SQL Injection $1000 Bounty | Bug bounty POC
HTML-код
- Опубликовано: 11 сен 2024
- SQL Injection $500 Bounty | Bug bounty POC
Disclaimer: This video is for strictly educational and informational purpose only. I own all equipment used for this demonstration. Hacking without permission is illegal so always ensure you have proper authorization before using security tools in any network environment. thanks.
twitter = x.com/Cyberboy...
support me = buymeacoffee.c...
Telegram = t.me/the_cyber...
Song credits
Song: Dark Beach
Artist: Pastel Ghost
Bro this is setup like a youtube video from 2008 using notepad to type lool
ok
@@the_cyb3rb0y not in a bad way though
thats what make this video so good
old style>>>>>
I'm beginner to bug hunting and your video is very helpful to me.plz guide beginners like us.keep going brother 🔥🔥
Whats bug bounty?
@@itsstillfunny109 You search for a Bug in a Program or Website and if you found one you can report it and can get money from the company
@@itsstillfunny109 A bug bounty program is a deal offered by many websites, organizations, and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities
search on google or youtube
@@the_cyb3rb0y hey may u do a video installing all the tools needed for sql and bug bounty, Thank you.
Thanks for sharing your finding and methodology!! great videos, wish you much more findings to you!
Thanks so much!
Your 4 minutes of poc is equal to tons of udemy RUclips Twitter Facebook Telegram website hacking penetration exploitation bug hunting courses. Please don't stop. Use GTA theme songs 🎵. If possible, share step by step commands in description section for better understanding and POC reporting. Thanks 😘😍👍❤️🤝
ok done
@the_cyb3rb0y B0$$ U R Gr8.
Hope to learn about advanced website hacking penetration exploitation bug hunting techniques from your channel soon. 👌✨️💎♥️💯💸💵💲💉✅️
FR
@@No0001 what FR ?
@@the_cyb3rb0y thats ur video is equal tons of Udemy courses
Nice bro , your explanation is so good I understand perfectly , keep it up.🎉
Glad to hear that
i'm a beginner in cybersecurity and i've seen so many videos but none of them actually do hands on work like you !!! this is amazing i will try it myself soon
Keep watching and join my telegram l was shared books and videos
best channel In 2024 !!>>
Clean job and clean video , ure great !!! subscribed and liked the video
watch all videos, share and join telegram i was uploaded all materials
bro you dropped this 👑 thank you for this videos keep it up
You just gained another sub for such good content! Keep it Up!
Thanks, will do!
thanks so much Kira Ashish for making the video
i love it, thanks for making this content
Sqlmap -u link --current-db it is showing unable to retrieve the number of database s and sometimes connection timed out . Help please
This bug may be solved so devloper can improve protection so don't try
@@the_cyb3rb0y any way bro?
How is he using a linux console on windows?
ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=-ErTXq634p1ZF3MU
@@the_cyb3rb0y thx!
Where is proof of pay $1000?
Hey bro, good find! I have a question: for example, is this domain has a bug bounty program ? or if you find a vulnerability, do you report it to them even if they don't have an active bug bounty program? And is there a risk in testing without the target running a bug bounty program?
yes risk but you can find bug with send report so it is not risky
you should probably stick to bug bounty programs like hackerone. if you just start a bouny hunt session on a website without asking for permissions first to have some established boundraies on what you can and cannot attack, you might be risking yourself.
Stay safe and stick to ethical bug bounty programs ;)
best channel In 2024 !!>>
Thank you
A Great and simple video thx
well the database is fixed but it was very informative the video. I learned a lot with almost 4 minutes.
Excellent!
Glad you liked it!
please more bro you are a GOD ! and please if you can make some videos for begginers :)
ok
I really love your video, is there any class?
no i am individual
great video! 👍
excellent video bro :) 🎉
This is a good video, but surely this is just the hash of the admins password, we can't actually use this to log in if we found an admin page. Great content though 🤙🤙
Forgive me for making this premise, I do not want to judge anyone, but I have my own opinion on this content and I think it is risky because it is one thing to do it by emulation and another to do it with a website. It is my opinion and I respect your content ☺️
thank you
SQL MAP AND THX VERY MUCH FOR THE TUTORIAL BRO LOVE U
Enjoy
@@the_cyb3rb0y i cant do i use terminal for do it?
bro I remember u c3 or c7 something like that. iykyk
great video man super helpful
Great channel go ahead bro
It was a video test, right? How is it possible that a flaw in a simple sqli was still unsolved
everything possible
@@the_cyb3rb0y I don't know whether to tell you good or lucky but I think both
Thanks mate👏
Keep going❤
Sqlmap kullanınca hacker olmuşumdur;
Ubuntu 🤝😇
Bro I'm really impressed 👏🏻
Thank you so much 😀
Wow, I have just followed u for amazing work, keep it up
Thanks man for sharing your knowledg
Subscribing ❤
#Need full video
Carry on bro , we are alwys with you .
thank you bro
Legend than coffin ⚰️
Bro coffin is overvauled
that was absolutely clear and well explained, but what is the name of the terminal that u r typing the codes in? like where should we type these codes?
terminal with WSL ubantu
can you explain to me what all this is and how i can get started?
this is web pentesting and you start with books and youtube. i was alredy give all book in my telegram
@@the_cyb3rb0y what program are you using to run all these commands? + is it free
You can also show us to break that hash .
Hash is salted or not. I think it is ?
By the way good video .
watch ruclips.net/video/qvphuw-zZ2A/видео.htmlsi=wpPEuwn8BJG2qhFB
hello bro make you make a video on parameters finding
watch my approach target video
@@the_cyb3rb0y where are you from
How do you know that password is the original and not an MD5 used when the data is committed to the table?
you can crack and check
What tools you using and the sql’s maps commands ? What is the package and could it work on Debian Linux ?
yes
tool = sqlmap
github link = github.com/sqlmapproject/sqlmap
@@the_cyb3rb0y TYSM!
Hello, I would like to get started with the bug bounty but is it that hard and does it take an incredible level to earn 1200 to 1500 dollars per month quadn we have an average level spending 4 to 6 hours a day?
yes
thanks you, brother :)
I''m suscribe
Thanks for the sub!
What shell program is that? The kira@ashish and cool Spider-Man logo and stuff
it is WSL ubuntu in Terminal watch this ruclips.net/video/wjbbl0TTMeo/видео.html and ruclips.net/video/1ibkFHWfS90/видео.html
Perfect🎉
nice
Hey, what software do you use to have that Terminal in windows ?
Start WSL and download Ubuntu or kali linux in Microsoft store
@@the_cyb3rb0y Oh okay thanks so much !
Is the website designed and built for hacking because just wondering or is it an actual company?
I don't know but lot of this type live website vulnerable
This normal sqlmap lol
😊🎉
bro one question
how do you stay anonymous doing this, I know you're doing bug bounty but I mean out of personal curiosity, all you need is a VPN and a VM?
vpn with tor,proxy and use in vmware
@@the_cyb3rb0y could you please do a video about this
@@kolawoleoyedokun7250 ok
whats your software / console ? thank you !
it is WSL with ubuntu in terminal
watch this ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=GdK8pI_jNMNEnW1F
if it has https does that secure it from this method
no https is help for securliy transfer data from user to server = mean third person can't read data and this is sql injection = we can read database data widhout permission
if you like so subscribe and promot my channel plz
Just a tip that i think would help you grow on RUclips. Use AI generated voice to guide through the video.
Thanks for the tip
@@the_cyb3rb0y no bro notepad on top
@@the_cyb3rb0y don't XDD this song slaps and fits the video. AI generated voice is fucking cancer unless you get your own model.
@@666222333111 you like my notepad style
i do
How do I log in to the website? I'm a newcomer😢😢
crack hash and go admin login page and login but this video only education persion so don't try
@@the_cyb3rb0y thanks you
❤❤
@@the_cyb3rb0y How to access admin login page, admin🤦♂🤦♂
@@the_cyb3rb0y thanks you
What program did you use to type that in?
Hackerone
Nice hacking tutorial
Good job thanks I install the video
Enjoy it
what is this guy doing what this even mean can someone explain to me?
I'm not much into it, but from what I understand you got the nickname and password to the site database and a lot of other stuff. But they won't do anything to you for that? In addition to hacking, you put it on RUclips. I'm not from the US, I'm from Russia, that's why I'm asking. I'm just wondering if this kind of thing is punishable in your country.
hash password*
you try and this video only education
i tried this your method but my sqlmap didn't show me --current-db.. How to figure this out??
Thanks in advance
delete sqlmap [sudo apt remove sqlmap]
and
reinstall sqlmap [sudo apt install sqlmap]
after chacke sqlmap --help
@@the_cyb3rb0y I tried it but its not working
@@the_cyb3rb0y still not working
You used cmd + ssh shell ( with kali linux )....?
no i am use wsl ubantu in terminal and watch this ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=iqDkUjJj9MpEZFS8
Love you bro keep uploading
Thanks! Will do!
how did you install lunix terminal on windows?
start WSL
download terminal and ubuntu in microsoft store
watch this ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=d2-JsIKp3xav-5Iq
' OR 1=1'
Ty for video, take it 🥇🥇:)
Please tell me where you reported the error and how do you know that the site has a bug bounty program? I would like to try it too.
try google dorking or check open bugbounty program.
@@the_cyb3rb0y ok, and will they pay you for any websites on the 'open bug bounty'? or how does it work? I'm interested in this
@@the_cyb3rb0y On the 'open Bug bounty' website, they will reward you even for websites that do not have a Bug bounty program, but you report vulnerabilities and they can pay you, or how does it work?
@@the_cyb3rb0y and did they pay you for this site, what you have in the video?
how does it work on the 'open bug bounty' website?
can you report vulnerabilities there from any website you find?
may be pay or not but some time give reward
What VM do you use?
this is WSL with ubuntu
Public program or platform like h1/bugcrowd?
public
Are all sites that have vulnerabilities exploited?
yes but first send report after use
@@the_cyb3rb0y Yes, of course. Yesterday, I checked the site and found an FTP vulnerability, and when I typed the password Anonymous and UserName Anonymous, it did not work.
tutorial on the miles background?
download image = www.uhdpaper.com/2023/04/miles-morales-spider-man-4k-7590i.html?m=0
and
watch this = ruclips.net/video/1ibkFHWfS90/видео.htmlsi=CpP6sNfe0Hfp0eHN
Brother how to choose domain like random or private and public bug bounty program. Could you share us.
if you biggener first choose public program with google or www.openbugbounty.org/
@@the_cyb3rb0y thanks brother
how do i get the wayback? can you tell me where i can install that? it would be very useful thanks
watch this ruclips.net/video/4VF0R_p0Cm4/видео.htmlsi=NmZ1O8XwDBBXm93g
@@the_cyb3rb0y how can i get it on windows like u?
How did you put a wallpaper in a terminal?
ruclips.net/video/1ibkFHWfS90/видео.htmlsi=MnFgZzCrGMs9suOK
@@the_cyb3rb0y thx you
Please tell me those aren’t pirated TCM courses.
no
can you share the waybackurls txt file ? could not find it anywhere
it is not txt file it is tool github.com/tomnomnom/waybackurls
@@the_cyb3rb0y I am using Cmd , what should be my command to execute the tool?
thx nice treck
Enjoy
where can i learn more brother
join my telegram i was give all books and videos also you can learn with youtube like me,the cyber mentor,nahamsec,insiderPhd,etc..
@@the_cyb3rb0y will do bro thanks
Yo how did u get Spider-Man in ur terminal
Search in youtube = how to set background in windows terminal
im trying to inject and console os saying URL IS not stable and paramter cat Cant bê injectable, what can i do. The site IS protected?
how you get linux command propmt on windows?
ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=nMmQXhxrODFJiF2Y
@@the_cyb3rb0y thank u but i have another question how u add miles morales to terminal?
@@Pisunlay ruclips.net/video/1ibkFHWfS90/видео.htmlsi=tHPCZF0jRfRRaTI0
can we use tools like sql
map
yes
Hi sir i want to ask u i have defaced many website and got acces to everything in their server even log and password of wordpress admin, i want to ask u how to contact their owner to fix their vuln and get payed out for it, and is it safe for me to do that ? Any advice will help thanks
yes safe but first create report and email owner.
awesome work
@@the_cyb3rb0y okay thanks man
bro how did you run linux in cmd promt
start WSL
download terminal and ubbuntu in microsoft store
watch this ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=XBHSu0ymzg4fcP2z
bcrypt type of that password hard to decrypt any ideas !? i was getting alot of databases with such encryption
Very tough to crack from the encrypted key end - unless a vuln has been discovered in that encryption type, any decent programmer would point the code to use the latest encryption methods, plenty of idiots that point directly to an encryption type which is static and ultimately has flaws discovered. Encryption is a big beast! - Good luck with your adventures Hamza :)
@@johnsonkeast9277 thank you so much john for those informations 🙌
Can you post the code that was used 😊
github.com/sqlmapproject/sqlmap
lammer
It took you how much days to find broo? I'm still struggling to find my first valid bug 😢
Thanks for the encouragement! I'm sure you'll find that bug soon.
How much days did it take?
Thanks broo
i am not count so i don't know
Anyways, you are the great motivation for me. Can you create a video on how we can bypass different types of XSS payload filters and also teach your methodology for finding bugs?
how you got line the linux in the cmd tab?
start wsl after download terminal and ubantu or kali limux watch this = ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=FtMH3lRHIbW6vL51
@@the_cyb3rb0y
thanks so much,
and how you installed waybackurls?
ruclips.net/video/4VF0R_p0Cm4/видео.htmlsi=C4am-fwEHIb3kFmX
How the custom terminal if I may ask
ruclips.net/video/1RMCh75Ej84/видео.htmlsi=BnGDtkAnXanZ4pR5
can u tell me how u can use linux cmd in windows?
i use wsl watch this ruclips.net/video/wjbbl0TTMeo/видео.htmlsi=j113PVdMJ-XMuIaM
i have no idea what i just watched, im new
this is sql injection = using this you can read database passwords and other data
and that password should be encripted also
hm
what is the app for sqlmap
it is automate sql injection tool
Is this site some kind of demo site or something? Seems to be full of issues......
no this site are Live and more site like this avalible on google
what Os is that?
windows with wsl ubuntu
how to learn kali linux tools?
just practice practice and practice also read this book kea.nu/files/textbooks/humblesec/linuxbasicsforhackers.pdf
@@the_cyb3rb0y thanks a lot👍🏻