1
00:00:00,930 --> 00:00:07,050
So in this video, we're going to see the firepower, vulnerability whenever we have this chance to

2
00:00:07,050 --> 00:00:14,460
upload a file image or any extremophile, you can upload this and you can navigate to this file to see

3
00:00:14,460 --> 00:00:14,980
the content.

4
00:00:15,630 --> 00:00:23,190
So on this uploading, we can also upload the reversal in the format of PSP or any other backend of

5
00:00:23,220 --> 00:00:23,870
service running.

6
00:00:24,090 --> 00:00:29,460
And then if you load the file in this, you are then our malicious code will get executed.

7
00:00:30,150 --> 00:00:36,120
So instead of this image where I can select this reversal of this BHP non-Equity.

8
00:00:38,480 --> 00:00:40,130
One BHP Riversdale.

9
00:00:43,860 --> 00:00:47,340
So let me turn off this burp and refresh this page.

10
00:00:49,040 --> 00:00:55,140
So as you can see, I have a couple of websites on this page be reassuring.

11
00:00:56,630 --> 00:01:05,170
So basically we upload this on this website and then we'll never get to that, uh, PSP file to decode

12
00:01:05,180 --> 00:01:06,700
this, uh, payload.

13
00:01:07,910 --> 00:01:11,120
So, uh, Creegan, this one which Russia.

14
00:01:13,090 --> 00:01:20,620
So, yes, I thought I could get this guy to bring you the special called.

15
00:01:25,030 --> 00:01:27,820
And click on this reversal that BHP.

16
00:01:29,470 --> 00:01:37,720
And if you see this right, and if you this is the code for the PSP and Orange to change this, you

17
00:01:37,720 --> 00:01:42,010
need to change this particular color so that the reversionary.

18
00:01:42,010 --> 00:01:43,120
Carol, back to you.

19
00:01:45,900 --> 00:01:50,680
And the poll number are going to leave it as one, two, three, four are to contain this, a press

20
00:01:50,700 --> 00:01:52,810
contrary to the report and controversy.

21
00:01:53,550 --> 00:01:56,580
No, I don't want to raise I want to create a new file.

22
00:01:57,690 --> 00:02:04,380
But to delete or reverse that BHP.

23
00:02:09,870 --> 00:02:10,860
So.

24
00:02:12,510 --> 00:02:20,590
I am going to pay this and I'm saying we're saving it as we possibly know, these are the comments.

25
00:02:20,600 --> 00:02:22,790
We don't need these comments.

26
00:02:23,450 --> 00:02:33,050
This will just increase the PHYLISS, which we don't need that we did all these comments and now we

27
00:02:33,050 --> 00:02:34,560
need to turn this hyper.

28
00:02:36,960 --> 00:02:41,880
So my colonics mission, I wanted to do that one six zero zero one zero four.

29
00:02:45,670 --> 00:02:53,410
So I'm going to leave the one, two, three, four as a normal no press conference, so might I reverse

30
00:02:53,410 --> 00:02:53,570
that?

31
00:02:53,600 --> 00:02:58,690
BHP has been successfully sued for SilkAir.

32
00:03:00,520 --> 00:03:02,500
It was not BHP.

33
00:03:04,610 --> 00:03:05,930
Now, I that down.

34
00:03:06,230 --> 00:03:07,040
OK, that's fine.

35
00:03:07,640 --> 00:03:08,870
Now what we can do is.

36
00:03:12,010 --> 00:03:21,250
So we can just go to this one and Deliberatively Security Bureau and we can upload this image, so in

37
00:03:21,250 --> 00:03:23,810
the low security, we do not have any chance.

38
00:03:23,860 --> 00:03:25,430
We can upload it if you want.

39
00:03:25,810 --> 00:03:26,980
Let me play this.

40
00:03:27,100 --> 00:03:30,660
Uh, it was not so recognizable.

41
00:03:31,060 --> 00:03:40,510
It is on to the retrospect, hackable approach, and it is showing me the path I can just simply go

42
00:03:40,510 --> 00:03:45,520
to here and might reverse the speaker gets it.

43
00:03:46,930 --> 00:03:52,380
So before that, let's set a prisoner on the wall, one, two, three, four to catch our Russia.

44
00:03:52,480 --> 00:03:55,020
So I'm going on listening on this for one, two, three, four.

45
00:03:55,150 --> 00:03:59,440
So whenever I hit enter the code inside this Rossler page, we get a digital.

46
00:04:01,330 --> 00:04:02,350
As you can see, we got.

47
00:04:05,520 --> 00:04:10,630
So we have got the shell and we can pretty much do the prescription from here.

48
00:04:11,220 --> 00:04:14,680
So this is the basics of this fight personality that we control.

49
00:04:15,850 --> 00:04:17,220
Oh, stop this one.

50
00:04:21,720 --> 00:04:26,660
So no sense of personal connection terminated.

51
00:04:26,940 --> 00:04:29,530
So we have to terminate this connection.

52
00:04:30,000 --> 00:04:35,540
Now, this is the basic way of operating the file and there are no restrictions over this.

53
00:04:35,910 --> 00:04:37,950
Now, let's increase the security to Miriam.

54
00:04:39,740 --> 00:04:40,940
Medium and answer.

55
00:04:42,140 --> 00:04:51,410
Now, let's try to approach this, uh, Rosler, BHP and see and it's just not appropriate because it's

56
00:04:51,410 --> 00:04:55,100
only accepting that image file format.

57
00:04:56,030 --> 00:05:00,590
Now, what I can do is I there are some simple tricks to bypass these restrictions.

58
00:05:02,480 --> 00:05:14,570
And I use LCP Rivers, not BHP, to that's a sample, that's a medium which will be recognised as a

59
00:05:14,570 --> 00:05:19,550
medium security medium that BHP that cheap.

60
00:05:21,480 --> 00:05:22,700
Oh, let's say this.

61
00:05:22,970 --> 00:05:29,850
So what I'm doing is I am putting this extraction that and so everything will be as an image.

62
00:05:31,370 --> 00:05:33,710
So now let's try to apply this.

63
00:05:38,770 --> 00:05:41,350
So our image was not a protest to.

64
00:05:43,630 --> 00:05:44,650
So try again.

65
00:05:45,960 --> 00:05:50,950
OK, now let's turn on this proposal to modify some parameters.

66
00:05:54,260 --> 00:06:01,610
So my work is on let me make sure that the design and process.

67
00:06:06,560 --> 00:06:12,140
So we have got this request here, are you going to do this, you need to.

68
00:06:16,360 --> 00:06:20,200
Jane, it's already their much being.

69
00:06:23,890 --> 00:06:31,900
And now let me try to put this up and the father, because to my mind, was not a protest.

70
00:06:32,350 --> 00:06:37,560
So let's try this as, uh, David Guimet.

71
00:06:39,820 --> 00:06:42,160
So we need to try a different file formats.

72
00:06:44,350 --> 00:06:44,710
Sorry.

73
00:06:46,820 --> 00:06:48,880
So maybe the.

74
00:06:55,540 --> 00:06:59,610
So we are just changing the last election from being to a debate.

75
00:07:00,640 --> 00:07:04,050
Now let's see whether we can approach this debate, fair or not.

76
00:07:06,860 --> 00:07:15,750
So let me try to follow this, and you can see so JPEG files are being accepted by our Web browser as

77
00:07:15,800 --> 00:07:16,640
sort of observer.

78
00:07:17,540 --> 00:07:21,560
Now, let me copy this and if I go here.

79
00:07:24,490 --> 00:07:32,680
I think my reserve is running on, yes, it's running on now, let me turn and follow this.

80
00:07:33,580 --> 00:07:35,430
As you can see, we got our share.

81
00:07:37,030 --> 00:07:43,840
So this is on track to bypass these restrictions.

82
00:07:45,640 --> 00:07:46,810
So let me go back.

83
00:07:50,670 --> 00:07:53,280
And what we can do is you need to increase the.

84
00:07:56,250 --> 00:07:57,690
Security level, the height.

85
00:08:00,620 --> 00:08:04,400
So now let's try to operate the same JPEG file.

86
00:08:06,550 --> 00:08:14,600
OK, OK, it's a product I don't know, it's there maybe there is some difference, but we have bypassed

87
00:08:14,630 --> 00:08:15,670
this using word.

88
00:08:16,450 --> 00:08:18,840
Now, let me capture this interceptor.

89
00:08:18,940 --> 00:08:22,330
I will show you some more tricks to bypass this.

90
00:08:37,940 --> 00:08:46,070
So let me start this dollar debate and let me know what we can do here.

91
00:08:46,400 --> 00:08:49,990
You know, there will be a progression or BHP, right?

92
00:08:50,210 --> 00:08:54,430
We need to change this image, our image, our image

93
00:08:57,020 --> 00:08:57,870
and what we can do.

94
00:08:58,120 --> 00:09:09,110
You can put the header of P and G are the header and what you're going to use to find out this Hedera.

95
00:09:17,240 --> 00:09:19,520
All right, now, let me just.

96
00:09:21,710 --> 00:09:24,260
So you need to turn out this.

97
00:09:26,910 --> 00:09:33,180
So there are file formats, this magical header will be identified as a.

98
00:09:33,750 --> 00:09:41,710
So there are some different magic hurdles for different formats and you'll identify the Geopark as well

99
00:09:42,480 --> 00:09:52,440
as starting these various if you it if that need to be considered as it so that, uh, there will be

100
00:09:52,440 --> 00:10:00,540
some magic, uh, files, magic, not magic numbers are the user, the starting header names, header

101
00:10:00,540 --> 00:10:02,700
data that will identify as the file extension.

102
00:10:03,090 --> 00:10:09,180
So in that way, you can just, uh, capture the question to this and you can modify the starting values

103
00:10:09,600 --> 00:10:14,930
and then you can simply, uh, just upload the, uh, code here.

104
00:10:15,930 --> 00:10:21,670
And another way you can do this, you can just certain image files copy.

105
00:10:21,690 --> 00:10:29,970
And I don't have Geopark personal tgp jpeg files and you will get the data here in the pursuit and you

106
00:10:29,970 --> 00:10:34,470
can just edit, edit the data and add your BHP reverser code.

107
00:10:34,980 --> 00:10:40,030
So it just adding the, uh, PSP Russia code at the end of this data.

108
00:10:40,290 --> 00:10:44,150
So, and then you can upload the uh normal.

109
00:10:44,520 --> 00:10:48,150
So my file has been successfully copied this.

110
00:10:52,340 --> 00:10:55,850
So I think, yes, my reasoning is running out.

111
00:10:57,890 --> 00:10:58,860
I get the reversal.

112
00:11:00,740 --> 00:11:08,590
So this is all about this final approval novelty's or you can just try some more extensions also.

113
00:11:09,470 --> 00:11:12,530
So I hope you have understood all the security levels.