1
00:00:01,060 --> 00:00:08,070
So we can see from the result it was able to find a number of files some of them we already know of

2
00:00:08,080 --> 00:00:10,780
now the fav icons just an icon Foodtown have there.

3
00:00:10,780 --> 00:00:15,390
These are probably on the style files index is the index that we see usually.

4
00:00:15,390 --> 00:00:21,090
So it's our right log in we can see that we discovered a page that allows people to log in.

5
00:00:21,160 --> 00:00:24,250
Now in many scenarios I was able to find username and password.

6
00:00:24,250 --> 00:00:30,490
Our target exploiting a really complex exploit and then ended up not being able to log in because I

7
00:00:30,490 --> 00:00:32,200
couldn't find where to log in.

8
00:00:32,200 --> 00:00:34,400
So tools like this could be very useful.

9
00:00:34,690 --> 00:00:40,400
And here we can see that we have a log in page that we can use to log in page in our phone number is

10
00:00:40,820 --> 00:00:42,420
very useful.

11
00:00:42,470 --> 00:00:48,230
You can see the ph we have on file now this file is usually very very useful because it displays a lot

12
00:00:48,230 --> 00:00:54,060
of information about the BHP interpreter running on the web server.

13
00:00:55,940 --> 00:01:01,280
And as you can see this file contains a lot of information a lot of them are useful now you can see

14
00:01:01,280 --> 00:01:07,880
you get to know some of the directories you know that it's running ph 3:5 the configuration is stored

15
00:01:07,880 --> 00:01:16,290
in this file and any files is usually the config files for BHB so you can see all the places where they're

16
00:01:16,290 --> 00:01:16,970
stored.

17
00:01:18,380 --> 00:01:22,860
And going down you'll see all the permissions they installed.

18
00:01:22,980 --> 00:01:31,260
You can see here it's it has my askew I also use in my squirrel and agency Doura directories where different

19
00:01:31,260 --> 00:01:34,780
types of configurations are stored.

20
00:01:34,800 --> 00:01:39,240
You can also see all the modules and extensions are being used with PAGG.

21
00:01:39,270 --> 00:01:41,880
So this file is usually very very useful.

22
00:01:45,660 --> 00:01:51,120
You can see we've managed to find where the PH my admin log in is and that's basically the logging that's

23
00:01:51,120 --> 00:01:53,600
used to log into the database.

24
00:01:56,190 --> 00:01:59,350
Another very useful file is the robots that the XTi.

25
00:01:59,550 --> 00:02:05,760
And that is the file that tells search engines such as Google how to deal with the website so it usually

26
00:02:05,760 --> 00:02:11,710
contains files that we don't want the web site or Google to see or read.

27
00:02:11,790 --> 00:02:18,960
So if we can read that file then we'll be able to see what what the web admin is trying to hide.

28
00:02:21,000 --> 00:02:28,600
So go in and hear we can see that Dubai admin doesn't want Google to see a directory called password

29
00:02:29,820 --> 00:02:30,330
OK.

30
00:02:30,520 --> 00:02:34,160
And it also doesn't want to see a file called config Inc.

31
00:02:35,570 --> 00:02:38,400
And it also doesn't want it to see these other files.

32
00:02:38,420 --> 00:02:40,670
So let's have a look on the passwords and the conflict.

33
00:02:40,700 --> 00:02:42,500
And as examples.

34
00:02:42,500 --> 00:02:52,870
So I'm just going to open a new tab and we're going to put our address like so so is the current directory

35
00:02:52,870 --> 00:02:59,160
and then would just put passwords after and that we can see that there's a file called accounts to the

36
00:02:59,190 --> 00:03:06,900
XTi I'm going here we can see that we've got some user names and passwords so we can see there is admin

37
00:03:06,900 --> 00:03:13,830
admin POS we can see that we have a password as Adrianna's a password.

38
00:03:13,920 --> 00:03:16,440
So we managed to find usernames and passwords.

39
00:03:16,440 --> 00:03:20,910
Now we're still not sure what these usernames and passwords for but we're sure that we were able to

40
00:03:20,910 --> 00:03:22,510
find very useful stuff.

41
00:03:23,460 --> 00:03:27,580
Another useful file is the config got ink.

42
00:03:27,710 --> 00:03:35,900
So let's see what's in that and from here we can see that we have information that allows us to connect

43
00:03:35,900 --> 00:03:42,260
to the database because these are saying D-B Helo's the user they will pass a name so we can see that

44
00:03:42,260 --> 00:03:45,320
the user name is root and the password is blank.

45
00:03:45,620 --> 00:03:51,260
So we can go ahead and try to connect to the database based on these commands and then we should be

46
00:03:51,260 --> 00:03:53,680
able to get access to that database.

47
00:03:55,100 --> 00:04:00,680
Also using these passwords we're still not sure what we can use them for but we can add them to our

48
00:04:00,680 --> 00:04:01,580
list.

49
00:04:01,670 --> 00:04:07,760
Try to log into the admin or just store them in a list so that we can use it if we're going to do any

50
00:04:07,760 --> 00:04:09,300
brute force attack.

51
00:04:09,710 --> 00:04:16,580
So then again this is another video that just shows how important and powerful information gathering

52
00:04:16,580 --> 00:04:17,270
can be.