somebody asked a great question (but deleted comment 🙁) about the command injection @ 1:24:31, "why %0a works but doesn't since \ and % are both blocked?" in this case actually the URL encoding wasn't really important, it was the newline ( ) which is used as a command separator on Unix-based systems (see portswigger.net/web-security/os-command-injection ). so we could also just send the request in Burp Suite with an actual newline like this: imgur.com/a/zRmVNkp and it works fine 😀 Or we can send a URL encoded newline but, as the original question explained; we can't send " " as a string due to the filter on chars like: \;|$ etc
Great video men! I would definitely start to follow you and watch your videos! I want to go more deeper in CTFs and this is a really valuable resource! thanks! Keep up with this great videos!
thank you 🥰 go for it!! 😉 the only thing i dont like is it takes a lot of my time i could be using to solve more challenges.. but on the other hand it helps me solidify my understanding when i actually try to explain things out loud and hopefully can help people learn at the same time 😊 also, ill forget all this in a few month and have to rewatch my video to solve challenges 👀😅
@@gli4chmask282 thanks mate 🥰 ive learnt so much from youtube as well, theres so much amazing content.. time is the only constraint! it feels good to give something back to the same community that has helped me over the years 😊
hmmmm i hope the pwn challenges i walk through in this video will help beginners learn binary exploitation 😁 i recommend just start jumping into challenges but for additional resources this site has helped me with a lot of concepts: guyinatuxedo.github.io i also found the ROP emporium series really helpful for learning, i did a video series on it a while ago which are probably some of my favourite videos in terms of technical content (although at the time my video making skills were lacking): th-cam.com/video/oBZy0bGNezo/w-d-xo.html apart from that, check out pwn.college and some of the video series from LiveOverflow (🐐). there is soooo much great content out there to learn from 😊
First of all I would like to thank you for these awesome videos not only this one although I have started watching your channel 2 weeks ago xD Regarding your solution for the availability challenge, I have made another solution instead of extracting the flag string by grabbing it char by char. I have made the same solution as @Johannes Sonn mentioned but I couldn't post the exact solution because youtube removes my comments xD I have made a tcp tunnel to my local machine that was mapping to a netcat listener. Hope you got my point and I am sorry for my poor English xD Keep Going!!
Hey man, I am checking your videos ever since I crossed you in one CTF and added you to discord, great stuff, what resource/s would you recommend for binary exploitation learning? Thanks a lot.
thank you mate 🥰 this site has helped me with a lot of concepts when working on challenges (HackTheBox pwn challs are awesome): guyinatuxedo.github.io i also found the ROP emporium challenges really helpful for learning, i did a video series on it a while ago which are probably some of my favourite videos in terms of technical content (although at the time my video making skills were lacking): th-cam.com/video/oBZy0bGNezo/w-d-xo.html apart from that, check out pwn.college and some of the video series from LiveOverflow (🐐) edit: deusx64.ai - i haven't check this out yet but it looks cool!
i see that hackthebox and hackerone teamed up to create a new path for bug bounty on the HTB academy, i haven't seen it but i expect it to be good! edit: i should add that in terms of free resources, i think www.hacker101.com/ and the accompanying challenges ctf.hacker101.com/ are a good starting point. portswiggers web security academy is also free and imo the number one resource for learning about web vulnerabilities: portswigger.net/web-security
Hey!I tried downloading Sonic Visualiser but it doesn't show me the transform to spectogram ( more specifically the all channels possible command).Any help please.
@@_CryptoCat I first tried downloading it from the command line using sudo apt install sonic-visualiser but it didn’t show me that command so after i deleted it I tried from the search engine as well but it happened the same thing.
@@pligonstein615 hmmm it could be the file or the program thats the problem. first step of troubleshooting is to identify the problem, have you tried multiple files??
somebody asked a great question (but deleted comment 🙁) about the command injection @ 1:24:31, "why %0a works but
doesn't since \ and % are both blocked?"
in this case actually the URL encoding wasn't really important, it was the newline (
) which is used as a command separator on Unix-based systems (see portswigger.net/web-security/os-command-injection ). so we could also just send the request in Burp Suite with an actual newline like this: imgur.com/a/zRmVNkp and it works fine 😀 Or we can send a URL encoded newline but, as the original question explained; we can't send "
" as a string due to the filter on chars like: \;|$ etc
Love the way you solve the pwn challenge, I was only able to solve the "library" & "butter_overflow" during the competition, KEEP IT UP BRO 👌😊
thank you mate 🥰🥰🥰
Great video men! I would definitely start to follow you and watch your videos! I want to go more deeper in CTFs and this is a really valuable resource! thanks! Keep up with this great videos!
thanks so much 🥰
yoo your vids are always motivating me for making videos in youtube
thank you 🥰 go for it!! 😉 the only thing i dont like is it takes a lot of my time i could be using to solve more challenges.. but on the other hand it helps me solidify my understanding when i actually try to explain things out loud and hopefully can help people learn at the same time 😊 also, ill forget all this in a few month and have to rewatch my video to solve challenges 👀😅
@@_CryptoCat thx very much i learned everything from ur videos ..... everything i know is from your channel and some more youtube channels....
@@gli4chmask282 thanks mate 🥰 ive learnt so much from youtube as well, theres so much amazing content.. time is the only constraint! it feels good to give something back to the same community that has helped me over the years 😊
I discover ur channel, you are the best man!!! I hope I can see you more of your ideas to solve ;D
thanks mate 🥰
Vou comentar em PT-BR mesmo: você captura flag com muita elegância! MUITO BOM ISSO AÍ, NAMORAL
Obrigado 🥰
Great video, thanks!
thanks mate 😻
i enjoyed this video. nandri!!!
nandri 😻
Can you recommend me any resources to learn "How to solve pwn challenges/Binary exploitation" for newbies like me?
hmmmm i hope the pwn challenges i walk through in this video will help beginners learn binary exploitation 😁
i recommend just start jumping into challenges but for additional resources this site has helped me with a lot of concepts: guyinatuxedo.github.io
i also found the ROP emporium series really helpful for learning, i did a video series on it a while ago which are probably some of my favourite videos in terms of technical content (although at the time my video making skills were lacking): th-cam.com/video/oBZy0bGNezo/w-d-xo.html
apart from that, check out pwn.college and some of the video series from LiveOverflow (🐐). there is soooo much great content out there to learn from 😊
@@_CryptoCat Thanks for the reply. Keep up the good work ♥️♥️
@@0xsudip892 thank youuuu 🥰
Try Liveoverflow TH-cam channel for binary exploitation basics. He does a great job at explaining basics of reversing and pwning!
awesome man!!!!!!
🥰🥰🥰
First of all I would like to thank you for these awesome videos not only this one although I have started watching your channel 2 weeks ago xD
Regarding your solution for the availability challenge, I have made another solution instead of extracting the flag string by grabbing it char by char.
I have made the same solution as @Johannes Sonn mentioned but I couldn't post the exact solution because youtube removes my comments xD
I have made a tcp tunnel to my local machine that was mapping to a netcat listener.
Hope you got my point and I am sorry for my poor English xD
Keep Going!!
thanks mate 🥰 great solution and your english is very good! 😮
Hey man, I am checking your videos ever since I crossed you in one CTF and added you to discord, great stuff, what resource/s would you recommend for binary exploitation learning?
Thanks a lot.
thank you mate 🥰
this site has helped me with a lot of concepts when working on challenges (HackTheBox pwn challs are awesome): guyinatuxedo.github.io
i also found the ROP emporium challenges really helpful for learning, i did a video series on it a while ago which are probably some of my favourite videos in terms of technical content (although at the time my video making skills were lacking): th-cam.com/video/oBZy0bGNezo/w-d-xo.html
apart from that, check out pwn.college and some of the video series from LiveOverflow (🐐)
edit: deusx64.ai - i haven't check this out yet but it looks cool!
@@_CryptoCat Awesome, thanks a lot!
DO YOU RECOMMEND ANY SOURCES TO LEARN BUG BOUNTY? (BEGINNERS)
i see that hackthebox and hackerone teamed up to create a new path for bug bounty on the HTB academy, i haven't seen it but i expect it to be good!
edit: i should add that in terms of free resources, i think www.hacker101.com/ and the accompanying challenges ctf.hacker101.com/ are a good starting point. portswiggers web security academy is also free and imo the number one resource for learning about web vulnerabilities: portswigger.net/web-security
Hey!I tried downloading Sonic Visualiser but it doesn't show me the transform to spectogram ( more specifically the all channels possible command).Any help please.
hmmmm that's strange, what's the filetype? have you tried some other files to see if it is the program or the file that's causing the problem?
@@_CryptoCat I first tried downloading it from the command line using sudo apt install sonic-visualiser but it didn’t show me that command so after i deleted it I tried from the search engine as well but it happened the same thing.
Thanks in advance for the help.:)
@@pligonstein615 hmmm it could be the file or the program thats the problem. first step of troubleshooting is to identify the problem, have you tried multiple files??
Yes
why was my comment deleted? xD
it wasnt deleted by me 😮 what did you say??
@@_CryptoCat okay may be it is somesort of network issue xD
I will post it again xD