I apologize for the inconvenience caused by the annoying robot voice. Should i considered trying out wellsaidlabs.com/ for a more realistic AI voice over for my RU-vid content? Please let me know what you think about it. <3
Dear Sir. I love ❤️ sql injection 💉 hunting but problem is that I can't find hidden parameters in secured websites and can't bypass WAF using SQLMAP to get database. Inshort, Brother please teach us how to find hidden SQL injection 💉 vulnerabilities in extremely secured websites and how to get WAF protected databases using SQLMAP. I have solved all portswigger DVWA bWapp etc... labs but HackerOne Bugcrowd Intigrity real target websites are extremely secure to find SQL injection parameters and access to databases using SQLMAP. Please help about this problem... Best regards 🤝💯❤️🌺💐❤️🔥💥👍
Yes we can, First of all, in order to execute anything, you’d need to comply with the following conditions: - $_GET parameter - Which we’ll be passing the payload to - Version of PHP - 4.3+ for expect:// and 5.2+ for data:// - allow_url_include function enabled - In order to inject through the parameter Using the PHP wrapper expect://command, the expect:// wrapper is not enabled by default as it’s an extension from the PECL package (consider it installed for now). syntax: expect://[command] example: example.com/Keeper.php?page=expect://id Using the PHP wrapper data:// wrapper. Syntax: data://text/plain;base64,[command-encoded-in-base64] example: example.com/Keeper.php?page=data://text/plain;base64,JTNDJTNGc3lzdGVtJTI4JTI3aWQlMjclMjklM0IlM0YlM0U= in the above example, base64 encodes text is: <?system('id');?> useful links: github.com/swisskyrepo/PayloadsAllTheThings/blob/master/File%20Inclusion/README.md www.php.net/manual/en/wrappers.data.php www.php.net/manual/en/wrappers.expect.php www.php.net/manual/en/wrappers.php
@@LinuxSploitOfficial Yea your the only you tuber that goes into details of the attack also can you do a vid on linux enumeration <dont have to just a recommendation> bless you
Thank you for your video, it is really helpful! If we want to make the python script appropriate for RS256 algorithm encryption, not HS256, what modules should we use and how should we modify the code in order to produce the corresponding signature? Thanks a lot.
