2021-10-26

[public] 6.42K views, 1.30K likes, 8.00 dislikes audio only

LiveOverflow

In this video we are exploring a theoretical security product that automagically encrypts user data securely. But it has a fundamental design flaw which can be exploited.

Challenge Files: https://github.com/LiveOverflow/ctf-cryptowaf

Walkthrough: https://www.youtube.com/watch?v=ZKrABs-N9wA

BugBountyReportsExplained: https://www.youtube.com/c/BugBountyReportsExplained

00:00 - Intro

01:33 - Background Story

02:55 - What is CryptoWAF?

04:16 - Implementing Encryption

05:06 - Encryption Challenges

06:59 - Implementing Decryption

07:02 - Design Flaw

08:26 - Exploiting the Design Flaw

09:06 - Leaking Database

10:04 - WAF Bypass

11:04 - Conclusion

12:07 - Outro

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Instagram: https://instagram.com/LiveOverflow/

→ Blog: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/