SSTI Complete Lab Breakdown: Server-side template injection with a custom exploit
Рет қаралды 6,025
Күн бұрын
@aaryan1143 10 ай бұрын
The explanation was so precise, I never even thought about generating an error at the File Upload section, thank you soo much!
@nishantdalvi9470 8 ай бұрын
Hey brother i just have a little doubt over here, Why didn't we simply tried copy pasting RCE payloads in the context to Twig from HackTricks in this lab as we did in all the previous labs ?
@ishajoshi4599 Жыл бұрын
Amazing series!!! You must make more walkthroughs like this, you were concise and clear and it made all the difference!
@7SeasSecurity Жыл бұрын
Really appreciate that Isha! We really do plan to make more videos for more of the Web Security Academy labs. We felt it was important to break these concepts down in a digestible format, but also practical enough to take away a working methodology on discovering cool vulnerabilities. Appreciate your time and glad to hear you’re enjoying the content!
@z1ro_zb 5 ай бұрын
great explanation!, you should make more portswigger videos🙌
@TheWorstGamerToLive 2 жыл бұрын
These videos are so helpful, I refer to them very often
@7SeasSecurity 2 жыл бұрын
That’s great to hear! I really appreciate you checking out the video!
@jaywandery9269 8 ай бұрын
This was a beautiful lab
@gopikanna_ 11 ай бұрын
Thanks man for the amazing explanations...♥
@ujsimrananees 11 ай бұрын
Brilliant work!
@acronproject Жыл бұрын
Very good. Thank you MR.
@cair0_ 2 жыл бұрын
that was 🔥
@7SeasSecurity Жыл бұрын
Thanks so much. I hope the video was helpful!
@mrvDn 2 жыл бұрын
amazing video man..
@7SeasSecurity 2 жыл бұрын
I really appreciate that! I hope it was helpful. More to come soon. Thanks so much for checking out the video!
@Aftab700 2 жыл бұрын
great work
@7SeasSecurity 2 жыл бұрын
Thank you! Hope it was helpful. Appreciate you checking out the video!
@nishantdalvi9470 8 ай бұрын
In the error message (which gets triggered when we try to upload non image file) we can see that "User->setAvatar" the class name 'User' itself is used in order to call the setAvatar method doesn't it makes the setAvatar a static method. If it is a static method how are we able to access it with the help of an object instance user.setAvatar?
@cair0_ 2 жыл бұрын
I can't see the live 😥
@7SeasSecurity 2 жыл бұрын
Thanks for the heads up! I have the vod saved so I’ll have to upload that and fix the link. Appreciate you! I’ll let you know when I fix that.
Seven Seas Security
Рет қаралды 15 М.
Seven Seas Security
Рет қаралды 4,7 М.
Seven Seas Security
Рет қаралды 9 М.
Seven Seas Security
Рет қаралды 4 М.