1
00:00:12,370 --> 00:00:15,330
Hey, guys, welcome back to another episode on How to Hack.

2
00:00:15,820 --> 00:00:20,590
So now we're back to bypass front end restrictions and over here we have validation.

3
00:00:20,770 --> 00:00:26,530
So, of course, as you can see here, not all the time, we will be able to just added to GML, added

4
00:00:26,530 --> 00:00:30,250
a value and submit INTUITY Web application system.

5
00:00:30,280 --> 00:00:36,670
And in this case, we could be managed or controlled by JavaScript or JavaScript is a script that is

6
00:00:36,670 --> 00:00:43,000
embedded into the Web application system and that could manage and also control how decline browser

7
00:00:43,030 --> 00:00:45,520
interfaces with the website.

8
00:00:45,700 --> 00:00:45,910
All right.

9
00:00:45,910 --> 00:00:52,720
So in this case, over here, we have a task and a task request that does not fit the regular expression

10
00:00:52,720 --> 00:00:54,370
above to fuel in all things.

11
00:00:54,400 --> 00:00:54,700
All right.

12
00:00:54,700 --> 00:00:58,080
So here we have exactly three lowercase characters.

13
00:00:58,090 --> 00:01:05,530
So we are sending capital ABC exactly three digits and we're sending four digits letters, numbers in

14
00:01:05,530 --> 00:01:10,020
space only so we can put special characters enumeration of numbers.

15
00:01:10,270 --> 00:01:14,290
So only one, two, three, four, five, six, seven, eight and nine is the law.

16
00:01:14,320 --> 00:01:16,300
So we can enter digits here.

17
00:01:16,840 --> 00:01:18,240
Simple zip code.

18
00:01:18,280 --> 00:01:18,550
All right.

19
00:01:18,550 --> 00:01:19,810
Up to five digits.

20
00:01:19,810 --> 00:01:24,760
And we are putting, as did an exit with optional dashboard.

21
00:01:24,910 --> 00:01:25,210
All right.

22
00:01:25,210 --> 00:01:29,980
So again, we're adding in additional information and again, we're adding in about one more time.

23
00:01:30,850 --> 00:01:37,960
So when you click submit, right, it says JavaScript found form errors, value entered for if you want

24
00:01:37,960 --> 00:01:38,660
is not correct.

25
00:01:39,100 --> 00:01:40,510
Two, three, four, five, six, seven.

26
00:01:40,590 --> 00:01:41,970
All not correct.

27
00:01:42,520 --> 00:01:47,530
So one more thing that we have learned as part of understanding of a Web application penetration testing

28
00:01:47,980 --> 00:01:54,460
is that if you go on the web developer and you click onto network, OK, and if I click on Submit and

29
00:01:54,460 --> 00:01:55,840
I click OK, all right.

30
00:01:55,840 --> 00:01:57,070
As you can see over here, right.

31
00:01:57,640 --> 00:02:05,770
What happens is that before OK, before we are able to submit it into the system, the information is

32
00:02:05,770 --> 00:02:07,540
already being picked up by the JavaScript.

33
00:02:07,570 --> 00:02:12,460
So if I click on deposes over here, we can see the information.

34
00:02:13,030 --> 00:02:14,410
We have the response hater's.

35
00:02:14,740 --> 00:02:17,590
We have to request headers and we can look at the parum.

36
00:02:17,590 --> 00:02:17,930
Sorry.

37
00:02:17,950 --> 00:02:19,780
So these are the parameters that's been sent over.

38
00:02:20,140 --> 00:02:25,380
And then we have this additional fuyuko error, seven error seven.

39
00:02:25,390 --> 00:02:30,740
OK, so this was also sent into the Web application system and of course we got a response.

40
00:02:30,880 --> 00:02:33,040
So he says Lessoned completed his force.

41
00:02:33,460 --> 00:02:35,200
Sorry, the solution is not correct.

42
00:02:35,290 --> 00:02:35,990
OK, and so on.

43
00:02:36,050 --> 00:02:36,250
All right.

44
00:02:36,250 --> 00:02:37,990
So all this has been flagged.

45
00:02:38,510 --> 00:02:38,800
All right.

46
00:02:38,800 --> 00:02:40,450
So we are able to see all the details.

47
00:02:41,060 --> 00:02:46,120
So the JavaScript is the first line of defense for a lot of these Web applications systems.

48
00:02:46,390 --> 00:02:50,180
And all we got to do is to make sure that we have Bourbon Street running.

49
00:02:50,200 --> 00:02:56,040
So to help us get out of the JavaScript from being loaded Incyte decline browser.

50
00:02:56,410 --> 00:03:01,540
So all we got to do right now is go on to preferences, scroll down all the way to the bottom.

51
00:03:01,550 --> 00:03:01,930
All right.

52
00:03:01,930 --> 00:03:03,340
Click under settings.

53
00:03:04,300 --> 00:03:07,750
And over here you can click onto Manuell Proxy Configuration.

54
00:03:07,780 --> 00:03:13,650
So we have HTTP proxy one two seven zero zero one and Port eight eight eight eight.

55
00:03:13,660 --> 00:03:19,690
Gohei, to click on that and now we have already launched a website so we can turn on the intercept.

56
00:03:19,750 --> 00:03:25,120
OK, so go ahead and click on our proxy tab intercept and click on our intercept as on.

57
00:03:25,750 --> 00:03:27,700
So I go back into Firefox.

58
00:03:27,710 --> 00:03:28,040
All right.

59
00:03:28,060 --> 00:03:31,240
So I can go back here into Firefox and click submit.

60
00:03:31,790 --> 00:03:34,300
OK, so we will pick this up.

61
00:03:34,340 --> 00:03:34,600
All right.

62
00:03:34,600 --> 00:03:36,700
So I can drop the lesson overview.

63
00:03:36,860 --> 00:03:37,290
All right.

64
00:03:37,330 --> 00:03:38,890
I can drop the lesson manual.

65
00:03:39,070 --> 00:03:39,380
All right.

66
00:03:39,790 --> 00:03:41,200
And over here we have to post.

67
00:03:41,410 --> 00:03:44,940
So we have got bypass restrictions, front and validation.

68
00:03:45,220 --> 00:03:47,230
So we have all these different details once again.

69
00:03:48,070 --> 00:03:49,600
And we can do a right click.

70
00:03:49,930 --> 00:03:52,450
OK, send to all right.

71
00:03:52,780 --> 00:03:57,840
Repeater, so sent to repeater and you can see that the repeater tab is now in orange.

72
00:03:57,850 --> 00:03:58,900
So go in, click on it.

73
00:03:59,530 --> 00:04:05,620
And this is the place where we can amend the kind of values that we want to send straight right into

74
00:04:05,650 --> 00:04:07,060
the Web application system.

75
00:04:07,630 --> 00:04:11,380
So in this case, we can see that we have to feel all right.

76
00:04:11,380 --> 00:04:18,400
There has already been prefill doing our data all Paillot, we have amended and of course, at the end

77
00:04:18,400 --> 00:04:21,490
we have this area is Arika Savard.

78
00:04:21,670 --> 00:04:27,280
So as you make less error, you'll be one, two, three, four, five, six, seven.

79
00:04:27,310 --> 00:04:30,730
So in this case, we're going to change the error in to zero.

80
00:04:31,240 --> 00:04:32,710
So we change the error to zero.

81
00:04:33,010 --> 00:04:34,150
Now we go ahead and click on.

82
00:04:35,470 --> 00:04:41,410
So once you click on send immediately, we're able to put all this data, post all this data into the

83
00:04:41,410 --> 00:04:44,570
Web application server and it is less and complete it.

84
00:04:44,590 --> 00:04:45,670
Congratulations.

85
00:04:46,000 --> 00:04:48,340
You have successfully completed the assignment.

86
00:04:48,640 --> 00:04:48,890
All right.

87
00:04:48,940 --> 00:04:52,360
So once again, I hope you've learned something valuable in today's tutorial.

88
00:04:52,390 --> 00:04:56,230
And if I have any questions for you, if you leave a comment below, I'll try my best to answer any

89
00:04:56,230 --> 00:04:56,890
of your queries.

90
00:04:57,100 --> 00:05:02,470
OK, Aerolite share, subscribe to the channel so that you can be kept abreast of the latest cybersecurity

91
00:05:02,470 --> 00:05:02,900
tutorial.

92
00:05:03,040 --> 00:05:04,360
Thank you so much once again for watching.