GoogleCTF - Cross-Site Scripting "Pasteurize"

Подписаться 1,7 млн

Просмотров 97 тыс.

50% 1

Hang with our community on Discord! johnhammond.org/discord
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: paypal.me/johnhammond010
GitHub: github.com/JohnHammond
Site: www.johnhammond.org
Twitter: / _johnhammond

Опубликовано:

25 авг 2020

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 165

@frankfernandez1957 3 года назад

John: Im a newbie, still have a lot to learn Me: *sobs*

@ucheugbomah2228 4 месяца назад

me too 😂😩

@mrhappysmiley2968 3 года назад

This was incredible! Loved it! Never seen a challenge like this. This was very valuable to me. Please make more.

@christianrang5782 3 года назад

I really enjoyed seeing the thought process. This was one I was super close to solving, but I'm a noob at XSS. I didn't know any cool tricks like shown in the vid. Keep up the great content!

@SiyuJiang 3 года назад

Your content is great. It’s easy to follow, and I really like the perspective that we get when you show how you think through the challenges

@Stupid_Money 2 года назад

Definitely a good beginning point to have your video on ctf. I just became proficient in Javascript a couple months ago and being able to follow along with this task really motivated me!

@granitbajraktari1600 3 года назад

Just a heads-up: at 19:40, when you wanted to only POST to the first URL and then follow the redirect without POST, you could have just dropped the "-X POST", since "-d" already implies POST, and curl would have followed to the redirected URL with GET.

@markgentry8675 3 года назад

That was actually super awesome. Thanks heaps my bro. love your honesty. that was not an easy challenge. you're such a smart dude it's kinda nice to see you need the help of others too.

@Brontosauredumarais 3 года назад

Thanks John, super interesting! Can’t wait to see the new challenges you are preparing!

@LESLEYYY0 3 года назад

Would love to see you do the other ones :p

@liamlouw4643 3 года назад

John ima need you to chill on these videos, my sleep schedule can't take it!! Loving them man, really fun to see your thought process!

@mossdem 3 года назад

This really helped understand XXS properly. Now I feel I can learn a little more! I would love to see a little shortcuts video. You fly around a terminal and subl! Maybe even just a little write-up, just a thought but great video

@BCRooke1 3 года назад

The b/1337 is just a reference to a bug ID. At Google they use an internal bug tracking tool called buganizer, and short links are in the form of b/bug-id. Usually you see this in the code: TODO(b/5746327): fix foo

@ancestrall794 2 года назад

I thought 1337 meant LEET

@userou-ig1ze 2 года назад

@@ancestrall794 that is what it stands for...

@nft_explorer 3 года назад

You are so so good man, its interesting to watch your videos and learn from you.

@novanuke1356 3 года назад

I think I need to start reading more writeups. I've always tried to do a CTF and if I can't get it after trying for some time I guess I usually walk away and I end up not actually learning from the CTF which is the point. Great video man!

@AdiSings2023 2 года назад

ye. the struggle is real

@krlst.5977 3 года назад

Real good explanation, i came here from LiveOverflow where he covered this CTF and mentioned yours explanation and, no offense for LiveOverflow :-), now i got it much clearly. Thank you!

@rodrigo1300 Год назад

A lot of people out there try to portrait something that they aren't and seeing someone like you being honest about not solving this CTF. Respect

@LUKESLYTALKER 3 года назад

I’m getting buff doing all these cURLs bro!

@harshrai6259 3 года назад

Really insightful video 👍 and now I want the pleasure of finding those flags I feel so lucky to have a node js and js background

@maoropizzagalli4153 3 года назад

Glad to see I'm not the only one you get discouraged when those things happens. Lesson learned I hope, Thank you papa for the teaching

@4ag2 3 года назад

Amazing content always! I struggled so much last weekend hopefully I learned a lot!!! thnx

@ibragimabdulazizli4230 2 года назад

Wow! You are the one who leads to how to think as a hacker. I searched looots of sources to learning CS. And you are my fav. Thankss

@ryansoma6782 3 года назад

Thank you ! , can't wait for another google ctf web challenge video !

@xFreeman4 3 года назад

Pretty Nutz! Keep up the good work man!

@gaurav1565 3 года назад

It'll be really nice if you did the other web challenges as well. More than the solution seeing the rabbit holes and methodology of sorts is really important.

@yoshi5113 3 года назад

Thanks u Sir.. love the way you explain all the stuff 👏👏👏

@JustFun-dj3pq 3 года назад

Great walk through, love your video

@newuser2474 3 года назад

First time motivated by watching your video

@mina_ashraf 3 года назад

Hey John, Amazing content as usual. I have a small question, where would you recommend for a python beginner to learn the necessary libraries and tools? Do you suggest a specific course or a website to learn the tools that you usually use such as pwntools, Crypto, requests, and so on? C++ is just not the tool for something like this

@arshiyakhan6789 3 года назад

Thank you bring more these kinds of ctfs and python scripting.

@exoooooooo 3 года назад

You are very kind and humbly willing, to tell the truth when you solve this with the help of others. It's not like someone there who considers himself as "a hacker that your friends told you about" but is only good at making videos and making up a tale.

@tecdom 3 года назад

Muito bom!!!!! Grato por compartilhar seu conhecimento. Aprendo muito com seus vídeos.

@adhilazeez6039 3 года назад

Awsome bro... You're inspiring us... Thank you.

@rootdev8106 3 года назад

At first I assumed the solution was to post because .slice(1, -1) would only remove the outer ;) Nice video, keep it up!

@akashrakshit8446 3 года назад

Wow dude thanks 👍🙏🏾 loved it

@KDevGaming1921 3 года назад

Thank you for this learned a lot from this video.

@dylanhess4906 3 года назад

Thank you for this video please post more of these

@orange6946 3 года назад

Actually really interesting. It did strike me as odd that he used JSON.stringify when there was really no need, but I would have never looked much farther than that. Good content!

@abhisurwade 3 года назад

Appreciate the video walkthrough.

@R4B3326 3 года назад

Missed the live Stream, but loved the video!

@Dogelition 3 года назад

I think the Tracing challenge would make for another great walkthrough video!

@q-bert558 3 года назад

Thus was incredible!!

@claythearc8342 3 года назад

You may have answered this later in the video but b/1337 or any number is generally just shorthand for Bug 1337 or Bug whatever that's being tracked on some external issue tracker.

@whistletoe 3 года назад

keep up the good work!

@jimanky 3 года назад

Thank you so much for sharing your knowledge. +1 sub

@ta8ta841 3 года назад

more google CTFs will be appreciable

@Ulyeney 2 года назад

Thanks, John

@kyngcytro 3 года назад

Dude I didn't even know something like hookbin exists thanks John and yes I'm a John too 😅

@peterarbeitsloser7819 3 года назад

#commenting_for_the_algorithm You are great John!

@ziil7525 2 года назад

very cool ctf real video, thanks man.

@dlcrdz00 2 года назад

wow...it always amazes me how much information and syntax you input for the CTF. How did you learn all this stuff? haha

@rafaelgontijo5792 2 года назад

Absolute amazing!

@ch33zer 3 года назад

The b/1337 refers to a bug on Google's internal bug tracker, commonly accessed on the intranet at b/$bugid. I'm surprised they left this in for an external event. Source: I'm a google employee :)

@cam545 3 года назад

I'm here for the F U L L F R O N T A L honesty. 13:30

@KaleshwarVhKaleshwarVh 3 года назад

I lost it when cookie and hookbin came up. I'm weak there.

@erickgiffoni 3 года назад

that was very cool ! thanks !

@nicktm2005 3 года назад

great tutorial ... like always ... thank you

@mahfuzkabir7812 2 года назад

This was great!

@siddharthjohri2935 3 года назад

Very Nice video just as always. Stay frosty.🥶

@shivambeeyani6758 3 года назад

for the algo Always love your videos, especially because I'm shit in web challenges

@Hexbyte965 3 года назад

Awww, I missed the live stream.

@ratatouille7301 3 года назад

Hello, thanks for this video. How did you know about the "[ ]" in the "content[ ]" ? How can I find it if I'v never seen it ?

@Dogelition 3 года назад

If you look at the body-parser documentation here: www.npmjs.com/package/body-parser It says "The extended option allows to choose between parsing the URL-encoded data with the querystring library (when false) or the qs library (when true). [...] For more information, please see the qs library. If you follow that link, you can see a bunch of examples for how it lets you parses variou query strings into objects/arrays.

@captainsalazar7166 3 года назад

Sir please tell us how did you install that sublime build view? I am looking for it but couldn't install it. I am using sublime text 3

@ElliyahuRosha 3 года назад

Hi, john. Can u point me to an article which discusses when tp use request.session() and when request.get/post() ? Thx

@bazboz1468 2 года назад

not disrespect you, but mid vod i had this idea 💡 of a drinkin game, when ever you say peculiar we take a shot 🥃 now i continu watching i love what you doing btw keep up the good work ❤️

@matthewshen 3 года назад

This was the only challenge I got. Can you also explain some other challenges as well?

@somebodystealsmyname 3 года назад

Hey John, take a look at webhook.site, I think the UI is much more intuitive for XSS/SSRF/CSRF.

@eeengoh5189 3 года назад

It doesn't work on hookbin for me for some reason, but webhook does ! Thanks for the recommandation !

@immyslave2952 2 года назад

thank you so much!!!

@samsepiol6355 3 года назад

Cool video!

@moriartyshelby1618 3 года назад

something never be changed..: "Hello, my name is John Hammond.."..NICE

@RonaldRaiden 3 года назад

I have no idea whats happening, I'm currently learning how binary runs through cables/routers/nodes etc. But this looks super cool I wanna get into security stuff

@nmg555w 3 года назад

note that sending the object using the url encoded parameter is only possible because of the `extended=True` bit below the comment saying "we need this for the captcha for some reason" :) (understanding this was for me the clue that helped me solve the challange)

@Wakkas 3 года назад

Hey John, I'm an officer for the Cyber Security club at my university. We would love if you could come in for 30 minutes and give a talk about some pen testing or any networking exploits that are interesting to you!

@_JohnHammond 3 года назад

Feel free to send me an e-mail, I'm always happy to hang out! :)

@inginerdemulslapte9378 3 года назад

Johnito, thank you for you video!!!11!!!!

@_JohnHammond 3 года назад

Thanks so much for watching!

@bruh_5555 3 года назад

Why does log-me-in above pasteurize in the challenge list have only 7 points or has it been solved by too many people or my eyes aren't working??

@h8handles 3 года назад

My name is, what? My name is who? *imitates turntables zickazicka john hammond *to the tune of my name is slim shady*

@amellcotts6650 3 года назад

Please continue doing those.

@mr.meatbeat9894 Год назад

Thanks dude!

@muhammadbellabuaynunyai2754 3 года назад

I love you solved this problem

@krlst.5977 3 года назад

The one question how it supposed to get where issue is by this "b/1337"? I know it means leet but how it leads to JSON.stringify row of the code, can someone explain please?

@nessiev780 3 года назад

Hmm, i really dont have a clue about anything going on here, but i still watched it

@tenex 2 года назад

I really liked but I got list and cannot understand how figured out the double slash

@abhinavkishoregv273 3 года назад

aswm broooo

@BrahimN09 3 года назад

we want more

@amir.m5550 Год назад

you are great.👍

@karimmohamed3744 3 года назад

Loved it

@farjamfarahbakhsh9030 3 года назад

when did Ed Sheeran become interested in IT?!! JK :)) Thanks John for good content.

@maxxxy910 3 года назад

YESS PLEASE DOO MORE OF THESEE PLEASSEEEEEE!!!!!!!!!

@ChupoCro 3 года назад

How come the microphone character 🎤 @7:10 in your Sublime is in color?

@gopalmore315 3 года назад

Excellent

@tears_falling 3 года назад

feels good to know node

@msalih 3 года назад

awesome!

@darklord_656 3 года назад

Sir can u also explain both rev and pwning in google ctf . Please

@karanagarwal282 3 года назад

Please provide links to the writeups you are talking about....

@MrJCollector 3 года назад

Please do the REV beginner ones!

@humanflybzzz4568 3 года назад

Wait a minute, is that a guinness water bottle on your table there... where can I get one ?

@techchannel3107 3 года назад

hey pls replied me why d you use usr/bin/python3 . we need in kali linux?

@sheepy0125 2 года назад

that's the path to the python3 executable file

@NoONE-bk7ud Год назад

i like how said i'm not that good

@BrainFood155 3 года назад

So was the "JSON.stringy()" portion unnecessary? It doesn't seem like your exploit at the end used what you learned from the JSON.stringify()? Or am I missing something?

@zwiebelopi9898 3 года назад

Vincent Zhen Did you actually watched the video? He was creating a post request and assigned an object to the content parameter. Because it’s an object, Json.stringify allowed to break out of the double quotes.

@BrainFood155 3 года назад

@@zwiebelopi9898 I did watch it but I don't know JS very well. I saw that he was sending an object via the POST request but I didn't understand how `content[]=` was the object in the JSON.stringify(). I think I get it now though. Thanks