Magic Bytes & Security: When file categorisation goes wrong [Capture The Flag Fundamentals]

preview_player
Показать описание
When presented with an unknown data blob, what process is followed for an application to determine that files type? What are the security concerns associated with this process?

In this video we are going to explore how data blobs are classified as files and some common Capture The Flag (CTF) and penetration testing tricks related to this classification process across Extension, Media type, Structure and Magic bytes.

🏆 The 247CTF channel is dedicated to teaching Capture The Flag fundamentals. If you want to improve your technical skills and succeed in Capture The Flag competitions, make sure to subscribe!

📺 Subscribe for more Capture The Flag videos!
📌Free flag ➝ 247CTF{9719c5ddf317154473d334f47a77ac6a}

🚨 247CTF’s channel videos are intended for educational purposes only. Methods and techniques discussed are not to be used for illegal activities against unauthorised systems.
  1. 247CTF
  2. Capture The Flag
  3. Computer Security
  4. CTF
  5. magic bytes
  6. magic bytes reverse shell
Рекомендации по теме
Magic Bytes & 0:10:01

Magic Bytes & Security: When file categorisation goes wrong [Capture The Flag Fundamentals]

Magic Bytes - 0:08:57

Magic Bytes - Unrestricted File Upload Vulnerability

'Magic Bytes' Simple 0:07:21

'Magic Bytes' Simple Hexediting

Bypass File Upload 0:07:20

Bypass File Upload Restrictions using Magic Bytes

File Signatures (Magic 0:06:56

File Signatures (Magic Bytes) - Steganography

file upload vulnerability 0:12:08

file upload vulnerability : Magic Numbers

NCL CYBER SKYLINE 0:05:53

NCL CYBER SKYLINE - Module Forensics - Solve This Challenge: Magic bytes

Understanding file formats 0:03:23

Understanding file formats and magic numbers

Passkey Redaction Attacks 0:00:49

Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication

How to Bypass 0:24:16

How to Bypass File Upload Restriction using Magic Bytes in DVWA Application Bypass Low, Medium, High

OWASP - File 0:21:22

OWASP - File Upload Vulnerability with Practical Video|Bypass Content-Type, Magic Byte, pentest blog

ZIP File Magic 0:08:05

ZIP File Magic Bytes | PicoCTF 2017 [41] 'Missing Identity'

File Upload Vulnerabilities 0:20:10

File Upload Vulnerabilities & Filter Bypass

Magic Bytes & 0:14:38

Magic Bytes & Hex Editing RCE | Natas: OverTheWire (Level 13)

AOC 2023 Day 0:22:52

AOC 2023 Day 5: File Signature 'Magic Bytes'

AoC 2023 - 0:25:19

AoC 2023 - Day 05 | Repairing File Magic Bytes / File Signature for File Recovery [Advent of Cyber]

BUG BOUNTY: BYPASSING 0:13:08

BUG BOUNTY: BYPASSING FILE UPLOADS LIKE A PRO #1 | 2023

MAGIC's 7th Capture 3:36:00

MAGIC's 7th Capture the Flag Full Event Program

Securing Bytes: The 0:00:39

Securing Bytes: The VPN Magic #cybersecuritytips #vpn

Malware Analysis - 0:09:30

Malware Analysis - Static Analysis - Magic Byte - 9

Magic number - 0:31:09

Magic number - File Signature | Security forensics | File formats | Codewithvamp

Magic Byte Demo 0:00:40

Magic Byte Demo

The Irrelevance of 0:52:04

The Irrelevance of K-Bytes Detection - Building a Robust Pipeline for Malicious Documents

firewall training for 0:02:57

firewall training for beginners - FILE EXTENSION EXPLAINED

Комментарии
Автор

💣💣💣 Guarantee it's impossible to have too many explosions in a security video 💣💣💣

CTF
Автор

Thank you so much dude, keep up the good work.

maxrinehart
Автор

Wow i did this a different way im going to try it this way now thanks again mate

zerosploit
Автор

Some day, this channel and the website will be huge

joyboy
Автор

So the most secure way is to use magic bytes?

yashgupta
Автор

I am too stupid to separate the jokes from the useful stuff. Too much going before my eyes. :(

harrywang