Abusing PHP Session Handlers: Python Web Hacking | Natas: OverTheWire (Level 20)

Показать описание

Рекомендации по теме

Комментарии

man I love your content. you move quickly but the vids are short enough I can watch them multiple times and I get it lol. keep up the good work bro

padaloni

Is the ctf still online, so I can check my idea? My first intuition was to add a key with a space (admin 1=), it would be great if I could verify that.

StefanSchlott

Thanks for the video, I discovered the google ctf thanks to your channel, but where can I find the photo of the kitten fleeing spions maskots ? I tried googling it but I can't find it.

marouaniAymen

I wonder, throughout the videos I've noticed that in Sublime text there's also php displayed, however all php is hidden in dev tools if I remember correctly. Does it mean that you can sort of see more with python than with regular dev tools in terms of php?

poryg

I still dont get it, why do we do the \n and get to new line and then put admin 1 and it works, please i need a little explanation on this

ArkanoidGaming

very nice, I need to know how can I practice and improve my programming skills if was web application code revewier, build an application or read a specific book or what I need to reach expert level and find vulnerability?

farisfaisall

The way I found ur account is by someone writing your YouTube on the wall in the men's bathroom at my work 😂

milkymercury

I achieved RCE through XSS on the Router UI challenge for the google ctf, but I don't know what to run to get the flag. Any suggestions?

RitobanRoyChowdhury

I didn't understand this at all
Why do we want to add a new line?
Why wouldn't work only with "admin 1"?

maripallacosta

Is the source code always this easily accessible?

alexpaww

Abusing PHP Session Handlers: Python Web Hacking | Natas: OverTheWire (Level 20)

Abusing PHP Session Handlers: Python Web Hacking | Natas: OverTheWire (Level 20)

PHP strcmp Abuse: Python Web Hacking | Natas: OverTheWire (Level 24)

Exploiting a custom session handler - Natas 20 - Overthewire.org - Walkthrough

OverTheWire Natas Level 19 - PHP Session Hijacking 2

Cross-site Session Hijacking : Python Web Hacking | Natas: OverTheWire (Level 21)

OverTheWire Natas Level 20 - PHP Session Hijacking 3

Natas 20 | Abusing Session Handlers | OverTheWire Wargames

More insecure session identifiers - Natas 19 - Overthewire.org - Walkthrough

PHP Type Juggling: Python Web Hacking | Natas: OverTheWire (Level 23)

Insecure session identifiers - Natas 18 - Overthewire.org - Walkthrough

Python Web Hacking: Random Hex PHPSESSID | Natas: OverTheWire (Level 19)

OverTheWire Natas Level 18 - PHP Session Hijacking with Burp

Insecure configuration with shared hosting - Natas 21 - Overthewire.org - Walkthrough

Disallow Redirects: Python Web Hacking | Natas: OverTheWire (Level 22)

Natas 18 | Brute-Force Session Hijacking | OverTheWire Wargames

How to handle session expiration in BURP with macros?

LFI to RCE with User-Agent: Python Web Hacking | Natas: OverTheWire (Level 25)

Exploiting Local File Inclusion and defeating filters - Natas 25 - Overthewire.org - Walkthrough

Natas 19 | Hex Hunt: Crack the Code, Seize Admin Control! | OverTheWire Wargames

Over The Wire - Natas Level 18

Bruteforcing PHPSESSID: Python Web Hacking | Natas: OverTheWire (Level 18)

The hardest PHP challenge ever? Race To Win - Typhooncon CTF - Web

SQL SELECT Tricks & Truncation: Python Web Hacking | Natas: OverTheWire (Level 27)

10- Session Handler Interface