1
00:00:00,280 --> 00:00:05,790
And Lou everybody when it comes to my advanced ethical hacking networking penetration texting cause

2
00:00:16,340 --> 00:00:22,030
this lab is going to convert emulation and the exploitation of the word pass up.

3
00:00:22,580 --> 00:00:29,240
So to stop it you will not go there and click search and I would press and go

4
00:00:34,500 --> 00:00:37,730
but we're going to try the first one we create

5
00:00:40,370 --> 00:00:41,690
and kick start

6
00:00:45,320 --> 00:00:46,950
you're going to have to wait.

7
00:00:47,640 --> 00:00:48,440
OK.

8
00:00:48,530 --> 00:00:50,060
Now you get this in bugs

9
00:00:53,120 --> 00:00:53,530
OK.

10
00:00:53,600 --> 00:00:56,870
So now this is the target that we get.

11
00:00:56,930 --> 00:00:58,880
You can go to your terminal

12
00:01:03,960 --> 00:01:06,850
as Edgewater for firewood place.

13
00:01:07,090 --> 00:01:16,260
We all use always W B scan because we don't need to go to look for other tools because we really detect

14
00:01:16,350 --> 00:01:18,510
that we are working in your post lab.

15
00:01:20,010 --> 00:01:26,040
So you just put your and then you just enter

16
00:01:29,230 --> 00:01:29,770
okay

17
00:01:33,750 --> 00:01:34,840
one day scan is done.

18
00:01:35,140 --> 00:01:44,190
So you have a lot of information in and then try to see what kind of info that you get.

19
00:01:46,950 --> 00:01:51,590
And then we have the location as well.

20
00:01:51,790 --> 00:01:59,550
And we have some differences in just a look.

21
00:01:59,910 --> 00:02:11,620
We can go down below in suit and try to press local was with information that we got so that we can

22
00:02:11,620 --> 00:02:13,670
get the sites.

23
00:02:13,750 --> 00:02:14,410
Good thing.

24
00:02:15,060 --> 00:02:16,300
So let's have a look.

25
00:02:16,300 --> 00:02:18,630
Let's have a look.

26
00:02:19,080 --> 00:02:21,710
So you've been on this time and you type

27
00:02:24,890 --> 00:02:25,890
k.

28
00:02:26,550 --> 00:02:31,920
We place these content by the new world of the happy that you get

29
00:02:34,720 --> 00:02:35,630
here.

30
00:02:35,630 --> 00:02:38,620
So the javascript payload is loading into the page.

31
00:02:38,620 --> 00:02:41,930
That means it is vulnerable to excesses attack

32
00:02:50,630 --> 00:02:51,090
got

33
00:02:55,050 --> 00:02:57,890
okay we're going to have to is to use against

34
00:03:07,040 --> 00:03:11,180
go up to logging and try.

35
00:03:11,270 --> 00:03:14,660
I mean the password is password as we have seen Rowena

36
00:03:17,760 --> 00:03:21,940
Okay so now again we only had a dashboard.

37
00:03:21,990 --> 00:03:23,030
It's so easy.

38
00:03:23,100 --> 00:03:27,690
It's just for the sake of the demonstration guys.

39
00:03:27,690 --> 00:03:28,130
Okay.

40
00:03:31,180 --> 00:03:34,780
Now we're going to read it.

41
00:03:34,790 --> 00:03:41,450
And if the road is always to upload some files.

42
00:03:42,020 --> 00:03:55,760
Okay now we're going to try to create a page so that we can use the file that we are willing to upload.

43
00:03:57,340 --> 00:03:59,290
With information on the installation

44
00:04:04,830 --> 00:04:09,390
we go to pages and add a few pages

45
00:04:12,320 --> 00:04:14,370
then type anything what you want.

46
00:04:19,730 --> 00:04:32,450
And now and I might get fired or what gives and then try to publish Greek Ken now and get that page

47
00:04:32,720 --> 00:04:33,800
so you can view it

48
00:04:36,570 --> 00:04:38,270
okay.

49
00:04:38,520 --> 00:04:50,570
Now it is obscene see 99 I share it is this show which I wrote about was the execution of payloads.

50
00:04:51,600 --> 00:05:02,660
When I go to this link and clone it all you just can copy and go back to a terminal and there you can

51
00:05:02,660 --> 00:05:04,700
create a new file.

52
00:05:04,700 --> 00:05:09,040
You can use a text editor like you did it or despite it.

53
00:05:09,040 --> 00:05:17,180
It doesn't matter and you create a piece in the new creative BHP fine and then you pass that code by

54
00:05:17,200 --> 00:05:25,120
that here and then save it and create during after that's gone out to read.

55
00:05:25,120 --> 00:05:34,790
Oh I can save it good good and go back to their website and then we can go for the PSP find that we

56
00:05:34,790 --> 00:05:39,510
have just created and then go to heal.

57
00:05:39,600 --> 00:05:41,110
Okay.

58
00:05:41,750 --> 00:05:44,760
And then open upload to

59
00:05:49,820 --> 00:05:52,310
care so we get a message.

60
00:05:52,330 --> 00:05:55,880
You cannot send you.

61
00:05:55,980 --> 00:06:05,730
Now we go about three programs and then we can see that process will be e active.

62
00:06:05,760 --> 00:06:06,140
Okay.

63
00:06:09,450 --> 00:06:14,890
So what I try to put it if we can find it somewhere

64
00:06:20,130 --> 00:06:31,900
we will naturally force large developing content slash applaud slash scene 89 churns.

65
00:06:32,380 --> 00:06:40,610
The HP Well as we can see we successfully applaud that cheer.

66
00:06:40,850 --> 00:06:44,100
So it's it's not big stuff.

67
00:06:44,350 --> 00:06:44,940
Okay.

68
00:06:49,670 --> 00:06:55,830
Ok that's all for this video guys it was just a very short demonstration about how you can use the word

69
00:06:55,840 --> 00:07:01,610
person marriage and you know the first thing is that if you already have a target that you know that

70
00:07:01,940 --> 00:07:10,860
the website is hogged by wordpress so you can just use WP scan so that you can scan that Web site and

71
00:07:10,880 --> 00:07:15,450
so you don't need to wait for something else but if you know something more opportunity.

72
00:07:15,490 --> 00:07:23,510
Because sometimes even if we have some comments for a particular Web site so we can use many comments

73
00:07:23,540 --> 00:07:24,200
in it.

74
00:07:24,230 --> 00:07:26,640
It depends on the goal that we have.

75
00:07:26,750 --> 00:07:31,070
What we are going to do so that we can grab those information that we need.

76
00:07:31,560 --> 00:07:31,960
OK.

77
00:07:31,990 --> 00:07:33,790
So that's it for this video guys.

78
00:07:33,830 --> 00:07:36,780
We hope that this video was informative for you.

79
00:07:36,830 --> 00:07:39,910
And then see it in the next video.

80
00:07:39,920 --> 00:07:40,400
Thank you.