Lab: SameSite Strict BYPASS via sibling domain (no Burp Collaborator needed!)

  Рет қаралды 5,721

Jarno Timmermans

Jarno Timmermans

Күн бұрын

Пікірлер: 17
@netletic
@netletic Жыл бұрын
hi everyone! Here's the timestamps for this video: 00:00 - Intro 00:29 - View SameSite=strict Session Cookie 00:53 - Confirm WebSocket replies with entire chat history after READY message 01:35 - Confirm WebSocket is vulnerable to CSRF 02:19 - Discover our initial payload 03:25 - Write our initial payload 04:27 - Deliver our initial payload 05:25 - How we could bypass the SameSite=strict limitation 06:16 - Identify the sibling domain 06:52 - Confirm Reflected XSS vulnerability within sibling domain 07:29 - Login endpoint also accepts GET requests 07:45 - Try our initial payload via the sibling domain + reflected XSS 08:21 - Deliver our final payload to the victim 09:14 - Copy and clean the victim's base64 encoded chat logs 09:45 - View the decoded chat logs and solve the labs
@jonnywoo8418
@jonnywoo8418 2 ай бұрын
Thank you so much It's still works in 2024!
@gopikanna_
@gopikanna_ Жыл бұрын
Thank you for the amazing walkthrough..!
@netletic
@netletic Жыл бұрын
thank you @gopikanna_! ☺️
@Jonathan-ng4vw
@Jonathan-ng4vw Жыл бұрын
Nice explaination, thanks.
@netletic
@netletic Жыл бұрын
Cheers @Jonathan-ng4vw!
@system_null
@system_null Жыл бұрын
Hii. ur underrated
@netletic
@netletic Жыл бұрын
thanks null! ☺️
@Андрій-ь1э
@Андрій-ь1э 25 күн бұрын
thank you
@kallikantzaros
@kallikantzaros 10 ай бұрын
thank you very much
@acronproject
@acronproject Жыл бұрын
very good thanks
@netletic
@netletic Жыл бұрын
Thank you @acronproject!
@LMeasy
@LMeasy 4 ай бұрын
it doesnt work anymore, request is made only to /exploit by victim. something is not okay with the strict value, because if I visit URL manually then message is shown in logs, but if delivered to victim not
@Th3psalm1st
@Th3psalm1st 4 ай бұрын
Yes it doesn't work. Can't see the bases64 values in the access log. The same for "SameSite Strict bypass via sibling domain" Lab. I think you must get burp pro to solve this now. Did you find another way?
@LMeasy
@LMeasy 4 ай бұрын
@@Th3psalm1st on the next day I tried again with newly created lab environment and worked fine. I guess somehow after a while the simulation of visitors gets buggy in the lab. Maybe if you try this hope this helps. I had like 3 labs like this where i could not finish due to exploit server bugs, and on the next day I tried same payload and worked xd
@Nul1Secur1ty
@Nul1Secur1ty 4 ай бұрын
Yep ;) 😘
@alperkaya8919
@alperkaya8919 Ай бұрын
I had a different and better solution but because of exploit server, it didnt work.
Lab: CSRF with SameSite Strict BYPASS via client-side redirect
9:02
Jarno Timmermans
Рет қаралды 4,9 М.
Lab: Cross-Site WebSocket Hijacking (no Burp Collaborator needed!)
6:55
Чистка воды совком от денег
00:32
FD Vasya
Рет қаралды 5 МЛН
SIZE DOESN’T MATTER @benjaminjiujitsu
00:46
Natan por Aí
Рет қаралды 8 МЛН
Quilt Challenge, No Skills, Just Luck#Funnyfamily #Partygames #Funny
00:32
Family Games Media
Рет қаралды 47 МЛН
I Gave My Website a Human Voice (It's Insane!) 🎯
9:01
Leon van Zyl
Рет қаралды 3,2 М.
Lab: CSRF with SameSite Lax BYPASS via method override
6:05
Jarno Timmermans
Рет қаралды 4,4 М.
CSRF - Lab #8 CSRF with broken Referer validation | Short Version
12:09