1
00:00:00,256 --> 00:00:06,400
As a user has decreased and the responsibilities as a cloud provider is increase
2
00:00:08,704 --> 00:00:12,032
Don't let's talk about them
3
00:00:13,824 --> 00:00:19,968
B Fernandez intimately type let's talk about what is the first soda made
4
00:00:20,224 --> 00:00:26,368
80 style data about a particular subject
5
00:00:26,624 --> 00:00:32,768
Mint and configuration API allows users to configure and monitor the settings of the cloud instances
6
00:00:33,024 --> 00:00:39,168
But this is a non-reloadable method APA URL using b**** you can query
7
00:00:39,424 --> 00:00:45,568
The information like 19 169.254. 169.254 if you
8
00:00:45,824 --> 00:00:51,968
I want to read more about this method API then you can simply go through the documentation of AWS Google and I'll show that is
9
00:00:52,224 --> 00:00:53,504
I didn't want this life
10
00:00:54,528 --> 00:01:00,672
No especially useful if the environment is using the
11
00:01:00,928 --> 00:01:02,208
Tim fill twice
12
00:01:02,720 --> 00:01:08,864
What is this a pencil profile allow you to club together. Services and capabilities
13
00:01:09,120 --> 00:01:15,264
Tina symbol profile at the I am stupid attached to Tomato the day. Then you can simply
14
00:01:15,520 --> 00:01:21,664
Get the temporary credential and can you can do damage to the application
15
00:01:21,920 --> 00:01:28,064
Know what is this is intrapersonal intelligence personal what is
16
00:01:28,320 --> 00:01:32,160
Nothing but the identity and access management where
17
00:01:32,416 --> 00:01:38,560
Allow us to Define who has access to the work of who has access to what resources okay
18
00:01:38,816 --> 00:01:44,960
These are used to delegate access to the user application and
19
00:01:45,216 --> 00:01:50,336
It will set the granule permission to securely access the resources
20
00:01:52,896 --> 00:01:59,040
So in order to interacting with the metadata API we can simply the result
21
00:01:59,296 --> 00:02:05,440
Exist interpretation then you can simply use this no doubt about 16.25
22
00:02:05,696 --> 00:02:11,840
169.254
23
00:02:12,096 --> 00:02:18,240
Only exist with antidepressants vitamin it will not affect all it it's not there within the Google
24
00:02:18,496 --> 00:02:24,640
Primatology Google As You Are
25
00:02:24,896 --> 00:02:31,040
Implemented a custom header which is kind of a protection
26
00:02:31,296 --> 00:02:37,440
Against it because using this is how we can simply
27
00:02:37,696 --> 00:02:43,840
Alexa use the URL to access the information that is available to dead body
28
00:02:44,096 --> 00:02:50,240
But using this is important if you cannot add a custom header to that particular URL
29
00:02:50,496 --> 00:02:56,640
Gcp and Azure is not vulnerable to a solid color bedding ideas
30
00:02:56,896 --> 00:02:58,688
Assistant
31
00:02:58,944 --> 00:03:05,088
So this is the big one. And if you are able to identify the cooties
32
00:03:05,344 --> 00:03:11,488
So he has to make a request.
33
00:03:23,776 --> 00:03:29,920
Just logged into my account
34
00:03:30,176 --> 00:03:32,992
Bullhead City Sea-Doo
35
00:03:36,576 --> 00:03:42,464
Citadel multiple instances running over here I'm just going to run the machine
36
00:03:43,744 --> 00:03:49,888
No this is a bunch of information like the public ipv4 DNS using this particular machine
37
00:03:50,144 --> 00:03:53,216
Is accessible it signed up for Amazon Phoenix machine
38
00:03:53,472 --> 00:03:59,616
If you want to Connected there is a multiple options and you can also Connect using the SSS flag
39
00:03:59,872 --> 00:04:06,016
I'm home if you are able to identify this painful than you can simply connect to using its public DNS
40
00:04:06,272 --> 00:04:12,416
So let me download.
41
00:04:13,440 --> 00:04:15,488
Guys
42
00:04:39,551 --> 00:04:45,695
Information that he has that information
43
00:04:45,951 --> 00:04:52,095
Like it says only a read-only permission to the owner okay to this poor CC.
44
00:04:52,351 --> 00:04:58,495
Just keep that in mind maybe it might be useful for the next exercise and here
45
00:04:58,751 --> 00:05:04,895
I'm just using this particular command to connect to that lock box because I have the pamphlet
46
00:05:05,151 --> 00:05:11,295
No that's if you have access to that particular instance we can simply use to call lab
47
00:05:11,551 --> 00:05:17,695
Buddy the metadata API using the table IP address and then
48
00:05:17,951 --> 00:05:24,095
OneMain 169.254 169.254
49
00:05:24,351 --> 00:05:29,727
Existence of folders that just go to one of the folder
50
00:05:30,751 --> 00:05:33,567
It's the latest
51
00:05:33,823 --> 00:05:36,383
Let me type it
52
00:05:36,895 --> 00:05:43,039
Sade has three Porters Dynamic major little one I'm interested in
53
00:05:43,295 --> 00:05:44,575
Margarita
54
00:05:44,831 --> 00:05:50,975
So let me provide that then it has because it has
55
00:05:51,231 --> 00:05:53,279
I just go inside. But it look older
56
00:05:53,535 --> 00:05:59,679
It didn't. That are 24 that info and security coordination
57
00:06:04,031 --> 00:06:10,175
Security credential that is a 1/4 and 30 sec to
58
00:06:10,431 --> 00:06:11,711
Sdd Donley
59
00:06:15,807 --> 00:06:21,951
It has a temporary credential like X stitches Secret
60
00:06:22,207 --> 00:06:28,351
Session token and spawn so somehow if you're able to identify
61
00:06:28,607 --> 00:06:34,751
Able to get these temporary credential then we can do damage powder
62
00:06:40,383 --> 00:06:46,527
So I already explained that we can have
63
00:06:46,783 --> 00:06:52,927
20th with it and the seal is also available for the electric line
64
00:06:53,183 --> 00:06:59,327
Install disc levers bawselady on
65
00:06:59,583 --> 00:07:00,351
Funny books
66
00:07:01,375 --> 00:07:03,423
Then we can simply inevitable mission
67
00:07:03,679 --> 00:07:09,823
Supported him to explore this environment variable in your machine or in your tummy.
68
00:07:10,079 --> 00:07:16,223
And then you can simply check let's get colors
69
00:07:16,479 --> 00:07:22,623
Formation of the pellicle tokens
70
00:07:22,879 --> 00:07:29,023
And that is 8 lbs in a script so here if you provide the temporary credential it will go to each and every
71
00:07:29,279 --> 00:07:35,423
I'll be so busy and it will check the excess of the temp
72
00:07:35,679 --> 00:07:41,823
If it's able to identify any of the information display to you
73
00:07:42,079 --> 00:07:48,223
Lattice
74
00:07:48,479 --> 00:07:54,623
Let's
75
00:07:54,879 --> 00:08:01,023
He has them to identify next odisha.
76
00:08:01,279 --> 00:08:07,423
Exit 2-3 bucket and download this application.
77
00:08:07,679 --> 00:08:13,823
Action by continuous deployment by play
78
00:08:15,103 --> 00:08:18,687
This
79
00:08:21,503 --> 00:08:27,647
Supposed to be able to go to the Snapchat.
80
00:08:29,695 --> 00:08:31,743
We have to go to
81
00:08:31,999 --> 00:08:33,535
Loud
82
00:08:54,015 --> 00:09:00,159
Stock information from location
83
00:09:00,415 --> 00:09:03,487
Anybody's to theaters
84
00:09:04,511 --> 00:09:10,655
For that let me replace this page and 26 mystery picture first now
85
00:09:11,423 --> 00:09:17,567
The simple things you can try by default discover status page is not accessible from the internet
86
00:09:18,847 --> 00:09:24,991
All its website at the moment you try to access this page it says that for me
87
00:09:25,247 --> 00:09:31,391
You don't help on mission to accessibility
88
00:09:31,647 --> 00:09:37,791
Liberty
89
00:09:40,351 --> 00:09:44,447
Server status
90
00:09:45,983 --> 00:09:52,127
Yes it respond with this our status page that means it's vulnerable
91
00:09:52,383 --> 00:09:58,527
Amanda Taipei
92
00:09:58,783 --> 00:10:04,927
Poop iPhone so yes
93
00:10:05,183 --> 00:10:11,327
So let's try to get the temporary credential
94
00:10:11,583 --> 00:10:17,727
Latest o directly Within.
95
00:10:21,567 --> 00:10:27,711
Aiden dietary scientologists which LetterSchool to disarm
96
00:10:28,991 --> 00:10:33,343
But then that go to the security credentials
97
00:10:36,671 --> 00:10:41,279
Olustee AWS elastic Beanstalk easy to do
98
00:10:42,559 --> 00:10:48,703
At the moment we send credit is better today. As a temporary credential
99
00:10:48,959 --> 00:10:53,823
Mexicali machine
100
00:11:03,039 --> 00:11:09,183
And she'll let me expose let me set the environment variable for this terminal
101
00:11:10,719 --> 00:11:15,583
Awshx sgid is equal to
102
00:11:17,631 --> 00:11:23,775
Increase Texas export aws63
103
00:11:25,055 --> 00:11:28,383
Access key
104
00:11:28,639 --> 00:11:30,687
Is equal to
105
00:11:32,223 --> 00:11:36,063
Bass
106
00:11:37,599 --> 00:11:40,927
Explored
107
00:11:41,183 --> 00:11:46,047
AWS station
108
00:11:46,303 --> 00:11:47,839
Is it cool to do
109
00:12:03,199 --> 00:12:09,343
Mountain nesting Israel to identify the region as well
110
00:12:09,599 --> 00:12:15,743
Variables
111
00:12:15,999 --> 00:12:21,375
Information from this metadata API you can simply go through this latest
112
00:12:25,215 --> 00:12:28,799
But in the latest series of dynamic Dentistry
113
00:12:29,055 --> 00:12:33,407
Instance identity
114
00:12:38,015 --> 00:12:44,159
That is a document directory
115
00:12:44,415 --> 00:12:50,559
Information as well because bunch of information like account ID region information that enjoyed in
116
00:12:50,815 --> 00:12:55,935
Winston-Salem Salon but we are interested in the region ideologist copy this information
117
00:12:56,191 --> 00:13:00,031
And also export AWS
118
00:13:00,287 --> 00:13:06,431
54th Legion is equal to this
119
00:13:09,503 --> 00:13:15,647
Okay so the next thing is let's try to check with S3 bucket
120
00:13:15,903 --> 00:13:22,047
List using this information
121
00:13:22,303 --> 00:13:23,839
PS3 Alice
122
00:13:27,423 --> 00:13:33,567
It says that existing I'd you do not have any access to any of the buckets but
123
00:13:33,823 --> 00:13:37,407
If you look at the documentation of elastic Beanstalk
124
00:13:38,431 --> 00:13:40,991
Like this
125
00:13:43,039 --> 00:13:49,183
If you look at the documentation of elastic Beanstalk
126
00:13:49,439 --> 00:13:55,583
Any scientific information it says that Grandpa music by missions for the application to upload lots to Amazon nest
127
00:13:55,839 --> 00:14:01,983
CN debugging information to Athletics play
128
00:14:02,239 --> 00:14:08,383
Formation is Jetstar distar put object
129
00:14:08,639 --> 00:14:14,783
Resources I've seized that allow for the resources which was name starting with elastic
130
00:14:15,039 --> 00:14:18,623
Install Okay so
131
00:14:19,135 --> 00:14:25,279
If the bucket name is starting with elastic Beanstalk that it has gate list and Bush
132
00:14:25,535 --> 00:14:31,679
Apple pie mission
133
00:14:31,935 --> 00:14:38,079
Go to the documentation of this elastic Beanstalk and then this is kind of the application development
134
00:14:38,335 --> 00:14:44,479
Clarification and it will keep our temporary pocket storage
135
00:14:44,735 --> 00:14:50,879
And then there's a specific name the bucket that is created for us
136
00:14:51,135 --> 00:14:54,975
Wingstop
137
00:14:55,487 --> 00:14:58,815
If you go to this party love you all
138
00:14:59,327 --> 00:15:02,911
Copy.
139
00:15:07,007 --> 00:15:13,151
The next thing is yolk identify the name of the bucket that is available
140
00:15:13,407 --> 00:15:19,551
Okay so it says that electric elastic Beanstalk 3x and an Amazon S3 bucket
141
00:15:19,807 --> 00:15:24,415
Named elastic Beanstalk iPhone region iPhone account ID
142
00:15:24,671 --> 00:15:26,975
So let me copy this
143
00:15:32,351 --> 00:15:38,495
Nohea Beauty quite two things but so how do I identify
144
00:15:38,751 --> 00:15:44,895
So you can simply use the method API Garden to fight this if it go to this point it has boots
145
00:15:45,151 --> 00:15:51,039
Information like account ID
146
00:15:52,575 --> 00:15:55,903
Engine information is this
147
00:15:58,975 --> 00:16:03,839
This is the default instant created for elastic Beanstalk component
148
00:16:04,863 --> 00:16:11,007
What I do now is let me to again
149
00:16:11,263 --> 00:16:17,407
List down all the content from this particular S3 bucket
150
00:16:17,663 --> 00:16:23,807
Be content on this particular bucket list
151
00:16:24,063 --> 00:16:30,207
Get an update on Mission information
152
00:16:30,463 --> 00:16:32,511
Elastic Beanstalk
153
00:16:34,815 --> 00:16:40,959
Before that I'm using this EP, EP 381
154
00:17:03,487 --> 00:17:06,559
And it's a copy
155
00:17:07,071 --> 00:17:08,607
So what is this
156
00:17:09,119 --> 00:17:13,727
And this is and I want to download it
157
00:17:19,103 --> 00:17:24,991
So it's downloaded all the source code that is stated in this bucket
158
00:17:29,343 --> 00:17:35,487
No
159
00:17:35,743 --> 00:17:41,887
What are the bucket that we can upload our Publications
160
00:17:42,143 --> 00:17:45,471
And if you opened I've been Wild.
161
00:17:45,727 --> 00:17:51,871
Document and it's nothing but application so sport
162
00:17:54,431 --> 00:18:00,575
This that means what it's contained the PHP code and this BHP code
163
00:18:00,831 --> 00:18:06,975
Accessible from my cloud instance so what is what is
164
00:18:07,231 --> 00:18:13,375
Upload a bottle over here.
165
00:18:13,631 --> 00:18:19,775
People instances of permission as parents Weekend Update
166
00:18:26,431 --> 00:18:27,711
Fordite
167
00:18:28,223 --> 00:18:33,855
I'm just getting one basic rapture
168
00:18:37,439 --> 00:18:43,327
Let's see stubble
169
00:18:44,095 --> 00:18:50,239
That's an 80 85. BHP
170
00:18:52,543 --> 00:18:58,687
It's a basic BHP adoption has 103 it has
171
00:18:58,943 --> 00:19:05,087
Our name which name is call WP pastor this call parameter simply
172
00:19:05,343 --> 00:19:11,487
Boston T system function
173
00:19:11,999 --> 00:19:18,143
Lorde next step is to add this option been in this gym 50K
174
00:19:18,399 --> 00:19:19,679
How do we do that
175
00:19:20,447 --> 00:19:25,823
Phone that you can use the zip command like see if Ivan you are
176
00:19:26,591 --> 00:19:32,735
2019 the name of the C5 and I want to add this
177
00:19:32,991 --> 00:19:35,295
Edit
178
00:19:36,831 --> 00:19:42,975
Know if you want to check that you can simply again to VI 2019 and you see
179
00:19:43,231 --> 00:19:47,071
I've actually salsa uploaded to death podcast
180
00:19:47,327 --> 00:19:53,471
Calyptus closes now the next thing is you have to upload this ZIP file on DD4L
181
00:19:53,727 --> 00:19:59,871
Elastic Beanstalk
182
00:20:01,663 --> 00:20:07,551
Okay and he has the sources different destination is RS3 bucket
183
00:20:09,855 --> 00:20:15,999
Source is 2019
184
00:20:34,175 --> 00:20:40,319
It's uploaded on the server okay now there is a concept of CI CD pipeline
185
00:20:40,575 --> 00:20:46,719
It's basically Nothing But The Continuous integration and continuous deployment
186
00:20:46,975 --> 00:20:53,119
Application administrative it deploy that change on the light bucket
187
00:20:53,375 --> 00:20:59,519
Call Eli gravitation
188
00:20:59,775 --> 00:21:04,383
On our position away
189
00:21:06,687 --> 00:21:12,831
Let's say to access out of action action CU 85
190
00:21:13,087 --> 00:21:18,720
Hphp call parameter is nothing but
191
00:21:19,232 --> 00:21:21,280
Etsy
192
00:21:21,536 --> 00:21:22,816
Alice
193
00:21:23,072 --> 00:21:24,608
Cuc
194
00:21:24,864 --> 00:21:31,008
We are able to upload our website and we are able to perform.
195
00:21:31,264 --> 00:21:35,616
Pokemon Pokemon
196
00:21:36,128 --> 00:21:38,432
It's a who am I
197
00:21:40,992 --> 00:21:47,136
So this is how we can perform be
198
00:21:47,392 --> 00:21:53,536
Elastic Beanstalk based on the documentation of the last eclipse
199
00:21:53,792 --> 00:21:59,936
Give us the temperature in St bucket on which we can upload
200
00:22:00,192 --> 00:22:06,336
And the default ending convention is elastic Beanstalk hyphen
201
00:22:06,592 --> 00:22:12,736
Legion iPhone account deleted we can simplify using the method
202
00:22:12,992 --> 00:22:19,136
Option on which the application is created so anyone has any person in this demonstration
203
00:22:26,560 --> 00:22:29,632
Okay so now next move the next topic
204
00:22:32,704 --> 00:22:36,800
The next thing is function is a Tubby's
205
00:22:37,056 --> 00:22:43,200
So which is also known as the survivalist amputee still in the picture but he has
206
00:22:43,456 --> 00:22:49,600
Have you do not have to meditate because it's managed by the cloud provider
207
00:22:49,856 --> 00:22:56,000
Bus route to write a function based on the language that is supported in Turkish government
208
00:22:56,256 --> 00:23:02,400
And it's obvious to order invocar function whenever DL Edition
209
00:23:02,656 --> 00:23:08,800
Okay based on triggers and events
210
00:23:09,056 --> 00:23:15,200
You put that into containerized environment and once the exhibition completed will destroy this particular kind
211
00:23:15,456 --> 00:23:21,600
Penalizing moment he is not managed by the function is stories and being infatuated
212
00:23:21,856 --> 00:23:28,000
Only phylum spending trigger solitary events stranded and events
213
00:23:28,768 --> 00:23:34,912
SRP multi-party Garden events supported by the cloud provider so let's stick example
214
00:23:35,168 --> 00:23:41,312
Salt Lake City events so it will
215
00:23:41,568 --> 00:23:44,384
Based on that it will
216
00:23:44,640 --> 00:23:50,784
Call a function and do the processing on the particular request that this is how they should be three girls and
217
00:23:51,040 --> 00:23:57,184
Sending this to this beast that's event entry got any document is uploaded to PS3
218
00:23:57,440 --> 00:24:03,584
Bucket storage and they stop.
219
00:24:03,840 --> 00:24:09,984
And the function will do some execution and then destroy the environment
220
00:24:10,240 --> 00:24:16,384
Stephen events Sushi available the new record is inside are deleted all accepted it was John.
221
00:24:16,640 --> 00:24:22,784
And hello dentist on the table.
222
00:24:23,040 --> 00:24:28,416
Message to Bist events notification Service events and so on
223
00:24:32,256 --> 00:24:38,400
No disability different use cases of the bed from where the events are related
224
00:24:38,656 --> 00:24:44,800
Events at the function is to service the sky that is part of selling website an API events hosting
225
00:24:45,056 --> 00:24:51,200
Image and video processing imaging video manipulation sahil thesis example of
226
00:24:51,456 --> 00:24:57,600
Two-seater time uses their WWE slam.com chien-po image processing Savannah velainu images uploaded in the story
227
00:24:57,856 --> 00:25:04,000
Anybody speaker and the function passes the image and vendor
228
00:25:04,256 --> 00:25:10,400
Different different result listen for the same images and based on that display this images today
229
00:25:10,656 --> 00:25:16,800
User like iPad User computers user mobile users and so on
230
00:25:17,056 --> 00:25:23,200
Example of continuous integration and continuous deployment
231
00:25:23,456 --> 00:25:29,600
Application Android and allart and based on that it will deploy our
232
00:25:29,856 --> 00:25:31,904
Application to the live environment
233
00:25:32,416 --> 00:25:38,560
So let's talk about auditioning data extraction so here
234
00:25:38,816 --> 00:25:44,960
Standard example of erisa documents
235
00:25:45,216 --> 00:25:51,360
Like PD feiffer JPG file is added to the bucket and 168
236
00:25:51,616 --> 00:25:57,760
80 ^ 100 country
237
00:25:58,016 --> 00:26:04,160
Wendy's Palatine the data is extracted and added to the Apache wedding Papas
238
00:26:04,416 --> 00:26:10,560
Decision
239
00:26:10,816 --> 00:26:16,960
The first one is this the second one is this okay
240
00:26:17,216 --> 00:26:21,056
Document storage and Ella
241
00:26:21,568 --> 00:26:27,712
The first fountain get executed which basically
242
00:26:27,968 --> 00:26:34,112
Use the oci the information and verify the document
243
00:26:34,368 --> 00:26:37,184
It contains the pi information
244
00:26:37,696 --> 00:26:43,840
Danny please execute the another function okay if it's not contain any pure information
245
00:26:44,096 --> 00:26:45,376
Upload to this dollar
246
00:26:45,888 --> 00:26:52,032
Now if it sent into Pierre again
247
00:26:52,288 --> 00:26:53,312
Function
248
00:26:53,568 --> 00:26:59,712
It's basically must only be information within document and then store it in the
249
00:26:59,968 --> 00:27:06,112
That means it's over an existing document within the bucket over here so as
250
00:27:06,368 --> 00:27:12,512
Wendy's updated again and again
251
00:27:12,768 --> 00:27:18,912
Commission Now this time tpi's Master by this function
252
00:27:19,168 --> 00:27:23,008
Uploaded to this function as a service works
253
00:27:23,776 --> 00:27:29,920
Difference between the platform service and the function is a service associate
254
00:27:30,176 --> 00:27:36,320
Interpretation but in case of function is service Bo to deploy only single function
255
00:27:36,576 --> 00:27:42,464
Sobeys the somebody's always up and running all the time but in is a function is a service it will
256
00:27:42,720 --> 00:27:48,864
Run whenever the event is triggered and once the function exhibition completed it will turn down.
257
00:27:49,120 --> 00:27:55,264
Containerized environment
258
00:27:55,520 --> 00:28:01,664
System and everything will end up like him but in case of all this madness by detour
259
00:28:01,920 --> 00:28:03,968
What's the weather
260
00:28:04,480 --> 00:28:10,624
Different test cases of the function function that means there is a
261
00:28:10,880 --> 00:28:16,256
Identify the time all the time or related issues
262
00:28:16,512 --> 00:28:22,656
Then once they've done the next Edition could be on the different environment all together
263
00:28:22,912 --> 00:28:29,056
Says I mentioned that one speaks the function education completed will destroy the container right environment
264
00:28:29,312 --> 00:28:35,456
The next alert is undeterred that means it might be running on different environment all together
265
00:28:35,712 --> 00:28:41,856
Now it's running into containerized environment that means there is a container that could be
266
00:28:42,112 --> 00:28:48,256
What's applicable to this increased attacks office due to the complexity
267
00:28:48,512 --> 00:28:54,656
Because that is not only single function that is there within the organization died if dedication
268
00:28:54,912 --> 00:29:01,056
Then there are lots of function available
269
00:29:01,312 --> 00:29:07,456
Admission on all the functions it's kind of a difficult are okay so it will increase
270
00:29:07,712 --> 00:29:11,552
Sopes because of that but it looked complex complexity
271
00:29:11,808 --> 00:29:17,952
Expedition
272
00:29:18,208 --> 00:29:24,352
Kindergarten game
273
00:29:24,608 --> 00:29:29,216
Texas to S3 bucket and connect an ec2 instance the challenge
274
00:29:29,984 --> 00:29:32,544
This
275
00:29:33,056 --> 00:29:35,616
Let me go to my calendar shein
276
00:29:39,968 --> 00:29:41,760
End
277
00:29:50,976 --> 00:29:57,120
Go to this lamera supposed to be able to identify Spotify.
278
00:30:02,752 --> 00:30:06,592
The piece that's it
279
00:30:08,384 --> 00:30:10,944
It's a stranger
280
00:30:11,968 --> 00:30:15,040
Yaqui pocket into a single coach
281
00:30:16,320 --> 00:30:19,904
So yes it's deflected over here let me do my b
282
00:30:20,160 --> 00:30:26,304
Now let's faceting volume 25
283
00:30:26,560 --> 00:30:32,704
Simulated on the summer or not say yes it's okay
284
00:30:32,960 --> 00:30:39,104
Note the function is a services available in four different program
285
00:30:39,360 --> 00:30:45,504
State select instructors let me pass away
286
00:30:45,760 --> 00:30:51,904
Afdah.net
287
00:30:52,160 --> 00:30:58,304
Diagnostic 26. Start start the cmd.exe
288
00:30:58,560 --> 00:31:04,704
It's not working now let's try to use the Java runtime class to check
289
00:31:04,960 --> 00:31:05,984
Weather
290
00:31:06,240 --> 00:31:08,800
Execute alkaline download
291
00:31:09,312 --> 00:31:14,176
No it's not raining
292
00:31:16,224 --> 00:31:20,832
X Sonic simple Bill to use this system
293
00:31:21,344 --> 00:31:27,488
It's not raining now there's checked or the Emojis
294
00:31:33,376 --> 00:31:37,216
Smoothies
295
00:31:37,984 --> 00:31:44,128
The moment we try to 1790s day single line one-liners pictures responded
296
00:31:44,384 --> 00:31:47,712
How to put up that particular service
297
00:31:48,224 --> 00:31:54,368
Within the limit of functions environment variables
298
00:31:54,624 --> 00:32:00,768
It's been too easy containing the temperature in Chelan
299
00:32:01,024 --> 00:32:03,840
It contains
300
00:32:04,096 --> 00:32:10,240
All this a regular Angela KW secret session token secret key and so on
301
00:32:10,496 --> 00:32:16,384
So now we have this so let's check what information it has
302
00:32:17,152 --> 00:32:21,248
Okay so poor that let me quickly
303
00:32:21,760 --> 00:32:27,904
Set those environment variable within my July
304
00:32:28,160 --> 00:32:34,304
Export uws access
305
00:32:34,560 --> 00:32:36,096
Is equal to
306
00:32:40,448 --> 00:32:44,800
Access key ID
307
00:32:45,312 --> 00:32:51,456
Do Justin Bieber pesos together for the better visibility because you're it looks clumsy
308
00:32:51,712 --> 00:32:57,856
Rihanna and informational interview pictures it just display
309
00:32:58,112 --> 00:33:01,440
All the environment variables just doing that
310
00:33:01,952 --> 00:33:08,096
Bandon extinguisher Texas
311
00:33:08,352 --> 00:33:14,496
Kws secret access
312
00:33:17,568 --> 00:33:23,712
This export
313
00:33:23,968 --> 00:33:26,272
WS default
314
00:33:26,528 --> 00:33:30,880
Teaching is equal to
315
00:33:36,256 --> 00:33:42,400
It mentioned already canceled it just cop it is busy to export AWS
316
00:33:42,656 --> 00:33:43,936
Fishing
317
00:33:44,192 --> 00:33:47,264
Is equal to
318
00:33:54,688 --> 00:33:59,552
Navien said all the information so what we can do next
319
00:34:01,344 --> 00:34:07,488
Okay so the next thing we can do is let this down the buckets that is available to
320
00:34:07,744 --> 00:34:13,632
I'm just running this 8st Ellis
321
00:34:13,888 --> 00:34:20,032
So it has this particular two buckets available
322
00:34:20,288 --> 00:34:24,896
What you can do begin Google and buy one for each and every
323
00:34:25,152 --> 00:34:31,296
Let's see bucket and download the source code and check what information is in
324
00:34:31,552 --> 00:34:37,696
That supported that. Just driving distance taste 11 and asses what
325
00:34:37,952 --> 00:34:44,096
Information need us for that what we can do again we can simply use this thing
326
00:34:44,352 --> 00:34:50,496
Extreme College match download information
327
00:34:52,288 --> 00:34:58,432
I want the storage within snss selected 11
328
00:34:58,688 --> 00:35:00,224
Genesis
329
00:35:04,576 --> 00:35:10,720
It has only two index file you can simply analyze all this content
330
00:35:10,976 --> 00:35:17,120
Identify the sensitive information on what application
331
00:35:17,376 --> 00:35:21,728
Repeat the information that is dead within this limited ammo
332
00:35:21,984 --> 00:35:28,128
Wsst sink
333
00:35:28,384 --> 00:35:29,664
Less less
334
00:35:30,176 --> 00:35:35,040
I want to download information that is there within this pocket
335
00:35:46,304 --> 00:35:50,400
It has
336
00:35:51,936 --> 00:35:58,080
Locate Vision nsa's Lombard mouche by
337
00:35:58,336 --> 00:36:04,480
But it also contains one time fee which is kind of a solid object
338
00:36:04,736 --> 00:36:10,880
And get it during the during destination of my cloud account right
339
00:36:11,136 --> 00:36:17,280
Police useful to do SSH into a box okay so how do we identify that this
340
00:36:17,536 --> 00:36:20,096
How do we use this particular file
341
00:36:20,352 --> 00:36:26,496
I sent it into a box because indicted city Party public DNS name so how do we identify that
342
00:36:26,752 --> 00:36:32,896
Cnsnews
343
00:36:33,152 --> 00:36:39,296
AWS ec2 describe
344
00:36:39,552 --> 00:36:45,696
Instances list down all the instances which is accessible using this temporary
345
00:36:45,952 --> 00:36:46,976
Prudential
346
00:36:53,376 --> 00:36:59,264
Anthony saw me shoot describe instances Bible
347
00:37:00,544 --> 00:37:04,896
Okay so just downloaded this let me save it into bonfire
348
00:37:07,200 --> 00:37:08,992
D.
349
00:37:10,016 --> 00:37:16,160
Let me open. Padilla file and let's check for that AWS
350
00:37:16,416 --> 00:37:18,208
Nemo Becky e
351
00:37:20,256 --> 00:37:24,608
AWS ec2 solar salad to search for
352
00:37:27,680 --> 00:37:33,824
So it's not able to identify anything within this disturbance
353
00:37:34,080 --> 00:37:40,224
Mystic EXs against all position that is available
354
00:37:40,480 --> 00:37:46,624
You might don't know that you are the nation has multiple resources into different
355
00:37:46,880 --> 00:37:53,024
Let's try to get instance in the different and different region
356
00:37:53,280 --> 00:37:58,400
Support at what I do
357
00:37:58,912 --> 00:38:05,056
Changing my default region information export awsd Ford region
358
00:38:05,312 --> 00:38:09,152
Is equal to u.s. East
359
00:38:10,432 --> 00:38:16,576
Instead of two let's just I do use fun and let's try to do this
360
00:38:16,832 --> 00:38:18,624
Evanston
361
00:38:22,976 --> 00:38:29,120
Know the moment you get the 237 stands for this particular region you will identify the penis
362
00:38:29,376 --> 00:38:35,520
Able to identify within one of their sleep
363
00:38:38,080 --> 00:38:44,224
And he has mentioned the public DNS name
364
00:38:44,480 --> 00:38:47,040
Do the SSH into the glove box
365
00:38:47,296 --> 00:38:50,112
Call dad again
366
00:38:50,368 --> 00:38:55,744
Tell me the simple syntax that I want to disown you
367
00:38:56,256 --> 00:38:57,536
Okay
368
00:38:58,048 --> 00:39:01,376
Copy this information
369
00:39:04,448 --> 00:39:10,592
82 West Asheville to replace our vampire named select me quickly
370
00:39:10,848 --> 00:39:14,432
It's the same or not I'll get this information
371
00:39:14,944 --> 00:39:17,248
Beasty to IKEA
372
00:39:18,272 --> 00:39:20,064
DNS name
373
00:39:21,344 --> 00:39:25,184
That we can also capture it from here
374
00:39:30,304 --> 00:39:36,448
Know how do we identify this using but this username is kind of a different user
375
00:39:36,704 --> 00:39:42,848
40 box of the Linux box and you can simply go to the documentation
376
00:39:43,872 --> 00:39:47,200
Body documentation of
377
00:39:47,712 --> 00:39:53,856
Diablo okay so simply
378
00:40:02,048 --> 00:40:08,192
It has people username available to the different different operating system like about Amazon Linux 2
379
00:40:08,448 --> 00:40:14,592
Is it user is it is a scientist mmiw
380
00:40:14,848 --> 00:40:20,992
If one is not working then you can try all computers username
381
00:40:21,248 --> 00:40:27,392
I see you wanted to do this position to that particular box
382
00:40:29,440 --> 00:40:31,744
It's kind of my miscellaneous
383
00:40:33,280 --> 00:40:39,424
The moment artist
384
00:40:39,680 --> 00:40:45,824
Buy least has a bad formation formation
385
00:40:46,080 --> 00:40:52,224
Information to the other user as well but as for the documentation of the
386
00:40:52,480 --> 00:40:58,624
The image on the AWS it says that it has only read permission to the owner
387
00:40:58,880 --> 00:41:05,024
Baseball mission to ducky first and then you can use that but I guess I'm just
388
00:41:05,280 --> 00:41:11,424
Yes it's the same key
389
00:41:12,960 --> 00:41:19,104
The moment you said the permission to correct permission you are able to do
390
00:41:24,224 --> 00:41:29,088
If you do use a gym playlist Lexus a ipconfig
391
00:41:29,600 --> 00:41:34,208
If config
392
00:41:36,256 --> 00:41:41,376
Isn't this is how you can also performed Expedition within Continental service
393
00:41:42,144 --> 00:41:46,496
So anyone has any question in this demo
394
00:41:51,872 --> 00:41:55,967
Okay so now let's move to the next next one
395
00:41:56,223 --> 00:42:02,367
The Boost acceleration is cloud
396
00:42:02,623 --> 00:42:08,767
Cindy for the level of access to the current opened up your bid for the temporary credential
397
00:42:09,023 --> 00:42:15,167
Let's see what next so using.
398
00:42:15,423 --> 00:42:21,567
You glide into Network or the bucket to give access to be able to go to the change
399
00:42:21,823 --> 00:42:27,967
The different different region if you could check what pocket we can access using that particular key
400
00:42:28,223 --> 00:42:34,367
Identify the buckets that is accessible
401
00:42:34,623 --> 00:42:40,767
And simply go to each and every pocket there might be a possibility that you will identify the other okay
402
00:42:41,023 --> 00:42:47,167
So you're two again go to animate all the information using the newly-discovered key
403
00:42:47,423 --> 00:42:53,567
And by doing that once you done with the nutrition you will get the overall poster of them.
404
00:42:53,823 --> 00:42:59,967
What all packages are available for the organization what are the other function
405
00:43:00,223 --> 00:43:06,367
So all the components you can identify
406
00:43:06,623 --> 00:43:12,767
You have identified multiple accounts
407
00:43:13,023 --> 00:43:19,167
Not that much help until
408
00:43:19,423 --> 00:43:25,567
So here are focuses on Google instead of running to what's dominant win as in
409
00:43:25,823 --> 00:43:31,967
I don't mean and goal is to control the entire
410
00:43:32,223 --> 00:43:38,367
Marcia in case of cloud our focus is on the ghoul and they
411
00:43:38,623 --> 00:43:44,767
Example of such goals
412
00:43:45,023 --> 00:43:51,167
Nice compromise what other components of the cloud of the specific organization
413
00:43:51,423 --> 00:43:57,567
What are adults that gets exposed if this particular application
414
00:43:57,823 --> 00:44:03,967
Is anyone Connexus the secret if the application gets compromised example of
415
00:44:04,223 --> 00:44:04,735
Schools
416
00:44:04,991 --> 00:44:10,623
Here now let's discuss about a very interesting case study
417
00:44:11,135 --> 00:44:17,279
About exercise session in the containers that is Shopify so here
418
00:44:18,303 --> 00:44:24,447
What happened at least until he's able to perform the service request forgery in the Google
419
00:44:24,703 --> 00:44:30,847
It's a previous version 2 version 1
420
00:44:31,103 --> 00:44:37,247
Celebrities at the time he's able to create a store
421
00:44:37,503 --> 00:44:43,647
He's able to edit a password. Liquid file which contains the HTML code
422
00:44:43,903 --> 00:44:50,047
Injectable
423
00:44:50,303 --> 00:44:56,447
Bottom eater he just inserted dumb attitude IPA URL
424
00:44:56,703 --> 00:45:02,847
No the backend wants to install Xtreme so it will create one screenshot
425
00:45:03,103 --> 00:45:09,247
But he said he's able to download the screenshot and within the screen shot it's in the gpg 4 minutes.
426
00:45:09,503 --> 00:45:15,647
Did you see information but he's not able to identify what what information
427
00:45:15,903 --> 00:45:22,047
Opera m is equal to Jason Isabel Isabel to the metadata API
428
00:45:22,303 --> 00:45:25,119
Respond with the output in the Jesus
429
00:45:25,631 --> 00:45:31,775
The beast on that he's able to open soon information about
430
00:45:32,031 --> 00:45:38,175
Literally has identified that physical environment information Alyssa 10:27
431
00:45:38,431 --> 00:45:44,575
Which basically allowed to query related information from them
432
00:45:44,831 --> 00:45:50,975
So he just specify this Padilla metadata API
433
00:45:51,231 --> 00:45:57,375
Everything is possible. Liquid in the moment in the back. This end
434
00:45:57,631 --> 00:46:03,007
Instant it will vary this information and then it will pass through this
435
00:46:03,263 --> 00:46:09,407
So by downloading be able to identify so many information like
436
00:46:09,663 --> 00:46:15,807
Atlanta tickets blind
437
00:46:16,063 --> 00:46:18,367
Vitamins
438
00:46:19,391 --> 00:46:25,535
Decided to punch out.
439
00:46:25,791 --> 00:46:31,935
AWS digital washing PocketCloud Oracle plowed and sown
440
00:46:32,191 --> 00:46:38,335
No further research is able to identify that using
441
00:46:38,591 --> 00:46:44,735
This particular, he's able to list all the foods that is there within the cabinet
442
00:46:51,391 --> 00:46:57,535
Are you service account to buy fighting these two particular, so there's don't information that is available
443
00:46:57,791 --> 00:47:03,935
Patty stump using tomato plant certificate blind key
444
00:47:04,191 --> 00:47:10,335
Certificate is able to identify the service account token give him access today
445
00:47:10,591 --> 00:47:16,735
Bonetti's. Are you able to take a shell
446
00:47:16,991 --> 00:47:18,527
Lt-col benetti environments
447
00:47:19,551 --> 00:47:25,695
It's kind of interesting scenario where it's a brief story about
448
00:47:25,951 --> 00:47:32,095
You're so stupid and modify the template within the password. It could file B injector the script of the metadata
449
00:47:32,351 --> 00:47:38,495
Installed exchanger which athletes have it with Lids store with the Snapchat
450
00:47:38,751 --> 00:47:44,895
Previous step over here and information
451
00:47:45,151 --> 00:47:51,295
Nikki's musically result of Demeter
452
00:47:51,551 --> 00:47:57,695
Victor the information within the Jason torment as the oil is equal to Jason parameters also supported
453
00:47:57,951 --> 00:48:04,095
Then he's able to extract information is used to excess of dokkan dokkan environment and
454
00:48:04,351 --> 00:48:10,495
He's able to attend the kubernetes.
455
00:48:10,751 --> 00:48:15,615
Able to get the excess Weekender Shopify container
456
00:48:15,871 --> 00:48:22,015
No again this is an example of
457
00:48:22,271 --> 00:48:28,415
Using the metadata API he's able to obtain this information like account ID region security
458
00:48:28,671 --> 00:48:34,815
Presidential Enzo and once he's able to get the temporary
459
00:48:35,071 --> 00:48:41,215
Buckets that is available
460
00:48:41,471 --> 00:48:47,615
It's okay it's an able to expose another and
461
00:48:47,871 --> 00:48:54,015
He's able to integrate instance to identify the higher power tools and open access to the tools
462
00:48:54,271 --> 00:48:58,367
Instances by up a the baby obscene guide
463
00:48:59,135 --> 00:49:01,695
Auditing tools
464
00:49:01,951 --> 00:49:08,095
Want to do a cloud
465
00:49:08,351 --> 00:49:14,495
The first one is csudh is a cross cross platform provider
466
00:49:14,751 --> 00:49:20,895
Can use this tool for the different different plowed and Muhammad
467
00:49:21,151 --> 00:49:27,295
Bodysuit of the Google Cloud it is just out for
468
00:49:27,551 --> 00:49:33,695
The answer is your car and Azurite so you can simply use this tool to do a confirmation review of the cloud
469
00:49:37,279 --> 00:49:40,607
Okay so
470
00:49:43,935 --> 00:49:49,311
The next topic is Google talking so people jumping to this one
471
00:49:49,567 --> 00:49:55,711
I think we are heading to the coffee break I can check how much time it is
472
00:49:56,991 --> 00:49:59,295
Give me a minute please
473
00:50:01,087 --> 00:50:07,231
Okay it's still part time is left so let me cover this
474
00:50:07,487 --> 00:50:13,631
The Google talking so how do we use the Google docking within the cloud
475
00:50:13,887 --> 00:50:20,031
Cloudera again known as the Google hacking which is kind of
476
00:50:20,287 --> 00:50:26,431
Powerful credit that we can use in the Google search engine to identify the football information
477
00:50:26,687 --> 00:50:32,831
How do I identify the security loopholes into consideration or the code of the application that we are using
478
00:50:33,087 --> 00:50:39,231
Example of such powerful Perry
479
00:50:39,487 --> 00:50:45,631
And within the URL I just find evil password on logging So based on that
480
00:50:45,887 --> 00:50:52,031
If these don't that we are able to identify the log file which contains the password
481
00:50:52,287 --> 00:50:58,431
Do you want it and be able to identify information about bfr condition
482
00:50:58,687 --> 00:51:04,831
He's nothing but a powerful Google search inquiry using that we can simply identify
483
00:51:05,087 --> 00:51:11,231
Disputed Lupo's fortification audio organization so using the Google Doc
484
00:51:11,487 --> 00:51:17,631
How can I take a use and misuse the Google talking so using the Google Talking weekend
485
00:51:17,887 --> 00:51:24,031
Simply expect information about the username and password belongs to Devon Collision you can also
486
00:51:24,287 --> 00:51:30,431
Identify the email list specific to the organization across identify the sensitive documents or the document which country
487
00:51:30,687 --> 00:51:36,831
Is the sensitive information identify financial information
488
00:51:37,087 --> 00:51:38,623
Website
489
00:51:38,879 --> 00:51:45,023
How do we use the Google talking for the cloud cloud
490
00:51:45,279 --> 00:51:51,423
Has a specific domain created for the different
491
00:51:51,679 --> 00:51:57,823
Okay so
492
00:51:58,079 --> 00:52:04,223
Like 4. Name call windows.net appspot.com 48
493
00:52:04,479 --> 00:52:10,623
Amazon.com
494
00:52:10,879 --> 00:52:17,023
Reported any component Alex domain from
495
00:52:17,279 --> 00:52:23,423
Whether it will create for us and that is
496
00:52:23,679 --> 00:52:29,823
Go to just going to let the S3 bucket than you do. Stop doing for me and him something
497
00:52:30,079 --> 00:52:36,223
MnDOT SV. Amazon.com
498
00:52:36,479 --> 00:52:41,087
You do identify the misconfigured cloud services in the Google docking Bays
499
00:52:41,599 --> 00:52:47,743
David Dominic created when is created for the user
500
00:52:47,999 --> 00:52:54,143
You can simplify this kind of google.doc very light S3 amazon.com
501
00:52:54,399 --> 00:53:00,031
I want to identify all the S3 bucket that is belongs to that particular organization like
502
00:53:01,823 --> 00:53:04,895
Abandon someone has okay
503
00:53:05,151 --> 00:53:11,295
So here we can identify all these three buckets which is belongs to this organization
504
00:53:11,551 --> 00:53:17,695
Can simply identify the static website using this particular
505
00:53:17,951 --> 00:53:22,303
Kind of powerful fairies in the Google search engine to identify the football information
506
00:53:22,559 --> 00:53:25,375
The moment you do
507
00:53:26,399 --> 00:53:32,543
You can also use the other platforms like YouTube you can also search for APS
508
00:53:32,799 --> 00:53:38,943
Secret or the secret key or let's see the temperature
509
00:53:39,199 --> 00:53:45,343
Available within the opposite list sometime you will identify the sensitive Keys belongs to
510
00:53:45,599 --> 00:53:51,743
Cloud component of the specific organization within
511
00:53:51,999 --> 00:53:58,143
How to use the heat up to identify the fruitful information about life since of information form for the patella
512
00:54:04,287 --> 00:54:10,431
What are the services that is running on the side where the organization is done the application
513
00:54:10,687 --> 00:54:16,831
Can also use the archive.org it's basically used to replace the sensor centage information from the older version
514
00:54:17,087 --> 00:54:23,231
It basically manage your version of the application so I can simply use.
515
00:54:23,487 --> 00:54:29,631
I just using this
516
00:54:29,887 --> 00:54:36,031
As my Google account from Google Play to S3 hyphen star items
517
00:54:36,287 --> 00:54:42,431
StarTalk aws.com equal okay
518
00:54:42,687 --> 00:54:48,831
With all these people file
519
00:54:49,087 --> 00:54:55,231
Basically has this particular side possessed okay
520
00:54:55,487 --> 00:54:56,255
Contain
521
00:54:58,047 --> 00:55:04,191
Beyond the credit policy the database schema has evil creation Perry
522
00:55:04,447 --> 00:55:10,591
Insert a court query update information so we can identify
523
00:55:10,847 --> 00:55:16,735
Information like password user information User. And so on
524
00:55:17,503 --> 00:55:23,647
You can also search for a little secret Keys based on this kind of Syntex like side is equal to
525
00:55:23,903 --> 00:55:30,047
Svi pinstriping star ocwen.com
526
00:55:30,303 --> 00:55:32,351
Search for pcw secret
527
00:55:32,607 --> 00:55:38,751
Information like
528
00:55:39,007 --> 00:55:45,151
URL pocket parties Mansion to what year will also identify bunch of passwords belongs to.
529
00:55:45,407 --> 00:55:49,759
Application is using
530
00:55:51,807 --> 00:55:57,951
You can also identify the league storage account keys on the d-top
531
00:55:58,207 --> 00:56:04,351
He can simply search for this particular kind of keyboard select people and points protocol and type is equal to court
532
00:56:04,607 --> 00:56:10,751
If you don't pass the coordinates that identify these people Empire protocol
533
00:56:11,007 --> 00:56:17,151
No this is kind of important keyboard to default in points protocol it's kind of important keyboard
534
00:56:17,407 --> 00:56:23,551
Environment because it contains the information the account name
535
00:56:23,807 --> 00:56:29,439
Intercounty it's basically used to connect to the Azure storage
536
00:56:29,951 --> 00:56:36,095
If you are able to identify this kind of information belongs to a specific organization
537
00:56:36,351 --> 00:56:42,495
And simply use this information to check whether this article said is exist or not if it exists and you can play with that
538
00:56:42,751 --> 00:56:48,895
Particular information electrical components weather
539
00:56:49,151 --> 00:56:55,295
Extract the source code for the functions from the storage Account app not supported
540
00:56:55,551 --> 00:57:01,695
Santa Peter using the technique that the alarm and
541
00:57:01,951 --> 00:57:08,095
Remote code execution by upcoding of option
542
00:57:08,351 --> 00:57:14,495
Did you play with this exercise for little 15 minute then I give you a box around this and then
543
00:57:14,751 --> 00:57:20,895
If you have time to complete this exercise meanwhile if you have any question can simply self
544
00:57:21,151 --> 00:57:26,783
All can simply post your question with body in
545
00:57:27,039 --> 00:57:33,183
And I think we are heading to the coffee break as well so what I do I just keep
546
00:57:33,439 --> 00:57:37,023
It's coffee break followed by 3:15
547
00:57:38,303 --> 00:57:44,447
Eating over here we have to do is be able to search for the guitar for this particular strain
548
00:57:45,471 --> 00:57:51,615
Within this Frame if you are able to identify an information than you could look at this information
549
00:57:51,871 --> 00:57:55,711
Information that is there available on this particular account
550
00:57:55,967 --> 00:58:02,111
If this particular account contains these people and points protocol information than you can simply
551
00:58:02,367 --> 00:58:08,511
Please use the Azure sea live version that is available in escali machine
552
00:58:15,679 --> 00:58:21,823
And you can play with the Azure Cloud environment as well
553
00:58:22,079 --> 00:58:28,223
Once the hint you can simply use the offline answer sheet and I also upload
554
00:58:28,479 --> 00:58:34,623
Did the steps on them the portal so you can also take the help from that okay
555
00:58:34,879 --> 00:58:41,023
If you are unable to understand any of the steps or let's say any information that is mentioned
556
00:58:41,279 --> 00:58:46,143
Send in the walkthrough document then you can simply pay anything else on the Paris Accord
557
00:58:46,911 --> 00:58:49,471
So let me start the timer
558
00:58:55,615 --> 00:58:59,711
Coffee break
559
00:59:00,479 --> 00:59:04,831
Exercise babe
560
01:29:09,632 --> 01:29:13,216
Everyone I hope you enjoyed your coffee break
561
01:29:13,472 --> 01:29:19,616
And it looks like only one person that's completed this one but yes
562
01:29:19,872 --> 01:29:24,224
Wendy's
563
01:29:24,480 --> 01:29:28,320
Then and again keep your time to competition
564
01:29:29,856 --> 01:29:32,672
Border X
565
01:29:40,608 --> 01:29:43,680
GitHub so let me go to get up
566
01:29:51,872 --> 01:29:58,016
You can also use the Buick up for the juicy information site and your vehicle search for the string not supported
567
01:29:59,552 --> 01:30:03,392
It's just search for spring
568
01:30:03,648 --> 01:30:09,792
That is no response is associated to this publication code is not found, it is not there
569
01:30:10,048 --> 01:30:16,192
Respond user that is there for this particular
570
01:30:17,728 --> 01:30:23,872
Okay so now found one user so just go to the
571
01:30:24,128 --> 01:30:26,688
Is your storage
572
01:30:27,712 --> 01:30:33,856
The moment you go to the Spaghetti Factory it has one file and that is local settings. Jason
573
01:30:34,112 --> 01:30:40,256
At the moment you opened I can find you can find that is 3410 points
574
01:30:40,512 --> 01:30:44,608
Mention that this particles
575
01:30:45,120 --> 01:30:51,264
This particular keyboardist peacefully useful contains account key to access PC
576
01:30:51,520 --> 01:30:57,664
That is that is dead on the issue to hear me
577
01:30:57,920 --> 01:31:03,808
Celeste check with its ability or not
578
01:31:04,064 --> 01:31:05,344
What I'm doing
579
01:31:06,112 --> 01:31:12,256
Jack's brother this but I'm fighting this
580
01:31:12,512 --> 01:31:16,864
I want to check the storage
581
01:31:17,120 --> 01:31:23,264
I want to take that to the sad Sherry's exist or not and the account
582
01:31:23,520 --> 01:31:24,800
Antonym
583
01:31:25,312 --> 01:31:29,664
Found a panini is equal to
584
01:31:30,176 --> 01:31:36,320
It's dated from here and account
585
01:31:36,576 --> 01:31:39,904
Is
586
01:31:40,416 --> 01:31:42,208
This
587
01:31:48,352 --> 01:31:51,680
Monkey is this
588
01:31:57,824 --> 01:32:01,152
Nini's equal to cocaine scene
589
01:32:04,224 --> 01:32:10,368
And a tendency faces yes what next
590
01:32:10,624 --> 01:32:16,768
Download Alexa. That is better than this
591
01:32:17,024 --> 01:32:20,864
Again I fighting this public storage
592
01:32:22,912 --> 01:32:29,056
Now I want to download information for that I'm using this particle command download patch
593
01:32:29,568 --> 01:32:33,152
The account name into key name is same
594
01:32:36,480 --> 01:32:40,064
Open this information
595
01:32:40,832 --> 01:32:46,976
And look at before downloading or before fighting this command let me go to
596
01:32:49,024 --> 01:32:54,400
Usher
597
01:32:55,168 --> 01:33:00,288
Knowledge me star
598
01:33:07,712 --> 01:33:13,856
I want to download the information that is there on this particular share and for that
599
01:33:14,112 --> 01:33:20,256
Destination is equal to my current trajectory and assure source is equal to
600
01:33:22,048 --> 01:33:27,424
Name of the shed under these this
601
01:33:49,952 --> 01:33:56,096
OK Google
602
01:34:05,568 --> 01:34:07,872
And it's paid for sometime
603
01:34:21,952 --> 01:34:27,584
Sometime it takes some time to complete this trailer come out
604
01:35:00,096 --> 01:35:02,656
Facebook 102 minutes
605
01:35:16,992 --> 01:35:23,136
And that is downloaded all the information that is that on that
606
01:35:23,392 --> 01:35:29,536
Let's analyze what's inside.
607
01:35:29,792 --> 01:35:35,936
Hey Jessie.
608
01:35:36,192 --> 01:35:37,728
Electric
609
01:35:37,984 --> 01:35:41,568
Good morning to go to this time
610
01:35:43,872 --> 01:35:50,016
WWE
611
01:35:50,272 --> 01:35:53,856
Monica check for district 41
612
01:35:54,112 --> 01:35:59,232
Has none. CSS file which basically responsible
613
01:35:59,488 --> 01:36:05,376
Looks like some of your
614
01:36:05,632 --> 01:36:11,776
Let me give you a demo based on this to the one to the moment you put this information
615
01:36:12,032 --> 01:36:18,176
CSX contains asp.net core which has some basic data like
616
01:36:18,432 --> 01:36:24,576
Exit 10 in college one parameter that is named
617
01:36:24,832 --> 01:36:30,976
Do the do provided within the name do some processing and then respond it
618
01:36:31,232 --> 01:36:37,376
Hello and the value.
619
01:36:37,632 --> 01:36:43,776
The name of The Pedestrian or in the request party so we can simply replace this information
620
01:36:44,032 --> 01:36:50,176
Asp.net Style
621
01:36:54,272 --> 01:36:56,320
Creating
622
01:36:59,648 --> 01:37:04,512
Just coughing DaVita fletc
623
01:37:05,536 --> 01:37:11,680
B w w tooth HTTP trigger
624
01:37:11,936 --> 01:37:18,080
What do WWE
625
01:37:21,920 --> 01:37:24,224
Applejack
626
01:37:24,736 --> 01:37:30,880
Any defiant 100
627
01:37:31,136 --> 01:37:37,280
Now I'm just copy the data that is buried in there should be good 12
628
01:37:37,536 --> 01:37:43,680
100 equals I want to modify their undersea SX4
629
01:37:43,936 --> 01:37:50,080
Indecisive
630
01:37:50,336 --> 01:37:54,432
Destructible hd1500
631
01:37:54,944 --> 01:38:01,088
And didn't I I'm just open this land rcsx and at what time
632
01:38:01,344 --> 01:38:04,160
I'm doing I'm just
633
01:38:05,440 --> 01:38:11,584
26 notches so what it will do
634
01:38:11,840 --> 01:38:16,448
Ecmd parameter pass
635
01:38:16,704 --> 01:38:22,848
The information for this particular function
636
01:38:23,104 --> 01:38:29,248
And here we can provide defiling
637
01:38:35,904 --> 01:38:42,048
The document is nothing but
638
01:38:48,704 --> 01:38:54,848
All at the same Department
639
01:38:55,104 --> 01:38:58,432
Now the next thing is no information on the server
640
01:38:58,944 --> 01:39:03,552
So how do we do that
641
01:39:06,368 --> 01:39:12,512
Let me go to the first tomorrow
642
01:39:13,024 --> 01:39:19,168
But here instead of upload batch instead of download Bachelorette say I want to use a blood patch
643
01:39:23,520 --> 01:39:28,384
Upload page account name is this account key is this
644
01:39:28,640 --> 01:39:33,248
And here the destination is
645
01:39:36,064 --> 01:39:42,208
I want to upload information on this particular share the destination is
646
01:39:44,256 --> 01:39:47,328
And the destination Park
647
01:39:50,144 --> 01:39:56,288
He's let's a site https ww.w
648
01:39:56,544 --> 01:39:58,336
Route
649
01:39:59,872 --> 01:40:03,200
And it's 50p
650
01:40:03,712 --> 01:40:05,248
Because
651
01:40:05,504 --> 01:40:07,552
Undertale created
652
01:40:08,320 --> 01:40:13,184
And the source is knowledge exchange Source information from
653
01:40:16,256 --> 01:40:22,400
It's fitting.
654
01:40:23,936 --> 01:40:27,008
Newt band cloud
655
01:40:27,264 --> 01:40:28,544
Ensure
656
01:40:29,568 --> 01:40:32,384
An individual that is a site
657
01:40:34,944 --> 01:40:37,760
WWE
658
01:40:39,040 --> 01:40:43,648
And then.
659
01:40:54,400 --> 01:40:59,008
This one I hit enter
660
01:40:59,520 --> 01:41:05,664
Expect to upload RX100 on the server so the next thing is how do we access
661
01:41:05,920 --> 01:41:12,064
How do we identify turn
662
01:41:12,320 --> 01:41:15,136
You are inside
663
01:41:15,392 --> 01:41:21,536
Shelbyville first find the container name associated with this account using let me
664
01:41:25,120 --> 01:41:31,264
So I want to identify the container list with this account
665
01:41:31,520 --> 01:41:33,568
Mesa County
666
01:41:34,336 --> 01:41:40,480
At the moment by this particular come on SpongeBob information
667
01:41:40,736 --> 01:41:46,880
The continent is Azerbaijan post
668
01:41:47,136 --> 01:41:49,952
Once we are able to identify the container name
669
01:41:50,208 --> 01:41:56,352
Connecting wheel to identify the letter download the block associated with this container
670
01:41:56,608 --> 01:41:58,656
Before that
671
01:41:59,936 --> 01:42:02,496
I'm fighting this battle Akuma
672
01:42:05,568 --> 01:42:09,664
Usher storage I want to download the block
673
01:42:10,176 --> 01:42:13,248
That is awesome ship to this
674
01:42:14,016 --> 01:42:20,160
A job app job secrets and is
675
01:42:22,464 --> 01:42:26,560
The destination is in stock. Let me storage within
676
01:42:28,608 --> 01:42:30,400
Blop
677
01:42:32,448 --> 01:42:36,800
Inappropriate ampdir
678
01:42:37,056 --> 01:42:43,200
Clock
679
01:42:43,456 --> 01:42:46,272
Japanese
680
01:42:49,600 --> 01:42:53,696
Download all the information for the article set the uploaded
681
01:42:53,952 --> 01:42:55,232
Okay
682
01:42:55,488 --> 01:43:01,632
Then what we can do when can simply check the host. Jason pilot Isabella
683
01:43:03,424 --> 01:43:04,960
So
684
01:43:06,240 --> 01:43:08,544
But didn't this folder
685
01:43:08,800 --> 01:43:10,848
I'm only 32
686
01:43:11,360 --> 01:43:17,504
It. Jason has the hostname using which we can access this particular shirt
687
01:43:17,760 --> 01:43:19,808
Copy this to me
688
01:43:24,416 --> 01:43:30,560
So yes variable Texas please the next thing he's be able to access this
689
01:43:30,816 --> 01:43:34,400
On the epi22 eat HTP trigger
690
01:43:34,656 --> 01:43:35,680
100
691
01:43:36,448 --> 01:43:40,800
Bedessee MD Issaquah
692
01:43:50,528 --> 01:43:54,112
Let me do it again
693
01:44:02,560 --> 01:44:08,704
Uploaded to
694
01:44:08,960 --> 01:44:10,240
Ww.w
695
01:44:10,496 --> 01:44:13,568
Route HTTP 300
696
01:44:28,928 --> 01:44:34,304
Dixie he says test
697
01:44:34,560 --> 01:44:36,608
And if we do it again
698
01:44:38,656 --> 01:44:40,960
I've been fighting the same come on
699
01:44:44,288 --> 01:44:48,384
In stock that's out now I want to
700
01:44:50,176 --> 01:44:56,320
And the command for back is yes
701
01:44:56,576 --> 01:45:02,720
Update information on on WWE
702
01:45:02,976 --> 01:45:03,744
100
703
01:45:08,096 --> 01:45:13,216
So yes it's gets uploaded what station did the command that
704
01:45:13,472 --> 01:45:17,056
Philip Testa trespass
705
01:45:34,976 --> 01:45:41,120
Miss Northeastern Xbox
706
01:45:41,376 --> 01:45:47,520
Multiple times
707
01:45:47,776 --> 01:45:53,920
Okay so
708
01:45:54,176 --> 01:46:00,320
A comment on this once you identify today's account
709
01:46:01,088 --> 01:46:07,232
You can simply use information to purpose and extradition father so
710
01:46:07,488 --> 01:46:09,536
Questioning this
711
01:46:16,704 --> 01:46:22,080
Minutes to complete this exercise
712
01:46:22,592 --> 01:46:28,736
Meanwhile if you have any question can simply poster question on the basketball Channel
713
01:46:28,992 --> 01:46:30,272
SMS question
714
01:46:33,344 --> 01:46:39,488
Exercise please update the polling channel channel so we can move forward
715
02:01:18,080 --> 02:01:22,944
Is the summer people are still doing this one so let me in 5 minutes
716
02:01:23,200 --> 02:01:29,088
Do small computer desk exercise place after the Bollinger.
717
02:06:29,120 --> 02:06:35,264
It looks like some of your completely spun and some of your students odo's non-compete
718
02:06:35,520 --> 02:06:41,664
And if you have any question just for clarity in the email
719
02:06:56,000 --> 02:07:02,144
It's kind of easy but very critical content
720
02:07:02,400 --> 02:07:08,544
And many more
721
02:07:08,800 --> 02:07:14,944
Certificates including diva
722
02:07:16,224 --> 02:07:22,368
Easter day around Diego
723
02:07:22,624 --> 02:07:28,768
Amazon DP Netflix issues
724
02:07:29,024 --> 02:07:35,168
All the third-party lipsticks
725
02:07:35,424 --> 02:07:41,568
Determine all of the bucket which contains the sensitive information about the Netflix user okay
726
02:07:41,824 --> 02:07:45,664
There is no permission is implemented to this S3 bucket
727
02:07:45,920 --> 02:07:52,064
Schreiber case contains all the information presented information about the Netflix user and
728
02:07:52,320 --> 02:07:53,856
To get back to you soon
729
02:07:54,368 --> 02:07:57,440
The definition of command you to go to this particular block
730
02:07:57,952 --> 02:08:04,096
Two-letter read about read more about this
731
02:08:07,424 --> 02:08:13,568
Next topic
732
02:08:13,824 --> 02:08:19,968
Function that we can use while creating the application to decide
733
02:08:20,224 --> 02:08:26,368
Which part of the Ws and warming do you want to give access to the user with registering
734
02:08:26,624 --> 02:08:27,904
In your application
735
02:08:29,184 --> 02:08:35,328
This is a service which enables direct access to the resources or the application user so they
736
02:08:35,584 --> 02:08:41,728
There are two part of it the first one and the second one is the identity pull this user
737
02:08:41,984 --> 02:08:48,128
This usable is nothing but this is a user provide sign sign up and sign-in options
738
02:08:48,384 --> 02:08:54,528
This uses to design sign up inside interfaces for defecation and excess and Menace used
739
02:08:54,784 --> 02:09:00,928
The data which enables developers to Grant and user access to the aw
740
02:09:01,184 --> 02:09:07,328
So that it will create unique identifiers for the user
741
02:09:07,584 --> 02:09:13,728
NWS coquito mainly used for the mobile application where this identity pool has a random you ready
742
02:09:13,984 --> 02:09:19,616
And because of that it's difficult to group for vaginally this identity
743
02:09:19,872 --> 02:09:26,016
But generally this identity pool you ideas hot water in the ocean
744
02:09:26,272 --> 02:09:32,416
Tradition due to its Department Of The Blind Side
745
02:09:32,672 --> 02:09:38,816
Andrew has done a very good research around that that he
746
02:09:39,072 --> 02:09:45,216
Identify the AWS, he just done the analysis into B internet
747
02:09:45,472 --> 02:09:51,616
And he just replaced the crowdsourcing by accountant and check all the
748
02:09:51,872 --> 02:09:58,016
Regional Dental application download all application decompile to Central education and collected
749
02:09:58,272 --> 02:10:02,880
2404 identity pool identifier
750
02:10:03,136 --> 02:10:09,280
Nobis tan exploding deformation on each pool identifier identify that
751
02:10:09,536 --> 02:10:15,680
Born in fire WWE not insecure where 1906 SE bobcat
752
02:10:15,936 --> 02:10:22,080
It's been contained sensitive information and identify one 1571 72 level of function
753
02:10:22,336 --> 02:10:27,456
Exposing at least 78 sensitive environment variables
754
02:10:29,248 --> 02:10:35,392
No this is a disaster default continuation of the cognito
755
02:10:35,648 --> 02:10:41,792
Conditions that needs to be required to exploit this where pm has ephedrine
756
02:10:42,048 --> 02:10:48,192
What sign up is not disabled and and
757
02:10:48,448 --> 02:10:54,592
Ice created for the user which has a minimal or less privileged to
758
02:10:54,848 --> 02:10:56,640
Anovulation the bucket
759
02:10:58,432 --> 02:11:04,576
And to both of the attack began use this Appliance Appliance which allows to register
760
02:11:04,832 --> 02:11:10,976
Application option we can confirm our user ID
761
02:11:11,232 --> 02:11:17,376
For the application Oliver assignment error but when you send
762
02:11:17,632 --> 02:11:23,776
Cadential application if you want to
763
02:11:24,032 --> 02:11:30,176
About it you can simply go through this block that we have published on the second added playlist
764
02:11:31,712 --> 02:11:37,856
Saudi Saudi Pokemon using sensitive explaining the command let me show you the inter
765
02:11:38,112 --> 02:11:44,256
The entire approach approach to the second
766
02:11:44,512 --> 02:11:50,656
Compromise Alice exploit the awm
767
02:11:50,912 --> 02:11:57,056
This is a tricky precise to let me give you a walkthrough first then I'll give you a time to complete this exercise
768
02:11:57,312 --> 02:12:03,456
Sahil music starting AWS Cognito Miss configuration failure to identify
769
02:12:03,712 --> 02:12:09,856
Secrets
770
02:12:10,112 --> 02:12:12,672
Call Neto.
771
02:12:14,208 --> 02:12:20,096
Okay so let me go to the boiling point
772
02:12:23,168 --> 02:12:25,472
And within that
773
02:12:25,984 --> 02:12:30,080
We have to go to this flower
774
02:12:31,616 --> 02:12:37,760
Angel
775
02:12:39,296 --> 02:12:45,440
Use this application when we actually look
776
02:12:45,696 --> 02:12:51,840
Option to sign it
777
02:12:52,096 --> 02:12:58,240
What you have done by simply doing W pesos
778
02:12:58,496 --> 02:13:04,640
So within that is a bunch of transcript is included
779
02:13:04,896 --> 02:13:11,040
Zip code for jQuery then there is a source-oriented the dumbest people
780
02:13:11,296 --> 02:13:17,440
E-Town supporter and the name of that is an Amazon company.
781
02:13:17,696 --> 02:13:23,840
Please be able to identify that it might be using Amazon Cognito in the back
782
02:13:24,096 --> 02:13:30,240
The next thing will be identify
783
02:13:30,496 --> 02:13:36,384
Borbet in Cynthiana lies all the spice like this one
784
02:13:40,224 --> 02:13:46,368
So a test not any critical information go back
785
02:13:46,624 --> 02:13:52,768
Okay.
786
02:13:53,792 --> 02:13:59,936
It's also don't have any interesting information
787
02:14:00,192 --> 02:14:06,336
Any sponge of Cognito related information is available
788
02:14:06,592 --> 02:14:10,688
Client ID identity ID
789
02:14:17,600 --> 02:14:23,744
The next thing what we have done we have to sign up using this information
790
02:14:24,000 --> 02:14:27,840
I'm using this Butler,
791
02:14:29,888 --> 02:14:36,032
I just walked through the entire process that we are both 14 apply okay so I'm just using
792
02:14:36,288 --> 02:14:42,432
Show me biography service and I want to perform designer
793
02:14:42,688 --> 02:14:46,016
The client ID received
794
02:14:46,784 --> 02:14:50,112
In the Javascript file is this
795
02:14:51,136 --> 02:14:54,976
I want to create a user with the username that say
796
02:14:57,536 --> 02:15:02,144
User 85 + 38
797
02:15:02,656 --> 02:15:08,800
Neil enature.com
798
02:15:09,056 --> 02:15:15,200
Bad Name the name of the name is
799
02:15:15,456 --> 02:15:21,600
The venue is let's use that 85 address.com
800
02:15:21,856 --> 02:15:28,000
And the name is username is let's a user 85
801
02:15:28,256 --> 02:15:30,304
Try to run this tomorrow
802
02:15:44,384 --> 02:15:50,528
Is a hear another thing that will Dimension is this where to mention
803
02:15:50,784 --> 02:15:56,928
Baby Jennifer
804
02:15:58,208 --> 02:16:03,072
You can simply change in environment variable
805
02:16:04,608 --> 02:16:10,752
Kid Pix old AWS
806
02:16:11,008 --> 02:16:15,360
For teaching is equal to
807
02:16:34,560 --> 02:16:37,376
Nick Mira
808
02:16:47,360 --> 02:16:53,504
It might be something to lose my DNS disconnect from the BPM
809
02:17:09,888 --> 02:17:12,960
My penis configuration
810
02:17:42,400 --> 02:17:48,032
Configuration by configuring
811
02:17:49,568 --> 02:17:54,432
Just got bigger
812
02:18:05,440 --> 02:18:11,584
It's already exists
813
02:18:11,840 --> 02:18:14,656
Stop
814
02:18:22,592 --> 02:18:28,736
It's instead please confirm username
815
02:18:28,992 --> 02:18:35,136
Sent a note to be valuable to this particular user
816
02:18:35,392 --> 02:18:38,464
Westfield to go to our email address
817
02:18:39,488 --> 02:18:42,048
Mediator
818
02:18:48,448 --> 02:18:52,288
Who's that 85
819
02:18:53,056 --> 02:18:59,200
And you see be able to receive an email it says that your verification
820
02:18:59,456 --> 02:19:05,600
And isn't that it says that your confirmation code is this
821
02:19:05,856 --> 02:19:10,464
Let me know
822
02:19:11,488 --> 02:19:17,632
Okay I want to use the apartment Garden
823
02:19:17,888 --> 02:19:21,984
Lb7 to confirm designer where the client ID is this
824
02:19:22,496 --> 02:19:28,640
16 correct username is this
825
02:19:28,896 --> 02:19:31,456
Maybe ninja.com
826
02:19:33,760 --> 02:19:39,904
So beautiful and the confirmation code that you have received on our email address
827
02:19:40,160 --> 02:19:43,232
Is this
828
02:19:45,792 --> 02:19:48,352
So now next Dental Medusa
829
02:19:52,192 --> 02:19:58,336
Accept the confirmation code did not respond with anything that is contained in the air
830
02:19:58,592 --> 02:20:04,736
Send Dad a message so it just accept our confirmation so
831
02:20:04,992 --> 02:20:11,136
That means the same as in Abbott in the parking so now let's quickly verify whether we are able to login using
832
02:20:11,392 --> 02:20:16,256
User account. Not in our application where the sign up is not allowed
833
02:20:16,512 --> 02:20:18,304
Wake me up
834
02:20:18,560 --> 02:20:23,680
So Hear My email address is this
835
02:20:28,032 --> 02:20:31,360
And the boss what is this
836
02:20:56,448 --> 02:20:59,264
It wasn't your big steaks
837
02:21:10,528 --> 02:21:12,064
Me too.
838
02:21:17,696 --> 02:21:22,304
F****** let me provide my username a copy to username
839
02:21:22,560 --> 02:21:28,704
The password that have / 3/8 in the username competition Commission
840
02:21:28,960 --> 02:21:32,032
Installation and siding
841
02:21:34,336 --> 02:21:40,480
Successfully logged in but does not have any
842
02:21:40,736 --> 02:21:46,880
Predation or defecation you don't have access to this application please contact your dad
843
02:21:47,136 --> 02:21:49,440
Administration admissions
844
02:21:50,976 --> 02:21:53,024
So now what we can do
845
02:21:53,792 --> 02:21:59,936
The moment just allowed to Allah Kenny 1213
846
02:22:00,192 --> 02:22:06,336
Decision token so how do we access the stupid the moment you go to this
847
02:22:06,592 --> 02:22:08,384
Left console
848
02:22:08,896 --> 02:22:15,040
Atkinson is in the storage within the local storage it has created bunch of token for us
849
02:22:17,856 --> 02:22:24,000
A place to contend that is an identity to cut so this identity
850
02:22:24,256 --> 02:22:27,328
Copy this information
851
02:22:28,096 --> 02:22:32,192
Beastie Boys
852
02:22:33,216 --> 02:22:39,360
Messy look at this it looks like a JWT token like to write the first two components of a 64 and Cody
853
02:22:39,616 --> 02:22:40,640
Valium
854
02:22:40,896 --> 02:22:47,040
What is this the second estate and the tour 2016
855
02:22:49,344 --> 02:22:53,696
Score.
856
02:23:00,096 --> 02:23:06,240
It has bunch of information so that uniquely identify user information instead
857
02:23:06,496 --> 02:23:12,640
Subsafe Beauty image verified is true events
858
02:23:12,896 --> 02:23:13,920
Information
859
02:23:14,944 --> 02:23:21,088
This is important which basically issue despotic
860
02:23:27,232 --> 02:23:33,376
No we have a token and you have issued information
861
02:23:33,632 --> 02:23:36,704
You should be popular talk-to-text
862
02:23:37,216 --> 02:23:43,360
Listen to it and authenticated Cognito identity ID
863
02:23:43,616 --> 02:23:49,760
Pool ID and identity full name
864
02:23:52,064 --> 02:23:54,368
I'm just fighting this buddy. Come on
865
02:24:12,288 --> 02:24:17,152
I'm just using the endpoint which has issued despotic Atoka
866
02:24:17,408 --> 02:24:20,736
And I'm just riding
867
02:24:27,648 --> 02:24:33,792
I said that I want to exchange PM identity where I want to get ID for
868
02:24:34,048 --> 02:24:40,192
Identity pool ID that is fair on our application upsers
869
02:24:41,216 --> 02:24:42,496
This
870
02:24:42,752 --> 02:24:48,896
And that is
871
02:24:49,152 --> 02:24:54,784
Issue information and the to contact information
872
02:24:55,040 --> 02:24:59,136
It just basic whatever
873
02:25:00,672 --> 02:25:06,816
Don't because created by identity
874
02:25:07,072 --> 02:25:11,680
Eid for us now what next
875
02:25:12,448 --> 02:25:18,592
Obtain a temporary credential using the ID token identity
876
02:25:25,248 --> 02:25:31,392
What I'm doing I'm just fighting this Padilla come on
877
02:25:33,952 --> 02:25:39,840
The here again I'm using the same company to Identity
878
02:25:40,096 --> 02:25:46,240
Then I want to Temporary credential by the identity ID that you're over here
879
02:25:51,360 --> 02:25:57,504
For the login that will identify the ID token is this
880
02:26:05,184 --> 02:26:11,328
Opd's replace it with this ID
881
02:26:11,584 --> 02:26:16,960
Strongest woman to obtain a temporary credential
882
02:26:20,032 --> 02:26:26,176
The moment we do that we are able to obtain a temporary credential
883
02:26:26,432 --> 02:26:32,576
Vitalchek what success in the parking all at what exits of the blood component please
884
02:26:32,832 --> 02:26:37,696
Temporary credential has let's just use that
885
02:26:39,232 --> 02:26:45,376
Temporary credential supported set the environment variable for this temporary
886
02:26:45,632 --> 02:26:50,496
Potential exists Eid is this
887
02:26:55,104 --> 02:27:01,248
Uwsp create success
888
02:27:01,504 --> 02:27:04,064
Play to this
889
02:27:06,112 --> 02:27:12,256
WS session
890
02:27:13,024 --> 02:27:14,560
Is equal to
891
02:27:21,472 --> 02:27:27,616
And the people are 3-g news
892
02:27:29,152 --> 02:27:35,296
Is equal to
893
02:27:35,552 --> 02:27:36,576
Identify
894
02:27:36,832 --> 02:27:42,976
Ed from here
895
02:27:43,232 --> 02:27:49,376
Lips are to check the Secret Service let's try to check or identity
896
02:27:49,632 --> 02:27:53,728
For that I'm fighting this gone
897
02:27:55,008 --> 02:27:58,592
STS get caller
898
02:27:58,848 --> 02:28:02,432
Identity
899
02:28:05,504 --> 02:28:11,648
Yes we are able to obtain the information about user ID account
900
02:28:11,904 --> 02:28:15,488
Add intuition
901
02:28:15,744 --> 02:28:21,888
If you can obtain a secret credential are the secret to confusing
902
02:28:22,144 --> 02:28:24,960
Information that is available over here
903
02:28:25,472 --> 02:28:31,616
So next, I'm typing this let's I want to secret I want to use the secret manager
904
02:28:33,664 --> 02:28:39,808
List all the secrets that is available to display
905
02:28:49,024 --> 02:28:55,168
The secret
906
02:28:55,680 --> 02:29:01,824
You're missing an ass and secrets
907
02:29:04,640 --> 02:29:10,784
Thanks so he'll be able to identify the information
908
02:29:11,040 --> 02:29:17,184
Like the name and description last changed it and so on
909
02:29:17,440 --> 02:29:23,584
The next thing is let's try to obtain the information all of the key based on
910
02:29:23,840 --> 02:29:28,704
This loud API
911
02:29:31,776 --> 02:29:35,872
I'm fighting this battle by the secret ideas
912
02:29:43,296 --> 02:29:49,440
At the moment I do that I'm able to catch the BET credential like secret stream which contains
913
02:29:49,696 --> 02:29:55,840
VIP username and password that is belongs to this particular information like 6
914
02:29:56,096 --> 02:30:02,240
Open using this success manager
915
02:30:02,496 --> 02:30:04,800
So this is how we can
916
02:30:05,056 --> 02:30:11,200
Once once we are able to identify that it is the custom is configured
917
02:30:11,456 --> 02:30:17,088
In the back and then you can simply use the sign-up option and you can simply
918
02:30:17,344 --> 02:30:23,488
Then we can simply do a locking using the login you can simply
919
02:30:23,744 --> 02:30:29,888
I didn't forget token which has a mini Milorganite exist if it has the people competition
920
02:30:30,144 --> 02:30:36,288
And this phone that you can expect this from district manager
921
02:30:37,568 --> 02:30:43,712
I believe this atomized clear it's very complex
922
02:30:43,968 --> 02:30:50,112
Exercise to complete so I'm just give you a 25 minutes to complete and if you have any questions
923
02:30:50,368 --> 02:30:55,232
You can simply post your question on the ballot support Jenna we are happy to provide a solution
924
02:31:04,192 --> 02:31:10,336
Also stars on them so you can also text
925
02:31:10,592 --> 02:31:16,736
Help from Attica man help from that particular document or you can also use the offline version of Dance
926
02:55:48,991 --> 02:55:55,135
Innocent looks like people are still doing this exercise and it looks like a very complex select
927
02:55:55,391 --> 02:56:01,535
To the next one
928
02:56:01,791 --> 02:56:07,935
Please update the polling John Legend and if you have any question you can simply post your question on the power supposed to be happy to help you
929
03:05:58,271 --> 03:06:02,367
It looks like most of your computer system yes
930
03:06:03,647 --> 03:06:09,791
Let's move to the next topic
931
03:06:10,047 --> 03:06:16,191
He done with her cloud pentesting
932
03:06:16,447 --> 03:06:22,591
What is the content management system what is the Commonwealth Liberty that you can find in the CNS and what are the
933
03:06:22,847 --> 03:06:28,991
Who's that is available at the article tattoos that is available to do the CMS pentesting that last released
934
03:06:29,247 --> 03:06:32,319
Isabel Patterson testing methodology for the CNS
935
03:06:34,111 --> 03:06:40,255
No I believe everyone knows about what is contained within the system right it is a computer
936
03:06:40,511 --> 03:06:46,655
It's basically allow us to create modify and maintain the digital content from the Cintas Center
937
03:06:46,911 --> 03:06:53,055
The face and the people on example of such a CMS East
938
03:06:53,311 --> 03:06:58,431
What is Joomla type of tree and many more
939
03:06:59,967 --> 03:07:06,111
What is the advantage of PMS
940
03:07:06,367 --> 03:07:12,511
Development of the verification without creating some stretch while also having a community health
941
03:07:12,767 --> 03:07:18,911
Al VR stuck at some place we are unable to create application
942
03:07:19,167 --> 03:07:25,311
Beautification so it's it's it's been one and there is a community available for that
943
03:07:25,567 --> 03:07:31,711
And help from the community as well to solve certain problems
944
03:07:31,967 --> 03:07:37,855
Locate investigation using the CMS and the solution is also available within the community
945
03:07:38,111 --> 03:07:44,255
Do you have your to perform less maintenance because since be able to
946
03:07:44,511 --> 03:07:49,887
And the security is also being watched by the community itself
947
03:07:50,143 --> 03:07:56,287
Identifying the CMS
948
03:07:56,543 --> 03:08:02,687
Celebrities that we can identify in the CNS and the first one is a security max contribution you can also identify
949
03:08:02,943 --> 03:08:09,087
Identify the audited plugins version or little software which is what
950
03:08:09,343 --> 03:08:15,487
Did I start in Times Square technician interface is exposed to
951
03:08:15,743 --> 03:08:21,887
Today internet for PCMS in also identified
952
03:08:22,143 --> 03:08:28,287
Mission based on the team part and points of that is created for the users then
953
03:08:28,543 --> 03:08:34,687
Identify the Departed prevention which is used to configure PCMS on the letter
954
03:08:34,943 --> 03:08:41,087
You can also Identify two people file that is not removed after being stung
955
03:08:41,343 --> 03:08:47,487
Relation object
956
03:08:48,511 --> 03:08:54,655
No skin so this is the automated to now let's talk about the tools
957
03:08:54,911 --> 03:09:01,055
That is used to open the metal penetration testing all the automated testing to taste this year
958
03:09:01,311 --> 03:09:07,455
Application so let's talk about the wpscan first is the automated
959
03:09:07,711 --> 03:09:13,855
Standard tool to find velocity with into Bartlett's application kind of berry
960
03:09:14,111 --> 03:09:20,255
Is that it on PMS application Ellipsis EMS
961
03:09:20,511 --> 03:09:26,655
Create application without creating from scratch
962
03:09:26,911 --> 03:09:33,055
The Beast and is used to perform the automatons cannot be buttface application
963
03:09:33,311 --> 03:09:39,455
Used to find the following information like the workplace running version DeGrasse identify the audit plugin
964
03:09:39,711 --> 03:09:45,855
It contains certain let's see me and they start that we can perform piatek
965
03:09:46,111 --> 03:09:52,255
On this application then we can identify identify the sensitive files and folders
966
03:09:52,511 --> 03:09:58,655
Physically remains bad after installation
967
03:09:58,911 --> 03:10:05,055
Defile that needs to be removed after the installation or we can also identify the admit
968
03:10:05,311 --> 03:10:11,455
History in interfaces exposed to the internet
969
03:10:11,711 --> 03:10:17,855
So office can be performed in the workplace application
970
03:10:18,111 --> 03:10:23,487
Business investing and WP using therapist can be can find this man information
971
03:10:23,999 --> 03:10:30,143
So how do we use that soap to use the wpscan V how to Simply find this
972
03:10:30,399 --> 03:10:36,543
Wpscan Daniel to provide Turles created
973
03:10:36,799 --> 03:10:42,943
It's about this in order to Let's identify the plugins or the username
974
03:10:43,199 --> 03:10:49,343
Pecan Park pecan simply go to go through this particular tool and you can sing
975
03:10:49,599 --> 03:10:55,743
Applejack what are the options what are the options that is available Within These two and then you can
976
03:10:55,999 --> 03:11:02,143
Define double birthday suffocation
977
03:11:02,399 --> 03:11:08,543
Using random user isn't you can simply use that option instead Indonesia
978
03:11:08,799 --> 03:11:14,943
Can you as a New Age religion user agent for each and every request that is fired from Disney
979
03:11:15,199 --> 03:11:21,343
Wpscan resume skin which basically automated
980
03:11:21,599 --> 03:11:23,903
Find the velocity within the jewel application
981
03:11:24,159 --> 03:11:30,303
And using resumes can we can find the gym Ladonna version political outlet plug-ins if its uses
982
03:11:30,559 --> 03:11:36,703
Any find a sensitive files and folders similar with the wpscan
983
03:11:36,959 --> 03:11:43,103
Someone that we can use to perform the automated
984
03:11:43,359 --> 03:11:49,503
Navigation to minimum of Education
985
03:11:49,759 --> 03:11:55,903
It is created using the jungler
986
03:11:56,159 --> 03:12:02,303
It's basically used to the tip of the automatic scanning of the application which is
987
03:12:02,559 --> 03:12:05,119
Created based on the Drupal
988
03:12:05,375 --> 03:12:11,519
And silverstripe identify this man information letter
989
03:12:11,775 --> 03:12:17,919
Like it installed in the CMAs installing the CMAs washing formation sensitive file and folder and so on
990
03:12:19,455 --> 03:12:25,599
So the use of groups can be able to perform comelec groups can scan Drupal iPhone
991
03:12:25,855 --> 03:12:31,231
You and you are a lot application then you can also specify the Third
992
03:12:31,999 --> 03:12:38,143
30 ml is a CMS map which is open source EMS scanner that automates the process
993
03:12:38,399 --> 03:12:43,519
Detecting security flaws for most of the populace EMS
994
03:12:43,775 --> 03:12:49,919
This tool can be used to find following information like plug-in installed in the CMAs again the same
995
03:12:50,175 --> 03:12:51,711
We have seen
996
03:12:52,479 --> 03:12:58,623
Know what is the matter you that engage used to go Compass EMS pentesting so
997
03:12:58,879 --> 03:13:05,023
Simply use the tools that have Justin wpscan Zoom scan to scan
998
03:13:05,279 --> 03:13:10,655
Ncms map also Bob extension is available. Let me check
999
03:13:11,167 --> 03:13:15,263
So if you go to this
1000
03:13:16,799 --> 03:13:22,431
Extender I think there is a CMS map is available
1001
03:13:27,807 --> 03:13:33,951
Yes Sienna scanner it's basically used to let the scanned application which is better top off
1002
03:13:34,207 --> 03:13:40,351
On top of this containment system
1003
03:13:40,607 --> 03:13:46,751
Okay but why is in
1004
03:13:47,007 --> 03:13:53,151
PC
1005
03:13:53,407 --> 03:13:59,551
We are able to identify the information that we can perform Expedition products what what happen
1006
03:13:59,807 --> 03:14:05,951
Application has blocked each and every informational scurll exposed
1007
03:14:06,207 --> 03:14:12,351
Information to the end-user whether we are able to lucchetti's Autumn to skin identify
1008
03:14:12,607 --> 03:14:18,751
Application is about Place application application
1009
03:14:19,007 --> 03:14:25,151
Not only helpful to you can also identify
1010
03:14:25,407 --> 03:14:31,551
YouVersion invalidate existing issue to the volleyball version or the side antifa diversion
1011
03:14:31,807 --> 03:14:37,951
Application request and identify the URL parameters which can be modified as a
1012
03:14:38,207 --> 03:14:44,351
Customisation percent you can also analyze and identify things and clothes
1013
03:14:44,607 --> 03:14:50,751
Games that are used by the application so here you can follow this particular methodology
1014
03:14:51,007 --> 03:14:53,311
The ultimate X Games
1015
03:14:53,567 --> 03:14:59,711
Thank you can also
1016
03:14:59,967 --> 03:15:06,111
Interesting be hardened bcms instance Fest
1017
03:15:06,367 --> 03:15:12,511
Bwg stand and you can also
1018
03:15:12,767 --> 03:15:15,327
Accomplice watercress
1019
03:15:20,703 --> 03:15:24,543
Let me see the interesting point plus Park Place Northville teacher
1020
03:15:27,359 --> 03:15:30,175
It says their caliber welcome to the workplace
1021
03:15:30,431 --> 03:15:36,575
Okay Center homepage just kidding me getting a space information that this particular application is
1022
03:15:36,831 --> 03:15:42,975
Created on top of what what's spms you can also use the extension like
1023
03:15:43,231 --> 03:15:49,375
It's basically give you a basic information about the application
1024
03:15:57,311 --> 03:16:03,455
The disciples extension is also used by the pentester to identify the basic information about application
1025
03:16:03,711 --> 03:16:07,039
I'm just added that it go to
1026
03:16:07,295 --> 03:16:10,623
Know when you refresh this page
1027
03:16:13,951 --> 03:16:20,095
They said yes if you take to the CMS application energy
1028
03:16:20,351 --> 03:16:26,495
85c information about the application
1029
03:16:26,751 --> 03:16:32,895
If it's not working then you can Google the menu
1030
03:16:33,151 --> 03:16:36,735
Questioning this
1031
03:16:37,247 --> 03:16:39,295
Anyone
1032
03:16:40,063 --> 03:16:46,207
Okay so as this is a WordPress application so you should drive into wpscan
1033
03:16:46,463 --> 03:16:52,351
Okay if it's not about then you should go for the manual approach
1034
03:16:55,167 --> 03:17:01,311
10 minutes to play with this exercise is to identify
1035
03:17:01,567 --> 03:17:07,711
Available plug-in which basically to this article injection valve
1036
03:25:06,943 --> 03:25:10,527
Once you complete exercise please update the balloon gender Jenner
1037
03:26:59,071 --> 03:27:04,447
Is on YouTube person is completely swamped this
1038
03:27:10,591 --> 03:27:16,735
Is this application is uses the birthdays or it's creeping up on top of the bar Paseo
1039
03:27:16,991 --> 03:27:21,855
So let's try to run the wpscan on this particular website
1040
03:27:22,111 --> 03:27:25,439
Wpscan
1041
03:27:26,463 --> 03:27:32,607
Okay
1042
03:27:32,863 --> 03:27:34,911
Defecation
1043
03:27:35,167 --> 03:27:39,007
Yes I would love to database
1044
03:27:40,031 --> 03:27:45,663
It says their website is up but does not seems to be running water
1045
03:27:45,919 --> 03:27:52,063
What on the vaporizer it's showing that it's worth it. It also shows that exporters
1046
03:27:52,319 --> 03:27:53,599
Hey
1047
03:27:55,135 --> 03:28:01,279
Let's try with the the other options like random user agent
1048
03:28:12,031 --> 03:28:18,175
It is doing the same it says that it does not seem to be running that car place
1049
03:28:18,943 --> 03:28:25,087
Okay let's go for the manual
1050
03:28:25,343 --> 03:28:31,487
Eaten everything using bitched about wpscan detected this as a bottle application okay
1051
03:28:31,743 --> 03:28:37,887
Open identify such kind of scenario in your application
1052
03:28:38,143 --> 03:28:43,263
Mansion party we start even his daughter
1053
03:28:43,519 --> 03:28:49,663
At least okay so the moment you do babe your boob it's worse it will find bunch of ink
1054
03:28:49,919 --> 03:28:50,943
Like
1055
03:28:51,455 --> 03:28:57,599
The teams that is used by this application like style Princeton that is a wprs suggestion than that
1056
03:28:57,855 --> 03:29:03,999
Is a bunch of plugins are available at the first one in Sears mall to w p&w.
1057
03:29:04,255 --> 03:29:10,399
So let's check whether any of the plug-in has any of the polarity or not okay
1058
03:29:10,655 --> 03:29:14,495
This kind of thing we can identify we can find on the wpscan
1059
03:29:15,007 --> 03:29:21,151
Bwwb scan.com
1060
03:29:21,919 --> 03:29:26,015
And
1061
03:29:29,855 --> 03:29:35,743
Yes this is a game. Com
1062
03:29:36,255 --> 03:29:42,399
You can search for applicants while I'm pretty like
1063
03:29:42,655 --> 03:29:47,519
You identify that uses this WP
1064
03:29:48,799 --> 03:29:54,431
Let me type it away WP autosuggest
1065
03:29:57,503 --> 03:30:03,647
The moment weekly consort it says that yes that is 142 this particular plug in and it says that on
1066
03:30:03,903 --> 03:30:10,047
Unattended spell injection at the moment if you can back it just forward your proof of concept
1067
03:30:10,303 --> 03:30:15,167
Okay
1068
03:30:17,471 --> 03:30:23,615
What weekend do we can simply replace rurally Sheeran let's check but it's available plug-in
1069
03:30:23,871 --> 03:30:30,015
What aplicar application as well or not so the copy this information
1070
03:30:32,319 --> 03:30:38,463
Deceased part of my application or the birth certificate
1071
03:30:38,719 --> 03:30:44,863
Available and let's run
1072
03:30:51,519 --> 03:30:56,383
Religious pic for sometime
1073
03:31:01,759 --> 03:31:07,391
Meanwhile let's let's check for the another plugins and that is Jerry small to WP
1074
03:31:07,647 --> 03:31:11,487
This ship with a convincing availability or not
1075
03:31:13,279 --> 03:31:19,423
BJ's tastiest tomorrow
1076
03:31:23,263 --> 03:31:29,407
I just use this more productive
1077
03:31:33,503 --> 03:31:39,647
The moments research 46s at yesterday
1078
03:31:39,903 --> 03:31:46,047
Cross-site scripting and the second one is PS4 City
1079
03:31:46,303 --> 03:31:48,607
Scripting acting copied
1080
03:31:50,143 --> 03:31:56,287
AC to wake you up and let you sleep List application
1081
03:31:56,543 --> 03:31:58,847
And that is this
1082
03:31:59,871 --> 03:32:05,759
They just copy this information and let her open it in the browser
1083
03:32:06,015 --> 03:32:12,159
The moment we open it says yes this is palpable and scripting
1084
03:32:12,415 --> 03:32:14,207
Batista
1085
03:32:14,719 --> 03:32:20,863
Is authenticated server-side unattended
1086
03:32:21,119 --> 03:32:23,167
Inform the internal files
1087
03:32:23,423 --> 03:32:29,567
So I can just open the payload that is available on DWP
1088
03:32:29,823 --> 03:32:30,591
Information
1089
03:32:31,359 --> 03:32:33,407
Bc2 Lisa
1090
03:32:34,687 --> 03:32:40,831
Okay I'm just joking faced my URL
1091
03:32:41,087 --> 03:32:43,391
Misinformation
1092
03:32:45,695 --> 03:32:51,839
NBC-2
1093
03:32:52,095 --> 03:32:54,143
It's awp-25s
1094
03:32:56,191 --> 03:33:02,335
Let's check our SQL injection identify the
1095
03:33:02,591 --> 03:33:06,943
No
1096
03:33:10,527 --> 03:33:14,879
We are able to obtain a college education
1097
03:33:19,999 --> 03:33:26,143
So this is how you can play with this chair just lose to sell
1098
03:33:26,399 --> 03:33:32,031
I want to get the deepest
1099
03:33:35,359 --> 03:33:38,943
It's identified that to database in the backing
1100
03:33:49,695 --> 03:33:55,839
Reduces the time-based payloads I just checked sometime information from the back-end database
1101
03:34:00,959 --> 03:34:03,775
Information to email I guess yes
1102
03:34:18,367 --> 03:34:21,183
Looks like a fart face
1103
03:34:33,727 --> 03:34:39,871
Yes this is how we win if you can analyze this were stored and identified
1104
03:34:40,127 --> 03:34:46,271
Plugins if it's fine
1105
03:34:46,527 --> 03:34:49,087
Siberian Husky
1106
03:34:49,855 --> 03:34:55,999
If you have any question you can ask a question or you can simply post request already in the power supply
1107
03:34:56,255 --> 03:34:56,767
Cortana
1108
03:34:58,815 --> 03:35:04,191
Okay and we are heading to the lunch break as well
1109
03:35:04,447 --> 03:35:08,543
Speak lunch break followed by 10 minute of Texas eye steak
1110
03:35:08,799 --> 03:35:12,639
Total of 70 minutes
1111
03:35:13,407 --> 03:35:16,735
And it's lunch break
1112
03:35:16,991 --> 03:35:22,623
Plus exercise trick
1113
03:35:22,879 --> 03:35:29,023
Also be available so if you have any questions regarding this topic or the previous topic.
1114
03:35:29,279 --> 03:35:35,423
Ordering today so we can simply Pingus on the tablet support channel for the question in Paris
1115
03:35:35,679 --> 03:35:39,519
Adventure constitute exercise please update the pool in jandel Channel
1116
04:45:09,759 --> 04:45:14,879
I hope you enjoyed your lunch break and
1117
04:45:15,391 --> 04:45:18,463
Yes most of your complete this one
1118
04:45:19,999 --> 04:45:26,143
Next one
1119
04:45:27,679 --> 04:45:33,823
The next model is black aesthetic
1120
04:45:34,079 --> 04:45:40,223
And we'll discuss more related
1121
04:45:41,247 --> 04:45:47,391
So what is Latasha what is Dan where do we look for
1122
04:45:47,647 --> 04:45:53,791
Implementation and B is required so the case is nothing but a temporary storage area
1123
04:45:54,047 --> 04:46:00,191
Usually implemented to reduce the latency from the web server
1124
04:46:00,447 --> 04:46:06,591
Example of dislocation is letter your paulist who stood behind a reverse proxy syrians
1125
04:46:06,847 --> 04:46:12,991
Okay so whenever any
1126
04:46:13,247 --> 04:46:19,391
Adidas
1127
04:46:19,647 --> 04:46:25,791
Indian summer or the load balancer physically create the cash version of the response and Venable.
1128
04:46:26,047 --> 04:46:32,191
Texas Two Step results
1129
04:46:32,447 --> 04:46:38,591
Adjectives examples
1130
04:46:38,847 --> 04:46:44,991
Pacific Park on the web application
1131
04:46:45,247 --> 04:46:51,391
Disjointed cast response on the city and server
1132
04:46:51,647 --> 04:46:57,791
Zombie
1133
04:46:58,047 --> 04:47:04,191
Not this time he has certain time limit employment
1134
04:47:04,447 --> 04:47:10,591
Doctor their time.
1135
04:47:10,847 --> 04:47:16,991
Again face from the website and then I get it from the internet service
1136
04:47:24,927 --> 04:47:31,071
So the guess he's nothing but a unique string that is created based on the electric
1137
04:47:31,327 --> 04:47:37,471
Extension Alexa to request content
1138
04:47:37,727 --> 04:47:43,871
So if you compare this with the database and it's nothing like the primary key
1139
04:47:44,127 --> 04:47:50,271
Cashier cashier received a request
1140
04:47:50,527 --> 04:47:56,671
The copy of the cash a response or Institute
1141
04:47:56,927 --> 04:48:03,071
PS3 Spawn from the back-end server
1142
04:48:09,727 --> 04:48:15,871
Indian holiday
1143
04:48:16,127 --> 04:48:22,271
Baptist Solitude somebody here is to decide whether they want to
1144
04:48:22,527 --> 04:48:28,671
Fetch this information from the back-end database or not
1145
04:48:28,927 --> 04:48:35,071
Did contain any cash within this professor or not contains a cash discount or not
1146
04:48:35,327 --> 04:48:41,471
Respond respond today to the user
1147
04:48:41,727 --> 04:48:47,871
If it's not contain the cash communicate with the back
1148
04:48:48,127 --> 04:48:54,271
And then career time over here over here and then
1149
04:48:54,527 --> 04:49:00,671
Forward the response to the user so this is how the concept of caste works
1150
04:49:00,927 --> 04:49:07,071
No that's cash you can perform to issue the first one is Alaska that deception
1151
04:49:07,327 --> 04:49:13,471
It's basically using that particular time we can expose your sensitive data and you can also
1152
04:49:13,727 --> 04:49:19,871
As a poison
1153
04:49:20,127 --> 04:49:26,271
Phishing attack Hands-On
1154
04:49:26,527 --> 04:49:32,671
Dedication
1155
04:49:32,927 --> 04:49:39,071
So what do we do as in Attica unlocked in such a way that I take
1156
04:49:39,327 --> 04:49:45,471
Create a malformed request request
1157
04:49:45,727 --> 04:49:48,543
Anticipation the victim user and
1158
04:49:48,799 --> 04:49:54,943
I think of it amusing that I need to access this particular URL
1159
04:49:55,199 --> 04:50:01,343
Send this request to the internet proxy so here
1160
04:50:01,599 --> 04:50:07,743
That is no cash entries exist ok so the cash then what it will do
1161
04:50:07,999 --> 04:50:14,143
It's Bill Paxton response from the back-end server and then it was gas to respond based on the
1162
04:50:14,399 --> 04:50:17,983
Based on this particular static file now
1163
04:50:18,239 --> 04:50:24,383
This speech sounds Department of index.php okay
1164
04:50:24,639 --> 04:50:30,783
So basically contains user information biktarvy profile information
1165
04:50:31,039 --> 04:50:37,183
Mission of the music now
1166
04:50:37,439 --> 04:50:43,583
Meeting this idiot box Alice Angel contains the cache key
1167
04:50:43,839 --> 04:50:49,983
555
1168
04:50:50,239 --> 04:50:53,311
User information of the victim user and it will
1169
04:50:53,567 --> 04:50:59,711
Essie exist on the integrated so it will respond with the user information of the victims
1170
04:50:59,967 --> 04:51:02,783
Atticus
1171
04:51:06,367 --> 04:51:12,511
A dinner second condition that needs to be made in order to expose this that as a deception
1172
04:51:12,767 --> 04:51:18,911
To access this particular page like not insecure. Index.php / non-existence.
1173
04:51:19,167 --> 04:51:20,191
CSS
1174
04:51:20,703 --> 04:51:26,847
The backend application to return the content of index.php
1175
04:51:27,103 --> 04:51:33,247
Application framework be treated in such a way that lets a user
1176
04:51:33,503 --> 04:51:39,647
By creating ipin points
1177
04:51:39,903 --> 04:51:46,047
BB request for deputies index.php it will not check for
1178
04:51:46,303 --> 04:51:52,447
Trading file extension
1179
04:51:52,703 --> 04:51:58,847
Index.php number 110 the second condition
1180
04:51:59,103 --> 04:52:05,247
Log into that patient then and then only be able to
1181
04:52:05,503 --> 04:52:11,647
Information on music
1182
04:52:11,903 --> 04:52:18,047
BBC got the cash key decision is needs to be taken onto file extension this week
1183
04:52:18,303 --> 04:52:24,447
Regarding any of the header that is present in vegetable request okay
1184
04:52:24,703 --> 04:52:30,847
Call extension
1185
04:52:32,127 --> 04:52:38,271
Based on that our demo be able to identify the Baptist disassemble a 22 access to sensitive
1186
04:52:38,527 --> 04:52:40,319
Syndication
1187
04:52:40,831 --> 04:52:46,975
Which would otherwise be only expect that cash it.
1188
04:52:47,231 --> 04:52:53,375
Colin 8080 login.php
1189
04:52:54,655 --> 04:52:59,519
Glng stock as a deception
1190
04:53:02,335 --> 04:53:08,479
Close all this tab
1191
04:53:11,039 --> 04:53:15,135
Happy popcorn democracy deception
1192
04:53:18,463 --> 04:53:24,607
Give me a minute guys
1193
04:53:24,863 --> 04:53:26,143
Chewbacchus
1194
04:53:30,751 --> 04:53:36,639
So the first thing is
1195
04:53:36,895 --> 04:53:43,039
The user needs to be loved
1196
04:53:43,295 --> 04:53:49,439
You can simply identify that based on response head okay so here I'm just checking.
1197
04:53:53,279 --> 04:53:55,583
Let's say
1198
04:53:55,839 --> 04:54:01,983
Staff Network I'm sending this
1199
04:54:02,239 --> 04:54:05,823
ABCD. CSS
1200
04:54:06,591 --> 04:54:12,735
The moment you try to send a static ball request using that is a hair.
1201
04:54:14,783 --> 04:54:19,903
It stays that X gacha miss that means it's not cashed or the server
1202
04:54:20,671 --> 04:54:26,815
Busting into a back-end 31st Roxy
1203
04:54:27,071 --> 04:54:33,215
As there is no cash into for this but
1204
04:54:33,471 --> 04:54:39,615
Extension or the 5th this response from the back and pick up his
1205
04:54:39,871 --> 04:54:46,015
An application and then it'll catch the response for this particular you are so yes this is using the cash
1206
04:54:46,271 --> 04:54:52,415
Now what Pekin do you must needs to be locked into that occasionally
1207
04:54:54,207 --> 04:55:00,351
And now the user is logged in over here now
1208
04:55:00,607 --> 04:55:05,727
Evicting user in such a way that it's try to access
1209
04:55:05,983 --> 04:55:10,079
Link that is provided by the attackers
1210
04:55:10,335 --> 04:55:16,479
Turn on assistant. CSS
1211
04:55:22,367 --> 04:55:28,511
Elegant this is a new file request okay so again it will fetch from the back-end database
1212
04:55:28,767 --> 04:55:30,303
Application
1213
04:55:31,839 --> 04:55:35,423
Ford itek me again start the control over here
1214
04:55:37,471 --> 04:55:38,751
Network
1215
04:55:44,639 --> 04:55:50,783
At the moment
1216
04:55:51,039 --> 04:55:53,087
It will try to
1217
04:55:53,343 --> 04:55:55,391
It is somewhat you wake up
1218
04:55:58,975 --> 04:56:05,119
Respond with the same information. Let me check the login page
1219
04:56:05,375 --> 04:56:11,519
Okay if you do it again
1220
04:56:16,895 --> 04:56:23,039
End it
1221
04:56:45,311 --> 04:56:49,663
Play song
1222
04:56:49,919 --> 04:56:52,479
It's username
1223
04:57:00,671 --> 04:57:06,815
Time to recover play music to access login page PS3
1224
04:57:07,071 --> 04:57:13,215
Index.php
1225
04:57:13,471 --> 04:57:18,335
Exist
1226
04:57:18,591 --> 04:57:24,735
. the ccss
1227
04:57:24,991 --> 04:57:31,135
Capital music Exorcist let me open up
1228
04:57:31,391 --> 04:57:33,183
1 Saluki
1229
04:57:36,511 --> 04:57:38,559
Nextbook
1230
04:57:42,399 --> 04:57:48,543
The second challenge that the first condition is.
1231
04:57:48,799 --> 04:57:54,943
But you already fill this point with the information obtained SRP hp22 respond with the same content
1232
04:57:55,199 --> 04:58:01,343
The moment we sent this request using the same content it's responded because
1233
04:58:01,599 --> 04:58:05,695
Information of that particular user so yes
1234
04:58:06,207 --> 04:58:07,743
And the moment you look
1235
04:58:07,999 --> 04:58:14,143
Start for the protocol header it says that yes this is guest on the server now
1236
04:58:14,655 --> 04:58:20,031
So the moment as I think I will try to access this page
1237
04:58:24,127 --> 04:58:27,455
Badshah
1238
04:58:28,735 --> 04:58:32,831
You think we are able to receive information of that particular user
1239
04:58:34,111 --> 04:58:40,255
Thank you sir days John Doe
1240
04:58:40,511 --> 04:58:46,655
And if you see the request Hitler when he hits it by Dee
1241
04:58:46,911 --> 04:58:53,055
How we can talk on the deception
1242
04:58:53,567 --> 04:58:58,431
The only condition that needs to be made a state
1243
04:58:59,199 --> 04:59:05,343
Reply to access to page after the index.php we try to open light non-existent
1244
04:59:05,599 --> 04:59:11,743
Response.com
1245
04:59:11,999 --> 04:59:18,143
Condition number one the second condition is that if you try to
1246
04:59:18,399 --> 04:59:24,543
Explode the user user needs to be logged into that position then and then only be able to extract
1247
04:59:24,799 --> 04:59:30,943
Sabia able to expect the third condition is that
1248
04:59:31,199 --> 04:59:37,343
38t cash key based on the file extension disregarding of any application
1249
04:59:37,599 --> 04:59:43,743
Audrey best fondant
1250
04:59:43,999 --> 04:59:50,143
By the researcher on the paper and by pulling the same after the center is able to obtain the user input
1251
04:59:50,399 --> 04:59:52,447
Animation of baby kitten user
1252
04:59:53,983 --> 04:59:56,799
No
1253
04:59:57,055 --> 05:00:01,151
That is under attack and that is that
1254
05:00:02,175 --> 05:00:08,319
Kia S2 gas poisoning looks like this
1255
05:00:08,575 --> 05:00:14,719
Beautiful search for the Explorer exploring the court allowing us to place legitimate data in the country
1256
05:00:14,975 --> 05:00:21,119
Who touches headers in distributive best friend okay
1257
05:00:21,375 --> 05:00:27,519
Basically part of the body
1258
05:00:27,775 --> 05:00:33,919
Exercise open Direction ends on
1259
05:00:34,175 --> 05:00:40,319
A response and then we can exploit the victim use it
1260
05:00:40,575 --> 05:00:46,719
Is similar to take but kind of inverse of the deception
1261
05:00:46,975 --> 05:00:49,023
What happened in the deception
1262
05:00:52,095 --> 05:00:58,239
Savannah
1263
05:00:58,495 --> 05:01:04,639
Musa try to access non-existence.
1264
05:01:04,895 --> 05:01:11,039
Cast on the server response get Gaston this hour and then
1265
05:01:11,295 --> 05:01:17,439
Existed
1266
05:01:17,695 --> 05:01:23,839
Loving queso poisoning its inverse here Westville
1267
05:01:24,095 --> 05:01:29,215
Identify the information
1268
05:01:30,239 --> 05:01:36,383
Okay which basically your auntie didn't put in the back end for the cat gash he
1269
05:01:36,639 --> 05:01:42,783
Identify that Daniel to identify this latest application
1270
05:01:43,039 --> 05:01:49,183
Saudi Arabia
1271
05:01:49,439 --> 05:01:55,583
We try to poison the application
1272
05:01:55,839 --> 05:02:01,983
Starbucks cash it will be
1273
05:02:02,239 --> 05:02:06,079
I take requests
1274
05:02:06,335 --> 05:02:12,479
Response okay so here is the background applications
1275
05:02:12,735 --> 05:02:18,879
Yes the response of the excesses that is passed by the ethical thing whenever any us team
1276
05:02:19,135 --> 05:02:25,279
User on a new user of dedication triplexes that particular Page Street effective
1277
05:02:26,815 --> 05:02:32,959
Voicemail to detect bien Kitty boot
1278
05:02:33,215 --> 05:02:39,359
Which is not a which is the part of the data caching
1279
05:02:39,615 --> 05:02:41,663
What we can do with that particular input
1280
05:02:41,919 --> 05:02:48,063
Identify the injection cost at crafting and Salon
1281
05:02:48,319 --> 05:02:54,463
Inject that information into a cash the once we are able to injected between permit
1282
05:02:54,719 --> 05:03:00,863
Information into other users
1283
05:03:01,119 --> 05:03:07,263
Again BO2 maps are cashews and I can be able to identify the input which is apart of
1284
05:03:07,519 --> 05:03:13,663
Again beautiful
1285
05:03:13,919 --> 05:03:20,063
Somehow we have to identify the video which basically inject our response into a
1286
05:03:20,319 --> 05:03:24,159
And then and then the other uses
1287
05:03:24,671 --> 05:03:30,815
Discount Tire. Next demo
1288
05:03:31,071 --> 05:03:37,215
Any unclaimed put used by the application and sour Cash's. Good for the skin
1289
05:03:37,471 --> 05:03:43,615
And you do any stores and doors and killing put Fitz malicious payload to the following
1290
05:03:43,871 --> 05:03:50,015
Random user Ben
1291
05:03:50,271 --> 05:03:56,415
Response gets poisoned father
1292
05:03:56,671 --> 05:04:02,815
Location controlled by
1293
05:04:03,071 --> 05:04:09,215
Insufficient to remote location control by Attica
1294
05:04:13,055 --> 05:04:17,407
Let me go to
1295
05:04:17,663 --> 05:04:19,711
That's ketchup poisoning
1296
05:04:28,415 --> 05:04:34,559
Here you see it just respond with the holsters
1297
05:04:34,815 --> 05:04:40,959
Just respond with your infant information
1298
05:04:41,215 --> 05:04:44,543
Song that this information is
1299
05:04:47,103 --> 05:04:50,431
Sapore back speech
1300
05:04:50,943 --> 05:04:55,039
And if you close this party started right now
1301
05:04:58,879 --> 05:05:01,695
Anticipated
1302
05:05:08,863 --> 05:05:13,727
No let's list replace this information from here
1303
05:05:20,383 --> 05:05:22,943
Bartow
1304
05:05:23,711 --> 05:05:27,039
Spider Pikachu
1305
05:05:31,135 --> 05:05:34,719
So now what we can do next
1306
05:05:36,255 --> 05:05:42,399
Guest on the server so what we can do next let's try to access this from here
1307
05:05:42,655 --> 05:05:48,799
Let's check whether the victim user gets everything
1308
05:05:49,055 --> 05:05:51,359
The browser
1309
05:05:51,871 --> 05:05:54,943
Then again try to access personal page
1310
05:05:56,735 --> 05:06:02,879
So it's not part of that particular uncured input but the next thing we can try
1311
05:06:04,159 --> 05:06:10,303
Let's try to use exported who's
1312
05:06:11,327 --> 05:06:17,471
Which is sometimes used by the bank navigation to closest people's information
1313
05:06:17,727 --> 05:06:19,775
Is 1234
1314
05:06:23,871 --> 05:06:30,015
It's not updated so it for some time to get gas
1315
05:06:30,271 --> 05:06:33,087
Expired from the backing
1316
05:06:37,695 --> 05:06:42,559
Bennett middle blisters builders
1317
05:06:48,959 --> 05:06:55,103
Yes now it's updated within the Houston information next check as a victim
1318
05:06:55,359 --> 05:06:56,383
Musa
1319
05:06:57,919 --> 05:07:03,551
That's a potato at the moment we try to replace this page using
1320
05:07:04,319 --> 05:07:10,463
That particular response that is based on Bing boot bettuce / 350
1321
05:07:10,719 --> 05:07:16,863
Cast on the subway in Venable any application user triplexes that particular page
1322
05:07:17,119 --> 05:07:22,751
And just responded that is injected body
1323
05:07:23,007 --> 05:07:29,151
Pics of the article user
1324
05:07:29,407 --> 05:07:35,551
UCR data speed of injected with industry ml right
1325
05:07:35,807 --> 05:07:40,927
Be proactive store knotless check
1326
05:07:42,719 --> 05:07:45,791
Say yes it's processed over here
1327
05:07:46,815 --> 05:07:51,167
No instances of guests on the sidewall let's try to access this
1328
05:07:51,935 --> 05:07:55,007
Tom DVD music
1329
05:07:55,263 --> 05:08:01,407
The moment I do that you see a script payload gets executed
1330
05:08:01,663 --> 05:08:07,807
On the browser because this particular information is guest on the server
1331
05:08:08,063 --> 05:08:14,207
Okay this is Bianca Lynn put up your identify and this information get
1332
05:08:14,463 --> 05:08:20,607
Despondent
1333
05:08:23,167 --> 05:08:27,519
What's next to the next thing we can do
1334
05:08:27,775 --> 05:08:33,919
Is let Sylvia let's let's try to
1335
05:08:35,455 --> 05:08:37,503
Supportive that
1336
05:08:38,527 --> 05:08:41,087
I'm just saying this but in the head
1337
05:08:48,511 --> 05:08:54,655
And here also within the script just reading the information from the wholesaler
1338
05:08:54,911 --> 05:09:01,055
For the POC book was created this particular holster that is physically process the input
1339
05:09:01,311 --> 05:09:07,455
What here is what we picked up our food then we can also poison at the
1340
05:09:07,711 --> 05:09:10,783
About the cash on this hour
1341
05:09:11,295 --> 05:09:17,439
The moment we do that using it just responded what your input gets responded over here
1342
05:09:21,791 --> 05:09:27,935
Before sending the request for spo2 start disabled right to get requests from the
1343
05:09:28,191 --> 05:09:32,543
Invicta machine
1344
05:09:32,799 --> 05:09:37,407
What number is 123
1345
05:09:39,199 --> 05:09:45,343
Let me delete everything Jumpland site page
1346
05:09:45,855 --> 05:09:51,999
The moment we sent this request has expired because bear implement
1347
05:09:52,255 --> 05:09:57,887
When did the 22nd timer to expire
1348
05:09:59,423 --> 05:10:05,567
It's 4.85 1234 eject my IP address
1349
05:10:07,359 --> 05:10:10,431
Yikes 85
1350
05:10:13,247 --> 05:10:15,295
You just paid for some time
1351
05:10:17,087 --> 05:10:19,135
A knowledge
1352
05:10:19,391 --> 05:10:21,439
Afflicted
1353
05:10:28,863 --> 05:10:35,007
Wanted me to fix this page it's try to get us try to retrieve information the script information
1354
05:10:35,263 --> 05:10:41,407
Because using this particular Heather we are able to poison the distance
1355
05:10:41,663 --> 05:10:47,807
Gatsby's particular response on BMW proxy
1356
05:10:48,063 --> 05:10:54,207
Bendable any user triplexes that particular page it gets off the content of that cast response
1357
05:10:54,463 --> 05:11:00,607
Modify Scripps Oceanside
1358
05:11:00,863 --> 05:11:03,423
Describe information from the article storming
1359
05:11:03,679 --> 05:11:08,543
Then the next thing is pure distilled the credential
1360
05:11:08,799 --> 05:11:14,943
Okay so I can view identify together basically input
1361
05:11:15,199 --> 05:11:19,039
Become apart of 2/3 of the cashier
1362
05:11:19,295 --> 05:11:25,439
For the POC Papa's feel created this and the third place closes
1363
05:11:25,695 --> 05:11:31,839
Buy-Back lifeway.com
1364
05:11:32,095 --> 05:11:36,191
Let's check whether it's affected dead or not
1365
05:11:40,031 --> 05:11:46,175
And yes it's effective let me start
1366
05:11:46,431 --> 05:11:48,479
Request
1367
05:11:51,039 --> 05:11:55,647
Let me access the same request again
1368
05:12:00,255 --> 05:12:06,399
Oh yeah that means might be possibly that it's expired
1369
05:12:06,655 --> 05:12:09,983
Okay
1370
05:12:12,287 --> 05:12:16,639
Just not it's up to dude
1371
05:12:23,039 --> 05:12:28,671
Can you let me check what I'm missing.
1372
05:12:41,727 --> 05:12:47,871
Login.php I just have to post to be
1373
05:12:48,127 --> 05:12:54,271
Submitting the phone so it will send a request While submitting this login.php
1374
05:12:54,527 --> 05:13:00,671
Yeah! Is different
1375
05:13:07,839 --> 05:13:10,143
Restart the list over here
1376
05:13:10,655 --> 05:13:16,799
Entertain commission-based taste
1377
05:13:17,311 --> 05:13:23,455
The woman who died Texas page
1378
05:13:25,247 --> 05:13:31,391
This is how we can expect the web cache poisoning first we have to identify
1379
05:13:31,647 --> 05:13:35,231
Which is part of the cash in Kinder parking
1380
05:13:35,487 --> 05:13:41,631
View to identify the application Level using that particular what we can do
1381
05:13:41,887 --> 05:13:48,031
Maximum Impact if you if you identify that
1382
05:13:48,287 --> 05:13:54,431
Injection or content simply
1383
05:13:54,687 --> 05:14:00,831
Explode people
1384
05:14:01,087 --> 05:14:07,231
Despite Latuda para Miner
1385
05:14:18,751 --> 05:14:24,895
Obedient that gas that is so I don't list
1386
05:14:25,151 --> 05:14:31,295
Which has so many haters accepted by this stupid list
1387
05:14:31,551 --> 05:14:37,695
This header is processed by the background application and it's kind of
1388
05:14:37,951 --> 05:14:44,095
I'm getting food and using this header if we do anything with interest points that should be responsible
1389
05:14:44,351 --> 05:14:46,143
Expertise
1390
05:14:49,215 --> 05:14:55,359
This is how we can become the back as a boy I believe this
1391
05:14:55,615 --> 05:14:59,455
If you have any question you can unmute yourself and ask a question
1392
05:15:01,247 --> 05:15:03,551
Unintelligible to the next one
1393
05:15:06,367 --> 05:15:12,511
Let's move to the next topic
1394
05:15:12,767 --> 05:15:18,911
What is Salinas
1395
05:15:19,167 --> 05:15:25,311
Celebrities like unicorn animal Edition attack without the second
1396
05:15:25,567 --> 05:15:31,455
The alert is like expecting Miss configuration for control system
1397
05:15:31,711 --> 05:15:37,855
What is a bunch of Easter
1398
05:15:40,415 --> 05:15:46,559
In earlier days the characters were anchored in such a way that it only
1399
05:15:46,815 --> 05:15:52,959
Reports of given language are set of the one region was incompatible
1400
05:15:53,215 --> 05:15:59,359
Another example incompatible with the English
1401
05:15:59,615 --> 05:16:05,759
Do to overcome this issue the Unicorn standard was introduced
1402
05:16:06,271 --> 05:16:12,415
No the bunny application uses this unicorns which helps to maintain the countries
1403
05:16:12,671 --> 05:16:18,815
Including in the presentation of the character
1404
05:16:19,071 --> 05:16:25,215
44 the application and nowadays supported by most of the modification
1405
05:16:25,471 --> 05:16:31,615
To identify the parts when converting to evaluate
1406
05:16:31,871 --> 05:16:35,199
The first one is the normalized and the second one is stuck when you go there
1407
05:16:36,991 --> 05:16:43,135
This unicorn is a very complex standard to understand each character set or
1408
05:16:43,391 --> 05:16:49,535
The symbol is mapped 1 numeric value called called point now
1409
05:16:49,791 --> 05:16:55,935
On the greater than symbol according you based on this cold point now this unicorn has a multiple and columns right
1410
05:16:56,191 --> 05:17:02,335
Unit unicorn 16 unicorns 32 hands on
1411
05:17:02,591 --> 05:17:08,735
Used vans application uses the record alligator in the back end so
1412
05:17:08,991 --> 05:17:15,135
Fuses in the normalization process it converts
1413
05:17:15,391 --> 05:17:21,535
Nothing be composition-type best Fitbit mapping cache mapping
1414
05:17:21,791 --> 05:17:27,935
The Unicorn character into a ASCII character
1415
05:17:28,191 --> 05:17:30,239
Simple unicorn values
1416
05:17:30,495 --> 05:17:36,639
No start something what happen when it was this unicorn is converted to Baskerville using body composition
1417
05:17:36,895 --> 05:17:43,039
It's so please
1418
05:17:43,295 --> 05:17:49,439
Chinese Japanese looking character has this particular presentation
1419
05:17:49,695 --> 05:17:55,839
A presentation utf-8 encoding utf-16 and cooling YouTube.
1420
05:17:56,095 --> 05:17:56,863
Supacent
1421
05:17:57,375 --> 05:18:03,519
This particular character
1422
05:18:03,775 --> 05:18:09,919
Happens to Bent the decomposition happen to that particle collector it just converter disconnected
1423
05:18:10,175 --> 05:18:16,319
Decomposition
1424
05:18:16,575 --> 05:18:17,855
The factory just
1425
05:18:18,111 --> 05:18:24,255
Three person that said he asked you value and then see so
1426
05:18:24,511 --> 05:18:30,655
When we converted symbol using the decomposition then it will represent
1427
05:18:30,911 --> 05:18:37,055
Eapr small airports last and see
1428
05:18:37,311 --> 05:18:43,455
Unicode characters
1429
05:18:43,711 --> 05:18:49,855
As I mentioned when we convert symbol using the number
1430
05:18:50,111 --> 05:18:56,255
Evaluate Dallas convert 28c M convert to capital M
1431
05:18:56,511 --> 05:19:02,655
Circle small is convert to small dentist RedMax in
1432
05:19:02,911 --> 05:19:05,727
Is sunlight to Capital DM
1433
05:19:05,983 --> 05:19:12,127
Unicode character to bypass application if
1434
05:19:12,383 --> 05:19:14,431
Dedication uses
1435
05:19:14,943 --> 05:19:21,087
It's application process this unicorn character and convert this unicorn character
1436
05:19:21,343 --> 05:19:23,903
Going to ask you while using the normalization process
1437
05:19:24,159 --> 05:19:30,303
Then we can expect
1438
05:19:30,559 --> 05:19:36,703
Buddy's normalized any precipitation this when this normal
1439
05:19:36,959 --> 05:19:43,103
So all this username is different but it all together respond with the same
1440
05:19:43,359 --> 05:19:49,503
Play the this is baby composition process required Utica
1441
05:19:49,759 --> 05:19:55,903
Composite to Smart you so on Black Friday someone has to
1442
05:19:56,159 --> 05:20:02,303
Posted on the support of the Spotify where I can compromise
1443
05:20:02,559 --> 05:20:08,703
Begin the Spotify application so this apartment
1444
05:20:08,959 --> 05:20:15,103
Give me his account and say please can you please confirm
1445
05:20:15,359 --> 05:20:21,503
10 minutes that I knew playlist available with Indie support manager
1446
05:20:21,759 --> 05:20:27,903
Sophia bigford sample account
1447
05:20:28,159 --> 05:20:34,303
So what happened with the superscript looping text
1448
05:20:34,559 --> 05:20:40,703
Like the first requested a password reset for that particular
1449
05:20:40,959 --> 05:20:44,799
Like big bird which is nothing but the superscript text
1450
05:20:45,055 --> 05:20:51,199
Try to follow the password reset process
1451
05:20:51,455 --> 05:20:54,783
What happened is able to reset the password of
1452
05:20:55,039 --> 05:21:01,183
Twitter account a big part and dismal big part accounts all the small case
1453
05:21:01,439 --> 05:21:07,583
What accounts to hear what happened during the normalization process
1454
05:21:07,839 --> 05:21:13,983
What happened to Big Bird's convert student Capital big butt
1455
05:21:14,239 --> 05:21:20,383
Reset password first fish this username from the backend database
1456
05:21:20,639 --> 05:21:26,783
And then it will perform the normalization process and caps big butt
1457
05:21:27,039 --> 05:21:33,183
Into a small Big Bird small cage big part user account and by following this Tuesday
1458
05:21:33,439 --> 05:21:39,583
Is able to reset the password of the user was username is in that small plastic particle
1459
05:21:41,887 --> 05:21:48,031
So here I just mentioned this okay so what happened over here doing.
1460
05:21:48,287 --> 05:21:54,431
Decision process whatever the Unicorn value that is provided by
1461
05:21:54,687 --> 05:22:00,831
20 coronavirus imposes and converter converts into a scab speak button it.
1462
05:22:01,087 --> 05:22:07,231
A game of decolonization process and then
1463
05:22:07,487 --> 05:22:13,631
Deeper Capital big butt into a small cats big pot and by doing that he's able to visit the past
1464
05:22:13,887 --> 05:22:20,031
Marcus Peapod account
1465
05:22:20,287 --> 05:22:26,431
Hugo normalization attic okay explored the forgot password from 30 to login as user X
1466
05:22:26,687 --> 05:22:32,831
Reimbursement. Bye-bye club.com account reset the password
1467
05:22:33,087 --> 05:22:39,231
Then again I'll give you a time to complete this exercise
1468
05:22:39,487 --> 05:22:45,119
So the telling you all this expense reimbursement.
1469
05:22:49,215 --> 05:22:55,359
Okay so he'll be able to register are set
1470
05:22:55,615 --> 05:22:57,151
And for that
1471
05:22:57,663 --> 05:23:01,247
Let's say my name is Sunjai
1472
05:23:02,271 --> 05:23:04,831
Mucinex
1473
05:23:05,087 --> 05:23:11,231
Ifcu 3085
1474
05:23:11,487 --> 05:23:15,327
Having a unicorn character for that
1475
05:23:17,375 --> 05:23:21,471
Let me go to this particular link
1476
05:23:26,079 --> 05:23:32,223
So here that's looking for the character you
1477
05:23:32,479 --> 05:23:38,623
It has multiple you based on the following values
1478
05:23:38,879 --> 05:23:43,231
If you look at this circle you when you click on this
1479
05:23:44,511 --> 05:23:50,655
At the BI-LO when the decomposition happened to this particular character
1480
05:23:50,911 --> 05:23:53,983
Converts to the ASCII value small q
1481
05:23:54,239 --> 05:23:57,311
Valentus coffee this
1482
05:24:00,127 --> 05:24:03,455
Hugh
1483
05:24:06,015 --> 05:24:08,319
Let's play with us
1484
05:24:24,703 --> 05:24:26,751
Circle
1485
05:24:29,311 --> 05:24:33,151
Destiny composite to smartass
1486
05:24:33,919 --> 05:24:40,063
Copy this information I'm just leaving my username in such a way that whenever
1487
05:24:40,319 --> 05:24:46,463
Malaysian processes pain in the back and it will convert this information to
1488
05:24:46,719 --> 05:24:52,863
Musa name username
1489
05:24:54,911 --> 05:25:01,055
But it's a user this user 85 and threat meeting
1490
05:25:04,639 --> 05:25:10,783
Oh yes American millionaires do not have this unicorn support
1491
05:25:11,039 --> 05:25:15,135
Gatormail
1492
05:25:44,832 --> 05:25:50,976
This is the email address that is created for me at me the copy
1493
05:25:51,232 --> 05:25:52,512
I'm just
1494
05:25:53,280 --> 05:25:55,072
Using back
1495
05:25:55,328 --> 05:26:01,472
And the password is let cities at 32034 East
1496
05:26:01,728 --> 05:26:04,288
Batista
1497
05:26:23,744 --> 05:26:27,584
It's taking time just wait for some time
1498
05:26:44,992 --> 05:26:50,880
Now that's performed reset password closest I'm just going to this login page
1499
05:26:52,160 --> 05:26:58,304
Go to pocket password
1500
05:27:07,008 --> 05:27:13,152
It says that we have sent a mail to your email
1501
05:27:13,408 --> 05:27:19,552
Reset your password so yes we are able to email
1502
05:27:19,808 --> 05:27:21,856
Clarification
1503
05:27:22,368 --> 05:27:24,928
Open Gmail and click here
1504
05:27:26,464 --> 05:27:32,608
Username is this and password is Goodson new address 1234
1505
05:27:32,864 --> 05:27:39,008
New address fantasy for normalized
1506
05:27:39,264 --> 05:27:45,408
Import ban it will convert user input to this small cases 85
1507
05:27:45,664 --> 05:27:51,808
The password of the victim usually along with d
1508
05:27:52,576 --> 05:27:58,208
Support. Let me intercept request first
1509
05:27:58,976 --> 05:28:05,120
And do this at the password what is not correct
1510
05:28:11,264 --> 05:28:16,896
So yes Anubis Feliz you are 23
1511
05:28:34,560 --> 05:28:38,144
Answered speaking time to just wait for some time
1512
05:28:53,760 --> 05:28:59,904
It is if your boss has been affected or not
1513
05:29:05,024 --> 05:29:08,608
New address 134
1514
05:29:13,728 --> 05:29:19,872
Is he a new password and username we are trying to use Is Everything music
1515
05:29:20,128 --> 05:29:26,272
Interpol
1516
05:29:26,528 --> 05:29:32,672
Specification allow us to use the Unicode character during the largest station process
1517
05:29:32,928 --> 05:29:39,072
BizTown depression is it might be using the normalisation process in the back and then
1518
05:29:39,328 --> 05:29:45,472
So anyone has any
1519
05:29:45,728 --> 05:29:46,752
What's this
1520
05:29:51,872 --> 05:29:56,992
Okay so what I do let me quickly check
1521
05:29:59,040 --> 05:30:05,184
Okay so
1522
05:30:22,080 --> 05:30:28,224
And let me see. And let me upload a walkthrough of this on the border
1523
05:30:30,528 --> 05:30:32,832
Let me know everything
1524
05:30:37,952 --> 05:30:44,096
Takes around 12 minutes to upload 2 walkthrough
1525
05:50:14,272 --> 05:50:18,624
Still didn't respond like me 50 minutes
1526
05:50:21,440 --> 05:50:27,072
Friendship a texas-sized please update the golden jungle Channel
1527
05:55:26,848 --> 05:55:32,992
It looks like possibly complete this list not funny
1528
05:55:33,248 --> 05:55:35,040
Adidas love.
1529
05:55:35,808 --> 05:55:41,952
Next topic and that is insecure.
1530
05:55:42,208 --> 05:55:48,352
News about what is insecurity
1531
05:55:48,608 --> 05:55:54,752
It's like a dream.
1532
05:56:01,408 --> 05:56:07,552
There is also a second insecure direct object reference
1533
05:56:07,808 --> 05:56:13,952
Also depends on what happened in the second order in the second
1534
05:56:14,208 --> 05:56:20,352
Ocean Point is different and ignition point is different
1535
05:56:27,008 --> 05:56:28,544
The fourth page
1536
05:56:29,056 --> 05:56:35,200
Infuses applied impudent the first page and then this user input passed into a second.
1537
05:56:35,456 --> 05:56:41,600
And that's that
1538
05:56:41,856 --> 05:56:48,000
Value first and then it will perform the validation
1539
05:56:48,256 --> 05:56:54,400
40 users authorization
1540
05:56:54,656 --> 05:56:59,264
Mr. pita
1541
05:57:00,544 --> 05:57:06,688
20 standard what happened
1542
05:57:06,944 --> 05:57:10,784
The standard
1543
05:57:11,040 --> 05:57:17,184
The first. I'm just taking an example upload expense file okay so based on
1544
05:57:17,440 --> 05:57:23,584
The information that is provided
1545
05:57:23,840 --> 05:57:29,984
These IDs belongs to this current user or not if it's belongs to
1546
05:57:30,240 --> 05:57:36,384
2D expense sorcery speed
1547
05:57:36,640 --> 05:57:42,784
What's the ID that is stored over here and Based on data collection department of the five and
1548
05:57:43,040 --> 05:57:49,184
History content of fire to the user's browser
1549
05:57:49,440 --> 05:57:55,584
Pashto then put in a dispersed place and then on the second place it's been force-feeding
1550
05:57:55,840 --> 05:57:58,400
Babies to do what here
1551
05:57:58,656 --> 05:58:04,288
CCC letter
1552
05:58:05,056 --> 05:58:11,200
Affiliate
1553
05:58:11,456 --> 05:58:17,600
Who belongs to this now what we are trying to do the moment we try to change this identical to a
1554
05:58:17,856 --> 05:58:24,000
Why do you spell tooth pain in the back and it's unfortunate that this id-1 is belongs to
1555
05:58:24,256 --> 05:58:30,400
Al-baqarah 20
1556
05:58:30,656 --> 05:58:36,800
Try again later
1557
05:58:37,056 --> 05:58:43,200
Idx
1558
05:58:43,456 --> 05:58:49,600
What's the first store to Baldwyn gas variable its decision variable and then it
1559
05:58:49,856 --> 05:58:56,000
Authorization request authorization of the particular ID
1560
05:59:04,448 --> 05:59:10,592
Eat the same thing please for the document X and holds the server response
1561
05:59:10,848 --> 05:59:16,992
And as for the process it updated the case variable form
1562
05:59:17,248 --> 05:59:23,392
X2y and ignore this point forward
1563
05:59:23,648 --> 05:59:29,792
Response of the first request implication responded be content of document by Malcolm X
1564
05:59:30,048 --> 05:59:33,632
Let me explain this interface reviews in telestration
1565
05:59:33,888 --> 05:59:40,032
So this is a piece of feces
1566
05:59:40,288 --> 05:59:46,432
Try to student information and try to park on television
1567
05:59:46,688 --> 05:59:52,832
Response from a form and then
1568
05:59:54,624 --> 06:00:00,768
What happened here is an article what we can do
1569
06:00:01,792 --> 06:00:07,936
Load extends file is it play to identify 21 what
1570
06:00:08,192 --> 06:00:14,336
Make an identity identical copy within our computer okay
1571
06:00:17,152 --> 06:00:18,944
What is mildew
1572
06:00:19,200 --> 06:00:25,344
This particular piece of Cody's HD
1573
06:00:25,600 --> 06:00:27,904
Editable
1574
06:00:28,928 --> 06:00:31,744
Any pool
1575
06:00:32,256 --> 06:00:38,400
So he assigned to one then it'll students receipt ID on in
1576
06:00:45,056 --> 06:00:51,200
Belongs to this one
1577
06:00:51,456 --> 06:00:53,504
Used Lexus.
1578
06:00:54,528 --> 06:01:00,672
Redirect a user to this St
1579
06:01:00,928 --> 06:01:07,072
And then came to our first step over here and then
1580
06:01:07,328 --> 06:01:13,472
What we can do what we are doing in the repeater which has 15 inside is equal to 12 IDs equal to
1581
06:01:13,728 --> 06:01:17,568
Hello again to force-feed is called
1582
06:01:18,080 --> 06:01:24,224
Receipt ID from tirupati
1583
06:01:24,480 --> 06:01:25,504
Maddie Ziegler
1584
06:01:26,272 --> 06:01:32,416
Then it will change the receipt ID within the session variable
1585
06:01:32,672 --> 06:01:38,816
Receipt ID indication from 1 to 2 and then it will check for the validation
1586
06:01:39,072 --> 06:01:45,216
Again these two not belongs to the current user so it will visit the user today
1587
06:01:45,472 --> 06:01:51,616
Philippine
1588
06:01:51,872 --> 06:01:56,992
Go back to our sister to the moment before this replace to discover
1589
06:01:58,016 --> 06:02:04,160
It will it will first read receipt ID from the station variable okay and
1590
06:02:04,416 --> 06:02:10,560
Because we are poisoned in our Stepford okay
1591
06:02:10,816 --> 06:02:16,960
The moment digital receipt ID from the station.
1592
06:02:17,216 --> 06:02:23,360
And then it will respond with the content of their particular file and the browser display
1593
06:02:23,616 --> 06:02:29,760
The content of other user information so this is how we can perform the second order
1594
06:02:30,016 --> 06:02:33,088
Insecure direct object reference with interpretation
1595
06:02:33,344 --> 06:02:39,488
The biggest countertop next exercise video to explore the second second
1596
06:02:39,744 --> 06:02:45,888
On the application who owns
1597
06:02:46,144 --> 06:02:52,288
IDs equal to
1598
06:02:52,544 --> 06:02:58,688
The word explains ID ezplay2001
1599
06:02:58,944 --> 06:03:05,088
Implemented simplify the information latest information of any of the
1600
06:03:05,344 --> 06:03:11,488
By exporting discolored so question is this
1601
06:03:12,768 --> 06:03:17,120
It looks like confusing right so what I was just
1602
06:03:17,376 --> 06:03:23,520
Explain this entire concept by giving you our demo again what happened at what place
1603
06:03:23,776 --> 06:03:24,800
Okay
1604
06:03:25,056 --> 06:03:31,200
And meanwhile what is Manchester to let me give you a 10 minutes to play with
1605
06:03:32,736 --> 06:03:38,880
And we are also heading to pick second cocoaplex yes so
1606
06:03:39,136 --> 06:03:41,184
25 minutes
1607
06:03:41,696 --> 06:03:43,232
The 4th
1608
06:03:43,488 --> 06:03:46,560
15 minutes is a coffee break
1609
06:03:46,816 --> 06:03:50,656
The second exercise Street
1610
06:03:56,032 --> 06:04:02,176
Searching the coffee breaker also be available to any questions regarding any of this topic
1611
06:04:02,432 --> 06:04:08,576
Topic or any of the topping tapioca
1612
06:04:08,832 --> 06:04:11,136
Coronavirus China
1613
06:28:42,624 --> 06:28:48,512
Welcome back everyone I hope you enjoyed your coffee break.
1614
06:28:51,328 --> 06:28:57,216
22 people has Cops 21
1615
06:28:57,472 --> 06:29:03,616
Give you let me go to Michael Mission first
1616
06:29:03,872 --> 06:29:10,016
Play my challenges
1617
06:29:10,272 --> 06:29:15,136
This let me use this
1618
06:29:20,768 --> 06:29:26,400
Application running slow
1619
06:29:34,080 --> 06:29:40,224
Reimbursement
1620
06:29:40,480 --> 06:29:44,576
Expensive to add to file
1621
06:29:45,344 --> 06:29:50,720
Order clippy download
1622
06:29:51,232 --> 06:29:53,024
And then hit me up
1623
06:29:58,144 --> 06:30:00,192
So it's uploading
1624
06:30:05,056 --> 06:30:08,128
Opinion this just before sometime
1625
06:30:15,296 --> 06:30:20,928
ASAP
1626
06:30:27,328 --> 06:30:29,376
Buckets buckets
1627
06:30:29,632 --> 06:30:35,776
But not expensive
1628
06:30:41,920 --> 06:30:48,064
It has this portable expensive just respond with the content
1629
06:30:48,320 --> 06:30:51,392
If you stand on that particular
1630
06:30:51,904 --> 06:30:54,976
So let me open up that file and spell
1631
06:30:55,488 --> 06:30:57,792
Actual content
1632
06:31:02,656 --> 06:31:08,800
Lloyd has all this testing information and that's all that's real
1633
06:31:09,056 --> 06:31:11,616
Respond
1634
06:31:11,872 --> 06:31:18,016
D.
1635
06:31:18,272 --> 06:31:19,808
Duarte below comic
1636
06:31:20,064 --> 06:31:25,184
Beautiful music
1637
06:31:25,440 --> 06:31:28,256
View
1638
06:31:35,424 --> 06:31:41,568
Not before sending this request of little or expense file what I'm doing I'm just capturing this request
1639
06:31:43,872 --> 06:31:50,016
And send this to Daddy. That means I'm just creating an identical request
1640
06:31:51,552 --> 06:31:57,696
Okay of this particular request and I wanted someone to capture the response and span
1641
06:32:02,304 --> 06:32:08,448
Order request belongs to me that means is just responsibility
1642
06:32:08,704 --> 06:32:14,848
Extend access speed
1643
06:32:17,408 --> 06:32:23,552
Viet work on this tablet making identical. Copy and 4.
1644
06:32:23,808 --> 06:32:29,952
Request because id-54 belongs to us expense taxes speed
1645
06:32:30,208 --> 06:32:36,352
Holding here and go to the request
1646
06:32:36,608 --> 06:32:39,680
Indira peter.and here
1647
06:32:40,960 --> 06:32:43,008
What time do
1648
06:32:43,520 --> 06:32:48,896
Just replace these ID with what this request
1649
06:32:52,992 --> 06:32:56,832
It will poison decision variable in the back and because
1650
06:32:57,856 --> 06:33:00,672
If you look at the store score
1651
06:33:04,768 --> 06:33:10,912
Enforced store the value and then it died
1652
06:33:11,168 --> 06:33:17,312
What is just replace the value of the digit ID within the variable first and then
1653
06:33:17,568 --> 06:33:23,712
Addition but by the time of being deportation artstation variable
1654
06:33:28,832 --> 06:33:34,976
Let me know what they are doing I'll just forward this request make expense sucks
1655
06:33:35,232 --> 06:33:41,376
Is Seaquest at the moment and send this to the backend application
1656
06:33:41,632 --> 06:33:47,776
Set the ID from DJs invariable first and he just freed the idea
1657
06:33:48,032 --> 06:33:54,176
User and it's been five C content of the particle part and he just responds with PID
1658
06:33:54,432 --> 06:34:00,576
Of the 51 instead of this is how we can perform the second
1659
06:34:00,832 --> 06:34:05,184
Be integrated ectopic reference
1660
06:34:05,696 --> 06:34:11,840
If the only or only thing here to understand is that it was forced to devalue
1661
06:34:15,168 --> 06:34:18,496
So anyone has any question in this
1662
06:34:20,288 --> 06:34:26,432
I think the demos.
1663
06:34:26,688 --> 06:34:28,736
Supposed to move to the next one
1664
06:34:28,992 --> 06:34:34,880
Meanwhile if you have any question you can simply post your body on the back support
1665
06:34:37,440 --> 06:34:42,304
And Montreal completed exercise please update the polling channel channel is bad
1666
06:41:52,896 --> 06:41:56,736
Exercise please update the whole internet
1667
06:44:29,312 --> 06:44:35,456
Is so yes I'm still feel comfortable
1668
06:44:35,712 --> 06:44:41,856
And before they let understand what is is is
1669
06:44:42,112 --> 06:44:48,256
It's emergent control system which is used by the developer to take all the 32
1670
06:44:48,512 --> 06:44:54,656
Juanita acordes altercation
1671
06:44:54,912 --> 06:45:01,056
If used extensively by the developer to manage the Coronavirus
1672
06:45:01,312 --> 06:45:07,456
Multiple people
1673
06:45:07,712 --> 06:45:12,576
Anyone can do check-in check-out all this operation
1674
06:45:13,088 --> 06:45:19,232
The concept of misconfigured kit is your teeth
1675
06:45:19,488 --> 06:45:25,632
Is misconfigured for your application then it will leads to exposure of modification made
1676
06:45:25,888 --> 06:45:32,032
25 and older statistically allowed article to download the entire source code of the application
1677
06:45:32,288 --> 06:45:38,432
It contains content security credentials sampaguita history
1678
06:45:38,688 --> 06:45:44,832
It can also expose the hard-coded secrets that is available within the stores Coronavirus
1679
06:45:45,088 --> 06:45:51,232
Credential sometime it also contains B hard-coded username and password
1680
06:45:51,488 --> 06:45:57,632
Identify the Articles also identify the hard-coded secret information that is there within the country
1681
06:45:57,888 --> 06:46:04,032
Application then we can find bunch of sensitive information.
1682
06:46:04,288 --> 06:46:05,056
Honda Pilot
1683
06:46:05,568 --> 06:46:11,712
So how do we identify this application is Valerie Bertinelli exposed
1684
06:46:11,968 --> 06:46:18,112
So you can be this particular as point from the application
1685
06:46:18,368 --> 06:46:21,696
Defecation respond with a betta
1686
06:46:22,208 --> 06:46:28,352
This kind of data then yes it's possible to get exposed.
1687
06:46:28,608 --> 06:46:34,752
Just respond with demastered Branch information to access this
1688
06:46:35,008 --> 06:46:36,544
Plus
1689
06:46:36,800 --> 06:46:42,944
20-year just relaxes the hard or switch masterbrand
1690
06:46:43,200 --> 06:46:48,832
If he go for this dog eats less wanted than all the configuration for the particular
1691
06:46:49,344 --> 06:46:51,392
People
1692
06:46:52,160 --> 06:46:58,304
So how do we identify this but there are certain to switches available which basically used to identify such power
1693
06:46:58,560 --> 06:47:04,704
The first one is the gift finder which basically used to find some Candlebox
1694
06:47:04,960 --> 06:47:11,104
A once you identify the defecation is vulnerable to get exposed part and you can simply use the speed
1695
06:47:11,360 --> 06:47:17,504
Utampa and get extractor to download the source code for Monday
1696
06:47:17,760 --> 06:47:19,040
Levitation
1697
06:47:21,856 --> 06:47:28,000
Tiana bianchini exposed Bob and the second one is abusive abusive diesel
1698
06:47:28,256 --> 06:47:34,400
So as I explained
1699
06:47:34,656 --> 06:47:40,800
I mentioned that the machine used for multi-purpose ointment application
1700
06:47:41,056 --> 06:47:47,200
Asp.net application use this machine key to the encrypted information for the SP.
1701
06:47:47,456 --> 06:47:53,600
Okay so if somehow we if you're able to identify that this potato
1702
06:47:53,856 --> 06:48:00,000
Induced to perform P buset encryption all attributed the time Christian then we can perform.
1703
06:48:00,256 --> 06:48:06,400
Execution using devices and Papa
1704
06:48:13,056 --> 06:48:14,848
It is in the clear.
1705
06:48:15,104 --> 06:48:21,248
Whether it's up Machina but it's in the encrypted phone so if it's
1706
06:48:21,504 --> 06:48:23,040
Belinda clear text
1707
06:48:23,552 --> 06:48:29,440
Then you can get expert at the attributes
1708
06:48:29,696 --> 06:48:35,840
That is that based on the different different asp.net
1709
06:48:36,096 --> 06:48:42,240
If the Mockingbird and the encryption University's false than no other tools required we can simply use
1710
06:48:42,496 --> 06:48:48,640
Progenitor payloader next 30
1711
06:48:48,896 --> 06:48:55,040
So it's kind of
1712
06:48:55,296 --> 06:49:01,440
The darknet version racing 4.5 it also supports demac anybody
1713
06:49:01,696 --> 06:49:07,840
And encryption is possible we can use the black Easter to 25
1714
06:49:08,096 --> 06:49:14,240
If it's Tuesday is John Deere that using people arrested or depreciate machine key or not
1715
06:49:14,496 --> 06:49:20,640
If you're able to identify then we can simply spotted father
1716
06:49:20,896 --> 06:49:27,040
Similarly if boots pincushion is too and Mackies to waterfalls for the darkness
1717
06:49:27,296 --> 06:49:33,440
25 of the black history stories and still under the future development okay but if somehow
1718
06:49:33,696 --> 06:49:39,840
You are able to identify the motion
1719
06:49:40,096 --> 06:49:46,240
Do similarly 44.52 use the black history
1720
06:49:46,496 --> 06:49:52,640
So this is how it looks like within the body shoot okay so it's the Mac is not in the world
1721
06:49:55,712 --> 06:49:59,296
Alone to exploit the vulnerability
1722
06:49:59,552 --> 06:50:05,696
If the magazine the birthing reply to certain properties to provide devices to get darknet like
1723
06:50:05,952 --> 06:50:12,096
Plantation key validation algorithm Danville to provide specific VSP
1724
06:50:12,352 --> 06:50:18,496
I'll explain what it is.
1725
06:50:18,752 --> 06:50:24,896
Would follow so he'll be able to provide bunch of other information like application park or let's say depart for
1726
06:50:25,152 --> 06:50:31,296
Hbcus is janitor
1727
06:50:31,552 --> 06:50:37,696
Notre Dame and validation key
1728
06:50:37,952 --> 06:50:44,096
Constipation to husted RC exercise let me give you a walkthrough first then I'll give you time to
1729
06:50:44,352 --> 06:50:50,496
Play with ER then I will give you a time to come
1730
06:50:55,104 --> 06:51:01,248
Then you'd expect you stay to perform before execution book.
1731
06:51:02,272 --> 06:51:08,416
Bless. Kit
1732
06:51:11,488 --> 06:51:13,792
Didn't you want to list books
1733
06:51:19,936 --> 06:51:26,080
Try to access the beach
1734
06:51:26,336 --> 06:51:31,200
Is this is Valerie Bertinelli text. I'm just saying.
1735
06:51:31,456 --> 06:51:37,088
Yep yes in the basement information also go for leprechaun Pig
1736
06:51:37,344 --> 06:51:43,488
So I can you just respond with information that means it's possible to get exposed to back so now
1737
06:51:43,744 --> 06:51:49,888
If you are able to identify
1738
06:51:50,144 --> 06:51:55,520
Target expected to download Authentication
1739
06:51:57,824 --> 06:52:03,968
Okay let me go to my pool heat pump
1740
06:52:04,224 --> 06:52:10,368
VRBO
1741
06:52:10,624 --> 06:52:16,768
Do hereby swear to provide the URL
1742
06:52:17,024 --> 06:52:18,304
Sportsbook
1743
06:52:21,120 --> 06:52:24,704
Look just alike.
1744
06:52:30,080 --> 06:52:34,176
Damn you autocorrect books
1745
06:52:34,688 --> 06:52:39,296
I'm running this with the 33
1746
06:52:39,808 --> 06:52:44,928
Download
1747
06:52:46,208 --> 06:52:51,584
It basically instructed that has happened to this particle
1748
06:52:51,840 --> 06:52:57,984
All it's a beautiful p**** please and
1749
06:52:58,240 --> 06:53:04,384
The entire source code within. Butler directory like books
1750
06:53:04,640 --> 06:53:10,784
Folder name in the background application
1751
06:53:11,040 --> 06:53:13,088
I'll pick it up before 3
1752
06:53:13,600 --> 06:53:19,744
We did that application and as we know that if this is a doctor that location
1753
06:53:20,000 --> 06:53:26,144
And tell my piacente information within / 25
1754
06:53:26,400 --> 06:53:29,216
Decepticon Big 5
1755
06:53:29,472 --> 06:53:35,104
Just Jack Hartmann information
1756
06:53:35,360 --> 06:53:41,248
Attached bicycle connection string Portage. Contenders 4:11
1757
06:53:41,504 --> 06:53:47,648
It go down you will identify the machine key information
1758
06:53:47,904 --> 06:53:54,048
Installation kit and
1759
06:53:54,304 --> 06:54:00,448
Go to demand
1760
06:54:00,704 --> 06:54:06,848
Music uses the default information so now
1761
06:54:07,104 --> 06:54:07,872
What
1762
06:54:08,128 --> 06:54:09,408
The information
1763
06:54:09,920 --> 06:54:14,784
Elizabethtown theater information we can find
1764
06:54:17,088 --> 06:54:19,136
The moment you do login
1765
06:54:19,648 --> 06:54:22,208
N2y let's say you are
1766
06:54:22,464 --> 06:54:26,048
User information
1767
06:54:27,072 --> 06:54:33,216
Just providing spam information to check what are the content
1768
06:54:33,472 --> 06:54:39,616
At the moment you checked.
1769
06:54:39,872 --> 06:54:46,016
And as we all know that this Tuesday it is translated using encrypted using the information
1770
06:54:46,272 --> 06:54:52,416
Using to get exposed for identified
1771
06:54:52,672 --> 06:54:58,816
Once you are identified is to information that it's kind of a straightforward put it under the pillow
1772
06:55:05,472 --> 06:55:11,360
Cuz I want to play with this request
1773
06:55:12,128 --> 06:55:18,272
Before. You can simply use the windows version of the wisest degree.net or simply
1774
06:55:18,528 --> 06:55:24,672
Use the utility. Bubba club.com
1775
06:55:28,512 --> 06:55:33,632
Black history August 8th
1776
06:55:44,384 --> 06:55:50,016
I just talked to his license and here I'm just using the booster because
1777
06:55:50,272 --> 06:55:56,416
The blacklisted is useful to identify the keys right but here we have a key so we can simply use the rifle today.
1778
06:56:03,072 --> 06:56:07,168
Get your ticket and
1779
06:56:07,680 --> 06:56:11,264
It's asp.net greater than 4.5
1780
06:56:12,544 --> 06:56:18,688
Decryption algorithm is yes
1781
06:56:18,944 --> 06:56:23,808
Identify this
1782
06:56:25,344 --> 06:56:28,672
And the decryption key is this
1783
06:56:29,440 --> 06:56:35,584
No talking Peach Park
1784
06:56:35,840 --> 06:56:41,728
Okay let me verify.
1785
06:56:42,240 --> 06:56:48,384
Beach for Beach this music is created and the beach is Place account / login
1786
06:56:48,640 --> 06:56:53,248
No answer. That uses extension
1787
06:56:55,296 --> 06:57:01,440
Extensible SPD so by the forties uses this aspx extension
1788
06:57:01,696 --> 06:57:07,840
Without Extinction and you can check whether the application is accepted or not but most of the time YouTube
1789
06:57:08,096 --> 06:57:14,240
Because your data application back on this production
1790
06:57:14,496 --> 06:57:17,312
Celebrity Tattoos application
1791
06:57:17,568 --> 06:57:21,408
And commanded I want to call phone and that is
1792
06:57:21,664 --> 06:57:26,272
Let's see invoke-webrequest
1793
06:57:27,296 --> 06:57:32,416
So powerful. EXE invoke-webrequest auris
1794
06:57:33,696 --> 06:57:39,840
It's E85 and please extra-tall please respond with the user
1795
06:57:40,096 --> 06:57:42,144
Pseudonym from the environment variables
1796
06:57:42,400 --> 06:57:48,544
At the moment we do this and repeal or it will create a payload for us
1797
06:57:48,800 --> 06:57:50,336
Copy this.
1798
06:57:52,384 --> 06:57:55,712
Delete this existing information
1799
06:57:56,224 --> 06:57:58,272
What is over here
1800
06:58:02,112 --> 06:58:08,256
Teambuilder do a spell to convert this into a URL encoded form
1801
06:58:08,512 --> 06:58:14,656
Reason behind. Because the b64 contains this place + 5
1802
06:58:14,912 --> 06:58:21,056
It might be a possibility that the backend application apart from the water Dakota operation
1803
06:58:21,312 --> 06:58:27,456
Convert 6 + to aspis it is not a valid character according to this day 64
1804
06:58:27,712 --> 06:58:33,856
Convert this into a URL encoded form for that I'm doing this
1805
06:58:34,112 --> 06:58:35,904
Convert selection URL
1806
06:58:36,416 --> 06:58:42,560
And Corky characters with basically converter plus into a letter you are encoded value
1807
06:58:44,352 --> 06:58:50,496
I'm sending this request
1808
06:58:50,752 --> 06:58:53,824
And that's why
1809
06:58:54,080 --> 06:58:58,432
4 time using this
1810
06:58:59,968 --> 06:59:02,784
No requests
1811
06:59:04,064 --> 06:59:10,208
The moment we sent the request just responded to ponder that internal but in the back
1812
06:59:10,464 --> 06:59:16,608
Yes Papa
1813
06:59:16,864 --> 06:59:21,728
Kentucky
1814
06:59:21,984 --> 06:59:28,128
Filippi's how we can change multiple-level everybody's so the first few identified
1815
06:59:28,384 --> 06:59:29,920
Exposed book
1816
06:59:30,176 --> 06:59:36,320
And then we'll both come to view straight Immortal execution in case of you
1817
06:59:36,576 --> 06:59:42,720
Identified the deputies uses of used it or let's say it's wonderful
1818
06:59:42,976 --> 06:59:49,120
Navigation to transmit information from one page to another page then
1819
06:59:49,376 --> 06:59:55,520
Next thing we have identified that using the Gita SpongeBob be able to identify the Machinery that is used for this
1820
06:59:55,776 --> 07:00:01,920
Two things is in which we can generate or diesel ice pillow
1821
07:00:02,176 --> 07:00:06,016
Report abuse to pop on the execution
1822
07:00:07,296 --> 07:00:10,368
So anyone has any questioning this
1823
07:00:14,720 --> 07:00:20,864
Kind of interesting
1824
07:00:21,120 --> 07:00:22,656
David this
1825
07:00:22,912 --> 07:00:25,984
To complete this exercise then we'll move to the next topic
1826
07:00:26,496 --> 07:00:32,640
University of any question you can simply post your question or Aquarion the basketball Channel
1827
07:00:34,176 --> 07:00:39,296
And let me who support as well
1828
07:20:23,040 --> 07:20:26,624
Okay so it looks like most of your computer this one
1829
07:20:26,880 --> 07:20:33,024
Let's move though maybe not stopping copper training and 36°
1830
07:20:33,280 --> 07:20:39,424
This is a technique in the process of Ashtabula Quest handling by the server that are
1831
07:20:39,680 --> 07:20:45,824
From one or more users does so this vulnerability often critical
1832
07:20:46,080 --> 07:20:52,224
Metro because it allowed an article to bypass the security controls or to gain the unauthorised access
1833
07:20:52,480 --> 07:20:58,624
Are two x's distance to information or directly compromised verification service
1834
07:20:59,392 --> 07:21:05,536
Do in the morning application to use that equate is coming by a front-end server which is basically a lot
1835
07:21:05,792 --> 07:21:11,936
Valencia neurology any Italian team proxy server or five application
1836
07:21:12,192 --> 07:21:13,728
Solo
1837
07:21:14,752 --> 07:21:20,896
Rent Lord Billing Services direct message sent this request to the back-end server one-by-one or proceeding
1838
07:21:21,152 --> 07:21:27,296
HTTP stream which is also known as PhD pipeline
1839
07:21:27,552 --> 07:21:33,696
All the requests I've been passing a request one by one in the back and silver
1840
07:21:33,952 --> 07:21:38,560
First in first out session
1841
07:21:39,584 --> 07:21:45,728
Not an SUV bong. Because how do we identify the back until order this is the first place
1842
07:21:45,984 --> 07:21:52,128
Second request is it the 30% to support request
1843
07:21:52,384 --> 07:21:58,528
The first one is the content-length cider and the second one is to transform coding Heather and based on that it will identify the bond
1844
07:21:58,784 --> 07:22:00,832
Order any update request
1845
07:22:03,392 --> 07:22:05,184
No
1846
07:22:05,696 --> 07:22:11,840
It will put the priority to transfer hand cutting hair
1847
07:22:12,096 --> 07:22:18,240
Wilco 42nd and 10th
1848
07:22:18,496 --> 07:22:24,640
What weekend do we can provide both the header to the front end and if somehow
1849
07:22:24,896 --> 07:22:31,040
Animal forming sending the transport including header if somehow contended that is not able to understand
1850
07:22:31,296 --> 07:22:37,440
Why you even process the content and continental crust
1851
07:22:37,696 --> 07:22:43,840
And he'll understand you transfer including value and you can only process the transfer
1852
07:22:44,096 --> 07:22:50,240
Including Porsche the remaining replaced is still remain in the pipeline so
1853
07:22:50,496 --> 07:22:56,128
Mexico's commitment offended well here and it will powerful I think
1854
07:22:58,176 --> 07:23:04,320
Detective as a contender
1855
07:23:04,576 --> 07:23:10,720
Putting header then sent both headers in single request which can be processed differently by front
1856
07:23:10,976 --> 07:23:17,120
Then in the parking server and this decision can be exported using the following communication satellite
1857
07:23:17,376 --> 07:23:23,520
Either you can use the bar extension cord replacement
1858
07:23:23,776 --> 07:23:28,896
All you can think of use the open-source utility cards by The Smuggler.
1859
07:23:30,176 --> 07:23:36,320
So if you thought the difference for the request McGlynn you can use the TV 2.0 you can simply visit
1860
07:23:36,576 --> 07:23:42,720
The processing of tmb groceries and also configure proxy to recalculate the contact lenses
1861
07:23:42,976 --> 07:23:47,328
And identify fungi Smuggler request and rejected
1862
07:23:47,584 --> 07:23:53,728
So just in case study around District
1863
07:23:53,984 --> 07:24:00,128
Smuggling where the researcher is able to perform PCP synthetic on the slack b.com when he
1864
07:24:00,384 --> 07:24:06,528
Able to perform be able to steal the cookie of a session cookie of most of the user.
1865
07:24:06,784 --> 07:24:12,928
So here.
1866
07:24:13,184 --> 07:24:15,232
I'm headed into transparent Cody wear
1867
07:24:15,488 --> 07:24:21,632
Dependent is processing B contact lens for and in the back and it will identify the X current coding and
1868
07:24:21,888 --> 07:24:28,032
It will process the transfer and coding for so the remaining requests it still there in the pipe
1869
07:24:28,288 --> 07:24:34,432
I planned so whenever the news request is Kim it will be offended to determining request
1870
07:24:34,688 --> 07:24:37,760
The beasts are in the pipeline
1871
07:24:38,016 --> 07:24:44,160
Sobe Stone.
1872
07:24:44,416 --> 07:24:50,560
Then you to perform jcpd synthetic to get the cross-eyed script executor than a user user visits
1873
07:24:50,816 --> 07:24:56,960
Adele Angeles covid-19
1874
07:24:57,216 --> 07:24:59,776
Baltimore
1875
07:25:02,848 --> 07:25:07,712
Let me log into the McCauley machine
1876
07:25:08,224 --> 07:25:12,320
Go to navigate to this covid-19 website
1877
07:25:14,112 --> 07:25:20,256
No this covid-19 website is vulnerable to let's say
1878
07:25:20,512 --> 07:25:26,656
Northside scripting image
1879
07:25:26,912 --> 07:25:28,448
SRC
1880
07:25:28,704 --> 07:25:34,848
Error alert
1881
07:25:35,104 --> 07:25:36,896
Document
1882
07:25:37,152 --> 07:25:43,296
Location I'm just reading my bill
1883
07:25:47,904 --> 07:25:51,488
Yeah that is a typo
1884
07:25:52,512 --> 07:25:57,888
And yes it's liable to go outside scripting now what time do I'm just
1885
07:25:58,400 --> 07:26:04,544
It's o'clock my request way here. This is
1886
07:26:11,200 --> 07:26:15,552
ABC protect its converted into a post
1887
07:26:18,112 --> 07:26:20,160
Request matter
1888
07:26:21,440 --> 07:26:26,816
I'm just making a post request over here
1889
07:26:29,632 --> 07:26:35,776
But let's provide to head over here
1890
07:26:36,032 --> 07:26:39,872
For that reason I'm just using this convertible junk
1891
07:26:40,128 --> 07:26:46,272
It has both headers contact letter and deep inside
1892
07:26:46,528 --> 07:26:49,600
And here I am providing
1893
07:26:49,856 --> 07:26:56,000
I'm just spending the other requests and that these are it's a exercise request
1894
07:26:56,512 --> 07:26:58,560
Proxy
1895
07:27:00,096 --> 07:27:02,656
Open this
1896
07:27:03,936 --> 07:27:10,080
And here instead of host I'm just adding one random it say
1897
07:27:14,176 --> 07:27:17,504
No
1898
07:27:20,064 --> 07:27:26,208
So here in the back and it uses the sun work which basically understand
1899
07:27:26,464 --> 07:27:32,608
The Bodyguard
1900
07:27:32,864 --> 07:27:39,008
Space to Vertical tech support. If you go to my Dakota convert this into effect
1901
07:27:39,264 --> 07:27:45,152
Good places to do a 28-0 see it is nothing but the vertical tab
1902
07:27:45,920 --> 07:27:52,064
Opd's header which is not understand by different answer but pain is caused by cancer
1903
07:27:52,320 --> 07:27:53,344
Understand this
1904
07:27:53,600 --> 07:27:55,648
Designsbyleann coding volume
1905
07:28:00,000 --> 07:28:01,792
Nb02
1906
07:28:02,304 --> 07:28:06,912
Keep the Connection open
1907
07:28:13,312 --> 07:28:19,456
Replacing this page for every 5 Seconds
1908
07:28:21,248 --> 07:28:23,808
Noticeable
1909
07:28:27,392 --> 07:28:33,536
I like to exercise
1910
07:28:35,584 --> 07:28:41,728
Log into cat and hear my username is Sunjai
1911
07:28:41,984 --> 07:28:43,776
Logging
1912
07:28:45,056 --> 07:28:49,152
No let me replace the beach after 5 Second
1913
07:28:56,320 --> 07:29:02,464
Let's try to steal
1914
07:29:02,720 --> 07:29:06,304
Cookie incentive document location let's try to
1915
07:29:06,560 --> 07:29:12,192
Scan document. Cookie
1916
07:29:26,272 --> 07:29:30,368
Text information that is provided
1917
07:29:34,976 --> 07:29:39,328
August
1918
07:29:40,096 --> 07:29:46,240
Papa T's
1919
07:29:49,568 --> 07:29:55,712
It's a family crest I'm just replace the times for them calling her.
1920
07:29:55,968 --> 07:29:57,248
The song right now
1921
07:30:05,440 --> 07:30:11,584
You see this happen and be able to capture the session ID so what happened here
1922
07:30:11,840 --> 07:30:17,216
At the moment we sent this request to the server the front end
1923
07:30:17,728 --> 07:30:23,872
Did not understand the times for encoding
1924
07:30:24,128 --> 07:30:30,272
Best and send this to D-Back and application sour understand the transfer and coding
1925
07:30:30,528 --> 07:30:36,672
And this transfer encoding Heather Orbeez understandable and putting a team from
1926
07:30:36,928 --> 07:30:41,024
Until this zero only this information
1927
07:30:41,280 --> 07:30:43,584
No
1928
07:30:43,840 --> 07:30:49,984
This information is still remain in the pipeline Savannah for a user's sent another request
1929
07:30:50,240 --> 07:30:51,520
Like this
1930
07:30:52,544 --> 07:30:58,688
Okay so this is Eric first and came from the front end to the back and it will up and deliver here
1931
07:30:58,944 --> 07:31:05,088
It is essentially become this particle to get
1932
07:31:05,344 --> 07:31:11,488
To send the catechist
1933
07:31:11,744 --> 07:31:17,888
And this is part of our custom header which is nothing
1934
07:31:18,144 --> 07:31:24,288
Assemble octopuses because it means nothing
1935
07:31:24,544 --> 07:31:30,688
These days and when it closes be able to exploit
1936
07:31:30,944 --> 07:31:36,832
So this is how we can perform based you could be sync attack
1937
07:31:38,880 --> 07:31:45,024
No it's
1938
07:31:45,280 --> 07:31:51,424
You should always model photo for dick first so
1939
07:31:51,680 --> 07:31:57,824
Unaffected let's see I used to live in point Solitude Samba
1940
07:31:58,080 --> 07:32:04,224
Replace an application or the backend application user session
1941
07:32:04,480 --> 07:32:10,624
Passing the Restriction but ensure that you sent enough enough amount of request so that other user of data
1942
07:32:10,880 --> 07:32:17,024
Will be sitting beside your intended this phone
1943
07:32:17,280 --> 07:32:20,608
Are all exercise model of the training
1944
07:32:22,912 --> 07:32:29,056
No these are the bunch of history that is kind of homework for everyone so here include
1945
07:32:29,312 --> 07:32:35,456
Did this because I hear it's kind of like fettuccine, meaning of multiple
1946
07:32:35,712 --> 07:32:41,856
A researcher has combining multiple parameters like No Label or less immediately
1947
07:32:42,880 --> 07:32:49,024
Metacritic
1948
07:32:49,280 --> 07:32:55,424
Bogbab admin privileges admin featurette allowed to do
1949
07:32:55,680 --> 07:33:00,288
Allowed to create a file data file and upload a file so
1950
07:33:00,544 --> 07:33:05,664
Been researching upload Elizabeth before Alex not allowed ready to that undercover
1951
07:33:05,920 --> 07:33:12,064
But these Wonderful Tonight
1952
07:33:12,320 --> 07:33:14,368
Politically 30° outside
1953
07:33:14,624 --> 07:33:20,768
That's where he's able to file and that file cats
1954
07:33:21,024 --> 07:33:27,168
Is exhibited on the application and then schedule
1955
07:33:27,424 --> 07:33:33,568
Executed no using the normal user is able to identify this
1956
07:33:33,824 --> 07:33:39,968
He's gaining bootable to drink the admin user to download developers BHP port
1957
07:33:40,224 --> 07:33:46,368
And executed within the administration and by doing that he's able to
1958
07:33:46,624 --> 07:33:52,768
2 / 4
1959
07:33:53,024 --> 07:33:59,168
Okay the Asiatic training
1960
07:33:59,424 --> 07:34:05,568
Identify pssi for liability than again he is able to identify
1961
07:34:05,824 --> 07:34:11,968
Celebrity pictures of gate best ssrf and within.
1962
07:34:12,224 --> 07:34:18,368
Seattle of injection and using that he's
1963
07:34:18,624 --> 07:34:24,768
Another request for the internal application which has water able to interpret this relationship
1964
07:34:25,024 --> 07:34:31,168
By following this process researcher is able to perform the execution volume a little bit
1965
07:34:31,424 --> 07:34:35,264
Don't let me show you the final payload
1966
07:34:37,824 --> 07:34:43,968
So this is how he dropped his particular request so the first one is before Stacey salad
1967
07:34:44,224 --> 07:34:50,368
SRA reading that he's able to perform the Seattle Seattle of injection and using.
1968
07:34:50,624 --> 07:34:56,768
He's able to create the request to perform the Beast
1969
07:35:00,352 --> 07:35:06,496
Dad said this study we are definitely recommend you to go through this
1970
07:35:07,008 --> 07:35:13,152
No these are the key takeaways for gardening like a Bia Bia Bia
1971
07:35:13,408 --> 07:35:19,552
Scooby-Doo a tax office in Immigration that will learn the bunch of Ativan techniques
1972
07:35:19,808 --> 07:35:25,952
Somehow we can bypass the data boundaries we have wanted how can I change to landscape
1973
07:35:26,208 --> 07:35:32,352
Do the post explanation we have seen the second-order simple injection or the second order injection via bypass
1974
07:35:32,608 --> 07:35:38,752
Identify
1975
07:35:39,008 --> 07:35:45,152
Exporting backfiring protocol explained that appointment
1976
07:35:45,408 --> 07:35:51,552
55 mapping application contact some of the people
1977
07:35:51,808 --> 07:35:54,624
We have explored the lab during the training
1978
07:35:54,880 --> 07:36:01,024
So I'll be done with all the bodies and you can get the toy
1979
07:36:01,280 --> 07:36:07,424
30 days Lexus with painting to the left
1980
07:36:07,680 --> 07:36:13,824
And if while performing exercise if you have any question any query
1981
07:36:14,080 --> 07:36:20,224
Please send out send us an email on this wspp training at nautica.com for any of you
1982
07:36:20,480 --> 07:36:25,088
Glad he looked at any of the exercise okay for Adidas lab.
1983
07:36:25,600 --> 07:36:31,744
The portal that we going to Arabic
1984
07:36:32,000 --> 07:36:38,144
Standard-Examiner book Porter wp40 training the progress portal that is
1985
07:36:38,400 --> 07:36:44,544
Web4 do that paper. Draining the MLS teams John Dollar General in the private support Channel
1986
07:36:44,800 --> 07:36:50,944
It's available remote access on the Sunday night and that is 27th March midnight
1987
07:36:51,200 --> 07:36:57,344
Is a please copy each and every information that is available on the portal or like the credentials that is
1988
07:36:57,600 --> 07:36:59,392
Okay
1989
07:36:59,648 --> 07:37:02,464
Please download this credential
1990
07:37:11,680 --> 07:37:17,824
Please copy this credentials that is potential for your offline
1991
07:37:18,080 --> 07:37:24,224
So all this material that is shown over here
1992
07:37:24,480 --> 07:37:29,344
Don't Disco.
1993
07:37:30,112 --> 07:37:36,256
No but that's it so thank you all so much
1994
07:37:36,512 --> 07:37:42,656
Unsubscribing for this particular training if you have any feedback for this training or the content of
1995
07:37:42,912 --> 07:37:49,056
Obtaining or delivery of this training you can simply provide us the feedback if you if you
1996
07:37:49,312 --> 07:37:55,456
Filling out this training then you can simply shout-out on Twitter or LinkedIn
1997
07:37:55,968 --> 07:38:02,112
Not secure for me, I already posted that
1998
07:38:03,136 --> 07:38:05,184
BMX Games Channel
1999
07:38:05,952 --> 07:38:08,512
Yes already posted.
2000
07:38:10,048 --> 07:38:12,864
Thank you so much all
2001
07:38:13,376 --> 07:38:19,520
Through 2128 some clothing notes over here
2002
07:38:19,776 --> 07:38:25,920
You guys so much and I hope you enjoyed every bit of it
2003
07:38:32,576 --> 07:38:38,720
Also I said be too alarmed by the courses hacking insecurity
2004
07:38:38,976 --> 07:38:45,120
Packing up application security for Developers
2005
07:38:45,376 --> 07:38:49,728
Hacking and thank you guys joining us
2006
07:38:53,568 --> 07:38:59,712
Thanks everyone so let me open this channel 45 minutes if you have any question
2007
07:39:10,208 --> 07:39:12,000
Thank you is great
2008
07:39:12,256 --> 07:39:14,560
Thanks thanks.
2009
07:39:15,072 --> 07:39:21,216
Yes thank you both and while we're sitting here I will add for anybody who has to take their Cloud hacking
2010
07:39:21,472 --> 07:39:27,616
Course that is awesome things data science
2011
07:39:27,872 --> 07:39:34,016
Hey guys it was a it was fun and enlightening so
2012
07:39:34,272 --> 07:39:40,416
Definitely be able to use some things we learned this week daddy love them and thank you so much
2013
07:39:40,672 --> 07:39:46,816
You guys take care hopefully we'll see you at Blackadder somewhere one day yes we will
2014
07:39:47,072 --> 07:39:48,608
Tayk
2015
07:39:48,864 --> 07:39:55,008
Thanks-thanks-thanks James
2016
07:39:56,032 --> 07:39:58,592
Thank you
2017
07:39:59,872 --> 07:40:03,968
Have a good weekend
2018
07:44:07,936 --> 07:44:12,800
Diamond a good evening everyone I'm just closing the zoom assertion now
2019
07:44:13,056 --> 07:44:19,200
Thank you so much have a great weekend