Dude, I'm a big fan and I admire and inspire me, your work, I would like you to help me find simpler sites like this. Generally, my targets are very well protected, but it's possible to overcome them. them and this takes much more time than in simpler systems, I have little experience but I have already found some cool vulnerabilities, I still can't afford better education in cybersecurity, I would be very happy and I'm sure that the entire community that is also starting out would be very happy and would help a lot, thank you for everything, I hope you read it
Great explanation bro. Many people teach if we want to check for such vulnerabilities we need to use payloads like ../../../../etc/passwd. However you shared another perspective - why to just try /etc/passwd, if we can check with other files within web root leading to source code reveal. Thanks for sharing this content
I have a question regarding this. What I understand is in LFI, you can actually execute the files on the server. In this case, the index.php file shall show the output of the executed version of the index.php file instead of showing the source code. In directory traversal, we can see the content of the file. Please Correct me if I'm wrong.
Actually in local file inclusion, you will be able to see the contents of files present on the server. However, there are certain scenarios where you'll be able to execute the files(like you mentioned) but it depends from target to target. The vulnerable endpoint here was actually serving the content of the pdf that's why we were able to get the content of source code. Hope you understood
Very Informative Videos Keep up the good work
❤ hope your video's bypass TH-cam guidelines also
😂
This is valuable information!
Congratulation on you 10000 subs!!!) You deserve MORE!!!!
Please make a video 403/404 bypass
Yeee. More of these would be awesome. Hehe. I know we can add hostname:3000, and some stuff like that.
Wow Dude you are amazing keep uploading top tier videos more
Dude, I'm a big fan and I admire and inspire me, your work, I would like you to help me find simpler sites like this. Generally, my targets are very well protected, but it's possible to overcome them.
them and this takes much more time than in simpler systems, I have little experience but I have already found some cool vulnerabilities,
I still can't afford better education in cybersecurity, I would be very happy and I'm sure that the entire community that is also starting out would be very happy and would help a lot, thank you for everything, I hope you read it
Awesome video.. thanks man
Loved the video man. Learnt a lot from how your explanations.
Great explanation bro. Many people teach if we want to check for such vulnerabilities we need to use payloads like ../../../../etc/passwd. However you shared another perspective - why to just try /etc/passwd, if we can check with other files within web root leading to source code reveal. Thanks for sharing this content
Hello friend, u can be my teacher,
Congratulations bro for 10k fam ❤🎉Next milestone is of 50k subs😊
Nice information, jump to 4:00 to main content 👍
Thanks from Bangladesh
From 10k to 100k 🎉🎉🎉 one day
Early crew. :3
you amazing man, thanks for the effort, you really work hard to give us the best content, and we appreciate it.
Thank you
I have a question regarding this. What I understand is in LFI, you can actually execute the files on the server. In this case, the index.php file shall show the output of the executed version of the index.php file instead of showing the source code. In directory traversal, we can see the content of the file. Please Correct me if I'm wrong.
Actually in local file inclusion, you will be able to see the contents of files present on the server. However, there are certain scenarios where you'll be able to execute the files(like you mentioned) but it depends from target to target.
The vulnerable endpoint here was actually serving the content of the pdf that's why we were able to get the content of source code.
Hope you understood
Keep going 🎉🎉🎉 u are the best
Where are you from bro?
India
How many programming languages do you know?😢
I know few programming languages
@@BePracticalTech name please ?🥵🔥
Bro targeting real host
*Only for educational purposes 😅
😮
you haven't bypass the WAF, did you get /etc/passwd ? nope !
Bro i am new in bug hunting so suggest me the right path for bug hunting
Join our telegram community: telegram.me/bepracticaltech