v09044g40000c40tatrc77u3vqm6u500
Apr 23, 2026 19:49
· 0:51
· English
· Whisper Turbo
· 1 speakers
ਇਹ ਟਰਾਂਸਕਰੀਪਟ ਦੀ ਮਿਆਦ ਖਤਮ ਹੁੰਦੀ ਹੈ 9 ਦਿਨ
ਸਥਾਈ ਸਟੋਰੇਜ਼ ਲਈ ਅੱਪਗਰੇਡ →
ਕੇਵਲ ਵੇਖਾਓ
0:00
S…
Speaker 1 (v09044g40000c40tatrc77u3vqm6u500)
What kind of security flaw do you think qualifies for a critical severity and a $20,000 reward from GitLab? Let's walk through the vulnerability. So you upload an image to GitLab, and it goes to a special tool to remove tags. But this tool doesn't pay attention to the extension. It pays attention to the contents of the file. So it could be a .jpg file.
0:20
S…
Speaker 1 (v09044g40000c40tatrc77u3vqm6u500)
with something totally different inside. So the researcher put code in the file and he found that if he crafted it just right, he could get that code to execute. In cybersecurity, we call this kind of vulnerability RCE or remote code execution. Why is it so good? Because then you can craft some commands that open up a doorway to the internet, which we call the reverse shell. RCE on production, 20 grand, sometimes more. Awesome.
This transcript was generated by AI (automatic speech recognition). May contain errors — verify against the original audio for critical use. AI policy
ਸੰਖੇਪ
ਇਸ ਟਰਾਂਸਕਰੀਪਟ ਦਾ AI ਸੰਖੇਪ ਬਣਾਉਣ ਲਈ ਸੰਖੇਪ ਕਲਿੱਕ ਕਰੋ ।
ਸੰਖੇਪ...
ਇਹ ਟਰਾਂਸਕਰੀਪਟ ਬਾਰੇ AI ਨੂੰ ਪੁੱਛੋ
ਇਸ ਟਰਾਂਸਕਰੀਪਟ ਬਾਰੇ ਕੁਝ ਪੁੱਛੋ — AI ਸਬੰਧਤ ਭਾਗ ਲੱਭੇਗਾ ਅਤੇ ਜਵਾਬ ਦੇਵੇਗਾ।