Real World Hacking Demo with OTW

This is a real world demonstration of the SQL Injection attack used in the recent MOVEit hack. This is real world – not just a simple SQL attack.

Big thank you to Juniper Networks for supporting the community and making training free. Go to https://juniper.net/davidbombal to get lots of training and also learn how to get certified for $50 (Associate Level).

// Mr Robot Playlist //
Mr Robot

// Proof of Concept //
Horizon3: https://www.horizon3.ai/moveit-transfer-cve-2023-34362-deep-dive-and-indicators-of-compromise/

// Occupy The Web social //
Twitter: https://twitter.com/three_cube

// OTW classes //
Hacker\’s Arise Pro Subscription:
https://www.hackers-arise.com/online-store/Member-PRO-p444073646?afmc=1d

Get 3 year\’s access to all live courses:
https://www.hackers-arise.com/online-store/Become-a-Hackers-Arise-Subscriber-3-years-of-training-p134507114?afmc=1d

// Occupy The Web books //
Linux Basics for Hackers: https://amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: https://amzn.to/3qCQbvh
Top Hacking Books you need to read: Top Hacking Books…

// Other books //
The Linux Command Line: https://amzn.to/3ihGP3j
How Linux Works: https://amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: https://amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: https://amzn.to/3dDUZN8

// Occupy The Web Website / Hackers Arise Website //
Website: https://www.hackers-arise.com/?afmc=1d
OTW Mr Robot series: https://www.hackers-arise.com/mr-robot

Want to learn more from Occupy the Web? You can join his classes using these links:
Hacker\’s Arise Pro Subscription\”
https://www.hackers-arise.com/online-store/Become-a-Hackers-Arise-Subscriber-3-years-of-training-p134507114?afmc=1d

Get 3 year\’s access to all live courses:
https://www.hackers-arise.com/online-store/Become-a-Hackers-Arise-Subscriber-3-years-of-training-p134507114?afmc=1d

// David\’s Social //

================
Connect with me:
================
Discord: http://discord.davidbombal.com
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

// MENU //
00:00 – Coming Up
00:55 – Juniper Free Training (Sponsored segment)
01:51 – OccupyTheWeb books and new books
03:57 – The MOVEit breach explained
05:20 – Clop website // Companies affected
08:52 – The two different vulnerabilities
10:26 – The truth about SQL Injection
12:21 – Using Shodan
14:05 – Proof of concept of the exploit
16:18 – SQL Injection example
20:35 – MOVEit hack analysis / How it was done
28:57 – CVE-2023-35708 SQL Injection vulnerability explained
30:36 – What is Taiwan Semi-Conductor (TSMC) and why they got hacked
31:01 – SQL Injection hack in the real world
32:45 – OccupyTheWeb online classes
33:46 – Union statement // Stacking queries demo
37:02 – Upcoming OccupyTheWeb courses and classes
39:50 – Conclusion

MOVEit
sql
sql injection
hack
hacking
hacker
pegasus
cybersecurity

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#hacking #cybersecurity #sql

subscribe
  • David Bombal

Search

Categories

Recent Posts

Hacking WordPress with Python in seconds (using Dark Web and Telegram data)
Real World Windows Pentest Tutorial (demos of Top 5 Active Directory hacks)
Your VPN won’t protect you 😱
The new AI Cyber Defense you need to know about
Next Gen Hackers protecting our world
Black Hat Bash: Bash Scripting for Hackers and Pentesters (Bonus: GraphQL and Drone hacking)
You ever seen these devices?
Demo of the NSA Hack that got Hacked (with OTW)
Mind Blowing 🤯 Reverse Shell Demo with DNS data bouncing exfiltration!
Mega Heavy Metal Networking (ft Jason Gooley)
Network Chuck Hacked YouTube! Learn how RIGHT NOW!!
AI just replaced us with Devin… seriously? Dr Chuck!
Cybersecurity Myths! (Vs Real World Experience)
Hackers remotely hack millions of cars!
Is your WiFi secure? (Don’t make these mistakes)
Flipper Zero vs “Proper” Hacking Tools
100 Million Attacks every 2 weeks! 😱
They shredded $2.5 million of Cisco Nexus equipment! People were so angry! There is a better way.
Top 10 FREE OSINT tools (with demos) for 2024 – And FREE OSINT course!
Top 5 Wireshark tricks to troubleshoot SLOW networks