@@BarbieBat I have never tried it, and it would be so hard to pull off without taking down unauthorized assets if it's network-based. But if an app is vulnerable, say does not have rate limiting and runs on limited resources, yes maybe a bruteforce login or heavy file upload might do the trick
@@thehackerish yeah maybe, Or even check the code if it's vulnerable to sql already or not? OR even check where our uploaded file gets uploaded by lfi and fuzzing then we will be able to upload a shell?
The best🎉
what if we use the file we obtain from path travesal
Can you please make a video about DOS attack and how can we benefit from it
If it’s beneficial of course
@@BarbieBat I have never tried it, and it would be so hard to pull off without taking down unauthorized assets if it's network-based. But if an app is vulnerable, say does not have rate limiting and runs on limited resources, yes maybe a bruteforce login or heavy file upload might do the trick
Great content
How did you know you had to use a put request through curl?
I'm curious where you learned that
I learned linux commands in school and online, but that’s just a simple curl command
Thank you so much Boss
can you plz make videos about Account hijacking using dirty dancing in sign-in OAuth-flows adapted top us simple mortals
could we use lfi to access db files on /var/www/ ?
hmmm...that might work to get cleartext password for the phpmyadmin?
@@thehackerish yeah maybe, Or even check the code if it's vulnerable to sql already or not?
OR even check where our uploaded file gets uploaded by lfi and fuzzing then we will be able to upload a shell?
@@asaad0x great ideas, I guess reading the code will be the best approach to decide if it's vulnerable or not.
Great! Can't wait for your next video❤ and as always Great content and keep pushing 💖
Need Privilege escalation playlist 😂❤ THANK YOU ❤
I think I might group all privesc videos in one playlist
@@thehackerish good idea
❤❤❤❤😂🎉
❤