What SECRETS are in your Clipboard?
Рет қаралды 92,048
Күн бұрынj-h.io/snyk || Snyk loves CTF challenges just like this for forensics and application security -- you can use Snyk to find vulnerabilities in your own projects FOR FREE ➡ j-h.io/snyk
00:00 - Clipboard Forensics
00:21 - The Setup
02:52 - Getting started
04:10 - Checking the data
05:15 - What next?
11:20 - Another way forward
13:07 - Viewing the DB
16:50 - Final Thoughts
🔥 KZbin ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
@samuelbruce8837 Жыл бұрын
Don't know why I chuckled when John with all his automation and shortcuts typed out "yes" to the y/n prompt for sqlitebrowser install
@Quephara Жыл бұрын
Finding this channel is the last thing everyone does before deciding against smart homes
@0_1_2 Жыл бұрын
Explain
@humanperson2325 Жыл бұрын
@@0_1_2 security
@lightwxrk Жыл бұрын
basic quality of life improvements is nice, but I would never trust smart home locks on your doors, which I have seen people do.
@UsernameXOXO Жыл бұрын
@@lightwxrk finding LPL is the last thing everyone does before deciding against locked doors, there's literally no difference; it takes skill to open either and a smashed window will always work better.
@hannahsmith6095 Жыл бұрын
@@0_1_2 That already defeats the purpose if needs explaining. If you are in this channel you already know it.
@AlucardNoir Жыл бұрын
I haven't used windows in around 5 years now, but when I did I spent so much time in the AppData directory I had actually forgotten it's supposed to be a hidden folder.
@itsawill9268 Жыл бұрын
Linux?
@AlucardNoir Жыл бұрын
@@itsawill9268 yeah. Thought about going Mac, but around that time it came out Apple had given Uighur data to the CCP.
@teo2157 11 ай бұрын
@@itsawill9268 TempleOS
@CattopyTheWeb Жыл бұрын
Very cool CTF. I didn't know this was possible. Thanks John!
@paulw3182 Жыл бұрын
The keyboard shortcuts trimming the data was great - excellent video!
@767corp Жыл бұрын
AppData that damn directory where all the game save files are hidden now days
@aircraftmen_ 11 ай бұрын
you unironically use youtube emojis??
@bot-hk Жыл бұрын
Amazing content quality, The video seemed way way more interactive since I last saw your video!! Kudossss!!!🎉
@jmdefault Жыл бұрын
I'm impressed, Microsoft is actually thorough for once. If you deativate the clipboard history the clipboard folder is completely gone and all the ClipboardPayload values in the database are NULL. I fully expected them to half-ass this again. The Payload values are still there however so an attacker could still find out where you copied data from.
@userhandler0tten351 Жыл бұрын
Thanks for the constant motivation John!
@cravenmoorehead5657 Жыл бұрын
I can’t keep up with these Hammond videos this dude Is fire
@adyp487 Жыл бұрын
Awesome! Just awesome John! As always! 👏👏💜😎
@ATLuh Жыл бұрын
Thanks John! Always cool to see stuff from inversecos
@CharlieG111 Жыл бұрын
Thanks John bro. I learnt so much from you. Wish one day we will meet 🎉
@Bchicken2 Жыл бұрын
Ayyy great to see chompie be credited!! 11:40
@matthewwallace5682 Жыл бұрын
Fantastic video. Thanks for sharing!
@JSRJS Жыл бұрын
great video John. Learn something everytime I watch one of your vids
@victorsolhof3576 Жыл бұрын
“Running strings on these things” 😂 i love your videos!
@Manavetri Жыл бұрын
Brilliant as always !!!
@local-admin Жыл бұрын
1:43 Not parentheses but “%” or percent signs
@andynn6691 Жыл бұрын
You can just paste the input into stdin of base64. No need to pipe it via echo. In bash you can also do
@BGM99 Жыл бұрын
Average Man Page Enjoyer
@vikingthedude 11 ай бұрын
How do you paste to stdin?
@thomyhr Жыл бұрын
This was really interesting. Thanks!
@robertofolikwei23 9 ай бұрын
Thank you John.
@andrecinelli Жыл бұрын
Thanks for the video.
@Gabbstah 10 ай бұрын
I've been looking for a video like this
@anthgodz Жыл бұрын
Love the vid❤
@burpsploit741 Жыл бұрын
We need more forensics videos
@johnathondupuis1301 Жыл бұрын
Awesome content in this video.
@TAPCybersec Жыл бұрын
Nice work! I came across a similar challenge not too long ago where the answer lied within the activities cache.
@kal_dev Жыл бұрын
😊😊thanks
@Junk-Junky Жыл бұрын
bro makes it look so easy
@ellerionsnow3340 Жыл бұрын
Do you have any videos on SIFT?
@shinrafahell Жыл бұрын
Awesome 😎
@mohammedissam3651 Жыл бұрын
Yeah this is really good topic
@noi7160 Жыл бұрын
good video!
@Pixailz Жыл бұрын
Hey john great video as always, i have learn so many tips in bash thanks to you, now it's my turn :) In bash, you can specify the depth of dir that are display with this variable PROMPT_DIRTRIM like PROMPT_DIRTRIM=2 will trim your prompt from ~/Documents/dir1/dir2 to ~/.../dir1/dir2
@bhagyalakshmi1053 Жыл бұрын
Going bad boys.
@briansciretti-informatica6721 Жыл бұрын
Will we be able to try these challenges or the files aren't going to be released?
@Dahlah.FightMe Жыл бұрын
Nice :D
@animalkillerable Жыл бұрын
Nice
@U20E0 10 ай бұрын
It’s interesting that even though MacOS keeps clipboard history ( only in RAM though, i think ), and provides an API to access it, no built-in software actually uses it.
@ExCyberino Жыл бұрын
Your VM is so fast, what hypervisor are you using on windows? I always experience so much lag even if a allocate almost all my host resources.
@arjix8738 Жыл бұрын
Allocating all your host resources to a VM is bad.
@ExCyberino Жыл бұрын
@@arjix8738 sure
@EricSchmeling Жыл бұрын
Clippy is ‘cheesy’? How dare you sir?!?! 😂
@Fidumo Жыл бұрын
yeah, Clippy is Clippy, not Cheesy!
@PancakeByte Жыл бұрын
After the video, I realize that skills takes time. well it really is. its time to practice lol
@DancePants2012b Жыл бұрын
my Clipboard is in my Clipboard
@im_typ0563 Жыл бұрын
Please do more challenges that you don’t do beforehand
@bhagyalakshmi1053 Жыл бұрын
What is dpapi
@monthoramemi1937 Жыл бұрын
❤❤
@motbus3 Жыл бұрын
It seems Mr hammand has been playing some diablo 4
@nordgaren2358 Жыл бұрын
Where do you see that?
@9rye Жыл бұрын
@@nordgaren2358 Most likely when he showcases his %APPDATA%/Local folder. 1:57
@nordgaren2358 Жыл бұрын
@@9rye I don't see Battle.net or Diablo 4 in there, though.
@tyrojames9937 Жыл бұрын
Que The Decrypting Tools.
@saucymoon7134 Жыл бұрын
how do you get your hair to bounce like that. cute
@Bafflementation Жыл бұрын
Hmm, I'm pretty sure most SIFT VMs I've seen came with SQLite.
@PeterAdiSaputro Жыл бұрын
I don't find Clipboard folder on my Windows system
@ciaobello1261 Жыл бұрын
❤❤💪💪
@xxlarrytfvwxx9531 Жыл бұрын
I always run `type nul | clip` when I'm in public.
@JamesTDG Жыл бұрын
If someone did this to me, they'd regret looking at how many times I do Ctrl c, Ctrl v in my art...
@geodebreaker Жыл бұрын
1:41 do you mean percent symbols?
@_JohnHammond Жыл бұрын
Yes :)
@stevelp Жыл бұрын
@1:39, 2 percentage signs, not parentheses.
@kipchickensout Жыл бұрын
1:40 those aren't parentheses and you can just as well type that into the start menu :D
@CharlieG111 Жыл бұрын
First comment for you ☝️
@JohnPaulBuce Жыл бұрын
seeing a popup that says "allow access to clipboard" scares me now
@LocaLGh0sT Жыл бұрын
Man, Windows is so flimsy.
@bhagyalakshmi1053 Жыл бұрын
Main detecting persons also here other mind attack other mind to for controlling brain to attack print to work brain attack analysing for you brain to process cutting
@tomr6955 Жыл бұрын
These are NOT parentheses: %
@RunicSigils Жыл бұрын
Considering everything I copy and paste are comments (especially if I'm leaving a long one I prefer to see it all written out before actually posting), links, and screenshots of things online, there would be nothing secret there.
@bhagyalakshmi1053 Жыл бұрын
Saving work real get go language in get command for you object work headel application and tools, skills lod balance attending.
@tilakmadichettitheappdeveloper Жыл бұрын
Why ask "uncle Google" instead of chat gpt ?
@officialchristophersmn Жыл бұрын
SOON I WILL BE AN EXPECT IN ETHICAL HACKING
@rob-890 Жыл бұрын
But not in spelling 😅
@officialchristophersmn Жыл бұрын
@@rob-890 I think you can be my good friend 😀
@767corp Жыл бұрын
@@rob-890 Let the kid dream !
@CattopyTheWeb Жыл бұрын
@@rob-890 lol 🤣
@bhagyalakshmi1053 Жыл бұрын
Concurrent? What is rust,git comments skills tools elements server files lod comments balance attending hacking.
@bhagyalakshmi1053 Жыл бұрын
Not andsting
@RandomGeometryDashStuff Жыл бұрын
05:47 you don't need to export PS1
@MrBledi Жыл бұрын
i hope this is patched already
@xikes Жыл бұрын
As a GUI user, watching someone navigating folders via command line and then alt-tab to some other normal GUI app just seems stupid. Unless you have a valid reason for not using a GUI, this is just pretentious and stupid. You are not appearing more smart or clever just by typing bunch of cd and ls.
@MuigiTheModder Жыл бұрын
Linux does not have ALT+TAB than windows does, and his type he can navigate folders terminal if he wants.
@DamienWillis-pu9bm 9 ай бұрын
Dude he is just using Linux a very common way. You saying that you must do your way or the high way is clearly a sign that you hardly care about the community.
@MangoMousse888 Жыл бұрын
Seems easier to just ring the NSA and ask if you could get some your unconstitutionally aquired data back if the form of your clipboard history, in this case. 😂😂😂
@cougar-town Жыл бұрын
the cloud_id means the clipboard data is being stored by some government that collects all the meta data is my assumption.
@1stAshaMan Жыл бұрын
Probably referring to OneDrive
@impoppy9145 Жыл бұрын
Clipboard can be synced across devices in Windows. The option is called Clipboard Cloud Sync i think
@bhagyalakshmi1053 Жыл бұрын
Assembly code file's get comment,biycod ujeing alrebm
Low Level Learning
Рет қаралды 1,2 МЛН
John Hammond
Рет қаралды 136 М.