1 00:00:00,260 --> 00:00:05,800 And Lou everybody when it comes to my advanced ethical hacking networking penetration texting cause 2 00:00:16,650 --> 00:00:25,320 in this video we are going to talk about a D A B enumeration before saying what it is we are going to 3 00:00:25,320 --> 00:00:33,720 give the attacker or the hacker is some some kind of light so that we see what he can do whether he 4 00:00:33,720 --> 00:00:36,560 gets only he could have information. 5 00:00:36,840 --> 00:00:37,510 Okay. 6 00:00:38,690 --> 00:00:39,950 So let's go to 7 00:00:46,000 --> 00:00:56,600 people who normally use it for an app so it's for encrypted I mean for plaintext it is tweet eight nine 8 00:00:56,750 --> 00:01:00,370 as a port number and then four encrypted. 9 00:01:00,440 --> 00:01:05,540 I mean it could text or say couriered it is six to eight six. 10 00:01:05,570 --> 00:01:08,530 So let's let's have a look. 11 00:01:08,840 --> 00:01:21,210 Let's go or we can type stoppage and died down and it was in so we can get a lot of information about 12 00:01:21,210 --> 00:01:21,860 it. 13 00:01:22,050 --> 00:01:22,650 So. 14 00:01:22,860 --> 00:01:23,400 OK. 15 00:01:23,500 --> 00:01:30,040 And happy news we can just read a Lightweight Directory Access Protocol. 16 00:01:30,240 --> 00:01:37,380 It's a software protocol for enabling anyone to locate data about organizations individuals and other 17 00:01:37,380 --> 00:01:44,870 resources such as fire in these files and devices in a network where on the public Internet or break 18 00:01:44,880 --> 00:01:46,230 a portion of the Internet. 19 00:01:46,740 --> 00:01:47,850 So what. 20 00:01:48,040 --> 00:01:48,490 OK. 21 00:01:48,660 --> 00:01:51,420 What an attacker can do. 22 00:01:51,420 --> 00:01:52,800 So this is a question. 23 00:01:52,800 --> 00:01:55,240 So this is what task guys don't. 24 00:01:55,310 --> 00:01:56,120 In this video. 25 00:01:56,140 --> 00:02:02,420 Be good at showing you how how the attacker can proceed even if we give to him. 26 00:02:02,580 --> 00:02:10,980 Even so we would give to him some white in some some some access so that he can perform his task. 27 00:02:12,030 --> 00:02:19,980 So uses of does the common use of an attempt is to provide a central place for authentication meaning 28 00:02:20,010 --> 00:02:22,240 it's tor usernames and passwords. 29 00:02:22,770 --> 00:02:30,090 And it can then be used in a different application or service to validate users with a proxy. 30 00:02:30,190 --> 00:02:30,700 Okay. 31 00:02:30,810 --> 00:02:31,740 So let's go through. 32 00:02:31,860 --> 00:02:36,720 So here guys you can read about what is or what is what is it. 33 00:02:36,720 --> 00:02:38,760 Some examples of it. 34 00:02:39,210 --> 00:02:40,720 Yeah some stuff like that. 35 00:02:40,890 --> 00:02:41,640 OK. 36 00:02:41,700 --> 00:02:45,540 So we can move it into a little bit 37 00:02:48,370 --> 00:02:50,430 here for funny scenario. 38 00:02:50,550 --> 00:02:53,480 We are going to use to your grading system. 39 00:02:53,820 --> 00:03:00,890 Kennedy Alex machine all windows tens and then Windows server trainee thousand twelve 40 00:03:03,550 --> 00:03:07,780 so indecisive between twenty thousand twelve. 41 00:03:08,000 --> 00:03:11,890 We hope we are going to make sure that there is warning there. 42 00:03:11,890 --> 00:03:18,280 And then we will after then use Windows 10 just to make a communication between it so that we can see 43 00:03:18,510 --> 00:03:26,650 how an attacker can grab the information that it gets and we will see how add it up can be used to find 44 00:03:26,700 --> 00:03:29,830 attackers so that he got the information that he needs 45 00:03:35,030 --> 00:03:43,190 sort of first thing David the first thing we are going to do here guys is by checking the I.P. address. 46 00:03:43,610 --> 00:03:44,600 So OK 47 00:03:47,700 --> 00:03:51,860 OK now we are trying to fine tune 48 00:03:54,740 --> 00:04:06,110 can we we set it again try trying to this enemy and then after. 49 00:04:06,260 --> 00:04:18,130 So we are going to my energy and my it from let's make this machine as it domain services have to as 50 00:04:18,140 --> 00:04:24,470 this feature of course and then lightweight told Tony in DNS server 51 00:04:27,950 --> 00:04:37,670 we we we are adding some simple protest days and the next next that is now we can install it now. 52 00:04:38,390 --> 00:04:42,470 So now we are installing them on the windows server machine 53 00:04:45,560 --> 00:04:47,830 so we start in India next. 54 00:04:48,380 --> 00:04:50,820 So this machine of course we will wait. 55 00:04:51,170 --> 00:04:55,030 So let's let's let's let's wait for it a little bit. 56 00:04:55,360 --> 00:04:55,900 Okay. 57 00:05:10,880 --> 00:05:18,830 Meanwhile we can move to Windows 10 machine because way why we installed the software on the windows 58 00:05:19,190 --> 00:05:20,150 server machine. 59 00:05:20,150 --> 00:05:26,480 Now we are going to this machine just to see to some cocktails think OK 60 00:05:34,440 --> 00:05:37,470 here we will use two software. 61 00:05:37,680 --> 00:05:41,070 So the first one is where shock. 62 00:05:41,100 --> 00:05:42,400 It is scanning. 63 00:05:42,690 --> 00:05:49,290 And then when we use Git exploit you can go on keyboard if you want to google it or on that page if 64 00:05:49,290 --> 00:05:50,140 you correct me. 65 00:05:50,170 --> 00:05:57,660 So just go and start page and type while shot to download it and type genomics Explorer was all week 66 00:05:57,740 --> 00:05:58,140 here. 67 00:05:58,380 --> 00:05:59,360 We heard him here. 68 00:05:59,430 --> 00:06:00,900 So he just went and passed it. 69 00:06:01,290 --> 00:06:01,720 OK. 70 00:06:03,850 --> 00:06:04,860 So let's go. 71 00:06:05,470 --> 00:06:06,140 OK. 72 00:06:07,680 --> 00:06:10,290 And then we heard is from 73 00:06:18,690 --> 00:06:23,610 so we copied and pasted here posted here 74 00:06:27,670 --> 00:06:28,720 Why. 75 00:06:29,460 --> 00:06:30,710 Really cool. 76 00:06:30,740 --> 00:06:31,660 Very good. 77 00:06:36,390 --> 00:06:40,990 Oh kids too working these unions turning software. 78 00:06:40,990 --> 00:06:46,070 It might take a little bit long guys but we were just gonna wait. 79 00:06:52,610 --> 00:06:59,960 So we would take my name Okay so we add in New Forest game. 80 00:07:01,830 --> 00:07:05,720 So if this is the domain name I mean. 81 00:07:06,750 --> 00:07:10,320 So you're gonna take some time to finish. 82 00:07:11,040 --> 00:07:11,370 Yeah. 83 00:07:13,290 --> 00:07:14,030 Well I mean. 84 00:07:14,290 --> 00:07:17,700 We'll have to wait till we start but okay let's see. 85 00:07:17,710 --> 00:07:18,150 So 86 00:07:29,190 --> 00:07:32,120 now let's switch to going to a separate machine. 87 00:07:32,790 --> 00:07:33,360 Okay. 88 00:07:37,810 --> 00:07:45,300 I mean let's make a lady let's make some configurations in Windows server machine. 89 00:07:45,460 --> 00:07:46,580 So yeah 90 00:07:54,980 --> 00:07:56,170 so okay. 91 00:07:56,360 --> 00:08:00,520 So you do know the password. 92 00:08:04,050 --> 00:08:08,920 Like someone we have to attempt to confirm the password and so on. 93 00:08:09,250 --> 00:08:12,030 So we go into just we can innovate. 94 00:08:12,250 --> 00:08:12,640 K 95 00:08:21,950 --> 00:08:23,170 so child my soul. 96 00:08:23,220 --> 00:08:23,770 Okay. 97 00:08:28,920 --> 00:08:35,110 Kids use the word. 98 00:08:41,610 --> 00:08:41,990 Okay. 99 00:08:42,040 --> 00:08:44,270 I'm gonna meet snags next. 100 00:08:53,380 --> 00:08:56,850 Checking Newport gives its 101 00:09:02,930 --> 00:09:08,640 economic data weekdays for verifying it gives it forty two main control population 102 00:09:20,660 --> 00:09:21,720 let's install 103 00:09:25,270 --> 00:09:27,530 we didn't do an abortion OK. 104 00:09:29,790 --> 00:09:30,650 So do it 105 00:09:37,970 --> 00:09:43,470 meanwhile we can go to to understand Mushin and then try one of shock. 106 00:09:48,530 --> 00:09:49,780 Skip next. 107 00:09:50,350 --> 00:09:51,260 That's the way to shock. 108 00:09:51,390 --> 00:09:57,810 If you had it already in your system so you just have to go into your search and away with in windows 109 00:09:57,810 --> 00:10:02,030 and then type wider shot so that you get it from your system. 110 00:10:02,980 --> 00:10:17,440 If you did inherited started on your system you'd. 111 00:10:22,430 --> 00:10:27,710 The general vision might have been its one does 112 00:10:36,050 --> 00:10:38,260 came after being installed. 113 00:10:38,570 --> 00:10:40,430 Let's switch off to kind of Linux machine. 114 00:10:40,480 --> 00:10:46,300 What it does is make sure that they have Java installed on your system. 115 00:10:46,340 --> 00:10:53,480 If you're placed on programming so you have to install Java first or your system does it contain Java 116 00:10:53,550 --> 00:11:01,570 and that's why probably you could find some or some mistakes in you know installation process including. 117 00:11:01,590 --> 00:11:05,990 Now we can type into terminal and Bob. 118 00:11:06,990 --> 00:11:13,150 So a mark is thing. 119 00:11:13,940 --> 00:11:19,510 And of course my nose all for the operating system and your target IP address. 120 00:11:19,520 --> 00:11:22,870 I mean your victim IP address. 121 00:11:23,400 --> 00:11:24,490 And then search for it. 122 00:11:24,610 --> 00:11:25,230 Yeah. 123 00:11:25,360 --> 00:11:26,780 So it's past. 124 00:11:27,430 --> 00:11:29,070 Let's begin with Inter 125 00:11:36,950 --> 00:11:46,890 yes make it first amendment. 126 00:11:47,410 --> 00:12:00,330 Okay now if we was please or we will see the penalty AP is now on board tween 8 9 DCP. 127 00:12:00,370 --> 00:12:01,850 So that was the task. 128 00:12:01,930 --> 00:12:04,660 So we have done here on Kelly Linux 129 00:12:14,580 --> 00:12:17,800 OK now let's go back to Windows 7. 130 00:12:18,450 --> 00:12:21,960 So here we can go to Windows server manager. 131 00:12:22,020 --> 00:12:27,350 And then we go to Tools and then we find so use and computer. 132 00:12:28,060 --> 00:12:28,290 I 133 00:12:32,240 --> 00:12:35,060 here as we have attempted so before. 134 00:12:35,270 --> 00:12:42,040 So we will create some user account from the domain that we have created three minutes ago. 135 00:12:42,170 --> 00:12:47,260 So we will make it simple SDK and to set up a password for it. 136 00:12:48,270 --> 00:12:49,570 And then we can check. 137 00:12:49,630 --> 00:12:56,270 This is got to think user so that user will not be able to change the password. 138 00:12:57,250 --> 00:13:02,490 So yeah so we can try to create an one. 139 00:13:03,120 --> 00:13:07,550 Just make it simple guns OK it can password. 140 00:13:07,550 --> 00:13:09,010 We are being 141 00:13:14,670 --> 00:13:20,580 too if we want we can do and use it some more some white access. 142 00:13:21,000 --> 00:13:24,140 I mean some privileges like being and have it be stored or something like 143 00:13:30,710 --> 00:13:33,210 can now. 144 00:13:33,570 --> 00:13:36,080 It is like an administrator now. 145 00:13:36,540 --> 00:13:44,110 OK so now let's close it please notice that when a computer is warning if you have a windows server 146 00:13:44,130 --> 00:13:48,320 computer or any swinging D A B ended up. 147 00:13:48,480 --> 00:13:50,640 So guys it's not so secure. 148 00:13:50,670 --> 00:14:01,140 It's not so secure because anyway a shock user can explode or can trace all the information or the communication 149 00:14:01,320 --> 00:14:10,410 on your network it can traced all the time freak all the communication which is going on your network 150 00:14:13,420 --> 00:14:22,950 so as an attacker by using wires sharp we can cross someone's computer when when that computer is used 151 00:14:23,350 --> 00:14:24,070 up on it. 152 00:14:24,490 --> 00:14:30,440 So we can easily read all the information traffic messages. 153 00:14:30,490 --> 00:14:31,580 It's unbelievable. 154 00:14:31,580 --> 00:14:32,890 So we would check it 155 00:14:35,870 --> 00:14:36,350 ugly. 156 00:14:36,620 --> 00:14:38,830 So now let's open workshop. 157 00:14:39,200 --> 00:14:47,420 So by opening where shall we go to interface these we can really go to interface studies and then so 158 00:14:47,430 --> 00:14:50,650 that we can capture some interfaces. 159 00:14:50,680 --> 00:14:57,110 So I mean if you want to capture some interfaces guys it's it's really it's really possible. 160 00:14:57,160 --> 00:15:03,910 Here you can just click here and then find some cocktail stick which one do you want. 161 00:15:04,990 --> 00:15:08,380 So and then started 162 00:15:11,440 --> 00:15:13,210 home your shot is money. 163 00:15:14,260 --> 00:15:15,420 I mean background in 164 00:15:18,160 --> 00:15:23,740 all I know I'm going gonna start in genomics explore on the windows server matching. 165 00:15:23,830 --> 00:15:35,420 So now what we have to follow so we'll keep on this more icon so we clique so and then a window in bubble. 166 00:15:35,500 --> 00:15:43,410 So as we see the Pentagon is editing AP In version tweet and then deport as we said earlier it is 3 167 00:15:43,520 --> 00:15:44,900 8 9. 168 00:15:45,190 --> 00:15:55,370 So in the last case you're going to put the server ip address of course this this machine. 169 00:15:55,630 --> 00:15:58,620 And then so you're going to feel it according to your needs. 170 00:15:58,910 --> 00:16:05,500 So OK let's call so put it beside not related. 171 00:16:05,590 --> 00:16:06,110 OK. 172 00:16:06,280 --> 00:16:12,530 And here we put it has the IP address of this machine on which we are warning. 173 00:16:12,540 --> 00:16:13,890 And she expert. 174 00:16:14,400 --> 00:16:19,370 So we leave default as a default and then put it as default. 175 00:16:19,380 --> 00:16:21,060 So no problem. 176 00:16:21,060 --> 00:16:29,780 And so as we would to automate away configuring this so we it's ABC dot com. 177 00:16:29,880 --> 00:16:31,400 And then here we were. 178 00:16:31,410 --> 00:16:42,400 Here we type a DP equal ABC comma D.C. equal com so we can we think that OK 179 00:16:45,510 --> 00:16:45,720 and 180 00:16:49,390 --> 00:16:52,190 you know we want to put in a password. 181 00:16:52,280 --> 00:16:54,650 So and then the user I.D.. 182 00:16:54,740 --> 00:17:03,260 So we put it exactly the same so so that we put it in a bit much more security and then the security 183 00:17:03,260 --> 00:17:06,390 system lever is user release password. 184 00:17:06,590 --> 00:17:08,340 So and. 185 00:17:08,480 --> 00:17:08,890 Yeah. 186 00:17:08,990 --> 00:17:17,820 So that's why we put K and then the password we can type let's say anything. 187 00:17:17,850 --> 00:17:18,260 Anything 188 00:17:23,100 --> 00:17:23,700 and then you could. 189 00:17:24,000 --> 00:17:24,580 Okay. 190 00:17:26,010 --> 00:17:27,480 It is a lonely clinic now. 191 00:17:27,550 --> 00:17:35,670 Now you will see so again now a lot of information on that computer. 192 00:17:35,730 --> 00:17:43,480 See they use it to record everything everything I'm telling you that if anything but a lot of what I 193 00:17:43,480 --> 00:17:44,160 wrote a lot. 194 00:17:44,190 --> 00:17:45,500 A lot of thing. 195 00:17:45,660 --> 00:17:46,690 So yeah 196 00:17:52,110 --> 00:18:00,540 okay now let's switch off let's switch to all to all wire shock okay here in D.C. now know what a shock 197 00:18:00,630 --> 00:18:11,550 was to working and then we can try to see we can try to see a lot of information what it grabs it so 198 00:18:11,550 --> 00:18:12,900 we can stop it 199 00:18:15,740 --> 00:18:25,400 to a load of buckets really to TCB to end up so let's this trade let's go let's so we can try to do 200 00:18:25,400 --> 00:18:39,380 it a little bit tween age nine is the number four so we will see and the new there yeah we see now so 201 00:18:39,380 --> 00:18:51,110 we can do something more and then go on if you in package right it would show you all the buckets which 202 00:18:51,110 --> 00:18:52,110 has meant chance for 203 00:18:54,990 --> 00:18:59,950 which has used in him like you see simple 204 00:19:06,270 --> 00:19:15,920 now let's go right click on it go to week and then go to photo decent music ok here click on it and 205 00:19:15,920 --> 00:19:25,340 then now it has a lot of grabbing these information that's a lot to check the person it was a beast. 206 00:19:25,340 --> 00:19:26,220 Why don't tweet. 207 00:19:26,340 --> 00:19:27,150 That's crazy. 208 00:19:27,150 --> 00:19:28,500 Very easy. 209 00:19:28,500 --> 00:19:29,420 You know what. 210 00:19:29,460 --> 00:19:36,010 As I said before it was it is on the same windows server mashing guides. 211 00:19:36,110 --> 00:19:38,900 Yeah. 212 00:19:39,550 --> 00:19:40,250 OK. 213 00:19:41,240 --> 00:19:46,810 So we can just people's information and so that we get what we want. 214 00:19:48,950 --> 00:19:53,190 And we quickly which was what happened between the server and client. 215 00:19:53,220 --> 00:19:56,660 So they grab it here you know. 216 00:19:56,700 --> 00:19:58,470 Have we ever ever. 217 00:19:58,850 --> 00:20:02,730 We think so it is the way of the cup to me. 218 00:20:03,050 --> 00:20:09,790 So you know this is how what a shock can choose the communication between a server and declined. 219 00:20:10,280 --> 00:20:21,060 So you know if you if a computer or several not secure enough hackers can use it and exploded and try 220 00:20:21,060 --> 00:20:27,720 to get the communication between your client machine and then the server as well. 221 00:20:29,610 --> 00:20:35,690 And then attacker will know your domain name your possibly quit insurers all these sensible information. 222 00:20:36,180 --> 00:20:36,980 So yeah 223 00:20:40,370 --> 00:20:50,850 ok in this video we try to show you how ADAP is working and how easily hackers can use that vulnerability 224 00:20:50,850 --> 00:20:52,620 just to exploit you. 225 00:20:53,040 --> 00:20:53,710 Okay guys. 226 00:20:53,710 --> 00:21:00,560 So that said for this video we hope we showed you how exactly and that is working and then how reconfiguration 227 00:21:00,900 --> 00:21:09,900 process was set up how hackers can use it can explode is full no in such a way that they get to call 228 00:21:09,900 --> 00:21:13,010 location between the client and the server. 229 00:21:13,020 --> 00:21:16,910 So we we we so happy to have you in deselect you. 230 00:21:16,920 --> 00:21:22,410 And then we hope that this video was so informative for you. 231 00:21:22,410 --> 00:21:23,530 Thank you so much. 232 00:21:23,550 --> 00:21:25,920 And me best thank you.