Lab: Cross-Site WebSocket Hijacking (no Burp Collaborator needed!)

แชร์
ฝัง
  • เผยแพร่เมื่อ 4 ธ.ค. 2024

ความคิดเห็น • 30

  • @zidhumenon9883
    @zidhumenon9883 11 หลายเดือนก่อน +4

    Thanks for your effort buddy. I am damn sure You'll reach great heights.

    • @netletic
      @netletic  11 หลายเดือนก่อน

      thank you for the kind words @zidhumenon9883! ☺️

  • @blynch2496
    @blynch2496 13 วันที่ผ่านมา

    By far the best channel I've seen for these lab walkthroughs.

  • @bolbolinfosec1376
    @bolbolinfosec1376 11 หลายเดือนก่อน +7

    You are a great teacher, bro. Thank you so much. I appreciate your efforts.

    • @netletic
      @netletic  11 หลายเดือนก่อน +1

      thank you @bolbolinfosec1376! ☺️

  • @bountyproofs
    @bountyproofs 10 หลายเดือนก่อน +1

    I'm gonna admit that was GREAT

    • @netletic
      @netletic  10 หลายเดือนก่อน

      thanks @gh-kz3im! 🔥

  • @mcfr4g
    @mcfr4g 2 หลายเดือนก่อน

    Great explanation and walkthrough. I solved this without BURP collaborator but came looking for more info afterwards as I felt more like I'd winged it, the explanation for that particular lab felt very vague. If I hadn't already wrestled with that exploit server in other labs I think I'd have quit on this one!

  • @javaboy6581
    @javaboy6581 3 หลายเดือนก่อน

    La mejor explicacion de todo youtube, no queda otra que suscribirse a estos tutoriales tan increibles de burpsuite

  • @XKiryu_1
    @XKiryu_1 10 หลายเดือนก่อน +1

    Very clever solution!!

    • @netletic
      @netletic  10 หลายเดือนก่อน

      thanks @user-ry4nn6nw7j! ❤️

  • @Genaralknowledge
    @Genaralknowledge ปีที่แล้ว +2

    wow! very nice explanation.

    • @netletic
      @netletic  ปีที่แล้ว +1

      thanks a mil @Genaralknowledge!

  • @gopikanna_
    @gopikanna_ ปีที่แล้ว +2

    Good walkthrough..🎉

    • @netletic
      @netletic  ปีที่แล้ว +1

      thank you @gopikanna_! ☺️

  • @James-li3ro
    @James-li3ro 10 หลายเดือนก่อน +2

    Thanks bro! Very Smart solution. I thank you for this. How did you develop this methodology? How did you think of it? Im curious ,I also want to ask. For questions that are very hard in the WebSecurity Academy. How long do you take to try all the solutions you can think of before you look at the answer before you solved it?. It seems like i would take days to testing and trying to come out with a methodogy and test it. Before i even look at the answer. i don't know if this is the most efficient way to learn.

    • @netletic
      @netletic  10 หลายเดือนก่อน +4

      thanks @James-li3ro! I learned a similar thing in a different lab and made a note to add it to my methodology, that's why I knew I could apply it here. ☺️
      I know "try harder" is a mantra that gets thrown around a lot, but for learning I don't like getting stuck for too long. If I feel like I'm stuck and reading through the PortSwigger docs again and googling doesn't help, I'll look at the solution. I think it's more important to then go back and make sure I fully understand the solution, and figure out how I can add discovering or exploiting that vulnerability to my methodology. I keep a lot of notes and try to write down a general pattern I can use to spot and exploit that vulnerability class.
      I think once you're done with all the labs on a specific topic, it's good to go back and do mystery labs so you have a random lab where you don't know the exact solution. That'll reveal gaps in your discovery and exploitation methodology, and you can add to your methodology as needed.

    • @James-li3ro
      @James-li3ro 10 หลายเดือนก่อน

      @@netletic Thanks brother for the advice! Are you planning to get your BSCP or any other certs? ? Btw most of your videos are helpful! Be sure to continue uploading!

    • @netletic
      @netletic  9 หลายเดือนก่อน

      @@James-li3ro np and thank you! yeah I'm very focused on creating the videos at the moment, once I've covered most of the harder topics I'll take the BSCP 👍

  • @cowid
    @cowid 6 หลายเดือนก่อน

    Thanks for sharing! The explanations are clear-cut. What application are you using for the drawings?

  • @medogamer8524
    @medogamer8524 ปีที่แล้ว +2

    super helpful

  • @wm111mw
    @wm111mw 3 หลายเดือนก่อน

    Thaaaanks! Just subscribed

  • @heyybigdaddy6988
    @heyybigdaddy6988 4 หลายเดือนก่อน

    Hey Jarno,
    If someone doesn't have any prior experience with JS, how does he go about getting this information about opening new sockets and forwarding the messages to our server? Thanks

  • @Carlos-kc8vx
    @Carlos-kc8vx 5 หลายเดือนก่อน

    very good video and diagram ;)

  • @smart-g-one
    @smart-g-one 2 หลายเดือนก่อน

    It won't work !?

  • @camelotenglishtuition6394
    @camelotenglishtuition6394 10 หลายเดือนก่อน +1

    Absolutely fantastic video mate, great job! Also, do you have a twitter??

    • @netletic
      @netletic  10 หลายเดือนก่อน +1

      cheers @camelotenglishtuition6394! I have a twitter (@netletic) but I'm not active on it at all I'm afraid 😅

    • @camelotenglishtuition6394
      @camelotenglishtuition6394 10 หลายเดือนก่อน

      @@netletic is there any way to email you instead perhaps ?

    • @netletic
      @netletic  10 หลายเดือนก่อน +1

      @@camelotenglishtuition6394 can email me at netletic@gmail.com 👍

    • @camelotenglishtuition6394
      @camelotenglishtuition6394 10 หลายเดือนก่อน

      @@netletic thank you,I will do! Have a great rest of your day