IFrame Parent XSS - HackTheBox Cyber Apocalypse CTF

Рет қаралды 69,034

3 жыл бұрын

Moving your first steps into hacking? Start from HTB Academy: bit.ly/3vuWp08
Hungry for more hacking training? Join Hack The Box now: bit.ly/331nQCl
Hang with our community on Discord! johnhammond.org/discord
For more content, subscribe on Twitch! / johnhammond010
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
PayPal: paypal.me/johnhammond010
E-mail: johnhammond010@gmail.com
Discord: johnhammond.org/discord
Twitter: / _johnhammond
GitHub: github.com/JohnHammond

Пікірлер: 91

@nikkittb 3 жыл бұрын

Man, i have to say: i love how your vids on these challenges are uncut and honest! It makes me feel less of a fool myself, when i'm stuck on something trivial. At least next time i can say:"It's okay you little doofus, John Hammond forgot to use backticks when setting a JS-variable. Apparently even the best guys out there make mistakes." Thanks for the wonderful content John!

@lobley2 2 жыл бұрын

The best guys are all the better for being honest about their mistakes and demonstrating that they are human. For example I love that prominent scam fighting youtuber Jim Browning fell for a scam that lost him his channel temporarily, but made sure to tell the world he fell for it. It shows no matter how experienced you think you are you still have to be on your guard.

@drewrad8 3 жыл бұрын

Love the videos where you're doing it for the first time. It's all about learning how other people learn!

@_xpl0it_ 3 жыл бұрын

.. that satisfaction .. It's priceless

@NateRoberts 3 жыл бұрын

I actually appreciate when John does it the first time and struggles. Bc I know he does “easy rooms” but sometimes when I struggle I feel bad. So seeing John struggle too validated my struggling 😅 thanks again! Learned a lot from your struggle 😂😂

@develepre 3 жыл бұрын

I'm that Node Guy that laugh at all `back-tick moments`

@kritagyagupta8619 3 жыл бұрын

John thanks for this opportunity for us to learn from this

@Khusyasy 3 жыл бұрын

i just found this channel randomly, and i love the videos 😅

@PhilAlbu 2 жыл бұрын

Our failures teach us much more than our successes. Thanks for being so organic in your content. I think it's great to see that people don't always figure things out on the first try.

@maxxroach8033 3 жыл бұрын

I love watching you do these for the first time. I know the satisfaction you get when solving problems. Keep it up man!

@fr8trainUS 2 жыл бұрын

You call it painful, imo observing the thought process and troubleshooting was great! Congrats on the success

@swapnilbhosale2230 3 жыл бұрын

Great video man. Big fan! Thanks for sharing the knowledge with the community. I appreciate it. 🙏🏻

@ca7986 3 жыл бұрын

Love this new style with struggling. ❤️

@diddyman1958 2 жыл бұрын

I understood very little of that but still immensely enjoy your videos.

@adbirdk 2 жыл бұрын

As someone trying to secure my code, I really enjoy watching your web security vids..

@i-negm Жыл бұрын

Nice video , I liked your uncut way of recording this. It makes a lot of sense to me when watching you put all things together. Thanks for sharing such knowledge. Have a nice day sir.

@annikablohm 3 жыл бұрын

Weird as hell payload. Love it.

@jelgue 2 жыл бұрын

This one was really cool and interesting to me. Loved it!

@rbchoyce 2 жыл бұрын

I don’t understand much on here but it’s still fun to watch and learn

@sallytaylor6 3 жыл бұрын

Great content John

@_CryptoCat 3 жыл бұрын

didn't solve this one, looking forward to a detailed walkthrough 😸

@0xPanda1 2 жыл бұрын

love watching your videos

@MI7DJT 3 жыл бұрын

This is why it's called Hacking!! Great job John!

@mattrickbeats 2 жыл бұрын

Bro! You are a genius fam!

@anthonutty 2 жыл бұрын

I think jsonp is a common technique where cross-domain configurations are not setup, which means you can only basically do GET requests. So you basically send a GET request with a callback name of your choice, and take the response text of the response and eval it which essentially gets you to result passed into your function callback by name.

@OMER3-1-3 Жыл бұрын

DAMNN That was a great video thanks.

@CodyHoskin Жыл бұрын

Such a good video. It’s awesome learning with you. Lol.

@orgozlan323 3 жыл бұрын

Thank you

@alexcordovac Жыл бұрын

This is gold!!!!

@gurujiguruji8050 3 жыл бұрын

Awesome 🔥

@haseebarshad7451 Жыл бұрын

I WAS SCREAMING TACS JOHN!!!

@BearkFearGamer 2 жыл бұрын

Anxious thinking in backticks, hahaha. Congratulations man!

@0xfsec 2 жыл бұрын

I love this htb apocalypse series.. I can learn not just a black box but also white box testing. Do you have any video or tutorial recomendation for beginner on white box testing?

@abhishekmorla1 2 жыл бұрын

thanks

@SandyOC100 2 жыл бұрын

Always better problem solving live

@bulmavegeta23 2 жыл бұрын

that was intense

@tkstdude 3 жыл бұрын

Awesome

@HackerPaints Жыл бұрын

You’ve spared no expense

@jmsanchez5631 2 жыл бұрын

IM SCREAMING FOR THE BACKTICKS CMON

@soniablanche5672 Жыл бұрын

jsonp was a hacky way of sending data directly via javascript back when all cross site resources were not allowed by browsers. you're supposed to run it as the src of a script tag (script tags ignore CORS policies). That's why it's asking for the name of the callback, you would write a function that expect the data passed as argument.

@choleralul 2 жыл бұрын

Cool!

@h0tPlug1n 3 жыл бұрын

He is the real Elliot Alderson of Mr. Robot.

@hasibavi7539 2 жыл бұрын

Hi Hammond, I usually watch your every video and your contents are very rich. I have a query, suppose my SIEM detect potential cobalt strike on a internal communication (local to local) and as per checking it was detected by JA3 fingerprint. So, how can I locate on the machines, is there any true beacon or just false positive.

@logiciananimal 3 жыл бұрын

A great example to illustrate that CSP is not a cure-all.

@optional. 3 жыл бұрын

owsem ❤️

@phecdaDia 3 жыл бұрын

Does anyone know if you can still download these boxes like John does? Feel like having some nice coding examples would be useful to learn.

@auro3058 2 жыл бұрын

❤❤

@kvikkenni 3 жыл бұрын

No that was not painful that was epic

@SIRBOB102 2 жыл бұрын

the backticks of doom

@acolddayinhell6206 3 жыл бұрын

did you go live or uploaded a video?

@hihihi1733 2 жыл бұрын

where are you.. ? i am eagerly waiting for your videos.

@isiraadithya 3 жыл бұрын

If the content type is "application/javascript" you cannot use html tags inside it. Browser will ignore it and throw a exception. I think I wasted about 5 hours without knowing this on a bug bounty program. If I made a mistake please correct me. (I am 16 years old noob 😅)

@adityasinghixc3397 2 жыл бұрын

Hey John what's your main os ???? Which Linux ??? This is a VM like the original one ??

@RicondaRacing 2 жыл бұрын

I'm definitely not that advanced with BASH to be calling out syntaxes and functions like that. Is there any more entry-level stuff on HTB?

@hakoo2700 3 жыл бұрын

amazing ty so much i leant a loooooooooooooooot from this tnx:) ... btw i was doing '${val}' and seeing it not working and wondering why until i saw the exact same stackoverflow page and see `` and go like but why?!

@hakimelmansouri3166 2 жыл бұрын

Bro u just so smart i was thinking with you but u always think outside the box and i keep getting stuck hahahaha

@thecaretaker6659 2 жыл бұрын

17:22 Eureka!

@juliachild9377 2 жыл бұрын

I did it all for the cookie.

@kritagyagupta8619 3 жыл бұрын

Sup people

@dopy8418 3 жыл бұрын

Hey john how can we rewatch the hacking game you commented on with ippsec ?

@viv_2489 3 жыл бұрын

I haven't found the videos on Twitch.. it was only live stream I guess...

@_CryptoCat 3 жыл бұрын

i think HTB said they would be uploading on their YT channel

@viv_2489 3 жыл бұрын

@@_CryptoCat oh cool

@tylerrake9148 3 жыл бұрын

@Do py you can get it now available on youtube, on hack the box channel.....

@dopy8418 3 жыл бұрын

@@tylerrake9148 Yeah i saw thanks.

@raymond25475 2 жыл бұрын

how do you download an entire website folders and file ?

@dandan7884 2 жыл бұрын

Why would someone use puppeteer to access some hidden localhost page on the backend after a user post something? Automate administrative work? Feels very risky to do it in that way IMO Or maybe... It's just an insecure code for people to learn from...

@Qwerasd 2 жыл бұрын

The puppeteer instance simulates an administrator.

@ebux9885 Жыл бұрын

28:39 ngrok actually put your IP in the X-Forwarded-For header

@dev__004 Жыл бұрын

So what did we learn today? Everything needs to be url encoded😝😝

@corbezzz 3 жыл бұрын

~yt algorithm things~

@edwardortiz8580 2 жыл бұрын

I am also a veteran. I had some questions regarding certifications, and if you paid for them out of pocket and has the VA reimburse you, or had the VA pay for them via the GI Bill, if so, which ones were covered, and which were not ? I found some information. But nothing very clear. Best regards, TIA Eddie

@JacksonMarshal 3 жыл бұрын

I like the fact that John acting like he has never solved this problem before 😄

@PC-fe1pf 3 жыл бұрын

I think he was solving it for the first time.

@JacksonMarshal 3 жыл бұрын

@@PC-fe1pf nah dude. Checkout his other videos and you will see

@PC-fe1pf 3 жыл бұрын

@@JacksonMarshal You mean the other Cyber Apocalypse videos?

@JacksonMarshal 3 жыл бұрын

@@PC-fe1pf every Video of his is pre-scripted. Because he doesn't want to spend hours on recording himself trying to find it. So he does it ahead and then show us

@JacksonMarshal 3 жыл бұрын

@@PC-fe1pf and yes every HTB