I should point out since nobody else has… injecting user input from a url directly into a shell command that your server will blindly execute is literally handing your server over to them to do whatever they like with the same privileges as the user under which the service is running. In short if you write and run any of these services as seen here, any user able to access that web page has control of your server. You’ve been warned.
you're correct. putting a ; in allows you to run additional commands. If you do the project try this in the address bar -- 127.0.0.1:8080/fox.com; touch IGotHacked,google.com It'll ping fox.com, and then run the touch command, before continuing on to ping google.com. I should have said something about this during the session. Creating class material is difficult because you're trying to juggle between what you're trying to teach, and making things confusing. I appreciate the feed back.
I remember watching you way back for a PC building tutorial, and really enjoyed your ranting videos afterward. Very cool to see you went onto full teaching videos, as I'm 13 min in and have to stop myself from zoning in for the next 2 hours because I do have work. My personal journey, against your advice, I did the coding bootcamp route. For me it was just to get started. But it truly is the countless hours spent self learning and working on personal projects that made me a confident programmer. Still a long way to go, but at least I'm at a point I can accurately pick from your catalog based on my own interests. Cheers
love to see your contents, I can't believe I didn't know about this channel for so long, I learned more about TCP/IP from your video than what I learned back in university. Thank you so much for your hardwork.
Thank you so much for all the quality content you make available for free. It makes a world of difference for people who can't afford it for whatever reason. Have you ever considered giving a class on configuring a VPS and deploying your own web apps?
.5:12....also I saw you wrote .. cacheing instead of caching in your last video on TCP... it was a little confusing.. must have been a typo.. 😆.. all good 👍
I should point out since nobody else has… injecting user input from a url directly into a shell command that your server will blindly execute is literally handing your server over to them to do whatever they like with the same privileges as the user under which the service is running. In short if you write and run any of these services as seen here, any user able to access that web page has control of your server. You’ve been warned.
you're correct. putting a ; in allows you to run additional commands.
If you do the project try this in the address bar -- 127.0.0.1:8080/fox.com; touch IGotHacked,google.com
It'll ping fox.com, and then run the touch command, before continuing on to ping google.com.
I should have said something about this during the session. Creating class material is difficult because you're trying to juggle between what you're trying to teach, and making things confusing.
I appreciate the feed back.
I remember watching you way back for a PC building tutorial, and really enjoyed your ranting videos afterward. Very cool to see you went onto full teaching videos, as I'm 13 min in and have to stop myself from zoning in for the next 2 hours because I do have work.
My personal journey, against your advice, I did the coding bootcamp route. For me it was just to get started. But it truly is the countless hours spent self learning and working on personal projects that made me a confident programmer. Still a long way to go, but at least I'm at a point I can accurately pick from your catalog based on my own interests.
Cheers
love to see your contents, I can't believe I didn't know about this channel for so long, I learned more about TCP/IP from your video than what I learned back in university. Thank you so much for your hardwork.
Thank you for sharing your knowledge. You clearly care deeply about the community
Thank you so much for all the quality content you make available for free. It makes a world of difference for people who can't afford it for whatever reason.
Have you ever considered giving a class on configuring a VPS and deploying your own web apps?
Eli u are the man. I been watching ur videos and i love just listening to u ramble. You are awesome brother thank u for sharing the knowledge
I don't think no ones's falling asleep on this guy's class
It should be called assisted intelligence or augmented int. and used as such. Idk u can say I'm wrong, but to me it is brilliant way of looking at it.
And of course if you have $1k + you can call it apple intelligence
@@jamessullenriot 🤢
That's a really nice touch screen you got there! 😀
Thanks Eli. This lesson was really informative.👍😄
Thanks for another wonderful video!
You the man, Eli! We appreciate you!!
Hey Mr. Eli. Is your A Plus playlist for the latest tests and certifications? Thanks
Love your content and attitude. Will you ever cover Docker and Kubernetes? Love to see your take on those sir.
.5:12....also I saw you wrote
.. cacheing instead of caching in your last video on TCP... it was a little confusing.. must have been a typo.. 😆.. all good 👍
Keep it up bro
Thanks.
Oh, shoot me dead. I missed the live class, messed up the time conversion.
I remember using Bottle micro framework few years ago. Anyone knows how is this project doing?
Sir please give answer
Sir my college is teaching c language is this language good for competitive programming or should i shift to c++.
🎉🎉🎉Tks sr.
Chatgpt is not an AI? Why bro
dilf