- Видео 31
- Просмотров 12 008
CyberMasus
Добавлен 3 авг 2022
Port Forwarding Made Easy - Part 3 | Dynamic Port Forwarding Using Chisel + Proxychains
🌐 Dynamic Port Forwarding: Chisel + Proxychains Ultimate Guide (Part 3) 🚀
Master the art of dynamic tunneling for maximum network access! 🔥 Perfect for OSCP preparation and CTF domination.
🎯 What you'll master:
Dynamic port forwarding with Chisel
Proxychains configuration secrets
Access ALL remote ports like a ghost 👻
💻 Step-by-step tutorial:
Setting up Chisel SOCKS proxy
Configuring Proxychains
Running tools through your tunnel
Real pentesting scenarios solved!
⚡ Why this matters:
Essential for OSCP exam success
Critical for complex CTF challenges
Must-have skill for network pivoting
🔥 Watch as we combine Chisel + Proxychains for ultimate network domination!
🛠️ Tools covered:
Chisel
Proxychains
Nmap throug...
Master the art of dynamic tunneling for maximum network access! 🔥 Perfect for OSCP preparation and CTF domination.
🎯 What you'll master:
Dynamic port forwarding with Chisel
Proxychains configuration secrets
Access ALL remote ports like a ghost 👻
💻 Step-by-step tutorial:
Setting up Chisel SOCKS proxy
Configuring Proxychains
Running tools through your tunnel
Real pentesting scenarios solved!
⚡ Why this matters:
Essential for OSCP exam success
Critical for complex CTF challenges
Must-have skill for network pivoting
🔥 Watch as we combine Chisel + Proxychains for ultimate network domination!
🛠️ Tools covered:
Chisel
Proxychains
Nmap throug...
Просмотров: 72
Видео
Port Forwarding Made Easy - Part 2 | Local Port Forwarding Using Chisel
Просмотров 522 месяца назад
🚀 Chisel Magic: Local Port Forwarding for Hackers (Part 2) 🔓 Level up your penetration testing skills with Chisel! 🛠️ This video is your secret sauce for OSCP success and CTF domination. 🎯 What you'll master: Local port forwarding using Chisel - simplified Real-world hacking scenarios solved step-by-step 💻 Perfect for: OSCP exam preparation CTF challenge ninjas Aspiring penetration testers 🔥 Wa...
Port Forwarding Made Easy - Part 1 | Local Port Forwarding Using SSH
Просмотров 802 месяца назад
🔐 SSH Local Port Forwarding: Hack Like a Pro! (Part 1) 🚀 Unlock the power of SSH to access hidden services! 🕵️♂️ This video is your secret weapon for OSCP prep and CTF victories. 🛠️ What you'll master: Local port forwarding with SSH - explained simply Step-by-step guide to access remote ports locally Real-world hacking scenarios and solutions 💡 Perfect for: OSCP exam preparation CTF challenges...
Port Forwarding Made Easy - Part 0 | Introduction to Port Forwarding
Просмотров 282 месяца назад
🔓 Port Forwarding Mastery: The Hacker's Secret Weapon (Part 0) 🔓 Unlock the hidden pathways of networks! 🌐 This intro to our Port Forwarding series is your first step towards OSCP success and CTF domination. 🎯 What you'll learn: The magic of port forwarding explained simply Why it's crucial for ethical hacking and pentesting Sneak peek into advanced techniques covered in future videos 🚀 Series ...
HackTheBox - Runner
Просмотров 763 месяца назад
🔐 HackTheBox Walkthrough: Runner | Medium Difficulty | Linux 🐧 In this video, I'll take you through the exploitation of the Runner machine on HackTheBox, a medium-difficulty Linux box packed with real-world vulnerabilities and challenges. 🏃♂️ The journey begins with leveraging a vulnerability in TeamCity (CVE-2023-42793), allowing us to bypass authentication and extract an API token. This toke...
HackTheBox - FormulaX
Просмотров 1013 месяца назад
🔐 HackTheBox Walkthrough: FormulaX 🔍 | Hard Difficulty | Linux 🐧 In this video, I’ll guide you through the exploitation of the retired HackTheBox machine, FormulaX. This hard-difficulty Linux box challenges us with multiple vulnerabilities, starting with a Cross-Site Scripting (XSS) attack on a chat application that reveals a hidden subdomain. From there, we exploit a simple-git vulnerability (...
HackTheBox - Usage
Просмотров 2674 месяца назад
🔍 HackTheBox Usage Walkthrough | Easy Linux Machine 🔍 Welcome back, cybersecurity enthusiasts! In this video, I’ll walk you through exploiting Usage, an easy-difficulty Linux machine on the HackTheBox platform. 💻🔓 ✨ Key Highlights: 📄 SQL Injection Exploitation: Discover how to exploit a SQL injection vulnerability in a blog site to dump and crack the admin's hashed password. 🔐 Admin Panel Acces...
HackTheBox - IClean
Просмотров 2,5 тыс.4 месяца назад
🔍 HackTheBox IClean Walkthrough | Medium Linux Machine 🔍 Welcome back, cybersecurity enthusiasts! In this video, I'll guide you through exploiting IClean, a medium-difficulty Linux machine on the HackTheBox platform. 💻🔓 ✨ Highlights of the Walkthrough: 🧹 Exploiting a Cleaning Services Website: Discover how to exploit a Cross-Site Scripting (XSS) vulnerability in the quote request form to steal ...
HackTheBox - WifineticTwo
Просмотров 1094 месяца назад
🔍 HackTheBox WifineticTwo Walkthrough | Medium Linux Machine 🔍 Welcome back, cybersecurity enthusiasts! In this video, I'll guide you through exploiting WifineticTwo, a medium-difficulty Linux machine on the HackTheBox platform. 💻🔓 ✨ Highlights of the Walkthrough: 🌐 OpenPLC Exploitation: Discover how to exploit OpenPLC running on port 8080 using CVE-2021-31630 to achieve Remote Code Execution. ...
HackTheBox - Headless
Просмотров 1004 месяца назад
🔍 HackTheBox Headless Walkthrough | Easy Linux Machine 🔍 Welcome back, cybersecurity enthusiasts! In this video, I'll take you through the exploitation of Headless, an easy-difficulty Linux machine on the HackTheBox platform. 💻🔓 ✨ Highlights of the Walkthrough: 🖥️ Exploit a Python Werkzeug Server: Learn how to identify and exploit a blind Cross-Site Scripting (XSS) vulnerability via the User-Ag...
HackTheBox - Perfection
Просмотров 1304 месяца назад
🔍 HackTheBox Perfection Walkthrough | Easy Linux Machine 🔍 Welcome to my latest HackTheBox walkthrough! In this video, we dive into Perfection, an easy-rated Linux machine that will put your hacking skills to the test. 💻🛠️ ✨ Highlights of the Video: 📊 Exploit a Vulnerable Web Application: Discover how a simple student score calculator hides a Server-Side Template Injection (SSTI) vulnerability....
HackTheBox - Crafty
Просмотров 7735 месяцев назад
🔍💻 Crafty Walkthrough | HackTheBox Retired Machine Welcome to my in-depth walkthrough of the retired HackTheBox machine, Crafty! 🛠️🔒 In this video, we'll tackle: 🔍 Enumeration: Discovering open ports and services. 🔧 Vulnerability Research: Identifying weak points in a Minecraft server version vulnerable Log4shell (CVE-2021-44228). 📚 Public Exploits: Leveraging known exploits to gain access. 🕵️...
TryHackMe - SQHell
Просмотров 5346 месяцев назад
In this video, we dive into the TryHackMe room "SQHell" and demonstrate how to exploit intermediate to advanced SQL injection vulnerabilities. Learn the techniques to bypass protections and extract sensitive data! 💻🔥 🔔 Like, Subscribe & Hit the Bell for More! 🔔 #SQLInjection #TryHackMe #Cybersecurity #EthicalHacking #PenTesting
SQL Injection - Task 10 | Remediation | TryHackMe
Просмотров 1656 месяцев назад
🔒 Delve into the final task (Task 10) of our SQL Injection video series! 🎬 Discover essential remediation methods to safeguard your databases against SQL injection attacks. Learn about the power of prepared statements, input validation, and special character escaping to fortify your defenses. 💡💻 #Cybersecurity #SQLInjection #RemediationMethods 🚀
SQL Injection - Task 9 | Out-of-Band SQLi | TryHackMe
Просмотров 5757 месяцев назад
🔍 Explore Out-of-Band SQL Injection in Task 9 of our SQL Injection video series! 🎥 Learn how to exploit vulnerabilities using alternative communication channels and extract data from the database.
SQL Injection - Task 8 | Blind SQLi - Time Based | TryHackMe
Просмотров 1,7 тыс.7 месяцев назад
SQL Injection - Task 8 | Blind SQLi - Time Based | TryHackMe
SQL Injection - Task 7 | Blind SQLi - Boolean Based | TryHackMe
Просмотров 7327 месяцев назад
SQL Injection - Task 7 | Blind SQLi - Boolean Based | TryHackMe
SQL Injection - Task 6 | Blind SQLi - Authentication Bypass | TryHackMe
Просмотров 5957 месяцев назад
SQL Injection - Task 6 | Blind SQLi - Authentication Bypass | TryHackMe
SQL Injection - Task 5 | In-Band SQLi | TryHackMe
Просмотров 1 тыс.7 месяцев назад
SQL Injection - Task 5 | In-Band SQLi | TryHackMe
SQL Injection - Task 4 | What is SQL Injection? | TryHackMe
Просмотров 1307 месяцев назад
SQL Injection - Task 4 | What is SQL Injection? | TryHackMe
SQL Injection - Task 3 | Wat is SQL? | TryHackMe
Просмотров 1407 месяцев назад
SQL Injection - Task 3 | Wat is SQL? | TryHackMe
SQL Injection - Task 2 | What is a Database? | TryHackMe
Просмотров 1667 месяцев назад
SQL Injection - Task 2 | What is a Database? | TryHackMe
SQL Injection - Task 1 | Brief | TryHackMe
Просмотров 2947 месяцев назад
SQL Injection - Task 1 | Brief | TryHackMe
SQL Injection - Task 0 | Introduction | TryHackMe
Просмотров 7677 месяцев назад
SQL Injection - Task 0 | Introduction | TryHackMe
all the best
many thanks
thank you for a very thorough explanation, I learned a lot and got out of being super stuck
I'm happy the video was helpful
Thank you so much for this. After the 6th task, it seemed easy but the Boolean process is just so tedious. It's like doing a bruteforce attack purely analog. What is the reasoning of using the != wildcard after you've already discovered the table or column name though?
Right, boolean and time-based sqli's can be a pain when trying to exploit them manually, especially in large/complex database structures. always look into automating the exploitation process or using tools like sqlmap. understanding of the manual exploitation process is useful when creating automation scripts or troubleshooting tools that are not giving the desired results. In response to the reasoning for using '!=' operator, this is often used to eliminate information we've already discovered during the brute-force process. for instance, if you are enumeration column names for the same database and table, using '!=' will ensure you don't enumerate same column name more than once
This room is probably bugges because when I injected where database() like 'sql______';-- it worked. Although its clear sqli_four is the database we are meant to work with
yes will certainly be a bug. great finding though
I also thought it was a bug, but actually "_" is a special character for "find". you need to escape it (fin "\_").
@@pierluigirizza2140 good point. In SQL queries, the underscore is a special character used as a single-character wildcard. For example, the pattern "_a_" would match any three-character string where the second character is "a"
Bro you are amazing, keep up the work
Wow. Very informative walkthrough
glad you liked the walkthrough. the plan is to make more of these when i have the time
Thank you bro for this But my burpsuite isn't working
I will need more context about your issue to be able to advise. let me know how burpsuite is behaving when you try to intercept traffic and whether you've configured proxy settings in your web browser to work with burp
So LIT, bro.
Yo bro this helped me get root flag i was struggling thanks man cheers 🙌👏🔥
glad my video helped 😊
🎉
I feel like you were a bit off track and didn't scroll down alongside the questions. Just my honest opinion. Great effort on the video
Yh good point. I intentionally didn't scroll down along the questions so I could solve the challenge my own way. By doing so, I get to make mistakes, troubleshoot, and resolve issues as I go. I appreciate you feedback
@@cybermasus When you put it like that, I sort of take back my comment. Thank you for your reply. Best of luck in your RUclips Journey!
You chose the best technique to find all the tasks Good job man👏👏
yeah right, i try to go for techniques that are easy to understand
Thanks, I was stuck on this one.
I'm glad my video was helpful 😊
Which username u put in this command
i typed so many commands. let me know what specific command then i can help with answer
im just getting into cybersecurity barely getting around linux but its fun to watch this lol
it’s fun navigating the linux file system from the command line. I'm sure you will have a hang of it with practice 😅
Hello. Nice video. Thanks
@sathsarabandara660 I'm happy you like the video
Hey. I' m a beginner of this and Could you give me some start up tips and list of things that I should be focused on bug bounty please?
@@sathsarabandara660 try out some web based exercises on TryHackMe, portswigger labs, and HackTheBox. Once you level up your skills, register on bug bounty platforms like HackerOne and Bugcrowd to get started
@@cybermasus Thank you so much for your help.
Awesome man, keep up the good work