Just wanted to say I'm new in the I.T. industry, read A+ and studying for my Network + cert while pursuing cyber security and watching these videos and having you explain things is really helpful for me despite how basic some of these are. Just wanted to say I appreciate the content this way.
The reason it didn't work in the browser/curl was because you were using && instead of ; && runs the second command only if the first command ran successfully ; runs the second command regardless of the first command And since the first command is `date ''` which returns an error, the second command never ran!
?format='; whoami # still fails in the browser. The command would run `date +''`, which doesn't error, and returns an error code of 0 indicating it succeeded. It just has an empty string for a format string :)
@@_JohnHammond I believe the reason it does not work in browser is because # is never sent to the server as it is the "fragment identifier". However, URL encoding it to %23 might have worked IMO :) Thank you for great video as always!
Really enjoyed the time you took to explain this one. it's pretty straight forward, but this format would be great for beginners. love your work
this makes me want to try some of these myself
Yeah same, the problem is that Ive never done anything like that lol
Just wanted to say I'm new in the I.T. industry, read A+ and studying for my Network + cert while pursuing cyber security and watching these videos and having you explain things is really helpful for me despite how basic some of these are. Just wanted to say I appreciate the content this way.
Followed you up since start of the year and quality has evolved in the meantime. Keep It up📼
I like the tune after the video ending
This little breadcrumbs are so essential, thanks for sharing 👌👍
yay john is going back to his roots
absolutely love your videos John
Love your content John....learn more and more.....greeting from indonesia
I love your work John! ❤️
I learned a lot from this ctf.
Love the CTF videos! Keep that up man!
Awesome content, getting to learn some new stuff :)
Can you please tell us why it didn't work with curl or browser? And why it's working only python?
brilliant
The reason it didn't work in the browser/curl was because you were using && instead of ;
&& runs the second command only if the first command ran successfully
; runs the second command regardless of the first command
And since the first command is `date ''` which returns an error, the second command never ran!
?format='; whoami # still fails in the browser.
The command would run `date +''`, which doesn't error, and returns an error code of 0 indicating it succeeded. It just has an empty string for a format string :)
@@_JohnHammond I believe the reason it does not work in browser is because # is never sent to the server as it is the "fragment identifier". However, URL encoding it to %23 might have worked IMO :)
Thank you for great video as always!
Really helpful thank you
love your videos man
What happened to the dark web series?
Great video's mate.
Yayyyyy ctfs!!!!!!
Love ur vids
u are awsome
That was good
I am first command. Holy YES!
Me first to reply you and second to comment 😏
Me second to replay and third comment
@@nizarel-marzouki9076 me third to reply and 4th to comment :)
5th. baby!!!
You may be first to command but not to comment
Sir ... if possible ... please release a video on Pegasus spyware ...
to the 8 people who disliked, Why?
Htb ca 2024 had same challenge again this year lol
hey how did u crack the password? that time it was unprotected but now password is required. actually I am new here
Update your chrome
Nice try!
2nd comment because replies to comments don’t count.
3rd Comment Muahahaaaa
7th