Тёмный

SSRF bypass using DNS rebinding 

DevSec Hacker
Подписаться 823
Просмотров 2,9 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

Опубликовано:

 

21 окт 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 22   
@DevSecHacker
@DevSecHacker 6 месяцев назад
if you want to support my work: www.buymeacoffee.com/devsechacker
@askholia
@askholia 7 месяцев назад
I appreciate this video! Great work!
@DevSecHacker
@DevSecHacker 7 месяцев назад
Thank you. It pays off all the time that I spent.
@Anonymous-cx7ht
@Anonymous-cx7ht 5 месяцев назад
Never commented on any video love the way you told 😮🎉
@DevSecHacker
@DevSecHacker 5 месяцев назад
Thank you. Then do support by subscribing.
@vineet1
@vineet1 8 месяцев назад
Excellent .. Bro .mastu chepinav
@DevSecHacker
@DevSecHacker 8 месяцев назад
Thank you. Do subscribe and you will get more content.
@allanguwatudde7623
@allanguwatudde7623 7 месяцев назад
Great explanation
@DevSecHacker
@DevSecHacker 7 месяцев назад
Thanks and please do support by subscribing to my channel for more videos like these.
@ashish_gupta307
@ashish_gupta307 Месяц назад
Bro it would be helpful if you increase the volume in the video. Someone surfing RU-vid over mobile for good cybersecurity content would easily bypass this video b/c even at full volume I am not able to listen it.
@DevSecHacker
@DevSecHacker Месяц назад
Yeah....It was an old video and I changed the volume settings in later/recent videos.
@SameerAhmad-gt4fe
@SameerAhmad-gt4fe 8 месяцев назад
I’ve found this when I ran nuclei on my target and didn’t know the exploit. So it is necessary to find ssrf first to chain with dns rebinding?
@DevSecHacker
@DevSecHacker 8 месяцев назад
If there is an SSRF issue and if target is restricted to do internal ip scanning then you can use dns rebinding to bypass the restrictions. Even if they restricted aws metadata ip address also you can bypass it using dns rebinding.
@SameerAhmad-gt4fe
@SameerAhmad-gt4fe 8 месяцев назад
@@DevSecHacker nuclei shows dns rebinding and the severity was high but I didn’t find ssrf yet.
@Adarsh.-.
@Adarsh.-. 7 месяцев назад
What template did you used for this?
@briansans-souci9083
@briansans-souci9083 6 месяцев назад
Thanks mate!
@DevSecHacker
@DevSecHacker 6 месяцев назад
you are welcome.
@i_am_dumb1070
@i_am_dumb1070 7 месяцев назад
Ok but how can a attacker change dns settings of a company make make local host point to some other ip ?? Please help 🙏
@DevSecHacker
@DevSecHacker 7 месяцев назад
In this bypass no need to change company settings, just bind two ip addresses(one is not restricted ip address like google ip and other is restricted ip address like localhost) for the same domain and pass the domain as a user input. For binding two ips to same domain you can use the dns rebinder service that i shown in the video.
@i_am_dumb1070
@i_am_dumb1070 7 месяцев назад
@@DevSecHacker ok thanks 🙏
@wnheieowz
@wnheieowz 5 месяцев назад
can i get src code pls
@DevSecHacker
@DevSecHacker 5 месяцев назад
github.com/RajuGanapathiraju/VulnerableLabs/blob/main/ssrf_bypass.js
Далее
Content Security Policy Explained - Practical
13:06
Content Security Policy Explained - Practical
Просмотров 314
NMAP Revealed: Unleash the Ultimate Hacker Tool
24:19
NMAP Revealed: Unleash the Ultimate Hacker Tool
Просмотров 21 тыс.
Chicky Boom #настольныеигры #boardgames #игры #games #настолки #настольные_игры
00:44
Chicky Boom #настольныеигры #boardgames #игры #games #настолки #настольные_игры
Просмотров 909 тыс.
My favourite features after a week of testing! #dodgechallenger #rccars #primalchallenger
00:19
My favourite features after a week of testing! #dodgechallenger #rccars #primalchallenger
Просмотров 10 млн
Как не носить с собой вещи
00:31
Как не носить с собой вещи
Просмотров 894 тыс.
Шоколад приходит на Землю.
00:23
Шоколад приходит на Землю.
Просмотров 160 тыс.
CrikeyCon 2019 - Geckom - Breaking in with DNS rebinding
35:02
CrikeyCon 2019 - Geckom - Breaking in with DNS rebinding
Просмотров 498
DNS Remote Code Execution: Finding the Vulnerability 👾 (Part 1)
29:31
DNS Remote Code Execution: Finding the Vulnerability 👾 (Part 1)
Просмотров 288 тыс.
Как взламывают сайты? XSS уязвимость, SQL-injection, CSRF, Code Injection
33:04
Как взламывают сайты? XSS уязвимость, SQL-injection, CSRF, Code Injection
Просмотров 90 тыс.
Bug bounty: Bypass Limits via Race Conditions
6:53
Bug bounty: Bypass Limits via Race Conditions
Просмотров 501
Bug Bounty | $2000 for SSRF bypass using DNS rebinding
12:47
Bug Bounty | $2000 for SSRF bypass using DNS rebinding
Просмотров 37 тыс.
🤖 iRobot | Live Bug Bounty Hunting 🕵️‍♂️
24:25
🤖 iRobot | Live Bug Bounty Hunting 🕵️‍♂️
Просмотров 6 тыс.
Bugbounty: Host Header Injection to Account Takeover | Hands on | Practical
13:36
Bugbounty: Host Header Injection to Account Takeover | Hands on | Practical
Просмотров 28
Gerald Doussot - State of DNS Rebinding Attacks & Singularity of Origin - DEF CON 27 Conference
42:02
Gerald Doussot - State of DNS Rebinding Attacks & Singularity of Origin - DEF CON 27 Conference
Просмотров 7 тыс.
Meet the Expert | Meir Michaeli | SSRF (Server-Side Request Forgery Attack) | A10:2021
40:46
Meet the Expert | Meir Michaeli | SSRF (Server-Side Request Forgery Attack) | A10:2021
Просмотров 7 тыс.
DNS Rebinding Attacks Explained - You are in DANGER!
14:34
DNS Rebinding Attacks Explained - You are in DANGER!
Просмотров 16 тыс.
Chicky Boom #настольныеигры #boardgames #игры #games #настолки #настольные_игры
00:44
Chicky Boom #настольныеигры #boardgames #игры #games #настолки #настольные_игры
Просмотров 909 тыс.