Z3nsh3ll смотреть последние обновления за сегодня на .
In this video learn a simple method for detecting possible SQL injection attacks. The consequences of misconfigured SQL can be extremely severe such as: 1. Complete access to private data such as customer data. 2. The possibility to completely destroy important database records that are not backed up. It can be as simply as checking forms with a single or double quote payload to see if any errors are provided. Watch the video to see an example of this in practice along with analysis of the resultant error. 00:00 Intro 00:17 What is SQL? 02:58 Sending an SQL injection payload 04:11 Interpreting the http response 05:32 Analyzing the SQL query 06:57 Are error disclosures ok in a web app? 08:03 Enumeration of vulnerabilities 10:04 Summary
In this video we run the BlackArch Linux update command. If there are any downsides to this distro it's that we potentially have a lot of packages to updade, so the process can take a while and involve a number of errors. We'll deliberately run into these errors and solve them as they crop up. This way we'll mirror a typical install process for a Black Arch user. 00:00 intro 00:30 Running sudo pacman -Syu 00:44 Adding our user to the sudoers file 03:07 Adding our user to the wheel user group 03:43 Re-running sudo pacman -Syu 03:58 Replacing existing and conflicting packages including tesseract wall of text 05:28 Information from Black Arch on the update process 06:07 Importing PGP keys 06:47 Packages corrupted error message 08:28 sudo pacman-key refreshkeys 10:20 pygrun conflicting files error 11:28 Black Arch update complete.
In this tutorial, we install Black Arch Slim edition on Virtualbox using an ISO image file. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Intro, differences and download 00:32 Create new virtual machine in Virtualbox 02:49 Firing up the new machine 04:32 Running the installer 07:15 Removing the ISO and booting BlackArch Slim
In this session we run a directory traversal attack on a server that is running basic file extension validation on provided filenames. We make use a null byte injection attack to convince the server that the filename provided has the correct extension when we are actually requesting the contents of etc/passwd which doesn't have any filename extension. 00:00 Intro 00:24 Exploring the lab 01:38 File extension validation 02:11 Null bye Injection 04:07 Sending the null byte payload This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we run a KDE Desktop Install on Black Arch Linux. Linux commands used in this tutorial sudo pacman -S xorg plasma plasma-wayland-session kde-applications systemctl enable sddm.service systemctl enable NetworkManager.service 00:00 Intro 00:36 Install required packages 01:21 Enabling required services 01:58 Logging in with KDE
In this tutorial we install the LXQT desktop background on BlackArch Linux and then play around with some of the configuration options. 00:00 Introduction 00:18 Installation Command 01:02 Logging In with LXQT 01:52 Choosing a Theme 03:28 Binding Windows Key to Start Menu
In this video we use the sqlmap tool to dump the entire Juice Shop database schema. 00:00 Intro 00:33 Open SQLmap and access help menu 01:49 Basic SQLmap command 04:49 Reading the output (level and risk) 05:40 Prefixing the SQLmap payload 08:10 Forcing the backend DBMS 10:35 Dumping the database to a file 11:51 Nocast switch 14:45 Noescape switch to side-step length contraining mechanism 16:50 Dealing with server trimmed output 18:21 Increasing values for level and risk 19:55 Boolean based blind SQL injection 22:57 Dumping database with blind SQL injection attack 24:21 Exploring the database dump
In this lab we'll run an SQL injection UNION attack to determine the version of the oracle database that is running on the backend. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Introduction 01:18 Exploring the Lab 02:22 Proof of SQL Injection Vulnerability 03:22 Retrieving Oracle Version
In this video we answer the question 'what is double encoding'. We then use double URL encoding to bypass the security mechanims on our vulnerable web app to execute a successful directory traversal attack. 00:00 Intro 00:32 Exploring the lab 01:56 URL encoding 03:35 Double URL encoding 05:24 Submitting double encoded payload 06:03 Post exploit analysis 08:05 Explanation of 'superfluous' 09:43 Summary This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
What is blind SQL Injection and how does it work? In this video we explain the concept of blind SQL injection and make use of the Burp Academy labs to provide an example of how this vulnerability is exploited. 00:00 Intro 00:10 What is blind SQL injection? 04:32 Exploring the lab 06:15 Experimenting with the SQL query 07:18 Confirming existence of 'users' table 09:07 Confirming existence of 'administrator' user 10:25 Deducing the password length 12:05 Setting up Burp intruder 14:13 Intruder attack to solve password length 16:53 Deducing the first letter of the password 20:16 Using intruder to brute force the first password letter 25:00 Using intruder to brute force the entire password string 30:06 Solving the lab and summary This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we discuss the difference between DOM XSS and reflected XSS which on first glance may appear extremely similar. We enlist the help of the burp web academy lab - "DOM XSS in document.write sink using source location.search"
Is it worth using vanilla CSS in 2022? Should I just use a CSS framework instead? This a sample video from my new ‘Core CSS Mastery’ course. Use the following link for the full course. Thanks for your support! 🤍
In this video we install the Deepin desktop environment on BlackArch linux. Enjoy! Terminal install command - sudo pacman -S deepin deepin-kwin deepin-extra 00:00 Intro 00:33 Installing Deepin 01:18 Firing Up Deepin 01:54 Exploring Deepin This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we answer the question 'What is OS Command injection'. We also see a demonstration of the concept with a simple example where a web server is vulnerable to this type of exploit. 00:00 Intro 00:35 What is OS Command Injection? 01:38 Why 'whoami' command? 02:08 Exploring the lab 03:44 The OS command 06:41 Constructing and submitting the payload This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
We uncover an SQL injection vulnerability that allows for exfiltration of the entire database schema. We'll also learn what the database schema is and why hackers want it. 00:00 Introduction - What is a database schema? 00:34 Why do we care about the database schema? 00:59 Exploring the search box for possible vulnerabilities 04:05 Why the search box is not injectable 04:50 Tampering with the http request and submitting a test payload 05:40 Analyzing the exposed SQL query 06:42 Crafting an SQL injection attack 08:03 UNION SELECT, what, why and how? 10:29 SQL injection attacks for column enumeration. 14:29 Crafting the final SQL injection payload with reference to the SQLite docs. 16:26 Submitting the final SQL injection payload via the URL query string.
In this video we'll run a GNOME Desktop Install on Black Arch Linux. Linux commands used in this video - sudo pacman -S gnome gnome-extra (choose yes to the default options by pressing enter) 00:00 Intro 00:16 Installing the packages 01:01 Firing up GNOME from splash screen Note that there are 4 options available on the splash screen. GNOME and GNOME classic, both either with wayland or xorg display managers. GNOME represents the latest incarnation of the GNOME desktop, but many users prefer the GNOME classic look.
In this session we run a directory traveral attack against a server that is performing some rudimentary file path validation by ensuring the root of the file patch matches certain criteria. We'll see how to bypass this protection mechanism and run a directory traversal attack which returns the contents of the etc/passwd file. 00:00 Intro 00:22 Exploring the lab 01:28 Trying a basic payload 02:12 Server root path validation 03:24 Bypassing the security 03:51 Summary This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we'll answer the question 'What is File Path Traversal?' It's a type of web security vulnerability that allows arbitrary read access on directories that should not be available to an end user. In this lab we exploit vulnerable web images to steal the contents of the /etc/passwd file as proof of concept. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Intro 00:33 Why etc/passwd ? 01:15 Analysing the vulnerables images 03:21 Exploiting file path traversal vulnerability 05:13 Analysing the browser response to /etc/passwd request 06:55 Inspecting the response in Burp suite 08:11 Accessing the /etc/passwd through the browser 10:51 Summary
Running the Arch update command giving you headaches? This is the limited-patience version where we try to solve the problem as fast as possible. This is the QUICK VERSION for your Arch Update. We are running Black Arch Linux in this session. As a last resort we'll also discuss how to completely disable package signing in this video, which is generally not recommended, but may provide a quick fix (hack) at least. There are other update Arch videos on this channel that explain how to solve various update problems in more depth if you have the patience for it.
In this video we run a directory traversal attack by exploiting non recursive sanitation. What exactly is non-recursive sanitazation and why is it a potential security issue? We make use of burp suite's web security lab - "File path traversal, traversal sequences stripped non-recursively". 00:00 Intro 00:33 Inspecting the vulnerable request in Burp 01:26 Using traversal sequences 02:29 Recursive sanitization 03:46 Submitting a double-traversal payload This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we'll be solving the OWASP Juice Shop Challenge - Order the Christmas Special of 2014. This is part 5 of the SQL Injection series. Feel free to check out the other videos in the series although it's not necessary to watch them in order. Please like and subscribe if you enjoyed the content :) 00:00 Intro 00:29 Recapping on the SQL injection attack 02:30 Crafting a new SQL injection attack 03:07 Analyzing the JSON output 04:07 What is 'soft' deleting? 06:08 Getting the item id of the Christmas Special 06:37 Intercepting the http request to the cart 07:49 Tampering with the http request 08:33 Checking out to complete the challenge
In this video we install the Cinnamon Desktop environment on BlackArch Linux. Linux commands used in this tutorial sudo pacman -S cinnamon This content is provided free of charge. Buy me a coffee though! 🤍 00:00 Intro 00:22 Running the install commands 00:48 Firing up cinnamon desktop 01:08 Basic customization
CSRF stands for 'Cross Site Request Forgery'. It's a type of web vulnerability. What exactly is CSRF? How does CSRF work? We'll explain the concept behind CSRF and look at a demonstration of this web vulnerability in practice. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Introduction 01:11 Exploring The CSRF Lab 02:12 Analyzing the Vulnerable Request 03:39 Writing a HTML/JS payload 06:51 Attack Demonstration 07:25 Post Analysis 07:53 Solving the Lab
In this video we explain the concept of the security vulnerability SSRF or Server Side Request Forgery. What is it? How does it work? We'll demonstrate a basic SSRF attack against the local server. In other words, we'll manipulate the server into attacking itself. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Introduction 01:15 Exploring the SSRF Lab 02:27 Inspecting the HTTP Request 03:46 Tampering with the Request 05:09 Inspecting the Vulnerable Response 06:31 Solving the Lab
In this video we install and run Burp suite on Black Arch linux. We'll also be solving the 'illegal-access=permit' error which will prevent Burp suite from running. Although Black Arch ships with Burp suite by default, it doesn't work out of the box due to an issue with the default Java runtime environment used on Black Arch. We'll solve the error in this video as well as set up firefox to proxy both http and https traffic through Burp suite while making use of the Firefox extension Foxy Proxy. Linux commands used in this video pacman -Ss burpsuite - Search the package manager for burpsuite sudo pacman -S burpsuite - Install burpsuite burpsuite - Launch burp suite archlinux-java - Open arch linux java helper archlinux-java status - See currently installed and default Java versions archlinux-java set [version] - Change the default java version 00:00 Intro 00:12 Installing black Arch 00:42 illegal-access=permit error message 01:21 Arch linux java version helper 03:10 Running burp suite 03:43 Proxying firefox traffic through burp suite 05:08 Proxying https traffic through burp suite
In this lesson we'll see an SQL injection vulnerability allowing us bypass password verification to hack the admin and user accounts. We discuss in depth how the SQL injection works on how the resultant SQL query is modified. We then use what we have learned to gain access to a regular user account. 00:00 Intro 00:12 What we know so far... 00:38 SQL injection payload 01:14 Deconstructing the SQL query 05:14 Why the admin account? 05:41 Targetting a user account 07:12 SQL payload for the user account PLEASE REMEMBER TO ONLY USE THESE TECHNIQUES ON ASSETS YOU OWN OR ASSETS YOU HAVE BEEN GIVEN EXPLICIT PERMISSION TO TEST :) I am a whitehat hacker and do not have the connections to get you out of jail. :)
What is reflected xss or 'cross site scripting'? In this video we explain what reflected xss is and how it works. We'll also see an example of reflected xss making use of the Burp Web Security Academy. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Intro 00:10 What is cross site scripting? 00:30 Determining severity of XSS attack 01:11 Why is it called 'reflected' XSS? 01:39 Searching for and analyzing reflected input 03:17 Submitting an XSS payload 03:55 Implications of an XSS attack
We are going to be installing BlachArch on Virtualbox. BlackArch is a very cool linux distro geared around penetration testing. It is based on Arch linux unlike the most popular penetration testing Kali linux which is based on Debian. BlackArch is (depending on your opinion) has a slightly steeper learning curve than Kali, but it's great for those who prefer Arch linux and/or want a wider selection of pre-installed penetration testing tools. (We'll be using this BlachArch in later videos to solve some of the OWASP juice shop challenges). Perhaps we are already familiar with the process of installing a virtual machine via an ISO. An OVA image is even faster since it's essentially an image of an operating system that has already been installed. We'll use the OVA image in this tutorial. 1. Head to BlackArch official site and grab the OVA image (torrents recommended). 2. Run the OVA image through SHA1 hashing algorithm and compare to the checksum (SHA1sum). Although the image will still work without this step - if you plan on becoming a cyber security professional you should ABSOLUTELY NOT SKIP THIS STEP. 3. In Virtualbox go to file / import appliance. Choose 'Local File System', then open the file browser to select our OVA image. 4. Tweak appliance settings (if desired). The default settings will usually be fine however. 5. Choose Machine Base Folder (where we want our virtual machine drive to be located). 6. Choose Import, accept the joke software license agreement. Give it a few minutes, job done. Brought to you by z3nsh3ll. Like and subscribe only if you enjoyed the video.
In this video we solve the Burp Suite Web Academy lab - "SQL Union Attack Retrieving Data From Other Tables" 00:00 Intro 00:20 Inspecting the Vulnerable Request 01:06 Testing for SQL Vulnerability 02:12 Enumerating Columns Returned by the Query 04:00 Constructing the SQL Injection Payload and Extracting the Data 05:31 Solving the Lab with Administrator Credentials
This a sample video from my 'Core CSS Mastery' course. This is the first video 'Introduction to the Course'. Use the following link for the full course. Thanks for your support! 🤍 00:00 Intro to the course 00:21 What is CSS? 01:20 Who is this course for? 03:24 What will you learn in this course?
We install the LXDE desktop environment on BlackArch linux and briefly discuss the differences between LXDE and XFCE lightweight desktop environments. 00:00 Intro 00:29 Difference between XFCE and LXDE 01:00 Installing LXDE via terminal 01:26 Launching LXDE 02:36 Basic LXDE Configuration 06:11 Summary This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!
In this video we consider how a run a directory traversal exploit even though traversal sequences are blocked by the server. Solving this lab requires basic knowledge of absolute vs relative paths which we'll discuss in the video. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot! 00:00 Intro 00:51 Inspecting vulnerable image request 03:02 Traversal sequence: what and why? 04:13 Alternative attacks - absolute vs relative paths 05:17 Running the directory traversal exploit
This lab was provided by the burp suite web security academy for learning SQL injection union injection attacks. The task is 'determining the number of columns returned by the query'. It's technically a type of 'blind' sql injection attack since we are extracting data through looking at http status codes.
This is part 2 of the Core CSS Mastery course - 'Getting Started Styling Webpages With CSS'. Use the following link for the full course. Thanks for your support! 🤍 00:00 Intro 00:14 Recommended tools 01:53 Setting up the environment 03:22 Writing our first CSS
In this cyber security lab we run an SQL injection attack where we query the MYSQL version of the database running on the back end. This content is provided free of charge. Buy me a coffee though! 🤍 Please like and subscribe, it means a lot!