- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Critical 9.8 Auth Bypass
Crush FTP is an enterprise-grade managed FTP server.
This year, they again hit a critical 9.8 auth bypass vulnerability.
In this video, we will analyze the vulnerability payload and create an exploit that will add an admin user to the server.
// Tags
#ethicalhacking #crushftp #CVE-2025-31161 #authbypass #exploitdev
// Chapters
0:00 - Intro
0:48 - Payload Analysis
1:51 - Reverse engineering Crush FTP
2:34 - Creating the exploit
3:39 - Triggering the vulnerability
5:14 - Creating the regular user
7:40 - Making the user admin
8:44 - Why CrushFTP are being targeted by attackers?
// Links
* NIST: https://nvd.nist.gov/vuln/detail/CVE-2025-31161
* Vulnerability Analysis: https://projectdiscovery.io/blog/crushftp-authentication-bypass
Видео Critical 9.8 Auth Bypass канала Hack the Clown
This year, they again hit a critical 9.8 auth bypass vulnerability.
In this video, we will analyze the vulnerability payload and create an exploit that will add an admin user to the server.
// Tags
#ethicalhacking #crushftp #CVE-2025-31161 #authbypass #exploitdev
// Chapters
0:00 - Intro
0:48 - Payload Analysis
1:51 - Reverse engineering Crush FTP
2:34 - Creating the exploit
3:39 - Triggering the vulnerability
5:14 - Creating the regular user
7:40 - Making the user admin
8:44 - Why CrushFTP are being targeted by attackers?
// Links
* NIST: https://nvd.nist.gov/vuln/detail/CVE-2025-31161
* Vulnerability Analysis: https://projectdiscovery.io/blog/crushftp-authentication-bypass
Видео Critical 9.8 Auth Bypass канала Hack the Clown
Комментарии отсутствуют
Информация о видео
11 октября 2025 г. 14:01:17
00:09:32
Другие видео канала
I Found the Perfect AI Workflow for Ethical Hacking
The Truth About DevSecOps Engineers
Everything is hidden, can we discover them?
How passwords are turned into secrets using PBKDF?
And it is satisfying ...
Hack The Box Cap (Easy)
3 ways every CTF player should know
Anatomy of a reverse shell #ethicalhacking #linux #firewall
Fast Priv Esc Cheatsheet for Pentesters
Cracking all sorts of passwords
A plugin that can callback to me ...
Hack the Box: Nocturnal
Confusing feature that makes It SAFER than other programming languages
Awesome Tools you NEVER heard before
Finding and Monitoring Someone’s Activity using Sherlock Tools
Intro to RSA
GOAD-Light OSCP Series: Jenkins Exploitation, Nishang, and Service Accounts
I asked Manus to create an exploit, here is what happened …
Linux Session Sniffer using eBPF
Sync and Backup method (Backy)
ShellCheck Saves You
