1 00:00:00,280 --> 00:00:05,790 And Lou everybody when it comes to my advanced ethical hacking networking penetration texting cause 2 00:00:15,670 --> 00:00:22,860 being here in this lab that means you are already having windfalls of good knowledge about the relation 3 00:00:22,900 --> 00:00:26,510 and exploitation of renewable labs. 4 00:00:26,590 --> 00:00:33,220 This lab will call for the innovation and exploitation of good and I. 5 00:00:33,220 --> 00:00:40,450 So before starting as always we get to go and downloaded and then imported into ovary trouble too much. 6 00:00:40,870 --> 00:00:41,220 OK. 7 00:00:41,260 --> 00:00:42,050 So let's start. 8 00:00:42,160 --> 00:00:43,450 Let's go to or link 9 00:00:46,120 --> 00:00:46,580 two. 10 00:00:46,970 --> 00:00:50,200 And then we look for God and I. 11 00:00:50,710 --> 00:00:56,360 And then we compete with copy contracts single commanded. 12 00:00:56,660 --> 00:00:59,190 It is on your computer if you want in my book. 13 00:01:00,080 --> 00:01:00,740 And then representative 14 00:01:06,170 --> 00:01:08,520 there you're going to find it fine. 15 00:01:08,640 --> 00:01:09,380 Oh the eight. 16 00:01:09,390 --> 00:01:12,780 And then you have to download it after being downloaded. 17 00:01:12,780 --> 00:01:17,550 You double click on it to import it into your free travel books much and then there you're going to 18 00:01:17,550 --> 00:01:19,370 have a few changes. 19 00:01:19,440 --> 00:01:20,940 So we will walk through 20 00:01:24,320 --> 00:01:25,370 ok here. 21 00:01:25,610 --> 00:01:32,250 So you just click you on download and I'm going to click because we have had it already on our computer. 22 00:01:32,420 --> 00:01:36,760 So let's go to all go to a directory yes. 23 00:01:37,010 --> 00:01:38,080 We go 24 00:01:41,390 --> 00:01:41,980 OK. 25 00:01:43,760 --> 00:01:44,350 Yeah. 26 00:01:44,540 --> 00:01:48,620 And you double click it. 27 00:01:48,840 --> 00:01:51,980 It will automatically imported into all of your troubles watching. 28 00:01:52,030 --> 00:01:55,780 And then there you can change the name according to yours. 29 00:01:56,110 --> 00:02:04,410 Let's say I would call it John and I won. 30 00:02:04,520 --> 00:02:06,290 OK. 31 00:02:06,410 --> 00:02:06,810 Import 32 00:02:23,330 --> 00:02:24,410 OK it is there. 33 00:02:24,770 --> 00:02:26,220 So what are we gonna do. 34 00:02:26,220 --> 00:02:34,160 We're going click here and right click choose settings on just go here details and then you click on 35 00:02:34,190 --> 00:02:38,080 you know then you're going to make some changes. 36 00:02:39,490 --> 00:02:39,860 OK. 37 00:02:39,960 --> 00:02:47,070 So if you want you can drag us to Guest Guest Host Oh my jokes or not depends on you 140 slobs or we 38 00:02:47,070 --> 00:02:49,260 could just leave it like that. 39 00:02:49,760 --> 00:02:50,130 OK. 40 00:02:50,160 --> 00:02:52,050 So now what we see is them. 41 00:02:52,300 --> 00:02:54,320 Nothing good here. 42 00:02:54,360 --> 00:02:56,920 Nothing storage or nothing. 43 00:02:56,970 --> 00:03:07,020 Go to network I mean to startle good network and then here make sure that we have set the network adapter 44 00:03:07,090 --> 00:03:07,670 according to. 45 00:03:07,680 --> 00:03:11,240 Of each box machine currently news. 46 00:03:11,350 --> 00:03:15,460 So in in our books we had it set on what. 47 00:03:15,700 --> 00:03:16,760 So it can be for cooking. 48 00:03:16,850 --> 00:03:19,190 Okay let's go back. 49 00:03:19,270 --> 00:03:20,920 This is all kind of machine. 50 00:03:21,130 --> 00:03:25,390 And then we own network it is on widget adapter Wi-Fi. 51 00:03:25,600 --> 00:03:26,410 All right. 52 00:03:26,410 --> 00:03:33,010 So go back here and do will not change it. 53 00:03:33,040 --> 00:03:37,480 We did it up through here it is already on my phone. 54 00:03:37,490 --> 00:03:37,850 Good. 55 00:03:37,850 --> 00:03:38,720 So just make a chip. 56 00:03:38,750 --> 00:03:40,620 OK point and then click. 57 00:03:40,700 --> 00:03:45,740 OK so now you can press start to stand in featured much in 58 00:03:48,670 --> 00:03:51,860 so we're going to wait a little bit. 59 00:03:57,390 --> 00:03:57,630 Don't 60 00:04:06,210 --> 00:04:15,760 at it a bit. 61 00:04:16,230 --> 00:04:16,640 OK. 62 00:04:18,110 --> 00:04:18,810 Good. 63 00:04:18,830 --> 00:04:23,180 So not think so we don't know the password. 64 00:04:23,180 --> 00:04:24,540 We don't know the user. 65 00:04:24,560 --> 00:04:25,730 We don't know anything. 66 00:04:25,760 --> 00:04:34,060 So our task is so that we can detect and then we can find a username and password that we get into that 67 00:04:34,060 --> 00:04:34,910 system. 68 00:04:34,910 --> 00:04:35,640 All right. 69 00:04:35,690 --> 00:04:43,520 So now let's go back into that kind of machine that's bad and we just thought it 70 00:04:47,430 --> 00:04:49,620 minimize those inner 71 00:05:06,090 --> 00:05:07,920 so we have to beat 72 00:05:11,080 --> 00:05:12,500 Democrates loving 73 00:05:17,150 --> 00:05:17,970 issued ethics. 74 00:05:18,040 --> 00:05:18,510 OK. 75 00:05:18,660 --> 00:05:19,170 Good. 76 00:05:19,170 --> 00:05:20,410 Here we are. 77 00:05:20,550 --> 00:05:24,330 So we type him as well as user ID and password. 78 00:05:24,470 --> 00:05:26,760 So you have to remember which of course yes guys 79 00:05:32,430 --> 00:05:33,540 as usual guys. 80 00:05:33,570 --> 00:05:43,270 My advice to you is that you can still impose your pointy slapper but whenever you change your location. 81 00:05:43,320 --> 00:05:49,260 Always remember that your IP address might get changed because sometimes if you were somewhere and then 82 00:05:49,260 --> 00:05:57,810 after you go from some kilometers some kilometers which your computer and then you are logging on in 83 00:05:57,810 --> 00:06:05,790 your network Wi-Fi or hearing all your IP address gets automatically changed by the sound of it if you 84 00:06:05,790 --> 00:06:13,050 want to go to the address posing with this address like we can use this one for example this one and 85 00:06:13,050 --> 00:06:20,070 then if it were on 1 7 see Well of course when you use that your operating system it might get change 86 00:06:20,190 --> 00:06:21,940 and then you might get into any more. 87 00:06:21,940 --> 00:06:23,360 So you have to be aware of it. 88 00:06:23,370 --> 00:06:29,670 So too old to always try to remember that you change your location or your IP address might get be new. 89 00:06:29,910 --> 00:06:40,380 So it's just a matter of not only to save your extend of your virtual machine but to start it as new. 90 00:06:40,380 --> 00:06:41,840 So you started again here. 91 00:06:41,910 --> 00:06:42,460 Reasonable. 92 00:06:42,670 --> 00:06:44,670 I dead and then you started. 93 00:06:44,730 --> 00:06:46,350 So that's that's the best option. 94 00:06:46,380 --> 00:06:51,300 So obviously that you would just remember about it. 95 00:06:51,300 --> 00:06:51,810 OK. 96 00:06:51,960 --> 00:06:56,100 So now we're going to have to have wi on which interface we are. 97 00:06:56,130 --> 00:07:01,830 So we take IP but people think it was in there OK we are on itI h as you walk. 98 00:07:01,830 --> 00:07:10,330 So now we can type network discover so that we discover all the IP address which are on on it. 99 00:07:10,530 --> 00:07:16,860 So we have to find the IP address of the god in this computer. 100 00:07:16,860 --> 00:07:19,050 So we have to have his IP address. 101 00:07:19,380 --> 00:07:20,210 OK. 102 00:07:20,250 --> 00:07:25,970 So now go back to academies or we can change the 103 00:07:30,040 --> 00:07:32,620 light on block by block. 104 00:07:33,350 --> 00:07:34,040 OK. 105 00:07:34,140 --> 00:07:37,920 UPS goes OK. 106 00:07:38,080 --> 00:07:38,500 No. 107 00:07:38,510 --> 00:07:40,160 Come on again 108 00:07:54,950 --> 00:07:55,390 OK. 109 00:07:55,560 --> 00:08:03,340 So now we can maybe discover net to discover and establish and then my new by my news I bring your friends. 110 00:08:03,390 --> 00:08:04,770 Is it easy. 111 00:08:04,800 --> 00:08:10,630 And then presenter so not gay No it can wait for it. 112 00:08:10,720 --> 00:08:10,980 Yeah. 113 00:08:11,500 --> 00:08:11,980 So that's it. 114 00:08:11,980 --> 00:08:14,810 And then you press control see to 115 00:08:21,690 --> 00:08:24,210 as we're already seen before. 116 00:08:24,280 --> 00:08:25,880 So with Emma. 117 00:08:26,260 --> 00:08:37,200 And a B it's a 22 day news that that can be used for giving the IP address of someone's computer. 118 00:08:37,200 --> 00:08:40,440 All you can scan a whole network. 119 00:08:40,440 --> 00:08:42,280 It will give you a lot of information. 120 00:08:42,270 --> 00:08:42,870 Guys 121 00:08:46,030 --> 00:08:50,290 and then after we got type minus eight for all. 122 00:08:50,890 --> 00:08:51,440 And then. 123 00:08:51,850 --> 00:08:55,490 And then after we're going to put the IP address. 124 00:08:55,880 --> 00:08:56,280 OK 125 00:08:59,970 --> 00:09:00,330 all right. 126 00:09:00,420 --> 00:09:08,790 And then again presenter up for 25 is open S.M. TB. 127 00:09:08,960 --> 00:09:16,240 Okay but a D up patch yes 5 5 0 0 6 DCP SSL. 128 00:09:16,280 --> 00:09:17,840 Oh nice. 129 00:09:17,840 --> 00:09:19,620 And then pop to me. 130 00:09:19,870 --> 00:09:20,950 Okay. 131 00:09:21,320 --> 00:09:24,150 If you're all familiar with Gemma you can know what does that mean. 132 00:09:24,270 --> 00:09:27,460 Pop Jimmy again. 133 00:09:27,570 --> 00:09:28,110 Great. 134 00:09:29,070 --> 00:09:35,900 So now let's go to your two older boys and then try to stay their career. 135 00:09:36,700 --> 00:09:41,410 So so you apparently Firefox here. 136 00:09:42,040 --> 00:09:43,150 It's a good 137 00:09:46,060 --> 00:09:49,470 acknowledged now. 138 00:09:49,560 --> 00:09:55,560 That was the IPR just that we don't need to pass the port because the port is on 80 as default it would 139 00:09:55,560 --> 00:10:04,420 be on 80 but if you want it doesn't matter you can type it up very like 140 00:10:08,700 --> 00:10:10,870 good. 141 00:10:11,040 --> 00:10:19,950 So now it gives us save a home as a path so that we can go and run again. 142 00:10:19,960 --> 00:10:23,380 So okay desu. 143 00:10:24,210 --> 00:10:26,920 Oh these guys. 144 00:10:27,250 --> 00:10:30,890 So we can see on 145 00:10:36,030 --> 00:10:43,150 so now are we going to do is go back to the main page in 146 00:10:51,400 --> 00:11:00,670 then we like we just the sources and just to find if any information is here then OK. 147 00:11:00,720 --> 00:11:03,500 So we have a javascript file. 148 00:11:03,570 --> 00:11:06,030 It's all let's click on it and then open a 149 00:11:13,950 --> 00:11:22,730 it this carefully because it is or for various information it is HDMI and could eat eggs. 150 00:11:23,160 --> 00:11:27,770 So we can try to find on your Google how to decode a you. 151 00:11:27,870 --> 00:11:35,040 You are aware of each GMO code and then try to record it to see what is today's 152 00:11:38,100 --> 00:11:40,420 oh so invincible hug. 153 00:11:41,560 --> 00:11:43,560 OK so good. 154 00:11:49,360 --> 00:11:50,490 Employees. 155 00:11:50,530 --> 00:11:56,060 Make sure you know what all this looks like a user name. 156 00:11:56,250 --> 00:12:01,080 So let's make a note of it so that we not forget it. 157 00:12:01,110 --> 00:12:10,810 Then we can try the home page try to serve our home beach boys 158 00:12:13,800 --> 00:12:16,370 and then the person that we have just Rickover. 159 00:12:16,440 --> 00:12:18,440 So the password was invisible hacker. 160 00:12:18,480 --> 00:12:19,480 So you remember me. 161 00:12:19,590 --> 00:12:21,130 So we find it. 162 00:12:21,300 --> 00:12:24,870 Why do we decrypt the itchy amateur text. 163 00:12:25,510 --> 00:12:30,160 OK so OK let's see what it says. 164 00:12:30,210 --> 00:12:33,940 Oh he's tried to eat guys and then tried to shoot his source caught us right. 165 00:12:34,770 --> 00:12:35,250 OK. 166 00:12:39,530 --> 00:12:39,930 Is 167 00:12:44,230 --> 00:12:45,220 tried. 168 00:12:45,560 --> 00:12:46,060 OK. 169 00:12:47,930 --> 00:12:49,370 So what kind of information. 170 00:12:49,380 --> 00:12:50,950 So we get there. 171 00:12:51,840 --> 00:12:53,540 But that is it. 172 00:12:54,020 --> 00:13:02,540 So it's nothing. 173 00:13:02,880 --> 00:13:07,050 So we open up a new terminal and then we try to turn and maybe. 174 00:13:07,560 --> 00:13:11,030 OK so now we can take their meds. 175 00:13:11,550 --> 00:13:13,170 And then DARPA Juris 176 00:13:21,370 --> 00:13:27,090 the IP address of all called denied input to okay. 177 00:13:27,110 --> 00:13:32,970 Now first thing first we going a real or fly fast track. 178 00:13:33,240 --> 00:13:33,660 Good. 179 00:13:33,730 --> 00:13:47,740 Now let's use this common high job minus Boris minus bullies and then minus B and then you bust the 180 00:13:47,740 --> 00:13:56,770 path there and then you put the IPO just to feel good and I I feel is fine from 0 0 7 to the point that 181 00:13:56,770 --> 00:14:00,610 we have used we have seen and met it in a month. 182 00:14:00,730 --> 00:14:12,000 And then you put it up to servers oh perfect so we get it passwords secret one we successfully discovered 183 00:14:12,000 --> 00:14:14,320 the password of boys. 184 00:14:14,350 --> 00:14:15,040 So that's good. 185 00:14:15,580 --> 00:14:25,900 So now let's make it a step more OK you I turn it in the IP address of your good and I. 186 00:14:26,200 --> 00:14:33,130 So so that we see if we can find more credentials or okay. 187 00:14:33,190 --> 00:14:40,720 So when I put user base last Sydney bus wouldn't impress them. 188 00:14:40,760 --> 00:14:41,970 Okay good. 189 00:14:42,380 --> 00:14:43,560 So far so good. 190 00:14:43,640 --> 00:14:49,860 We are getting let's see if we can find some kind of e mail so that we can read them. 191 00:14:50,420 --> 00:14:58,800 So let's try this call in to a 1 percent erm I 192 00:15:02,030 --> 00:15:03,990 nothing so. 193 00:15:04,240 --> 00:15:12,580 Again try the tool if nothing you have to try to tweet but let's see first if we have some information 194 00:15:14,300 --> 00:15:16,010 I can work your call. 195 00:15:16,020 --> 00:15:17,530 Phone Natalia 0 1 2. 196 00:15:17,570 --> 00:15:20,740 Okay so it might be a user name. 197 00:15:20,790 --> 00:15:25,200 So let's try more okay. 198 00:15:28,170 --> 00:15:31,680 This is him email me surgeon the White 199 00:15:34,570 --> 00:15:35,220 gain. 200 00:15:35,230 --> 00:15:43,480 Natalia he's he's a user name or care has the same username as Bruce. 201 00:15:43,620 --> 00:15:44,130 Now you can. 202 00:15:44,130 --> 00:15:45,320 Great. 203 00:15:45,400 --> 00:15:53,550 So now we're going to go back to hijack commend and we're gonna try to modify it and use it into Natalia 204 00:15:54,820 --> 00:15:57,390 and then now we're going to poison all the. 205 00:15:57,430 --> 00:15:59,290 We would see one formation 206 00:16:01,920 --> 00:16:06,810 good very good we have 20 plus for Natalia. 207 00:16:07,280 --> 00:16:09,060 Great okay. 208 00:16:09,070 --> 00:16:13,360 Now I'm going to read and then try to turn it 209 00:16:16,210 --> 00:16:23,700 to you again so that we can find these giant looking to see if we can read manageress. 210 00:16:24,120 --> 00:16:25,050 Look we are. 211 00:16:25,870 --> 00:16:26,320 OK. 212 00:16:28,120 --> 00:16:32,540 Idea 1. 213 00:16:32,860 --> 00:16:37,470 This is a WHO WOULD YOU WOULD is using him. 214 00:16:37,930 --> 00:16:38,570 OK. 215 00:16:41,650 --> 00:16:46,790 We have some Quinn shows he's using senior and password. 216 00:16:46,810 --> 00:16:49,720 Our Slepian and so on and so on. 217 00:16:50,060 --> 00:16:50,750 OK good. 218 00:16:50,800 --> 00:16:51,700 So far so good. 219 00:16:55,370 --> 00:17:01,760 So we've been trying to put it in some ticks or just screenshot it so that we can know step back and 220 00:17:01,760 --> 00:17:08,750 remember it and the next step we're going to use it to draw. 221 00:17:08,920 --> 00:17:10,810 So that's what makes a few changes 222 00:17:15,130 --> 00:17:21,640 and now we're going to try to enjoy the IP address of goodnight and then Cincinnati station dot com 223 00:17:22,370 --> 00:17:29,830 and then we'll see Queen. 224 00:17:29,930 --> 00:17:35,450 Now what we have to do we're going to go to Firefox or to Google Chrome to open warfare and then we're 225 00:17:35,450 --> 00:17:38,790 going to pass the server name. 226 00:17:38,810 --> 00:17:43,980 I mean the Web site that we have phone into E matter when we're reading them. 227 00:17:43,980 --> 00:17:47,330 So we're gonna pass it there and it's in that we can see how it looks. 228 00:17:47,640 --> 00:17:48,300 Okay. 229 00:17:48,380 --> 00:17:54,500 So we can go in and try to go to Firefox now and then we passed their 230 00:17:57,120 --> 00:18:01,960 and then we'll pass it there and then we put it no yeah. 231 00:18:02,660 --> 00:18:03,410 Oh. 232 00:18:06,070 --> 00:18:07,860 So and then we get into a module. 233 00:18:07,850 --> 00:18:08,470 Page 234 00:18:11,990 --> 00:18:17,720 No we can try to looking with credentials that we have found senior. 235 00:18:18,080 --> 00:18:18,370 Yeah. 236 00:18:18,830 --> 00:18:27,180 And the password we put the password let's see if we will be logging getting that seat. 237 00:18:27,780 --> 00:18:28,350 All right. 238 00:18:28,350 --> 00:18:29,550 So we are there. 239 00:18:29,550 --> 00:18:33,850 So OK now what do we have to do it is just to click and click. 240 00:18:33,850 --> 00:18:36,030 So just find someone for me Shannon. 241 00:18:36,030 --> 00:18:41,640 I would set my tabs on my profile and so on. 242 00:18:43,220 --> 00:18:44,360 So after looking and. 243 00:18:44,600 --> 00:18:47,120 So we see an image from Doug 244 00:18:50,340 --> 00:18:52,460 my main use it is Doug. 245 00:18:52,550 --> 00:18:53,110 Thank you. 246 00:18:53,110 --> 00:18:54,100 Cheers. 247 00:18:54,110 --> 00:18:54,670 OK. 248 00:18:54,800 --> 00:18:57,180 So now we're going to try to use hi Joy again 249 00:19:03,120 --> 00:19:08,580 to try to get aid and change the user name. 250 00:19:08,730 --> 00:19:09,840 Okey doke. 251 00:19:09,840 --> 00:19:17,760 And then the presenter to boot from sea at sea profit. 252 00:19:17,780 --> 00:19:18,260 Good. 253 00:19:18,260 --> 00:19:19,250 Exactly. 254 00:19:19,250 --> 00:19:24,980 So now we're going to try to try to turn it again to see if we can find more information about it. 255 00:19:25,480 --> 00:19:26,260 OK. 256 00:19:26,280 --> 00:19:34,280 So then I'm going to put a point out of course in the new prisoner and then using a dog and then you 257 00:19:34,280 --> 00:19:39,100 put the password there has got to see if you'll be logging. 258 00:19:39,640 --> 00:19:40,540 OK. 259 00:19:40,570 --> 00:19:48,690 So now we have to e t 0 1 and again I'm under the username and passwords. 260 00:19:48,700 --> 00:19:49,710 That's great. 261 00:19:49,720 --> 00:19:52,470 So let's see if you have more information. 262 00:19:52,470 --> 00:19:53,920 There is no message. 263 00:19:53,920 --> 00:19:54,780 OK. 264 00:19:55,460 --> 00:19:56,350 That's good. 265 00:19:56,350 --> 00:20:04,270 So now we can go back to all Firefox and then try to log in as the news and in that we have forgot just 266 00:20:04,270 --> 00:20:10,070 why no to see if we can be logging in excellent. 267 00:20:10,140 --> 00:20:10,560 OK. 268 00:20:11,030 --> 00:20:11,430 OK. 269 00:20:12,580 --> 00:20:14,040 Well now I'm going to try it. 270 00:20:14,040 --> 00:20:20,750 Too good to miss ages messages to see what mean. 271 00:20:20,860 --> 00:20:21,480 OK. 272 00:20:22,930 --> 00:20:23,680 Good. 273 00:20:23,920 --> 00:20:25,440 Fine. 274 00:20:27,000 --> 00:20:38,550 To see some information on you try to download it to see what we need. 275 00:20:39,510 --> 00:20:41,220 OK OK. 276 00:20:41,510 --> 00:20:48,700 Audiences this week will use. 277 00:20:49,080 --> 00:20:52,540 No we have a location. 278 00:20:53,050 --> 00:20:53,590 Totally. 279 00:20:53,900 --> 00:20:54,340 Okay. 280 00:20:54,360 --> 00:20:55,020 Just go beat 281 00:21:01,480 --> 00:21:10,600 up a new term and then try to put a supernova link and then try to go to work. 282 00:21:10,750 --> 00:21:12,490 Nervous thing. 283 00:21:12,530 --> 00:21:14,110 This is the image. 284 00:21:14,360 --> 00:21:21,060 What probably the image might be containing some information some ticks. 285 00:21:21,080 --> 00:21:26,000 So we're going to try to save it because we never know what it takes inside. 286 00:21:26,780 --> 00:21:27,660 OK. 287 00:21:27,710 --> 00:21:44,030 Now go back to your talk to me now so that we can go to a download for Derek Hermes. 288 00:21:44,080 --> 00:21:52,510 Now we're going to use a tool in order to win in a way to files or images or in order and in order to 289 00:21:52,510 --> 00:21:56,310 manipulate the myth and attack that might it be contending in a fight. 290 00:21:56,680 --> 00:22:00,400 So we can use this to interact. 291 00:22:00,580 --> 00:22:04,840 We can use this tool encoding links matching if we don't have it yet installed. 292 00:22:04,870 --> 00:22:07,930 So we and started by typing up to date and stuff. 293 00:22:08,350 --> 00:22:16,130 OK let's get into it so we're going to type it up to do to get install if 2 percent or. 294 00:22:16,220 --> 00:22:17,840 And then Epsilon 295 00:22:21,130 --> 00:22:29,060 which just with a little read and then after done so we're going to use that tool and we could define 296 00:22:29,120 --> 00:22:37,540 that we want to pierce that we want to read that we want to get access to it and then the page defined. 297 00:22:37,610 --> 00:22:44,030 So you're going to be careful the information so you find a lot of information. 298 00:22:44,030 --> 00:22:49,170 Image description it is Seif byte order. 299 00:22:49,240 --> 00:22:56,000 Hope this is encoded stream since it ends with two equal signs. 300 00:22:56,360 --> 00:23:06,540 It is a base64 so we could all use birth street or we can use Terminator to try to decode it so you 301 00:23:06,540 --> 00:23:11,590 could beat and then take a call. 302 00:23:11,650 --> 00:23:12,880 You can go to your purposes. 303 00:23:12,910 --> 00:23:14,310 It's not a problem. 304 00:23:14,440 --> 00:23:15,980 And then base64 305 00:23:18,970 --> 00:23:26,820 it takes and then you type which kind of encoding texts and then minus decoding the new poison. 306 00:23:27,540 --> 00:23:30,410 These is the decoded text that we get. 307 00:23:31,760 --> 00:23:32,880 All right. 308 00:23:32,890 --> 00:23:34,330 So far so good. 309 00:23:34,800 --> 00:23:38,690 OK now we're going to just copy it all so carefully. 310 00:23:42,560 --> 00:23:43,190 OK. 311 00:23:43,600 --> 00:23:52,390 Now we've got about to do when I come back here to Sophos and then let's see if it if it is a admin 312 00:23:52,400 --> 00:23:58,010 password and then type I mean and then you posit that password to see if we might enter. 313 00:23:58,460 --> 00:23:59,490 So we are in. 314 00:24:00,250 --> 00:24:02,830 Okay good. 315 00:24:02,900 --> 00:24:09,360 Now we're going to try to go to site and be situation go too soon. 316 00:24:09,400 --> 00:24:10,850 So servers 317 00:24:13,460 --> 00:24:19,580 and justifying your version OK. 318 00:24:19,620 --> 00:24:22,350 This is the version 2.0 point to me. 319 00:24:22,670 --> 00:24:25,380 So now I'm going to try to google it. 320 00:24:25,590 --> 00:24:30,690 I mean oh stop page it to find if we can get some exploitation of it. 321 00:24:32,020 --> 00:24:36,820 So that's what we always just tried to get information and then go got it. 322 00:24:37,240 --> 00:24:38,630 OK. 323 00:24:38,660 --> 00:24:40,770 So we're going to try to exploit it. 324 00:24:41,270 --> 00:24:41,780 Yeah. 325 00:24:43,380 --> 00:24:44,550 So you can get 326 00:24:50,150 --> 00:25:00,140 many fine spellcheck sitting on Google gold they're them using stem OK. 327 00:25:00,170 --> 00:25:03,160 So let's see how we can use this exploitation 328 00:25:05,560 --> 00:25:06,070 OK. 329 00:25:09,920 --> 00:25:19,130 So my test can be used for getting this shape or you can just try to do it manually. 330 00:25:19,260 --> 00:25:21,740 We're going to try it in reverse shall fail. 331 00:25:23,730 --> 00:25:25,460 Let's go the system. 332 00:25:25,710 --> 00:25:31,890 When I'm good there and then we have to overhaul why did we or we first should feel that we have downloaded 333 00:25:31,980 --> 00:25:32,550 earlier 334 00:25:36,010 --> 00:25:43,780 good to far folks and in Guinea you're going to try these each year which cheat 335 00:25:49,830 --> 00:25:52,930 we're going to use the pirate on code. 336 00:25:52,970 --> 00:26:01,140 So just make a copy of it and then just to try to modify the IP address of Throsby and then you can 337 00:26:01,420 --> 00:26:04,640 put us default. 338 00:26:04,730 --> 00:26:11,230 Now and then try to modify the IP address 339 00:26:14,840 --> 00:26:18,070 and then put your IP address your IP address. 340 00:26:18,080 --> 00:26:23,310 I mean you're kind of much in I'm Joyce and then put you can leave it as default. 341 00:26:23,360 --> 00:26:28,880 Anything you have to remember always when you cut it any time you know so that you can put this same 342 00:26:29,080 --> 00:26:30,360 port number. 343 00:26:30,390 --> 00:26:31,130 All right. 344 00:26:31,650 --> 00:26:32,550 So no 345 00:26:40,180 --> 00:26:40,960 this is good. 346 00:26:45,050 --> 00:26:45,840 Good luck. 347 00:26:51,100 --> 00:26:52,120 Okay. 348 00:26:52,280 --> 00:26:55,130 Never forget to collect the same changes 349 00:26:59,500 --> 00:27:04,030 so you can go to program to find out if we have to change something. 350 00:27:05,600 --> 00:27:06,880 Say it was 351 00:27:10,010 --> 00:27:11,670 fine Ms. 352 00:27:11,820 --> 00:27:22,020 Each you went into okay or click on it made sure you put it on B as a share. 353 00:27:25,240 --> 00:27:34,220 As different as you can see it is a Google spurred and then which would affect our expectation. 354 00:27:34,220 --> 00:27:37,560 It might be fed if we use Google Atlas but we have to choose. 355 00:27:37,680 --> 00:27:43,520 Yes but share now it's the time to set the net cut. 356 00:27:43,790 --> 00:27:49,970 Listen I'm forgetting the communication of both of them all of them did. 357 00:27:50,220 --> 00:27:55,260 So now I think that what went up was under way. 358 00:27:55,730 --> 00:28:11,090 Then if were fired you would do a Firefox and then try to go side page bongs try to open on one of them. 359 00:28:12,520 --> 00:28:17,020 And you can type anything there and then use it toggle to spell checker. 360 00:28:17,040 --> 00:28:20,860 So that's why we didn't choose the Google one dispatch checker. 361 00:28:20,940 --> 00:28:27,490 Okay so it act it activates the we versus ship battle of the fight on that we have used. 362 00:28:27,870 --> 00:28:28,360 And then. 363 00:28:28,440 --> 00:28:33,600 Which will empower or exploitation from the kind of smashing of their we first. 364 00:28:33,600 --> 00:28:36,780 Sure you have to activate the total expenditure. 365 00:28:36,830 --> 00:28:38,520 So that's why we use it. 366 00:28:38,520 --> 00:28:39,100 We don't. 367 00:28:39,150 --> 00:28:41,390 We did it use cookies and check. 368 00:28:41,700 --> 00:28:46,290 You see now on next is we seeing the connection. 369 00:28:46,310 --> 00:28:48,840 So no we cannot take this comment. 370 00:28:49,590 --> 00:28:54,350 So we already use it and some previous videos already. 371 00:28:56,250 --> 00:29:00,220 Now we have to escape the privileges All right. 372 00:29:00,710 --> 00:29:12,220 So we can try to you name a and then tweet to show us the version of the you want do. 373 00:29:12,220 --> 00:29:24,510 I've got an I can we can again go back to Firefox and try to find if there exists the exploitation of 374 00:29:24,510 --> 00:29:27,760 the Ubuntu return thing. 375 00:29:28,140 --> 00:29:32,280 Always try to do that always remember to try to get 376 00:29:35,270 --> 00:29:36,390 a better one. 377 00:29:36,490 --> 00:29:42,760 First on to see if we can exploit it. 378 00:29:43,950 --> 00:29:45,990 Too early to copy 379 00:30:00,250 --> 00:30:09,190 what we're going to try to be this content and then create a new fire in all rule called Web directory 380 00:30:09,470 --> 00:30:16,350 kind of matching which is var slash every time a news flash it's damn it and then we're going to create 381 00:30:16,350 --> 00:30:21,810 a new file and then pass the content of this file inside of. 382 00:30:21,990 --> 00:30:34,000 So let's go and make it okay so when I'll in neutral or and then we can change or down with joy to all 383 00:30:34,220 --> 00:30:39,140 look on a web directory it's slash it's to a man. 384 00:30:40,380 --> 00:30:44,860 I know and then you go and I create a new fire there. 385 00:30:44,880 --> 00:30:48,630 We did VII comment in if you want you can use get it. 386 00:30:48,660 --> 00:30:49,620 It's not a problem. 387 00:30:49,650 --> 00:30:53,310 Oh you can leave it use lift but it's not a program. 388 00:30:53,330 --> 00:30:58,830 So the most important thing is that you quit your job in the new plastic within them so that you can 389 00:30:59,160 --> 00:31:05,470 extract it or you can download it from your local work machine while you are and go to night. 390 00:31:05,810 --> 00:31:10,040 Okay so does your office eyepatch some 391 00:31:13,250 --> 00:31:14,780 so that you can get access to it. 392 00:31:14,810 --> 00:31:17,530 And then now what do you tell me now. 393 00:31:17,540 --> 00:31:29,340 I mean it could and I sure OK says DMV and then now you're gonna try to get it the IP just a full copy 394 00:31:29,340 --> 00:31:33,860 machine of course and then defy is in. 395 00:31:34,240 --> 00:31:45,720 Kit so now what we're going to do now you can try to compete using JCC before taking the following command. 396 00:31:45,720 --> 00:31:51,600 We're going to have to modify or fires which will have been downloaded. 397 00:31:51,600 --> 00:32:01,050 The one that we have put in date will file a WW is T M directory path because in this code and I have 398 00:32:01,080 --> 00:32:08,160 variable matching the GC C is not installed so if would be worse. 399 00:32:08,190 --> 00:32:17,790 The code we will see Dad will first try to control f or common f if I want in my book you will type 400 00:32:17,880 --> 00:32:29,170 GC C and then using the code that leave ecosystem and disease cause GC C a fan FBA C that means it we 401 00:32:29,200 --> 00:32:38,010 choirs so that we use Jesus for the compiling but as in all code in the way it does it have the GC C 402 00:32:38,160 --> 00:32:46,950 tool installed so we can modify the code by the way we are going to just try to delete the G and then 403 00:32:46,950 --> 00:32:56,410 we let only b c c and then we save and we quit and now we can proceed with concomitant let me to first. 404 00:32:56,610 --> 00:32:57,090 I mean 405 00:33:00,170 --> 00:33:05,840 key here as we can attack we see the G C C is here. 406 00:33:06,410 --> 00:33:14,930 So in a good and I it's not installed so we have to find a way probably C C is as it started moving 407 00:33:15,290 --> 00:33:21,580 and then we going to try to delete or erase GCSE so that we can make it simpler. 408 00:33:21,620 --> 00:33:27,040 All right so we're gonna go out and let's see first 409 00:33:29,940 --> 00:33:31,970 and then we're going to try to A. 410 00:33:31,980 --> 00:33:41,090 I mean just to see we just only C so you can find it you'd like control s guys. 411 00:33:41,280 --> 00:33:50,820 So you just do control errors and the new type GCSE so that you can find D this line of code lead ecosystem. 412 00:33:50,820 --> 00:33:55,140 I want to see is that GCSE space fan. 413 00:33:55,170 --> 00:33:57,510 FBI seems or I'm saying so. 414 00:33:57,890 --> 00:33:58,420 OK. 415 00:33:58,440 --> 00:33:59,530 All right. 416 00:33:59,530 --> 00:34:02,010 So well when I say we 417 00:34:05,990 --> 00:34:07,450 get good 418 00:34:14,530 --> 00:34:18,100 and then wasn't there. 419 00:34:18,270 --> 00:34:31,350 So now trying to see and then you put define minus all output and then it was then it should work then 420 00:34:38,270 --> 00:34:41,770 OK so now we can try to win it. 421 00:34:42,000 --> 00:34:42,550 Okay. 422 00:34:43,690 --> 00:34:45,680 Good. 423 00:34:48,890 --> 00:34:51,310 So nothing inside. 424 00:34:51,340 --> 00:34:57,310 I do. 425 00:34:57,790 --> 00:35:02,870 We can use card to open these files is this flag that takes. 426 00:35:02,970 --> 00:35:04,430 Okay good. 427 00:35:04,940 --> 00:35:06,430 So now we get it. 428 00:35:06,740 --> 00:35:12,080 So we get a file here and then this is the content of the. 429 00:35:12,420 --> 00:35:13,150 Good. 430 00:35:13,170 --> 00:35:16,370 So that's how we get into it. 431 00:35:16,370 --> 00:35:25,970 Guys we all fully think that this video was helpful so that it makes you understand how any relation 432 00:35:26,060 --> 00:35:30,050 of exploitation of the good and eye operating system is working. 433 00:35:30,490 --> 00:35:34,850 We thank you and then we hope all this information was informative for you. 434 00:35:34,890 --> 00:35:39,140 Our and then we are looking forward to see you in the next video. 435 00:35:39,530 --> 00:35:39,980 Thank you.