Greetings from BorgBackup development! Nice hacking, but maybe you want to clarify the video title: You did not decrypt a borgbackup archive with hashcat. What you did is crack an apache apr1 hash with hashcat, which revealed a password that was also used as the borg key passphrase. So you had the borg key and the cleartext passphrase to use the borg key and that's all needed to use that key and the repo protected by that key.
yo, does hazedumper still get updated? if can u post a follow up tutorial for something on CS2(im copying the cheats rn *yes im writing them not C+P* and if they dont work i will be mad but at myself cuz this a 1 year old vid) Update: Did not work, got the error that i expected: could not read or write memory, i know this is being because the github is for csgo. sooo ima try to do something
Very clear explanation. The odd thing on my end however, is that even on low difficulty, I do not see an included website for RFI like you do on 1:42. Stuff like ../../hackable/flags/fi.php and etc/passwd work just fine, but I do not see an additional website on top like in your video. Any idea why?
seems to be missing the (and stop it from crashing), also the psrok1's command requires super user permissions to write to the proc filesystem, so its completely useless. Not helpful bruh
The problem with echo 0 > /proc/sys/vm/dirty_writeback_centisecs is that you're still not a root-user as you're trying to do it, and you receive the message "Permission denied", because the proc-file belongs to root. Otherwise the expoilt crashes the machine. So no way to solve it, it seems.
Signature Scanning. You can scan memory for an array of bytes that matches a pattern for example, maybe the heath offset has the patter AA ?? CD ?? BB EB.
Excuse me, I would like to ask you a question about a video made 10 months ago that explains how to create a bafckdoor. I would like to know how to create a backdoor between different networks and also tell him that the backdoor I created following his video doesn't work.
I've been using Vim for about 2 years now, mostly because I can't figure out how to exit it. - miro.medium.com/v2/resize:fit:1100/format:webp/1*dsX-MVvd62GAO3CfyUoCLQ.png
The actual files of the server might be only 2 folders into the root folder for example they might just be in /var/dvwa (just guessing) so you only need to specify ../ twice and even if the folder is only 2 folders into the root folder you can pass as many ../ as you want.
@@drewalleman thanks for the answer and I understand what you mean but even if I simply put ?page=/etc/passwd it still works regardless of the path mentioned. The path traversal here doesn't make sense, it should've been 5 times like you did. It works in all situations such as ?page=/etc/passwd, ../etc/passwd, ../../etc/passwd you get the idea.
@@xt355 Hmmm intresting. I understand why the /etc/passwd worked with no "../" in it because you are passing the absolute path to the file (this is typically disabled). But I don't know why it worked with just 2 "../" what security level were you on when you tried this?
Nice video, thank you, can you make a videos more simplify, like learning how to c***k step by step, and how to read memory in binary the tools used.... You know like this staff. Anw why's thank you
For what he's doing yeah they would. You'd need to port forward or use some sort of dns server. It's been ages since I've done anything like that so not sure whats the best but I have used no ip before. You'd then set the ip and port of your dns server and then you'd be able to do this anywhere theoretically. Or you can port forward on your router. All depends what it's for and how secure you want to be
great video. yall ever try binject? it keeps functionality of binaries (if you want) and launches your own custom exe or shellcode. that way you dont have to make a 1000 custom binaries. fyi its golang so the exe is gonna be fairly large, but at least its statically compiled.