Other videos only shows the answer portion and exclude the hands-on or vice-versa, But you do both with great explanations and I love how you give us extra details not mentioned in the walkthrough pdf!
so by adding a single quote at the end of the username we are closing off the string on the backend SQL query that the developers wrote. The # sign is used to comment out the rest of the SQL query, so the back query then only needs to match a user in the database that has the username as admin instead of also needing the admin's password.
Other videos only shows the answer portion and exclude the hands-on or vice-versa, But you do both with great explanations and I love how you give us extra details not mentioned in the walkthrough pdf!
Your channel should have way more subscribers! Informative and explained with patience. Just love it! Keep up the great work
Thank you so much! :)
Your reaction to getting the test part was cool. Thanks for the video , I learned a lot.
Thank you so much for taking your time and helping us . These videos really helped me when I dont understand some of the answers from the tasks.
I'm really glad it was helpful!
Awesome walkthrough, hope to see more of your videos in the future aswell!
Thanks for the explanation, i always watch your walkthroughs before starting the challenge
i just start to play htb, and your channel really help me a lot, thx
Did a Nessus scan on the site and in a Nessus report there was a
Congratulations!Your flag is:
with the correct flag number.
It felt so dumb.
Hahaha that works 😂 Just make sure you know the process of actually working through the box because it’ll definitely help in the long run 👍🏻
@@FindingUrPasswd Yeah. I did it the right way, but I always read the info in Nessus and that was some output I did not expect to see XD
@@valentinrafael9201 that’s actually so funny that Nessus found that though 😂
Do a walk-through on how to set up and connect
I can definitely do that! I’ll try to have a video up on that sometime this week
Great Job bro I love your video.
You saved me from Indian accent RUclipsr xD
Can you explain using the ' and # after admin? I got a little confused with your wording for what those two do.
Thank you Jake
Absolutely! Glad you found this helpful!
Nice simple but informative. I probably would’ve been over thinking and try brute forcing and sql injection tactics that are more complex
Thank You for your work
a nice and informative video, keep going
Thank you so much
Oustanding walktrough! Thanks
Glad it helped!
dude you are awsome! thx
Thanks bro.
No matter what flags I use with nmap the version ((Debian)) does not output.. is there something I'm missing here? Thanks,
thx man
No problem!!
Broooo you really mack a reply 🔥🔥✨🙏 thank you
❤❤❤❤❤❤
Why does it accept that as a username? And why does it accept a password that is not the password? COnfused
so by adding a single quote at the end of the username we are closing off the string on the backend SQL query that the developers wrote. The # sign is used to comment out the rest of the SQL query, so the back query then only needs to match a user in the database that has the username as admin instead of also needing the admin's password.
Great
thanks
Admin'# not work for me pls help
type any thing on password it will work
:P