AmazingCryptoWAF -

Поделиться
HTML-код
  • Опубликовано: 22 дек 2024

Комментарии • 18

  • @BugBountyReportsExplained
    @BugBountyReportsExplained  3 года назад +4

    Welcome to the comment section! I hope you enjoyed the video. If you did, make sure to like it 👍 and subscribe to the channel: ruclips.net/user/BugBountyReportsExplained

  • @kh0kh0
    @kh0kh0 3 года назад +8

    Great explanation!! You could combine binary search and Limit

    • @kh0kh0
      @kh0kh0 3 года назад

      But it would overcomplicate solution even more.

    • @kh0kh0
      @kh0kh0 3 года назад

      Oh i think I am wrong. I believe you can't get better solution that yours because binary search would still need 6 queries to extract 7 letters so it's just a 7/6 times speedup.

    • @BugBountyReportsExplained
      @BugBountyReportsExplained  3 года назад +3

      Nice! I think it would be an improvement. In the worst complexity not but if we take 3 tests per character as an average , it gives us 200*3 = 600 tests but we can do 7 tests in 1 request so 600/7 ~= 86 requests compared to my 200.
      It is also possible to limit the number of requests prior the attack. 64 notes is enough as base64 charset only uses 64 characters. But I'd have to add more logic to the SQL query because those are not siblings in the ascii table.
      There might also be a possibility to extract more data using OFFSET clause.

  • @georgehammond867
    @georgehammond867 3 года назад

    Well done dude, was not easy challenge.

  • @saketsrv9068
    @saketsrv9068 3 года назад +2

    You are such a genuis guy...

  • @cyberbytes6653
    @cyberbytes6653 3 года назад

    Really interesting. Great work.

  • @rafajanicki2456
    @rafajanicki2456 3 года назад +1

    Awesome video :)
    No doubt you have some really l33t skills :D

  • @chaysx177
    @chaysx177 3 года назад

    amazing, well done!

  • @danielgrunberger2621
    @danielgrunberger2621 3 года назад +1

    So you point his video and he point yours. lol. cool video bro :)

  • @twobob
    @twobob 3 года назад

    good effort.