Bug In Focus: Remote Code Execution (RCE)
Рет қаралды 12,763
Күн бұрынWe talk about remote code execution, often a holy grail bug with bounties getting upwards of $1k and a scary amount of impact. We're going to break down, what they are, what people's first RCEs often are, then we chat about CVEs and how to exploit them. Finally, I give some interesting RCEs and explain the process of finding them.
Welcome to the first video in the Bug In Focus series, this series is going to be all about breaking down those really hard advanced bugs and explaining how they found them, what they are, what you need to know and how they were exploited. These videos are not going to be tutorials but instead presenting some interesting bugs, it's important to expose yourself to more advanced techniques even if you don't 100% understand what's happening.
Links
- Orange Tsai - Infiltrating Corporate Intranet Like NSA Preauth RCE
- DEF CON 27 Conference : • Orange Tsai - Infiltra...
- Rez0 - My first RCE: a tale of good ideas and good friends: rezo.blog/hacking/2019/11/29/...
- Strynx - Abusing ImageMagick to Obtain RCE: strynx.org/imagemagick-rce/
- Spaceraccoon - Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2: spaceraccoon.dev/remote-code-...
- Neex - RCE by command line argument injection to `gm convert` in `/edit/process?a=crop`: hackerone.com/reports/212696
- mrnbayoh - Insufficient sanitizing can lead to arbitrary commands execution: hackerone.com/reports/494979
- Spaceraccoon - RCE and Complete Server Takeover of www.█████.starbucks.com.sg/: hackerone.com/reports/502758
- Orange Tsai - Potential pre-auth RCE on Twitter VPN: hackerone.com/reports/591295 & blog.orange.tw/2019/09/attack...
@arpeetrathi 4 жыл бұрын
Your videos are really great. I mean they are explained in brief for noobs like me about a particular topic and in simple manner.
@weston5614 4 жыл бұрын
13:15 "RCE's and find to find them"
@selimeneskaraduman6935 4 жыл бұрын
Really thanks for this video look forward to see XXE ;)
@InsiderPhD 4 жыл бұрын
Will keep your suggestion in mind ;)
@tommysuriel 4 жыл бұрын
Excellent video. Thank you so much for your hard work with these videos. Some other topics I have in mind that you could do videos on are: SSRF, http request smuggling, race conditions and open redirect
@tommysuriel 4 жыл бұрын
Also cache poisoning
@InsiderPhD 4 жыл бұрын
I will keep your suggestion in mind SSRF + Race conditions are already on the list. Open redirects are not just because they are usually out of scope or borderline out of scope and I wanna make sure the bugs I feature get paid out. Will keep the other two in mind :)
@tommysuriel 4 жыл бұрын
@@InsiderPhD Thank you so much, look forward to more videos :)
@Safvanviber-xm3pn 10 ай бұрын
Really thanks its help me so much 🙂
@igu642 2 жыл бұрын
Thank you!
@emreru5687 4 жыл бұрын
Thank you
@kavishgour3267 4 жыл бұрын
finally :D
@0xlaiho 4 жыл бұрын
Love your content. Please do a dedicated video on GraphQL endpoints.
@InsiderPhD 4 жыл бұрын
Definitely need to do this, there's so much I couldn't cover in the API video and they're becoming more and more common
@0xlaiho 4 жыл бұрын
@@InsiderPhD Tysm for all your work. Helped me a lot. You're really awesome.
@noobhunter2986 4 жыл бұрын
Wow, in the end.
@pentestereleet9591 4 жыл бұрын
just Awesome 😍 😘 😘 😘
@ahmedelgaidi 4 жыл бұрын
i really loved your accent , it made me more comfortable Great video!, thank you so much :)
@InsiderPhD 4 жыл бұрын
Come for the cyber security content stay for the British accent!
@ahmedelgaidi 4 жыл бұрын
@@InsiderPhD I'm completely tunned, I love listening to british accent. Keep going, you're fantastic .
@0xsunil 4 жыл бұрын
@@InsiderPhD Yeah. I also totally love the accent of yours and sure the amazing content as well! Love from India.
@knowledgeboxbd9625 4 жыл бұрын
Thanks, but please make a video about the recon full methodology for pentesting
@InsiderPhD 4 жыл бұрын
Recon is coming soon! I'm currently learning more about recon so I'm going to make a whole series on what I learn!
@knowledgeboxbd9625 4 жыл бұрын
@@InsiderPhD Thanks, your video is different than others bcoz you make the full details that's impressive . 😍
@InsiderPhD 4 жыл бұрын
Aww thank you, I’m so happy that people love the way I explain things
@selimeneskaraduman6935 4 жыл бұрын
@@InsiderPhD for recon many people shows assets discovert more but can u show us how to do recon in one domain for ex. only recon for sports.yahoo.com directory brute force , js parsing , endpoint finding , sensitive info leak from 3rd party websites etc. ? I think this is good idea and many hacker didnt make a video/stream like this
@InsiderPhD 4 жыл бұрын
This is a great idea and I will definitely look into it!
@soloh4cker 3 жыл бұрын
why the hell there is RCE tutorial video in my youtube ads???
@sudha2373 3 жыл бұрын
Why u not make real rce video only explain reports
BePractical
Рет қаралды 4,5 М.
راكوان للبرمجة - CodeRK
Рет қаралды 25 М.
Bug Bounty Reports Explained
Рет қаралды 7 М.