Hackers can change your passwords with this exploit..

Подписаться 756 тыс.

Просмотров 16 тыс.

50% 1

Checkout AppMySite and convert your website to native mobile app in minutes!: www.appmysite.com/?ref=intern...
In this video, I demonstrate Host Header Injection and how hackers exploit this vulnerability to reset passwords of users on a website.
DISCLAIMER: This video is intended only for educational purposes. The concepts showcased in this video are completely from a penetration testing perspective. I do not promote or encourage any illegal hacking activities.
Host header injection vulnerability exists when a website takes the Host value from the request header and processes it in an operation like construction the password reset URL for a user. When this happens, the request is directed to the attacker's server instead of the actual web server of the website.
In this video, I showcased this vulnerability on a retired HackTheBox machine called Forgot.
Check out this machine here: www.hackthebox.com/machines/f...
Thanks for watching!
SUBSCRIBE for more videos!
Join my Discord: / discord
Follow me on Instagram: / teja.techraj
Website: techraj156.com
Blog: blog.techraj156.com

Наука

Опубликовано:

14 авг 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 54

@prashantsingh6606 11 месяцев назад

Bro I really like your content, your content is very very good not like other trash channel, I suggest you to create a parallel channel where you can upload small reel on your content , probably in a year you will be famous among developer

@ashwinkannan4652 11 месяцев назад

Yes that's a very good opinion

@akashbhagwat3696 11 месяцев назад

Totally Dope Content in this channel. Recommended to all my friends. Great work. Keep going brother will support you !

@dotak9663 11 месяцев назад

hey teja from where i should start learning hacking any roadmap, you suggest to beginners

@TechnoEveryday 9 месяцев назад

4:40 does gmail scans the URL on our Android phones?

@PROFES50R 10 месяцев назад

Hey tech raj I recently watched your video relate to discord hack. I want to ask something if a hacker grabs your token can he get hack my other ids too or get my ip?

@TechnicalHeavenSM 11 месяцев назад

Such a nicely and neatly explained video❤❤❤

@MohsinIftikhar-1 10 месяцев назад

Many people are connected to my wifi but i can't see their mobile name only mac address and ip address i can see ...can u tell me solution how can i see their mobile name

@SteveBClark 11 месяцев назад

Why you won't make a cybersecurity course

@Doxmilitary1 10 месяцев назад

Needs help how can l hack an aviator predictor game on sports bet please

@sanjaytheboss9938 10 месяцев назад

Broo someone Miss use my photos please help me to delete that photos please reply fast

@kurulusosman19024 11 месяцев назад

How to visit the website.

@hackerzone3292 11 месяцев назад

bro that was awesome.. I learnt this today after so long days.. please make such videos on bug bounty please

@getreadytotube 10 месяцев назад

Thanks! Wow!

@M.V.A.SHORTS 7 месяцев назад

Sir how to terminal htb forgot kashi kare

@user-lv7bz4nz1h 11 месяцев назад

How to visit website

@athul2532 11 месяцев назад

How to find these vulnerability in real websites

@ItsDoros 11 месяцев назад

Everything clearly explained❤

@samuel_craft57 11 месяцев назад

Does that work with Microsoft accounts too? Mine got hacked and the guy chaged my E-Mail

@samuel_craft57 11 месяцев назад

Well see about that lmao@@DDD9216A

@santaclaws1508 11 месяцев назад

very situational but interesting learn either way

@cyberdudegaming 10 месяцев назад

I have one old frnd his name is raja.. n3t attacker like this.. before 10years .. is it you ?

@1.1kSubChallengeWithoutAnyVid 11 месяцев назад

So in summary, we just put our ip address then wait for the reset token. Our priority is reset token.

@manjula_1 11 месяцев назад

I know this before, and i tried modifying host!, now i am using env for host

@jesusdacoast872 11 месяцев назад

Thank you so much

@bhaikicoding1989 11 месяцев назад

plz tell me where i can learn linux that can help in cyber security?

@user-dc7cr3lj9h 10 месяцев назад

Deangelocrack

@user-dc7cr3lj9h 10 месяцев назад

She can assist you

@45.editss 11 месяцев назад

bro y r u not replying

@hackersandy7712 11 месяцев назад

Commenting just to boost the algorithm

@aminsec 10 месяцев назад

damn bro this thing is scary

@News_0302 10 месяцев назад

Any one help me i have infinx phone hot8i i deleted my sms by mistake recovery possible please tell me

@user-dc7cr3lj9h 10 месяцев назад

Deangelocrack.

@user-dc7cr3lj9h 10 месяцев назад

She can help you

@News_0302 8 месяцев назад

@Smithgeaoge yes i need help

@News_0302 8 месяцев назад

@Smithgeaoge ok tell me how is this possible

@_AayushKumar 11 месяцев назад

What is this vulnerability known as ? By the way very much informative videos and great presentation got to learn so much new things.👍❤

@SPOJerry 11 месяцев назад

host header injection vulnerability i believe

@coolu 11 месяцев назад

does this mean i can get back my old xbox account and finally retrieve the memories that i thought were lost forever?

@coolu 11 месяцев назад

nevermind i just realized that this is about hacking websites or smth lol

@rajaconstantine 11 месяцев назад

Yes No Ok bye

@coolu 11 месяцев назад

brh i know i cant @@rajaconstantine

@TheAKAnonymous 11 месяцев назад

nice👍👍🤟

@thilakreddy1904 11 месяцев назад

🔥

@dineshdevanaboina9443 11 месяцев назад

Big fan

@user-cj7ie1lr9g 10 месяцев назад

What you do for living bro

@razalkp 11 месяцев назад

@stevdodd7515 11 месяцев назад

😮

@technicalcreator3618 11 месяцев назад

@murisamajaliwa3405 2 месяца назад

Your contents are not beginner friendly for real

@quickkcare605 11 месяцев назад

Many you really are shadow banned