Видео

@@SleepyAizawa69 Thanks! Would you like to see more about it?

Be careful on opening links, I think the best option to follow at moment is to change your email password or dhl password. Hopefully, they are not the same. Please, use another phone or computer to perform the following. Another risk of opening links, I hope this is not the case. It’s that your current phone or computer is not completely updated or eventually the browser. Which could lead at a complete compromise of the system. I hope this could help you and your problem is not this kind of size of complexity!

@@vpntest5260 Hi, I think, I wrongly deleted the project, but I can see if I can find something similar in the next days. I’ll try

@@SubhashBose-x7c try an old version or more recent. It’s possible that the version that you are using is having some changes that the one that I used

@@kablanfoundation grazie 😝

@@H4ck3er01, no I mainly follow the learning path suggested by Port Swigger portswigger.net/web-security/certification/how-to-prepare. These are enough, but do all the labs and take notes about them. If you want to improve your knowledge, doing other labs is always fun. I strongly recommend it. But, to successfully pass the exam you need to fully understand the vulnerabilities explained in the academy. Hope this helps!

@@wolfrevokcats7890 Thanks mate!

@@wolfrevokcats7890 Thanks for the feedback 😁. I’ll do my best for the next one!

@@wolfrevokcats7890 thanks, yes, that was long long time ago. But you are right, for the videos similar to this I’ll use the suggestions 😃

@@emanuelepicariello awesome, did not expect you to response this fast

@@raymondli3240 Hi, Sorry what do you mean? In this lab, you should adjust the length of the string of each fields, before you encode in base64 the string. But, I did not get your question correctly, I think, please let me know. Thanks

I took the 90 days access with one exam attempt, I recommend that but don’t underestimate the time given for accessing the labs, so you can get 10 bonus points and knowledge as well from the labs.😝 If you have more budget and you are aming for OSCP and OSEP then one-time bundle can be more interesting for you. Hope this helps you!

@@henryvalencia9711 Happy to hear that!! 🍀😝🇨🇴

@@nonloso-b1j Thanks hahaha, keep an eye on it 👀😝

🕵🏽‍♂️🌎

@@jacoposcannella5492 glad to help, let’s make the change!

Hi @@manondu44, Thanks for spotting this, you are right there are other alternatives solutions. 😝

Hi connann, I believe, the alert might not be showing because of a few reasons. Try clearing your cache or using incognito mode, as old data might be causing issues. Ensure the URL is correctly formatted like this: <script> location="{}/#__proto__[hitCallback]=alert%28document.cookie%29" </script> Some security features in browsers might block the script, so check for any protections like Content Security Policy. Make sure you’re identifying the right prototype pollution vectors and gadgets using DOM Invader, and try to follow all lab steps in Burp’s built-in browser, if possible. Keep in mind that these labs are simulations and might occasionally miss key parts, leading to unexpected behavior. Hope this helps! 😁

@@emanuelepicariello Yeah it was old data, it works if I load a new instance. Thank you for responding.

@@conanngan645 😝

What do you mean? 😂😂

@@lyubenpetrov6430 Thank you for your feedback. You are right, and I appreciate your patience. At that time, my focus was primarily on the solution itself rather than providing a comprehensive explanation of each step. To clarify, creating the “productcatalog” subfolder is necessary because the ProductTemplate class used in the lab is part of the data.productcatalog package. In Java, packages are used to group related classes and provide a namespace management system. The productcatalog subfolder corresponds to this package and ensures that the Java compiler and runtime environment can locate and use the ProductTemplate class correctly. Normally, you would determine the need for such a subfolder by examining the package declaration at the top of the Java source files. In this case, the ProductTemplate.java file includes a line like package data.productcatalog;, indicating that it belongs to the data.productcatalog package. I hope this clears up the confusion! 🙏🏾

@@emanuelepicariello thank you so much for the clarification! Sorry if my tone came across as harsh in my earlier message. I had been working on this lab for a whole day and I was at my wit's end. Your explanation clears everything up. Thanks again and keep up the great work. I will subscribe for sure!

@@lyubenpetrov6430 Thanks for the support and no worries at all. Feel free to ask always!

@@MichaelKali-sq6il Thank you for your question. The carriage return is essential in this context because it ensures proper formatting and readability of the serialized PHP object and the resulting signed cookie. In PHP, when working with serialized objects and manipulating strings, ensuring that the formatting remains intact is crucial to avoid syntax errors or malformed data. The carriage return can sometimes be a part of the serialized data, especially if the object contains multiline strings or if specific formatting is required by the framework or tool being used, like PHPGGC in this lab. In summary, the carriage return helps maintain the integrity and readability of the serialized data, ensuring it works correctly when used in the exploit. I hope now it’s more clear 😁

Ahahhaha grande, sisi qui stavo ancora prendendo padronanza 😝

Hi @vitopotenza141, Thanks for your question! Here’s how I would rate the difficulty of the exams on a scale from 1 to 10: • eWPT: 6/10 - It’s challenging, especially if you’re new to web application penetration testing, but it’s very manageable with thorough study and practice. • eWPTXv2: 8/10 - This is more advanced and builds on the eWPT, requiring a deeper understanding and more complex exploitation techniques. • Burp Suite Certified Practitioner: 8/10 - This exam is tough because it requires both a deep knowledge of Burp Suite and practical application skills. • OSCP: 9/10 - Known for its rigorous practical exam, it demands a solid grasp of various penetration testing techniques and a lot of hands-on practice. I recently took the OSEP and a video will be out soon! 😝 As for my next certification to improve my AppSec skills, I’m considering the OSWE or OSED Hope this helps!

Hi manondu, Thank you for your question! Yes, it is possible to use DOM Invader to identify gadgets even when it cannot find the sources directly. The idea would be to first try to manually identify potential gadgets by examining the JavaScript files loaded by the target site. Once you have an idea of the possible gadgets, you can then use DOM Invader to test these manually identified gadgets for vulnerabilities. This combined approach can help you effectively find and exploit DOM-based XSS vulnerabilities. Hope this helps!

Thanks for the kind world and good luck for your journey! Smash it!

Hi Eduard, Sorry at that time, I was still a newbie hahahha 😄. Here a brief explanation. "Object.defineProperty()" makes "transport_url" unwritable and unconfigurable but doesn’t set its "value". So, it can fall back to the prototype chain. When you use "/?__proto__[value]=data:,alert(1)", you add a value property to "Object.prototype". The script looks for "transport_url's" value, finds your injected "value", and uses it, which triggers the alert. Using /?__proto__[bla]=data:,alert(1) adds a bla property, but the script doesn’t look for bla, so it has no effect. Hope this helps!

​@@emanuelepicariellodefinitly. Thx :)

Yeah, apologies. It was old content and I was still finding my way on doing things! 😁

@@emanuelepicariello It's okay brother 👍

Thanks you are welcome!

Hi 😁, Thanks for pointing it out! When something is not available on the internet try to used web archive or similar: web.archive.org/web/20230311004317/www.r00tpgp.com/2021/08/burp-suite-certified-practitioner-exam.html 😝

Yes sure!!

Thanks 😝

Hi, The only one available at the moment is this one for now

@@emanuelepicariello it's not free right

@@sanath4099 Not it costs 100 bucks ish: portswigger.net/web-security/certification

or cracked

Yes sure!

@@_ILunar 🤣

@@emanuelepicariello thanks bro

@@_ILunar You are welcome and good luck for the exam 🍀💪🏾

Hi, A possible scenario involves a malicious actor retrieving sensitive information from the server and potentially finding an entry point into the system, where they can perform lateral movements or other actions. In this case, the entry point is the avatar link. Hope this example clarify and show the risks!

Hi, The requests are processed one per time due the PHP backend, therefore to trigger the gitter time and then the vulnerability, the requests need to be sent with different session id and CSRF token

@@emanuelepicariello Thank U！

@@robstark4759 You are welcome!

Hi, You can attempt the scan with the embedded browser in Burp and run the prototype pollution scan, but it is not 100% successful all the time. It is always good to rely on manual testing! Hope this helps 😁

Hi! I think that possibly this difference is given by the PHP version running on your system. I believe

You are welcome!

Hahahaha thanks bro!

You are welcome, glad to help 😝

Thanks mate, happy to share progress and motivate others people 😝

Brute forcing can be an option, unless there is a WAF or request throttling option in place, you can try. You need to reduce the cache response also before sending the requests in parallel, this will reduce the “gitter” time. Hope this helps!

Thanks!

Yes, I strongly suggest to do so 😁

Thanks 😝

Hi, that’s is a complex question, but, I try to answer. Generally I suggest to start either some basic Cybersecurity foundation starting from TryHackMe. As a next step, I suggest to start with WebSecuryAcademy by Port Swigger and go for the BSCP. This was my path: BSCP eWPT eWPTx OSCP You can take a look at these videos before going for these certs and need some info. ruclips.net/p/PL16wrrijM0H8itX3BOdUbKksKAGuiZoZA&si=Y3ZOSoo0UqdEqwkq Hope this helps you!

We are all to improve together! 💪🏾🪖

Thanks 😝, are you going to take the exam soon?

@@emanuelepicariello im in the middle of the labs, so i think i'll take it at the end of april

I wish you good luck!!@@s4yhii

🪖😝