Golang For Hackers: LDAP Injector - Episode 01

IppSec · Beginner ·🛡️ AI Safety & Ethics ·1y ago

Skills: Security Basics80%AI Security60%Defensive AI60%

Episode 2 Dependency Injection: https://youtu.be/BhLpqRev80s 00:00 - Introduction 01:30 - Going over LDAP Injection, showing we can log in with a wild card for username and password 02:27 - Showing the request in BurpSuite, going over how we can enumerate data via Boolean Injection and wild card behavior 06:43 - Quickly going over Binary Search/Divide and Conquer, unfortunately, we cannot use it, but good to know for other Boolean Injections 08:45 - Start of creating our program, creating a TestPassword function, so we can replicate what we did in BurpSuite 16:15 - Creating a function that generates a lower alpha-numeric character set for us to use 20:40 - Starting the Bruteforce Logic, making a function that will bruteforce a single character 24:30 - Making the Bruteforce function, which will bruteforce each character of the password 26:30 - Talking about an optimization we can do and how many requests each method of bruteforce would do 29:07 - Creating the Prune Charset function, which will reduce our charset to only those that are in the password 32:13 - Going over each function, cleaning up some if/then statements

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Security Basics

View skill →

HackTheBox - Analytics

HackTheBox - Analytics

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

Amazon Web Services

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Configure and Deploy AWS Client VPN

Configure and Deploy AWS Client VPN

Related AI Lessons

The Coded Human or Artificial Intelligence? And Does Artificial Intelligence Have a God?

Explore the intersection of AI and philosophy, examining if AI has a god and what it means for human understanding

De técnico de redes a Red Teamer: la IA como ventaja competitiva en ciberseguridad

Learn how to leverage AI as a competitive advantage in cybersecurity, transitioning from a network technician to a Red Teamer

De técnico de redes a Red Teamer: la IA como ventaja competitiva en ciberseguridad

Learn how to leverage AI as a competitive advantage in cybersecurity to transition from a network technician to a Red Teamer

Medium · Python

De técnico de redes a Red Teamer: la IA como ventaja competitiva en ciberseguridad

Learn how to leverage AI as a competitive advantage in cybersecurity to transition from a network technician to a Red Teamer

Medium · Cybersecurity

Chapters (11)

Introduction

1:30 Going over LDAP Injection, showing we can log in with a wild card for username

2:27 Showing the request in BurpSuite, going over how we can enumerate data via Boo

6:43 Quickly going over Binary Search/Divide and Conquer, unfortunately, we cannot

8:45 Start of creating our program, creating a TestPassword function, so we can rep

16:15 Creating a function that generates a lower alpha-numeric character set for us

20:40 Starting the Bruteforce Logic, making a function that will bruteforce a single

24:30 Making the Bruteforce function, which will bruteforce each character of the pa

26:30 Talking about an optimization we can do and how many requests each method of b

29:07 Creating the Prune Charset function, which will reduce our charset to only tho

32:13 Going over each function, cleaning up some if/then statements

AI Management Essentials: Integrating ISO 42001 & ISO 23894