The Three JavaScript Hacking Legends

Рет қаралды 57,174

Күн бұрын

In this video we talk about the first JavaScript vulnerabilities in 1997, and how the field was dominated by three "XSS" legends.
Bugtraq 1997 - LoVerso: seclists.org/bugtraq/1997/Jun/88
LoVerso Website: web.archive.org/web/199706071...
LoVerso dir.html PoC: web.archive.org/web/199706071...
Tasty Bits from the Technology Front: web.archive.org/web/199708032...
TBTF about Netscae 2.0b3: web.archive.org/web/199708032...
Scott Weston on TBTF: web.archive.org/web/199708032...
Bugtraq about Bug Bounty 1995: seclists.org/bugtraq/1995/Oct/12
Episode 01: • The Same Origin Policy...
Episode 03: • The Age of Universal XSS
Episode 02:
00:00 - Intro
00:45 - First JavaScript Vulnerability
02:00 - John Robert LoVerso
03:19 - First Directory Browse Vulnerability
04:16 - Comparison to My Exploit
05:13 - John Tennyson
05:44 - Tasty Bits from the Technology
06:16 - Netscape's Bug Bounty
06:48 - Scott Weston history stealing
08:12 - The Three Legends of JavaScript Security
08:59 - The Year 1996
09:31 - JavaScript can't claim to be secure
10:25 - ECMAScript: JavaScript Specification
11:13 - Next Episode Teaser
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow

Пікірлер: 76

@minirop Жыл бұрын

Nowadays "it's not a bug, it's a feature used by ad/tracking companies"

@lukor-tech Жыл бұрын

That reminds me that back in time you could hack ATMs in Poland in similar fashion. You had this overlay that had no way for you to interact but buttons native for the banking program, but one was off and looked different. It was the 'help' button with some polish docs on how to use the ATM (again, early days of them here). When you clicked on it, it opened a dialog in which was text possible for selection and that allowed the user for double tap and show of context menu in which was print option. In print window you needed to tell windows (lol) that you have the magical drivers for the printer you're trying to access and you just have to look for them in... System32 or some other low level folder. When clicked it automatically assumed you're the admin (duh!) and well, that was it. Wild times.

@Rennu_the_linux_guy Жыл бұрын

I've been going through and rewatching the bin 0x series and the pwnie island series and it reminded me how literally NO OTHER CHANNELS have given me such a strong insight into technology and most importantly how to teach myself. Everytime I'm in a rut and can't think of stuff to make I come back to this channel and it /always/ reignites that passion I have towards technology and automation; and I just have no words to convey how important this channel has been for me and many others, I hope you keep making content and I hope the content that's already on here will be here for many generations of tinkerers to come c:

@LiveOverflow Жыл бұрын

thnak you so much for the kind words 🥰

@meigyokuthmn Жыл бұрын

To be fair, they are more like web browser vulnerabilities than JavaScript vulnerabilities.

@christian123542 Жыл бұрын

Well, if JS is implemented in a web browser then technically every JS vulnerability is a browser vulnerability. Doesn’t really make sense to try and make a hard distinction between those two things.

@panthy4331 Жыл бұрын

@@christian123542 huge difference, javascript/ecmascript and runtime engine. different browsers use different runtime engines.

@huhard Жыл бұрын

Love this series of browser and client side security!! Thank you for the wonderful insight and content! :D

@SaniSensei Жыл бұрын

4:45 the tag has a target attribute with the name of the opened window. So I guess that's how the .submit() knows where to send the form to.

@LiveOverflow Жыл бұрын

yep exactly. I'm noob

@BTMPL Жыл бұрын

The "read local directory", or even "read local file" and upload to remote server worked even in Internet Explorer 5.x era. Remember exploiting that to get visitors Windows Commander FTP config file.

@lukor-tech Жыл бұрын

To help them, of course!

@quenzo4282 Жыл бұрын

Yo this helped so much and I always appreciate the content and when i found the channel and got the energy from you from the previous video, you've been nothing but real and can vouch for the amazing content and how down to earth you are with everything! All the most love, respect, and appreciation

@damejelyas Жыл бұрын

I am speechless .thank you !!!

@yesrelmartinez1253 Жыл бұрын

Thank you for explaining this thoroughly!

@kirdneh2946 Жыл бұрын

Love the history lessons. :) Would love to here more about all the specific browser features and browser wars. Mario Heiderich just mentioned some of it in lectures. But sadly, i forgot a lot.

@Haxel0rd Жыл бұрын

Great series!

@MattMcT Жыл бұрын

great video! thank you :)

@tiimshu Жыл бұрын

Excelente muy practico, 100% recomendado

@sixtool9270 Жыл бұрын

Thanks Bruu

@MuhammadAbdullah76500 Жыл бұрын

Thank you so much you really help me :)

@_SUBS_ Жыл бұрын

thank you so much

@danielsouza9736 Жыл бұрын

thanks, it actually let me through so i could download it.

@Abishek_B Жыл бұрын

Absolute G

@logiciananimal Жыл бұрын

I remember Navigator 2.02 being an unstable pile of whatsit, but it was much better with Javascript off and if you avoided frames, too. I did use it through most of my undergraduate days anyway - back when McGill had the course catalogue as a gopher site!

@cabbageman Жыл бұрын

I love this JS archeology.

@subhajitmukherjee3703 Жыл бұрын

U BEST!!!

@dandymcgee Жыл бұрын

These guys are cool, but most of all, Samy is my hero.

@lr134 Жыл бұрын

🤣

@tg7943 Жыл бұрын

Push!

@sobertillnoon Жыл бұрын

If jscript hadn't existed (and I fully understand why it did) I would probably have embraced browser scripting earlier. Instead I learned how to do a lot of things with CSS.

@alejandroalzatesanchez Жыл бұрын

the saint trinity of js

@maxrandom569 Жыл бұрын

6:49 watson?

@cunisoun7091 Жыл бұрын

Well lockdown started with Blender but since my laptop can't handle it, I've relocated

@waternewt423 Жыл бұрын

LiveOverflow so looks like John Hammond

@jxtr3m316 Жыл бұрын

when i insert it?

@hallexlol Жыл бұрын

wow what an amazing video! i would definiutely subscribe if i had the money too!

@quantumbracket6995 Жыл бұрын

nice job managing eintracht frankfurt btw

@mollthecoder Жыл бұрын

I found the IP of the Minecraft: Live server, but I don't have a working MC account yet, I emailed you about it but you didn't respond. I just want to confirm the IP I have is correct.

@SagarChandraBala Жыл бұрын

Now a day, isn't possible to huck a Facebook account. Can you please make a video about it.

@docem43 Жыл бұрын

0:22

@sheaksadi Жыл бұрын

Lol i thought this was a security vonrebility on "three js" 😅

@tugra3379 Жыл бұрын

Except that it's 1000x more complicated that what it seems

@benitosunisankar3851 Жыл бұрын

I'm with a i7 10th gen processor with 32 GB ram.

@LebronJ0 Жыл бұрын

Bro...

@mahmoudsadoon5995 Жыл бұрын

Thank you, can I add my own voice and change it a bit?

@melonman1252 Жыл бұрын

Obviously not it’s not your work. Do some work yourself

@TilmanBaumann Жыл бұрын

It derives no security from the similar name. 😂

@ozichukwu Жыл бұрын

Ben Tennyson

@aka1021 Жыл бұрын

I thought this was a anime trailer.

@mobeen360 Жыл бұрын

Came here for three.js, oops.

@AyoubFrihaoui Жыл бұрын

I will watch the whole video then type first

@kaushik4373 Жыл бұрын

thx for soft mate

@conradi8522 Жыл бұрын

@LiveOverflow you leaked ip adresses of many people that played on your minecraft server in the last video

@anonimenkolbas1305 Жыл бұрын

Most of them are dynamically given out by ISPs, so there's not much someone can do with them. Of course, you *can* figure out where the owner of some username is from...

@whetfaartz6685 Жыл бұрын

@@anonimenkolbas1305 port scanning, if they have web servers you could exploit those, finding where they live, you can also do a search on websites that index leaked databases like intelx. and searching for database with correlated ip addresses, there are other things I think you can do but I cannot recall, anyways it can be malicious

@anonimenkolbas1305 Жыл бұрын

@@whetfaartz6685 "Most of them are dynamically given out by ISPs[...]" 90% of the people who "resided" at those IPs at the time of the video's release no longer do.

@whetfaartz6685 Жыл бұрын

@@anonimenkolbas1305 how do you know?

@herrkatzegaming Жыл бұрын

@@whetfaartz6685 I am not them but dynamic IPs expire often and then get re-used by another customer, and leaking IP addresses would only show the local geographical area, not their exact address (especially with dynamic IPs which most people have)