we try to identify anything that we can find about this target or the organization or whatever you know we're gonna gather as much information as we can okay so recon recon that's a yes exactly and then we're gonna scan yes and then we're gonna reveal II ya enumerate yeah yes and then we're gonna clean clean clean up we clean up way later there's got to be a couple things that happen between scanning and cleaning up okay how do we find things we find things but what was a call exploitation yes exploitation yes they're more yeah what's in between what's in between exploitation and cleanup Oh Saved by the Bell okay okay so let's uh let's look at this it's post exploitation will this be on VOD later this will be on VOD later you're darn tootin all right I'm gonna help you out okay okay so let's talk about what ports came back you see the scan here it says port state service and version yeah okay so we've got three ports that came back one thirty nine and four four five now we've got NetBIOS and microsoft des any hunch what this might be now think okay let me let me try to let me try to make this easy for you or try at least every workplace you've been at you've you've got this you go you have this at a computer you go sit down this is available to you I have a computer at your computer but at a workplace think about it what do you have that you might say you want to get a file to a co-worker I scan it you can scan it where does it go into a shared folder into a shared folder okay okay so these are so when you have a shared folder an SMB share like this it opens these ports right here the 139 the four four five okay okay so this is called SMB now there are a couple things and you see that three three eight nine is it's not actually open it's showing closed so three three eight nine is RDP do you know that RDP is so remote desktop as somebody remotes into your computer it's a little different than TeamViewer but it's like kind of the same concept but so we only are really working with just this right here right okay okay so we've come down we can read more of the scan here so it's just taking guesses and you can see it doesn't really know it says Microsoft Windows anywhere from 2000 and 2008 at a 92% yes but that's what it is and then maybe it's General Dynamics embedded so it has no fucking idea is really what it's telling you got it and then it gives you an aggressive OS guess it's guessing that it's a Windows 2000 or Windows XP sp2 or three why is that important why is this important yeah so different versions of Windows have different exploits them so if we're looking at this and what this this is part of the enumeration that we're doing here what you're seeing is like okay well SMB is open and maybe I'm gonna say okay what is a Microsoft Windows 2000 SP for SMB exploit you know that might be something that we research so knowing the OS there might be a specific exploit for this specific port or a specific service that's running on that port that you you could potentially exploit so scrolling down a little bit more now these when we have shares like this a lot of times they can give us some extra information so we've got some interesting things here we've got a NetBIOS name which is like our computer name so you can see the computer name is legacy ha right get it you get it okay so we don't know that the NetBIOS user is we user name we've got a MAC address Juneau MAC addresses a MAC address yeah okay so a MAC address is kind of like identifiers like everything has a MAC address when it comes to like network you know network related like so the first three here will tell you what it sparked up so the zero zero five zero five six tells you that it's VMware so VMware just means it's virtualized so it's a virtualized computer but you may be able to get some information here about this MAC address but it you know it's not the best information to have but it's information maybe you can use it later down the road so anyway you come through here and it's telling you the OS is Windows XP okay and incessantly on Windows 2000 LAN manager and it's telling you again though it's XP it's giving you other things like a work group so work group here it's this is like your domain the htb so if you're on a domain like at work same kind of thing this is just on a domain or a workgroup and then you can scroll through here it tells you a little bit about the security on here so some of these things that you're looking at I mean this would be more more advanced things to talk about why these are bad or dangerous but really for a basic basic box like this what you're gonna want to do is you're gonna want to gather as much this information and they're gonna start doing research ok so one thing that we want to do and I like to do first is I like to use a tool called Metasploit if you ever heard me talk about Metasploit okay so go ahead and type in MSF console and you can just hit tab hit tab what hit tab see no let's have it out for you and then hit enter yeah Metasploit she's gonna be a skiddy first thing right off rip autocomplete for Linux exactly okay so we're gonna search for something I want you to type search and then I want you to space SMB hit enter now this is gonna bring up a lot of stuff we brought up a hundred and twenty two items so I'm gonna help you out just a little bit so there's different modules here this is post exploitation with the post in the front so that means that we would run this after we've exploited the Machine this type of module exploit is an exploit and then we have something called auxilary now auxilary is just like helping us scan things get more information so you can see where it says auxilary and then scanner of an SMB so we want to look up the SMB version so actually right here there's a bunch of different ones here that we can like we can try to find the shares that are on there like what kind of shared folders okay what kind of users are there what maybe users in their domain user enumeration etc but this one here is the one we're gonna go for because we're gonna try to find out the SMB version and if it could tell us anything else about the machine okay so it all makes sense kinda kind of where are you confused there's a lot of things there's a lot of things don't worry about majority this so why these all came up is because I typed SMB and SMB is in part of all of this stuff we're gonna really narrow it down here in a minute and you'll see when we go through a next search that it's not going to be this drastic so the font size is part of the madness and that is because we have to share for you lovely people so okay we come through here and let's say we've got this module now we know what module we want and we want to use it so we're going to type in use hit space now I'm gonna help you out I'm gonna paste it and then you get hit enter okay you are here so now let's hit options type option sorry oh boy okay okay hit enter and now you're looking at all of your options so we need to know what's required here so you see they're required with requirements yeah you can see the threads is required but threads is already filled out so we don't actually need to fill that one in our host is required so our host stands for remote host that's just the IP that we want to scan against okay so do you remember that was yes yes you're gonna set this so let's say set space our host you don't have to capitalize and then space and then enter in the IP address enter okay and then go ahead and just type run and hit enter or if you're going to feel really cool you could type exploit and hit enter okay so we did not pull back a version of of SMB that we're running but we did get something very very specific here so if you look it says hey we're running Windows XP sp3 that stands for a service pack so that means the type of a version of XP it's running there's a service pack 1 pack 2 pack 3 so my first guess is if we're gonna if we're gonna try to hack this well I'll let you what are we looking for kind of said it like five times okay so SMB is the only thing that's open right yeah so what information do we have we've got there's SMB open on the computer yeah we have the Windows XP sp3 okay umm do have other that's enough fighting ok perfect ok so go to your little Firefox here and get new tap and I want you to Google something along those lines what yeah okay and service pack SP SP 3 no XP see SP great ok and then I want you to add in the word exploit hit enter ok ok so no we're using Windows but what are ok with what stands out right away on this screen does something stand out I'll narrow down should it to the top three what's something I've already using Metasploit Metasploit let's click on that one yeah so rapid7 actually makes Metasploit if we want to look at the actual they might even be better we can go back I feel like they're gonna be the same thing so if you go ms 0 8 0 6 7 you click on that ok ok so you scroll through here and if we're a good hacker and we're not some skiddy go back up and you can read about what's going on here you want to make sure it's a yeah but it says 2003 targets will often crash or hang on subsequent attempt so it's able to handle multiple successful exploitation event so we're gonna try to exploit this ok typically it'll tell you like what what the deal is and it kind of does but it might just say like it says XP target so it might have multiple service packs or something in there maybe it's all of XP but when you know we're we're we're just a skiddy or a script kiddie we're just gonna throw and see what sticks back so go back no no no that's fine yeah okay so the module if you click back in there what's up melt to the ocean scroll down a little bit scroll down a little bit okay so it tells you how to use it okay so I want you to you can copy literally copy and paste that used line that's right there the whole use line including news yeah okay okay yeah she's got something on her glasses she's nervous she's hiding her fears she's full of shit okay okay she made it worse she's ready to leave you can't control see don't control C or no control C no control V but you have a mouse okay there you go and hit enter cool look see it change see where says Windows SMB MSOE okay so type in what okay no type in what do we type in last time want some information run options option okay okay so we got our hosts right so how do we set that I don't remember what set set our hosts what's the our hosts I don't remember you don't remember you can scroll up okay wait weirdo oh my IP address it's her IP address it's my hey okay enter yep now type in options again enter yep okay so you see that it's set you see the our port that we're attacking so it is on four four five that's one of the ports that was open yeah if for some reason it was on an HTTP TCP it's not HTTP website 443 is HTTP okay this is a different port different service this is SMP I'm back on board she's back on board she's drunk already I am NOT okay so you see how it says automatic targeting here and it says exploit targets so say show targets type that one word or two to hit enter holy shit and there's a lot of targets okay we'll just let it run with automatic targeting if we have to we can find the XP sp3 English and just run against that let's go ahead and just try typing and run actually we're gonna be cool we're gonna be cool kids cool skits we're type an exploit hit Enter it goes nothing here goes nothing ah we got a shell this is a shell yeah what does that mean what does that mean that means you just got on the box you're on this machine okay you how do you know that you have hacked because look it says mortar pre-recession one opened you have a mortar procession now okay okay so type in type insists sys info INF hey enter okay so you've got a x86 architecture that means you have a 32-bit machine that's all this shit okay you've got a meterpreter session of x86 as well you want these two to match okay so you've got a matching session that's great we could do a lot of cool stuff you could type in something type in hash dump everybody's telling you congrats this is your first machine one word hit Enter look at that you just dumped hashes from the computer take that yeah take that so you can take these hashes you can go offline and capture them or try to crack them there's a John user there's a support user Wow creative administrator so now type in get UID hit enter you are authority system that is the highest level that you can be Wow that means you own this machine this is yours this is Amber's machine yeah yeah okay normally you're more excited for your first root on Windows it's your bitch exactly alright so now what so if you wanted to this is like a meterpreter session so it's not actually like you can interact with the machine you could type in something called shell hit enter ok now you have a you have a shell right and you don't know what this looks like so I'm gonna type in this type in CMD and I'm gonna bring this over so does this look familiar it's pretty much the same thing so you see this command prompt here yeah you're in a command prompt here so it's kind of like almost think of it like the Windows version of the terminal like we've been working with okay basically it's a way to give different commands so we are already on the desktop so I want you to just type in type in der dir hit enter so what this does is this lists out all the files that are on the desktop and all the folders and stuff now there's a something called a root dot txt so I want you to show me that root dot txt so we can't double click on it obviously we're not in the computer so you can't open it that way well we can still read the contents of the file ok so you can say type typ e space root dot txt hit enter and that is your root hash what is this important for well you take this you copy it you go to hack the box and then you blow this sucker up and over here on the right side it's already lit up green but you would you would submit it for your user here pop-up like say this one oh you can and you would paste the hash I've already done every so we don't know if I was right you're absolutely right you wouldn't get access to that file if you didn't have root access so the other location is there's always a you're always a you have a user here too so there's always a user patch and a root hash do you want to find the user yes you do okay so we need to change the directory okay so I'm gonna teach you the big quick way or I guess the long way maybe so for change directory we're gonna type in CD which is change directory this is also the same in Linux and then you're gonna hit space and they hit two dots and what happened what's different we are an on the desktop we went back okay so lets CD dot dot one more time okay now i want you to type der yeah yep yep guys we're doing this baby steps we're not giving her all kinds of crazy syntax okay so you've got an administrator which we already grabbed the root or the root dot txt right so we've got one more user here who's John yeah so we want to we want to change into John how will we might do that I don't know so we're gonna say CD space John okay so let's type in dirt see we got here okay well we new get to the desktop so help me out how do I get to the desktop you can't tell me I don't know I'm not gonna help you on this oh wait okay then I'm scrolling what you didn't you just did it CD yeah desktop okay but it's case sensitive Hey right yeah okay now dirt ah the user dot text now print out the user dot text for me okay we do give me the first one the first letter the first letter T but I don't remember I know what are you doing right now type okay and then space yeah and then user dot txt user dot txt okay okay so we do that and then I've got this thing and then I'll copy it if that was the point yeah you'd be good yeah yeah all right so let's say you want to go back to your meterpreter session you would hit control C control ctrl C hit Y for yes sir and now you're back in return for a session what is an interpreter so it's like a so its Metasploit shell basically so you have this this area here right where we're in the command console this command prompt that that's what we've been playing with right here this whole area meterpreter is a much more flexible thing and if we type help I can show you some of the cool scary things we can do so you saw hash dump right we dumped the hashes we can do something called git system or if we weren't that system user we can try to become system look at it so you can record a microphone webcam what list the webcams take a picture of the webcam play a video stream from the webcam okay that's creepy yeah you can capture keystrokes of a keyboard so you can get a password you can take a screenshot of their desktop you can set their desktop yeah it's funny to you what would you set the desktop to a penis this is my wife people so and then you've got some system commands here networking commands vile system you can see CDs in here so we could CD around from inside this as well and ER and ER I didn't know what that meant now I do and then cat cats should be your favorite command so cat is the equivalent of type four winnings alright cat so that's it I won't teach you the rest of these but basically it's a tool that includes lots of other things that you can do more so than just in a command prompt it does it for you it much easier so somebody said meterpreter is a specialized shellcode program that runs in memory that has a lot of tools built in and make it easier as a pen tester to control the remote system there you go if you wanted the damn dictionary textbook version of what of what it is you said you wanted to be gone within an hour I got you out of here by 8:40 you uprooted your first machine better watch out Co for you job I need I need before you can leave I need a ric flair whoo to show that you're actually excited about this hack how does yeah there you go perfect ok I'm free you're free and feed your your free elf ladies and gentlemen thank you for all of your help and support mostly gentlemen the missus mentor bye goodbye enjoy have a great night turn the light on for me bye love you ok oh this chair sucks I'm not you're sitting in this chair alright well hopefully that was fun for some of you people so what do you want to do tonight I don't I don't have a lesson plan scheduled out honestly honestly I'm happy to just take some AMA and and call it a night so if you guys want to you guys want to chat for a minute we can chat we can talk about whatever the hell you want so I'm gonna probably upload this video I am gonna upload this video to YouTube so we'll keep it short not much going on right now so her face when I said UDP yeah that was probably a whole nother thing for her I'll have to go back and look at it I don't recall you finished episode 1 of 0 to hear today how long is the entire 11 episodes ah they get shorter so what is it like they're probably average two hours but each lessons anywhere from an hour to two hours total so I mean you just got a you don't have to stay there for the AMA if it's not something you're interested in alright MTX has questions we don't give out the hack the box invite code you can google it hey you're welcome al kicked appreciate it I'm gonna move this back try not to give you guys a crotch shot while we're at it exploit programming melts the ocean mmm not really that's not my ish you probably want to look into like live overflow hacker boxes you guys don't know what hacker boxes are I ordered a monthly subscription of six and you can see that there's six on my desk I've done none of them let me pull up what a hacker box is let's go over here hacker boxes dot-com so they release a new one every month you can buy the monthly subscription you can buy a six month that's um you co2 now it's twelve apparently you can buy a six month though and then they just have different shit you can do so like you could build a Jumbotron this is like a waverunner this is a fidget spinner but they do cool things like they have walkthrough guides if you click onto it so you get cool little stuff you get bread boards and different things to solder on you get some cool stickers and whatnot so it's actually pretty neat it's sixty bucks but it was like it was 40 for a month yeah I think I paid even cheaper for that I don't know what I ended up paying but I I got on like a Black Friday deal so it was a little bit cheaper than what this is bring this view up is this your coming out party gray what's going on buddy so you've been doing hack the box boxes you've done five you've been watching other videos and trainings that feel stagnant you have money now for osep or other things like eLearning any suggestions ah just keep trying I mean that's that's a suggestion you can try some other things there's the virtual hacking labs but I mean the only way my suggestion really is to buy a VIP membership and go through the retired machines I think that'll probably be more beneficial like obviously give it a try on the retired machines and give it an effort give it at least a day worth of trying if you're stuck and you can't do it then watch the the IPPS Tech video or whatever write-up there's tons of write-ups for every machine that are out there you can do that you can look at the write-up some of these even provide write-ups so if we go back to let's go back to this legacy machine can you come in here this is what VIP kind of looks like it's 13 bucks a month but you can see you can download the write-up file the write-ups are kind of bad I don't actually I think they're they're okay but some of these will contain an IPSec video if it has an IPSec video or you can just literally Google hack the Box legacy write-up and you'll find it I mean so I think the VIP is worth it and the VIP is now they got 97 machines the VIP is going to be releasing their starting beta but basically any of the 97 machines are available to you now it used to just be that 20 we're available to you at any given time now you can go and literally go through all the easy machines and start working your way up to maybe more moderate and then start on the harder machines and you can look at the difficulty that's here so I think this is a really good feature and they're starting to move in the right direction by opening all these machines up I don't know I don't know what the when the beta is coming out honestly somebody said pentester lab you can check them out as well I do not use a Mac OS when pen testing I would never buy a Mac OS unless it was maybe the last computer on earth and I had no choice just just saying nothing against people who use Mac's but you can get double the stuff for half the price am I the owner of the web the entire web I don't own any webs what kind of list you end up on for subscribing for a hacker box that's a good question I probably am on a list by now you got to imagine that you're on a list right I'm not that dangerous though I'm a terrible hacker did you read the NASA JPL hack report I did not read that was that where they have the little the little Raspberry Pi plugged in I saw the picture I saw the news article but I haven't read it if that's what you're talking about yeah I know what you're talking about I just haven't read the article I read like the very short synopsis I don't have a very long attention span doo-doo-doo-doo trying to catch up use a VPN you gonna list probably thanks to the follows guys do you have zero day exploits for pen testing or only using one day exploit you're making zero day exploits you're not pen testing you're on a whole new level you can go win yourself a Tesla and five hundred thousand dollars you're not gonna be a pen tester you got Lockheed hitting you up asked MTX how he feels about Lockheed I worked for Lockheed for like three days and then we got purchased by Honeywell so I literally came in at the end of the transition have I ever done a network king of the hill competition no what what is a network king of the hill competition consists of please enlighten me when is my next conference as of right now unless something changes I've got my fingers crossed I'm getting picked up for a talk but I got picked up for a talk at Wild West hacking fest so that's gonna be dope that is in October in Deadwood South Dakota so if you're gonna be there come say hello so as of right now that's the only only place that I I know that I'm going to I applied to Derby con I don't have high hopes I'm getting into Derby con but we'll see I'm super super excited about the people that are gonna be at the Wild West hat confessed in like the the presenters the speakers that's gonna be awesome it's an awesome list to be a part of so I'm excited for it what is my main distro I use Windows and then I use Kali Linux that's that's pretty much it I'm I'm as basic as they come have I heard of parent OS yeah I was checking out pear yesterday I want to do a parrot stream I think I want to do a parent stream and I want to do that command OS or whatever that is that came out for Windows I think I want to do a stream on that too they could be really cool just to play around with some of these tools that a lot of people don't play around with or aren't familiar with and we can just kind of learn on them together because I don't ever play in Parratt I'm just kind of like you know Callie has everything that I need so I would have to I really have to get in to pair it and see if it's something that's better at some point I'm gonna be one of those people who are just like Callie's got too much bloatware I'm gonna go make my own distribution and put five things on there and call it a day yeah the commander VM by fireEye that is correct you hacking the box doesn't have to secure them to my house can hack them oh that's cool I haven't done that that sounds really cool though Dragon Con this year you keep you're the guy who pushes Dragon Con I got to look into it I looked into it once where is Dragon Con at is it Atlanta I feel like you told me Atlanta yes look at that I remember what's up greaser hi Portugal sixty five gigabit base on commander that's incredible Labor Day weekend when's Labor Day September Oh Morris is the guy ah look at that what's up eminent I mean it just pops in when he feels like popping in what's up buddy how's the baby Llosa baby did a base install base image size sixty five gigs that's insane what's nice about parrot is they also have a home edition without the SEC tool so you can use it yeah so I was checking that out let me um let me parrot Wes let me get it up here so I was looking at this literally yesterday late last night I was recording some videos and this actually had this in my website or this website in one of my videos so they've got what looks like different distributions right so they've got the secure the pen test are these all separate distributions I don't know I've never used parrots so I think I'm more likely to get into drag con than dragon con that sounds sounds fairly accurate so you're asking about job so I started a full-time job another company not doing pen testing I am still doing my business on the side I was 1099 with my old employer they were being d-bag so I just gave them the little finger like literally just middle finger and just retired on the spot one day and then I am doing pen test work right now for for cobalt core so just bring in some money while while I wait mostly everything that's been coming in has been one-on-ones in training sessions I've been doing so many freaking one-on-ones it's been insane so it's been awesome and I should have expected the training to be a lot easier to the route to go but the the one-on-ones have been really fun I'm building out labs and training for the I got a training session in July I'm doing and then I've had one coat that I've sent out and then one client that I've had a like a sales meeting with and I think it went really well but I won't be able to bid on that project till August so it's slow rolling I'm not putting full-time effort into it but it's it's going okay do I travel a lot for work no so I traveled for I travel the second week I was at work to go meet the client that I'm working on so clients out of Chicago it is a don't know how much I could say a fortune 50 so that could narrow some things down but so working on this client and then at the same time I'm gonna be back in Chicago next month for training but it's not it's not for travel to a client site it's just gonna be going for training so but the travel hasn't been bad at all I've honestly I've been making training videos that's what I've been doing at work is just training videos and doing certifications and stuff to get caught up to speed on this these platforms if they use other than that it's been pretty easy are you following any emergent technology through cyber SEC applications no I don't follow 5g or blockchain man I'm not that cool I wish I was that cool you're expecting a lot smarter than I am should you move to Charlotte no I think if you got any closer to me in distance MTX I would have to move what do we do for the for the one-on-ones it depends on the student so my I've got one student that is like like a baby student still so he's doing like enumeration we're doing like netcat so we're talking like reverse shells buying shells just you know very very basic hack of box walkthroughs like he's gearing up to do his osep so like we're just working through hack the box machines and I'm just trying to like give him hands-on time let him talk me through what he's seeing and how we can improve how he sees things and then we we try to exploit something every time but it doesn't always work that way so that's one one guy we're doing exploit development just focused on you know the basics the 32-bit windows the buffer overflows so I think he wants to do a Linux one with gdb so we might do that I had one today that we did basically all internal pen testing so we covered like a lot of things you've seen before but like you know responder LM and IR poisoning we've covered SMB relay or ntlm relay we cover token impersonation PS exec so we went over a lot a lot of the tools the GP PC passwords how to look for that in Metasploit so it's pretty uh it's going pretty okay it just depends on on the you know on the student and what they want to what they want to learn so and if I could teach it that's another big one do I have a home server I do not have a home server so if you if you see like like for the lesson I did today I'm sitting in here I've got Windows 10 another Windows or Windows DC my domain controller I got another Windows 10 here so just set up a very simple lab to demonstrate you know proof of concept for internal testing but I don't have any server for anything else I just pretty much do everything in BM do I like my chair ah it's okay honestly I don't know like I've I've grown to like it at first you know like I had this this Amazon this is like an Amazon whatever basics I don't know executive it's like a hundred bucks and then I bought that chair and took me some time to get used to it but now I'm used to it I'm sitting in this chair I haven't sat in it for months and it feels really uncomfortable so I like my chair it's kind of like it's kind of fragile it does okay I think it's comfortable enough but you definitely get what you pay for I bought a cheap racing chair I think that if you bought one maybe one of the more expensive ones it might be worth it but I don't know I'm not like a chair snob or anything how is elearn going he learns not going man I have back burner that's so hard so I paid $200 now and exam extensions I just need to take the stupid exam and just just deal with it cuz I don't want to keep paying for extensions but I like I've put myself through so much focusing on like the YouTube channel the new job getting this business up and running like developing content everything has been a focus on everything else about learning and I really need to get back to learning I was telling that to my coworker today so what's my rate so my initial rate was 75 an hour and then after that it's gone up to a hundred an hour so I have a lot of demand at 75 so I kicked it up to a hundred and there's still been a lot of demand at that so but that's gonna be the rate for for a while now I don't see it going up anytime soon okay teach you how to make a zero day I can't if I could do zero days I had to be selling them for a lot more money then I want on one session what are the specs of my rig I have that up here don't I uh twitch.tv cuz I don't feel like speaking you scroll down under the FAQ what are your specs so dark flash fan of mid-tower i7 9700 K I've got a Z 390 from MSI 32 gigabytes of ram ddr4 and then I've got a 20 atti that is what I am running MTX you will never visit me ever even if I was in jail I would deny you maybe not maybe I want a friend as long as you promise to do like the glass thing with me where we can touch hands you know do you feel that write-ups help you learn and make notes for further digging deeper yes so I think if you're talking write-ups of other people do yes if you're talking write us that you do yes I prefer to try to do things myself and write it up for me and then you have a notes like you learn so much cool shit just doing like hack the box or capture the flag because you never know when it's gonna pop up in a pen test it's highly highly unlikely on most of those so really like it's really like a game right most of them are not actual like real life machines but they do have a real life rating on on these so I think if you go you go into a box and you click on it it'll show you like what people people voted on it if it's real life etc but most they're more capture-the-flag like and you know just having those notes you never know where they're gonna pop up like this one right here not very skewed towards real life skewed towards CVE so yes watching other people and reading their notes and taking notes about it that's a good way to learn but I think the better way to learn is to make your own notes and and have those in your own writing you know so they say something about writing things down helps you remember I think that's that's accurate so why do I hate MTX are so much I delight MTX are MTX are can move down the street for me if he wants to soive invites to the elearn barebone I don't they were doing that promotion a long time ago I don't know what they're doing right now last time I looked they were doing like a you buy the you buy the PTP you get the pts for free so you liked my notes on 0 to here on keeping out thanks man I like I like keep note is there a website for freelance pen testers ah what do you mean like you want to you want to freelance I can show you a couple different ones hold on hacker one it's kind of bug bounty if you want a freelance let me close this so if you just want a freelance at your own rate you can do up work I think is what it's called up work now I've been on here I've never took a job most the time it's like people saying hey will you hack my facebook I lost the password or something stupid or it's people wanting you to do full fledge pen test for like a thousand dollars and there's no way that you're gonna do it for a thousand dollars when you know it's just not worth your time but somebody else out there from another country where cost of living is low you know they're gonna sign up for these jobs they're gonna like five to ten dollars an hour and people just you know they think that's that's good so where my rate is $250 an hour so it's much much different so you're not really gonna find work here you might find some security consulting work or like you may get lucky and find where they have to have somebody out of the US do the work and then you have they'll pay the premium but most the time people are looking for cheap work here anyway that's why they're on this website other ones cobalt or so you come to cobalt IO and you say joining the COBOL core basically you apply you have to get approved you have to do actual assessment write a report etc and then you get in and they'll pay you money to do assessments again there's a lot of people in here but they're actually a pen testing company so your 1099 or whatever and you get put on an assessment it's like fifteen hundred bucks you get over two weeks and it's it's part-time work so you do 30 to 35 hours if you're a lead I think you make 2,500 bucks I'm not sure on that don't quote me on that one but definitely at least 1500 bucks so if you're looking for some quick easy money this isn't too bad right here but again you're competing with people that are from all over the world and the cost of living in some places is very cheap so $1,500 is a lot of money to some people and if you're a pen tester and you're already making a lot of money $1,500 does not may be worth the 30 to 40 hours of work budget to put in for this the benefits here though is that you get to work with other people like I just got put on an assessment for a week or two from now and one of the guys I'm working with is like on 20 Hall of Fame's and he's like number he's like top five in syn/ack completely like top five in the world in cynic so like this guy is a bug bounty guru so the things that you get to see like the write-ups that they do how they do methodology you get to sit in a chat with these people that might be worth taking less money just to understand and surround yourself with these people that are so much better and have more experience you know so I think I think that's valuable in itself so other than cobalt core there is cynic as well which I just mentioned so if you go to syn/ack here you can apply to be on the cynic red team and it's very similar to where you have to apply you have to go through written assessment and a an actual assessment you write up your findings etc and then they do a background check all this other stuff they all have background checks so but if you want to do bug bounty slash pen testing they have pen testing opportunities here as well how hard is the assessment for cobalt vercinix I can't go into that too much Cobalt without giving out details club law was was easier they they each have their own their own beasts so I think Cole Watts the better platform just because you can do the assessments if you're good enough on syn/ack and you can get enough finding so they have opportunities where you can go if at least in the US where you can go work on gigs and they'll pay you like 100 bucks an hour or whatever to go on-site for a week or two or do whatever so you have to get be prior programs etc but it's it's pretty cool do I think you could pass the cobalt or the Senate I think you could pass both MTX they're not that bad depends what your depends how you feel about your web app game so I'll say that but I think general knowledge could pass it anyway coming back 910 this is gonna be a record short stream I think questions questions I will end this immediately we'll say 9:30 if you guys keep me talking we'll go a little longer but we'll say 9:30 you've seen me wear this army shirt like 20 times and stream I think you're lying I think you're lying I think I've worn it on one other stream I may give you two streams but 20 is a lie I went from help desk to sorry there's a gnat in front of me it's gonna make me go crazy motherfuck I went from help desk to network administrator inside the same role like the same job I went from help desk the level 2 to the network administrator then I changed jobs and I went and I was a senior network engineer then I changed jobs and I was a senior pen tester and then I changed jobs and I'm a senior security engineer so do I have a graduate degree I do I've got a MBA in computer information systems as funky as that sounds what tips do you have for other remote workers to help them transition from a regular job to a remote job ah just so you got to understand there are some downsides to work from home working from home is awesome I will not go back to working in an office unless you pay me like $400,000 you know like it's gotta be something insane cuz you're you're not in a car for X amount of minutes a day right you're not you get that drive time back I roll it a bet it's 7:55 in the morning awesome stuff you know like I get to work naked or in my underwear or whatever I want to do but when it comes to you know comes to the downsides what really what you really lack like that that team that camaraderie you know you it's if you don't stay on your coworkers and like to get them teach you stuff it's really hard to learn if you're unless you're like a self-starter and you're motivated to go learn on your own that's gonna be the tough part so just be prepared for that I guess will be my advice like you want to make sure cuz like you know the nice thing about working on-site is you've got people who are more senior than you you can say hey how did you do that can you show me or you can shadow them during a pen test or whatever it is they can teach you or you can collaborate it's it's a little bit more difficult like it's easy for me you know if I'm having pen tests and I'm like doing something I might send a screenshot to a co-worker and say like hey this is what I'm seeing do you know how to handle the situation but you know the opportunities I feel like are fewer than you would be if you are on site but I think it's perfectly capable to be a pen tester remote even as a first job where's my graduate degree from a school called University of Toledo so I didn't go to Harvard anything don't expect much out of me guys so for osep prep do you have a personal list of VMs oh gosh yes not personal but yes hold on so if we switch back and we go TJ no look it comes up TJ no OS CP this list I think he's updated this recently so just google this play around with it these are hacked the Box hack the box boxes that are similar to to that in a batch he has the other list a batch e OS CP how to prepare osep like bowl and hug BMS so you got beginner friendly intermediate blah blah blah so hopefully that helps no problem you're stuck in tech support roles or cert off the rolls you like to get into network admin role or sysadmin have been applying with no luck just keep applying apply to every job either if you think you're not qualified just apply and you never know what'll happen if you want my life advice I will paste my life advice give me one second here's this link I share this from time to time so this is how I got my first job there's you don't have to read if you don't want to read the whole thing because it's a long post read the very bottom the closing advice and that's my I mean that's my job advice man if you follow those you'll get a job I promise you do you have a routine that you created when you first start a room at work wait you take breaks every 15 minutes do certain things I didn't feel a lot of burnout my my job was very very laid back so it depends on the job in the job environment like the thing that I like in the management style that I have and management saw that I was under was ninety five percent of time it was I'm not gonna message you I'm not gonna find out what you're doing you just give me the work so if I'm working at midnight then I'm working at midnight so it was really you know work you're on schedule get the job done I don't care as long as the customers happy you're happy and I'm happy and that that's really it so that's gonna be like when I actually have employees or whatever that's gonna be my style too is as long as the works getting done and you're the client satisfied and you're happy I'm happy like you know you don't need to micromanage so I didn't I had a great manager did not micromanage I got a great manager now again so I think manager is just as important if not more important than the job that you're going to because they make or break everything so very much so pick your manager but I didn't I didn't have any issues so in terms of advice you know I I don't know if I give you the the that kind of advice you're looking for I think it's important to take walks take breaks if you're stuck make sure you can it's easy to be pen testing and just like it'd be five o'clock you know and you start at 8:00 and you haven't moved all day so get a Fitbit get whatever make sure this thing buzzes at me every every hour on the hour if I don't have 250 steps so I'll stop at 9:50 if I don't have my or whatever 50 minutes with ten minutes left in the hour I'll stop I'll go walk I'll get my tune to 50 steps I'll come sit back down and then for lunch I'll go for a run or I'll you know lift weights or do whatever like whatever it is that keeps you happy it keeps your mind going and gets you distracted even just for a little bit will definitely be helpful it's a possible to get a security role straight out of a masters yes I think so so what it comes down to is being able to have on your resume the things that are needed for the job that you want so if you want to security roles start looking at the job postings see what they want ignore the bullshit about five years experience nobody has whatever they want to just look at like the certifications they're asking for look at the tools they're asking about and start familiarizing yourself with them start reading up on interviews that people had for those roles see what you need to do you need to know see what kind of information you should have on your resume don't just load your resume with bullshit though make sure you can actually talk the talk that you that you know what you're talking about because managers will love to pull out something if they think that a person's inexperience and they're talking about an experience tool that's one of the first things they're gonna be asking you about like hey how do you how do you use that and then if you're sitting there stumbling on it they're gonna think you're full of shit on the rest of your resume even if it's just the one thing so just be careful with that but if you're if you study you put in the work I wouldn't be relying just on the master's degree to get you a job you have to have the other skills but you can absolutely bypass having to work helpdesk or whatever else Thank You Cole live for the for the sub I appreciate that sorry reading through the chat guys I get long-winded sometimes yeah the so somebody said they're micro manager or the manager of micro managers and they have a Monsta Davey status updates so I can't go into too much but like my boss is great the client that we're working for we have we have a meeting every single day every single day status update meetings we have like two additional meetings on top of that every week we've got a time sheet that we submit for them a status update sheet that we submit for them so there's a lot of shit that we do just because the the project manager wants to micromanage the project and it's just there's people like that that's you know it's I don't agree with that kind of management style but there's people out there that want to know every single thing that's going on at all the time so do I have to log my time daily I submit a timesheet my time she's super easy I submitted end of the week my last job that was like the only micromanaging thing that we had is we had to uh we had to do like daily timesheets we had to submit and you had to bill to client very specific like hours in certain buckets and all that stuff this one it's not that it's just like literally like eight hours here's what I did for the day that's it so it's very nice hey thank you Sam I appreciate that 9:22 eight minutes my people you guys have been asking great questions tonight by the way great questions I had a tech reimbursement my last job I don't have a tech reimbursement of this job they are supplying all the devices so except a cell phone I guess if I pushed on that but I'm I'm very happy let's just say that I'm very happy what's the new gig the new gig is doing privileged access management so they are the company that work for is an I am company but they just split off and started a Pam arm of their iam company so they deal with tools like cyber arc like psychotic so anything in the privileged access management basically like vaults password rotation you know just storing your your passwords in a central location and having them rotate and have users check-in and check-out etc so I've been doing that it's been it's been fairly straightforward man like I came in I started learning they got me signed up with some stuff before I got started I started doing the training and then pretty much the first three weeks that I was on the job I was making training video for the client I was doing client like leading client training so they knew that like I had a passion for teaching training etc so he put me right in that role at the same time I'm learning like the architecture I think their end goal for me is to be doing architectural designs and building things out but I've got a cyber-ark certification I'm working on I got a get so there's there's two parts of it there's the centry exam that I got to take which is like the highest cyber-ark or whatever and then there's something called the CDE so I gotta like build out a whole cyber-ark lab and get that done but the CDs kind of like on the partner side of things it's not really like a public certification the the public certifications like the century so apparently Pam's a really hot topic right now so it's just it worked out really well am I gonna be a blackhead or DEF CON I don't know about that black hat I applied for like a veteran scholarship DEFCON I don't plan on going to so I was gonna go to DEFCON if I got into a talk at besides Las Vegas that did not happen they did not pick me up a Wild West hacking fest did for the same talk so thank you Wild West a confessed just wasn't in the cards for this year so if I get picked up for blackhat maybe I'll go to that hopefully so yes dr. tuna that is my main job new business on the side so that I quit my job full intention to start everything do it on my own just you know struggle bust through it and then I had a friend who I worked with before he said like you know why don't you just come work with us and we don't do pen testing so you know you won't be competing with us easy decision it was pretty much the same salary I've already you know I've already earned some bonuses for for getting a certification for psychotics so now I'm working on my cyber-ark so it it's really worked out well it was like everything fell into place don't know how it happened got lucky but I think you know it goes down to I sent out that article earlier last thing I type in there is network network network who you know the interview wasn't like technical at all I was like how can you fit in here you know are we a good fit for each other and if he thought I was a good fit I could do the work then you know he hired me and that's sometimes it's all it takes you love secret server I would not say that I love secret server I think I think cyber-ark is a better product but that's my very very short experience dealing with them is cyber-ark pam certs worth it so cyber-ark if you have the certs I mean they're hitting up people for jobs like mid-tier hundred thousand dollar range like we're talking 150 s and up so there is a high high high demand for pam work right now don't know how that's gonna be I haven't been in the field for this that long but it's if you understand cybersecurity and what they're trying to do it's not really that hard you could put through the training and everything so I mean like the trainings all there the hands-on lab is there I don't think it's really that bad so just being able to to understand it and I think there's a lot of money in it it's not always what you know it's who you know and that is accurate thank you Rangers yes this is on the engineering side we're talking like having the certs doing engineering etc or we're not yeah so it's good good point there pay starts out anywhere from from like 85 70 was a 70 to 85 I think it's the lowest BAM 65 to 85 I remember if you're just like the low tier guy if you're doing like the architecture it's 150 to 165 if you're doing engineering it's like 135 to 150 or something like that so but it just depends I mean it's not a small company I don't know it's a relatively large company the clients the clients that they get they're like one of I don't remember the the status you have to have so many certifications and stuff they've got status and all this other crap with cyber-ark they're they're a big company I'm like a big floor consultant person not at all dude I work 40 hours a week like it's not like I'm slaving myself traveling all over the place doing this kind of consulting like I've been doing training after this I'm going to be doing architecture it's just you know you build out like you you talk to the clients you see what they need you design it you get like you know what equipment they're gonna need how it's gonna be set up then somebody's actually going to go on site and implement it etc so it just depends what role you work in everybody's talking about the DMV area and clearances you guys are silly all right it's 9:30 any questions you guys have been so active on the chat tonight like surprisingly active don't know if you guys have been drinking the Red Bull or what's been going on I'm a question I'm a thot that's what I am I'm that ho over there all right buddy thanks guys uh they blocked the worse thought I'm gonna allow that why is that happened sick boy I have put on some weight don't come judge my man boobs any advice turning 30 here in a few days who's 30 are up I need some life advice what am I gonna learn in my 30s I don't know now like what did you learn in your 30s that you didn't learn in your 20s that's my question start watching your diet yeah dude I'm eating like the same that I've always ate I just packed on like ten pounds so fast so I really gotta be careful you're not investing start I am investing welcome to the twenty nine Club Redmon appreciate that what's up colt thirty Club 634 damn sick your oldest shit okay there's no need to brag about being 24 you can't even get a good car rental or decent car insurance what's up Morris thanks for the sub three months in a row hell yeah you're awesome I think you get the new Pokeball I think you might be the only one with the the second pokeball there Morse the colors change they get better any suggestions about other channels like mine we're doing hacking related there aren't a ton yet some people might be able to suggest so live overflowed does more of like a exploit development he does some cool stuff I like him they have like the grumpy hackers that air the same time I think I air so you can't go to them because I hear at the same time you got to come to me but there's some smart guys over there in all reality John Hammond somebody said John Hammond streams there you go he does he stream on YouTube so there was a girl that was streaming and she she stopped so but you don't see a ton I see black sheeps in here black sheep streams black sheep spicy we go check him out thank you dr. tuna by the way appreciate that there's more cyber streamers on YouTube streaming is becoming the new thing I felt like I was getting into a nice little niche area and then I realized that everybody's starting to do it so I'm not the hipster I thought I was go get collagen peptides and shit to maintain healthy hair and some dietary supplements watch your cholesterol that's true dude I am so my hair is getting crazy long like SuperDuper long I'm just wearing a hat today but this is my last stand like I haven't gone bald their started losing my hairline or anything yet but I don't know what it's gonna happen I don't know when it's gonna turn gray it is starting to thin a little bit like so I'm growing it out I want to get it long this is my last stand I got out of the army like this is my hair that I want to grow out I wish I could grow a beard I've got all these bald spots and stuff so you know unless I do surgery or try to Rogaine my face or something crazy I'm not gonna get that beard but you know this is my last stand so I'm gonna grow it out maybe shoulder length and then just let it go and cut it back short go back to the the buzz cut network engineer recently been assigned to special projects of the security team this year and got new their security but currently about to wrap up ccmp past experience society enterprise roles started some security plus but general knowledge so far that's awesome and welcome to the dark side hats don't help hair you are correct but hats work when you don't want to do your hair for the stream why is everyone in InfoSec a crumb edge curmudgeonly jerk bag except for you that's kind of a jerk bag thing to say man I feel like you just called me a jerk bag also so my feelings are hurt I'm gonna go cry in a corner I don't hate every anyone like really anyone InfoSec now I've got people that like hate my guts I've done nothing these people I've never met these people like they just hate my existence they will talk shit about me without people bringing me up at all so it is it is fantastic to watch I just like I don't know I don't know what's going on people in InfoSec are special sometimes but I think that's just people all around do you ask me scotch and IT jobs you know I've been getting more into it I and scotch I haven't been a scotch guy ever can't say I've been it but I will say that I smoked a cigar which I don't really enjoy smoking or cigars or anything and then I had some scotch that was good like the smoky flavor that's already in your mouth and you combine that with a smoky flavor a scotch I felt like a man for a day just for like one day even maybe like an hour I don't feel like a man much because of my shirt come on a minute go eat a crayon buddy hey thanks alpaca nice to have you back appreciate it I'm gonna upload the stream to YouTube I don't think I'm going to I don't think I'm gonna edit this stream any at all like I'm too lazy to do that I've got a long edit actually that's some good news I can share with you guys so if you've ever heard of the YouTube channel it's called free code camp basically it's like a coding channel that they take from you know content creators kind of like me or some other people on YouTube and who put together courses they put it together there and they'll put it on their YouTube channel so my youtube channel it's got almost 7,000 people their YouTube channel has over a million people they came to me last week and they're like hey we really like one of these courses that you put together can you extend it out just a little bit because they're like they're algorithm works with like a certain hour length or better so they wanted me to stretch the course out over two hours I'm working on that course I've got 15 minutes left to record I know already what I want to record I'm gonna ship that over to them and I'm gonna be on their YouTube channel so if all goes well knock on wood but we've already talked I met with the guy guys names beau is really nice so that is uh that's my good news so I will be you'll be seeing the TCM on that channel here very very shortly so hopefully that gives me gives me a boost I'm still looking for that like that big break right like that the increase in subs that one person to share you that right video hasn't happened it's just been this grind after grind you know so but I appreciate everybody that supported me along this way and it's been a long long ride so hopefully this does does give me a little bit of glump thanks guys you guys are awesome what about more live streams like zero to hero I am thinking about what I want to do next that's so tough like zero to hero is great zero two here took a lot out of me like it took so much out of me like I the lesson planning that went into doing that the my life everything around my life for like the two to three days before the stream just you know I was working on that all the time so the amount of work that goes into a course like that and to be able to think up of another course you know it's gonna be difficult so I still want to stream I want to get I want to do some cool things I don't know what the next thing is like maybe I back away from from pentesting a little bit and moving into other cyber realms I don't know what I want to do if I'm being really really honest I was thinking a wireless pen test stream will be cool we can cover if I can spin up something for radius and doing like a wpa2 Enterprise we can do some wk2 enterprise hacking and just do personal as well but I think that would be fun everybody's been asking for a webapp course I think a lot of people understand the detail that would go into a web of course it would be probably two to three times harder putting together a web app course and would be to put together the zero to hero so I think that like just the amount the sheer amount of work that's going into these things it makes it very difficult to come up with another course for someone to get into network security with no program scripting experience will it be a language to start with high level Python bash scripting yep those are all correct Python is probably the best batch scripting is is right up there as well honestly I've written tools in bash and they work just fine have I made any courses on udemy or one of those course sites I have not so I've considered you to me and Mike I've thought about like I like making my stuff free and available you know I think that I've thought about like putting one of my youtube you know whatever courses I've put together and putting it on you to me but like I don't want anybody to feel slighted if they pay for that course like I just want them to pay for that course because they they wanted to support me but they you know that's what donations are for whatever I was like honestly I think I think my best route is just to keep making content putting it on my site or putting it on YouTube growing the channel slowly and organically and whatever else and that'll work out in the long run udemy might be like a quick a quick payout but I don't think it's a longevity thing so somebody said they have a bad reputation yeah I'm not sure about the reputation I've done other courses like I've made courses for pay before and the payout was was good up front and then it like it it died down significantly over time so I just don't I mean by good it's not a lot of money by any means but like I don't think that the time that I invested was ended up the ROI I don't think it was worth it cuz I got like I'm not me $1500 for a course I made then another fifteen hundred dollars the first three months of the first quarter and then like went down to a thousand and five hundred and then it's just getting smaller and smaller so but for the amount of time that I put into making that course it's it was a long long course so thank you for the sub up hack I appreciate that I feel like I could do well on you to me only because I you know I speak decent English not to knock the udemy courses but a lot of them are really hard to understand not saying they're not good they're just really hard to understand where you guys have got me talking 15 minutes past my deadline and there's still a lot of you in here it's 47 of you that's impressive for an off-night where we just been chatting so I really appreciate that guys I missed your question where is your question MTX I don't see it I'm looking I don't see it you've been watching zero to here on commutes hopefully you're not watching them while you're commuting as in driving out of the major field from cybersecurity what do you think is the most lucrative to get into and the best bang for your buck that's tough I feel like in some of they like high-paying fields you will have to be super frickin smart right like like you have to be good at computer science you have to like yeah somebody said exploit development you have to be good at computer science you have to be able to like see the exploits find the exploits that's where my mind was going to as well especially if you're doing like vulnerability research there's a lot of money in that but if you're if you're saying bang for your buck pen testings not bad man pen testings not bad so I mean what like I made it to pen testing I switch from accounting may it depend testing in two years I started at 102 within a year I was at 140 so within no experience in IT at all two three years in of iti was at 140 K that's pretty fucking quick that's pretty good money so I mean I don't that's pretty quick bang for your buck he asked me but we're talking lucrative yes exploit development I think wins it all PCI compliance you don't want to do PCI compliance man unless you want to travel all over the fucking place you don't want to be a qsa pam has got a bunch of money I don't have enough experience in in Pam to be able to like tell you I either direction but I could tell you from the people that I have spoken to that have like the high level cyber-ark certs they get hit up all the time like relentlessly for jobs so the jobs are out there in a taifeng yes and you did ask bang for your buck right level effort versus getting paid I think obviously the high paying jobs are the ones where that requires some level of effort because they wouldn't be high paying if everybody could do it that's the whole supply and demand right you might like PCI compliance you like being an asshole it's funny whoo I got less than 5 hours of sleep last night so sorry if I'm yawning guys where is Joe I don't know where Joe's at probably gaming probably gaming 9:48 18 minutes past my deadline I'd really love to either make these things or give these things away but I'm not gonna lie I picked all the good stuff out of it like the badges and the stickers and all that stuff so if I gave them away I think some people might be upset when they open them up and they realize there's there's no no good stuff one of them came with a beanie that my dog ate pick a number between 1 and 50 for the win my number is 27 what's up Morse look at that pokeball dude you got the cool pokeball I'm into that what's my dream job at a cybersecurity ah if we could go back to 20 I don't know like if we go back to 18 year old me and I knew that I would be comfortable in life or I could make money where I be happy I think that I would go I think one of two routes and both would be music I would either go to Berkeley and I would have gone and done like music production you know maybe pick up something another you know I don't know they have you do like multiple degrees or whatever so like production and recording or something like that actually produce music I think that'd be awesome the other option was I would love to be a like a high school music teacher I think would have been a really cool fucking job too so something I lean towards out of college I was really close to going to school to being a high school music teacher but I really really enjoy music and play music since I was really young so I think it's it's you know and another life but it didn't it didn't pay the bills it wasn't that lucrative I don't think so congratulations Morris I I'm so happy for you man is it a cyber job what you get do I think I'll pin it out of cybersecurity I don't think I'll pivot out of cybersecurity unless I win the lottery then I'm gonna pivot to an island yeah man it's all about metal sick in the mind I play metal guitar for a long time metal metalcore metalcore specifi I do like metal but it's all about another core I like a little bit of emo to my stuff right so what bullet for my valentine Avenged Sevenfold a Trey oh those types of bands a day to remember so give me some fast heavy guitar but it's also vocals that I can understand some good stuff any advice for college student comes I and wanting to get into pentesting cybersex should I bother trying to get searched or just go for the job okay so calm sighs good depends what school you're going to I don't think you need certs you it wouldn't hurt right I think what's important is that you have understanding of some of the stuff like how to pen test you have a least a deep level I would like say like 10 to 20 boxes maybe more and hack the box you don't have to get a certification but like to be able to talk through a lot of these things if you want to do pen testing you're probably with a comp sy degree and no experience you might end up at like a research shop like a Praetorian or one of those boutique pen testing firms where they hire based off Comp Sci and then they like will teach you to pen test so I think it's absolutely possible Comp Sci opens a lot of doors so but definitely don't I would still study you know don't go in there thinking that just because you got the Comp Sci degree you're gonna be gonna be good to go you're gonna want to have the extracurriculars to prove it as well any plans to fire we're talking about retiring early not that I'm aware of but I'm a I'm not a I'm a good saver like I put away you know that whatever the 18 K and I was maxing my Roth IRA but we're pushing that limit now as a married couple so I mean I know the options but at the same time like I've always lived under this thing like I might want something I'm gonna buy it because I could die tomorrow you know and some people like they live the opposite they wanna like they want to save save save live frugally and then they want to retire early right that's the whole thing but for me like if I save save save and I didn't get to go enjoy things and do stuff in life and I died before I got to actually spend that money I would be so upset with myself obviously I really wouldn't because I'd be dead but I'd be devastating right so I I may if I want it I buy it I still put away the money I have and you know I'm saving got the wife saving I think we're doing okay but I'm not planning on retiring early I would honestly I wouldn't even mind consulting after I retire so c-sharp development for security firm is scan databases for no terrorists no joke to flag people who are applying for loans that's cool I never got into Trivium I don't know why uh let me open up this dangerous leak that sick in the mine sends me a hundred and four thousand followers Jesus Christ ought to check them out man you didn't get there as a different IT degree and a comm site agree who sold you that that's cool so they do a bunch of different streams or of different bands or what I was just Trivium got it hey good job cyber storm so have I ever considered going to teaching around I would love to be a teacher love to be a professor at a university they're starting to like open that up to two masters levels because I don't have a PhD so I I think I would be like my original route when I was doing business was I was I was working on a master's in economics I was planning going to my PhD and then I ended up dropping out my economics doing an MBA and then getting the hell out of accounting but I did always had the passion to teach I always wanted to be a professor but there's not a lot of opportunities out there yet nobody's come knocking at my door either so if somebody came around and really wanted that it was a good job I'd definitely be interested in it three minutes three minutes we're starting to taper off we're boring people yeah that would come down to what the pay is to cuz schools aren't going to pay more than the private sector so that's cool sick in the mine I'll check it out I've never been big in the Trivium but I'm willing to look at it one minute any questions you have reached the the official cutoff of the cyber mentor I could take this time to say I love you people you guys are awesome hey gray how many fake tricks can I do zero I don't bait my friend thank you everyone you guys are so awesome I appreciate you guys appreciate all the subs tonight all the followers everybody was awesome thank you thank you don't hit me up with Monty Python quotes at 9:59 in 45 seconds I don't have time to play this game with you – he go my wife was a real sport hey you guys get a heart – can I give you like multiple hearts look at that oh no I can't motherfucker can I do that there I can you got to space them out quick and the stream counted three two one five by Felicia's goodbye

22 thoughts on “Teaching My Wife to Hack…Maybe”

  1. If you liked this video, you might enjoy part 2 :). You can find part 2 here: https://youtu.be/BBjYRDLmFXY

  2. duuude your wife already knows what an ip,adress is that would take me 5 years to explain to mine if i had one :V

  3. Well can you tell me how much time it takes to learn few simple hacking tricks for person who doesnot not hacking at all,

  4. Ok so i followed the same steps but after nmap i am not getting enough results. it just says this:
    Nmap scan report for
    Host is up (0.00016s latency).
    All 65535 scanned ports on are filtered
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    OS details: Actiontec MI424WR-GEN3I WAP, DD-WRT v24-sp2 (Linux 2.4.37), Linux 3.2, Linux 4.4, Microsoft Windows XP SP3, Microsoft Windows XP SP3 or Windows 7 or Windows Server 2012, VMware Player virtual NAT device
    Network Distance: 2 hops

    TRACEROUTE (using port 80/tcp)
    1 0.22 ms
    2 0.07 ms

    OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 545.98 seconds

Leave a Reply

Your email address will not be published. Required fields are marked *