Evading Filters to Dump Databases (like a hacker)

Поділитися
Вставка
  • Опубліковано 23 гру 2024

КОМЕНТАРІ • 77

  • @shinedits4751
    @shinedits4751 Рік тому +11

    I love it when you also tell us what each command means and how to use keyboard shortcuts.

  • @Counterhackingsafe
    @Counterhackingsafe Рік тому +15

    Wow, watching you dive into the world of hacking and database dumping is both fascinating and nerve-wracking at the same time! Your expertise is truly impressive, and I appreciate the way you break things down for us mere mortals to understand. As someone who is always looking to expand their knowledge in the field, your videos are a must-watch. Keep up the great work, John!

  • @Lampe2020
    @Lampe2020 Рік тому +47

    You could also have injected the single-quote using a tilde because it's later replaced with a single-quote.

    • @sepgh2216
      @sepgh2216 Рік тому +6

      Exactly why I came to the comment section

    • @trueperson-o2z
      @trueperson-o2z Рік тому +2

      Thank you!

    • @bart-i8k
      @bart-i8k Рік тому +2

      ascii85 does not support the ~ character IIRC

  • @mr_limemodz1506
    @mr_limemodz1506 Рік тому +36

    Always a good day when you get a John Hammond notification

  • @Photodeus
    @Photodeus Рік тому +12

    My initial thought was to use a tilde instead of a single quote character in the injected data because all tildes will just end up being converted into a single quote on line 17.

  • @khaelkugler
    @khaelkugler Рік тому +1

    That comment left by "Gamerboy80" might actually be a reference to a UA-camr by the same name - gamerboy80. He's a somewhat popular minecraft youtuber, known for his bedwars. I wonder if he was put in on purpose, or it was a coincidence.

  • @donttrusttheape
    @donttrusttheape Рік тому +10

    And now tell me that a hacker don't have to be a programmer... Awesome stuff!

    • @MygenteTV
      @MygenteTV Рік тому +7

      This is exactly what I said. Whoever say programming isn't important is just lying because they cant programm themselves

    • @heribertojuarez6046
      @heribertojuarez6046 Рік тому +3

      Only a script kiddie would say that

  • @Lampe2020
    @Lampe2020 Рік тому +3

    24:40 I think Python3 is enough for now, we don't need Python4 yet...

  • @Kasalop
    @Kasalop Рік тому

    If /* is banned, but you are able to inject single quotes you can do that without multiline comments or spaces: 'or'1'='1'-- . The single quotes work as spacer between the tokens too.

  • @dougmoore5823
    @dougmoore5823 Рік тому +2

    knowing that the decode function replaces a ~ with a /' could you have just injected your command as ~ or 1=1 --?

    • @brighthades5968
      @brighthades5968 Рік тому

      Maybe ascii85 doesn’t have ‘~’ or doesn’t allow it at the beginning something like that
      That could be true because ‘~’ is the last printable ASCII character

  • @skullandpwnz6053
    @skullandpwnz6053 Рік тому +2

    This is 100, Im studying for OSCP do you have pre-oscp guide playlist?

  • @freedomsyr900
    @freedomsyr900 Рік тому

    I think you could also have replaced the backslashes in your query with a tilde and you will get a single quote at the end because every tilde is being replaced by a single quote in that function.

  • @eirikeiken
    @eirikeiken Рік тому

    The python multi-line comment trick was really clever!

  • @hm-jr4ok
    @hm-jr4ok Рік тому

    Really enjoy the watching the video,
    Good work!

  • @AwestruckBullet
    @AwestruckBullet Рік тому +1

    What is eye-nit? Eye-nitialisation?

  • @lfcbpro
    @lfcbpro Рік тому +2

    In real life, how would you go about getting the source code?
    I imagine it would be protected behind security, which, if you could break that security you would have access to the full database anyway and basically access to the whole website?

    • @codeman99-dev
      @codeman99-dev Рік тому +6

      You'd be surprised how often an entire website is available on github.

    • @heribertojuarez6046
      @heribertojuarez6046 Рік тому +3

      Maybe you were able to download the code and the security team kicked you out of their server before you got the db.
      Or you could have hacked the dev and now you want to go further by getting the production db

    • @y.vinitsky6452
      @y.vinitsky6452 Рік тому +1

      There are a lot of projects that use databases. Many are open source.
      SQLite is also often installed as part of a larger program a user (like an accountant) has access to, but shouldn't have access to the whole database, just least privilege. The program should run parametrized statements and only return data the user should have access to.
      A point John did not go over here, because it was not the topic of the video, is the importance of encrypting any sensitive data. Just in case someone does dump the database.

  • @l15t3nr
    @l15t3nr Рік тому

    I'm finally getting to a point in my understanding of python to be able to follow this

  • @andras4420
    @andras4420 Рік тому +3

    Hello John. Which CTF-website is this?

    • @garysong8342
      @garysong8342 Рік тому +2

      This is from Lactf, challenges will be taken down soon

    • @_JohnHammond
      @_JohnHammond  Рік тому +7

      This is LACTF, some of their challenges are still up and available for the week, but the game finished last weekend :)

    • @therealb888
      @therealb888 Рік тому

      @@_JohnHammond thanks for the mention. On an unrelated side note, I see a major lack of pentesting, auditing/code analysis of opensource projects. There is almost a blind belief in opensource security & safety. Android custom roms & foss apps are the my biggest concern. Most don't patch on time, don't adhere to android CDD security spec, etc. There's fast growing user base of these & it's promoters too focused on opensource = private idea. We need a reputed, unbiased, 3rd party without any conflicts of interest.
      Would you be up for a challenge to test the most popular android ROMs, repos & apps like graphene os, fdroid, microg, aurora store etc? Test if they have backdoors, vulnerabilities, malware, their security practices, or whatever.
      You may be the first youtuber to do these tests!.

  • @therealb888
    @therealb888 Рік тому +3

    Your practical run throughs super helpful and well explained. Do you do a single take on the fly or are there multiple takes?.
    Even someone brain dead like me can follow it 😅. Thanks man.

  • @Crysisfan1000
    @Crysisfan1000 Рік тому +10

    Yet another amazing video. I'd seriously pay for some private lessons by you 😂

  • @philadams9254
    @philadams9254 Рік тому

    What's the lesson here? Don't reinvent the sanitization function wheel?

  • @winters0x64
    @winters0x64 Рік тому

    Dang , Nice vid , LA ctf was awesome !

  • @ihorkovryhin1767
    @ihorkovryhin1767 Рік тому

    Why don't we just replace injectable query with parameterized like all other? Another question is about hash %).

  • @nickjohnson410
    @nickjohnson410 Рік тому

    5:50
    Lysdexics of the World Untie!!

  • @davidrico5873
    @davidrico5873 Рік тому

    Hello John,
    Today I found out that you will be at Rootedcon in Madrid (Spain) what great news
    I look forward to greeting you in person and having a few beers at the booth of my company that is a diamond sponsor of the conference
    You are a total crack, total pro!
    Keep it up dude! How much you help us!
    The conference says that it is in Spanish lol, is that right?
    BR

  • @nicenoob4663
    @nicenoob4663 Рік тому +1

    Much appreciate for sharing us and teaching us always sir

  • @Bobtb
    @Bobtb Рік тому

    You make it look so easy!

  • @ir4640
    @ir4640 Рік тому

    What ctf is that?

  • @fdert
    @fdert Рік тому

    Thanks for this showcase!

  • @asdfasddfs5484
    @asdfasddfs5484 Рік тому

    Awsome video, thanks john

  • @Tro79xD
    @Tro79xD Рік тому

    Very good video! Thanks

  • @MrTeinnorHD
    @MrTeinnorHD Рік тому

    Hello, do you think you could analyse a video game cheat?

  • @divyamrajput9594
    @divyamrajput9594 Рік тому

    Bro make a video on how to decompile latest marshal bytecodes of python3.9,3.10,3.11

  • @AsdZxc-sj9sd
    @AsdZxc-sj9sd Рік тому

    Never ever John lets you down

  • @michaelvoznyanski6815
    @michaelvoznyanski6815 Рік тому +1

    I think in the real world you just ban direct concatenation instead of using filters. Am I not right?

  • @subh0x
    @subh0x Рік тому

    Excellent

  • @0xspSRD
    @0xspSRD Рік тому

    Gj !, just wondering, why you didn't start your own online academy courses, i will definitely purchase

  • @HTWwpzIuqaObMt
    @HTWwpzIuqaObMt Рік тому +1

    Great vid as always john

    • @ulyssesfister3735
      @ulyssesfister3735 Рік тому +2

      How could you know? You commented the minute it was published. (It was good though good job John).

  • @09NwEdG
    @09NwEdG Рік тому

    Keep going ✅

  • @viv_2489
    @viv_2489 Рік тому

    Always great quality content... Love these.. specially my favourite SQL injection ones 👌

  • @AJXD2
    @AJXD2 Рік тому +1

    9:02 MR BEAST

    • @ethisfreedom
      @ethisfreedom Рік тому

      i can’t stop laughing seriously😂

  • @muffies
    @muffies Рік тому

    gamerboy80 the bw player let's go :D

  • @klickspeur4342
    @klickspeur4342 Рік тому +1

    ❤❤❤

  • @TheMeq
    @TheMeq Рік тому +1

    Just so you know, unless i'm missing some inside joke, It's not pronounced inet... it's pronounced innit. Like in initialise.

  • @sortof3337
    @sortof3337 Рік тому

    John Hammod:: like the scientist from the jurassic parc. ha ha

  • @duncan3144
    @duncan3144 Рік тому

    sql injection perhaps.

  • @anthonythe_berserker6968
    @anthonythe_berserker6968 Рік тому

    👊💪💪💪

  • @OligoST
    @OligoST Рік тому +1

    I’m Gamerboy80

  • @cabg7
    @cabg7 Рік тому +1

    you look like justin roiland

  • @lilv728
    @lilv728 Рік тому

    John, this is the grammar and pronunciation police. You may not have seen my previous comment, but this is strike two. I have now sited you for not only pronouncing tuple "toople" but also pronouncing init "ine-it". I mean, come on, it literally stands for initialize. You're gonna give me an aneurysm, lol.

  • @itaybarok9405
    @itaybarok9405 Рік тому

    3rd

  • @jarrah1226
    @jarrah1226 Рік тому

    1st!

  • @gangsterism
    @gangsterism Рік тому

    62nd

  • @itaybarok9405
    @itaybarok9405 Рік тому

    2nd comment

  • @itaybarok9405
    @itaybarok9405 Рік тому

    1st like

  • @randomgaminginfullhd7347
    @randomgaminginfullhd7347 Рік тому +1

    I don't get why people watch this guy. He goes on a lot of rants but never ends up 'cracking the code' when analyzing the code of those hackers. Essentially, he doesn't know anything. Waste of time.

  • @MygenteTV
    @MygenteTV Рік тому +2

    This video is the pure example that you can't be a penetration tester if you don't know how to code. You have stupid people trying to convince others not to learn how to code so they don't feel alone.
    If you know how to code 99% of the time you will get a bug. You can't find bugs if you don't know how to spot a vuln on a source code