1 00:00:00,280 --> 00:00:05,790 And Lou everybody when it comes to my advanced ethical hacking networking penetration texting cause 2 00:00:16,870 --> 00:00:24,230 okay this lab will be consisted of the enumeration and exploitation of the Poor Bob. 3 00:00:24,880 --> 00:00:32,870 So if you don't have it yet downloaded so you can follow or link as we give earlier and then you download 4 00:00:32,890 --> 00:00:36,280 it so it can for the sake of this video. 5 00:00:36,310 --> 00:00:43,680 So we're going to try to it for you and for women's OK. 6 00:00:43,690 --> 00:00:49,200 Here we go and look for it porn. 7 00:00:49,290 --> 00:00:52,930 OK this one and you copy this thing. 8 00:00:54,700 --> 00:01:00,090 Quanta are single common see in good. 9 00:01:00,200 --> 00:01:01,640 You center 10 00:01:10,600 --> 00:01:17,410 would include clones OK. 11 00:01:17,420 --> 00:01:18,120 And then he. 12 00:01:18,190 --> 00:01:19,590 You to downloading. 13 00:01:19,940 --> 00:01:20,420 All right. 14 00:01:20,930 --> 00:01:30,350 So now what you have to do you have to import he or install late in into your virtual box machine. 15 00:01:31,170 --> 00:01:31,590 Okay. 16 00:01:31,610 --> 00:01:32,570 So you're gonna go there. 17 00:01:34,030 --> 00:01:34,580 Okay. 18 00:01:34,750 --> 00:01:42,700 So as with every dollar to go on loaded on all the computer so we can go to this and then we check it. 19 00:01:42,700 --> 00:01:43,970 We double click it. 20 00:01:43,990 --> 00:01:44,520 All right. 21 00:01:44,980 --> 00:01:47,760 So after that what do I do. 22 00:01:48,180 --> 00:01:54,470 We are going to import it and to make some few changes into all each one box matching. 23 00:01:54,670 --> 00:01:58,750 So you can call it the way you want. 24 00:01:58,860 --> 00:02:06,150 You can see details and then a general and then you can take me. 25 00:02:06,400 --> 00:02:11,470 If you want you can make it by George and on slender bottom hostel guest and guest goes it depends on 26 00:02:11,470 --> 00:02:11,800 you. 27 00:02:12,250 --> 00:02:19,450 And then the most important thing is that you have to go to your network and then you say exactly as 28 00:02:19,450 --> 00:02:22,090 your colleague nukes matching is set up. 29 00:02:22,540 --> 00:02:25,150 So when you say it like different then you can move on. 30 00:02:25,200 --> 00:02:25,820 Okay. 31 00:02:25,840 --> 00:02:29,350 And then you can log to a couple of weeks watching. 32 00:02:29,350 --> 00:02:32,180 So now let's start color matching. 33 00:02:32,180 --> 00:02:35,360 Now let's put it to look we can study it here. 34 00:02:36,220 --> 00:02:42,590 It studied you the Netherlands or Cali and then we start Kali as well. 35 00:02:44,100 --> 00:02:46,640 Start awkwardly much in start. 36 00:02:46,650 --> 00:02:47,870 So we studied both of them. 37 00:02:47,920 --> 00:02:54,520 Now so it's already running so you can put it here. 38 00:02:55,860 --> 00:03:04,120 Well since before that into the on game. 39 00:03:04,530 --> 00:03:14,960 So you're giving us the security the key so we can put it beside and then note it's been cut even as 40 00:03:14,960 --> 00:03:15,370 much. 41 00:03:16,480 --> 00:03:17,650 So yeah 42 00:03:20,790 --> 00:03:29,710 on the one OK so as for what we have to do is to try to detect on which IP address the vulnerable machine 43 00:03:29,890 --> 00:03:30,700 is running. 44 00:03:31,240 --> 00:03:35,050 So now we open it tell me no. 45 00:03:35,390 --> 00:03:37,250 And then we type B 46 00:03:40,300 --> 00:03:45,980 score into various needs with 90 percent of mine. 47 00:03:46,030 --> 00:03:46,990 Hey here guys. 48 00:03:47,010 --> 00:03:51,870 So before showing you these I can show you how you get my point. 49 00:03:52,130 --> 00:03:52,970 And. 50 00:03:53,480 --> 00:03:55,910 So it is do so. 51 00:03:56,050 --> 00:03:56,350 Okay. 52 00:03:56,380 --> 00:03:56,960 That's it. 53 00:03:57,530 --> 00:03:57,960 Okay. 54 00:03:57,970 --> 00:04:02,770 Now we're going to begin in the school. 55 00:04:03,050 --> 00:04:04,090 Never mind. 56 00:04:04,300 --> 00:04:05,690 And then. 57 00:04:06,590 --> 00:04:11,110 And then it was ever so that we get each IP address. 58 00:04:11,160 --> 00:04:14,110 That's what a little bit. 59 00:04:14,410 --> 00:04:17,950 Because I want me on my network. 60 00:04:18,320 --> 00:04:22,470 So where it is where it is located is where it is. 61 00:04:22,470 --> 00:04:22,970 OK. 62 00:04:22,980 --> 00:04:24,110 This one. 63 00:04:24,200 --> 00:04:26,610 It is an IP. 64 00:04:26,950 --> 00:04:28,620 Okay guys it depends. 65 00:04:28,620 --> 00:04:31,170 So now we are on Wi-Fi as you might see. 66 00:04:31,200 --> 00:04:37,560 So my Wi-Fi you is going to automatically when I move my computer for example to the school or to my 67 00:04:37,560 --> 00:04:44,840 academy or wherever and then I get connected to or to Internet. 68 00:04:44,860 --> 00:04:55,650 So I cable automatically if I don't save it for example when I put you back in here. 69 00:04:56,810 --> 00:05:01,700 So does that machine automatically my IP address will be changed. 70 00:05:01,840 --> 00:05:03,980 So guys you have to be aware of this. 71 00:05:04,300 --> 00:05:13,180 If you stored your your lover always it if you don't want to make some few changes but if you do it 72 00:05:13,540 --> 00:05:16,510 if you remember it's not a problem. 73 00:05:16,590 --> 00:05:18,030 So your IP is going to be changing. 74 00:05:18,040 --> 00:05:24,420 But as always when you go to a website in type that look for us that look all right because in point 75 00:05:24,470 --> 00:05:28,140 this one is this. 76 00:05:28,170 --> 00:05:36,710 So if you are someone is equipped to network because this IP address we will not be the IP address of 77 00:05:36,710 --> 00:05:37,930 important pointed matching. 78 00:05:37,980 --> 00:05:39,030 I hope you understand what I mean. 79 00:05:39,520 --> 00:05:40,110 OK. 80 00:05:40,170 --> 00:05:46,550 So now let's go back and then let's going to controversy to stop it right now. 81 00:05:46,840 --> 00:05:47,610 Go ahead. 82 00:05:49,320 --> 00:05:49,680 OK. 83 00:05:49,720 --> 00:05:50,990 Now what do we have to do. 84 00:05:51,040 --> 00:05:57,580 We have to reset that link address into a issue to see how it looks like. 85 00:05:57,970 --> 00:06:11,980 OK first thing we've got to make a copy of the IP address and sequence of 120 and just copy like a copy. 86 00:06:12,030 --> 00:06:16,090 And then we go here and do the folks in there and then 87 00:06:19,130 --> 00:06:19,770 we have it already. 88 00:06:19,800 --> 00:06:21,320 So it's on the bottom. 89 00:06:21,410 --> 00:06:28,540 But hey guys before tapping into we don't know yet on which port de server is winning. 90 00:06:28,620 --> 00:06:29,720 So we get annoyed. 91 00:06:29,940 --> 00:06:31,470 So how can we know it. 92 00:06:31,650 --> 00:06:38,210 Then we have to use a map to scan the IP of the IP address all of that vulnerable matching. 93 00:06:38,670 --> 00:06:45,000 So less than a week in my mind state department means all. 94 00:06:45,090 --> 00:06:52,980 And then the IP gets control shift in the past and present. 95 00:06:53,520 --> 00:06:55,950 So we've got more into this these complete 96 00:07:00,250 --> 00:07:02,850 with. 97 00:07:03,030 --> 00:07:04,000 All right. 98 00:07:04,270 --> 00:07:07,270 So we can have we keep look we're already here. 99 00:07:07,650 --> 00:07:08,030 OK. 100 00:07:08,170 --> 00:07:14,980 So no that's it's Mickey D's. 101 00:07:15,080 --> 00:07:21,800 OK so you do this report and the State Services Division. 102 00:07:21,860 --> 00:07:22,310 OK. 103 00:07:22,370 --> 00:07:27,500 The most interesting point for us now is to not report on which server is winning. 104 00:07:28,100 --> 00:07:29,440 OK let's go here. 105 00:07:29,630 --> 00:07:32,650 A DTP open etch a patch. 106 00:07:32,720 --> 00:07:33,290 Okay. 107 00:07:33,460 --> 00:07:37,580 DCC server on which it is winning on port 80. 108 00:07:37,970 --> 00:07:39,100 Okay let's go. 109 00:07:39,110 --> 00:07:43,600 1 1 1 1 DCP again LPC pine. 110 00:07:43,820 --> 00:07:44,510 Interesting. 111 00:07:44,720 --> 00:07:46,490 So who is shaking them. 112 00:07:47,070 --> 00:07:48,810 Oh my rescuer. 113 00:07:48,920 --> 00:07:49,940 That's great. 114 00:07:49,950 --> 00:07:51,230 Tweet tweet 0 6. 115 00:07:51,410 --> 00:07:53,040 Let's go down. 116 00:07:55,300 --> 00:07:56,690 OK. 117 00:07:56,890 --> 00:08:01,820 My guy does that much he needs at least one OK. 118 00:08:02,470 --> 00:08:07,380 So now we can go to Firefox can 119 00:08:16,710 --> 00:08:21,860 we go to Firefox and then the IP 120 00:08:27,890 --> 00:08:29,180 What was it. 121 00:08:29,880 --> 00:08:30,070 Uh 122 00:08:37,930 --> 00:08:38,320 yeah. 123 00:08:38,950 --> 00:08:39,470 So. 124 00:08:39,600 --> 00:08:40,040 Okay. 125 00:08:40,070 --> 00:08:42,540 Since we get on which what. 126 00:08:42,590 --> 00:08:48,040 So the silver is wanting so we can get 80 percent. 127 00:08:48,670 --> 00:08:49,720 Oh okay. 128 00:08:49,800 --> 00:08:50,750 Perfect. 129 00:08:50,780 --> 00:08:51,820 So we did there. 130 00:08:52,460 --> 00:08:53,280 OK. 131 00:08:53,360 --> 00:09:02,370 Nice try to regain its maybe because it made me want you strokes so dangerous using I mean. 132 00:09:03,120 --> 00:09:09,760 And then what I mean was in secret works log in. 133 00:09:10,310 --> 00:09:13,440 It's just being mean. 134 00:09:13,560 --> 00:09:19,920 I mean you want to see a trial anyway. 135 00:09:21,180 --> 00:09:22,090 Let's try again. 136 00:09:22,170 --> 00:09:25,530 At least I hope so. 137 00:09:26,140 --> 00:09:32,390 Then one two three four five six. 138 00:09:32,730 --> 00:09:40,790 No again I mean I mean one two three four five six in the center. 139 00:09:41,330 --> 00:09:43,400 OK I'm going to spend all time you guys. 140 00:09:43,400 --> 00:09:47,870 So we're going to try to do two to hacking now. 141 00:09:48,060 --> 00:09:48,450 OK. 142 00:09:50,930 --> 00:09:55,720 It's one derby so that we can see if we can find more innovative toys. 143 00:09:56,230 --> 00:10:02,270 And there'll be an instant appeal to the IP address or. 144 00:10:02,340 --> 00:10:10,400 We press like green and done so we present there. 145 00:10:10,740 --> 00:10:17,510 So that you can find much more information. 146 00:10:17,730 --> 00:10:19,630 You will find this though do. 147 00:10:19,690 --> 00:10:21,970 Images abroad. 148 00:10:22,750 --> 00:10:23,400 OK. 149 00:10:23,470 --> 00:10:25,620 Excellent excellent 150 00:10:29,210 --> 00:10:30,300 Let's join now. 151 00:10:30,350 --> 00:10:32,000 Need to Eat. 152 00:10:32,000 --> 00:10:34,600 Again it will kind of doings forthcoming. 153 00:10:34,760 --> 00:10:45,410 You know you can try to to penetrate or to scan a website or a web server with all the tools that you 154 00:10:45,410 --> 00:10:47,980 know the more you know the better. 155 00:10:48,020 --> 00:10:51,760 And then the easier your task will be. 156 00:10:52,350 --> 00:10:58,270 So we type we don't need all the help. 157 00:10:58,520 --> 00:11:05,330 And then the IP address the IP address of your victim matching the IP address was. 158 00:11:05,680 --> 00:11:07,670 We don't we don't need to take. 159 00:11:08,430 --> 00:11:14,480 We can just place like week pass okay. 160 00:11:14,640 --> 00:11:21,760 And then it goes into two that we get much more information home. 161 00:11:21,820 --> 00:11:29,940 We already see something here alone config good BHP this is really interesting for us guys. 162 00:11:29,980 --> 00:11:33,450 So we're going to work with distance. 163 00:11:33,500 --> 00:11:37,570 We're going out who did it country country and country 164 00:11:40,960 --> 00:11:46,520 league and duties. 165 00:11:46,570 --> 00:11:47,090 Yeah. 166 00:11:48,400 --> 00:11:49,950 OK good. 167 00:11:55,970 --> 00:12:04,570 Now let's try to turn it into a poser can go to well. 168 00:12:04,930 --> 00:12:12,200 Well you can feel it. 169 00:12:12,550 --> 00:12:16,370 BHP under. 170 00:12:16,550 --> 00:12:17,060 OK. 171 00:12:17,420 --> 00:12:20,130 It's a blank page. 172 00:12:20,130 --> 00:12:21,280 It's a blank page. 173 00:12:22,230 --> 00:12:28,790 If you use the view page source you can bring page you know. 174 00:12:28,930 --> 00:12:30,600 OK BHP fine sometimes. 175 00:12:30,700 --> 00:12:31,780 Sometimes it's like that. 176 00:12:32,110 --> 00:12:42,040 But as an attacker you have to know many many many many coal mines for scanning for penetrating for 177 00:12:42,130 --> 00:12:44,870 attacking a website or a web server. 178 00:12:44,940 --> 00:12:45,540 Does it matter. 179 00:12:45,580 --> 00:12:53,980 As I said now we're going to use a common tool including touching which is a little box to traverse 180 00:12:54,510 --> 00:12:57,430 city to traverse some directories. 181 00:12:57,580 --> 00:13:05,740 It is OK we can go back to all you can go back to or turn on in every type dot dot born dot dot dot 182 00:13:05,750 --> 00:13:10,170 dot on my nose and my nose. 183 00:13:10,680 --> 00:13:13,710 And then it should be of course minus. 184 00:13:14,060 --> 00:13:28,330 Then copy and past again IP address and then minus f 460 for traversal which reverse on BHP and now 185 00:13:28,330 --> 00:13:28,900 it goes into 186 00:13:32,130 --> 00:13:32,500 inter 187 00:13:39,920 --> 00:13:49,170 k s puts it into a steady steady steady in. 188 00:13:49,660 --> 00:13:49,990 Again 189 00:13:55,110 --> 00:14:02,650 in this country is winning is warning. 190 00:14:03,030 --> 00:14:03,710 It is winning. 191 00:14:03,710 --> 00:14:04,580 It is winning. 192 00:14:05,400 --> 00:14:06,290 OK. 193 00:14:15,030 --> 00:14:15,810 OK. 194 00:14:16,110 --> 00:14:25,510 So we will all be diligent to a board discussion because it takes us a lot a lot a lot of time without 195 00:14:25,540 --> 00:14:29,080 grabbing any kind of information ensues information. 196 00:14:29,150 --> 00:14:29,410 So. 197 00:14:29,670 --> 00:14:30,270 OK. 198 00:14:30,370 --> 00:14:39,420 Well you know we can try to use Reed to intercept the connection between the IP address of our victim 199 00:14:40,010 --> 00:14:46,140 is such a conflict that BHP and then with all Bob suite. 200 00:14:46,650 --> 00:14:52,750 So let's go to banana terminal so that we open a box seat 201 00:14:55,390 --> 00:14:57,610 so. 202 00:14:58,630 --> 00:14:59,930 OK you guys. 203 00:14:59,970 --> 00:15:01,890 This is my bourbon street professional. 204 00:15:02,250 --> 00:15:05,810 So you for this to do your. 205 00:15:05,910 --> 00:15:12,570 You can use your boxing community Ed. What it would be best if you have your Bursley as the professional 206 00:15:12,570 --> 00:15:15,990 version because there you will find life scanning. 207 00:15:16,080 --> 00:15:22,950 It's very important of course not for distant real good after it would be so cool now if you have your 208 00:15:22,950 --> 00:15:28,070 default post which comes with can you Nick so you can use it. 209 00:15:28,080 --> 00:15:30,390 But Hugh I'm glad I was mine. 210 00:15:30,460 --> 00:15:31,050 I'm. 211 00:15:31,220 --> 00:15:33,130 I would command you to buy it. 212 00:15:33,210 --> 00:15:37,670 Or to find a way to have it or if you want to have it you can just contact me. 213 00:15:37,800 --> 00:15:39,230 I can help you find. 214 00:15:39,240 --> 00:15:46,920 But for the sake of this video we are now going to show you how to hack Bourbon Street because it's 215 00:15:47,070 --> 00:15:48,030 it's not legal. 216 00:15:48,180 --> 00:15:51,140 But if you want to buy it it will be best option. 217 00:15:51,150 --> 00:15:51,560 So. 218 00:15:51,660 --> 00:15:56,330 Or if you want you can contact us for further information how we can get it or something. 219 00:15:56,400 --> 00:15:59,910 Or it requires something of any sort. 220 00:16:00,210 --> 00:16:05,820 And then we place in your opinion the absolute perfection. 221 00:16:07,050 --> 00:16:14,020 And then you're gonna make a few changes but obviously comes as default would pop number 88. 222 00:16:14,040 --> 00:16:17,950 So it's not a it's not necessary to change that number. 223 00:16:18,440 --> 00:16:18,930 Yeah. 224 00:16:19,180 --> 00:16:24,600 And OK next stunt the stunt 225 00:16:28,990 --> 00:16:31,040 nitwit. 226 00:16:32,040 --> 00:16:32,910 Oh OK. 227 00:16:33,440 --> 00:16:33,990 Yeah. 228 00:16:34,040 --> 00:16:34,610 Here we go. 229 00:16:35,240 --> 00:16:44,210 Now you can make a few changes by re warning bow street all by by intervening for example using evasion 230 00:16:44,300 --> 00:16:54,970 and then you can add this type of change to your pocketbook poxy port number okay. 231 00:16:55,340 --> 00:16:56,530 It's good to see time. 232 00:16:57,550 --> 00:17:01,010 That's good because we'll see done as we do. 233 00:17:01,380 --> 00:17:02,100 Kind of okay. 234 00:17:02,110 --> 00:17:07,110 This is what you have in your book Ed.. 235 00:17:07,730 --> 00:17:08,130 Okay. 236 00:17:08,410 --> 00:17:15,910 So now what are we gonna do in both sleep now we click on foxy and then make sure that the anticipation 237 00:17:16,000 --> 00:17:16,900 is on. 238 00:17:17,020 --> 00:17:23,230 If you want the web page to be able to read it again so that you can click on its logging menu click 239 00:17:23,320 --> 00:17:26,690 intercept and or forward on purpose read. 240 00:17:26,710 --> 00:17:27,130 Okay. 241 00:17:27,460 --> 00:17:33,930 So let's go back to Firefox folks what I have been here. 242 00:17:34,190 --> 00:17:37,450 It can be here. 243 00:17:38,450 --> 00:17:41,930 Well you can go to that log invasion. 244 00:17:42,980 --> 00:17:45,000 Okay yeah. 245 00:17:45,170 --> 00:17:49,250 Now let's go back to book Sweet sweet. 246 00:17:49,540 --> 00:17:50,280 Okay. 247 00:17:50,360 --> 00:17:55,520 As we can see then descent as default is on now what we going to do. 248 00:17:55,580 --> 00:18:02,500 We're going to try to make some configuration in Firefox as well so that Bourbon Street is on the same 249 00:18:02,500 --> 00:18:04,820 spot as has Firefox. 250 00:18:04,820 --> 00:18:09,310 Let's go back to all Firefox on it so that we did last time. 251 00:18:11,280 --> 00:18:13,970 Yeah okay. 252 00:18:15,370 --> 00:18:18,090 Here we go to preferences. 253 00:18:20,930 --> 00:18:28,960 Offenses and in settings and then we click on my normal configuration manual poxy little tribulation 254 00:18:29,320 --> 00:18:35,440 and it's already set up like that and then 88 because that's the default number on bursary. 255 00:18:35,440 --> 00:18:42,270 Now when we click on Okay so after clicking on. 256 00:18:42,300 --> 00:18:43,680 Okay now we are ready. 257 00:18:44,010 --> 00:18:48,980 So you can try to go to this page. 258 00:18:50,070 --> 00:18:52,870 And then let's try to put anything. 259 00:18:53,220 --> 00:18:55,320 I mean blah blah blah. 260 00:18:55,530 --> 00:18:59,280 And then percenter Here we go. 261 00:18:59,410 --> 00:19:02,060 Okay we got the information in Ambrose street. 262 00:19:02,260 --> 00:19:04,320 So that's fantastic. 263 00:19:04,330 --> 00:19:13,630 Now we can minimize Firefox so that we analyze it get okay. 264 00:19:13,950 --> 00:19:18,910 Now go back to your Firefox and. 265 00:19:19,160 --> 00:19:25,920 You can try to read on the bridge. 266 00:19:30,420 --> 00:19:31,650 Try to read on these 267 00:19:34,990 --> 00:19:39,950 wouldn't you know you can minimize Firefox. 268 00:19:40,090 --> 00:19:41,140 Okay. 269 00:19:41,370 --> 00:19:48,150 So here we get decision and what we have to do. 270 00:19:48,240 --> 00:19:53,630 So it is accepted if we get then then we click followed. 271 00:19:55,790 --> 00:19:56,420 Okay. 272 00:19:56,550 --> 00:20:03,500 Now we can go back to Firefox and then try to run again tried to log in. 273 00:20:03,780 --> 00:20:08,560 We took the long no gain as you see here. 274 00:20:08,800 --> 00:20:10,290 Let's minimize it again. 275 00:20:12,300 --> 00:20:15,140 As we see you now we get it now. 276 00:20:15,460 --> 00:20:20,580 OK so what we have to do is we're going to send it to the intruder. 277 00:20:20,970 --> 00:20:28,230 So why could he go on it and then send two intruder and then the intruder. 278 00:20:28,550 --> 00:20:30,520 Now get highlighted. 279 00:20:30,740 --> 00:20:31,880 OK. 280 00:20:32,390 --> 00:20:34,700 And then we can go to position 281 00:20:38,160 --> 00:20:41,550 to position OK. 282 00:20:41,610 --> 00:20:51,160 So while being here in the position we can see that the little game is now in the page equal logging 283 00:20:51,300 --> 00:20:52,800 is now in green. 284 00:20:53,550 --> 00:20:54,710 So what does that mean. 285 00:20:54,750 --> 00:21:03,990 It's there that we going to try to force to force the attack the payload the deferred attack type is 286 00:21:04,110 --> 00:21:04,770 sniper. 287 00:21:05,190 --> 00:21:08,370 So we don't chose cluster bomb right now. 288 00:21:08,370 --> 00:21:16,890 So we let it as default and then we could compare drones and then we must if fired there in that fire 289 00:21:16,950 --> 00:21:25,660 we have a lot of common that so that we would provide to eat and there was source file of this lecture. 290 00:21:26,240 --> 00:21:26,670 OK. 291 00:21:26,670 --> 00:21:28,680 Now we can go here 292 00:21:31,400 --> 00:21:38,990 and open defied so you will get it in your resource file and then what's going on a to set it on an 293 00:21:38,990 --> 00:21:43,060 uncontrolled impotency controversy to compete. 294 00:21:43,450 --> 00:21:46,910 You can close the tab and then now you would it there. 295 00:21:47,720 --> 00:21:48,510 OK. 296 00:21:48,710 --> 00:21:54,590 So now what we have to do we have to do nothing other than stop the attack. 297 00:21:54,590 --> 00:22:01,190 We could go on start the attack start attack again get started. 298 00:22:01,270 --> 00:22:01,770 OK. 299 00:22:01,810 --> 00:22:03,090 It's already finished. 300 00:22:03,100 --> 00:22:04,630 OK so now what we do. 301 00:22:04,780 --> 00:22:05,620 Why do you have to do it. 302 00:22:05,740 --> 00:22:11,190 You have to click on the length maybe twice maybe three times so that you get the house number. 303 00:22:11,200 --> 00:22:19,690 So let's try to keep on even looking or it's coming again to this one. 304 00:22:19,750 --> 00:22:20,080 OK. 305 00:22:20,110 --> 00:22:23,070 So this is what we get as a higher limit. 306 00:22:23,080 --> 00:22:24,610 So now we got it. 307 00:22:24,940 --> 00:22:26,680 So in the following section. 308 00:22:26,740 --> 00:22:34,520 So what are we going to do as we can because we can try to enlarge this call on first. 309 00:22:35,030 --> 00:22:35,710 OK. 310 00:22:35,800 --> 00:22:42,100 So we have it and PSP free to convert it base64 encoded upload. 311 00:22:42,190 --> 00:22:44,740 So this is very helpful for us. 312 00:22:44,920 --> 00:22:53,350 So now what we can do is that down the page you can see it tab which name is which space. 313 00:22:53,380 --> 00:22:59,260 So we don't need to request it anymore because we have made or because of all the attack. 314 00:22:59,260 --> 00:23:09,430 So now what we have to do is go do we spend and try to do it try to cheat tried to eat it and good on 315 00:23:09,430 --> 00:23:12,120 good on go don't want. 316 00:23:12,220 --> 00:23:12,710 Okay. 317 00:23:13,000 --> 00:23:21,000 So what you have to do is that you have to you see that you have you know a text which looks like an 318 00:23:21,240 --> 00:23:22,610 index. 319 00:23:23,070 --> 00:23:29,740 It's so you can no a quick overview about it. 320 00:23:29,880 --> 00:23:30,410 OK. 321 00:23:30,450 --> 00:23:32,720 It has to equal at the end. 322 00:23:32,790 --> 00:23:37,680 It looks like it based the 64 encode index. 323 00:23:37,980 --> 00:23:38,430 OK. 324 00:23:38,460 --> 00:23:40,460 So let's try to see if it is. 325 00:23:40,940 --> 00:23:42,770 We can now we can copy it. 326 00:23:42,840 --> 00:23:47,640 We copy only detects and we didn't get the text. 327 00:23:47,640 --> 00:23:52,010 We copy it like that again. 328 00:23:52,230 --> 00:23:55,590 Again we highlighted highlighted 329 00:23:58,900 --> 00:24:11,550 okay and then I take we could be controversy and then now we go back to Ops suite of Page the base one 330 00:24:12,420 --> 00:24:28,990 and then we'll go to the quarter in the past and then control V and decode as May 64 could be six 64 331 00:24:30,660 --> 00:24:31,510 OK. 332 00:24:31,530 --> 00:24:44,890 So now it gives us it gives us a peach be a BHP code along with so which demon and so let's control 333 00:24:45,070 --> 00:24:55,620 let's switch control in a control sleep so we can put it in say read into if I'll and put it into a 334 00:24:55,620 --> 00:24:56,380 five. 335 00:24:56,820 --> 00:25:06,910 You can try to open this If but make it a little bit larger. 336 00:25:07,230 --> 00:25:09,660 And then just be there continue I see. 337 00:25:10,980 --> 00:25:11,830 OK. 338 00:25:11,880 --> 00:25:13,460 So we watch. 339 00:25:13,710 --> 00:25:14,970 Well we have women 340 00:25:18,020 --> 00:25:18,840 with men. 341 00:25:18,870 --> 00:25:26,900 We have women again it was for those women. 342 00:25:27,060 --> 00:25:29,870 These overall page. 343 00:25:29,930 --> 00:25:30,870 OK. 344 00:25:31,020 --> 00:25:32,360 You get it as well. 345 00:25:32,420 --> 00:25:36,850 Typical 4 8 4 4 346 00:25:40,570 --> 00:25:41,110 8. 347 00:25:41,540 --> 00:25:41,870 OK. 348 00:25:43,070 --> 00:25:52,310 So that we make sure so that we can make future analyzing and then going below to meet that goal. 349 00:25:52,750 --> 00:25:53,270 I don't know. 350 00:25:53,410 --> 00:25:53,940 So. 351 00:25:55,510 --> 00:25:56,530 OK. 352 00:25:56,630 --> 00:25:59,270 No no. 353 00:25:59,360 --> 00:26:02,600 Let's go to a good meeting. 354 00:26:02,940 --> 00:26:07,270 You can read on again OK then. 355 00:26:07,430 --> 00:26:09,370 1 2 8 9. 356 00:26:09,620 --> 00:26:16,440 We can click on it and then we are here and there to try to see again what kind of Facebook response 357 00:26:16,490 --> 00:26:20,000 that we have from the attack okay. 358 00:26:20,110 --> 00:26:26,900 Again check if you have some in recorded and index this. 359 00:26:27,220 --> 00:26:30,610 This looks like the same thing. 360 00:26:30,700 --> 00:26:32,800 One equal these 64 again. 361 00:26:33,020 --> 00:26:33,300 OK. 362 00:26:33,320 --> 00:26:48,680 Which way he copied Kobe copy and go back to the main page of books mid Yeah so a debate in control 363 00:26:48,710 --> 00:26:53,120 country is the new one we decode as basically 64. 364 00:26:54,180 --> 00:26:56,110 OK so now we have another. 365 00:26:56,700 --> 00:27:03,690 And then control and control see go back to all text [REMOVED]. 366 00:27:03,830 --> 00:27:04,670 Come on. 367 00:27:04,670 --> 00:27:06,000 Good luck to all taxpayers. 368 00:27:06,000 --> 00:27:12,130 It was for 16 years. 369 00:27:12,230 --> 00:27:13,360 Then we passed it there. 370 00:27:13,540 --> 00:27:14,150 Control of it. 371 00:27:15,210 --> 00:27:16,480 Okay. 372 00:27:16,960 --> 00:27:20,500 Now for we don't know. 373 00:27:20,660 --> 00:27:24,130 So let's check it out okay. 374 00:27:24,920 --> 00:27:26,560 Let's go to that page. 375 00:27:27,050 --> 00:27:29,670 And then now we go back to that page. 376 00:27:29,720 --> 00:27:33,070 Now we can scroll it down to see much more information. 377 00:27:33,480 --> 00:27:44,540 What we do now is we have to find something like config like resource equal config not config to reach 378 00:27:44,550 --> 00:27:55,800 me for configure as much as you have time and then as much have you have your task to fulfill that you 379 00:27:55,800 --> 00:28:02,300 have to try to fulfill it quickly and appropriately according to what you have to do. 380 00:28:02,820 --> 00:28:07,740 Now we need a kind of config So we click on it and then we try to go to we split. 381 00:28:07,740 --> 00:28:09,270 So we are already there. 382 00:28:09,990 --> 00:28:11,550 OK. 383 00:28:12,360 --> 00:28:13,800 So this name. 384 00:28:13,800 --> 00:28:14,540 OK. 385 00:28:14,580 --> 00:28:26,040 So again control is a control C and then go to all would all go to override it and then pass it down 386 00:28:27,250 --> 00:28:28,050 to me. 387 00:28:28,230 --> 00:28:29,770 OK. 388 00:28:29,820 --> 00:28:39,220 Again you can make this just try to find much more information about complete if there are any confusion 389 00:28:39,210 --> 00:28:41,250 and confusion which we know. 390 00:28:41,700 --> 00:28:45,320 Big Will big big age. 391 00:28:46,100 --> 00:28:47,680 And no we don't need this one. 392 00:28:47,720 --> 00:28:50,100 We can go. 393 00:28:50,100 --> 00:28:55,140 We only need to do the guest OK. 394 00:28:55,210 --> 00:28:56,320 Let's go let's go down. 395 00:28:56,320 --> 00:28:58,610 Let's move on. 396 00:28:58,610 --> 00:28:59,680 Can we get one now. 397 00:28:59,950 --> 00:29:00,430 Yeah. 398 00:29:00,520 --> 00:29:01,270 Smart BHP. 399 00:29:01,600 --> 00:29:02,060 OK. 400 00:29:02,230 --> 00:29:07,960 So now we need to click on we spent time if we have any information. 401 00:29:08,060 --> 00:29:09,180 OK good. 402 00:29:09,220 --> 00:29:11,150 So we have an information. 403 00:29:11,650 --> 00:29:24,100 So we try again to copy and pasted into purpose read copy and go to brb. 404 00:29:24,410 --> 00:29:37,510 The main page OK control a delayed until we all k we if it looks like interesting now guys. 405 00:29:37,670 --> 00:29:43,170 So we find we find some good insurers. 406 00:29:43,190 --> 00:29:43,760 All right. 407 00:29:43,760 --> 00:29:53,590 So we could be like click and copy or just control to see go back to was zombies and then go into a 408 00:29:53,590 --> 00:29:53,960 V. 409 00:29:54,680 --> 00:29:55,200 OK. 410 00:29:55,220 --> 00:30:02,320 Now when you have to do so you find some credentials would password in that piece we. 411 00:30:02,360 --> 00:30:08,830 OK now check on me now to see if it is in my obscure password by typing this comment. 412 00:30:08,820 --> 00:30:11,070 Now I'm going to providing you. 413 00:30:11,150 --> 00:30:12,310 OK. 414 00:30:12,700 --> 00:30:17,120 Let's let's let's go to a terminal is a mouse 415 00:30:22,080 --> 00:30:25,030 common my line. 416 00:30:25,300 --> 00:30:27,140 Now let's let's read it. 417 00:30:27,500 --> 00:30:30,360 Let's make some analyses OK. 418 00:30:30,430 --> 00:30:32,010 This is operative page. 419 00:30:32,560 --> 00:30:32,810 OK 420 00:30:38,770 --> 00:30:45,140 needs and quotes complete is my name 421 00:30:47,870 --> 00:30:48,320 OK. 422 00:30:48,680 --> 00:30:52,800 So here we see that we have some restriction. 423 00:30:52,940 --> 00:30:56,950 So different areas which are not ended with these extensions. 424 00:30:57,080 --> 00:30:58,400 So they are not alone. 425 00:30:58,460 --> 00:31:01,320 So that's the configuration of that web page. 426 00:31:01,810 --> 00:31:03,310 That's nice. 427 00:31:03,350 --> 00:31:06,360 So we have a gift being engaged. 428 00:31:06,410 --> 00:31:09,200 OK. 429 00:31:09,340 --> 00:31:22,150 Get it make some escrow below below good important look for index. 430 00:31:22,270 --> 00:31:23,730 Let's the next 431 00:31:29,530 --> 00:31:34,300 Bernard hostname OK. 432 00:31:34,570 --> 00:31:42,700 Now the password is the disorder is low cost user name is would password. 433 00:31:42,730 --> 00:31:54,010 Is this one and that amazes user is users we really have a fairly quick view on it. 434 00:31:54,210 --> 00:32:02,130 That password is high you need an email secure password because we have a database. 435 00:32:02,130 --> 00:32:03,240 We have a user name. 436 00:32:03,240 --> 00:32:04,410 We have password in. 437 00:32:04,410 --> 00:32:09,420 We have a server so we can try to test if it is in my secure database. 438 00:32:09,590 --> 00:32:10,850 And my a secure password. 439 00:32:10,890 --> 00:32:13,310 So we're going to open a terminal. 440 00:32:13,860 --> 00:32:16,110 Let's open a new terminal again. 441 00:32:16,420 --> 00:32:17,090 Right. 442 00:32:17,400 --> 00:32:22,930 And then new to in order we need here. 443 00:32:22,950 --> 00:32:24,090 Come on. 444 00:32:24,550 --> 00:32:25,210 Okay. 445 00:32:25,380 --> 00:32:27,060 So now we're going to have this coming. 446 00:32:27,180 --> 00:32:30,130 Everything is listed guys in the file. 447 00:32:30,240 --> 00:32:32,550 So don't worry okay. 448 00:32:32,720 --> 00:32:42,770 At my school minus age and then the IP of the IP off of them of the target machine it is. 449 00:32:42,820 --> 00:32:48,250 It was 1 1 6 8 1. 450 00:32:48,330 --> 00:32:51,900 Forget it unguarded moment. 451 00:32:52,010 --> 00:32:53,580 Okay. 452 00:32:53,880 --> 00:32:58,410 1 7 0 1 7 1 7 0. 453 00:32:58,680 --> 00:33:00,200 Okay. 454 00:33:00,240 --> 00:33:02,340 And then my nose. 455 00:33:02,490 --> 00:33:12,600 You that day do you mean user and we type would minus be is the password and then we present. 456 00:33:13,140 --> 00:33:14,810 Now we have to enter the password. 457 00:33:14,850 --> 00:33:18,890 So the password was what it meant. 458 00:33:19,380 --> 00:33:21,020 This one. 459 00:33:22,360 --> 00:33:23,490 I did. 460 00:33:23,580 --> 00:33:33,740 And like click Kobe go back and see first first we knew it was in the 461 00:33:36,590 --> 00:33:41,600 you know it you will see oh look 462 00:33:55,880 --> 00:34:00,940 well we didn't work all our lives. 463 00:34:01,210 --> 00:34:02,350 Yes we had a mistake. 464 00:34:02,380 --> 00:34:04,480 So we really did good. 465 00:34:04,480 --> 00:34:05,320 Deceived. 466 00:34:05,860 --> 00:34:06,920 OK you see this one. 467 00:34:07,270 --> 00:34:07,810 OK. 468 00:34:07,880 --> 00:34:09,400 It was going to see. 469 00:34:10,000 --> 00:34:14,550 And then he goes oh let's wait. 470 00:34:14,590 --> 00:34:26,700 It was they can get on and do we passed the password let us do who we are. 471 00:34:26,700 --> 00:34:31,080 So we are in the game so far so good. 472 00:34:36,200 --> 00:34:36,840 OK. 473 00:34:37,090 --> 00:34:39,610 So we are in the Meyers for comment. 474 00:34:39,700 --> 00:34:42,670 Now let's do some that are was in relation. 475 00:34:43,170 --> 00:34:43,560 OK. 476 00:34:43,600 --> 00:34:50,630 So let's dive shall uses some cologne was it done. 477 00:34:51,790 --> 00:34:56,580 We have two information cheat sheet schema users. 478 00:34:56,650 --> 00:34:57,180 OK. 479 00:34:57,220 --> 00:35:00,730 So now let's use the user 480 00:35:03,590 --> 00:35:10,650 get into a lot of people mentioned in the DA is that is changed. 481 00:35:10,800 --> 00:35:11,250 OK. 482 00:35:12,440 --> 00:35:15,970 So that are moving into the change in OK. 483 00:35:16,160 --> 00:35:24,400 Now what we have to do so we have to try to find if in the database users there are some temples. 484 00:35:24,590 --> 00:35:33,760 So we type chanting We see new again it improves there is like users. 485 00:35:33,790 --> 00:35:34,380 All right. 486 00:35:34,740 --> 00:35:41,850 So now we can try to find what is inside the temple because inside that table of course there are some 487 00:35:41,850 --> 00:35:43,320 Korans and some lines. 488 00:35:43,320 --> 00:35:46,410 And then we have to find the content of it. 489 00:35:46,410 --> 00:35:57,520 So now we type select board style star means all phone users the table small users tables and then similar 490 00:35:57,910 --> 00:36:06,330 to my column or King who we find some could ensure what it looks like. 491 00:36:06,510 --> 00:36:18,510 It looks like this user as the password is when this plus hold is encoded it since it ends with two 492 00:36:18,570 --> 00:36:20,060 equals sign. 493 00:36:20,070 --> 00:36:31,890 You can try to have it copy it controls me or copy and then go to decoder into inappropriate and we 494 00:36:31,920 --> 00:36:35,580 try to decode it and get a result. 495 00:36:35,640 --> 00:36:37,220 Also it was only seven. 496 00:36:37,620 --> 00:36:46,850 Now we get some users credential or key we can try to find Nina kins both to make sure. 497 00:36:49,070 --> 00:36:49,580 All right. 498 00:36:49,620 --> 00:36:58,040 So let's go back to let's go to these in. 499 00:36:58,250 --> 00:37:01,970 You can do it and it 500 00:37:05,270 --> 00:37:10,050 so we have two pages in the next one. 501 00:37:10,340 --> 00:37:10,920 OK. 502 00:37:11,000 --> 00:37:19,260 This one attack once or we don't need these any more we can close it OK. 503 00:37:19,290 --> 00:37:22,980 And now try to figure it out. 504 00:37:23,330 --> 00:37:27,080 That's their name is on. 505 00:37:27,080 --> 00:37:28,750 You can try to pull it off now. 506 00:37:28,950 --> 00:37:38,580 You can load any quarter OK then send it gone in eight and past us in there. 507 00:37:38,800 --> 00:37:41,510 You calling me 64 508 00:37:44,050 --> 00:37:50,000 OK so g w o k some stuff like that. 509 00:37:50,100 --> 00:37:55,550 Well okay let's go back to all too real. 510 00:37:56,700 --> 00:37:59,160 Case that we might see Glenn 511 00:38:04,490 --> 00:38:05,100 okay. 512 00:38:05,220 --> 00:38:16,370 We can try to try to copy this see control copy it. 513 00:38:16,410 --> 00:38:16,710 Okay. 514 00:38:18,080 --> 00:38:19,180 No copy. 515 00:38:19,200 --> 00:38:22,150 Now we can try to upload an image to the server. 516 00:38:22,680 --> 00:38:29,350 Okay before that we can try to go to do your onion page. 517 00:38:35,110 --> 00:38:36,270 So we copied. 518 00:38:36,370 --> 00:38:37,790 That's good for folks. 519 00:38:39,190 --> 00:38:43,110 Try to be squashed. 520 00:38:43,180 --> 00:38:44,470 Mr. 521 00:38:46,000 --> 00:38:49,820 Mr Monkey. 522 00:38:50,660 --> 00:39:00,290 Yeah anymore is what we get on to Cain small monitors and we think. 523 00:39:01,420 --> 00:39:04,870 Can then copy and paste the box with here 524 00:39:07,830 --> 00:39:11,470 and then goes into the scene 525 00:39:15,250 --> 00:39:18,040 Oh it's serious like we are in. 526 00:39:18,040 --> 00:39:19,890 We are in OK. 527 00:39:20,530 --> 00:39:21,430 Absolutely good 528 00:39:26,040 --> 00:39:26,960 OK. 529 00:39:27,060 --> 00:39:31,660 So we are in now as can resume. 530 00:39:32,130 --> 00:39:38,980 So now what we have to do we have to click on wells and and trying to find any image that we have. 531 00:39:38,990 --> 00:39:43,390 Look let's see this image. 532 00:39:44,110 --> 00:39:51,820 Well then OK and then now we have to click on upload when you click on upload. 533 00:39:51,980 --> 00:39:56,190 You will see the images we provided to the renewable server. 534 00:39:56,240 --> 00:40:01,040 So next you can type into address bar right up to the IP address. 535 00:40:01,040 --> 00:40:08,530 Can you slash up or just to see how image is floating how it appears in the web silver. 536 00:40:09,140 --> 00:40:09,610 OK. 537 00:40:09,730 --> 00:40:15,240 So for now it's good to try to click on upload. 538 00:40:15,250 --> 00:40:16,800 Here we go. 539 00:40:16,900 --> 00:40:29,470 This is the image is so because that image is the dot B in G is the restriction was for oh was under 540 00:40:29,600 --> 00:40:36,660 is not for this kind of image either being G or g f and so on. 541 00:40:37,100 --> 00:40:37,780 OK. 542 00:40:37,870 --> 00:40:47,610 So now we can try to do this all the time or it would be for complete 543 00:40:50,130 --> 00:41:03,190 c o onto a v Sanish upload upload in prison or. 544 00:41:03,320 --> 00:41:04,240 All right. 545 00:41:04,250 --> 00:41:11,420 So this is how the image you get saved in the Silver State would keep what you have to do now go and 546 00:41:11,740 --> 00:41:17,360 sweet and then check to see that if the Intersect is on if it's on and it is like that if it's off. 547 00:41:17,450 --> 00:41:23,100 So we have to turn it on it's it's all its own. 548 00:41:23,180 --> 00:41:23,990 Now it is on. 549 00:41:24,490 --> 00:41:25,000 OK. 550 00:41:25,100 --> 00:41:32,660 Now what we have to do we will go back to Firefox and then we take the IP address of course and then 551 00:41:32,660 --> 00:41:36,020 we will take this command after the IP address. 552 00:41:36,020 --> 00:41:37,960 I'm going to show you this component. 553 00:41:38,000 --> 00:41:39,400 Everything would be provided. 554 00:41:39,400 --> 00:41:42,090 Guys in the description of those was fine. 555 00:41:42,350 --> 00:41:43,250 OK. 556 00:41:43,510 --> 00:41:52,350 We don't let's let's move amongst these one on it's like it is in the movie. 557 00:41:52,480 --> 00:41:54,920 OK I can hear you. 558 00:41:56,570 --> 00:42:01,480 In control we can control we. 559 00:42:01,480 --> 00:42:06,430 So now what we have to time is index. 560 00:42:07,290 --> 00:42:11,550 Each being in the same last name. 561 00:42:12,890 --> 00:42:18,180 And then trying to twist into to see what would be next. 562 00:42:18,620 --> 00:42:22,920 Can see in the. 563 00:42:24,630 --> 00:42:27,250 Mines Firefox. 564 00:42:30,060 --> 00:42:37,280 So we get decision I need the hostname in head again. 565 00:42:38,470 --> 00:42:48,160 So now we have to we have to click on what I was and then delete the cookies session right after the 566 00:42:48,160 --> 00:42:51,800 to do it's up to cookies and decision cookies. 567 00:42:51,820 --> 00:42:54,280 Why does he need to do it here. 568 00:42:54,310 --> 00:42:56,040 Exactly so. 569 00:42:56,110 --> 00:42:56,840 Okay. 570 00:42:56,930 --> 00:43:03,020 Then the name of that image of course in India wide pain. 571 00:43:03,220 --> 00:43:07,350 So let's type it first firstly that cookie. 572 00:43:07,760 --> 00:43:12,990 Space Land equal and 573 00:43:16,080 --> 00:43:18,750 my Firefox 574 00:43:21,850 --> 00:43:28,350 before going into the den before going into the day. 575 00:43:28,720 --> 00:43:33,690 So let's make let's make an assumption. 576 00:43:33,730 --> 00:43:39,700 So we did see that they did produce 5. 577 00:43:39,970 --> 00:43:45,450 They have some restriction about that device that can be uploaded. 578 00:43:45,490 --> 00:43:55,380 Finally the one with extension G I f g f give images of being G and G pick some stuff like that and 579 00:43:55,600 --> 00:44:01,880 as an attacker so we can ask or set off in what if we want to upload a beach Friday. 580 00:44:02,590 --> 00:44:07,090 So let's see how we can try to to create a beach file. 581 00:44:08,470 --> 00:44:19,820 Hey o on it's going to end and you look like it's trying to create a pitch fight to try to put it so 582 00:44:19,820 --> 00:44:21,690 that against HP 583 00:44:25,380 --> 00:44:31,550 these it would assume you called 584 00:44:55,770 --> 00:44:58,080 it did you. 585 00:45:00,580 --> 00:45:09,280 Buddy buddy buddy just to see a man like 586 00:45:13,530 --> 00:45:16,060 you. 587 00:45:17,840 --> 00:45:28,240 You and in the fog of war can I see you need to enlist or we can do it. 588 00:45:28,450 --> 00:45:38,250 It's okay you can just do working was working in the desktop might be better for us. 589 00:45:38,260 --> 00:45:45,250 We try to put it like try DOD BHP 590 00:45:49,550 --> 00:45:57,380 see OK now close it here and then we try. 591 00:45:57,570 --> 00:45:58,480 You know the other 20. 592 00:45:58,550 --> 00:46:08,340 OK we have to turn it over the decades of now we can try to operate a bit low again. 593 00:46:08,350 --> 00:46:12,660 We have to log in OK. 594 00:46:13,030 --> 00:46:20,810 And then the plus was what the password was huh. 595 00:46:21,070 --> 00:46:22,650 He didn't write it down 596 00:46:27,090 --> 00:46:27,670 OK. 597 00:46:27,750 --> 00:46:31,890 If I sort of can't forget it let's go back to work. 598 00:46:31,920 --> 00:46:33,690 So we do see if we do it. 599 00:46:33,710 --> 00:46:44,780 There are wound up killing leads now and then controversy and just to and see Dorsey and go back to 600 00:46:44,780 --> 00:46:50,600 Firefox to Firefox and passenger control me and was under 601 00:46:53,400 --> 00:46:54,170 God. 602 00:46:54,270 --> 00:46:56,680 Now we can try to upload it. 603 00:46:56,810 --> 00:47:05,120 Obviously I'm going to stop it stop trying. 604 00:47:05,350 --> 00:47:06,810 And then 605 00:47:11,250 --> 00:47:15,720 not Android extension please upload images only you see. 606 00:47:15,780 --> 00:47:28,050 So that means this Web site has some kind of filters so it prevents some files from uploading to the 607 00:47:28,050 --> 00:47:28,920 server. 608 00:47:28,920 --> 00:47:35,470 Only the fires that are loaded as it say that the images file it's only and not as an attack. 609 00:47:35,550 --> 00:47:37,210 How can you bypass that. 610 00:47:37,370 --> 00:47:43,230 Okay so let's go and delete that file or we can modify it okay. 611 00:47:43,280 --> 00:47:47,980 This just deleted wind rush. 612 00:47:48,920 --> 00:47:57,010 Okay now I'm gonna open a new will and open new. 613 00:47:57,110 --> 00:47:59,940 Now we could have music Coleman. 614 00:48:00,480 --> 00:48:11,250 And then appeared to be comments so that we stop inside or defy the speech code which is going to hack 615 00:48:11,640 --> 00:48:20,790 the server in background but we will say if need as an image file but even if we do that the server 616 00:48:20,790 --> 00:48:29,100 system might have some kind of what would Dick system that detects if it's only speech before if it's 617 00:48:29,100 --> 00:48:38,130 only any major file and then by the sound of it it's not enough to just save it in image while inside 618 00:48:38,600 --> 00:48:39,790 the file. 619 00:48:39,840 --> 00:48:43,830 The content is BHP or its team or something like that. 620 00:48:43,860 --> 00:48:44,540 It's not enough. 621 00:48:44,880 --> 00:48:55,370 But we have some treat we have to take for example G I f 89 so that we put it as the header and then 622 00:48:55,580 --> 00:49:02,300 when that filters comes to that file so that it could detect if it's impeachable offense. 623 00:49:02,350 --> 00:49:04,230 OK so let's go to it. 624 00:49:04,290 --> 00:49:17,810 They would be to who is if we take we don't know going into BHP BHP and calls it and then look now we 625 00:49:17,810 --> 00:49:31,970 can take all risk of equal share and execute execute our signing get ups get 626 00:49:36,340 --> 00:49:41,060 that money and then we take B and B C in Biloxi. 627 00:49:41,290 --> 00:49:48,250 So if I blessing does see me then we close despondency and borne disease. 628 00:49:48,670 --> 00:49:49,950 OK so what can we do. 629 00:49:50,060 --> 00:49:50,720 Just one line. 630 00:49:50,730 --> 00:49:51,530 No we're not. 631 00:49:51,530 --> 00:49:51,820 Yeah. 632 00:49:52,310 --> 00:49:53,650 OK. 633 00:49:53,700 --> 00:49:59,260 Doesn't an line equal doesn't mean mine. 634 00:49:59,370 --> 00:50:00,450 All right. 635 00:50:00,470 --> 00:50:02,790 So you go it. 636 00:50:03,080 --> 00:50:16,170 Now this would be not enough so that we see it as an image he or we take these give image and then a. 637 00:50:16,530 --> 00:50:17,180 All right. 638 00:50:17,390 --> 00:50:24,590 So now when we upload into this sovereign decision filters will not not if it's not an image right. 639 00:50:24,940 --> 00:50:26,890 OK. 640 00:50:27,050 --> 00:50:33,400 Now let's go to file so you can save us. 641 00:50:33,460 --> 00:50:34,990 It's not important. 642 00:50:34,990 --> 00:50:47,160 It's a C in the G Well again as we dig in pocket we can move suit and may recommend might recommend. 643 00:50:47,530 --> 00:50:51,990 OK so now we can close it it is there. 644 00:50:52,030 --> 00:50:52,500 I see them. 645 00:50:52,510 --> 00:50:54,850 They should be in G. 646 00:50:55,140 --> 00:50:56,540 No go back to those. 647 00:50:56,560 --> 00:50:57,100 OK. 648 00:50:57,160 --> 00:50:58,700 We have to try again. 649 00:50:58,700 --> 00:51:04,080 Well as and find it is. 650 00:51:04,140 --> 00:51:14,790 Where we do see in the open and upload Yeah so that if I is there guys. 651 00:51:15,130 --> 00:51:18,570 So now what you can do is the same process. 652 00:51:18,570 --> 00:51:27,510 You just go there or you open another tab and then you just reloaded just to see all image. 653 00:51:28,420 --> 00:51:28,720 OK. 654 00:51:28,720 --> 00:51:31,960 This is all you may choose. 655 00:51:32,220 --> 00:51:40,530 This Okay good we can try to see if we can get some command. 656 00:51:41,830 --> 00:51:58,070 Here path of seeing me was the name place in unity similar to a good insurer which is inside and in 657 00:51:58,140 --> 00:51:58,590 on it. 658 00:51:58,970 --> 00:52:04,980 OK right away we can use book street so that we we get into communication. 659 00:52:05,090 --> 00:52:05,580 Who do 660 00:52:09,720 --> 00:52:11,670 so it's destroyed. 661 00:52:11,700 --> 00:52:15,380 We do in description of birdseed on 662 00:52:18,070 --> 00:52:21,010 well it seems like this. 663 00:52:22,970 --> 00:52:24,180 Put it on 664 00:52:27,670 --> 00:52:30,480 now no one during disappeared. 665 00:52:30,600 --> 00:52:31,800 It's it again 666 00:52:36,080 --> 00:52:37,240 to be. 667 00:52:37,730 --> 00:52:40,640 That's next. 668 00:52:40,700 --> 00:52:43,820 That you mean and then. 669 00:52:44,430 --> 00:52:49,270 Now we can go to Wall Street OK. 670 00:52:49,820 --> 00:52:51,810 No issue you. 671 00:52:52,120 --> 00:52:54,890 Decision 80 percent blamed 672 00:52:58,290 --> 00:52:58,500 on 673 00:53:01,650 --> 00:53:10,300 equal dip path of the fire that we have applauded. 674 00:53:11,720 --> 00:53:15,030 Rona stylish. 675 00:53:15,410 --> 00:53:38,130 So these folks you going to go in this one's fine Kobe but we want not just to compete like that we 676 00:53:38,140 --> 00:53:44,630 compete to keep him going to see now we go back and then we proceed. 677 00:53:44,750 --> 00:53:48,680 They don't okay. 678 00:53:48,780 --> 00:53:57,010 So after after doing that after busting they find a name do the image name here. 679 00:53:57,540 --> 00:54:04,860 So now what we're going to do we're going to do the same tweet that we tried earlier to do on firefox. 680 00:54:04,860 --> 00:54:10,450 It's a common injection because we were not able to do it there in the water. 681 00:54:10,650 --> 00:54:19,230 But now we are trying to do it here on a broad suite so we could be question mark here and then we type 682 00:54:19,510 --> 00:54:25,900 C D E quarter consonant exactly what we type in early on guys. 683 00:54:26,230 --> 00:54:26,720 Okay. 684 00:54:26,930 --> 00:54:30,660 Now why do we have to do you have to send this do we beta. 685 00:54:31,130 --> 00:54:31,730 Okay. 686 00:54:31,810 --> 00:54:38,140 You click on it and then sign it do we beta going to 0. 687 00:54:39,070 --> 00:54:40,790 And then do do we to. 688 00:54:40,860 --> 00:54:43,190 It gets highlighted. 689 00:54:43,790 --> 00:54:44,680 Oh okay. 690 00:54:44,710 --> 00:54:52,390 So as you can see nothing is new. 691 00:54:52,630 --> 00:55:02,830 So it's just I would now going go on go on go. 692 00:55:02,960 --> 00:55:04,190 Great. 693 00:55:04,470 --> 00:55:05,540 Okay. 694 00:55:05,670 --> 00:55:12,120 Now you can scroll down your mouse and it's code on your mouse in the white bean to see me. 695 00:55:12,140 --> 00:55:21,100 Each team will call code they contend of always come here in each and rarefied view. 696 00:55:21,100 --> 00:55:21,480 OK. 697 00:55:21,540 --> 00:55:23,070 Now what we're going to do. 698 00:55:23,230 --> 00:55:30,220 We're going to try to open in net cut port so that we listen to communication. 699 00:55:30,220 --> 00:55:38,860 For this reason we're going to go to terminal and open a neutrino to be didn't it to win on. 700 00:55:39,560 --> 00:55:40,490 And then we. 701 00:55:41,660 --> 00:55:48,760 And see my nose and into BP and then any number of your choice so I can put mine. 702 00:55:48,830 --> 00:55:50,600 Seven eight seven eight. 703 00:55:51,000 --> 00:55:51,450 I did. 704 00:55:51,480 --> 00:55:55,220 And then what you gonna do is just waste it. 705 00:55:55,640 --> 00:55:58,290 Now on it cut is listen. 706 00:55:58,850 --> 00:56:08,220 So next it is we could not try to inject it by to cut into the wee Peter page. 707 00:56:08,220 --> 00:56:09,210 This is what we do. 708 00:56:09,300 --> 00:56:12,150 Okay now I'm gonna try to inject the python code. 709 00:56:12,750 --> 00:56:19,370 So here is the place that we will change to put the com in court. 710 00:56:19,390 --> 00:56:22,680 Okay now we're going to delete this. 711 00:56:22,680 --> 00:56:28,190 And then here we will try to put the bite Tom cord inside. 712 00:56:28,500 --> 00:56:40,360 So it would look at okay now it could be in past do Batum could you one before we have to make a few 713 00:56:40,360 --> 00:56:41,270 changes. 714 00:56:41,440 --> 00:56:46,730 We have to modify it according to all the IP according to all. 715 00:56:46,770 --> 00:56:49,470 Kylie I'd be much in the. 716 00:56:50,090 --> 00:56:54,160 But we didn't learn to get old. 717 00:56:54,570 --> 00:56:55,250 Yeah. 718 00:56:55,470 --> 00:56:56,540 Well this is it. 719 00:56:57,330 --> 00:56:57,780 Okay. 720 00:56:59,650 --> 00:57:00,170 And then. 721 00:57:00,440 --> 00:57:02,690 So we deport put for what you can do. 722 00:57:02,690 --> 00:57:05,510 We need to watch one OK. 723 00:57:05,630 --> 00:57:12,160 So now before you click on go you have to first settle your neck Kate. 724 00:57:12,310 --> 00:57:12,660 Nikki. 725 00:57:12,660 --> 00:57:13,100 Come on. 726 00:57:13,230 --> 00:57:13,700 OK. 727 00:57:13,760 --> 00:57:28,960 You can try it cut and see Dan C minus and then how make it white on black and you did differences of 728 00:57:29,090 --> 00:57:33,060 preferences Carlo. 729 00:57:33,170 --> 00:57:40,530 I didn't like that close it didn't make it. 730 00:57:41,740 --> 00:57:54,700 And then now we type and when it's clear and see finals be profitable for so now it's waiting for us. 731 00:57:54,840 --> 00:57:55,090 OK. 732 00:57:55,090 --> 00:57:56,070 Before we keep going. 733 00:57:56,240 --> 00:58:05,200 I was as we said earlier we have to highlight eight selected item code and then like click convert selection 734 00:58:05,410 --> 00:58:06,320 you are. 735 00:58:06,820 --> 00:58:11,220 And then you could all come during Yeah. 736 00:58:11,260 --> 00:58:14,320 And then now you can click on call 737 00:58:20,800 --> 00:58:24,880 okay as you see so we get it when you first show now. 738 00:58:24,900 --> 00:58:29,310 So now as we move slowly commented in the previous video. 739 00:58:29,400 --> 00:58:40,770 So we can trying to type in python import minus C and then import B to y semicolon and then D spawn 740 00:58:40,870 --> 00:58:52,710 being like that try to point to see if it can be run like a pseudo first thing and then you just try 741 00:58:53,010 --> 00:59:03,150 Dickens and then you put the password fork in it or something like Benji so you inverted it was in web 742 00:59:03,290 --> 00:59:03,970 suite. 743 00:59:03,980 --> 00:59:05,170 Exactly. 744 00:59:05,490 --> 00:59:08,940 So it could be implicit in so. 745 00:59:08,960 --> 00:59:14,690 Let's see if it has some kind of sudo privileges if not so we get to escalating 746 00:59:18,890 --> 00:59:20,600 does it have it. 747 00:59:20,600 --> 00:59:26,640 So now what task is we have escalate the privileges 748 00:59:32,190 --> 00:59:33,320 here. 749 00:59:33,630 --> 00:59:40,380 Your name Newspoll when you when would you and him minus a. 750 00:59:40,390 --> 00:59:46,720 It gives us a lot of information about the current system that we are trying to get. 751 00:59:51,930 --> 01:00:01,050 And you go to the folks first thing first and then we submit and then we are going to download days. 752 01:00:01,090 --> 01:00:03,610 Of course it is provided in the least. 753 01:00:04,270 --> 01:00:07,950 So we have to admit it's an exception. 754 01:00:12,580 --> 01:00:19,560 Just copy it syndicate first and then compete and then continue in you fight. 755 01:00:20,660 --> 01:00:22,730 We can see that in plastic Dale 756 01:00:27,740 --> 01:00:31,090 we put in there in the silver path. 757 01:00:31,230 --> 01:00:38,640 After that we're going to try to start up silver and then we create a new front end and we put it as 758 01:00:38,640 --> 01:00:43,850 cool done quickly due to the see game. 759 01:00:48,420 --> 01:00:49,440 Now that's good. 760 01:00:55,220 --> 01:01:00,150 Now it's time to study servers stopped. 761 01:01:00,280 --> 01:01:00,880 It was an another 762 01:01:04,000 --> 01:01:04,380 OK. 763 01:01:04,400 --> 01:01:04,760 Great. 764 01:01:04,760 --> 01:01:06,620 Now we've got no two or three version. 765 01:01:06,620 --> 01:01:08,670 And then we change our territory to 10 766 01:01:12,560 --> 01:01:13,730 on King. 767 01:01:13,760 --> 01:01:18,450 Now we have to download what we have in our live machine. 768 01:01:18,470 --> 01:01:21,330 So that's why we put it there in the server. 769 01:01:24,140 --> 01:01:29,960 So the IP address of you so that we'd get a connection to competition between them between these two 770 01:01:30,050 --> 01:01:34,940 D or an operating system in a carry machine so that you can download it. 771 01:01:35,210 --> 01:01:36,510 Okay. 772 01:01:36,840 --> 01:01:38,860 Now we have to compile it. 773 01:01:38,870 --> 01:01:41,690 So let's let's use the CCC 774 01:01:49,400 --> 01:01:56,700 name is Paul and you're gonna have typing in any name and then using Twitter. 775 01:01:57,400 --> 01:02:00,340 And it wasn't a get 776 01:02:06,620 --> 01:02:09,900 knowledge Australian to win legacy. 777 01:02:09,980 --> 01:02:12,620 Table five split. 778 01:02:12,670 --> 01:02:13,030 No. 779 01:02:14,060 --> 01:02:15,290 Great. 780 01:02:15,290 --> 01:02:16,350 We got it. 781 01:02:16,380 --> 01:02:19,270 So it's be. 782 01:02:19,320 --> 01:02:24,110 Now we can try to find some files if if if they are some. 783 01:02:24,340 --> 01:02:31,360 And then if there is a we we know how to try to open them using command so that we we defies 784 01:02:35,060 --> 01:02:39,370 try and you see would its flag. 785 01:02:39,400 --> 01:02:42,030 All we can see the flag or usage whatever. 786 01:02:42,270 --> 01:02:44,300 Excellent. 787 01:02:44,320 --> 01:02:44,920 Great. 788 01:02:45,220 --> 01:02:46,060 Okay guys. 789 01:02:46,060 --> 01:02:48,200 So that's all for this club. 790 01:02:48,280 --> 01:02:50,910 We really think that you enjoy. 791 01:02:50,950 --> 01:02:53,190 We poisoned by hacking into the food. 792 01:02:53,210 --> 01:02:55,900 Notable one operating system. 793 01:02:55,900 --> 01:03:06,910 And then we so that we get the privilege escalation and then we get the decoded off base 64 encoded 794 01:03:06,910 --> 01:03:12,340 deads and then we got a password and credentials that we have seen quite a good start. 795 01:03:12,340 --> 01:03:15,760 So we are looking forward to see you in the next video. 796 01:03:15,760 --> 01:03:16,320 Thank you.