Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
I thought I was afraid of spiders, long lines at Disney and Jury Duty. I was wrong, I'm afraid of Burp Community Edition. Python script is life saver, thank you!
Awesome video, in case anyone has issues dealing with SSL Version Error, I switch off the proxy during the request, like this: r = requests.get(url, cookies=cookies, verify=False), after that I got the password, in my system (intel i3, no gpu) It tooks 13 minutes. Thanks a lot Rana
In my case was getting a dozen error from a bunch of different files other than my file. Ran out of options to debug. Removing the proxies=proxies did it. Thanks for sharing this hint.
very quality video thanks a lot. for those who want to optimise the python script, you can compare to ascii the index of password in database with your enumeration, (compare with ">") you will have less iteration, 30second nedded to find the password. if you want more you can use multithreading, with 16 threads it's take approximately 2 second
Great content! Just purchased your course. Thank you for all the amazing effort and work. I am a bootcamp student and this is bringing up my skills greatly.
Excellent video! I really enjoyed the scripting portion. I just ended up running multiple cluster bomb attacks and stopping when the requests got throttled. Then I’d shorten the brute force character list by removing the letters that had already been tried. 🤣
Great Video. Thank you. I found using proxies with Py Requests quite temperamental and had to do without it? I was getting some cert error, which ended up timing out the request. Has anyone else had trouble with that? How did you get around it?
You are phenomenal, thanks for the scripting part really cleared a lot for since I always rely on my professional burp suite which can result in an IP block a lot of times :)
Love your content. What i am struggling is the script you have written in python, can you explain a little bit more or if you can create a separate video on how to write the scripts. I think bit more knowledge in python for the script is required to write it like the way you did on the fly.
I'm sorry if this is a silly question, but I've been following along with your videos, and I'm using VS code to take notes and write out the scripts...but I was wondering if you could explain how to use the terminal portion, please? Thank you so much!
Really, thank you so much for all your tuto, i've been stuck with this lab, i knew that i had to automate it but didn't know how. Could you tell us a python course when we could learn the basic of automation for bug bounty without being a complete course on python if we already have a good level in coding (just what is the most common used library).
Dear Rana Khalil, I am a Fan of You. But I had a doubt. From the SQLi query we give *** select tracking-id from tracking-table where trackingId = '37129ehsajkdn' *** In the case it is a TRUE statement. Then Why should we give another TRUE statement with this query? (Eg: AND 1=1). Statement 1 is already a TRUE statement (Tracking ID = ), then why should we use statement 2 (AND 1=1) ? Hope you'll let me know.... Thanks in advance
Mam can you make a complete vedio of website vulnerability assessment how as a pen tester you approach a website and how to find different bugs in different field,
AOA Sister! Thank you for another great video just want to ask about after a lot of practicing through your web application security videos are we able to participate in hacker one and other platforms for bug bounty programs?
thank you for your awesome playlist, i can do the following with python instead of ascii table, alpha = list(string.ascii_letters+ string.punctuation + string.digits) for i in alpha: ...{}..'{}'.format(number, character)..etc
6:30 I did not understand one thing. when we enter the site the site gives us an tracking id then adds it to db then it checks if there are any tracking id same with this in database. why it is not always true? don't you have to add database if you get tracking id. this is the problem only for this lab(this predicted code). because there is no login or register. Could you please help me?
Did anyone else not have the 'Welcome Back' message display for them? The message displayed initially. But, I needed to restart my computer, and now it doesn't show up at all.
Hi, Was using the python script to run the attack as I didn't have Burp Professional. But when I was importing requests I got an error saying that it could not recognize the module named requests. Using the VS Code Editor. Kindly help. Thanks
So I was running the python script and it seemed to be working (I was getting the 'processing password...' text and seeing the alpha_numeric characters cycle through. However, it would just go on indefinitely. Finally I noticed that I wasn't getting new entries in my burp's http history. Anyone have any idea what was wrong with my script? Only thing I did differently was remove the https value from my 'proxies' variable. For some reason it was giving me an error asking for host name etc (running on Linux if that means anything)
i could not solved it , i have community addition burp , it was so slow , and im not good at python it looks scary ( watched your full video rana ) help please to solve this lap (* and im new into cybersecurity)
When I follow along with this lab I run into an issue when using intruder. I am not receiving a change in the length field, they all remain the same value. Could someone point out why this would be happening? I am using the following: ’ and (select username from username='administrator' and LENGTH(password)>1)='administrator'--'
Thanks for you such informative video. I tried it multiple time but having issue "Syntx Error" : Invalid Syntex - If could be assisted in fixing sqli_payload = "' and (select ascii(substring(password,%s,1)) from users where username='administrator')='%s'--" % (i,j) sqli_payload_encoded = urllib.parse.quote(sqli_payload) cookie ={'TrackingId': 'Cookie_ID' + sqli_payload_encoded, 'session': 'session_ID' }
![Quando Rondo - Grow Up [Official Music Video]](http://i.ytimg.com/vi/8zFnCg3BO4Q/mqdefault.jpg)
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
I've been doing one course after the other, no one explains explains things like you do. Fantastic job! Thank you.
I thought I was afraid of spiders, long lines at Disney and Jury Duty.
I was wrong, I'm afraid of Burp Community Edition.
Python script is life saver, thank you!
You're an amazing teacher! Can't believe this content is free. Thank you for your efforts 🙏
thanks for all your effort its really rare to find such a good content in the security field keep going
Awesome video, in case anyone has issues dealing with SSL Version Error, I switch off the proxy during the request, like this: r = requests.get(url, cookies=cookies, verify=False), after that I got the password, in my system (intel i3, no gpu) It tooks 13 minutes. Thanks a lot Rana
In my case was getting a dozen error from a bunch of different files other than my file. Ran out of options to debug. Removing the proxies=proxies did it. Thanks for sharing this hint.
Thanks for the tip, I had the same issue before seeing your message.
Thank you for this, I was getting the same error until I came across your comment and it solved it
Thank you so much for this comment!
100% the best online series that I've ever seen. Well-paced, well explained. Just outstanding. Thank you!
WOW, BEST TEACHER EVER KEEPS GOING TEACH US TO KEEP THE WORLD CLEAN AND SECURE! ,
Just passing by to say Thank you, Teacher,
I m learning a lot with you.
Greetings from Brazil.
Was just searching for this one and here it is! Eager to watch this :)
+1
My bruteforcer script is running right now and I can't wait! 😂
Ma Sha Allah! thanks again for this useful and instructive work
very quality video thanks a lot. for those who want to optimise the python script, you can compare to ascii the index of password in database with your enumeration, (compare with ">") you will have less iteration, 30second nedded to find the password. if you want more you can use multithreading, with 16 threads it's take approximately 2 second
Thank You Teacher. Explanation to each statement is brilliant👏
like always your introducing was great my best teacher!!!
Great content! Just purchased your course. Thank you for all the amazing effort and work. I am a bootcamp student and this is bringing up my skills greatly.
This is awsooome omg i have no words😃
You very much earned my subscription. Thank you for the explanations.
what an effort and so very well explained.. ! thank you so much!!
Excellent video!
I really enjoyed the scripting portion.
I just ended up running multiple cluster bomb attacks and stopping when the requests got throttled. Then I’d shorten the brute force character list by removing the letters that had already been tried. 🤣
You are wonderful at what you do, kudos for all you do
ahh this is the best one yet! great stuff, keep up the hard work
thanks a lot mam this means a lot for me as a student i appreciate ur work a lot.
Thanks a lot ma'am, the way as you explain every points is just awesome🤗😊
Great Content ! Kudos @Rana Khalil
THANK YOU for this vid, and thx for scripting it too, ive been trying to figure that out.
Great Video. Thank you. I found using proxies with Py Requests quite temperamental and had to do without it? I was getting some cert error, which ended up timing out the request. Has anyone else had trouble with that? How did you get around it?
l realy like the way you code good for, i hope i well lern more from you keep on
You are phenomenal, thanks for the scripting part really cleared a lot for since I always rely on my professional burp suite which can result in an IP block a lot of times :)
You are Best Rana
Love your content. What i am struggling is the script you have written in python, can you explain a little bit more or if you can create a separate video on how to write the scripts. I think bit more knowledge in python for the script is required to write it like the way you did on the fly.
great explanation. Please make a video on other vulnerabilities also.
Thanks, Our Best Teacher :)
Thanks for Great Content
ty rana best teacher ❤️
The video is informative, thank you very much.
Thank again. I love it a lot.
I'm sorry if this is a silly question, but I've been following along with your videos, and I'm using VS code to take notes and write out the scripts...but I was wondering if you could explain how to use the terminal portion, please? Thank you so much!
Yay new tutorial!
after running script i am getting error in import requests line it is saying that 'no module named "requests" ' what should i do?
from where you have learned writing the script for finding the password ? please can you make a tutotial on this hwo to write a script
Really, thank you so much for all your tuto, i've been stuck with this lab, i knew that i had to automate it but didn't know how. Could you tell us a python course when we could learn the basic of automation for bug bounty without being a complete course on python if we already have a good level in coding (just what is the most common used library).
Dear Rana Khalil,
I am a Fan of You. But I had a doubt. From the SQLi query we give *** select tracking-id from tracking-table where trackingId = '37129ehsajkdn' *** In the case it is a TRUE statement. Then Why should we give another TRUE statement with this query? (Eg: AND 1=1).
Statement 1 is already a TRUE statement (Tracking ID = ), then why should we use statement 2 (AND 1=1) ?
Hope you'll let me know.... Thanks in advance
She was show casing that the value of the TrackingId impacts the SQL query on the backend
Mam can you make a complete vedio of website vulnerability assessment how as a pen tester you approach a website and how to find different bugs in different field,
U r really great in explaining things
AOA Sister!
Thank you for another great video just want to ask about after a lot of practicing through your web application security videos are we able to participate in hacker one and other platforms for bug bounty programs?
How can i learn writing python scripts like these ? I know pyhton basics.
thank you for your awesome playlist, i can do the following with python instead of ascii table,
alpha = list(string.ascii_letters+ string.punctuation + string.digits)
for i in alpha:
...{}..'{}'.format(number, character)..etc
6:30 I did not understand one thing. when we enter the site the site gives us an tracking id then adds it to db
then it checks if there are any tracking id same with this in database. why it is not always true? don't you have to add database if you get tracking id.
this is the problem only for this lab(this predicted code). because there is no login or register. Could you please help me?
great work and really helping a lot , are you going to do all portswiger labs ??
ya, i was about to ask. The Best Solution Content in Portswigger. It not only helps us solve, but also help us learn. Kudos
I'm struggling with this... are we supposed to run Burp while we run the script? because I don't have VS code in my VirtualBox
Thank you, Rana. You are a lifesaver :D I really want to take my python game to next level. Kindly suggest to me some good resources.
Did anyone else not have the 'Welcome Back' message display for them? The message displayed initially. But, I needed to restart my computer, and now it doesn't show up at all.
Hi, Was using the python script to run the attack as I didn't have Burp Professional. But when I was importing requests I got an error saying that it could not recognize the module named requests. Using the VS Code Editor. Kindly help. Thanks
But how can i get table name in real world in this case, i mean blind SQL?
It is better to use binary search
I was just tryin' to solve it, i couldn't!
mee too i tried all the methods like request requests-html seleium but none of those fetched me result with welcome back i dont know why!
Hopefully you'll be able to solve it after watching the video ;)
@@knightknight3026 there is no "Welcome back!" In this lab, I think you watched the video so no need to explain, am sure Rana did a great job!
@@knightknight3026 if you want to see welcome back, go to option, look for Grep match, clear anything you see there and add welcome back.
Thanks alottt....
tq so much
Awesome
why this scrip is not workin on my windows 10 but i can run it on my ubuntu?
So I was running the python script and it seemed to be working (I was getting the 'processing password...' text and seeing the alpha_numeric characters cycle through. However, it would just go on indefinitely. Finally I noticed that I wasn't getting new entries in my burp's http history. Anyone have any idea what was wrong with my script? Only thing I did differently was remove the https value from my 'proxies' variable. For some reason it was giving me an error asking for host name etc (running on Linux if that means anything)
I'm having the same issue now, did you resolve the issue. could you please help me
i could not solved it , i have community addition burp , it was so slow , and im not good at python it looks scary ( watched your full video rana ) help please to solve this lap (* and im new into cybersecurity)
When I follow along with this lab I run into an issue when using intruder. I am not receiving a change in the length field, they all remain the same value. Could someone point out why this would be happening? I am using the following: ’ and (select username from username='administrator' and
LENGTH(password)>1)='administrator'--'
... FROM users WHERE ..
you could try cookie' OR 1=0-- this will evaluate to true
Oh my. This script 😍
you can please send me the full script please and thanks
you can please send me the full script please and thanks
Please be my mentor......guide me through to my journey in becoming a web pen tester..... please!!!!
it shows me index out of range at url = sys.argv[1] help me
Thanks for you such informative video. I tried it multiple time but having issue "Syntx Error" : Invalid Syntex - If could be assisted in fixing
sqli_payload = "' and (select ascii(substring(password,%s,1)) from users where username='administrator')='%s'--" % (i,j) sqli_payload_encoded = urllib.parse.quote(sqli_payload)
cookie ={'TrackingId': 'Cookie_ID' + sqli_payload_encoded, 'session': 'session_ID' }
cookie(s) TrackingID