Padding Oracle Attack Explained (TryHackMe - NewYork Flankees)
Автор: Perumal Jegan
Загружено: 2024-07-29
Просмотров: 526
Описание:
Hello All,
The TryHackMe room "NewYork Flankees" has a very interesting foothold of Padding Oracle exploitation. If you learn how it works and able to identify it on a web application.Exploitation will be a piece of cake(though it is time taking).Eventually this padding boracle attack will become an unassailable thing in your arsenal!
====================================
References(Oracle Padding Attack) :
====================================
1) https://research.nccgroup.com/2021/02...
2) / oracle-padding-attack
=============
Time Frames
=============
00:00:00 Intro
00:00:38 Overvi of TryHackMe room NewYork Flankees
00:03:58 Nmap Enumeration
00:07:30 Enumerating Web application
00:14:04 Obtaining encrypted blob a web page's front end javascript code.
00:22:55 Debugging debug.html page in firefox
00:24:20 Discovery of Padding Oracle Vulnerability on Web Application
00:26:48 Explaining Oracle Padding (Padding Oracle) attack (Theory)
00:48:56 Beginning the Oracle Padding Explaitation with Padbuster.
00:58:18 How Padbuster bruteforces every byte(explanation)
01:06:00 Getting Reverse shell to Docker container
01:24:20 Esacaping Docker container to the host system
01:31:56 Outro
====================
Connect with Me On
====================
Website : https://perumaljegan.com
LinkedIn : / perumal-jeganatharavi-a890121b2
Twitter : https://x.com/realperumalj
#cryptography #oraclepadding #newyorkflankees
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: