hi everyone! Here's the timestamps for this video: 00:00 - Intro 00:29 - View SameSite=strict Session Cookie 00:53 - Confirm WebSocket replies with entire chat history after READY message 01:35 - Confirm WebSocket is vulnerable to CSRF 02:19 - Discover our initial payload 03:25 - Write our initial payload 04:27 - Deliver our initial payload 05:25 - How we could bypass the SameSite=strict limitation 06:16 - Identify the sibling domain 06:52 - Confirm Reflected XSS vulnerability within sibling domain 07:29 - Login endpoint also accepts GET requests 07:45 - Try our initial payload via the sibling domain + reflected XSS 08:21 - Deliver our final payload to the victim 09:14 - Copy and clean the victim's base64 encoded chat logs 09:45 - View the decoded chat logs and solve the labs
@jonnywoo84182 ай бұрын
Thank you so much It's still works in 2024!
@gopikanna_ Жыл бұрын
Thank you for the amazing walkthrough..!
@netletic Жыл бұрын
thank you @gopikanna_! ☺️
@Jonathan-ng4vw Жыл бұрын
Nice explaination, thanks.
@netletic Жыл бұрын
Cheers @Jonathan-ng4vw!
@system_null Жыл бұрын
Hii. ur underrated
@netletic Жыл бұрын
thanks null! ☺️
@Андрій-ь1э25 күн бұрын
thank you
@kallikantzaros10 ай бұрын
thank you very much
@acronproject Жыл бұрын
very good thanks
@netletic Жыл бұрын
Thank you @acronproject!
@LMeasy4 ай бұрын
it doesnt work anymore, request is made only to /exploit by victim. something is not okay with the strict value, because if I visit URL manually then message is shown in logs, but if delivered to victim not
@Th3psalm1st4 ай бұрын
Yes it doesn't work. Can't see the bases64 values in the access log. The same for "SameSite Strict bypass via sibling domain" Lab. I think you must get burp pro to solve this now. Did you find another way?
@LMeasy4 ай бұрын
@@Th3psalm1st on the next day I tried again with newly created lab environment and worked fine. I guess somehow after a while the simulation of visitors gets buggy in the lab. Maybe if you try this hope this helps. I had like 3 labs like this where i could not finish due to exploit server bugs, and on the next day I tried same payload and worked xd
@Nul1Secur1ty4 ай бұрын
Yep ;) 😘
@alperkaya8919Ай бұрын
I had a different and better solution but because of exploit server, it didnt work.