Man I'm loving videos like this. You bring us through each step and explain your thought process, even though it's a rather simple deobfuscation thing, it's super valuable for people that never did any of this (like me)!
Forgive my possibly ignorant question, but why are people re-implementing file transfer software? We have dozens of proven solutions that haven't had massive vulnerabilities. What does the Progress company add to their software that other less vulnerable applications don't offer? It seems like these tools, both the tool behind the moveit vuln and this tool, are bad re-implementations or bad wrappers around otherwise secure software.
@@funil6871 Yep, and I'm guilty of that too, but for goodness sake, it feels like some projects are beyond the skill of the involved developers. This is an example of what happens when people fail to acknowledge the edges of their understanding. I've considered implementing the TLS standard in Rust as a learning project, but there's no way on earth I would think about publishing it as anything other than a toy implementation.
I've been wondering this as well, same goes with general chat applications and some of the tried-and-true functions baked into many OS these days. I'm all for innovation, just don't understand why reinventing the wheel is needed if holes like this are being discovered. Then again, I am probably nowhere near as knowledgeable in this area as some of the commentors.
@@raging666 chat applications are a fantastic example. What happened to good old XMPP? That is an open protocol that supports encryption. We should have just stuck with that.
Progress AKA Telerik makes a ton of tools for developers (like Kendo). So I'm thinking they branched out so that their tools can work better with different technologies. I'm not a fan of any Telerik products, but I've had to work with them because many companies use them. But many people do like their products.
If you can't figure out how to watch TH-cam without ads then your probably not part of the target audience. Hint; you can block them at the application layer (browser extension) or at network layer (DNS sinkhole). You will never know they even existed. 😉
![[#2024MAMA] G-DRAGON - 무제(Untitled, 2014)+POWER+HOME SWEET HOME+뱅뱅뱅+FANTASTIC BABY | Mnet 241123 방송](http://i.ytimg.com/vi/Ox29z5Nf1Uk/mqdefault.jpg)
I got a “fetch the flag ctf” ad of you at the start of the video. I thought it was just the video and didn’t even realize it was a separate ad
This is hysterical and I am also sorry 😂
Thank you John! Always appreciate you taking the time to explain and sharing your insightful knowledge with us all
Why is an FTP server allowing Powershell commands at all?
I just clicked on your video and I got an add from Snyk and your are speaking
By far the most interesting part is the rat race between amsi and the specific formatting and obfuscation of the payloads...
Man I'm loving videos like this. You bring us through each step and explain your thought process, even though it's a rather simple deobfuscation thing, it's super valuable for people that never did any of this (like me)!
For the malicious IP you tried to curl....do you think the bad actor could be whitelisting IP ranges or excluding VPN IP ranges)?
using proton since a few months now, its awesome
That was weird i had a ad with John Hammond before the video started so I thought the video jad startet but I had the skip ad thing 😂
@John Hammond how can i get in contact with you?
I can't wait for Mr. Hammond to exploit my Homelab one day 😘
👍 great video
Thank-you for the break down.
but proton mail just hit by html vulnerability. and they fixed. tag and some manipulation.
nice 👍 video
Hi bro can you help me some scammers stolen my funds...can you trace or recover my funds please
How much did they stole from you 😢
@@kimmysmith577 232603$
@@kimmysmith577 so many people take upfront fee and cheat me
Hey John, why don't u start merch, I really love your t-shirts, they're very inspiring ^ ^
Plz continue on hved exploitation on windows kernel plz ❤
Forgive my possibly ignorant question, but why are people re-implementing file transfer software? We have dozens of proven solutions that haven't had massive vulnerabilities. What does the Progress company add to their software that other less vulnerable applications don't offer? It seems like these tools, both the tool behind the moveit vuln and this tool, are bad re-implementations or bad wrappers around otherwise secure software.
A
@@funil6871 Yep, and I'm guilty of that too, but for goodness sake, it feels like some projects are beyond the skill of the involved developers. This is an example of what happens when people fail to acknowledge the edges of their understanding. I've considered implementing the TLS standard in Rust as a learning project, but there's no way on earth I would think about publishing it as anything other than a toy implementation.
I've been wondering this as well, same goes with general chat applications and some of the tried-and-true functions baked into many OS these days. I'm all for innovation, just don't understand why reinventing the wheel is needed if holes like this are being discovered. Then again, I am probably nowhere near as knowledgeable in this area as some of the commentors.
@@raging666 chat applications are a fantastic example. What happened to good old XMPP? That is an open protocol that supports encryption. We should have just stuck with that.
Progress AKA Telerik makes a ton of tools for developers (like Kendo). So I'm thinking they branched out so that their tools can work better with different technologies. I'm not a fan of any Telerik products, but I've had to work with them because many companies use them. But many people do like their products.
Thanks John for sharing khatarnak😅 info ...
I just got a TH-cam ad for this 20:21 with John doing the ad read
Good Video 👍
Please John is SRA a Scam or Real
Decent.
good vid
3 number comment 27 number like 285 number viewer in 7 minute 😅😊
First comment (almost)
Forced ads. Automatic down vote
Get the sponsorblock extension and wait a bit before watching. No one will care how early you commented 500 years from now.
Use Brave lol
If you can't figure out how to watch TH-cam without ads then your probably not part of the target audience.
Hint; you can block them at the application layer (browser extension) or at network layer (DNS sinkhole). You will never know they even existed. 😉
@@johndeaux8815 assuming a browser.... What a dumb@ss
@@robertlemonsjr and another browser boy..... Probably on Pc too..... Yeh right