Hacking an organization with one of the most stealthy and dangerous web attacks
ฝัง
- เผยแพร่เมื่อ 3 ส.ค. 2024
- DNS exfiltration over HTTP is a stealthy attack that enables you to bypass web application firewalls. Not many security researchers and penetration testers fully understand it. So in this video, we dive deep on what is DNS exfiltration and how it works and how to use it to bypass firewalls and maximize the impact. make sure to subscribe and turn on the notifications bell.
{----- Lab -----}
github.com/leetCipher/bug-bou...
{----- Support -----}
/ leetcipher
{----- social -----}
/ leetcipher
{----- Video chapters -----}
0:00 intro
0:13 lab setup
1:04 lab overview
1:33 fuzzing the vulnerable parameter
3:20 tcp vs udp traffic
4:13 what is dns
4:43 interactsh
5:17 installing interactsh
5:53 how dns servers handle domain queries
6:21 testing our theory
7:00 domain name anatomy
8:05 planning the attack/exfiltration
9:27 implementing the exploit in bash
10:33 running the exploit in burp suite
11:37 implementing the exploit in python
12:29 running the exploit in burp suite
12:57 decoding the payloads using python
13:45 adding even more constraints
14:27 adding a custom base64 encoding to our exploit
15:03 running the exploit in burp suite
15:18 decoding the exfiltrated payloads
16:03 outro
#hacking #bugbounty #penetrationtesting - วิทยาศาสตร์และเทคโนโลยี
while True:
subscribe(channel)
like(video)
share(video, everywhere)
Those "small" security channels are the most underrated channels on youtube, and they are my to go place for ACTUAL GOOD CONTENT (and not influencer like content)!
Keep up the great work mate!
Liked + Subbed
what are some others
+1, agreed so much
Awesome video. Video's like this make me feel that there is so much to learn and I don't know anything 😂
You know what i have been addicted by your content to see again and again.
Thanks 🙏
You're one of my favorite channel when it comes to Security. Thank you very much for giving us a high quality content.
The skills i need to acquire , i smashed subscribe button when I saw your first video . As a beginner it's very hard to grasp this but I'm still getting something out of it 😊 , i understand the effort you taking for this video as a youtuber please don't stop this , keep going ❤❤❤
Also your previous video of ssrf using dns rebinding techniques result my first bounty of $200 that's why I love your videos 😊
This video was great! Please don't stop creating these
Great to see you uploading again!
I subscribred in this channel, really good content.
Another awesome video as always. Worth the wait . It would be great if you uploaded more frequently!!❤
First time i see you here and Im so impress .Thanks
Some awesome content you are putting out man!
Wow i didn’t know u uploaded a new video,you’ve inspired me once again
what a perfect explanation ! Thanks for great content
Your videos are so awesome i usually revise those in every few days. Although I have subscribed and turned on the notification, i visit your channel oftentimes to see if you have uploaded new video. 😂
But why didn’t you tried hex encoding? Isn’t hex encoding best for dns based data exfiltration? What if python or dig was not installed?
Awesome tutorial out there
Nailed it! Perfect. Could you please start teaching from scratch or share the roadmap you have followed?
Welcome back
great Tutorial
Awesome 😎
keep going ❤
bro u r genius man !!
Nice bro
GOLD
amazing
Bro how to develop mindsets just like you 😭😭💔 pls reply me 😭 i have 5 year experience still I am not able to find bugs 😞
Blind os command
Si c'est moi je ne serai pas aller si loin chapeau hacker
Love you bro, you're fcuking genius
Small question: why did you apply b64 and then on top of that you applied b58, and not applied b58 which has no special chars directly from the beginning?
That's actually a good question. Unix-based distributions do not have the base58 binary installed by default, which means there's a high chance our attack won't work, and it was also for demonstration purposes, that's why at the end of the video, we showcased the same attack with only base64 implemented from scratch, and then we converted the special chars to ascii representation.
Can you make a video like how did you become a penetration tester able to find real bugs in bug bountys please ?
perfect
I have a problem.When i send domain;echo code thru burp it does not save it in /tmp directory .How come is like that .Any clue ?
is it possible to do this trick on any Blind SSRF with HTTP ping back?
❤🔥❤🔥❤🔥❤🔥❤🔥
Omg 😮
Cool, do you have a course on udemy?
Man you are fuckin genius!
😲
\o/
the error sound transition is very irritating sorry
i saw the same kind of ctf challenges on VishwaCTF2023.. in a web Challege . it was checking if domain was active or not. eventually came out with blind rce
nice
hey man you are an awesomee teacher! do you have a twitter account or something?
do u have discord?