https://stream.echo6.co/videos/watch/2f444967-ae34-4cfd-94d9-d055557fad05 00:00 - Intro 00:45 - Copying the webapp from the server to my local box 02:55 - Intalling the required modules to run the pip modules and running the website locally 03:30 - Using SSH Port forwarding to forward MySQL, so we don't have to setup a database 04:30 - Changing localhost in the web code to 127.0.0.1 which magically fixes an issue we had connecting to the database 05:20 - Getting an administrative login, registering a new user and then updating their role 07:45 - Running Visual Studio Code which gives us a nice debugger 09:20 - Creating a test payload and seeing why it fails 10:50 - Going over what $'' is and why it prevented our command execution if we didn't escape it 12:40 - When sending over the single quote, it is html encoded. Editing variables in the debugger to make sure if we bypass this stage we would have command execution 14:20 - Intercepting the request in BurpSuite and discovering the HTML Encoding is done client side, by editing the request we can get RCE! Mon, 13 Apr 2026 20:39:50 GMT https://validator.w3.org/feed/docs/rss2.html PeerTube - https://stream.echo6.co https://stream.echo6.co/client/assets/images/icons/icon-512x512.png https://stream.echo6.co/videos/watch/2f444967-ae34-4cfd-94d9-d055557fad05 All rights reserved, unless otherwise specified in the terms specified at https://stream.echo6.co/about and potential licenses granted by each content's rightholder.