6 Videos for API to Shell

In this video, we explore the functionalities of the Api to Shell application, including actions like Register, Login, List of files, Retrieve a file, and Upload a file. We also demonstrate how to use curl with an HTTP proxy and Burp to interact with the API.

In this video, we delve into the differences between strict and loose comparisons in PHP. You'll learn how these comparison methods can yield different results when comparing integers and strings, and why understanding this distinction is crucial for secure coding.

In this module, we explore how to bypass digital signature checks by exploiting loose comparison vulnerabilities in web applications. We'll demonstrate how to manipulate request parameters to retrieve arbitrary files from the server.

In this video, we explore how to recover the source code of an application to perform a security audit and identify vulnerabilities. By retrieving and analyzing key files, we aim to achieve code execution on the server.

In this video, we delve into the process of conducting a code review on a PHP application. We uncover various aspects of the application's authentication mechanism, specifically focusing on tokenization and serialization vulnerabilities.

In this video, we explore the exploitation of PHP's unserialize function. By sending a malicious serialized object, we can create a file with arbitrary content on the server, leading to potential code execution.