boarzVideosClipsStatistics

🎬Zain's going platinum

⏪
🎦
⏩
Featured in#️⃣EP 221 - Today's Stream
AllClipsEpisodesHas Blog PostZainThaneshKartikTorey
001
Build Break and Code
📅 2021-07-14 
(876 days ago)
⌛ 0:58:43
ZainboarKartikboar
002
Build, Break & Fix
📅 2021-07-15 
(875 days ago)
⌛ 0:53:45
ZainboarKartikboar
🎬
Krunchmaster Kartik
Build, Break & Fix
ZainboarKartikboar
003
Build, Break & Fix
📅 2021-07-16 
(874 days ago)
⌛ 1:09:05
ZainboarKartikboar
004
Special Edition: We don't stop until we get our code working
📅 2021-07-16 
(874 days ago)
⌛ 2:27:06
ZainboarKartikboar
🎬
Killing it
Special Edition: We don't stop until we get our code working
ZainboarKartikboar
005
Build,Break & Fix // Weekend two hour special
📅 2021-07-17 
(873 days ago)
⌛ 2:00:31
ZainboarKartikboar
🎬
Schooling in brown countries
Build,Break & Fix // Weekend two hour special
ZainboarKartikboar
🎬
Unprofessional Kartik
Build,Break & Fix // Weekend two hour special
ZainboarKartikboar
006
Build, Break & Fix
📅 2021-07-19 
(871 days ago)
⌛ 1:03:20
ZainboarKartikboar
007
Build, Break & Fix
📅 2021-07-20 
(870 days ago)
⌛ 1:04:37
ZainboarKartikboar
008
Build, Break & Fix
📅 2021-07-21 
(869 days ago)
⌛ 1:00:37
ZainboarKartikboar
009
Build, Break & Fix
📅 2021-07-22 
(868 days ago)
⌛ 1:17:02
ZainboarKartikboar
010
Build, Break & Fix
📅 2021-07-23 
(867 days ago)
⌛ 1:04:59
ZainboarKartikboar
011
Build, Break & Fix
📅 2021-07-23 
(867 days ago)
⌛ 1:48:16
ZainboarKartikboar
012
Build, Break & Fix
📅 2021-07-24 
(866 days ago)
⌛ 2:05:28
ZainboarKartikboar
013
Build, Break & Code //First Special Guest Appearance
📅 2021-07-26 
(864 days ago)
⌛ 1:09:09
ZainboarKartikboar
014
Build, Break & Fix
📅 2021-07-27 
(863 days ago)
⌛ 1:05:37
ZainboarKartikboar
015
Build, Break & Fix // Setting a blog using Hugo and AWS Amplify
📅 2021-07-28 
(862 days ago)
⌛ 1:07:46
ZainboarKartikboar
🎬
Brain Refresh
Build, Break & Fix // Setting a blog using Hugo and AWS Amplify
ZainboarKartikboar
016
Build, Break & Fix // Working on FETCH APIs
📅 2021-07-29 
(861 days ago)
⌛ 1:03:57
ZainboarKartikboar
017
Build, Break & Fix // Working on FETCH APIs
📅 2021-07-30 
(860 days ago)
⌛ 1:06:45
ZainboarKartikboar
018
Build, Break & Fix // creating get methods with FETCH API
📅 2021-07-30 
(860 days ago)
⌛ 2:00:16
ZainboarKartikboar
019
Build, Break & Fix // BLOG REVEAL!! &Fixing our broken Hugo blog
📅 2021-07-31 
(859 days ago)
⌛ 2:03:11
📰
ZainboarKartikboar
020
Build, Break & Fix // Fixing the uncaught exception error in FETCH APIs
📅 2021-08-02 
(857 days ago)
⌛ 1:02:04
ZainboarKartikboar
021
Build, Break & Fix // Trying different things to resolve the error
📅 2021-08-03 
(856 days ago)
⌛ 1:04:49
📰
ZainboarKartikboar
022
Build, Break & Fix // Special Guest announcement for tomorrow!
📅 2021-08-04 
(855 days ago)
⌛ 1:03:15
📰
ZainboarKartikboar
023
Special Episode : Talking to a Principal Developer at Seek
📅 2021-08-05 
(854 days ago)
⌛ 1:04:56
📰
ZainboarKartikboar
024
Build, Break & Fix // Working out Software design
📅 2021-08-06 
(853 days ago)
⌛ 1:08:19
📰
ZainboarKartikboar
🎬
Finger driven architecture
Build, Break & Fix // Working out Software design
ZainboarKartikboar
🎬
Fast food driven architecture
Build, Break & Fix // Working out Software design
ZainboarKartikboar
025
Build, Break & Fix
📅 2021-08-06 
(853 days ago)
⌛ 2:01:05
📰
ZainboarKartikboar
🎬
Can't be ashamed if there's never a first version
Build, Break & Fix
ZainboarKartikboar
🎬
Not a uni student
Build, Break & Fix
ZainboarKartikboar
026
Weekend Special 1.5 hours
📅 2021-08-08 
(851 days ago)
⌛ 1:35:49
📰
Zainboar
027
30 mins of deployment 😠 || 30 mins of coding 🥲
📅 2021-08-09 
(850 days ago)
⌛ 1:07:48
📰
ZainboarKartikboar
🎬
Can't work, deploying
30 mins of deployment 😠 || 30 mins of coding 🥲
ZainboarKartikboar
028
Today's Broadcast
📅 2021-08-10 
(849 days ago)
⌛ 1:18:59
📰
ZainboarKartikboar
🎬
Two points of contact
Today's Broadcast
ZainboarKartikboar
🎬
CORS exclusive lovin'
Today's Broadcast
ZainboarKartikboar
029
Build Break Fix
📅 2021-08-11 
(848 days ago)
⌛ 1:01:46
📰
ZainboarKartikboar
030
Today's Stream
📅 2021-08-12 
(847 days ago)
⌛ 1:09:24
📰
ZainboarKartikboar
🎬
Sensible policy
Today's Stream
ZainboarKartikboar
🎬
Shoes in mouth
Today's Stream
ZainboarKartikboar
031
Buidl Break Fix
📅 2021-08-13 
(846 days ago)
⌛ 1:05:05
📰
ZainboarKartikboar
🎬
The code always wins
Buidl Break Fix
ZainboarKartikboar
🎬
Chicken curry in the brown way
Buidl Break Fix
ZainboarKartikboar
032
Today's Broadcast
📅 2021-08-14 
(845 days ago)
⌛ 1:20:18
📰
ZainboarKartikboar
033
Build - Break - Fix
📅 2021-08-15 
(844 days ago)
⌛ 1:34:03
📰
ZainboarKartikboar
034
Build Break Fix
📅 2021-08-16 
(843 days ago)
⌛ 1:18:19
📰
ZainboarKartikboar
🎬
Finger memory practice
Build Break Fix
ZainboarKartikboar
🎬
See you later Kartik
Build Break Fix
ZainboarKartikboar
035
Today's Broadcast
📅 2021-08-17 
(842 days ago)
⌛ 1:04:07
📰
ZainboarKartikboar
🎬
Keep your code looking sexy
Today's Broadcast
ZainboarKartikboar
🎬
Echo chamber Zain
Today's Broadcast
ZainboarKartikboar
🎬
And Kartik never got a job again...
Today's Broadcast
ZainboarKartikboar
036
Build, Break, Fix
📅 2021-08-18 
(841 days ago)
⌛ 1:03:21
📰
ZainboarKartikboar
037
Special Guest - Sam Nolan
📅 2021-08-19 
(840 days ago)
⌛ 1:05:19
📰
ZainboarKartikboar
038
Today's Broadcast
📅 2021-08-20 
(839 days ago)
⌛ 1:01:55
📰
ZainboarKartikboar
039
Today's Broascast
📅 2021-08-21 
(838 days ago)
⌛ 1:33:11
📰
ZainboarKartikboar
🎬
Pilot? What even iz dat kind of fing
Today's Broascast
ZainboarKartikboar
040
Build - Break - Fix
📅 2021-08-22 
(837 days ago)
⌛ 1:33:18
📰
ZainboarKartikboar
🎬
Fish and Chips
Build - Break - Fix
ZainboarKartikboar
🎬
Backup career
Build - Break - Fix
ZainboarKartikboar
041
Build Break Fix
📅 2021-08-23 
(836 days ago)
⌛ 0:57:11
📰
Zainboar
042
Today's Broadcast
📅 2021-08-24 
(835 days ago)
⌛ 1:06:08
📰
ZainboarKartikboar
🎬
Professional background? Wat even iz dat?
Today's Broadcast
ZainboarKartikboar
🎬
Private mentorship group
Today's Broadcast
ZainboarKartikboar
043
Today's Stream
📅 2021-08-25 
(834 days ago)
⌛ 1:13:08
📰
ZainboarKartikboar
🎬
Actually good job advice from Zain
Today's Stream
ZainboarKartikboar
044
Today's Stream
📅 2021-08-26 
(833 days ago)
⌛ 0:49:48
📰
ZainboarKartikboar
🎬
What a classic!
Today's Stream
ZainboarKartikboar
🎬
Uber driver in training
Today's Stream
ZainboarKartikboar
045
Today's Stream
📅 2021-08-27 
(832 days ago)
⌛ 1:08:21
📰
ZainboarKartikboar
046
Weekend Special
📅 2021-08-28 
(831 days ago)
⌛ 1:32:51
ZainboarKartikboar
047
Weekend Special
📅 2021-08-29 
(830 days ago)
⌛ 1:01:39
Zainboar
048
Today's Broadcast
📅 2021-08-30 
(829 days ago)
⌛ 1:17:19
ZainboarKartikboar
049
Today's Broadcast
📅 2021-08-31 
(828 days ago)
⌛ 1:00:16
ZainboarKartikboar
🎬
Viewer burn
Today's Broadcast
ZainboarKartikboar
050
CELEBRATION: 50th Episode
📅 2021-09-01 
(827 days ago)
⌛ 1:01:53
ZainboarKartikboar
051
Today's Broadcast
📅 2021-09-02 
(826 days ago)
⌛ 1:05:39
ZainboarKartikboar
🎬
Time for a nap
Today's Broadcast
ZainboarKartikboar
🎬
A sniffer of a line
Today's Broadcast
ZainboarKartikboar
🎬
Slow Zain
Today's Broadcast
ZainboarKartikboar
052
Today's Broadcast
📅 2021-09-03 
(825 days ago)
⌛ 1:12:47
ZainboarKartikboar
🎬
No single point of failure
Today's Broadcast
ZainboarKartikboar
🎬
Gambling on bad logic
Today's Broadcast
ZainboarKartikboar
🎬
Estimated Time of New-Careers
Today's Broadcast
ZainboarKartikboar
🎬
Fake Nod
Today's Broadcast
ZainboarKartikboar
053
NEW SETUP!!
📅 2021-09-04 
(824 days ago)
⌛ 1:04:04
ZainboarKartikboar
🎬
Investing in 'the brand'
NEW SETUP!!
ZainboarKartikboar
🎬
Hitting a brick
NEW SETUP!!
ZainboarKartikboar
🎬
Master of the green screen
NEW SETUP!!
ZainboarKartikboar
🎬
Logiclesstech
NEW SETUP!!
ZainboarKartikboar
054
Weekend Special
📅 2021-09-05 
(823 days ago)
⌛ 1:41:54
ZainboarKartikboar
055
Today's Stream
📅 2021-09-06 
(822 days ago)
⌛ 1:20:05
ZainboarKartikboar
🎬
Get him to the greenscreen
Today's Stream
ZainboarKartikboar
🎬
Change the digit to a number
Today's Stream
ZainboarKartikboar
056
Today's Broadcast
📅 2021-09-07 
(821 days ago)
⌛ 1:25:44
ZainboarKartikboar
🎬
The benefits of pair programming
Today's Broadcast
ZainboarKartikboar
057
Today's Stream
📅 2021-09-08 
(820 days ago)
⌛ 1:00:33
ZainboarKartikboar
🎬
Xs, the healthy choice
Today's Stream
ZainboarKartikboar
🎬
Xs vs mother
Today's Stream
ZainboarKartikboar
058
Today's Stream
📅 2021-09-09 
(819 days ago)
⌛ 1:13:08
ZainboarKartikboar
🎬
The beginning of the end of productivity
Today's Stream
ZainboarKartikboar
🎬
Unprofessional Zain
Today's Stream
ZainboarKartikboar
🎬
Blazing fast
Today's Stream
ZainboarKartikboar
🎬
Premature celebratory dance
Today's Stream
ZainboarKartikboar
🎬
Timeline slippage
Today's Stream
ZainboarKartikboar
🎬
Speed coding
Today's Stream
ZainboarKartikboar
059
Today's Broadcast
📅 2021-09-10 
(818 days ago)
⌛ 1:50:40
ZainboarKartikboar
🎬
Sorry I dont know that voice
Today's Broadcast
ZainboarKartikboar
🎬
Definition of done
Today's Broadcast
ZainboarKartikboar
🎬
Amway bites
Today's Broadcast
ZainboarKartikboar
🎬
A cool stream
Today's Broadcast
ZainboarKartikboar
🎬
Spooky Kartik
Today's Broadcast
ZainboarKartikboar
060
Today's Stream
📅 2021-09-12 
(816 days ago)
⌛ 1:02:36
ZainboarKartikboar
061
Today's Stream
📅 2021-09-13 
(815 days ago)
⌛ 1:00:40
ZainboarKartikboar
🎬
Water physics 101
Today's Stream
ZainboarKartikboar
🎬
Scrum master Zain
Today's Stream
ZainboarKartikboar
🎬
Zain applying his scrum master skills
Today's Stream
ZainboarKartikboar
062
Today's Stream
📅 2021-09-14 
(814 days ago)
⌛ 1:11:29
ZainboarKartikboar
063
Today's Stream
📅 2021-09-15 
(813 days ago)
⌛ 1:07:00
ZainboarKartikboar
🎬
Zain the blunderer
Today's Stream
ZainboarKartikboar
🎬
Healthier than other traditional drinks
Today's Stream
ZainboarKartikboar
🎬
Real headscratcha
Today's Stream
ZainboarKartikboar
🎬
Bracket blues
Today's Stream
ZainboarKartikboar
🎬
If statements are not good practice
Today's Stream
ZainboarKartikboar
🎬
Kappa Quality Code
Today's Stream
ZainboarKartikboar
🎬
Exciting switch statements
Today's Stream
ZainboarKartikboar
064
Today's Broadcast
📅 2021-09-16 
(812 days ago)
⌛ 1:20:45
📰
ZainboarKartikboar
🎬
Switched-on hat
Today's Broadcast
ZainboarKartikboar
🎬
Functions, one of the big coding challenges
Today's Broadcast
ZainboarKartikboar
🎬
Break fast
Today's Broadcast
ZainboarKartikboar
🎬
Blood and breath pumping up
Today's Broadcast
ZainboarKartikboar
🎬
Wrong since day 1
Today's Broadcast
ZainboarKartikboar
065
test
📅 2021-09-16 
(812 days ago)
⌛ 2:03:01
📰
ZainboarKartikboar
🎬
Electronic waves
test
ZainboarKartikboar
🎬
RAWR coders
test
ZainboarKartikboar
🎬
Transit in Japawn
test
ZainboarKartikboar
🎬
Xs sponsorship
test
ZainboarKartikboar
🎬
Lame roars
test
ZainboarKartikboar
🎬
Setting up a suppository in Diagon Alley
test
ZainboarKartikboar
🎬
Background Diagon Alley
test
ZainboarKartikboar
🎬
Half speed zain
test
ZainboarKartikboar
🎬
One second penetration
test
ZainboarKartikboar
🎬
Top loading switches
test
ZainboarKartikboar
🎬
Making it rain with CodeBuild
test
ZainboarKartikboar
066
Today's Broadcast
📅 2021-09-19 
(809 days ago)
⌛ 1:46:13
📰
ZainboarKartikboar
067
Today's Stream
📅 2021-09-20 
(808 days ago)
⌛ 1:03:46
📰
ZainboarKartikboarToreyboar
🎬
What is a sea cable?
Today's Stream
ZainboarKartikboarToreyboar
068
Today's Stream
📅 2021-09-21 
(807 days ago)
⌛ 1:09:13
📰
ZainboarKartikboarToreyboar
069
Today's Broadcast
📅 2021-09-22 
(806 days ago)
⌛ 1:03:51
📰
ZainboarKartikboar
070
Today's Stream
📅 2021-09-23 
(805 days ago)
⌛ 1:59:01
📰
ZainboarKartikboar
071
Today's Stream
📅 2021-09-24 
(804 days ago)
⌛ 0:28:57
📰
ZainboarKartikboar
072
Today's Stream
📅 2021-09-24 
(804 days ago)
⌛ 0:39:33
📰
ZainboarKartikboar
073
Today's Stream
📅 2021-09-26 
(802 days ago)
⌛ 1:21:14
📰
Zainboar
074
Today's Stream
📅 2021-09-27 
(801 days ago)
⌛ 1:03:40
📰
ZainboarKartikboar
075
Today's Stream
📅 2021-09-28 
(800 days ago)
⌛ 1:04:05
📰
ZainboarKartikboar
076
Today's Broadcast
📅 2021-09-29 
(799 days ago)
⌛ 0:58:07
📰
ZainboarKartikboar
077
Today' Broadcast
📅 2021-09-30 
(798 days ago)
⌛ 1:13:14
📰
ZainboarKartikboar
078
Today's Broadcast
📅 2021-10-01 
(797 days ago)
⌛ 1:23:11
📰
ZainboarKartikboar
🎬
If statements are bad practice
Today's Broadcast
ZainboarKartikboar
🎬
Tomato fan
Today's Broadcast
ZainboarKartikboar
079
Today's Stream
📅 2021-10-03 
(795 days ago)
⌛ 1:14:52
📰
ZainboarKartikboar
080
Today's Stream
📅 2021-10-04 
(794 days ago)
⌛ 1:05:10
📰
ZainboarKartikboar
081
Today's Stream
📅 2021-10-05 
(793 days ago)
⌛ 1:01:05
📰
Zainboar
082
Today's Stream
📅 2021-10-06 
(792 days ago)
⌛ 0:54:10
📰
ZainboarKartikboar
083
Today's Stream
📅 2021-10-07 
(791 days ago)
⌛ 1:15:04
📰
ZainboarKartikboar
🎬
Strong intro
Today's Stream
ZainboarKartikboar
084
Today's Stream
📅 2021-10-08 
(790 days ago)
⌛ 1:12:59
ZainboarKartikboar
085
Today's Stream
📅 2021-10-10 
(788 days ago)
⌛ 1:17:09
📰
ZainboarKartikboar
🎬
Impossible URL
Today's Stream
ZainboarKartikboar
🎬
Clever devs
Today's Stream
ZainboarKartikboar
086
Today's Stream
📅 2021-10-11 
(787 days ago)
⌛ 1:00:57
📰
ZainboarKartikboar
🎬
Always CORS related problems
Today's Stream
ZainboarKartikboar
🎬
CORS headscratcha
Today's Stream
ZainboarKartikboar
087
Today's Stream
📅 2021-10-12 
(786 days ago)
⌛ 0:51:02
📰
ZainboarKartikboar
088
Today's Stream
📅 2021-10-13 
(785 days ago)
⌛ 1:07:31
📰
ZainboarKartikboar
089
Today's Broadcast
📅 2021-10-14 
(784 days ago)
⌛ 1:07:16
📰
ZainboarKartikboar
090
Today's Stream
📅 2021-10-15 
(783 days ago)
⌛ 1:01:10
📰
Zainboar
091
Today's Stream
📅 2021-10-17 
(781 days ago)
⌛ 1:26:37
📰
ZainboarKartikboarThaneshboar
🎬
Torres Strait Icelander people
Today's Stream
ZainboarKartikboarThaneshboar
092
Today's Stream
📅 2021-10-18 
(780 days ago)
⌛ 1:05:40
📰
ZainboarKartikboarThaneshboar
🎬
Icelander or Islander?
Today's Stream
ZainboarKartikboarThaneshboar
093
Today's Stream
📅 2021-10-19 
(779 days ago)
⌛ 1:01:58
📰
ZainboarThaneshboar
094
Today's Stream
📅 2021-10-20 
(778 days ago)
⌛ 1:04:18
📰
ZainboarKartikboar
095
Today's Stream
📅 2021-10-21 
(777 days ago)
⌛ 1:16:08
📰
ZainboarKartikboarThaneshboar
096
100th Episode
📅 2021-10-23 
(775 days ago)
⌛ 1:13:16
📰
ZainboarKartikboar
097
101/200 Episodes
📅 2021-10-24 
(774 days ago)
⌛ 1:00:53
📰
ZainboarThaneshboar
🎬
Best Practices
101/200 Episodes
ZainboarThaneshboar
098
102/200 Episode
📅 2021-10-25 
(773 days ago)
⌛ 1:09:20
📰
ZainboarKartikboar
099
103/200 Episode
📅 2021-10-26 
(772 days ago)
⌛ 1:10:51
📰
ZainboarKartikboarThaneshboar
100
104/200
📅 2021-10-27 
(771 days ago)
⌛ 1:03:23
📰
ZainboarKartikboar
101
105/200
📅 2021-10-28 
(770 days ago)
⌛ 1:15:24
📰
ZainboarThaneshboar
🎬
ROAR coders
105/200
ZainboarThaneshboar
102
107/200
📅 2021-10-29 
(769 days ago)
⌛ 1:14:04
📰
ZainboarKartikboar
103
109/200
📅 2021-10-31 
(767 days ago)
⌛ 1:11:38
📰
ZainboarKartikboarThaneshboar
104
110/200
📅 2021-11-01 
(766 days ago)
⌛ 1:04:53
📰
ZainboarKartikboar
105
111/200
📅 2021-11-02 
(765 days ago)
⌛ 1:11:33
📰
ZainboarKartikboarThaneshboar
106
112/200
📅 2021-11-03 
(764 days ago)
⌛ 1:00:17
📰
ZainboarKartikboar
🎬
Diagon Alley? What is that kind of fing?
112/200
ZainboarKartikboar
107
113/200
📅 2021-11-04 
(763 days ago)
⌛ 1:03:53
📰
Zainboar
🎬
C.O.D.I.N.G
113/200
Zainboar
108
114/200
📅 2021-11-05 
(762 days ago)
⌛ 0:56:39
Zainboar
109
115/200
📅 2021-11-07 
(760 days ago)
⌛ 1:02:25
📰
ZainboarThaneshboar
🎬
What's testing
115/200
ZainboarThaneshboar
🎬
CORS coders
115/200
ZainboarThaneshboar
110
116/200
📅 2021-11-08 
(759 days ago)
⌛ 1:09:37
📰
ZainboarKartikboar
111
117/200
📅 2021-11-09 
(758 days ago)
⌛ 1:06:25
📰
ZainboarKartikboarThaneshboar
112
118/200
📅 2021-11-10 
(757 days ago)
⌛ 1:02:39
📰
ZainboarKartikboar
113
119/200
📅 2021-11-11 
(756 days ago)
⌛ 1:08:01
📰
ZainboarKartikboarThaneshboar
114
120/200
📅 2021-11-12 
(755 days ago)
⌛ 1:00:14
📰
Zainboar
115
120/200
📅 2021-11-14 
(753 days ago)
⌛ 1:06:19
📰
ZainboarKartikboarThaneshboar
116
122/200
📅 2021-11-15 
(752 days ago)
⌛ 1:00:31
ZainboarKartikboar
117
Today's Stream
📅 2021-11-22 
(745 days ago)
⌛ 1:01:46
📰
KartikboarThaneshboar
118
How This Video Has 12 Views, Explained
📅 2021-11-25 
(742 days ago)
⌛ 0:59:47
KartikboarThaneshboar
119
How This Video Has 14 Views, Explained
📅 2021-11-29 
(738 days ago)
⌛ 1:16:20
📰
KartikboarThaneshboar
120
Special Guest - Torey Littlefield Pt.2
📅 2021-11-30 
(737 days ago)
⌛ 1:12:15
📰
ZainboarToreyboar
121
Today's Stream
📅 2021-12-02 
(735 days ago)
⌛ 1:02:25
KartikboarThaneshboar
122
Today's Stream
📅 2021-12-06 
(731 days ago)
⌛ 1:02:01
📰
KartikboarThaneshboar
123
Today's Broadcast
📅 2021-12-07 
(2 years ago)
⌛ 1:01:00
KartikboarThaneshboar
124
Today's Stream
📅 2021-12-09 
(728 days ago)
⌛ 1:05:48
📰
ZainboarThaneshboar
🎬
Complimenting the wrong person
Today's Stream
ZainboarThaneshboar
🎬
Alt+F4 Zain
Today's Stream
ZainboarThaneshboar
125
Today's Stream
📅 2021-12-10 
(727 days ago)
⌛ 1:07:15
ZainboarToreyboar
126
Today's Stream
📅 2021-12-12 
(725 days ago)
⌛ 0:12:47
📰
ZainboarThaneshboar
127
Today's Stream
📅 2021-12-12 
(725 days ago)
⌛ 0:50:29
📰
ZainboarThaneshboar
128
Today's Stream
📅 2021-12-13 
(724 days ago)
⌛ 1:02:31
📰
ZainboarKartikboar
129
Today's Stream
📅 2021-12-14 
(723 days ago)
⌛ 1:10:28
📰
ZainboarToreyboar
130
Today's Stream
📅 2021-12-16 
(721 days ago)
⌛ 1:16:51
📰
ZainboarThaneshboar
131
Today's Stream
📅 2021-12-17 
(720 days ago)
⌛ 1:10:59
ZainboarKartikboarToreyboar
132
Today's Stream
📅 2021-12-19 
(718 days ago)
⌛ 1:00:49
📰
Zainboar
133
Today's Stream
📅 2021-12-20 
(717 days ago)
⌛ 1:01:49
📰
ZainboarKartikboar
134
Today's Stream
📅 2021-12-21 
(716 days ago)
⌛ 1:03:43
📰
ZainboarThaneshboar
135
Today's Stream
📅 2021-12-22 
(715 days ago)
⌛ 1:06:30
📰
ZainboarKartikboar
136
Today's Stream
📅 2021-12-23 
(714 days ago)
⌛ 1:00:09
Zainboar
137
Today's Stream
📅 2021-12-26 
(711 days ago)
⌛ 1:17:00
📰
ZainboarThaneshboar
🎬
Fixing and failing
Today's Stream
ZainboarThaneshboar
138
Today's Stream
📅 2021-12-27 
(710 days ago)
⌛ 1:05:22
📰
ZainboarKartikboar
139
Today's Stream
📅 2021-12-28 
(709 days ago)
⌛ 1:16:17
📰
ZainboarToreyboar
140
WebSocket Integration
📅 2021-12-29 
(708 days ago)
⌛ 1:02:44
📰
Zainboar
141
AWS WebSocket API Integration Pt.2
📅 2021-12-30 
(707 days ago)
⌛ 1:08:23
📰
ZainboarToreyboar
142
AWS WebSocket Integration with SAM Pt.3
📅 2022-01-02 
(704 days ago)
⌛ 1:03:18
📰
ZainboarToreyboar
143
Today's Stream
📅 2022-01-03 
(703 days ago)
⌛ 1:07:18
📰
ZainboarKartikboar
144
AWS WebScoket Integration with SAM Pt.4
📅 2022-01-04 
(702 days ago)
⌛ 1:04:18
📰
ZainboarToreyboar
145
AWS WebSocket Integration with SAM Pt.5
📅 2022-01-05 
(701 days ago)
⌛ 1:03:21
📰
ZainboarKartikboar
146
AWS WebSocket Integration with SAM Pt. 6
📅 2022-01-06 
(700 days ago)
⌛ 1:03:18
📰
ZainboarToreyboar
147
Today's Stream
📅 2022-01-07 
(699 days ago)
⌛ 1:11:55
📰
ZainboarToreyboar
148
Connect AWS WebSocket to DynamoDB Pt.1
📅 2022-01-09 
(697 days ago)
⌛ 1:10:25
📰
ZainboarToreyboar
149
Connect AWS WebSocket to DynamoDB
📅 2022-01-10 
(696 days ago)
⌛ 1:02:06
ZainboarKartikboar
150
"Blank Line" Bug In Lambda Response For AWS Websocket Pt.1
📅 2022-01-11 
(695 days ago)
⌛ 0:58:13
📰
ZainboarKartikboarToreyboar
151
"Blank Line" Bug In Lambda Response From Lambda
📅 2022-01-13 
(693 days ago)
⌛ 1:04:40
📰
ZainboarToreyboar
152
AWS WebSocket + Lambda + DynamoDB
📅 2022-01-14 
(692 days ago)
⌛ 1:04:33
📰
ZainboarThaneshboar
153
AWS WebSocket + Lambda + DynamoDB
📅 2022-01-16 
(690 days ago)
⌛ 1:11:37
📰
ZainboarToreyboar
154
Test
📅 2022-01-17 
(689 days ago)
⌛ 1:03:13
📰
ZainboarThaneshboar
155
Today's stre
📅 2022-01-18 
(688 days ago)
⌛ 0:45:24
ZainboarToreyboar
156
AWS Websocket + DyanmoDb + Lambda
📅 2022-01-19 
(687 days ago)
⌛ 1:06:33
📰
ZainboarThaneshboar
🎬
Brown is always better than white
AWS Websocket + DyanmoDb + Lambda
ZainboarThaneshboar
157
Today's Stream
📅 2022-01-20 
(686 days ago)
⌛ 0:57:55
📰
Zainboar
158
Today's Stream
📅 2022-01-21 
(685 days ago)
⌛ 1:02:17
📰
ToreyboarZainboar
159
Today's Stream
📅 2022-01-23 
(683 days ago)
⌛ 1:13:29
📰
ZainboarToreyboar
🎬
Wild street dogs
Today's Stream
ZainboarToreyboar
160
How To Host A Web App using AWS S3 and CloudFront
📅 2022-01-24 
(682 days ago)
⌛ 1:16:15
📰
ZainboarThaneshboar
161
How to Host Web App In AWS S3 using CloudFront, Route53 and CloudFormation
📅 2022-01-25 
(681 days ago)
⌛ 1:01:07
ZainboarToreyboar
162
How to Host Web App Using AWS S3, CloudFront and Route53
📅 2022-01-26 
(680 days ago)
⌛ 1:03:12
ZainboarThaneshboar
🎬
The more you know
How to Host Web App Using AWS S3, CloudFront and Route53
ZainboarThaneshboar
163
How To Host Web App In AWS S3 with Custom Domain
📅 2022-01-27 
(679 days ago)
⌛ 1:08:48
📰
ZainboarToreyboar
164
How To Host Web App In AWS S3 with Custom Domain Using Route 53
📅 2022-01-28 
(678 days ago)
⌛ 1:08:57
📰
ZainboarThaneshboar
🎬
Inactive brain
How To Host Web App In AWS S3 with Custom Domain Using Route 53
ZainboarThaneshboar
165
How To Host Web App In AWS S3 with Custom Domain Using Route 53
📅 2022-01-30 
(676 days ago)
⌛ 0:28:17
Zainboar
166
Today's Broadcast
📅 2022-01-31 
(675 days ago)
⌛ 1:11:16
📰
ThaneshboarToreyboar
167
How To Host Web App In AWS S3 with Custom Domain Using Route 53
📅 2022-02-01 
(674 days ago)
⌛ 1:06:35
📰
ZainboarToreyboar
168
Generate SSL Certificate via AWS Certificate Manager
📅 2022-02-02 
(673 days ago)
⌛ 0:58:02
📰
ZainboarThaneshboar
169
Test AWS Websocket Connection With Multiple Users
📅 2022-02-03 
(672 days ago)
⌛ 1:01:59
📰
ZainboarToreyboar
170
Adding Redirection To The AWS S3 Page
📅 2022-02-04 
(671 days ago)
⌛ 0:25:00
Zainboar
171
Redirecting AWS S3 page
📅 2022-02-06 
(669 days ago)
⌛ 0:54:11
Zainboar
172
Today's Broadcast
📅 2022-02-07 
(668 days ago)
⌛ 1:05:20
📰
ThaneshboarToreyboar
173
Today's Stream
📅 2022-02-08 
(667 days ago)
⌛ 1:05:29
ZainboarToreyboar
174
Today's Stream
📅 2022-02-10 
(665 days ago)
⌛ 1:05:47
ZainboarToreyboar
🎬
No electricity in Bali
Today's Stream
ZainboarToreyboar
175
How To Send Messages To Multiple Clients Through AWS Websocket
📅 2022-02-13 
(662 days ago)
⌛ 1:02:05
ZainboarToreyboar
176
How To CRUD Data Through AWS Websocket with Multiple Clients
📅 2022-02-16 
(659 days ago)
⌛ 1:07:32
ZainboarThaneshboar
177
Today's Stream
📅 2022-02-17 
(658 days ago)
⌛ 0:58:01
ZainboarToreyboar
🎬
Francesco
Today's Stream
ZainboarToreyboar
178
How To Change String Property to Object in AWS SAM and Deploy
📅 2022-02-20 
(655 days ago)
⌛ 1:21:24
ZainboarToreyboar
179
Today's Stream
📅 2022-02-23 
(652 days ago)
⌛ 0:59:43
📰
ZainboarThaneshboar
180
How To HASH A Password using BCRYPT in Node
📅 2022-02-25 
(650 days ago)
⌛ 1:03:48
ZainboarThaneshboar
181
How to Hash Passcode with BCRYPT using Node Pt.2
📅 2022-02-27 
(648 days ago)
⌛ 1:07:59
ZainboarToreyboar
182
Create Passcode UI
📅 2022-02-28 
(647 days ago)
⌛ 1:01:29
📰
ZainboarThaneshboar
183
How To Make FrontEnd Talk to Backend with Node
📅 2022-03-01 
(646 days ago)
⌛ 1:01:33
ZainboarToreyboar
184
How To Positioning A Div
📅 2022-03-04 
(643 days ago)
⌛ 1:09:27
ZainboarToreyboar
185
Today's Stream
📅 2022-03-06 
(641 days ago)
⌛ 1:00:29
Zainboar
186
Today's Stream
📅 2022-03-07 
(640 days ago)
⌛ 0:55:51
ZainboarThaneshboar
187
Today's Stream
📅 2022-03-09 
(638 days ago)
⌛ 1:00:11
ZainboarThaneshboar
188
Compare Hashed Passwords Using Bcryptjs
📅 2022-03-10 
(637 days ago)
⌛ 1:01:31
ZainboarToreyboar
🎬
Indian givers
Compare Hashed Passwords Using Bcryptjs
ZainboarToreyboar
189
Special Appearance
📅 2022-03-11 
(636 days ago)
⌛ 0:58:44
ZainboarThaneshboarKartikboar
190
Today's Stream
📅 2022-03-13 
(634 days ago)
⌛ 1:16:40
ZainboarToreyboar
🎬
Cold coffee, cold tea
Today's Stream
ZainboarToreyboar
191
How To Make Frontend Talk To The Backend - NodeJS
📅 2022-03-14 
(633 days ago)
⌛ 1:07:00
ZainboarThaneshboar
192
Today's Stream
📅 2022-03-15 
(632 days ago)
⌛ 1:05:51
ZainboarToreyboar
193
Today's Stream
📅 2022-03-17 
(630 days ago)
⌛ 1:21:59
ZainboarToreyboar
194
How To Apply Authentication When Saving NodeJs
📅 2022-03-18 
(629 days ago)
⌛ 1:05:27
Zainboar
195
How to Compare Passcodes Using Bcrytp Node.js
📅 2022-03-20 
(627 days ago)
⌛ 1:04:19
ZainboarToreyboar
196
Today's Broadcast
📅 2022-03-21 
(626 days ago)
⌛ 1:06:59
ThaneshboarToreyboar
197
Today's Stream
📅 2022-03-22 
(625 days ago)
⌛ 1:02:51
ZainboarToreyboar
198
Verify Passcode Saving Information to DynamoDB with NodeJs
📅 2022-03-23 
(624 days ago)
⌛ 1:03:09
ZainboarThaneshboar
🎬
Tough questions
Verify Passcode Saving Information to DynamoDB with NodeJs
ZainboarThaneshboar
199
Today's Stream
📅 2022-03-25 
(622 days ago)
⌛ 1:12:27
ZainboarToreyboar
200
Today's Stream
📅 2022-03-27 
(620 days ago)
⌛ 1:14:36
ZainboarToreyboar
201
Today's Stream
📅 2022-03-28 
(619 days ago)
⌛ 1:08:28
ZainboarThaneshboar
202
How To Do A Merge Using VSCode and Github
📅 2022-03-29 
(618 days ago)
⌛ 1:05:33
ZainboarToreyboar
203
Today's Stream
📅 2022-03-30 
(617 days ago)
⌛ 0:57:26
ZainboarThaneshboar
🎬
Tandoor? Wat even iz dat kind of fing
Today's Stream
ZainboarThaneshboar
204
Today's Stream
📅 2022-03-31 
(616 days ago)
⌛ 0:57:10
ZainboarToreyboar
🎬
This is why you don't click ops
Today's Stream
ZainboarToreyboar
205
Today's Stream
📅 2022-04-01 
(615 days ago)
⌛ 1:00:36
Zainboar
206
Today's Stream
📅 2022-04-03 
(613 days ago)
⌛ 1:06:56
ZainboarToreyboar
207
Get Board Columns from Frontend to Backend NodeJS
📅 2022-04-04 
(612 days ago)
⌛ 1:00:38
ZainboarThaneshboarToreyboar
🎬
Bish Bash Bosh
Get Board Columns from Frontend to Backend NodeJS
ZainboarThaneshboarToreyboar
208
Today's Stream
📅 2022-04-05 
(611 days ago)
⌛ 0:57:30
ZainboarToreyboar
209
Today's Stream
📅 2022-04-06 
(610 days ago)
⌛ 0:59:39
ZainboarThaneshboar
🎬
Zip first developer
Today's Stream
ZainboarThaneshboar
210
Today's Stream
📅 2022-04-07 
(609 days ago)
⌛ 1:04:46
Zainboar
🎬
Busted again
Today's Stream
Zainboar
211
Store String Array in DynamoDB using NodeJS
📅 2022-04-08 
(608 days ago)
⌛ 0:19:27
Zainboar
212
Today's Stream
📅 2022-04-10 
(606 days ago)
⌛ 1:07:24
Zainboar
213
Today's Stream
📅 2022-04-11 
(605 days ago)
⌛ 1:02:34
ZainboarThaneshboar
214
Today's Stream
📅 2022-04-12 
(604 days ago)
⌛ 0:27:43
Zainboar
215
Jira Organising & Beta Testing Day 1
📅 2022-04-13 
(603 days ago)
⌛ 0:58:09
ZainboarThaneshboar
216
Implement Passcode Tab Feature
📅 2022-04-17 
(599 days ago)
⌛ 0:58:49
ZainboarToreyboar
217
Beta Testing Fixes Part 2
📅 2022-04-19 
(597 days ago)
⌛ 1:00:24
ZainboarToreyboar
🎬
Torey the stinker
Beta Testing Fixes Part 2
ZainboarToreyboar
218
Beta Testing Fixes Part 3
📅 2022-04-20 
(596 days ago)
⌛ 1:01:02
ZainboarThaneshboar
🎬
Torcoders which are roarers
Beta Testing Fixes Part 3
ZainboarThaneshboar
🎬
Delusional Zain
Beta Testing Fixes Part 3
ZainboarThaneshboar
🎬
Hey guys, torey here
Beta Testing Fixes Part 3
ZainboarThaneshboar
219
Beta Testing Fixes Part 4
📅 2022-04-21 
(595 days ago)
⌛ 1:00:13
ZainboarToreyboar
220
Beta Testing 5
📅 2022-04-22 
(594 days ago)
⌛ 1:10:18
ThaneshboarToreyboar
221
Today's Stream
📅 2022-04-25 
(591 days ago)
⌛ 1:01:01
ZainboarThaneshboar
▶️
Zain's going platinum
Today's Stream
ZainboarThaneshboar
🎬
Doggy dog
Today's Stream
ZainboarThaneshboar
222
WebSocket Heartbeat & Thanesh's Farewell
📅 2022-04-27 
(589 days ago)
⌛ 0:51:08
ZainboarThaneshboar
223
Today's Stream
📅 2022-04-28 
(588 days ago)
⌛ 1:00:33
ZainboarToreyboar
224
Save Notes Through Websocket
📅 2022-04-29 
(587 days ago)
⌛ 0:51:30
Zainboar
225
Saving Object Through Websocket in DynamoDB
📅 2022-05-01 
(585 days ago)
⌛ 0:49:15
ZainboarToreyboar
226
Saving Object Through Websocket in DynamoDb
📅 2022-05-02 
(584 days ago)
⌛ 0:55:26
Zainboar
227
Today's Stream
📅 2022-05-05 
(581 days ago)
⌛ 1:01:32
ZainboarToreyboar
228
Welcome Back Kartik Party
📅 2022-05-08 
(578 days ago)
⌛ 0:55:32
ZainboarToreyboarKartikboar
229
Testing Prevention of XSS attack
📅 2022-05-10 
(576 days ago)
⌛ 0:29:16
Zainboar
230
How To Test Prevention XSS Attack
📅 2022-05-11 
(575 days ago)
⌛ 0:40:42
ZainboarKartikboar
🎬
Fartik
How To Test Prevention XSS Attack
ZainboarKartikboar
231
Fixing Websocket
📅 2022-05-19 
(567 days ago)
⌛ 0:49:55
Zainboar
232
Today's Stream
📅 2022-05-20 
(566 days ago)
⌛ 0:56:10
ZainboarKartikboar
233
Today's Stream
📅 2022-05-22 
(564 days ago)
⌛ 0:55:33
Zainboar
🎬
Second Favourite
Today's Stream
Zainboar
🎬
Disco Zain
Today's Stream
Zainboar
234
Today's Stream
📅 2022-05-24 
(562 days ago)
⌛ 0:23:19
Zainboar
235
Websockets bugs
📅 2022-05-27 
(559 days ago)
⌛ 1:00:51
ZainboarKartikboar
236
Websocket Bug Fix
📅 2022-05-29 
(557 days ago)
⌛ 0:49:50
Zainboar
237
Hook Up AWS Websocket
📅 2022-05-30 
(556 days ago)
⌛ 0:48:59
Zainboar
🎬
Keyboard allergies
Hook Up AWS Websocket
Zainboar
238
Hook up AWS Websocket Pt.2
📅 2022-05-31 
(555 days ago)
⌛ 0:53:07
Zainboar
239
Today's Stream
📅 2022-06-01 
(554 days ago)
⌛ 0:21:05
Zainboar
240
AWS Websocket Bug Fix
📅 2022-06-05 
(550 days ago)
⌛ 0:52:47
Zainboar
241
AWS Websocket Bug Fix Pt.2
📅 2022-06-06 
(549 days ago)
⌛ 0:23:52
Zainboar
242
Hook Up Board Columns to Websockets Nodejs + AWS Websockets
📅 2022-07-27 
(498 days ago)
⌛ 1:00:06
Zainboar
🎬
As you been poopin?
Hook Up Board Columns to Websockets Nodejs + AWS Websockets
Zainboar

Subtitles

0:00:08
do
0:00:12
[Music]
0:00:26
what is going on guys welcome back to a
0:00:29
fresh session of
0:00:32
raw coders
0:00:34
no buildbreaking fix by raw code as i
0:00:36
messed it up yeah that's my fault
0:00:40
i guess that's what makes the show
0:00:43
original right
0:00:45
exactly
0:00:47
fantastic yeah so um
0:00:50
great to have you again
0:00:52
finish as always
0:00:54
how are we feeling
0:00:56
yeah good man um
0:00:59
yeah thanks for having me again um i was
0:01:01
gonna say that
0:01:02
yeah your intro is also
0:01:04
a bill breaking fix
0:01:06
sort of um
0:01:10
absolutely
0:01:12
fantastic yeah
0:01:14
all right
0:01:16
first things first let's um do the
0:01:19
acknowledgement of the country and pay
0:01:22
our respect to the past present and
0:01:24
future so here we go
0:01:27
i begin today by acknowledging the
0:01:29
traditional custodians of the land on
0:01:32
which we gather today and pay my
0:01:34
respects to the elders past present and
0:01:36
future i extend their respect to
0:01:39
aboriginal and torres strait islander
0:01:41
people here today
0:01:45
cool that is smoothly done
0:01:47
right
0:01:48
uh
0:01:49
hey gag there
0:01:51
um
0:01:52
how's it going
0:01:55
uh yeah so
0:01:58
um i know that i wasn't able to make it
0:02:01
on i believe it was friday
0:02:05
and
0:02:06
yeah so what did you guys get up to do
0:02:09
you want to give a bit of a context and
0:02:11
then we can carry on from there
0:02:13
yeah sure thing um i don't know if
0:02:15
you're gonna like this or not but we
0:02:18
basically we investigated the
0:02:21
how geckdev executed the
0:02:24
the
0:02:25
um
0:02:27
yeah does the
0:02:29
what's it called xss
0:02:31
execution
0:02:33
um
0:02:35
and yeah
0:02:36
what we found was um actually tori found
0:02:39
it is basically
0:02:41
um
0:02:44
basically um
0:02:49
it he could
0:02:51
uh run it through like the console using
0:02:53
the websocket connection uh function
0:02:57
um
0:02:58
so it's actually really cool like i
0:02:59
thought that was really fascinating how
0:03:01
we did that um
0:03:03
yeah just running javascript through the
0:03:05
function and then it uh executes on the
0:03:08
on
0:03:08
scrambler so we definitely i think
0:03:10
that's something we need to
0:03:12
um
0:03:14
add in the backlog anyways to
0:03:16
you know ensure that other people can't
0:03:18
do the same
0:03:20
but yeah it's interesting i thought
0:03:22
so we just looked into that which was
0:03:24
fun and interesting
0:03:34
are you jealous now huh that finishes
0:03:39
a little bit a lot better in
0:03:41
the short amount of time eh
0:03:44
it was story man it was it was solitary
0:03:48
no as in um yeah it's
0:03:50
team
0:03:51
team workbot i'm just teasing jack david
0:04:02
yes i think that was a really good
0:04:05
finding and yeah we would probably have
0:04:07
to pull m effects against that so is
0:04:11
that in
0:04:12
jira or
0:04:14
does that still has to be in jira
0:04:16
yeah it's the last about it
0:04:19
okay cool
0:04:20
not a problem so today what we're gonna
0:04:24
be continuing
0:04:26
would be for
0:04:30
um
0:04:31
[Music]
0:04:34
the excess
0:04:35
xss attack then basically
0:04:38
because i wanted to do
0:04:40
the um
0:04:42
the the websockets
0:04:46
thing
0:04:47
no what was it
0:04:51
what was the part there
0:04:52
me and torible working on
0:04:57
i can't remember now oh you guys were
0:05:00
working websockets as well i think
0:05:02
that's what tori told me
0:05:04
he said um
0:05:08
you guys were testing a function
0:05:13
um
0:05:16
a heartbeat happy holiday okay yeah
0:05:20
sorry just
0:05:21
mention a heartbeat
0:05:23
yeah so i guess we would
0:05:25
um uh i didn't get time to test the
0:05:29
hobby even though i said it as in last
0:05:33
week um
0:05:35
i would
0:05:36
probably
0:05:39
deploy
0:05:41
deploy the changes
0:05:43
okay cool so
0:05:45
um we
0:05:47
i don't really know where will we
0:05:51
in the heartbeat stuff
0:05:53
um
0:05:54
[Music]
0:06:00
so if story's saying that deploy it
0:06:04
deploy the changes
0:06:06
then that would mean that we've already
0:06:09
done the work but we just have to check
0:06:12
whether that works or not
0:06:15
but yeah
0:06:16
if we want to test it then everything
0:06:18
would come online
0:06:21
and
0:06:23
someone that i know
0:06:27
might play around again
0:06:30
um
0:06:31
yes i'm just thinking if we should do
0:06:34
that
0:06:35
what do you think finesse
0:06:37
i think um yeah we could actually might
0:06:40
already be online but um because uh tori
0:06:43
and i were testing it the other day but
0:06:46
um okay um
0:06:48
yeah we could we could just still test
0:06:50
it and then you know take it down after
0:06:52
maybe
0:06:57
uh yeah it
0:06:59
seems to be still online
0:07:03
uh
0:07:04
now i'm just gonna wait for something
0:07:06
really
0:07:07
funny to happen and
0:07:09
then
0:07:14
see who the genius is because i have an
0:07:18
app now installed in the browser to see
0:07:21
those con those kind of things
0:07:23
really
0:07:24
yeah what what does it do
0:07:27
huh what does it do the app
0:07:33
you'll see when i um i i
0:07:38
tell you
0:07:39
okay okay don't worry
0:07:44
sounds cool
0:07:47
yeah yeah
0:07:50
um
0:07:51
so
0:07:52
yeah
0:07:53
that was ej it was kind of a really cool
0:07:56
app how i how i got and got to know it
0:08:00
and then
0:08:02
i need that i need that in the stream
0:08:05
and see what's going on
0:08:11
so yeah
0:08:12
that'll be good um yeah so because it's
0:08:16
already there
0:08:20
i'm thinking how about if we test the
0:08:23
websocket
0:08:24
connection
0:08:26
anyway
0:08:29
yeah
0:08:31
so
0:08:32
i think at the moment the home page is
0:08:35
index.html but we need to convert that
0:08:37
to home.html
0:08:39
for s3
0:08:41
oh boy
0:08:43
so if you see if you
0:08:44
go into scrambler.dev
0:08:46
[Music]
0:08:48
it shows
0:08:49
index.html straight away
0:08:54
for yeah it goes to the board page right
0:08:56
the or enter enter name your board
0:08:59
no it goes to the index to his html
0:09:05
that's it let me check
0:09:07
yeah because i'll just type in scrambler
0:09:10
rowcoder.dev and it took me to index
0:09:14
oh okay want to play the music
0:09:18
i mean yeah that's an easy fix right
0:09:20
yeah yeah
0:09:23
so financially would be your turn pick
0:09:26
anything except
0:09:29
ah or anywhere near oh
0:09:32
yeah i know because we're here
0:09:34
many
0:09:35
yeah
0:09:36
um
0:09:39
three
0:09:40
two
0:09:41
one
0:09:42
go
0:09:43
okay hey
0:09:45
hey stick okay cool here we go
0:09:51
okay
0:09:52
i'm just hoping i don't
0:09:54
i don't fall asleep on this music now
0:09:58
all right um yeah so
0:10:02
i'll probably share share my screen
0:10:06
[Music]
0:10:16
please do something someone
0:10:18
i'm waiting the app is running
0:10:21
i honestly think this time it could be
0:10:23
it could even be tarry because we did it
0:10:26
the other day and
0:10:27
like oh all right i see i see he's
0:10:31
probably got it on the
0:10:33
back of his fingertips so ah
0:10:37
i say if something yeah that makes sense
0:10:39
though
0:10:40
could be tory too
0:10:43
sure
0:10:48
okay i'm just gonna
0:10:51
close some of the private things first
0:10:56
and then we can focus on
0:10:59
dancing
0:11:00
screen sharing
0:11:09
i'm just saying like it might be
0:11:16
uh
0:11:17
i missed the stream to be honest
0:11:23
oh he's on to your finish yeah
0:11:28
all right um
0:11:29
so i'll just do this and
0:11:32
let's come below and then i'll go to
0:11:36
hps
0:11:42
oh but actually the interesting thing is
0:11:44
and we also tried it um
0:11:47
uh
0:11:48
when we try to create the
0:11:50
board and
0:11:52
we use script um
0:11:56
uh we use like a script tag to create
0:11:58
the board and it actually
0:12:00
um i don't know what i don't know if
0:12:02
it's dynamodb or or javascript itself
0:12:05
it's kind of um
0:12:07
it just get rid of this script tag so
0:12:09
it's not a it doesn't actually create
0:12:11
the board
0:12:12
um which is pretty neat
0:12:13
it's like
0:12:14
i see measure that's already in place
0:12:17
okay
0:12:20
that's pretty good so we already um have
0:12:24
the built-in
0:12:25
validation for that
0:12:29
that's amazing
0:12:30
yeah
0:12:33
okay so i'm gonna do that
0:12:36
so in this one basically we're just
0:12:39
testing the websocket
0:12:42
as in how long does it take to get
0:12:44
disconnected
0:12:59
all right um so that's the properties
0:13:04
there's not that's not that one
0:13:06
permissions
0:13:08
bucket policy
0:13:10
where was that
0:13:13
um to set the index
0:13:16
index
0:13:18
scroll down on this one
0:13:21
am i sharing my screen
0:13:23
yes
0:13:25
let's scroll down to static uh site
0:13:28
hosting and then on here yeah
0:13:30
okay ah here we go
0:13:33
cool so
0:13:35
this would be
0:13:38
home
0:13:45
okay so now if we try and
0:13:49
physically should
0:13:51
give us
0:13:53
homepage here we go perfect
0:13:56
right cool so i'm gonna make a board say
0:14:01
actually first of all i'm gonna go and
0:14:04
delete all the boards
0:14:10
why did i
0:14:12
log out
0:14:22
and why am i going to s3 again
0:14:32
um
0:14:34
bored
0:14:35
that one
0:14:40
please tell me
0:14:42
it hasn't done well
0:14:45
how many pages are they
0:14:48
okay
0:14:51
just one which is good
0:14:53
so i can basically just delete all this
0:15:01
okay cool
0:15:03
so go ahead and place um
0:15:06
t1
0:15:09
one
0:15:10
two three four
0:15:16
okay cool so that is t1 which is great
0:15:21
i'll send you the
0:15:24
length of that
0:15:27
you know what was gonna happen
0:15:30
yeah no no
0:15:32
someone's gonna be a bad
0:15:34
boy
0:15:36
yeah
0:15:38
i'm waiting for it
0:15:50
okay so websocket is open
0:15:56
okay
0:15:57
sock is open which is
0:15:59
good so we just basically
0:16:02
um
0:16:03
wait until this gets
0:16:05
connected i'm gonna put my timer on as
0:16:08
well
0:16:10
[Music]
0:16:12
and in the mean
0:16:13
while we can keep on doing
0:16:15
other stuff
0:16:18
there there we go
0:16:20
there we go
0:16:25
i don't actually know if that's tori
0:16:27
okay dead now
0:16:30
i don't think his
0:16:33
story
0:16:37
i don't know man
0:16:39
[Music]
0:16:44
okay
0:16:46
you know what
0:16:52
let it happen it's fine
0:17:01
not redirected
0:17:04
all right i'm
0:17:06
taking this down
0:17:08
that's fine
0:17:11
they can have all the fault in one after
0:17:13
this
0:17:15
why did they direct this to this
0:17:17
because
0:17:19
they want to play
0:17:20
play with us and i know exactly who that
0:17:24
is but i'm not gonna
0:17:25
i'm not gonna name them
0:17:27
okay
0:17:28
yeah
0:17:31
okay
0:17:33
here we go guys be happy now
0:17:44
gekko says i thought you had a miracle
0:17:46
add-on to fix it zayn
0:17:49
i didn't say fix it i just said just to
0:17:53
check who that is
0:17:59
okay we need to do that um
0:18:06
just
0:18:07
uh if you take static hosting off uh
0:18:10
yeah that's what was what i was trying
0:18:13
to find but i wasn't able to
0:18:16
oh somebody
0:18:18
flipped the board
0:18:26
looked on my screen
0:18:31
um
0:18:33
okay so we can do this testing
0:18:38
off off to us we can just basically
0:18:41
focus on how to
0:18:43
uh fix the excess s attack
0:18:47
when i actually check what is this
0:18:50
exercise attack i didn't even
0:18:53
i never i don't even
0:18:55
know that's right scripting it's a
0:18:57
sulfate attack
0:19:00
our type of injection is uh in malicious
0:19:03
scripture injecting otherwise
0:19:07
until the troops and
0:19:08
[Music]
0:19:10
okay so
0:19:12
how would this be
0:19:14
and
0:19:15
and how you can fix it
0:19:18
there
0:19:18
is a
0:19:21
client-side coding injection attack
0:19:25
the attacker am strange human dishes
0:19:27
crystal in the web browser of the victim
0:19:30
by including malicious code uh okay cool
0:19:34
i see that is how it works
0:19:37
so you just probably
0:19:39
can abuse her
0:19:41
on a web page during qr between
0:19:44
javascript and using the security of
0:19:47
their vulnerabilities
0:19:49
and web application and it's
0:19:52
jesus has been compromised yep that i
0:19:55
agree
0:19:56
this is no use problem
0:19:58
like any other and exclusive
0:20:00
vulnerability it is affecting your users
0:20:03
it affects you
0:20:05
yep
0:20:06
what can the checkered i don't really
0:20:08
want to know what can they do because i
0:20:10
already know what they can do
0:20:13
how christmas and okay i don't really
0:20:16
want to know how it works
0:20:18
stealing cookies using uh
0:20:21
criminals often uses it to steal cookies
0:20:25
uh
0:20:26
script tags body tag javascript
0:20:30
how do we fix it
0:20:32
uh taurian said in the comments check
0:20:34
out
0:20:36
dom
0:20:37
purify
0:20:38
it the library will work with node
0:20:42
uh okay tom
0:20:45
your favorite
0:20:52
what does that do
0:20:56
said
0:20:57
donkey fight is the dom only supervised
0:21:00
will all turn
0:21:03
toward an access sanitizer for html
0:21:06
method and svg
0:21:08
so so it's also
0:21:10
very simple to use and to get started
0:21:12
with
0:21:14
okay so we can basically do this
0:21:20
how do we you should use it
0:21:22
uh it's easy
0:21:24
to just include dom
0:21:26
peripheral on your
0:21:28
website using the minifile and
0:21:32
using the minified testing production
0:21:35
server
0:21:36
version so it's not beautiful
0:21:41
okay cool we're choosing this one then
0:21:47
collective says little fixing bugs in
0:21:49
the underlying scrambler code base
0:21:52
instead of just turfing the project and
0:21:53
becoming taxi drivers
0:21:58
[Music]
0:22:05
um
0:22:08
yeah it seems like this is a good
0:22:09
solution actually
0:22:14
using the minified development version
0:22:16
no we don't want to use these
0:22:18
during the minivar testing production
0:22:21
version
0:22:22
yep probably we can use this one the
0:22:27
testing
0:22:29
tested product production version
0:22:32
source map available
0:22:34
but if this is that where do we download
0:22:37
it from
0:22:41
oh you're gonna do the ball don't marry
0:22:43
five yeah
0:22:44
don't purify
0:22:49
oh
0:22:50
well
0:22:51
and that
0:22:52
would be basically done in
0:22:54
client side
0:22:57
uh
0:23:00
isn't it
0:23:03
because it's everything is happening on
0:23:05
the
0:23:06
client side
0:23:09
but they're actually um
0:23:11
they're accessing the function through
0:23:13
the
0:23:13
to the console i think
0:23:16
they're
0:23:17
which is in dawn
0:23:20
oh yeah yes yes
0:23:22
yes wait
0:23:26
isn't it
0:23:33
because saying that is written in
0:23:36
javascript and works in all modern
0:23:39
browsers if it
0:23:41
says that you worked in all modern
0:23:45
servers
0:23:46
then it would be backend
0:23:49
oh yeah yeah yeah
0:23:51
yeah that makes sense
0:23:57
[Music]
0:24:05
hospital to tabs is done
0:24:08
here branch will be on
0:24:14
um
0:24:16
connect prep talking no no
0:24:19
sticking out no
0:24:22
connect
0:24:24
websocket
0:24:26
now done that work function no
0:24:30
that's all done
0:24:34
actually
0:24:38
[Music]
0:24:43
ah yes
0:24:58
um
0:25:02
it says attacks
0:25:22
okay here we go
0:25:30
basically all we do is npm it's
0:25:38
very mpm here
0:25:50
[Music]
0:25:55
remember saying though we
0:25:57
uh um
0:25:59
when we try to use the package uh
0:26:01
remember we were trying to do this for
0:26:03
bcrypt and we tried to use the package
0:26:05
in
0:26:06
in the file it wasn't
0:26:09
um
0:26:11
it wasn't working like it we couldn't
0:26:13
access it or something like
0:26:16
something along those lines
0:26:22
actually yes i'm remembering that
0:26:25
because it was
0:26:26
the mpm package
0:26:29
it wasn't
0:26:30
picking it up
0:26:32
yes yeah
0:26:34
we couldn't use it and still front end
0:26:37
so how do we overcome that again that's
0:26:40
very good we
0:26:41
we changed the entire
0:26:44
logic to be put in backhand
0:26:46
just for that
0:26:48
yeah yeah
0:26:50
oh yeah true
0:26:54
but this
0:26:55
shouldn't be the case because we can
0:26:57
include the script here
0:27:03
this the script file has to be here
0:27:05
somewhere for downloadable
0:27:08
oh okay
0:27:12
inside 34-bit style
0:27:18
oh
0:27:18
true yeah
0:27:20
from pm oh here we go we rely on npm
0:27:23
round square points grades go to them
0:27:25
yes
0:27:26
uh-huh
0:27:28
and team run length
0:27:30
developing and contribution no don't
0:27:32
need that
0:27:41
uh
0:27:42
can i configure
0:27:44
demos
0:27:46
[Music]
0:27:51
maybe
0:27:52
you can download the script from
0:27:55
from the github
0:27:59
is there a link to that
0:28:02
i'll save it in the chat but i should be
0:28:04
there
0:28:15
oh you sent in the chat
0:28:25
it's funny how it's a private chat and
0:28:28
we open it all while screen
0:28:42
sharing oh not again
0:28:46
ready guys
0:28:48
kind of fun
0:28:50
new thing is this you know me already
0:28:55
come
0:28:56
on
0:28:58
come on good time you can do better than
0:29:00
this
0:29:08
see
0:29:09
stop playing hard to get
0:29:13
all right so don't purify
0:29:16
scripts
0:29:20
what does it do
0:29:22
[Music]
0:29:25
okay just asking questions
0:29:27
it's in this
0:29:29
hang on a minute okay this purify
0:29:31
mind.js
0:29:33
says in this
0:29:36
purifying.js
0:29:38
we just need that
0:29:40
yep there we go
0:29:43
watch okay nevermind
0:29:46
that's it
0:29:51
oh
0:29:52
but yeah i guess it's minified so it's
0:29:55
like all in one line or something
0:30:00
so we basically just
0:30:02
make a new
0:30:04
file name as purified.json
0:30:09
copy and paste this
0:30:11
i guess so yeah yeah
0:30:13
let's try that and get them i'll
0:30:17
get back to you very shortly
0:30:22
uh
0:30:23
client
0:30:24
new file
0:30:27
fury file
0:30:30
main.js
0:30:33
boom
0:30:35
i just wrote an extension of mpm
0:30:41
um
0:30:43
okay time to get back to
0:30:46
jack duff i don't want to leave him
0:30:48
hanging
0:30:52
all right what does mr cactus say
0:30:59
finish goldberg
0:31:06
i think you wanted me to ask you because
0:31:08
you were like on the screen so you can't
0:31:10
see this
0:31:11
right
0:31:12
what
0:31:14
he wanted me to ask you the question
0:31:17
because you normally can't see the
0:31:20
the comments right because you are
0:31:22
here
0:31:23
yeah yeah
0:31:24
yeah
0:31:28
so
0:31:29
why do you ask yet def
0:31:37
saying we can't see a screen by the way
0:31:39
oh my bad
0:31:46
uh
0:31:46
[Music]
0:31:54
stop ah
0:31:55
i stopped
0:31:56
sharing why i stopped
0:32:02
and to be honest what does that even
0:32:04
mean platinum
0:32:08
i don't know
0:32:10
what is that
0:32:11
kind of thing
0:32:12
platinum
0:32:20
i don't know um
0:32:25
did you want to try that so the
0:32:30
the localhost
0:32:33
uh
0:32:34
yeah but so after you you created that
0:32:37
file do you wanna
0:32:41
then import it
0:32:43
or use that script tag and then
0:32:45
try to use the function
0:32:47
yes so let's do that one
0:32:57
so how do we import it again
0:33:01
i forgot if you go on the github uh
0:33:09
and go back to the main page
0:33:14
like if you go
0:33:17
yeah
0:33:18
i have one more
0:33:20
and then like you scroll down
0:33:30
there you go so we need to do this
0:33:34
copy
0:33:36
and
0:33:38
uh
0:33:40
where's our index
0:33:42
oh actually saying like
0:33:45
since the file is already here
0:33:48
we've always changed the path name okay
0:33:52
yes yeah
0:34:04
so there you go
0:34:07
so then that should basically do the
0:34:09
trick isn't it we don't really need this
0:34:12
because since these are working
0:34:15
without the type that should be fine
0:34:28
okay so
0:34:30
shall we try this now
0:34:32
oh
0:34:37
afterwards you can sanitize string by
0:34:40
executing the following code
0:34:44
oh so we need to sanitize the websocket
0:34:48
string
0:34:50
yes yeah listen yeah yeah
0:34:52
that would make sense
0:34:54
so
0:34:56
what's dirty here the results in html
0:35:04
[Music]
0:35:07
the results in a is still
0:35:10
can be
0:35:12
beer
0:35:14
pretending to dominion using html
0:35:17
to find the right that is totally up
0:35:20
that's really up to you
0:35:23
by html
0:35:26
uh
0:35:27
right
0:35:29
so basically what we do is we have got
0:35:32
the
0:35:33
html thing there
0:35:36
so we basically do this now
0:35:40
right
0:35:43
so that would go into
0:35:46
into
0:35:49
maintain to entire entity
0:36:10
that is not the one we need this one so
0:36:13
websockey url
0:36:15
so we be basically okay so that's
0:36:19
gonna happen on a load
0:36:21
isn't it
0:36:23
um
0:36:24
which is here
0:36:29
on load so as soon as
0:36:31
index.html plus
0:36:33
opens
0:36:34
this
0:36:36
basically this your front-end
0:36:41
does
0:36:43
loads
0:36:45
this one
0:36:46
this function
0:36:48
and then
0:36:50
it goes in that way
0:36:58
um
0:37:01
wait um
0:37:03
where what's his name tori
0:37:05
uh was
0:37:07
the function tori was using to execute
0:37:09
it is um dispatch websocket message
0:37:12
online 463
0:37:16
but yeah i'm not sure
0:37:20
i think maybe that's a good place to
0:37:21
start like um
0:37:23
gekko says that
0:37:25
four
0:37:26
four one
0:37:28
four sixty three
0:37:30
four
0:37:43
okay
0:37:46
so
0:37:47
if we when we're getting the dispatch
0:37:49
message
0:37:51
um
0:37:52
on the next line perhaps if we sanitize
0:37:54
it using the that function
0:37:57
and then
0:38:02
you know what i mean on like line four
0:38:04
seven one i think
0:38:09
if it's on if if it's equals board id if
0:38:13
it's undefined
0:38:15
then
0:38:18
from from there and then also sanitize
0:38:20
it
0:38:24
yeah
0:38:26
okay so
0:38:28
what are we
0:38:30
what is your end goal here
0:38:34
to sanitize the message
0:38:36
and then pass it to the websocket
0:38:40
um because this is like
0:38:42
yeah like i said um
0:38:46
yeah this is a function tori was using
0:38:48
the other day to execute it but just
0:38:50
what tori's saying in the chat now he's
0:38:52
saying that we should do it in the back
0:38:54
end and not the front end because
0:38:56
and i think that's a good point as well
0:38:58
like you know
0:38:59
his front end might take forever back in
0:39:02
if we sanitize the message then
0:39:05
um before it executes maybe that could
0:39:09
be easier
0:39:10
so we're still getting the
0:39:12
dirty html message in the front and then
0:39:14
cleaning it up in the back end
0:39:17
it's a good point um
0:39:23
yeah he says you want to sanitize it
0:39:25
when you're receiving the message
0:39:26
anyways not when you send it that's a
0:39:28
good point
0:39:33
yeah
0:39:34
i was thinking more along
0:39:37
when we received the
0:39:39
message by
0:39:41
isn't really
0:39:43
um
0:39:44
it's okay but we
0:39:46
need it more for
0:39:48
receiving you as in because
0:39:51
when someone does it we receive that
0:39:54
message
0:39:56
isn't it
0:39:59
sorry say that again
0:40:01
so we we probably need to
0:40:05
sanitize it when we receive the message
0:40:08
instead
0:40:10
because so
0:40:13
why would we
0:40:15
want to do it when receiving so say for
0:40:18
example you have a board and i know your
0:40:21
websocket
0:40:22
connection i've been the attacker
0:40:26
actually send it but you you're the one
0:40:29
who's gonna receive it
0:40:31
so if we do it on the receiving as in
0:40:34
set if you sanitize on your end which
0:40:39
would be receiving the message
0:40:42
that might make more sense
0:40:47
tori is saying that
0:40:49
the way we want to do it now might be
0:40:51
easy to get around
0:40:54
um
0:40:55
yeah if we were to
0:40:57
add this dom purify sanitize
0:41:01
um in the back end so the message is
0:41:04
being
0:41:04
you know what i'm saying right saying
0:41:06
like it would be center h like the html
0:41:09
that they're executing the script tags
0:41:13
um and then on the back end code before
0:41:17
we run before we execute on the back end
0:41:20
we clean it up first using the
0:41:22
purify
0:41:23
if you get whatever i think that's what
0:41:25
tori means and yeah
0:41:27
can you possibly
0:41:29
repeat that because i
0:41:31
wasn't able to understand
0:41:35
so you know how we'll be using this um
0:41:39
don't purify in the front and now which
0:41:42
cleans up the
0:41:43
the the script tags
0:41:46
um
0:41:47
basically instead of
0:41:50
instead of um
0:41:52
instead of running it on the front end
0:41:55
sorry it's really convincing i shouldn't
0:41:57
do that anyways instead of
0:42:00
running this at the front end
0:42:02
um
0:42:03
do it on the back end side instead right
0:42:06
so
0:42:07
you know how now
0:42:09
if we add this here it's gonna clean it
0:42:11
clean the html in
0:42:14
uh on the front end and then send it as
0:42:16
clean to the
0:42:18
back end
0:42:19
so
0:42:20
instead of that send it as dirty to the
0:42:22
back end and then clean it up in the
0:42:24
back end instead
0:42:29
[Music]
0:42:32
but that would mean that
0:42:34
we will still experience
0:42:37
these kind of attacks in the front end
0:42:41
if we are doing this
0:42:42
sanitizing only in the back end
0:42:48
but essentially like
0:42:49
so for this websocket thing right it
0:42:51
takes
0:42:52
it requires both the front-end and
0:42:54
back-end
0:42:55
parts to work right
0:42:58
so
0:42:58
if it's clean on the back end then it
0:43:00
won't it still won't uh
0:43:03
it still won't execute isn't that right
0:43:06
so
0:43:10
if i'm not
0:43:11
mistaken websockets are just for the
0:43:14
front end
0:43:16
is it
0:43:20
or am
0:43:22
no no no no no that doesn't make sense
0:43:25
because if it was then we wouldn't be
0:43:28
getting connection ids in the db
0:43:34
yeah
0:43:34
yeah exactly yeah
0:43:37
so
0:43:38
what you guys are suggesting of all
0:43:42
my screen just
0:43:44
went black
0:43:45
um
0:43:46
so what you guys are suggesting that
0:43:49
when we receive the messages
0:43:51
as in
0:43:52
when we receive the access attack
0:43:55
we don't sanitize it in the front end
0:43:57
but when we are saving in the db only
0:44:00
then we um
0:44:03
sanitize it but that's also in the back
0:44:06
end
0:44:10
wait am i right
0:44:12
or have i gone go on the completely
0:44:15
wrong end off
0:44:17
before you before you save anything into
0:44:19
the db
0:44:20
right so
0:44:22
um
0:44:25
um
0:44:28
okay so how how will we stop them coming
0:44:32
from the brow
0:44:33
coming in the browser the browser is in
0:44:36
the front end
0:44:39
as in on the client side
0:44:45
sorry
0:44:46
um
0:44:50
okay this is just too funny but um
0:44:54
let me let me think about it real quick
0:45:00
but
0:45:05
so
0:45:06
when that
0:45:08
when they're doing
0:45:09
the um
0:45:11
just as i
0:45:14
remind you
0:45:15
yes trying not to pay that much
0:45:17
attention on jacob's and comments
0:45:20
because he loves just to spice things up
0:45:24
which is fantastic
0:45:26
and it's
0:45:27
fun but at the same time we need to keep
0:45:30
our as in rhythm
0:45:33
going to draw
0:45:35
it's uh it's breaking my thoughts as
0:45:37
well
0:45:42
so
0:45:45
okay
0:45:46
um
0:45:57
so right now when they execute it
0:46:00
let's have a look
0:46:16
i'm executing this
0:46:17
[Music]
0:46:21
send
0:46:23
loves
0:46:26
it's really good having this as yourself
0:46:28
an entertaining
0:46:30
spiciest person
0:46:32
on the
0:46:33
on
0:46:34
the show is it
0:46:36
well because it adds up a bit of a taste
0:46:40
of often entertaining fun
0:46:43
that's true
0:46:50
[Music]
0:46:59
[Laughter]
0:47:02
is definitely
0:47:04
getting a taste
0:47:10
again don't pay too much attention okay
0:47:18
he's too good um
0:47:22
so that's end
0:47:24
so
0:47:25
um
0:47:26
[Music]
0:47:27
let me just have a look
0:47:46
um
0:47:48
[Music]
0:47:51
i'm
0:47:52
probably finished talk to me about your
0:47:54
thought process
0:47:56
rather than seeing the code as in what
0:48:01
what thought came into your mind about
0:48:04
the
0:48:05
the process on how we should do it in
0:48:08
the back end
0:48:10
as in what
0:48:12
what thought provoked that it should be
0:48:14
better um being
0:48:16
in the back end
0:48:18
in the dom it
0:48:21
um
0:48:24
because yeah what
0:48:26
what tori was saying and
0:48:28
yeah what tori was saying
0:48:30
in terms of um
0:48:32
you know it could be easier to
0:48:35
to manipulate in the front end so if
0:48:37
it's
0:48:38
you know if they in my perception
0:48:40
anyways right
0:48:42
um they could probably exploit the
0:48:45
you know whatever process we're using in
0:48:47
terms of the dom purifier in the front
0:48:48
end
0:48:49
um
0:48:51
you know how would they exploit
0:48:55
that
0:48:56
if we have
0:48:57
measurements in the client's
0:49:00
side
0:49:01
how would they bypass
0:49:04
or exploit that
0:49:06
um
0:49:07
i was thinking maybe if they knew
0:49:09
the
0:49:10
[Music]
0:49:11
of how you know don't purify is
0:49:13
implemented then they could you know
0:49:16
kind of it's kind of mim it makes it
0:49:19
harder of course is
0:49:20
but
0:49:22
you know they can get around that
0:49:23
is what i was thinking but if dom purify
0:49:26
was in the back and then it would be
0:49:27
harder to get around it
0:49:28
because they're basically executing the
0:49:31
the front end as
0:49:34
the script
0:49:36
oh yeah they're basically executing the
0:49:38
functions in still front end and
0:49:39
script.js right
0:49:42
to do this to do this hack or this
0:49:45
attack so so you're basically
0:49:48
uh
0:49:49
saying that if we place it in the client
0:49:52
side they would go in there
0:49:55
don't prefer
0:49:57
free posts see how they're working
0:50:00
figure it out
0:50:01
maybe it could take them days weeks
0:50:05
and then they will come back and
0:50:08
probably
0:50:12
pull a change in the original repo which
0:50:16
would make the dom prefire not work in a
0:50:20
client side
0:50:22
which we have implemented which means
0:50:25
that they would easily be able to bypass
0:50:27
it
0:50:31
that much
0:50:33
yeah that's a very long process but i
0:50:35
you know i assumed that
0:50:38
they could potentially be a
0:50:41
you know a
0:50:42
more
0:50:43
straightforward way
0:50:44
of them getting around that
0:50:47
not like you know that whole long
0:50:49
process
0:50:51
um
0:50:52
yeah i think i need to think about it a
0:50:54
little bit more to be honest but
0:50:57
yeah so
0:50:59
yeah what i was thinking is if it was in
0:51:02
the
0:51:03
back end right it would the messages
0:51:06
would still be sent as that's how they
0:51:08
are being inputted right like how
0:51:10
you know they're still gonna use the
0:51:12
dispatch websocket function and
0:51:15
um
0:51:16
you know enter it you know
0:51:19
that enter the
0:51:21
you know the html is raw okay
0:51:24
um and
0:51:26
how would they be able to enter the html
0:51:29
as a raw if we're already preventing
0:51:31
them in the client side
0:51:33
yeah so yeah i'm saying if we don't
0:51:35
implement it in the client side they
0:51:36
would essentially enter it as raw
0:51:40
yeah
0:51:41
and then
0:51:43
using the dong purifier
0:51:45
we would
0:51:47
clean up the message in everywhere that
0:51:50
they could possibly
0:51:52
everywhere that's a request is being
0:51:54
made right so
0:51:55
in that way maybe there would also be
0:51:58
less um
0:51:59
okay
0:52:01
right i see where you're coming from
0:52:04
basically you want to um implement it in
0:52:08
the back end because
0:52:11
if it was implemented in the client side
0:52:13
then they can all easily go and then
0:52:16
get up free
0:52:18
figure out a really quick way to bypass
0:52:20
it and just
0:52:23
start attacking
0:52:25
again
0:52:26
am i right
0:52:32
yeah yeah essentially if they could uh
0:52:35
if they know i guess how it's
0:52:36
implemented or
0:52:38
even um
0:52:40
yeah if they know how it's implemented
0:52:42
yeah
0:52:43
um
0:52:44
yeah that could be done but
0:52:48
saying that if we have it implemented in
0:52:52
the back end only
0:52:55
then that doesn't necessarily fulfill
0:52:58
the goal because
0:53:00
see the attacks are in the browser and
0:53:04
if someone does attacks in the browser
0:53:07
they would hear all
0:53:10
sorts of
0:53:11
noises as in
0:53:16
he's a doggy dog i'm a little teapot as
0:53:19
in those kind of set things but it's in
0:53:21
the browser itself
0:53:23
okay
0:53:27
to me according to my understanding it
0:53:30
doesn't really make sense if you
0:53:33
wanna implement it in the back end
0:53:35
because
0:53:36
the attack is being in a client side why
0:53:39
because the browser is on the client
0:53:41
side
0:53:42
even if we implement it in the back end
0:53:45
then
0:53:48
what's
0:53:50
how will we stop
0:53:52
the browser text
0:53:58
but the thing is
0:54:00
okay so okay maybe okay maybe i need to
0:54:03
get a better understanding of the
0:54:06
um
0:54:08
of how it's connected but
0:54:10
isn't
0:54:12
isn't it still that
0:54:13
the code is being executed you know
0:54:16
by
0:54:17
via the back end anyways because for the
0:54:20
web connection to work right web circuit
0:54:22
connections work
0:54:23
like it has to to go
0:54:25
um why the back end so
0:54:28
um in that sense that's
0:54:31
kind of what i'm saying right like i
0:54:32
understand what you're where you're
0:54:33
coming from
0:54:35
um
0:54:37
right
0:54:38
um if you can
0:54:40
so i've got a question
0:54:43
for you how is the
0:54:45
attack been being done at the moment
0:54:48
because you and
0:54:49
tory went through as in in the whole
0:54:53
investigation and i'm assuming
0:54:57
you and
0:54:58
sorry know how is it being done in the
0:55:00
in the in the in the browser
0:55:07
yeah but i can just show you briefly um
0:55:10
oh
0:55:11
no um i don't really wanna um
0:55:14
no i just wanna know as in from your
0:55:17
observation as in how do you think the
0:55:21
concept is
0:55:22
working as in from your understanding
0:55:26
okay
0:55:27
um so basically the
0:55:30
the function the websocket function in
0:55:33
the front end right
0:55:35
um
0:55:38
um
0:55:40
the attackers are using that websocket
0:55:42
function um um
0:55:45
from where can they see the websocket
0:55:47
string then
0:55:50
where can they see the websocket string
0:55:52
because obviously they can see the
0:55:54
websockets
0:55:57
websockets string and then they are
0:55:59
utilizing that
0:56:01
that to access
0:56:03
the connection
0:56:05
they can see that
0:56:06
the websocket function they can see it
0:56:09
through the front end yeah
0:56:12
through the front end where
0:56:16
oh what do you mean like through the
0:56:18
console um yes and where's the console
0:56:24
yeah the console is in the front end
0:56:27
right
0:56:28
yeah
0:56:31
um
0:56:32
and
0:56:33
ignore them ignore them
0:56:40
okay
0:56:41
so basically right
0:56:43
but because
0:56:44
they're inputting it the function in the
0:56:47
front end right
0:56:48
so they're using the function from the
0:56:50
front end i understand that
0:56:53
but still the message has to go from the
0:56:56
front end to the back end right so
0:56:58
that's
0:56:59
that's kind of
0:57:00
i guess my thought process was that only
0:57:03
when this set and the
0:57:06
the notes are being saved only then
0:57:12
but the web click web socket connection
0:57:14
isn't it still open to
0:57:17
it it is open for everybody right yes
0:57:19
and it still has to go via the back end
0:57:21
isn't that correct like
0:57:26
so
0:57:26
websocket connection according to me how
0:57:29
it
0:57:30
according to my understanding how it
0:57:32
works is
0:57:34
as
0:57:35
soon as a person visits the board
0:57:39
and one other connection is opened
0:57:44
okay that connection is in the
0:57:49
front end
0:57:50
but the connection details are saved
0:57:53
only in the back um in the
0:57:56
dynamodb which goes through the back end
0:58:00
so just the connection details
0:58:06
just the connection details okay
0:58:09
for example connection
0:58:12
id
0:58:15
and
0:58:16
the board
0:58:17
id as well
0:58:18
yeah
0:58:20
okay
0:58:23
um
0:58:26
[Music]
0:58:35
how about
0:58:36
if you
0:58:37
think about it we can probably have
0:58:39
another
0:58:40
champ basically or of
0:58:43
offline and um yeah we can take it from
0:58:46
there
0:58:47
yeah yeah okay i need to think about it
0:58:51
yeah and
0:58:52
i mean c is a complicated as in
0:58:55
architecture as in from
0:59:00
as in our experience as in because i'm
0:59:04
pretty sure it's
0:59:05
your first time
0:59:06
my first time and told his first time to
0:59:10
actually know the entire
0:59:12
app based on the architecture itself and
0:59:16
it it can be
0:59:18
complicated so it's always good to kind
0:59:21
of take
0:59:22
time
0:59:23
think about things and then
0:59:27
and then come back to it
0:59:29
yeah yeah okay so all right fantastic
0:59:33
all right wow the time just flew past 10
0:59:36
feet free already
0:59:39
damn
0:59:43
right
0:59:44
you want to do the honors yes sure
0:59:49
cool
0:59:51
thanks for
0:59:52
joining us everyone
0:59:54
on another episode of bill breaking fix
0:59:57
today we try to
0:59:59
fix the
1:00:01
exercise
1:00:03
vulnerability you know uh and on our
1:00:05
platform
1:00:07
um
1:00:08
and basically zayn and i had a
1:00:10
discussion about where would be the best
1:00:12
uh
1:00:14
would be the best side to
1:00:17
best
1:00:18
um
1:00:19
option of where we would implement it
1:00:21
either front and a back end
1:00:23
and yeah i think for me personally i
1:00:25
want to
1:00:26
have a bit more of a look at the
1:00:29
and understand a bit more about how the
1:00:31
connection's being made and then
1:00:33
um yeah better understand it
1:00:35
but yeah anyways good discussions and i
1:00:37
think so anyways um and if you'd like to
1:00:40
see how this plays out then join us
1:00:43
tomorrow
1:00:44
same time same place and
1:00:47
the same task
1:00:50
all right guys
1:00:51
thanks for joining and yeah we'll see
1:00:54
you
1:00:54
tomorrow bye for now
Other clips featured in this episode