Видео

Hello 🙂 i have long time and i was searching for tool or something like i give it the source code and she find the mistakes inside and vulnerability's i think that help me on my journey and im new in bug hunting 😅

Lol i can see your basket with an apple juice

Thanks for all juice-shop run👍 greetings from Türkiye 😁

eyw

ilqinç

eyw

😮

vayqw

You can figure out it use a base64 crypto because when you intercept a login callback we can see a bunch of SHA-1 and base64 encrypted tokens in the session loggin. Don't know why they do not accept SHA-1 as an excuse though.

eyw

ha

eyw

6:10 inş knk

I applied for a job as penetration testing , for my online interview , I want to show by bug bounty hunting skills , my hall of fames , how I do testing by screen sharing , is that helpful

I dont have add to basket button

I Waited for this video

How do I link juice box to burp?

Hi @Hacksplained. How do you reset the challenges? Every time i open a new juiceshop page it says i have completed 57% of the challenges

how to get jpeg file/code u hve pasted

very good bro

Hacksplained is the best teacher! Thanks for helping us noobs get through a lot of complicated stuff.

Big love from Pakistan 🇵🇰✅❤

how do u know which cipher encryption to use??

I came here because I’m on OWASP Juice Shop for the first time. I was scrolling down my HTTP History on Burp and I got the “solved challenge” banner for “Manipulate Basket” and all I did was scroll down burp. I didn’t even make an account on Juice shop. I know hacks, exploits, and vulnerabilities can be found by accident, but like what did I do? 💀

thanks man! really helped a lot

All right I’m thanks for your video I really loved it so am I was wondering can I get your email address I really want to talk to you about something

i cant find the bid

Alas, it's free no more, a payment method must be added. Here's what I was shown just now: 'Basic dynos ~$0.010/hour'. Personally I don't mind making reasonable payments. It's the cancellation or forget to cancel and using the services inadvertently that can be concerning. So if that's fine with you do enjoy it! Plus, I already have a few deployments made on Kali Linux so don't really need the Heroku vesion. Anyway, happy hacking (legally)!

🫡

I DID IT in browser only, just use the endpoint of feedbacks

Hii

❤❤❤

This is truly a brilliant solution! I haven't downloaded the script, but you can display a suitable message and terminate the loop as soon as you get a 200 response (instead of 401) from the server.

Great stuff! could you please make demos for maven and rubygems as well?

why is this video age restricted lmao

why cant i edit in burp raw req part

⥊ 15: 13 0: Good (if not good, then not zero) 0001: Uniqueness 001: Identity 002: Individuality 003: Variability 004: Diversity 005: Tolerance / Inclusion 006: Acceptance 007: Consonance / Harmony 008: Innocence 009: Transcendence 01: Awareness 02: Diversion 03: Sensing 04: Love 05: Grace 06: Reasoning 07: Ingenuity 08: Decency / Honesty 09: Truth Seeking 1: Ethical 2: Problem-Solution 3: Situation 4: Abstraction 5: Expression 6: Why/Who/When/How/Where/What 7: Information/Code 8: Stability 9: Sanity 10: Network (Good Network, because zero) 11: Justice 12: Time/Spread/Dissipation/Easter 13: Death / Fact 14: Cognition 15: Agent 16: Reason 17: Discourse 18: State 19: Discipline / Control 20: Judgement 21: To Solve Problems with Ethics 22: Resistance / Differentiate 23: Consideration 24: Humor / Mental State 25: Behavior 26: Motivation 27: Cohesion 28: Dependability 29: Diagnostic 30: Liberty 31: Consent 32: Discernment 33: Response 34: Ideas 35: Showing 36: Option 37: Opinion 38: Decision 39: Prognostic 40: Wellness 41: Attention 42: Critical Thinking 43: Acknowledgment 44: Free Love 45: Plan / Task Force 46: Purpose 47: Perspective 48: Character 49: Ambition 50: Good Expression 51: Manifestation 52: Support 53: Respect 54: Care 55: War 56: Pointing / Profiling 57: Tell / Counter-Terrorism 58: Invoking / Building 59: Proficiency / To Excel 60: Certainty 61: Identification 62: Qualification / Characterization 63: Inquiring 64: Conjecturing 65: Function / Role 66: Investigation 67: Arguing 68: Indicator 69: Scrutinity 70: Validation 71: Illustration / Knowledge 72: Construct 73: Explanation / Informing 74: Data 75: Materialization 76: Delineation / Instruction 77: Flow / Cadency 78: Share 79: Accountability 80: Personal Soverenity 81: Independency Constancy 82: Resilience 83: Established 84: Autonomy 85: Executing 86: Authority 87: Stream 88: Consistency 89: Boldness 90: Wisdom 91: Assertiveness 92: Optimism 93: Scrupulousness 94: Integrality 95: Composure 96: Blockchain: ⥊ (TRACE MARKER) 97: Anarchy 98: Veganism 99: Revolution 100: Liberation 101: Peer-2-Peer 102: Partnership 103: Proposal 104: Design 105: Collaboration 106: Necessities 107: Vocabulary 108: Clarity 109: Regulation 110: Virtue 111: Honor Righteousness Principle 112: Distributed Ledger 113: Privacy / Assistance 114: Abolitionism 115: Pride 116: Justifiable 117: Equitable 118: Liberation State Formation 119: Mission / Objective 120: Harvest 121: Deliverance 122: To Sort Out / Separate 123: Inclusion 124: 125: Differentiate 126: Distinguish 127: 128: Frankness / 129: 130: Realization 131: Fulfillment 132: Regard 133: Responsability 134: Address 135: Execute 136: Obtain 137: 138: To Mark / Formation 140: Serenity 141: Idea 144: To Notice 148: Mindfulness 150: Good Character 151: Virtue 153: Declaring 155: Perform 158: Rising 160: Technology 161: Communication Systems 166: Causality 167: To Label 170: Knowledge 185: System Accessibility 181: Structure 199: Commitment Conviction 200: Sanctuary 209: Enlist 210: Resolution 211: To Engage 212: Secure 215: Mobilize 219: Annihilation 220: Contemplation / Meditation 221: Either Way / Alignment 222: Cooperation 230: Resilience 250: To Thrive 255: To Emerge 266: Correlation 299: Elevate 300: Crusade / Jihad 301: Confront 309: Consensus 310: Self 311: Bodily Autonomy 320: Deliberation 322: Oportunity 330: Win-Win 331: Self-Determination 333: Abundance 340: Conceive 353: Energy Management 360: Technology 373: Remote Killing 370: Efficiency 390: Economicity 399: Revolution Gear 400: Earth Population 410: Permaculture 430: Ecosystem 440: Fellowship 444: Direct Digital Democracy 500: Assumption / Honor 501: Leadership 502: Credit 503: Esteem 509: Prestige 510: Admiration 511: Heroism 512: Altruism 520: Proficiency 530: Acceptance 535: Denoucing 540: Appreciation 550: Diplomacy 555: Gathering 556: To Pick Up Someone/Something 590: Excellency 600: Organizator 620: Diagnose 660: Operation 661: Operator 665: Role 666: Method 676: Deduce 700: Honor 702: Credit 710: Intelligence 717: Desing 720: Quantum Mechanics 733: Argorithm Explaining 747: Artificial Intelligence 750: Consolidation 751: Enlightment 756: Inspire 757: Prompt 766: Plan 770: The Gear 771: File 773: Algorithm Recoginzing 775: Output 777: Pattern / Rhetoric 778: Development 780: Systematization 799: Revolution Algorithm 800: Providence / Heroism 801: Production 802: Necessities 803: Resorces 804: Energy 808: Renewable Cycle 810: Permaculture 820: Management 830: Logistics 831: Scheme 832: Reach 833: Demand 834: Stock 835: Distribution 840: Consumption 850: Labor 860: Human Resources 863: Assignments 870: Structure 880: Peace 888: Globalization 890: Needs 899: Conception 900: Transparency 910: Institutions 911: Emergency Call 930: Energy Distribution 931: Only One Global Currency 960: Blockchain 962: Traceability 970: Optimization 990: Inspection 995: Accountancy 998: Regulation 999: Implementation 1000: Militancy 1001: Nova Era 1030: 1042: Drug Liberation 1100: Liberation Army 1160: Pacifism 1312: Boycott 1400: Unity 1500: Benevolence 1550: Charity 1807: Black & Yellow 2222: Paradox 3000: Freedom 3100: Triumph 3311: To Revolt 3330: We All Can Live In Abundance 4000: Coexist 4411: Riders of Justice 5000: Glory 5500: Greatness 6999: Mystery 7220: Unified Field Theory 8000: Sustainability 8999: Finitude 9997: Discovery 9998: Unknown 9999: Universe 10000: Existence . This is a Numeric Matrix for Communications Purposes. . This Can Be Used to Convey Meaning. Ex.: 2034: To Judge the Idea. . Mathematical Operators Can Be Used to Calculate Meaning. Ex.: To Judge the Expression: 25 20 + 5 = 25 (Behavior) . Logical Operators to Create statements. Ex.: ¬11: 13. If not Just then Death. . Colors can also be used as information. - You can help build it.

It isnt a dom XSS it is a reflected

You are not giving answers... 😅😅

Whats your take on skipping the OSWA & straight to the OSWE

or you can search on the md5 hash on amy's password on google

poor explanation.

dude don't giving the answers was a great idea, it helps learning a lot

Dude stop saying that this is gonna happen you have to install the files for it to install and it takes hours its not just gonna bring you ti the login screen

nice advice, only not sure if the money part of the goal is what i expect in a goal...but maybe thats part of bugbounty, the bounty thing :D

bro was going with ×0.125 speed. But it was good

Hlo

1.25x speed recommended

great videos, i really enjoy them. they are easy to follow and i learn a lot, thanx!

This attack is no longer effective in the modern version of Juice Shop (v15.0.0 in this instance). While attempting this attack, a new user is generated with the given XSS string. However, the system now filters out all HTML tags from the supplied string, resulting in the creation of a new user with an empty string as their login