What SECRETS are in your Clipboard?
Vložit
- čas přidán 6. 08. 2024
- jh.live/snyk || Snyk loves CTF challenges just like this for forensics and application security -- you can use Snyk to find vulnerabilities in your own projects FOR FREE ➡ jh.live/snyk
00:00 - Clipboard Forensics
00:21 - The Setup
02:52 - Getting started
04:10 - Checking the data
05:15 - What next?
11:20 - Another way forward
13:07 - Viewing the DB
16:50 - Final Thoughts
🔥 CZcams ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
Don't know why I chuckled when John with all his automation and shortcuts typed out "yes" to the y/n prompt for sqlitebrowser install
Finding this channel is the last thing everyone does before deciding against smart homes
Explain
@@0_1_2 security
basic quality of life improvements is nice, but I would never trust smart home locks on your doors, which I have seen people do.
@@lightwxrk finding LPL is the last thing everyone does before deciding against locked doors, there's literally no difference; it takes skill to open either and a smashed window will always work better.
@@0_1_2 That already defeats the purpose if needs explaining. If you are in this channel you already know it.
Very cool CTF. I didn't know this was possible. Thanks John!
I haven't used windows in around 5 years now, but when I did I spent so much time in the AppData directory I had actually forgotten it's supposed to be a hidden folder.
Linux?
@@itsawill9268 yeah. Thought about going Mac, but around that time it came out Apple had given Uighur data to the CCP.
@@itsawill9268 TempleOS
The keyboard shortcuts trimming the data was great - excellent video!
Amazing content quality, The video seemed way way more interactive since I last saw your video!!
Kudossss!!!🎉
Thanks for the constant motivation John!
Awesome! Just awesome John! As always! 👏👏💜😎
Thanks John! Always cool to see stuff from inversecos
Fantastic video. Thanks for sharing!
Thanks John bro. I learnt so much from you. Wish one day we will meet 🎉
great video John. Learn something everytime I watch one of your vids
You can just paste the input into stdin of base64. No need to pipe it via echo. In bash you can also do
Average Man Page Enjoyer
How do you paste to stdin?
I'm impressed, Microsoft is actually thorough for once. If you deativate the clipboard history the clipboard folder is completely gone and all the ClipboardPayload values in the database are NULL. I fully expected them to half-ass this again.
The Payload values are still there however so an attacker could still find out where you copied data from.
Brilliant as always !!!
This was really interesting. Thanks!
Thank you John.
Thanks for the video.
Ayyy great to see chompie be credited!! 11:40
“Running strings on these things” 😂 i love your videos!
1:43
Not parentheses but “%” or percent signs
Love the vid❤
Awesome content in this video.
Hey john great video as always, i have learn so many tips in bash thanks to you, now it's my turn :)
In bash, you can specify the depth of dir that are display with this variable PROMPT_DIRTRIM
like PROMPT_DIRTRIM=2 will trim your prompt from
~/Documents/dir1/dir2 to ~/.../dir1/dir2
😊😊thanks
good video!
Nice work! I came across a similar challenge not too long ago where the answer lied within the activities cache.
Awesome 😎
We need more forensics videos
Yeah this is really good topic
bro makes it look so easy
Nice
Will we be able to try these challenges or the files aren't going to be released?
Nice :D
It’s interesting that even though MacOS keeps clipboard history ( only in RAM though, i think ), and provides an API to access it, no built-in software actually uses it.
Going bad boys.
Your VM is so fast, what hypervisor are you using on windows?
I always experience so much lag even if a allocate almost all my host resources.
Allocating all your host resources to a VM is bad.
@@arjix8738 sure
my Clipboard is in my Clipboard
What is dpapi
I don't find Clipboard folder on my Windows system
❤❤
Clippy is ‘cheesy’? How dare you sir?!?! 😂
yeah, Clippy is Clippy, not Cheesy!
It seems Mr hammand has been playing some diablo 4
Where do you see that?
@@nordgaren2358 Most likely when he showcases his %APPDATA%/Local folder. 1:57
@@9rye I don't see Battle.net or Diablo 4 in there, though.
Please do more challenges that you don’t do beforehand
After the video, I realize that skills takes time. well it really is. its time to practice lol
Hmm, I'm pretty sure most SIFT VMs I've seen came with SQLite.
Que The Decrypting Tools.
how do you get your hair to bounce like that. cute
1:41 do you mean percent symbols?
Yes :)
@1:39, 2 percentage signs, not parentheses.
❤❤💪💪
1:40 those aren't parentheses and you can just as well type that into the start menu :D
If someone did this to me, they'd regret looking at how many times I do Ctrl c, Ctrl v in my art...
I always run `type nul | clip` when I'm in public.
First comment for you ☝️
Main detecting persons also here other mind attack other mind to for controlling brain to attack print to work brain attack analysing for you brain to process cutting
Considering everything I copy and paste are comments (especially if I'm leaving a long one I prefer to see it all written out before actually posting), links, and screenshots of things online, there would be nothing secret there.
seeing a popup that says "allow access to clipboard" scares me now
Man, Windows is so flimsy.
Saving work real get go language in get command for you object work headel application and tools, skills lod balance attending.
These are NOT parentheses:
%
Why ask "uncle Google" instead of chat gpt ?
Not andsting
SOON I WILL BE AN EXPECT IN ETHICAL HACKING
But not in spelling 😅
@@rob-890 I think you can be my good friend 😀
@@rob-890 lol 🤣
i hope this is patched already
Concurrent?
What is rust,git comments skills tools elements server files lod comments balance attending hacking.
05:47 you don't need to export PS1
As a GUI user, watching someone navigating folders via command line and then alt-tab to some other normal GUI app just seems stupid.
Unless you have a valid reason for not using a GUI, this is just pretentious and stupid.
You are not appearing more smart or clever just by typing bunch of cd and ls.
Linux does not have ALT+TAB than windows does, and his type he can navigate folders terminal if he wants.
Dude he is just using Linux a very common way. You saying that you must do your way or the high way is clearly a sign that you hardly care about the community.
Seems easier to just ring the NSA and ask if you could get some your unconstitutionally aquired data back if the form of your clipboard history, in this case. 😂😂😂
the cloud_id means the clipboard data is being stored by some government that collects all the meta data is my assumption.
Probably referring to OneDrive
Clipboard can be synced across devices in Windows. The option is called Clipboard Cloud Sync i think
I've been looking for a video like this
Assembly code file's get comment,biycod ujeing alrebm