Watch Me Hack This Website In 8 Minutes

追加: 2026-05-05

[00:00:00]Hello everybody and welcome back to the brand new Daddy Overflow video. My name is Daddy Overflow and if you're new here, which by the way I can see through this game. This is getting old straight up. Sorry.

[00:00:12]Click the subscribe button, please.

[00:00:13]We're so close to hitting 60k. Please hit the subscribe button. I teach you about cybersecurity in general.

[00:00:22]>> [laughter] >> What the [ __ ] was that?

[00:00:24]Anyways, if you're new here, please subscribe and like today's video.

[00:00:28]Today's video will be about a vulnerability I found actually 3 days ago and for it I have already been paid.

[00:00:35]So, in the comments make sure to try to guess it and whoever guesses it correctly, I will pin your comment and to basically give you some clues, I will be answering every single comment and telling hot or cold depending on if you're close or further from it. So, basically yeah, I've nothing too much to say. Let's actually go with the video.

[00:00:54]So, I know you're already interested and want to see what the vulnerability is.

[00:00:57]So, basically after I show you, you can then go ahead and guess it. But, firstly you have to see what it is to basically get a good and I mean a good understanding of it before you even guess it. And also, first person to guess it will be featured in the next video. Just saying. So, let's go. So, first and foremost, this website has a login page and there's also the register page and yeah, everything has been made with AI just before this video. So, don't ask me how I made this. So, there is the register. We have username and we have the password. So, we can basically register here and everything else will work fine. As you can see, registration has been successful. Please log in. And then we act basically can log back into our account. We can click login and there we go. We're basically sent to the dashboard. We can see welcome victim. We can also click log out and everything pretty much works the same. Now, one fact, I actually thought I basically teach this exact vulnerability in my course. You should check it out.

[00:01:54]Uh it's based on real techniques as well. But, this website is actually a bit different because a lot of people teach you about issues on fake websites and I have to do it because I have to sign an NDA which is called which is basically known also as a non-disclosure agreement. So, I can't really tell you what the website is or show anything about it. I asked, they disagreed or basically declined politely. So, I have to show you this.

[00:02:17]But, in my course I teach you basically everything on real websites. Not anything like basic, actual stuff. So, check it out. It is in the description.

[00:02:25]I'm just saying. So, after we've been logged out, we can log in, register or whatever. So, one of the things once I landed on this webpage is basically to check out whether we can reach the robots.txt and I clicked enter. And would you look at that? We could. There was /admin and basically we also I bit for some odd reason this was also included in the robots.txt and I was like, what the actual, you know, is this? So, I was like, I have to see what it is. So, I basically copied and pasted it into the URL. I clicked enter and nothing happened.

[00:03:07]I was extremely sad at that point. So, I was like, what can I do? So, basically I knew that this was a directory and then here was the actual DB. So, I had to find that database. But, how exactly could we do that? And also, if I did end up finding the database, what actually how useful is it? Because mostly I believed that passwords are going to be hashed. So, even if I get the passwords, they're hashed. I don't know the actual password. So, yeah. So, I basically started digging around and I set it up in a Burp Suite which is a tool basically to brute force this.

[00:03:43]Unfortunately, I had to use it. So, brute force basically the name of the database. So, I had a big big huge dictionary of names and one of which was users.db which weirdly enough when I clicked enter downloaded me a database. So, wow. I was like, what the hell was happening? But, basically there it was. It was right in front of me. So, I was like, interesting. But, I need to see this.

[00:04:09]How exactly am I going to see this?

[00:04:11]So, quick little Google search led to the online database viewer and I saw that this was an SQLite viewer basically a web application viewer. So, I basically had to open this file and when I opened it, I saw all the users registered and just like I suspected or expected, the whole password was a big hash. Look at that. So, it was a SHA256 or SHA256, I don't even know what to call it. But, basically it's encrypted.

[00:04:42]Not encrypted, sorry. It was hashed. So, that's a problem. I was like, I have to basically brute force the passwords then offline. Still a big vulnerability for everything beginning this closed. But, nothing really of value was here. So, I actually saw another table within this database which was called sessions and I was like, and I clicked on it and I was like, what the hell is this? So, this is the user ID of the session. This is the IP address of the session. There is the user agent, created at and when it expires. And I was like, interesting. Look at that. That's a session. So, if I go back here and if I open the inspect element and I go to network and I hit refresh, you can see basically that this is a doc request.

[00:05:29]And if you go over here to the cookies, you can see that there is a session cookie which Sorry. [laughter] Oddly resembles it ends with EAF and starts with 34C.

[00:05:41]34CEAF. So, I was like, that's my session, isn't it? And of course I didn't find it like that. I had to copy my own session and go back here to search. But, in the end I found it and I was like, very well. Can I do this? So, my first instinct was to go into the incognito tab.

[00:06:01]Go to the website. So, HTTP So, go to the localhost and at the login, I was going to go to inspect, go to console and basically had to just do this. I will go back here. I will have to I have to copy this. So, I would copy that from the database, go back to the login on the incognito tab and basically say document.cookie is equal into So, sessionid_ paste that. Oops, there is a gap here.

[00:06:32]And then we would put basically something like path equals that. So, nothing too crazy and I would hit enter.

[00:06:38]I would go here to now dashboard. And would you look at that? If I click enter, wow, I'm logged in. So, I forcefully logged myself in. And how big of a vulnerability is this? Huge. An enormous vulnerability. You can automate this to access every single account because you have sessions for every single account and that becomes a problem. This was like a big hugely leak. But, I have to tell you one thing. This was a big big big vulnerability. But, when you're guessing what amount was this rewarded or which amount was rewarded to me? Well, I have to tell you it's not as big as you might think for some reason because this program cannot offer more than what they initially set on the program. So, unfortunately I did not earn as much as you might hope for like 10 grand or 20 grand. But, still a reasonable amount. So, I'm just telling you that before you even start guessing.

[00:07:41]And oh, by the way, if you want to maybe like learn game hacking and basically make clips like these you can see on the screen then I have a course for you.

[00:07:48]Also, it has example cheats. It is also in the description. So, yeah. Thank you so much for watching this actual crazy video. It was a very and I mean very interesting to say the least and I hope you actually guess correctly. So, stay safe, stay responsible and as always, peace.