:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤 Great Indian hacker video. English. :3 😅 Shalom. Namaste.
Is finding a way to upload files without following the usual restrictions considered a security problem? Yes, bypassing file upload restrictions is a security vulnerability because it can potentially allow malicious files to be uploaded to a system, which can lead to various security risks and issues.
:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤 Great Indian hacker video. English. :3 😅 Shalom. Namaste.
It's intresting to learn that they place the password in an environment variable, wonder if most devs encrypt it as well. As that might be the slightest bit more secure.
Does this affect sites that do not do anything with the file, just purely serve it? I have a pretty basic file hosting service thats public, do I need to somehow worry about this? Symlinks are not something that can be POSTed over HTTPS, right?
Check whether if it is a symlink file or not, and don't let the Web server read, access directories, or file outside the Web root. If you are using php, there is a function is_link() to check whether its a symbolic link file or not
a suggestion, maybe you should try different titles something special surprising to be able to get more views adding curiosity to new students i mean we are technical student we understand your titles but new students might not and last thing as always this was a awesome video your's TheAKAnonymous
Hi brother, the symlink is only work when target site use ZIP/ TAR. How about normal upload file? can I upload that symlink file to retrieve the content?
:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤 Great Indian hacker video. English. :3 😅 Shalom. Namaste.
The GOAT is back....❤
:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤
Great Indian hacker video. English. :3 😅 Shalom. Namaste.
Is finding a way to upload files without following the usual restrictions considered a security problem?
Yes, bypassing file upload restrictions is a security vulnerability because it can potentially allow malicious files to be uploaded to a system, which can lead to various security risks and issues.
How to do that
@@ANKUR--xoxo bro raj will provide an exclusive demo for that scenario 🤠
Thanks for the donation, and question, brother! 🤝🤑☺️
:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤
Great Indian hacker video. English. :3 😅 Shalom. Namaste.
What a video ! Looking forward for such videos man! Keep it up
glad that you're back :)
big fan. happy that you are back.
yeees new video! GOAT is back
Good to see you Back ❤️♥️
Love you man, just subscribed
Where did you learn to pronounce environment as enveeronment? I am curious.
😍😍😍.. You are back❤❤
Wow, great video.
Thank you for making
It's intresting to learn that they place the password in an environment variable, wonder if most devs encrypt it as well. As that might be the slightest bit more secure.
Does this affect sites that do not do anything with the file, just purely serve it? I have a pretty basic file hosting service thats public, do I need to somehow worry about this? Symlinks are not something that can be POSTed over HTTPS, right?
So what is the counter of it? How to not let the hackers get access to the filesystem using symlincks?
Check whether if it is a symlink file or not, and don't let the Web server read, access directories, or file outside the Web root. If you are using php, there is a function is_link() to check whether its a symbolic link file or not
@@ClashWithHuzefa i see..
So, couple of rules for the webserver should do the trick. Thanks ✨
@AkeaNine welcome buddy
a suggestion,
maybe you should try different titles something special surprising to be able to get more views adding curiosity to new students i mean we are technical student we understand your titles but new students might not
and last thing as always this was a awesome video
your's
TheAKAnonymous
Hi brother, the symlink is only work when target site use ZIP/ TAR. How about normal upload file? can I upload that symlink file to retrieve the content?
Informative ❤️
Very informative, thanks.
is there some related article for this symlink vuln, u would like to recommend
thank you Sir , for this easy to understandable video for a noob like me.🙏🙏
Can you please make a video on burpsuite how to inject files on servers by changing the file extension and injecting a backdoor with that
Brother do you remember you used to create challenges (like CTF)? Please make those types of videos again.
Good content Man.
pretty informative and cool, thanks
THAT WAS CRAZYYYYYY BRUHHHHH 🔥🔥🔥🔥🔥❤❤❤❤
where to get this source file of the one you doing right now,
Is there any way to recreate this vulnerability, I wanna try and test it out
If yes someone point me to it please
you can also direct it make a zip file that contains backdoor shell (shell.php)
He's back.. 🤩
Love you bro 💪💪
Raj-"kingu kingu"
Any Issues With Users ?
Is this exploit have any number like cve-#####
Daemon, a program that runs in the background, anyone noticed the daemon
Anna nee Videos Kosam Wait Chastunnam ..
More unique python projects please
Do you provide. Course
love the explaination
thats actually genius
Nice !
Hua kisi se actually hack??
😮😮 so amazing
:3 I wonder if this can be used on my bug bounty targets. Also, I'm wondering how many Iranian, Lebanon, Saudi Arabian, North Korea, China, and other sites of terrorist, and dictatorship nations I get can into. 😅🥰🤑😋🤤
Great Indian hacker video. English. :3 😅 Shalom. Namaste.
Amazing
Cool
❤
so late to watch your video
Lel, interesting
just upload webshell
❤
❤
❤
❤