Impact: We can manipulate next http request and this can lead to http host header attacks! This poisened http request also can lead to SSRF attack.💀 ............... Perfect Explained. 🙂
Good & Simple Explanation . Watched James Kettle Video on the same topic. But sab upar se gaya . Ye video straight dimag mey gaya .Thanx Bro. Impact HTTPSmuggling ka bahut hoa sakta hai : like stealing session info, waf bypass , etc.
1 Number Buddy... 💯❤️❤️🖤 complet understanding video And be Honest TH-cam pe Aisa content kahi nahi haii.....soo hatsofff for that..🤠 Buss Jaldi ek practical video Dal do ham bhai practice kar sake..:-)🤗
Awesome bhai ❤.....impact sayad Hmlog koi v request bhej skte hai GPOST, GGET, ke through... Header Connection error aayega uske bad content length ko ched chad kar skte hai.. Modified kar ke bhej skte hai..
By HTTP smuggling an additional request into one , you can bypass security controls that are in place and potentially access/modify how the back end will send a response to another request/user. This can be used from anything to fetch etc/passwd, send redirection links, or even takeover accounts
Request Smuggling basics in simple language .. Video contents are really good. Impact is obvious that in the deployments like CDN, reverse proxy and load balancer, the user sending the legitimate and valid requests may get unexpected poisoned response with the successful attack. In normal deployments with out any front end servers in place, this test case becomes irrelevant. Confirming if the attack is successful or not is a challenge in itself as per understanding. Awaiting for more informational videos Sir ...
i was thinking, can you plz make a video on grep ..for example how patterns works in this command..how to fetch urls ,,, already tried google and so far not understandable,, i m sure many others also suck at grep...if possible plz make a video on this one...thanku
Impact : "May be hum un pages ko access kr paye jo ki ek normal user nahi kar sakta , suppose maine 'g' ki jagah likha POST /admin HTTP/1.1 host: localhost then may be next request me admin page ka access mil jaye , ya fir webpage error bhi generate kr sakta hai , incase of 'g' vo next request me GPOST bn gaya but GPOST naam ka koi method hai he nahi , sirf "GET" and "POST" hai to may be error aaye "
I think bhai Http request smugling vurnibility agar kisi website main ho gi to Jab User request baijen ge server per to backend per to http request ko server thek tareqe se handle nahi kar pay ga. and agar aisa hai to phir ofcorse jab server hamari request ko hi thek tariqe se handle nahi kar paye ga. (server confuse ho jay ga) to attackers k liye yehi sab se acha moqa ho skta hai attack krne ka. Agar aisa hi hai to phir session hijacking b ho skti ho gi. ( Ye mera khayal hai k aisa ho skta hai. baki next video me daikhta hu)
bhai 5 ghnate se book me iske bare me padh rha tha kuch ache se nhi samjha apne ek dum simple desi style bta diya thnxxx bhaiii.....
Impact: We can manipulate next http request and this can lead to http host header attacks! This poisened http request also can lead to SSRF attack.💀
...............
Perfect Explained. 🙂
Maine poc dekhi thi pr kuch samaj nahi aaya tha pr ab samaj me aaya bro
Thanks bro ❤️❤️❤️😘😘
Glad to hear that
Iska impact k liye I will watch ur second video Bhai
Is video ko maine das baar loop mai chalaya aur views milne(i dont know if it works like but still) ke liye very well explained.
i dont understand y u have very less views and subscribers. U deserve 10 times more. Respect to u
Mind blowing you deserve More likes and subcribe valuable 😎🤩🤩
Thank You So Much
Bhai MOJ kerdi........ab jaker samajjh m aaya hai yhe topic.
4 baar dekhi jb smj aayha....thnk you bro
Good & Simple Explanation . Watched James Kettle Video on the same topic. But sab upar se gaya . Ye video straight dimag mey gaya .Thanx Bro. Impact HTTPSmuggling ka bahut hoa sakta hai : like stealing session info, waf bypass , etc.
This guy has the best explanation. If I get some bounties using this I should atleast buy this guy a beer😃😃
1 Number Buddy... 💯❤️❤️🖤
complet understanding video
And be Honest TH-cam pe Aisa content kahi nahi haii.....soo hatsofff for that..🤠
Buss Jaldi ek practical video Dal do ham bhai practice kar sake..:-)🤗
Thanks for your valuable comments... Next part coming soon
bhai ,,kaassam se yarrr ,,,,mast bhaii,,, ,,,,,,, tu haagarrrrree saaal jiii
Bhai bhale tume 3 saal phale upload ki but I love it 👏👏
samjgaya bhaijaan samajgaya finaly....!
very good Explanation .........
Bro amazing proper guruji vaali feeling dedi😂😂😂
Ye bolke ki chappal kaha hai meri
Love you bro
oh ma go.....what a explanation , love you bro
Bhai Saaahab ... Kya sahi se explain kiye hai ... Masta hai Sirji ... Maza aa gaya ...
Seriously man everything understandable 🧡
learning from Nepal. Tq sir 🔥🔥🔥❤️
Hi bro
Perfectly explained bro,...ek number
O bhaiiiiiiii huuuuuuu ....Maja aa gaya bhai ☺️☺️ for faar dunga ab to office m 😎
really nice teaching style i like it
Your effort is truly unbeatable. Great Bhai
Thank you so much 😀
Superb sir ❤, love you sir ji 🙏🏻😊
Maza A gya Sir is Video ka. Thank You So Much
Amazing. Why you stopped making security contents would love to see more
Best teacher bro.
Best, great , greatest 💯💯💯💯
Veryyy Nice Explanation Zeel bro !
bhoat mehnat kari ha bhai ne
Awesome bhai ❤.....impact sayad Hmlog koi v request bhej skte hai GPOST, GGET, ke through... Header Connection error aayega uske bad content length ko ched chad kar skte hai.. Modified kar ke bhej skte hai..
Great and informative video, waiting for 2nd part.
very informative video
Wow wow u r great bro ,loved it from !
Nepal
Great video
And great explanation😊😊👍👍
I'm like this video in start
Chaa gya tu beeru
Thanks
You are awesome guru 😎❤
Labs k liye wait kr rha hu... Love you brother 😘
Thanks ...
very nice video love from pakistan
Perfectly explained ❤
perfactly explained
Impressive
Nice explanation
acche se sikhaya bhai
wow good 👍👍
Mza aagya broo ❤️😀
Honest teacher❤
Great ...love it..
By HTTP smuggling an additional request into one , you can bypass security controls that are in place and potentially access/modify how the back end will send a response to another request/user. This can be used from anything to fetch etc/passwd, send redirection links, or even takeover accounts
Let see in next video kya hota hai
@@SpinTheHack Hope i will be wrong
Great content
Good one..Thanks
More useful information
Sir ji
Great bro
Bhai hats off for this concept. 🙌👌
great
Mst sir😀❤️
nice explanation. thanks
Thank you soo much sir your all videos is too much help full thanks once again bro
Your most welcome... Keep Grinding
awesome
Thanks 😊😊 love it
It's awesome
osm bhai
Great thanks
Request Smuggling basics in simple language .. Video contents are really good. Impact is obvious that in the deployments like CDN, reverse proxy and load balancer, the user sending the legitimate and valid requests may get unexpected poisoned response with the successful attack. In normal deployments with out any front end servers in place, this test case becomes irrelevant. Confirming if the attack is successful or not is a challenge in itself as per understanding. Awaiting for more informational videos Sir ...
Good broo
Impact - dusri wali request me kuch bhi ghusa sakte ho or vo server to bhola he vo input lelega .
pls create more videos on all web security issues, owasp issues.
Bro you nailed it ✌️
You Killed it😎
Impact: We can transfer our payload to server in a stealth way
Perfect Explained. 🙂
amzing bhai
can you make a insecure deserialization video
love from pakistan🔥🔥
awesome loveya as well as music
Thank you sir
bro, You nailed it !
mene bohot assa samja
Great ❤
isase ham kisi site me script run kr kar sakte ya fir shall access le skte hai.
Make part2 soon.
Coming soon asap
🔥🔥
csrf can be impacted
and yes you rock
❤️
great explanation bro🔥🔥👍
Window start in 1:36
Im 3rd
👏👏👏
i was thinking, can you plz make a video on grep ..for example how patterns works in this command..how to fetch urls ,,, already tried google and so far not understandable,, i m sure many others also suck at grep...if possible plz make a video on this one...thanku
Will surely take out time to make such video
yeah make video on this topic please
Zeel bro ' intro video ka music ka naam kya hai ...
Impact : "May be hum un pages ko access kr paye jo ki ek normal user nahi kar sakta , suppose maine 'g' ki jagah likha POST /admin HTTP/1.1 host: localhost then may be next request me admin page ka access mil jaye , ya fir webpage error bhi generate kr sakta hai , incase of 'g' vo next request me GPOST bn gaya but GPOST naam ka koi method hai he nahi , sirf "GET" and "POST" hai to may be error aaye "
Let's see what happens in the next video
"Impact:" bhai maybe website error produce kare q ki ek new request ban gaegi G get ke waja se ya kuch agib behave kare GI website
The way he says htttp 😄
What is playload ispe video banao
impact i think accsess back end server from uploading malicious code , like bypassing file uploading
I think bhai Http request smugling vurnibility agar kisi website main ho gi to Jab User request baijen ge server per to backend per to http request ko server thek tareqe se handle nahi kar pay ga. and agar aisa hai to phir ofcorse jab server hamari request ko hi thek tariqe se handle nahi kar paye ga. (server confuse ho jay ga) to attackers k liye yehi sab se acha moqa ho skta hai attack krne ka. Agar aisa hi hai to phir session hijacking b ho skti ho gi.
( Ye mera khayal hai k aisa ho skta hai. baki next video me daikhta hu)
Gget ka response kya aayega?