For the past 2 AoCs, your videos have been the best. You add a ton of value to the lessons they provide, thanks for going in depth and thanks for making these walkthroughs.
@Tib3rius10 күн бұрын
Thanks! Appreciate the kind words.
@DaniSpeh11 күн бұрын
And again Tib3rius explained the topic exceptionally well, going above and beyond by not just covering the basics but also diving into the 'why' and 'how' behind it. His videos are always so informative, and the streams are especially great for learning. Keep up the amazing work!
@Tib3rius11 күн бұрын
Thank you!
@Jussi-s5n5 күн бұрын
Incredible clarity and simplicity in your teaching, yet packed with detailed information on all the essentials. Thank you for this. I'll definitely check out what other content you've created!
@Tib3rius4 күн бұрын
Thanks, hope you enjoy!
@santhoshurs82134 күн бұрын
No other youtuber had explained any task like u did.. understood every small details.. very well explained.
@Tib3rius4 күн бұрын
Thanks! Always enjoy doing these walkthroughs!
@Ox8jOrn4r8Or932 күн бұрын
Great walkthrough Tib3rius. Keep up the good work!
@Tib3rius2 күн бұрын
Thank you!
@c0ri11 күн бұрын
Nice to see you doing one of these Tib3rius! I've been following your walkthroughs for a few years now. You always go the extra mile and explain all the details.
@Tib3rius11 күн бұрын
Thank you!
@T-Rex07119 күн бұрын
I'm so glad I watched this video in addition to reading the room. Your explanation of last byre sync with wireshark was great
@Tib3rius9 күн бұрын
Glad it helped!
@vixytech_cybersecurity11 күн бұрын
I enjoyed every byte of this video. Well-done and Thank you. Well explained.
@Tib3rius11 күн бұрын
Thank you!
@KaungKhant-yz8nd10 күн бұрын
This walkthrough is special.... I couldn't help to close my mouth wondering every details your are explaining.. Thank you
@Tib3rius10 күн бұрын
Thank you!
@WhiteHat-133718 сағат бұрын
Masterpiece! I need to re-watch it... Thank you!
@Tib3rius18 сағат бұрын
Thank you for watching!
@camerawman11 күн бұрын
Saved some time by going through this walkthrough . Thanks for this
@Tib3rius10 күн бұрын
You're welcome!
@monsolympus7823Күн бұрын
This is a top tier video.
@Tib3rius19 сағат бұрын
Appreciate the kind words!
@wassimmariamable11 күн бұрын
Thank you for that. I just learnt something very new to me. Well done Tib3rius. Do you have any videos on Burpe Suite?
@Tib3rius6 күн бұрын
I have a web app hacking playlist that contains a few videos on Burp! kzbin.info/www/bejne/g5OUmayciruSorc But also check out my live streams, we use Burp a lot. I stream most Mondays and Wednesdays, and you can find the recorded streams on the Live tab of my channel!
@madara556552 күн бұрын
amazing walkthrough
@Tib3rius2 күн бұрын
Thank you!
@gamehacks58144 күн бұрын
you are better than these other plebs, best walktrough!
@lynettestevenson640611 күн бұрын
Thanks! I loved the additional information, like showing us Wireshark as well.🙂
@Tib3rius11 күн бұрын
Thanks! Glad you enjoyed!
@KumManish11 күн бұрын
Ah thanks Man ! Your videos are always with a superb quality 🐳
@Tib3rius11 күн бұрын
Thank you! Love making them for y'all!
@mohammadhosein777 күн бұрын
Thank you so much for amazing contenet!
@Tib3rius7 күн бұрын
Glad you enjoy it!
@Dr4hcir10 күн бұрын
Very informative video. Great work, thanks!
@Tib3rius10 күн бұрын
Thank you!
@sridharjayadavan797911 күн бұрын
Hi, Your explanation is awesome and i could able to understand the last byte syn. Thank you.
@Tib3rius11 күн бұрын
Glad to hear it!
@Lahmikhara11 күн бұрын
While the challenge was pretty easy, even for a beginner like me. This video really added a lot of value. I loved how you went into detail explaining how this attack works. Thank you
@Tib3rius11 күн бұрын
Thanks!
@alienboy6892 күн бұрын
First time I've really had Burp explained so well 🐥
@Tib3rius2 күн бұрын
Thank you! 🙏
@faheema46026 күн бұрын
Sort of up, above & around then scroll down 😂 Last-Byte Syn Attack Explanation 👌
@Tib3rius6 күн бұрын
If there's a feature which temporarily disables the changing highlighting, I wanna know about it. 😅
@TheRealVegapunk11 күн бұрын
Yippie!! It's Tib3rius day 😃
@Tib3rius11 күн бұрын
🥳
@PeteShearer11 күн бұрын
I don't know how to react to Tib3rius videos when I don't get to watch a marble race before the meat of the video 😆 Thanks for giving back and sharing your knowledge with everyone.
@Tib3rius11 күн бұрын
🤣 we will do marble racing on the next stream for sure!
@zigaudi11 күн бұрын
Great video and explaination.
@Tib3rius11 күн бұрын
Thanks!
@salmakhaled5002 күн бұрын
amazing explanation appreciate it
@Tib3rius2 күн бұрын
Thanks!
@atharvavlogs144611 күн бұрын
Awesome video.
@Tib3rius10 күн бұрын
Thank you!
@dawiddym238711 күн бұрын
oh yeah Tib3rius the Goat :D
@Tib3rius11 күн бұрын
🥹
@JohsonClint9 күн бұрын
this a lots of information
@lukerzonca57549 күн бұрын
How would you go about getting code to determine if a race condition is possible on a real web app? I know it's provided here to help learn, but is it just a guess and hope it works in a real world scenario, or are there more effective ways to see what the code is doing?
@Tib3rius9 күн бұрын
Great question! Yeah, on a real engagement you are unlikely to have access. It's more about noticing the potential for race conditions in functionality and setting up the conditions where an attack might work, then testing to see if it does.
@shivamnaik785710 күн бұрын
Hi what does:Where balances shift and numbers soar, look for an entry - an open door! mean? what should we look for?
@Zdenon13311 күн бұрын
There is an issue with last task (glitch account). When I duplicated the tab from the previous task and swapped the cookie session, account number and amount for proper values, the Balance went to 0, but no flag was provided.
@Tib3rius11 күн бұрын
I would go join the TryHackMe discord where someone from support should be able to help. Alternatively try resetting the box and trying the attack again with the actual request instead of swapping out values etc.
@Zdenon13311 күн бұрын
@@Tib3rius Thanks! I wanted to check if it was actually possible. If I were to provide a higher value than 2000 and go below 0, the flag might appear. Unfortunately, in this scenario, I'm also unable to duplicate requests, as the balance cannot process more transactions when it is 0. :D
@Tib3rius11 күн бұрын
Ah I understand what you mean now. Yes, if the balance is at $0 before you start the last-byte-sync attack, it won't work. This is due to a check in the code (see the code review section in the video). If the balance is > $0 however, the attack should be successful!
@Zdenon13311 күн бұрын
@@Tib3rius Ohhh... I think i should get a new pair of glasses :D "over" 2000 :D well nvm then :D Thanks !
@mecyber631611 күн бұрын
in the task is says send OVER 2000$. and i did as told to do and me end up not getting the flag. how to refund glitch account?
@Tib3rius6 күн бұрын
You can't refund the account as far as I'm aware. You need to reset the machine. I believe to trigger the flag you need to use the exploit like I did in the video. You probably need to make the end balance -$2000 or something.
@newfaith91211 күн бұрын
Great it does not work for me. Luckly devs that made code dont check if i transfer 1000 than 2000 so it goes to negative anyway. Cheese way to get flag but i just cant replicate attack. It does 10 requests i get 10 response and only first gets processed. Did same with attackbox and it worked. Now i have even less clue why it didnt work on my personal vm.
@Tib3rius11 күн бұрын
Weird! Yeah not sure why it won't work on your personal VM. Interesting cheese, I thought the code did prevent that, but maybe I misread it. 🤔
@heybevis0111 күн бұрын
Aww you gotta give him that TOCTOU
@Tib3rius7 күн бұрын
Can I steal this for a sticker? 🙏🥹
@digvijaynetke980511 күн бұрын
turbo intruder not installing
@Tib3rius11 күн бұрын
Can you access the Internet from the Attack Box? If you aren't subscribed to TryHackMe I think the Attack Box is limited. Not sure if the same is true for AoC though.
@eliyartursun11 күн бұрын
Try "Last-Byte Sync in Action!" It is fast and better with the grouping, and it will help you find the flag.
@Tib3rius11 күн бұрын
@@eliyartursun in the video I compare last byte sync to Turbo Intruder. I think they are trying to replicate that.
@MannerStyles7 күн бұрын
liked/subbed/followed/incredible
@Tib3rius7 күн бұрын
Thank you!
@Zelousfear11 күн бұрын
Thoughts
@Tib3rius11 күн бұрын
Thank you for following instructions. 👍
@JosiahAyogu8 күн бұрын
Wow😮
@nikkirawal382211 күн бұрын
Im the first Thnx for the Video 👍🥰
@Tib3rius11 күн бұрын
You're very welcome! Hope you're enjoying the event!