Just wanted to say I'm new in the I.T. industry, read A+ and studying for my Network + cert while pursuing cyber security and watching these videos and having you explain things is really helpful for me despite how basic some of these are. Just wanted to say I appreciate the content this way.
The reason it didn't work in the browser/curl was because you were using && instead of ; && runs the second command only if the first command ran successfully ; runs the second command regardless of the first command And since the first command is `date ''` which returns an error, the second command never ran!
?format='; whoami # still fails in the browser. The command would run `date +''`, which doesn't error, and returns an error code of 0 indicating it succeeded. It just has an empty string for a format string :)
@@_JohnHammond I believe the reason it does not work in browser is because # is never sent to the server as it is the "fragment identifier". However, URL encoding it to %23 might have worked IMO :) Thank you for great video as always!
Really enjoyed the time you took to explain this one. it's pretty straight forward, but this format would be great for beginners. love your work
Just wanted to say I'm new in the I.T. industry, read A+ and studying for my Network + cert while pursuing cyber security and watching these videos and having you explain things is really helpful for me despite how basic some of these are. Just wanted to say I appreciate the content this way.
Followed you up since start of the year and quality has evolved in the meantime. Keep It up📼
this makes me want to try some of these myself
Yeah same, the problem is that Ive never done anything like that lol
I like the tune after the video ending
This little breadcrumbs are so essential, thanks for sharing 👌👍
I love your work John! ❤️
Love your content John....learn more and more.....greeting from indonesia
absolutely love your videos John
Love the CTF videos! Keep that up man!
yay john is going back to his roots
Awesome content, getting to learn some new stuff :)
I learned a lot from this ctf.
love your videos man
Really helpful thank you
Great video's mate.
Can you please tell us why it didn't work with curl or browser? And why it's working only python?
What happened to the dark web series?
brilliant
The reason it didn't work in the browser/curl was because you were using && instead of ;
&& runs the second command only if the first command ran successfully
; runs the second command regardless of the first command
And since the first command is `date ''` which returns an error, the second command never ran!
?format='; whoami # still fails in the browser.
The command would run `date +''`, which doesn't error, and returns an error code of 0 indicating it succeeded. It just has an empty string for a format string :)
@@_JohnHammond I believe the reason it does not work in browser is because # is never sent to the server as it is the "fragment identifier". However, URL encoding it to %23 might have worked IMO :)
Thank you for great video as always!
Yayyyyy ctfs!!!!!!
Love ur vids
That was good
u are awsome
I am first command. Holy YES!
Me first to reply you and second to comment 😏
Me second to replay and third comment
@@nizarel-marzouki9076 me third to reply and 4th to comment :)
5th. baby!!!
You may be first to command but not to comment
Sir ... if possible ... please release a video on Pegasus spyware ...
to the 8 people who disliked, Why?
Htb ca 2024 had same challenge again this year lol
hey how did u crack the password? that time it was unprotected but now password is required. actually I am new here
Update your chrome
Nice try!
3rd Comment Muahahaaaa
2nd comment because replies to comments don’t count.
7th