Hacking Websites: NodeJS Server-Side Template Injection

แชร์
ฝัง
  • เผยแพร่เมื่อ 24 ธ.ค. 2024
  • jh.live/snyk || Try Snyk for free and find vulnerabilities in your code and applications! ➡ jh.live/snyk
    More Fetch the Flag writeups: jh.live/ftf-wr...
    PS, I'll be presenting for the CloudSec 360 webinar with Wiz on the MOVEit Transfer exploitation -- tune in on November 8th! jh.live/wiz360
    Free Cybersecurity Education and Ethical Hacking
    🔥TH-cam ALGORITHM ➡ Like, Comment, & Subscribe!
    🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
    🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
    🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
    💥 SEND ME MALWARE ➡ jh.live/malware

ความคิดเห็น • 43

  • @Tib3rius
    @Tib3rius ปีที่แล้ว +22

    Absolutely ROCKING the OnlyFeet t-shirt, Juan!

  • @haliszekeriyaozkok4851
    @haliszekeriyaozkok4851 ปีที่แล้ว +2

    I'm pretty attracted by this. That teaches us no one shouldn't send back any external info without any sanitization to front-end, or at least hide server infos with using apache, nginx, litespeed kinda stuff.

  • @stefanhansan1979
    @stefanhansan1979 ปีที่แล้ว +18

    Hey John,
    This was hands down the best and most interesting ctf I have participated in. Thanks to you and the team for putting so much effort and detail into the challenges. It really paid off.
    Definitely got excited when I saw this video because this was a fun one to solve.
    Looking forward to the next ctf, and maybe you'll join us for Longhorn next time ;)

    • @arandomguy9474
      @arandomguy9474 ปีที่แล้ว

      damn you guys are insane. really look up to people like you as a beginner. wish i could be one of the few people like you who solve interesting challenges.

  • @shaharyarkhan7553
    @shaharyarkhan7553 ปีที่แล้ว

    I have been learning since years from you John, I remember when you had just a couple of thousand subs. I'm glad ive come a long way. Thank you.

  • @Iifesgood
    @Iifesgood ปีที่แล้ว +54

    Imagine getting hacked by a color picker

    • @maurox1614
      @maurox1614 ปีที่แล้ว +7

      It's not the color picker the problem here...
      The problem is the developer of the application that do not sanitze the user input and mess up with the render engine

    • @zhell
      @zhell ปีที่แล้ว

      @@maurox1614 ok

    • @Abeloser
      @Abeloser ปีที่แล้ว +1

      r/whooosh

    • @Jennyan.
      @Jennyan. ปีที่แล้ว

      It can pick you like tickles, you know...

  • @NotGeri
    @NotGeri ปีที่แล้ว +5

    It was an amazing CTF, thank you for hosting it! This challenge was quick and fun too!

  • @Lampe2020
    @Lampe2020 ปีที่แล้ว +5

    I was honestly too dumb to solve everything past the "Read the rules" challenge, although I now could easily follow along when you described and explained it now. Or maybe I was simply too tired…

  • @tincup033
    @tincup033 ปีที่แล้ว +8

    Really fun CTF but honestly, some of the "warm up" exercises (like this one) should have been in the medium category.

    • @amiruliman5874
      @amiruliman5874 ปีที่แล้ว +3

      yeah agree, its not warm up anymore , its just straight burning

  • @alaabrahim2881
    @alaabrahim2881 ปีที่แล้ว

    Finally a ctf writeup! I miss these

  • @tom-on
    @tom-on ปีที่แล้ว +1

    I really enjoyed the CTF! Thanks

  • @hoodietramp
    @hoodietramp ปีที่แล้ว +2

    good man John Hammond, good man

  • @valk9789
    @valk9789 ปีที่แล้ว +2

    Very colorful - had to say it!☺️

  • @repairstudio4940
    @repairstudio4940 ปีที่แล้ว

    This is why your the best! 🎉

  • @wacand
    @wacand ปีที่แล้ว

    I must say it is kind of funny Snyk, as a SAST vendor, didn't alert on the vulnerability.

  • @debarghyamaitra
    @debarghyamaitra ปีที่แล้ว +1

    This was really interesting challenge!

  • @starlox0
    @starlox0 ปีที่แล้ว

    Awesome content💥💥💥

  • @NorthLaker
    @NorthLaker ปีที่แล้ว +1

    I kept trying to figure out how to read the flag.txt file using the include function from ejs itself, but you can only load .ejs files that way. I didn't realize it's basically an eval where you can do anything within Node.

    • @dsyncd555
      @dsyncd555 ปีที่แล้ว +1

      I've been doing the Huntress CTF and have solved some things I have never done before. I don't think I would have solved this. Just keep at it and keep learning something new.

  • @CriticallyInsane
    @CriticallyInsane ปีที่แล้ว +1

    noooo i had the RCE (i did not think to look into the readfile because i am greedy) and saw the object array but didn't know how to get the output displayed until this video!! haha cool challenge

  • @demotedc0der
    @demotedc0der ปีที่แล้ว +2

    SSTI is pretty neat

    • @demotedc0der
      @demotedc0der ปีที่แล้ว +5

      OnlyFeet 😂😂😂😂 where do you find these t-shirts 😭

    • @Perryman1138
      @Perryman1138 ปีที่แล้ว +1

      @@demotedc0derI made them for DEFCON 31

  • @Pyth0g
    @Pyth0g ปีที่แล้ว +3

    first!

  • @user-dm6hs2fe2p
    @user-dm6hs2fe2p ปีที่แล้ว +1

    Great challenge

  • @f1nal_c4ll75
    @f1nal_c4ll75 ปีที่แล้ว +2

    Felt like these were too involved for "warm-up" flags and descriptions weren't great either. This flags description said Snyk can find it. I spent hours trying to figure out Snyk, only to find out it can't find it (at least from what I could see)

  • @DOM-cc
    @DOM-cc ปีที่แล้ว

    i missed the ctf :( is there a way to play it afterwards?

  • @Naath000
    @Naath000 ปีที่แล้ว +2

    Ya Which i Wasn't able to

  • @CitizensCommunity
    @CitizensCommunity ปีที่แล้ว +1

    I spent way too much time trying to get the snyk scan to work and got so frustrated. "Snyk Code is not supported for org: enable in settings > Snyk code" How?
    snyk test or monitor "tested 74 dependencies for knowin issues, no vulnerable paths found." ?

  • @gamermashoo9756
    @gamermashoo9756 ปีที่แล้ว

    Plz upload the solution of finders keepers

  • @Hardik-e1t
    @Hardik-e1t ปีที่แล้ว +2

    Second!

  • @flintstones6728
    @flintstones6728 ปีที่แล้ว

    🎉third

  • @ATLuh
    @ATLuh ปีที่แล้ว +1

    Easy he says

  • @dsyncd555
    @dsyncd555 ปีที่แล้ว

    that was marked as an easy challenge? rip

  • @donnabuckalew-wagner6431
    @donnabuckalew-wagner6431 ปีที่แล้ว

    ❤❤❤❤❤❤❤❤❤❤❤

  • @tahashafquat9602
    @tahashafquat9602 ปีที่แล้ว

    Best content every time 🎉plz share How to hack WhatsApp plz make a brief vedio ❤

    • @noahmassey9715
      @noahmassey9715 ปีที่แล้ว +1

      Hacking should only be done in an ethical scenario. “Hacking WhatsApp” is nowhere near that easy, and shouldn’t be done unless you have permission. John’s not gonna go to prison so that you can see who your ex is chatting with lmao