Cross Site Scripting XSS Explained | TryHackMe Junior Penetration Tester | OSCP

Поделиться
HTML-код
  • Опубликовано: 29 окт 2024

Комментарии • 50

  • @cosmintibuleac969
    @cosmintibuleac969 2 года назад +53

    For anyone having issues with the final session cookie answer, there seems to be a bug. Here is the correct answer: 4AB305E55955197693F01D6F8FD2D321

    • @ursr78122
      @ursr78122 2 года назад +2

      Man, thank you very much for the answer, I spent more than hour to come up that task does'nt work... But I was sure that I'm doing everything right

    • @unpopularopinion1032
      @unpopularopinion1032 2 года назад +4

      aaaah no wonder. The bug had to do with the netcat listener (or server as shown in the video) not receiving confirmation of interaction after ticket was viewed right? just want to verify.

    • @cosmintibuleac969
      @cosmintibuleac969 2 года назад

      @@unpopularopinion1032 either that or I was not getting the corect cookie for the answer, don't remember 100% accurately.

    • @martyduniaud1360
      @martyduniaud1360 2 года назад +1

      OMFG, thank you, 1 day I break my head cause that

    • @jjjww975
      @jjjww975 2 года назад +1

      I could not get the final script to work and bounce back the cookie -- something wrong with the THM network --- everything else worked up t that point

  • @unpopularopinion1032
    @unpopularopinion1032 2 года назад +2

    Thanks for these videos bro. Ive seen two of your walkthroughs already and they are the best/easiest to understand.

  • @RicondaRacing
    @RicondaRacing 2 года назад

    that last question had me going crazy for hours, THANK YOU!

  • @marosmihok8782
    @marosmihok8782 2 года назад

    THANK YOU SO VERY MUCH MAN! I was struggling with this task for so long.

  • @mohamedahmed-q1m4v
    @mohamedahmed-q1m4v Год назад

    The way you have explained is really easy and I understand it now.
    maybe will forget it tomorrow haha

  • @AC-he8ln
    @AC-he8ln 11 месяцев назад

    Thanks, was not working with the nc -nlvp 9001 suggested in the exercise, but worked fine with http server.

  • @mialarssen2627
    @mialarssen2627 3 месяца назад

    Thank you so much Mr Motasem. How do I get that My Notes Library? I`ll appreciate so much :)

  • @silentkille4
    @silentkille4 2 года назад

    learning alot from your videos thank you so much

  • @عربارمي-ج9س
    @عربارمي-ج9س 2 года назад

    can you share with as the Manual in 24:51 mins (OWASP+Web App Pentesting) Thanks

  • @syriamoon2674
    @syriamoon2674 3 года назад +1

    Thank you for the explanation. Would you advise me to learn through the site and buy a paid account?

    • @Sleepygayboi9797
      @Sleepygayboi9797 3 года назад +3

      Yes, it is extremely useful, I have done the pre security and complete beginner so far, and am very confident in my fundamental skills now. Def worth.

    • @MotasemHamdan
      @MotasemHamdan  3 года назад +1

      Yes I would. Its very useful

  • @derastephh
    @derastephh Год назад

    Hello, how do I know the port for my web server?

  • @ayoub904
    @ayoub904 Год назад

    man ,would like to share with us that scripting note, or we can find it ? thanks alot

    • @MotasemHamdan
      @MotasemHamdan  Год назад

      Hello, cyber security notes can be accessed through channel membership tier 2
      ruclips.net/channel/UCNSdU_1ehXtGclimTVckHmQjoin

  • @adminaccount1951
    @adminaccount1951 2 года назад

    Hi, I know its a lot. But can you share your obsidian vault for reference.. ? Or kindly make a website out of it if possible.

    • @MotasemHamdan
      @MotasemHamdan  2 года назад

      Hello, online access to notes is part of channel membership
      ruclips.net/channel/UCNSdU_1ehXtGclimTVckHmQjoin

  • @felipecg6587
    @felipecg6587 2 года назад

    Thank you Sir

  • @Alternosphere
    @Alternosphere 2 года назад

    Would you be willing to share your Obsidian notes?

    • @MotasemHamdan
      @MotasemHamdan  2 года назад

      Access to the manual can be done through the membership.
      ruclips.net/channel/UCNSdU_1ehXtGclimTVckHmQjoin

    • @Alternosphere
      @Alternosphere 2 года назад

      @@MotasemHamdan brilliant. your content is amazing, keep it up man, big ups

    • @RS-uj2yf
      @RS-uj2yf 2 года назад

      Hm....cant find a link for notes...(((

  • @mersadbaradaran9176
    @mersadbaradaran9176 2 года назад

    ty my BRO!

  • @kyawswanyee3309
    @kyawswanyee3309 2 года назад

    can i get your cyber security obsidian note /

    • @MotasemHamdan
      @MotasemHamdan  2 года назад

      ruclips.net/channel/UCNSdU_1ehXtGclimTVckHmQjoin

  • @ailson_junior7034
    @ailson_junior7034 2 года назад

    it only captures its own cookie and not the target's

  • @_think8830
    @_think8830 Год назад

    Thx bro❤️

  • @FinaLBoSSv0iD
    @FinaLBoSSv0iD 3 года назад

    "fucking finally man"

  • @hajarlachhab8851
    @hajarlachhab8851 2 года назад

    can you share with us the obsidian notes please?

    • @MotasemHamdan
      @MotasemHamdan  2 года назад +1

      Hello, Notes are part of the channel membership. Take a look here
      ruclips.net/channel/UCNSdU_1ehXtGclimTVckHmQjoin

    • @cuneytguclu8547
      @cuneytguclu8547 2 года назад

      @@MotasemHamdan you're awesome thanks

  • @huuloc8719
    @huuloc8719 3 года назад

    Great.

  • @TuniRex
    @TuniRex 10 месяцев назад

    sa3b ktirr hhhhhh

  • @cybersamurai99
    @cybersamurai99 2 года назад +1

    somehow I am geting a different value on my cookie on the last chalenge. It only contains the session ID
    cookie I get is : c2Vzc2lvbj01ZTcwZmFkNTRlM2Q2YWE4Nzk4Y2I3ZDNjZGMwMGVlYg==

    • @metallical87
      @metallical87 2 года назад

      yeah same with me

    • @hardiwrites4430
      @hardiwrites4430 2 года назад

      @@metallical87 same

    • @kolesnikov1991
      @kolesnikov1991 2 года назад

      I had the same problem but finally got a solution. Make sure that is a HTTP connection (HTTPS is encrypted) Second thing. You have to be patient. It takes a while to get cookie

    • @cosmintibuleac969
      @cosmintibuleac969 2 года назад +3

      For anyone having issues with the final session cookie answer, there seems to be a bug. Here is the correct answer: 4AB305E55955197693F01D6F8FD2D321

    • @BluD4g
      @BluD4g 2 года назад

      @@cosmintibuleac969 tryhackme hadn't fix it yet??