No video
The Browser is a very Confused Deputy - web 0x05
Рет қаралды 40,296
Күн бұрынReading from the famous paper "The Confused Deputy" by Norm Hardy and make a connection to modern web vulnerabilities like XSS and CSRF.
The Confused Deputy: www.cis.upenn....
=[ 🔴 Stuff I use ]=
→ Microphone:* geni.us/ntg3b
→ Graphics tablet:* geni.us/wacom-...
→ Camera#1 for streaming:* geni.us/sony-c...
→ Lens for streaming:* geni.us/sony-l...
→ Connect Camera#1 to PC:* geni.us/cam-link
→ Keyboard:* geni.us/mech-k...
→ Old Microphone:* geni.us/mic-at...
US Store Front:* www.amazon.com...
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Website: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
=[ 📄 P.S. ]=
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#WebSecurity #SecurityResearch
@Anonymouspock 6 жыл бұрын
That confused deputy picture is awesome. Every time you look closer at it, it's more and more confusing or confused.
@stackoverflow2155 3 жыл бұрын
Could you please continue this series? This video has been very helpful in understanding how we can approach a target and find vulnerabilities in it. The short answer is, we don't. We approach the target to first understand what kind of authorized actions it can do, and then we see if we can confuse it just enough to do something unsafe. This gives a very clear idea of the "hacker mindset" that is required to be actually good.
@vengeancea3461 7 жыл бұрын
why you stop these series bro? Plz give us more videos, your teaching approche is kinda different and vary interesting!
@ncb4_69 3 жыл бұрын
im confused and now i can't do anything
@greg6094 6 жыл бұрын
Could you please continue this series? It's fantastic!
@soksamnang2150 3 жыл бұрын
LiveOverFlow never fail me in terms of teaching and explain about security issue even 4 years ago.
@kirolos94 6 жыл бұрын
I think I will stay standing here waiting for your next tutorial, keep on man
@ChristineLemmerWebber 4 жыл бұрын
This is really great... I posted it to the cap-talk mailing list and people there really liked it. We noticed that you mentioned object capabilities as if it would be a future episode... you did such a nice job explaining this that it would be cool if you wanted to tackle ocaps too. If you wanted some ideas about covering that, feel free to reach out.
@samsemp10l23 7 жыл бұрын
It would be cool if you do a video on cryptography.The algorithms,type of encryption methods,libraries in python etc.(p.s I introduced my friend to ctf and debugging as he wants to learn hacking but I don't want him to become a script kiddie so I made him watch your videos.We are going to become a ctf team :D.
@LiveOverflow 7 жыл бұрын
wohooo awesome! good job and hope you will have a lot of fun together. I'm sure I will cover crypto at some point. That's definitely an important field. Just no idea when I will tackle that. Maybe when web stuff is progressing more and we get into message authentication, signed cookies, ...
@KastanDay 6 жыл бұрын
Super cool concept!
@karnabalaj9036 7 жыл бұрын
glad i came across this channel Need to binge watch all the videos
@LiveOverflow 7 жыл бұрын
if you have any feedback, wishes, tips, don't hesitate to contact me!
@coder436 2 жыл бұрын
sudo is now a confused deputy
@ProBarokis 3 жыл бұрын
binary bunny lookin good broooo
@johnhammer8668 5 жыл бұрын
The next time i type app.get(" i have to stop and think. This was a great series. Wish it would be continued.
@WaldirBorbaJunior 7 жыл бұрын
Cool ... I'was watching the way you use gdb, and I saw that you really knows how to use. Could you make a video talking the best way to working with GDB. Tks
@miguelgrilo5853 Жыл бұрын
1:04 "the OS allows the program with those permissions to write files in its home directory, SYSX". I am confused here. This group only has r and x permissions on SYSX right? How does FORT as write permissions on STAT?
@h4kster182 5 жыл бұрын
very interesting ! thank you
@theairaccumulator7144 4 жыл бұрын
Only one after 4 years who noticed that in the beginning it says "Commondadori Rat"?
@Drifter69 2 жыл бұрын
The thumbnail ... Jackie Chan ??
@phychowoman6513 7 жыл бұрын
My only fear is that what would i do if you would stop making video.. tell me tell me tell me u wont
@LiveOverflow 7 жыл бұрын
not planing to ;)
@phychowoman6513 7 жыл бұрын
+LiveOverflow thanks thats my man
@aayushgargofficial 3 жыл бұрын
hmm, i'm impressed by your ability to narate.
@weapon1881 7 жыл бұрын
can you make video about assembly(for beginners) on mac :))
@logerer5633 7 жыл бұрын
Ok, now I'm confused :P
@gaydolfhitler6310 5 жыл бұрын
isn't that every privilege escalation ever?
@reveluv8851 3 жыл бұрын
Hacher mindset