Data Exfiltration Techniques Using HTTP & HTTPS | TryHackMe
An overview of data exfiltration methods leveraging HTTP and HTTPS protocols, aligned with TryHackMe exercises and cybersecurity certification notes.
🔥 Related Trending Topics
LIVE TRENDSThis video may be related to current global trending topics. Click any trend to explore more videos about what's hot right now!
THIS VIDEO IS TRENDING!
This video is currently trending in Bangladesh under the topic 's'.
About this video
🚀 Cyber Security Certification Notes
https://shop.motasem-notes.net/collections/cyber-security-study-notes
🚀OR Certification Notes with Cheat Sheets
https://buymeacoffee.com/notescatalog/extras
💡Cyber Security Notes | Membership Access
https://buymeacoffee.com/notescatalog/membership
🔥Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog/e/290985
****
The video discusses data exfiltration techniques using the HTTP protocol, explaining why HTTP is one of the stealthiest methods for exfiltrating data. It covers post-exploitation techniques and demonstrates them in a practical lab setup.
**********
Receive Cyber Security Field Notes and Special Training Videos
https://buymeacoffee.com/notescatalog/membership
Writeup
https://motasem-notes.net/data-exfiltration-techniques-http-https-tryhackme
*******
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/motasem.hamdan.official/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
****
00:00 Introduction to Data Exfiltration via HTTP
00:06 Why HTTP is Used for Data Exfiltration
00:21 Advantages of HTTP-Based Exfiltration
00:36 Using HTTP POST Requests for Exfiltration
01:02 Attack Setup: Victim & Attacker Machines
01:26 Setting Up an HTTP Exfiltration Server
02:08 Using HTTPS for Secure Exfiltration
02:28 HTTP Tunneling for Covert Data Transfer
03:03 Setting Up an HTTP Tunnel
03:24 Tools for HTTP Tunneling (Neo-reGeorg)
03:40 Practical Demonstration: Setting Up Exfiltration
04:04 Connecting to the Jump Box
04:29 Checking Apache Server Logs for POST Requests
05:01 Why POST Requests are Preferred for Exfiltration
06:06 Extracting Flag from Base64 Encoded Data
06:42 Sending Data via HTTP POST Requests
07:34 Configuring the Victim Machine
08:17 Identifying Data to Exfiltrate
09:00 Encoding and Sending Data as a POST Request
10:06 Verifying Data Reception on Attacker Machine
10:50 Fixing URL Encoding Issues in Received Data
11:51 Decoding and Extracting Exfiltrated Data
12:37 Introduction to HTTP Tunneling
13:00 Setting Up an HTTP Tunnel Server
13:38 Generating an Encrypted Tunneling Client
14:22 Uploading the Tunnel Client to Victim Machine
15:26 Establishing Connection to Tunnel Server
16:57 Using HTTP Tunnel for Internal Network Access
18:01 Accessing Hidden Web Resources via Tunneling
19:03 Extracting Internal Server Flags
20:25 Retrieving the First Flag
20:38 Retrieving the Second Flag
20:48 Conclusion and Final Thoughts
Video Information
Views
9.2K
Total views since publication
Likes
137
User likes and reactions
Duration
20:52
Video length
Published
Sep 2, 2022
Release date
Quality
hd
Video definition
About the Channel
Tags and Topics
This video is tagged with the following topics. Click any tag to explore more related content and discover similar videos:
Tags help categorize content and make it easier to find related videos. Browse our collection to discover more content in these categories.