ACCESS what you WERE NEVER SUPPOSED TO
HTML-код
- Опубликовано: 11 окт 2022
- j-h.io/guidepoint-security-ctf GuidePoint Security is hosting a Capture The Flag competition on October 27th, FREE for everyone! These are always a ton of fun -- jump in and play!! j-h.io/guidepoint-security-ctf
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
hey john I have been looking through your malware analysis series and was wondering if you are going to start streaming those again?
I just did this box on stream yesterday and found it very interesting and cute! I took the opportunity to practice my BASH skills and wrote a for-loop one-liner that would iterate through the numbers 1-100, hash the number, and then curl the endpoint. Was cool and satisfying when it worked....shame it didn't solve the box though! Should have just tried "0" at the outset.
John has become my ASMR :)
Your explanations are always so thorough, thanks for all you do. I'm also looking forward to your WWHF talk!
Hi John, the corridor also references the beginning of the hacking series that was on British TV a month or two ago called: The Undeclared War.
Neat; and good to see some old school HTML approaches rather than some unnecessary framework. I always use the idea of the bus stop information numbers one can use in some places when explaining IDOR, but I'll have to remember this idea too. (All: Feel free to borrow mine!)
Ngl the new line thing didn't even cross my mind - I appreciate you John, even on the "cheesy" ones lol ❤️
Precise and informative as always, John!
I really enjoy your explainers John. Thanks for this Channel.
Keep these vids coming. Useful stuff
Bippity boppity your idea is now my property LOL
John. I truly wish the Al-Gore-Rhythm would have hooked us up 4 years ago... your content is what I wish I would have known as I rediscovered my next phase... alas, you may be phase 3 because your Information is EXACTLY what i've hungered for since being introduced to Fortran 77 in 1994... i've missed soooo many years but can feel and understand what you're throwing down...
LOVE what you do, awesome, interesting, informative, inspirational...
Namaste
Never really knew what an IDOR was, and never really bothered to look it up, but this explains it really well in simple terms. Thanks!
IT WORKED, THANKS I'VE BEEN LOOKING FOR THIS FOREVER, BUT NO TUTORIAL COULD EXPLAIN IT AS YOU DID
Loved this challenge John, just a little tip if you don't mind my friend, when you use the .encode() method, the default encoding is UTF-8 so you don't necessarily need to specify it, hope this can be useful to you 🙏
its good practice to include it anyway
Thank you so much you really help me :)
Nice, I figured out what to do before you explained it. I feel smart.
works, keep up the good work man
I love it! :D
great work as always
Wow that was fun!
Alh4zr3d busted this one on his stream last night; it was wicked fun. Thanks John!
this is really cool, john. thanks for sharing it. i created a similar ctf a few months ago, just without the image map. it was well received by the small userbase i demo'ed it to, but i quickly ran out of ideas of where and how to hide clues for the proceeding flags. i accept that most of it is imagination, but do you know of any good sources for hiding place ideas? i'd love to build my ctf out into a learning tool.
You could have piped into xxd to prove the point, hindsight is always good
Rich and original as usual!
It was the quickest room I’ve ever managed to do. I felt like a god lol.
It's just yesterday I solved it and loved it...
😎 very cool
i was lost for around 40 mins trying to understand your clues , However . thank you for doing the effort and creating the room
I posted this walkthrough and referenced this link on THM room write up section
09:16 not important but why is there no door in this room?
Guidepoint is a cool platform I always play the CTF every year
This was a great box! I really liked it!
Yeah i have done it
Is this the cause of Moonpig's leak from a few years ago, where you could change your user ID in the address bar and view someone else's account details?
i so was scared when i saw this preview, it looks like backrooms.
Ssoo obscurity is kinda zero
sexurity??
ps: thx for some _BEHIND (you)_ the scenes content too .;]
hi.
First lesson, don't sign up - it's a bait.
when's the next asdfmovie
Neither dumb not stupid. I found it pretty creative, beautiful and smart made. Ok, the challenge is not that hard. Also, I watched a couple of streamers solving it. Every single on said it's very creative how it's made. Congrats to you and the team who built it.
🇮🇳love from india
Early on here, hi John
Old comment
2nd here!
i commented first.
Lmao 4 first comments. Y'all cant all be first
First comment!!!
1st here!
Hii, I just saw the ZeroPoints Certified Red Team Ops certification link ...is there anyway to get discount from your side 💖, I would love to get ! 💖🔥
The sad realization that he actually puts time into that hair.
@@MaxPower-ig7kh that time could be better spent, for example: with your mum.
It was really a cool and creative idea for a CTF challenge. I will try to implement this idea when i will capable like @JohnHammond 😅😅
This is where I lose interest in capture the flag. There is no practical purpose for this. Why not just teach people how to examinen MD5. Websites don’t use MD5 like this.
I really appreciate your video really helpful
Cool. I was doing another IDOR room earlier today. Could you do a video of your process making these for tryhackme (or a different one if you prefer) there aren't a lot of videos like that out there with good English
Corridor in tryhackme with IDOR vulnerability 😀
This is the only CTF on tryhackme I could do in an hour. Thanks for the teaching about IDOR Vulnerabilities.