Just a heads-up: at 19:40, when you wanted to only POST to the first URL and then follow the redirect without POST, you could have just dropped the "-X POST", since "-d" already implies POST, and curl would have followed to the redirected URL with GET.
The b/1337 is just a reference to a bug ID. At Google they use an internal bug tracking tool called buganizer, and short links are in the form of b/bug-id. Usually you see this in the code: TODO(b/5746327): fix foo
I think I need to start reading more writeups. I've always tried to do a CTF and if I can't get it after trying for some time I guess I usually walk away and I end up not actually learning from the CTF which is the point. Great video man!
I really enjoyed seeing the thought process. This was one I was super close to solving, but I'm a noob at XSS. I didn't know any cool tricks like shown in the vid. Keep up the great content!
That was actually super awesome. Thanks heaps my bro. love your honesty. that was not an easy challenge. you're such a smart dude it's kinda nice to see you need the help of others too.
This really helped understand XXS properly. Now I feel I can learn a little more! I would love to see a little shortcuts video. You fly around a terminal and subl! Maybe even just a little write-up, just a thought but great video
Real good explanation, i came here from LiveOverflow where he covered this CTF and mentioned yours explanation and, no offense for LiveOverflow :-), now i got it much clearly. Thank you!
You may have answered this later in the video but b/1337 or any number is generally just shorthand for Bug 1337 or Bug whatever that's being tracked on some external issue tracker.
It'll be really nice if you did the other web challenges as well. More than the solution seeing the rabbit holes and methodology of sorts is really important.
You are very kind and humbly willing, to tell the truth when you solve this with the help of others. It's not like someone there who considers himself as "a hacker that your friends told you about" but is only good at making videos and making up a tale.
The b/1337 refers to a bug on Google's internal bug tracker, commonly accessed on the intranet at b/$bugid. I'm surprised they left this in for an external event. Source: I'm a google employee :)
Definitely a good beginning point to have your video on ctf. I just became proficient in Javascript a couple months ago and being able to follow along with this task really motivated me!
Hey John, Amazing content as usual. I have a small question, where would you recommend for a python beginner to learn the necessary libraries and tools? Do you suggest a specific course or a website to learn the tools that you usually use such as pwntools, Crypto, requests, and so on? C++ is just not the tool for something like this
Actually really interesting. It did strike me as odd that he used JSON.stringify when there was really no need, but I would have never looked much farther than that. Good content!
note that sending the object using the url encoded parameter is only possible because of the `extended=True` bit below the comment saying "we need this for the captcha for some reason" :) (understanding this was for me the clue that helped me solve the challange)
If you look at the body-parser documentation here: www.npmjs.com/package/body-parser It says "The extended option allows to choose between parsing the URL-encoded data with the querystring library (when false) or the qs library (when true). [...] For more information, please see the qs library. If you follow that link, you can see a bunch of examples for how it lets you parses variou query strings into objects/arrays.
Hey John, I'm an officer for the Cyber Security club at my university. We would love if you could come in for 30 minutes and give a talk about some pen testing or any networking exploits that are interesting to you!
not disrespect you, but mid vod i had this idea 💡 of a drinkin game, when ever you say peculiar we take a shot 🥃 now i continu watching i love what you doing btw keep up the good work ❤️
The one question how it supposed to get where issue is by this "b/1337"? I know it means leet but how it leads to JSON.stringify row of the code, can someone explain please?
Personally I ended by not knowing how to send an object to the server and get out of the quetes, but sending cookie would probably be the second injected js ( right after alert(1); )
So was the "JSON.stringy()" portion unnecessary? It doesn't seem like your exploit at the end used what you learned from the JSON.stringify()? Or am I missing something?
Vincent Zhen Did you actually watched the video? He was creating a post request and assigned an object to the content parameter. Because it’s an object, Json.stringify allowed to break out of the double quotes.
@@zwiebelopi9898 I did watch it but I don't know JS very well. I saw that he was sending an object via the POST request but I didn't understand how `content[]=` was the object in the JSON.stringify(). I think I get it now though. Thanks
Yo In Russia it was (maybe it's not anymore, it was a long time ago (about 10-15 years) ) a "true young Men number" 13 - your age 3 - your average mark at school (max value is 5) And finally, 7 - the number of your class at school
John: Im a newbie, still have a lot to learn
Me: *sobs*
me too 😂😩
This was incredible! Loved it! Never seen a challenge like this. This was very valuable to me. Please make more.
Just a heads-up: at 19:40, when you wanted to only POST to the first URL and then follow the redirect without POST, you could have just dropped the "-X POST", since "-d" already implies POST, and curl would have followed to the redirected URL with GET.
The b/1337 is just a reference to a bug ID. At Google they use an internal bug tracking tool called buganizer, and short links are in the form of b/bug-id. Usually you see this in the code: TODO(b/5746327): fix foo
I thought 1337 meant LEET
@@ancestrall794 that is what it stands for...
I think I need to start reading more writeups. I've always tried to do a CTF and if I can't get it after trying for some time I guess I usually walk away and I end up not actually learning from the CTF which is the point. Great video man!
ye. the struggle is real
I really enjoyed seeing the thought process. This was one I was super close to solving, but I'm a noob at XSS. I didn't know any cool tricks like shown in the vid.
Keep up the great content!
Would love to see you do the other ones :p
That was actually super awesome. Thanks heaps my bro. love your honesty. that was not an easy challenge. you're such a smart dude it's kinda nice to see you need the help of others too.
Your content is great. It’s easy to follow, and I really like the perspective that we get when you show how you think through the challenges
A lot of people out there try to portrait something that they aren't and seeing someone like you being honest about not solving this CTF. Respect
I’m getting buff doing all these cURLs bro!
This really helped understand XXS properly. Now I feel I can learn a little more! I would love to see a little shortcuts video. You fly around a terminal and subl! Maybe even just a little write-up, just a thought but great video
Wow! You are the one who leads to how to think as a hacker. I searched looots of sources to learning CS. And you are my fav. Thankss
Thanks John, super interesting! Can’t wait to see the new challenges you are preparing!
Real good explanation, i came here from LiveOverflow where he covered this CTF and mentioned yours explanation and, no offense for LiveOverflow :-), now i got it much clearly. Thank you!
Really insightful video 👍 and now I want the pleasure of finding those flags
I feel so lucky to have a node js and js background
Glad to see I'm not the only one you get discouraged when those things happens.
Lesson learned I hope, Thank you papa for the teaching
You may have answered this later in the video but b/1337 or any number is generally just shorthand for Bug 1337 or Bug whatever that's being tracked on some external issue tracker.
It'll be really nice if you did the other web challenges as well. More than the solution seeing the rabbit holes and methodology of sorts is really important.
I'm here for the F U L L F R O N T A L honesty. 13:30
You are very kind and humbly willing, to tell the truth when you solve this with the help of others. It's not like someone there who considers himself as "a hacker that your friends told you about" but is only good at making videos and making up a tale.
The b/1337 refers to a bug on Google's internal bug tracker, commonly accessed on the intranet at b/$bugid. I'm surprised they left this in for an external event. Source: I'm a google employee :)
Definitely a good beginning point to have your video on ctf. I just became proficient in Javascript a couple months ago and being able to follow along with this task really motivated me!
Hey John, Amazing content as usual. I have a small question, where would you recommend for a python beginner to learn the necessary libraries and tools? Do you suggest a specific course or a website to learn the tools that you usually use such as pwntools, Crypto, requests, and so on? C++ is just not the tool for something like this
John ima need you to chill on these videos, my sleep schedule can't take it!! Loving them man, really fun to see your thought process!
You are so so good man, its interesting to watch your videos and learn from you.
Actually really interesting. It did strike me as odd that he used JSON.stringify when there was really no need, but I would have never looked much farther than that. Good content!
Thank you ! , can't wait for another google ctf web challenge video !
Thank you for this video please post more of these
I lost it when cookie and hookbin came up. I'm weak there.
At first I assumed the solution was to post because .slice(1, -1) would only remove the outer ;) Nice video, keep it up!
Hey John, take a look at webhook.site, I think the UI is much more intuitive for XSS/SSRF/CSRF.
It doesn't work on hookbin for me for some reason, but webhook does ! Thanks for the recommandation !
Thanks u Sir.. love the way you explain all the stuff 👏👏👏
Wow dude thanks 👍🙏🏾 loved it
note that sending the object using the url encoded parameter is only possible because of the `extended=True` bit below the comment saying "we need this for the captcha for some reason" :) (understanding this was for me the clue that helped me solve the challange)
Hello, thanks for this video. How did you know about the "[ ]" in the "content[ ]" ? How can I find it if I'v never seen it ?
If you look at the body-parser documentation here: www.npmjs.com/package/body-parser
It says "The extended option allows to choose between parsing the URL-encoded data with the querystring library (when false) or the qs library (when true). [...] For more information, please see the qs library.
If you follow that link, you can see a bunch of examples for how it lets you parses variou query strings into objects/arrays.
Thank you for this learned a lot from this video.
Sir please tell us how did you install that sublime build view? I am looking for it but couldn't install it. I am using sublime text 3
something never be changed..: "Hello, my name is John Hammond.."..NICE
Hey John, I'm an officer for the Cyber Security club at my university. We would love if you could come in for 30 minutes and give a talk about some pen testing or any networking exploits that are interesting to you!
Feel free to send me an e-mail, I'm always happy to hang out! :)
I think the Tracing challenge would make for another great walkthrough video!
Great walk through, love your video
more google CTFs will be appreciable
wow...it always amazes me how much information and syntax you input for the CTF. How did you learn all this stuff? haha
Amazing content always! I struggled so much last weekend hopefully I learned a lot!!! thnx
Appreciate the video walkthrough.
Muito bom!!!!! Grato por compartilhar seu conhecimento. Aprendo muito com seus vídeos.
First time motivated by watching your video
Absolute amazing!
Dude I didn't even know something like hookbin exists thanks John and yes I'm a John too 😅
Thanks, John
Thank you bring more these kinds of ctfs and python scripting.
My name is, what? My name is who? *imitates turntables zickazicka john hammond *to the tune of my name is slim shady*
Thus was incredible!!
Awsome bro... You're inspiring us... Thank you.
very cool ctf real video, thanks man.
Very Nice video just as always. Stay frosty.🥶
when did Ed Sheeran become interested in IT?!! JK :)) Thanks John for good content.
Ed Sheeran really is talented.
Lol so relative
Awww, I missed the live stream.
Hmm, i really dont have a clue about anything going on here, but i still watched it
we want more
that was very cool ! thanks !
Pretty Nutz! Keep up the good work man!
Thank you so much for sharing your knowledge.
+1 sub
thank you so much!!!
for the algo
Always love your videos, especially because I'm shit in web challenges
not disrespect you, but mid vod i had this idea 💡 of a drinkin game, when ever you say peculiar we take a shot 🥃 now i continu watching i love what you doing btw keep up the good work ❤️
great tutorial ... like always ... thank you
Please continue doing those.
This was the only challenge I got. Can you also explain some other challenges as well?
Commentingforthealgorithm
Replying for algorithm.
You're the best! Thanks so much!
Commenting the flagorithm
Thanks dude!
feels good to know node
I love you solved this problem
This was great!
awesome!
What the fuck is going on! I'm the community members of the internet. Right now we see veerryyy tragic situation out of john 😞. What a bad hmm
Missed the live Stream, but loved the video!
The one question how it supposed to get where issue is by this "b/1337"? I know it means leet but how it leads to JSON.stringify row of the code, can someone explain please?
you are great.👍
aswm broooo
Hi, john.
Can u point me to an article which discusses when tp use request.session() and when request.get/post() ?
Thx
YESS PLEASE DOO MORE OF THESEE PLEASSEEEEEE!!!!!!!!!
Loved it
Excellent
How come the microphone character 🎤 @7:10 in your Sublime is in color?
Why does log-me-in above pasteurize in the challenge list have only 7 points or has it been solved by too many people or my eyes aren't working??
Personally I ended by not knowing how to send an object to the server and get out of the quetes, but sending cookie would probably be the second injected js ( right after alert(1); )
So was the "JSON.stringy()" portion unnecessary? It doesn't seem like your exploit at the end used what you learned from the JSON.stringify()? Or am I missing something?
Vincent Zhen Did you actually watched the video? He was creating a post request and assigned an object to the content parameter. Because it’s an object, Json.stringify allowed to break out of the double quotes.
@@zwiebelopi9898 I did watch it but I don't know JS very well. I saw that he was sending an object via the POST request but I didn't understand how `content[]=` was the object in the JSON.stringify(). I think I get it now though. Thanks
i like how said i'm not that good
please create more of these
#commenting_for_the_algorithm
You are great John!
"what is 1337" lol
Leet
It might shock you but it's a number..
Yo
In Russia it was (maybe it's not anymore, it was a long time ago (about 10-15 years) ) a "true young Men number"
13 - your age
3 - your average mark at school (max value is 5)
And finally, 7 - the number of your class at school
Writeups ❤️
COOL!
Please provide links to the writeups you are talking about....
Please do the REV beginner ones!
But Hey.. where was the sun shine? 😁🤭
testing so you dont have to