Hacking an organization with one of the most stealthy and dangerous web attacks

Подписаться 30 тыс.

Просмотров 6 тыс.

50% 1

DNS exfiltration over HTTP is a stealthy attack that enables you to bypass web application firewalls. Not many security researchers and penetration testers fully understand it. So in this video, we dive deep on what is DNS exfiltration and how it works and how to use it to bypass firewalls and maximize the impact. make sure to subscribe and turn on the notifications bell.
{----- Lab -----}
github.com/leetCipher/bug-bou...
{----- Support -----}
/ leetcipher
{----- social -----}
/ leetcipher
{----- Video chapters -----}
0:00 intro
0:13 lab setup
1:04 lab overview
1:33 fuzzing the vulnerable parameter
3:20 tcp vs udp traffic
4:13 what is dns
4:43 interactsh
5:17 installing interactsh
5:53 how dns servers handle domain queries
6:21 testing our theory
7:00 domain name anatomy
8:05 planning the attack/exfiltration
9:27 implementing the exploit in bash
10:33 running the exploit in burp suite
11:37 implementing the exploit in python
12:29 running the exploit in burp suite
12:57 decoding the payloads using python
13:45 adding even more constraints
14:27 adding a custom base64 encoding to our exploit
15:03 running the exploit in burp suite
15:18 decoding the exfiltrated payloads
16:03 outro
#hacking #bugbounty #penetrationtesting

Наука

Опубликовано:

2 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 48

@LeetCipher Год назад

while True: subscribe(channel) like(video) share(video, everywhere)

@seiv- Год назад

Those "small" security channels are the most underrated channels on youtube, and they are my to go place for ACTUAL GOOD CONTENT (and not influencer like content)! Keep up the great work mate! Liked + Subbed

@user-ho9or2mf9k 3 месяца назад

what are some others

@deadbeef2482 Месяц назад

+1, agreed so much

@sidss007 Год назад

Awesome video. Video's like this make me feel that there is so much to learn and I don't know anything 😂

@WebWonders1 Год назад

You know what i have been addicted by your content to see again and again. Thanks 🙏

@fahimhussain2704 Год назад

Great to see you uploading again!

@orestefanovic8961 Год назад

Some awesome content you are putting out man!

@martint1775 Год назад

This video was great! Please don't stop creating these

@mizudatsuraku5590 Год назад

You're one of my favorite channel when it comes to Security. Thank you very much for giving us a high quality content.

@dev__004 Год назад

Another awesome video as always. Worth the wait . It would be great if you uploaded more frequently!!❤

@S2eedGH Год назад

what a perfect explanation ! Thanks for great content

@janekmachnicki2593 11 месяцев назад

First time i see you here and Im so impress .Thanks

@nicollasalcantara6907 2 месяца назад

I subscribred in this channel, really good content.

@hexormc5164 Год назад

Wow i didn’t know u uploaded a new video,you’ve inspired me once again

@Techbeam Год назад

The skills i need to acquire , i smashed subscribe button when I saw your first video . As a beginner it's very hard to grasp this but I'm still getting something out of it 😊 , i understand the effort you taking for this video as a youtuber please don't stop this , keep going ❤❤❤

@WebWonders1 Год назад

Also your previous video of ssrf using dns rebinding techniques result my first bounty of $200 that's why I love your videos 😊

@jissjose1382 Год назад

Awesome tutorial out there

@md.omarsharafi7528 Год назад

Your videos are so awesome i usually revise those in every few days. Although I have subscribed and turned on the notification, i visit your channel oftentimes to see if you have uploaded new video. 😂 But why didn’t you tried hex encoding? Isn’t hex encoding best for dns based data exfiltration? What if python or dig was not installed?

@sajeed433 Год назад

Nailed it! Perfect. Could you please start teaching from scratch or share the roadmap you have followed?

@tayeblagha484 8 месяцев назад

great Tutorial

@0RIPPER0 Год назад

bro u r genius man !!

@neiltsakatsa Год назад

Awesome 😎

@darccau7204 Год назад

Welcome back

@draxler.a 10 месяцев назад

keep going ❤

@cair0_ 4 месяца назад

Nice bro

@warnawarni5227 Год назад

amazing

@aswins7781 Год назад

Love you bro, you're fcuking genius

@DZbugbountyhunter 11 месяцев назад

perfect

@yasharote1602 7 месяцев назад

GOLD

@sahilabbasi7184 Год назад

Bro how to develop mindsets just like you 😭😭💔 pls reply me 😭 i have 5 year experience still I am not able to find bugs 😞

@berthold9582 Год назад

Blind os command Si c'est moi je ne serai pas aller si loin chapeau hacker

@ByteBandit-777 4 месяца назад

Can you make a video like how did you become a penetration tester able to find real bugs in bug bountys please ?

@seiv- 11 месяцев назад

Small question: why did you apply b64 and then on top of that you applied b58, and not applied b58 which has no special chars directly from the beginning?

@LeetCipher 11 месяцев назад

That's actually a good question. Unix-based distributions do not have the base58 binary installed by default, which means there's a high chance our attack won't work, and it was also for demonstration purposes, that's why at the end of the video, we showcased the same attack with only base64 implemented from scratch, and then we converted the special chars to ascii representation.

@m7mad540 Год назад

❤‍🔥❤‍🔥❤‍🔥❤‍🔥❤‍🔥

@manishbasnet5230 Год назад

Omg 😮

@warnawarni5227 Год назад

is it possible to do this trick on any Blind SSRF with HTTP ping back?

@janekmachnicki2593 11 месяцев назад

I have a problem.When i send domain;echo code thru burp it does not save it in /tmp directory .How come is like that .Any clue ?

@cybersec9345 3 месяца назад

Cool, do you have a course on udemy?

@ca7986 Год назад

Man you are fuckin genius!

@DONTLAUGH Год назад

😲

@JuanBotes Год назад

\o/

@artieschmidt3039 11 месяцев назад

the error sound transition is very irritating sorry

@manan5 Год назад

hey man you are an awesomee teacher! do you have a twitter account or something?

@drsaqi649 Год назад

do u have discord?

@flashbrutal Год назад

i saw the same kind of ctf challenges on VishwaCTF2023.. in a web Challege . it was checking if domain was active or not. eventually came out with blind rce

@LeetCipher Год назад

nice