Hey guys! I’ve been reading all your comments and many people are looking for a path so they can learn cybersecurity in a fun way. I totally got you, I’ve something planned for that. It’s gonna be a PLAYLIST and it’s gonna be something you’ve never seen before! Get ready!!
My last video was taken down by YouTube saying “it was not following guidelines” which is crazy cuz I said that “I’m performing this in a safe environment and ethically”. So I’ve talked to support to get it back up, it’ll take few days. If it doesn’t then I’ll reupload and share the link with you guys where you can watch it. Thanks for your patience :)
Hey guys, I noticed a lot of people have joined my server, but many haven’t verified themselves yet. Please make sure to complete the verification so you can access the full server. If you face any issues, try rejoining or DM me on Discord with the message “Issue with joining server,” and I’ll help you out.
I’m surprised that multiple people misunderstood what I explained in the last video and even called the bug by wrong names. So I’m giving more context here.
The bug was actually “Session Fixation leads to 2FA Bypass”, when you log in, the app should give you a new session ID after 2FA to confirm it’s really you. However, in this case, the app didn’t issue a new session ID, it kept using the one created before 2FA verification. As a result, the session used during the 2FA step became fully authenticated, even though proper authentication should only happen after 2FA is successfully completed.
Now, using that cookie, an attacker can simply paste it into their browser and log in to the victim’s account without performing 2FA (Bypass).
Hey hey! 👀 Been seeing y’all in the comments lately, really crazy!
We’re on the road to 15k now, and I’m tryna make the content even better. So if you vibe with my stuff, share it around and let’s hit that goal together 🐍 🔥
Hey guys, I was about to upload the new video but it’s delayed now cause of video project cooked, everything messed up. Working on it :) Thanks for your patience.
Medusa
Medusa
Hey guys! I’ve been reading all your comments and many people are looking for a path so they can learn cybersecurity in a fun way. I totally got you, I’ve something planned for that. It’s gonna be a PLAYLIST and it’s gonna be something you’ve never seen before! Get ready!!
2 weeks ago | [YT] | 152
View 13 replies
Medusa
Hey everyone!
The last video got removed so I posted it on Rumble, you can watch here:
rumble.com/v71ram8-how-hackers-find-your-password-…
Thanks!
1 month ago | [YT] | 84
View 12 replies
Medusa
Hello hackers!
My last video was taken down by YouTube saying “it was not following guidelines” which is crazy cuz I said that “I’m performing this in a safe environment and ethically”. So I’ve talked to support to get it back up, it’ll take few days. If it doesn’t then I’ll reupload and share the link with you guys where you can watch it. Thanks for your patience :)
1 month ago | [YT] | 200
View 31 replies
Medusa
Hey guys, I noticed a lot of people have joined my server, but many haven’t verified themselves yet. Please make sure to complete the verification so you can access the full server. If you face any issues, try rejoining or DM me on Discord with the message “Issue with joining server,” and I’ll help you out.
Thank you so much, and have a great day!
1 month ago | [YT] | 106
View 23 replies
Medusa
Hey lovely hackers!
Just woke up to 15K subs, thank you so much! Let’s keep growing, fam 🩷
1 month ago | [YT] | 265
View 33 replies
Medusa
I’m surprised that multiple people misunderstood what I explained in the last video and even called the bug by wrong names. So I’m giving more context here.
The bug was actually “Session Fixation leads to 2FA Bypass”, when you log in, the app should give you a new session ID after 2FA to confirm it’s really you. However, in this case, the app didn’t issue a new session ID, it kept using the one created before 2FA verification. As a result, the session used during the 2FA step became fully authenticated, even though proper authentication should only happen after 2FA is successfully completed.
Now, using that cookie, an attacker can simply paste it into their browser and log in to the victim’s account without performing 2FA (Bypass).
Happy Hacking ✨
1 month ago | [YT] | 77
View 11 replies
Medusa
Have you watched the New Video Yet? ^_^
2 months ago | [YT] | 77
View 11 replies
Medusa
Hey hey! 👀
Been seeing y’all in the comments lately, really crazy!
We’re on the road to 15k now, and I’m tryna make the content even better.
So if you vibe with my stuff, share it around and let’s hit that goal together 🐍 🔥
2 months ago | [YT] | 98
View 18 replies
Medusa
Hey guys, I was about to upload the new video but it’s delayed now cause of video project cooked, everything messed up. Working on it :) Thanks for your patience.
2 months ago | [YT] | 48
View 14 replies
Medusa
Hey guys! My portfolio site is Up, check out. :)
portfolio.medusa0xf.com/
3 months ago | [YT] | 90
View 15 replies
Load more