when i step over fgets i cant input the password on debugger, the pointer doesnt wait for my input, how to do that?
@m.alfaqih468522 күн бұрын
I just decide learn smart contract and this video is very clear. Thank you!!
@Sproute-RL25 күн бұрын
how can i patch?
@nini-jx3lrАй бұрын
Thank you!
@lblboy6Ай бұрын
Got a graphql api this project. Pumped to check this out - thanks for the content!
@ConsoleCowboysАй бұрын
Cool, have fun!!
@ThanguGangАй бұрын
Still my request is not getting intercept after all this process It's been a month iam stuck with this problem. plz 🙏 help me
@ConsoleCowboysАй бұрын
I can try to replicate next week when I get off travel see if if this is still working for me on a new macbook..
@ThanguGangАй бұрын
@@ConsoleCowboys yes please 🙏
@ihtishamafridi8589Ай бұрын
i now nothing about coding, can i start this course?
@ConsoleCowboysАй бұрын
If you watch it and understand what I am doing.. then go for it.. Its not a dev course.. mostly convering concepts and then putting those concepts to code.. I would type out every line of code to udersrtand it,.. But there is also a python version of this on the channel that goes much farther into topics and feeds off the smart contract hacking course..
@omarlittle5802Ай бұрын
I discovered that if I add that peanut butter powder to my overnight oats, it's a WAY more complex flavour profile!!! So that's what I had this morning!!
@otis5802Ай бұрын
Thanks, man. I have been working through Hackthebox's CBBH path. I really appreciate your advice on reaffirming knowledge with some of the other programs I haven't heard or thought about.
@Alex-vi6izАй бұрын
Wow this was such a good vid. Regarding the building a basic web app, I highly agree. At the end of intro to web apps HTB module they even suggest this, and I really learned a lot while doing it. I am currently on a similar path on HTB, Penetration Tester. Once I get to web attacks, I am planning supplement with portswigler to solidify the knowledge. My overall idea is to go for a "regular" pentesting job and if that is not possible go back and complete Bug Hunter path and specialize in webapp security as that seems to be more in demand these days. Regarding hacking APIs, is the book or the course better ? Or are supposed to go through both ?
@deethekingstevens7146Ай бұрын
What do you find harder web applications hacking or blockchain web3 hacking ?
@ConsoleCowboysАй бұрын
They are both about the same thing, although with blockchain stuff it tends to be a lot more code review, and you can think of it like the back end/api.. but they are essentially the same thing from a hacking perspective.. its both application hacking.. and all of your application hacking skills apply to web3 as blockchain is just the backend in most cases to an application front end.
@detective525315 күн бұрын
@@ConsoleCowboys could you please make a detailed video about the differ between hot and cold wallets and what're the attack vectors that in most cases leads to an exchange assets breach?
@anggorodhanumurti1956Ай бұрын
where do i get the "walkthrough" binnary file used in this video? i wanna try practicing😊
@ConsoleCowboysАй бұрын
You can litterally grab any binary off your system or grab a crackme binary off a RE site as your target.. doesnt have to be anything specific..
@hypnos47542 ай бұрын
Good stuff. As someone who has experience as a sysadmin I’ve been wanting to break into pen-testing roles. Aside from certs I’m not exactly sure what that path may be.
@ConsoleCowboys2 ай бұрын
Depends what your idea of pentesting path entails as your day to day... there are many ideas of that from attacking applications, to security research to network pentestingm weireless, iot etc etc? For web/applications I can give you a very concrete path.. for the rest of it depends.. its a bit more up in the air choose your own adventure.. but easy enough to plot out depending on interests
@hypnos47542 ай бұрын
@@ConsoleCowboys network pentesting is for sure the route I’d decide to go with. I really got into crafting packets and that sort of thing.
@codework24342 ай бұрын
Thank you 👍
@aliazlanaziz2 ай бұрын
I have no words for your excellent work and for your efforts, looks like u got dropped straight outta heaven, I read your blogs, then watch the video. The amount of effort you put into your blogs and video and the way you explain it, very much appreciated. May God bless u.
@ConsoleCowboys2 ай бұрын
Cheers thanks for the kind words... Please share it out if your enjoying it.. it helps..
@aliazlanaziz2 ай бұрын
Will share definitely with my friends, please don't discontinue the pentesting series ever. I have recently started my path towards pentesting.
@jeff8452 ай бұрын
This is great content! 🤘
@ConsoleCowboys2 ай бұрын
Thanks!!!
@sreejith96912 ай бұрын
Can you share the script you used at 8.06 ? i couldn't find it anywhere.
@ConsoleCowboys2 ай бұрын
its just web3.eth.getAccounts. The rest of that text under it was printed from running that command, it created a promise and pulled back that info..
@sreejith96912 ай бұрын
@@ConsoleCowboys ok understood. thank you.
@user-ts5vr7jh7c2 ай бұрын
Love your content ❤
@ConsoleCowboys2 ай бұрын
Glad your enjoying them!!!
@h4ck3r_SA2 ай бұрын
keep Going i love your videos ❤❤❤❤
@ConsoleCowboys2 ай бұрын
Glad your enjoying them!!!
@oliverli96302 ай бұрын
coool!
@merv8932 ай бұрын
Lol
@termireum2 ай бұрын
Thanks bro! I found a reentrancy on staking contract after watching your video, I got bug bounty $$$$.
@ConsoleCowboys2 ай бұрын
Glad to hear it... Keep learning!!! Also share out any videos you learn something from.. I appreciate it... Cheers..
@waleedkhalid66743 ай бұрын
Hope u make new course about hacking smart contract with python coz all staff know updates to new technologies
@ConsoleCowboys3 ай бұрын
Yea I will put out some more stuff.. but not sure what.. there is a lot of content coming out which covers topics I was going to cover I need to check if they adequately cover it or just surface level cover it..
@ConsoleCowboys3 ай бұрын
Oh and there already is 2 modules for a course on hacking it with python on this channel... manual and with frameworks..
@john_says_hi3 ай бұрын
awesome vid!
@h4ck3r_SA3 ай бұрын
ily
@jonhdew32923 ай бұрын
Black Hat GraphQL.
@ConsoleCowboys3 ай бұрын
Yea, pretty solid book
@h4ck3r_SA3 ай бұрын
do more videos about physical sec please i love your videos
@ConsoleCowboys3 ай бұрын
Will do..
@h4ck3r_SA3 ай бұрын
Welcome back🎉
@ConsoleCowboys3 ай бұрын
just my normal release schedule of whenever I feel like it lol
@SportSync_official3 ай бұрын
Realistically, have you ever cloned cards using this methods, its fascinating
@ConsoleCowboys3 ай бұрын
Yea all the time.. its part of the redteam methodology when on engagements.. Exactly as shown is how we do it..
@Hex-Mas3 ай бұрын
Everyone and their dogs know what a flipper zero is. Getting caught with one will make you a suspect automatically lol
@ConsoleCowboys3 ай бұрын
In 20 years of physical breach pentests in all kinds of enviorments i have yet to have to pull out my get out of jail free authorizaton letter or not break in.. It be funny if flipper was my eventual downfall.. Although with social engineering you can make anything that looks sketchy become something benficial depending how you frame it..
@Hex-Mas3 ай бұрын
@@ConsoleCowboys Ya got a point.
@Hex-Mas3 ай бұрын
It's the TikTok toy
@ConsoleCowboys3 ай бұрын
lol maybe, not sure on that one I dont have tiktok.. But I could see the kids liking it, its more of a toy then a tool.. but it is useful and gets the job done
@michaelrodriguez84283 ай бұрын
This is an great kit! i wish we had stuff like this when I was doing this like 11 years ago. We had to build our own tool for getting via push bars from something at home depot and our card cloner was a bit bulky since we had to put it together ourselves but hey it worked had to of course SE people to get badge reads or actully go int to the bathroom and get a badge read that way if they were in the stall next to you since they hung them on there belt🤣
@ConsoleCowboys3 ай бұрын
Yea I know exactly what you are talking about.. Been in this game for 20+ years... Toolkits have for sure gotten a lot better.. back then it was more of tailgating vs cloning just do to lack of good equipment..
@hellyah16943 ай бұрын
ser can you help me. im get trouble in honeypot token crypto. im buy but cant sell it. 😢
@hellyah16943 ай бұрын
Hai ser, Can im asking Im get trouble now. im buy token in web3 wallet but im cant sell it. Do you something about it ser?
@jasonpitts83953 ай бұрын
The other thing you can do, which may apply to red team exercises, is to copy or brute force remote control gates or garage doors.
@ConsoleCowboys3 ай бұрын
Yea I was doing that some years ago when I wrote RFcrack and and automated things with python... But from what I see I dont think I can leverage this thing by just raw coding to an API for it.. At least not that I am aware of so I havnt messed with it much as its mostly button clicking and aps which doesnt hold my attention, but it can be very useful for things like this.. Just not for my research and dev..
@anthonystojcic91103 ай бұрын
Hi, i have a same model hid reader that you use with oled. where can we found zip files to build this pratical oled reader ?
@ConsoleCowboys3 ай бұрын
That doppleganger software has a GITHUB with directions on modifyin those to work like this one I got in the kit... Same people who made the software.. They have wireing digrams and instructions etc.
@luky12233 ай бұрын
Is this way of "clone-able communication" still using in a real world? Maybe it could be used 40 years ago but not these days. I guess, now, every system is using some encrypted-token-based communication, base on initialization value which is stored in card and not broadcasted. What is broadcasted is just a token based on "time data". Data which are transmitted does not make any sense and they are every time different based on two way communication protocol between reader and a card. Only one way how to break it is to a read a data store on card in its chip.
@ConsoleCowboys3 ай бұрын
There's a big difference between what's available technology and what people actually have implemented in penetration testing we're always attacking what's implemented and how it's incorrectly implemented
@SummaDa5503 ай бұрын
Hi bro! I am like to learn computer technologies but I don't know where to start and how? Give me an idea where to start and how
@ConsoleCowboys3 ай бұрын
Hack the box academy
@SummaDa5503 ай бұрын
@@ConsoleCowboys okkk thankyou bro
@L33tb1nary3 ай бұрын
What is the range for that device?
@ConsoleCowboys3 ай бұрын
I don't know the exact distance but pretty close, you can maybe get away with not touching it to them when its in a laptop bag with the HID one but pretty close to that.. With the Iclass reader you for sure need to make good contact and try to extend it when its inside a laptop bag. the words "long range" are pretty loose with the actual usage.. but they get the job done..
@Savage.7353 ай бұрын
Nice 💯👍
@iblackfeathers3 ай бұрын
you could probably do a series of videos on this highlighting differences and similarities. icopy xs & chameleon ultra, after the flipper.
@ConsoleCowboys3 ай бұрын
Yea potentially.. not sure where I am going with this at the moment.. haha but yep totally could... Just kind of showing useful things
@lowe803 ай бұрын
I got a set of deer cameras that are not wireless! I'm using for security cameras. They have the SD card I'm still having a intruder stranger danger retard! Guy with the IQ of a 12 year old intrude my home with the help of some intelligent people ,and others with to much money they don't know what to do with! I need to know how they are getting past the pir sensor? Can you explain that to me. Thanks
@0xhhhhff3 ай бұрын
nicee more of binja plsss
@ConsoleCowboys3 ай бұрын
Likily be a couple more of these.. share them out if your enjoying them
@CaravelL-eo1kn4 ай бұрын
Would this work to overflow alowed allowance amount?
@ConsoleCowboys3 ай бұрын
Try it and find out..
@AerosDaDinoHoodie4 ай бұрын
Awesome video! This is probably the best channel on KZbin for real world pentesting videos. How would someone go about getting into physical penetration testing? This stuff is super interesting to me. I've been studying network and web pentesting stuff for a while, which I like, but physically breaking into places has a certain satisfaction to it that random injection vulnerabilities could never have.
@ConsoleCowboys4 ай бұрын
Cheers, share it out if your enjoying it.... If you want to do physical testing I would first off start learning stuff like lockpicking, social engineering, proxmark usage etc etc Second I would double down on your network pentest and get a job as a network penetration tester at a consultancy that does physical pentests as part of the netpen team.. And in the interview make it known that is your interest and ask how to get involved if you choose to take the position..
@AerosDaDinoHoodie4 ай бұрын
@@ConsoleCowboys appreciate the advice man! I'm speedrunning a BS in Cybersecurity and Information Assurance through WGU, which involves having to pass several 3rd party certs (mostly CompTIA but others as well). I'm thinking once I'm done with that I should have a very solid foundation from which to branch out into more advanced stuff. Videos like yours are extremely helpful because it gives me an idea of what to aim for once I'm finished, which should be in a few months.
@youtraders4 ай бұрын
Im support on channel but very² nicr
@jeff8454 ай бұрын
At the 00:13:28 mark that HP is a little printer to print badges on the go. Beats having to make a trip to Kinkos. 😅
@ConsoleCowboys4 ай бұрын
haha nice!! Thanks for the infos!!
@Viralplace4 ай бұрын
How to avoid the timeout of the dongle?
@ConsoleCowboys4 ай бұрын
Oh man its been awhile since I played with the yardstick, I remember the timeout happening but forget what made it happen..