Python Web Hacking: PHP XOR | Natas (Level 11)

preview_player
Показать описание
  1. John Hammond
  2. python
  3. hack
  4. hacker
  5. hacking
  6. linux
Рекомендации по теме
Python Web Hacking: 0:16:56

Python Web Hacking: PHP XOR | Natas (Level 11)

Python Web Hacking: 0:09:55

Python Web Hacking: PHP Base64 & Hex | Natas: OverTheWire (Level 8)

Python Web Hacking: 0:06:32

Python Web Hacking: PHP Remote Code Execution File Upload | Natas: OverTheWire (Level 13)

Python Web Hacking: 0:09:21

Python Web Hacking: PHP Includes | Natas: OverTheWire (Level 6)

Python Web Hacking: 0:08:50

Python Web Hacking: PHP Command Injection | Natas: OverTheWire (Level 9)

PHP Type Juggling: 0:05:07

PHP Type Juggling: Python Web Hacking | Natas: OverTheWire (Level 23)

PHP Object Injection 0:14:39

PHP Object Injection & Serialization: Python Web Hacking | Natas: OverTheWire (Level 26)

PHP Session Hijacking 0:11:47

PHP Session Hijacking With XOR Encryption | OverTheWire War Games Natas Level 11

Natas Web Hacking 0:12:30

Natas Web Hacking 11 (XOR algorithm encryption)

Python Web Hacking: 0:06:39

Python Web Hacking: Local File Inclusion | Natas: OverTheWire (Level 7)

Cross-site Session Hijacking 0:08:29

Cross-site Session Hijacking : Python Web Hacking | Natas: OverTheWire (Level 21)

Python Web Hacking: 0:05:24

Python Web Hacking: Remote Code Execution | Natas: OverTheWire (Level 10)

Understanding XOR, encodings' 0:16:21

Understanding XOR, encodings' and reversing an algorithm - Natas11 - Overthewire.org - Walkthro...

Disallow Redirects: Python 0:03:54

Disallow Redirects: Python Web Hacking | Natas: OverTheWire (Level 22)

Bitwise Operators 3: 0:05:29

Bitwise Operators 3: The XOR Operation

Python Web Hacking: 0:11:07

Python Web Hacking: File Upload Remote Code Execution | Natas: OverTheWire (Level 12)

Bruteforcing PHPSESSID: Python 0:11:46

Bruteforcing PHPSESSID: Python Web Hacking | Natas: OverTheWire (Level 18)

Free Hacking Classes 0:00:16

Free Hacking Classes | Best Hacking Guruji #hacking #cybersecurity #hacker #ethicalhacking

Shradha didi at 0:00:16

Shradha didi at lpu 🤩 #apna college #viralshorts

Python Web Hacking: 0:09:56

Python Web Hacking: View Source | Natas: OverTheWire (Levels 0-1)

【PYTHON OPENCV】Bitwise operations 0:14:56

【PYTHON OPENCV】Bitwise operations AND, OR, XOR, NOT

XOR Encryption Vulnerability 0:02:33

XOR Encryption Vulnerability Natas 11 OverTheWire

Bypassing IPS with 0:10:55

Bypassing IPS with Hand Made XOR Encryption

Natas Hacking challenge 0:26:01

Natas Hacking challenge - solve level 11 - XOR encryption

Комментарии
Автор

If someone wants to do everything in python3:
1. For PHP function "xor_encrypt":
* convert each character in for loop to ascii (I used funcion ord()) then to integer (I used funcion int())
* XOR sign is the same, after XOR operation convert result back to char (I used function chr())
2. For JSON, I assigned to variable JSON structured string
3. For ciphertext:
* urllib in python3 is devided in smaller parts so 'unquote' is in urllib.parse. (urllib.parse.unquote)
* after b64.decode, python3 will show you result represented in bytes, so after b64decode one more decode (.decode('utf-8')) is needed
* to encode goood_ciphertext using base64, first you need str.encode() and then .decode('utf-8')

I think this is all, enjoy!

Vaso
Автор

This is fantastic- I haven't had any experience coding in PHP so this was really helpful and though I have used requests extensively in Flask and Django, its super helpful to see how it works on its own.
I would add that instead of bringing a hexdump of the XOR'd data from python and then decoding hex in PHP, you can simply bring over the cookie value into a variable if you want and then simply base64_decode the cookie value in PHP before running the function.
$cookie =

It keeps everything in PHP and cuts out an unnecessary step.

matthewbrown
Автор

Funny what I find is that they have a pattern circle I'm glad you have fun with cyber security and I learning as I can but I find digital programming is easier

sandra
Автор

This is awesome, im try to repeat on my system, everything its works !!!

norbertliszewski
Автор

what's the package you use for running python inside sublime, and do you know is there something similar for atom

ir
Автор

I'm fairly new to Python and have been trying to follow along in an effort to learn it a bit better but I'm using python 3 and it seems like there have been a lot of changes.. specifically for natas11 I can't figure out how to get the same output as John at 11:09. I appended ".decode('uft-8')" to the end of my string and was able to get a bit closer but can't seem to go any further... to get the whole xor encoded variable... any help appreciated

HundleBundle
Автор

help... anyone...
I use sublime text 3....
ctrl + shift + p... I don't see 'Tidy html'...
Now I don't use 'Tidy html' why...?? Let me know it... plz

bethe
Автор

good video but for the people that have 0 knowledge in scripting, python and e.g... it's very hard and fast..

TotemYuri
Автор

Could you make a tutorial about telerik fiddler?

mohamed-vvxb