1 00:00:00,120 --> 00:00:05,790 Hey, Lou, everybody, welcome to my advanced ethical hacking, networking, penetration testing calls. 2 00:00:16,300 --> 00:00:16,540 E! 3 00:00:17,520 --> 00:00:25,760 In these you guys, we are going to INTUITY practical part of the Web hacking and then be aware and 4 00:00:25,760 --> 00:00:29,600 be in mind, please, that we are not going to show you how to hack. 5 00:00:29,930 --> 00:00:35,630 But yes, of course, we are going to show you how to hack, but we're going to show you how to hack 6 00:00:35,750 --> 00:00:44,510 in order to know how to prevent yourself, in order to know how you can help people secure do system. 7 00:00:44,930 --> 00:00:51,410 Therefore, if you do know how the hacking works so you will not be able to know how you can secure 8 00:00:51,410 --> 00:00:51,920 yourself. 9 00:00:52,010 --> 00:00:53,810 So this is a logical thinking. 10 00:00:54,260 --> 00:00:54,590 All right. 11 00:00:55,340 --> 00:01:02,840 So let's close this because we don't need it any more from the previous video so you can minimize data. 12 00:01:02,850 --> 00:01:07,490 So we are going to open all Firefox or Firefox is working. 13 00:01:07,520 --> 00:01:08,690 Let's stop Ortberg Street. 14 00:01:09,710 --> 00:01:12,500 So we are going to intercept these off. 15 00:01:12,530 --> 00:01:13,460 Put it off now. 16 00:01:13,580 --> 00:01:14,260 All right. 17 00:01:14,300 --> 00:01:18,170 So then therefore we can try to consolidate things. 18 00:01:18,170 --> 00:01:19,240 We don't need them anymore. 19 00:01:20,610 --> 00:01:21,200 Right. 20 00:01:23,210 --> 00:01:29,440 When it comes to hacking, one thing that you have to have in mind is the common sense. 21 00:01:29,930 --> 00:01:38,240 So always try to put your your head in place so that you can understand some tricky things, because 22 00:01:38,240 --> 00:01:46,440 sometimes you might you might ask yourself, how can I have this Web site or how how can I bypass all 23 00:01:46,480 --> 00:01:47,090 of this? 24 00:01:47,360 --> 00:01:49,400 Log in form or some stuff like that. 25 00:01:49,720 --> 00:01:53,870 And it's so easy after knowing it, you as you say, you as a whole. 26 00:01:53,960 --> 00:01:54,770 So easy. 27 00:01:55,040 --> 00:01:56,640 But that's before you did it. 28 00:01:56,640 --> 00:02:06,320 Put yourself at a very piece for Leever so that you say, can we Lacassine and try to understand some 29 00:02:06,440 --> 00:02:09,260 tricks and just perform this attack. 30 00:02:09,600 --> 00:02:09,760 OK. 31 00:02:09,890 --> 00:02:14,720 So we are going to show you these three guys in the next few minutes. 32 00:02:15,050 --> 00:02:15,400 All right. 33 00:02:15,470 --> 00:02:20,800 So let's go to Sitting's manual Boxey. 34 00:02:20,990 --> 00:02:22,460 Use system, Boxey. 35 00:02:23,720 --> 00:02:27,590 Okay, so now we can use Firefox the way we want it to be. 36 00:02:28,490 --> 00:02:29,000 All right. 37 00:02:29,060 --> 00:02:32,830 So we are going to show you here. 38 00:02:33,680 --> 00:02:40,790 We've been testing page so that we can practice or you can train yourself in the cyber security. 39 00:02:41,030 --> 00:02:47,090 So it's OK to be ahead and down hackers. 40 00:02:48,260 --> 00:02:49,740 That org and the new presenter. 41 00:02:50,000 --> 00:02:59,240 So it's it's a website that allows you to penetrate, to do some pin pin testing. 42 00:02:59,600 --> 00:03:00,350 And then as. 43 00:03:00,830 --> 00:03:02,030 Oh, wait a moment. 44 00:03:02,240 --> 00:03:04,310 So let you minimize Berp Street. 45 00:03:04,950 --> 00:03:07,110 I would like to close it because I will need it. 46 00:03:08,120 --> 00:03:09,460 But we have done so. 47 00:03:09,600 --> 00:03:10,190 We will see. 48 00:03:11,000 --> 00:03:12,420 So I let it just happen. 49 00:03:13,910 --> 00:03:14,160 Okay. 50 00:03:14,830 --> 00:03:16,330 Well, let me open it in full. 51 00:03:18,150 --> 00:03:18,500 All right. 52 00:03:18,790 --> 00:03:27,730 Here you have so many so many options so that you might use to start your your your training phase, 53 00:03:27,760 --> 00:03:29,080 if you will. 54 00:03:29,260 --> 00:03:35,380 We have since some explored basic web hackey application, coworking and JavaScript hacking. 55 00:03:35,440 --> 00:03:39,850 A lot of stuff, guys, encryption, logical step. 56 00:03:39,850 --> 00:03:44,410 Guno, you know, you have a lot of auction so that you can train yourself. 57 00:03:44,470 --> 00:03:48,840 But to be able to train, you have to register on this Web site. 58 00:03:49,150 --> 00:03:50,940 So we have already registered. 59 00:03:51,220 --> 00:03:58,420 So let's just try to log in and then we will walk you to the step by step, how to hack it from the 60 00:03:58,420 --> 00:04:01,630 basic level to the advanced level over hacking phase. 61 00:04:02,050 --> 00:04:02,290 All right. 62 00:04:02,320 --> 00:04:05,080 So now let's go and type or user name. 63 00:04:05,140 --> 00:04:10,230 Is anything else on the nowaday Cassady's password? 64 00:04:14,720 --> 00:04:15,230 Okay. 65 00:04:15,840 --> 00:04:16,550 No, no, no. 66 00:04:16,630 --> 00:04:17,130 Thank you. 67 00:04:17,130 --> 00:04:17,820 All of our folks. 68 00:04:17,830 --> 00:04:18,530 I don't need you. 69 00:04:19,090 --> 00:04:19,270 OK. 70 00:04:19,360 --> 00:04:20,470 So we have already started. 71 00:04:20,500 --> 00:04:24,000 So we were each already 75 planes. 72 00:04:24,280 --> 00:04:26,800 So we you can choose. 73 00:04:27,550 --> 00:04:29,620 Let me make it a little bit bigger. 74 00:04:30,400 --> 00:04:31,570 Come on. 75 00:04:31,580 --> 00:04:32,110 Be good. 76 00:04:33,010 --> 00:04:33,610 Bruce. 77 00:04:41,140 --> 00:04:42,000 Well, Kenny 78 00:04:45,520 --> 00:04:50,100 Gross was a little step might be enough. 79 00:04:53,600 --> 00:04:54,310 It's big. 80 00:04:54,410 --> 00:04:57,660 You get like dirt, you do better for us to be seen. 81 00:04:58,880 --> 00:05:00,380 Because you want to see everything. 82 00:05:02,140 --> 00:05:02,730 Application. 83 00:05:02,830 --> 00:05:03,670 OK, perfect. 84 00:05:04,080 --> 00:05:10,500 So now we can after looking name, so we have seen that we have a few points here. 85 00:05:10,860 --> 00:05:15,780 But you can try to hack some zip files. 86 00:05:16,050 --> 00:05:17,190 It depends on your. 87 00:05:17,700 --> 00:05:23,110 Let's let's try to go in, for example, to see what kind of options you have. 88 00:05:23,190 --> 00:05:33,630 You see, this is all the training that you have to be solved and submit them if they are OK. 89 00:05:34,620 --> 00:05:36,990 But let's go first step by step. 90 00:05:37,410 --> 00:05:38,910 So we click on basic hacking. 91 00:05:39,240 --> 00:05:40,320 Basic Web hacking. 92 00:05:40,830 --> 00:05:41,160 OK. 93 00:05:41,350 --> 00:05:43,050 And when do I click on it? 94 00:05:43,230 --> 00:05:44,230 Open in a new page. 95 00:05:45,360 --> 00:05:53,760 As we have seen in the previous course, the path one when we were trying to hack some some labs operating 96 00:05:53,760 --> 00:06:02,790 system always be in mind and always having you have in your mind that if you are going to hack into 97 00:06:02,790 --> 00:06:03,590 a Web page. 98 00:06:03,990 --> 00:06:07,910 Always try to view the source code if it is P HP. 99 00:06:08,280 --> 00:06:14,140 We will show you in stepper a stapler, video clubs. 100 00:06:14,370 --> 00:06:23,250 If you did it by the first cost yet you we will encourage you to go in bait and then go to Stopera. 101 00:06:23,460 --> 00:06:26,220 Let me show you where it is. 102 00:06:26,400 --> 00:06:28,890 So you tell me your name. 103 00:06:29,090 --> 00:06:29,550 Come. 104 00:06:32,550 --> 00:06:37,310 Let's try to find all course advance. 105 00:06:38,410 --> 00:06:40,460 Eighty eight before hiking. 106 00:06:41,760 --> 00:06:44,340 They do go hiking on new mine, a network. 107 00:06:49,090 --> 00:06:50,560 OK, so let's call down one. 108 00:06:51,560 --> 00:06:53,210 Let's call the dawn to see. 109 00:06:53,320 --> 00:06:53,630 OK. 110 00:06:53,740 --> 00:06:57,030 So here it is, John Alyda. 111 00:06:57,130 --> 00:06:57,720 So. 112 00:06:57,780 --> 00:06:59,140 So we just came. 113 00:07:03,620 --> 00:07:10,910 And then you when I go there at the moment and stuff blows the post up. 114 00:07:15,550 --> 00:07:16,650 That's OK. 115 00:07:17,200 --> 00:07:18,080 Here, guys. 116 00:07:18,450 --> 00:07:22,510 And then we provide you not only DVD, you how to make it. 117 00:07:22,620 --> 00:07:29,870 And we provide you, Dylan, so that we can download it and make the penetration testing and then provide 118 00:07:29,950 --> 00:07:31,290 it step by step. 119 00:07:31,420 --> 00:07:34,110 Phyla is step by step process. 120 00:07:34,170 --> 00:07:41,340 How you can proceed if, for example, you are working in a public place or without a headphone. 121 00:07:41,580 --> 00:07:42,850 So you don't. 122 00:07:43,000 --> 00:07:45,730 You will not want to use the video. 123 00:07:45,840 --> 00:07:52,560 So you can use this to provided file so that you can proceed with your own testing. 124 00:07:52,710 --> 00:07:52,920 OK. 125 00:07:53,730 --> 00:07:56,330 So let's go back to your topic, OK? 126 00:07:56,970 --> 00:07:58,470 Now what we are going to do. 127 00:07:58,770 --> 00:08:00,150 So what do we see? 128 00:08:00,660 --> 00:08:01,240 Nothing here. 129 00:08:01,380 --> 00:08:02,670 So you can just. 130 00:08:02,670 --> 00:08:02,820 Right. 131 00:08:02,900 --> 00:08:08,430 Click and view page source and first thing for us. 132 00:08:08,730 --> 00:08:12,420 The comment is really is really important for us. 133 00:08:12,720 --> 00:08:17,840 We have to always check what kind of thing is is commended. 134 00:08:18,930 --> 00:08:21,380 So nothing is here. 135 00:08:21,390 --> 00:08:22,070 Nothing. 136 00:08:22,980 --> 00:08:23,300 Okay. 137 00:08:23,330 --> 00:08:23,780 For now. 138 00:08:23,790 --> 00:08:26,150 So we can close it by placing control. 139 00:08:26,160 --> 00:08:30,010 We and then now let's try to type anything. 140 00:08:30,030 --> 00:08:30,510 Blah, blah, blah. 141 00:08:30,810 --> 00:08:35,280 As the password and then submit invalid password. 142 00:08:35,310 --> 00:08:37,050 Please enter the password. 143 00:08:37,110 --> 00:08:42,300 Now let's or I click on it and view bridge source. 144 00:08:43,140 --> 00:08:44,040 So let's go. 145 00:08:44,120 --> 00:08:50,580 He'll go step by step so that we can see something. 146 00:08:53,150 --> 00:08:54,740 Let's let us check. 147 00:08:56,090 --> 00:09:03,470 So let's stay put these in full control air and password in defense. 148 00:09:03,470 --> 00:09:03,800 Good. 149 00:09:09,530 --> 00:09:15,920 Here in this Alwiya, when you type into a squad here. 150 00:09:16,320 --> 00:09:25,040 So here you're going to find in each team, man, come and we say something that when you put me a pearl, 151 00:09:25,410 --> 00:09:26,150 I pull. 152 00:09:26,500 --> 00:09:34,580 Let's say when you kick me when you paid me, I per OK, and so on. 153 00:09:34,730 --> 00:09:38,950 So here we submit the good result. 154 00:09:39,290 --> 00:09:40,130 You're going to see it here. 155 00:09:40,160 --> 00:09:46,190 But after that, you won't you won't be able to see the issue medicament anymore because you get this 156 00:09:46,220 --> 00:09:46,630 already. 157 00:09:46,870 --> 00:09:47,360 So. 158 00:09:48,050 --> 00:09:54,080 And so when you see the comment and then you come in since says it says through that. 159 00:09:54,350 --> 00:09:59,780 But no one you want anymore pay or only one animal per wishes. 160 00:09:59,990 --> 00:10:00,930 So this is cut. 161 00:10:01,280 --> 00:10:05,600 And then you go back here and you type password is cut. 162 00:10:05,720 --> 00:10:09,560 And then you press in the end and you will submit and you'll see. 163 00:10:09,710 --> 00:10:12,550 So you already bidis because I have already bidis. 164 00:10:12,800 --> 00:10:15,620 And then I did a few of them so that I didn't do them. 165 00:10:15,980 --> 00:10:19,880 I just want to make sure so that you understand the process. 166 00:10:19,910 --> 00:10:22,620 And I would Midem which you step by step. 167 00:10:23,030 --> 00:10:23,510 All right. 168 00:10:25,070 --> 00:10:25,280 Okay. 169 00:10:25,290 --> 00:10:28,790 Now, so let's just scroll as this page. 170 00:10:28,820 --> 00:10:29,570 Let's close it. 171 00:10:30,020 --> 00:10:31,520 Let's go to the next one. 172 00:10:33,280 --> 00:10:35,060 Double click and I click here. 173 00:10:36,380 --> 00:10:36,770 Okay. 174 00:10:37,130 --> 00:10:42,130 So now what we have here, we have a knife web page. 175 00:10:42,350 --> 00:10:48,870 We say that my friend Jake has begun to program in Yemen and he made this act for him. 176 00:10:49,070 --> 00:10:54,770 But the host of the website has kicked him out and he doesn't remember. 177 00:10:55,010 --> 00:10:58,060 Where is this a him reading it from? 178 00:10:58,430 --> 00:11:02,180 So our task now, because Drake doesn't know where he is. 179 00:11:02,520 --> 00:11:03,860 Ankara is reading from. 180 00:11:04,280 --> 00:11:06,940 We have to find the path of the IDF. 181 00:11:06,980 --> 00:11:15,410 We always have in mind when we are what when we are going to have to make it hackings that even if it's 182 00:11:15,410 --> 00:11:18,770 basic or at events, you have to always find the source code. 183 00:11:19,100 --> 00:11:24,770 If we if we will be able if not, you will get in your way so that we can find the source code if it 184 00:11:24,770 --> 00:11:25,540 is an BHB. 185 00:11:25,910 --> 00:11:31,930 As I have said earlier, just check this Templer and this Tapper in the first course. 186 00:11:32,060 --> 00:11:39,470 So you will see how to get day code within in PDB that or when you are white clicking interview page, 187 00:11:39,470 --> 00:11:40,820 you will not be able to see them. 188 00:11:41,120 --> 00:11:46,400 But following due process in the Stopera tutorial and the first course you will see them. 189 00:11:46,800 --> 00:11:47,090 Okay. 190 00:11:47,150 --> 00:11:48,570 So now less likely cliquey. 191 00:11:49,430 --> 00:11:51,920 Oh we view page source. 192 00:11:51,930 --> 00:11:59,840 So why do we need or we need to type a frame or we are going to first check if we can find something 193 00:11:59,840 --> 00:12:00,620 in common. 194 00:12:00,740 --> 00:12:09,950 It's very helpful because on tarab, something that might be encrypted as base forty six or Shalaan 195 00:12:10,010 --> 00:12:13,160 or any kind of stuff like that. 196 00:12:13,160 --> 00:12:13,860 So. 197 00:12:14,900 --> 00:12:15,950 Or MDG five. 198 00:12:16,040 --> 00:12:16,320 OK. 199 00:12:16,400 --> 00:12:18,800 So nothing is like that. 200 00:12:19,070 --> 00:12:31,610 So let's say I Flindt an upset with common its control f since we only Nook's so we take a forum and 201 00:12:31,900 --> 00:12:40,070 say no and then we can enter instantly and one o k. 202 00:12:40,140 --> 00:12:41,390 So we get it. 203 00:12:42,260 --> 00:12:43,460 Let's try again. 204 00:12:44,890 --> 00:12:45,910 I swim. 205 00:12:48,360 --> 00:12:48,840 Te. 206 00:12:50,150 --> 00:12:51,980 Good, so we can just try again. 207 00:12:52,280 --> 00:12:54,560 Where is this one? 208 00:12:56,880 --> 00:13:00,050 Okay, so now what we see that. 209 00:13:00,170 --> 00:13:01,340 Please email. 210 00:13:01,520 --> 00:13:02,950 Where is this for him? 211 00:13:03,380 --> 00:13:07,070 So this path, we should take Kate here. 212 00:13:08,200 --> 00:13:10,200 And we will copy. 213 00:13:11,200 --> 00:13:12,190 Copy the path. 214 00:13:13,550 --> 00:13:15,960 Let's check all the ethics. 215 00:13:17,250 --> 00:13:17,450 OK? 216 00:13:17,510 --> 00:13:19,850 This is the text that was within. 217 00:13:20,300 --> 00:13:22,280 This is the text that was we can hear your guys. 218 00:13:23,000 --> 00:13:23,300 OK. 219 00:13:23,380 --> 00:13:27,260 So now we have the path so we can close these. 220 00:13:27,320 --> 00:13:29,900 And what we are going to do. 221 00:13:30,140 --> 00:13:32,030 We are going to try if it would work. 222 00:13:32,330 --> 00:13:33,920 So we passed it here. 223 00:13:35,180 --> 00:13:35,630 Yeah. 224 00:13:35,660 --> 00:13:38,150 And then we submit just in order to seat. 225 00:13:39,620 --> 00:13:40,470 And let's wait. 226 00:13:40,810 --> 00:13:43,960 So you already bid this point will not be added. 227 00:13:43,990 --> 00:13:48,460 As you can see, we are still on 75 points because we have already made it. 228 00:13:48,730 --> 00:13:50,950 So now let's go to the third step. 229 00:13:51,490 --> 00:13:57,750 You you will not see this, but you will see a kind of message like, congratulation, you made it or 230 00:13:57,760 --> 00:13:58,330 you do it. 231 00:13:58,540 --> 00:13:59,230 Stuff like that. 232 00:13:59,620 --> 00:14:00,010 All right. 233 00:14:00,190 --> 00:14:02,650 So let's go back and let's go to the third one. 234 00:14:04,030 --> 00:14:05,170 We are clear again. 235 00:14:05,240 --> 00:14:05,970 Open. 236 00:14:09,100 --> 00:14:09,830 Okay, so. 237 00:14:09,940 --> 00:14:11,020 Not it's quick hail. 238 00:14:12,260 --> 00:14:12,760 All right. 239 00:14:12,990 --> 00:14:23,880 So the bitter part is that now Jerry Karrar and how to make its GDP user agent, would it be one user 240 00:14:23,970 --> 00:14:27,210 agent and BW too extreme. 241 00:14:27,210 --> 00:14:29,400 And so the user agent was. 242 00:14:29,480 --> 00:14:33,540 Was it found that this tells us a lot. 243 00:14:33,960 --> 00:14:36,850 So what we are going to do since this is in that phone. 244 00:14:36,900 --> 00:14:41,280 So we have to find a way so that we don't find. 245 00:14:41,870 --> 00:14:42,150 OK. 246 00:14:42,210 --> 00:14:45,500 So always what we are what we are going to do. 247 00:14:45,600 --> 00:14:49,590 We are going to click in your page source. 248 00:14:51,680 --> 00:14:57,950 Let's check if we have some kind of comment, cryptics. 249 00:14:59,180 --> 00:14:59,570 Nothing. 250 00:15:00,050 --> 00:15:02,550 OK, so what do we going to do now? 251 00:15:02,980 --> 00:15:06,480 We we have to, Quaid imagined Foyt. 252 00:15:06,750 --> 00:15:13,610 So, if you will, using force for folks like me so you can use a specific drug and use an agent, or 253 00:15:13,640 --> 00:15:17,350 if you want, you can equate it on Google equipment so it doesn't matter. 254 00:15:17,360 --> 00:15:19,520 But for the sake of this video. 255 00:15:19,550 --> 00:15:25,660 So we are going to use Google Quansah that we make these steps easier to download. 256 00:15:26,790 --> 00:15:29,580 Did it make this process easier? 257 00:15:29,970 --> 00:15:36,690 Okay, so let's open a Google Chrome and we have to find a plugin on Google. 258 00:15:39,030 --> 00:15:42,250 So we're going to take a go, go. 259 00:15:42,540 --> 00:15:48,030 And no sandbox and in the prisoner. 260 00:15:57,680 --> 00:16:00,480 Nuns in books, movies and books. 261 00:16:04,120 --> 00:16:07,060 So when I wait for it, we will come to lunch. 262 00:16:07,460 --> 00:16:07,810 All right. 263 00:16:08,230 --> 00:16:09,000 So he'll. 264 00:16:09,070 --> 00:16:12,730 So you can go to EXT. 265 00:16:14,730 --> 00:16:22,800 And try to install a specific plugin, which is the user agent. 266 00:16:23,780 --> 00:16:24,540 So just follow me. 267 00:16:27,360 --> 00:16:36,340 And then you can type agent switch or let's say quote, so never mind. 268 00:16:36,410 --> 00:16:37,110 So we got wind. 269 00:16:37,200 --> 00:16:37,410 OK. 270 00:16:37,590 --> 00:16:38,190 So this one. 271 00:16:39,200 --> 00:16:43,370 And then you click it added to your Google Chrome extension. 272 00:16:55,860 --> 00:16:57,960 So now we can just. 273 00:16:59,450 --> 00:17:00,960 Caused a disturbance. 274 00:17:01,240 --> 00:17:01,520 OK. 275 00:17:01,950 --> 00:17:10,180 So now what we are going to do, we are going to click on here and to see the. 276 00:17:10,800 --> 00:17:13,170 To see all the oceans that we are. 277 00:17:13,170 --> 00:17:13,860 We have come. 278 00:17:13,950 --> 00:17:15,390 Internet Explorer and so on. 279 00:17:15,450 --> 00:17:15,900 So on. 280 00:17:16,230 --> 00:17:22,830 So if you want to make your new changes, what you have going to do is wide clicking and then click 281 00:17:22,830 --> 00:17:28,050 on options so that you can make this modification. 282 00:17:29,870 --> 00:17:40,040 So, no, we have as a test that this one, this huge disused agent was not found. 283 00:17:40,100 --> 00:17:41,960 So we are not. 284 00:17:42,720 --> 00:17:43,690 So we have been digging. 285 00:17:44,140 --> 00:17:44,700 It's connected. 286 00:17:44,780 --> 00:17:47,090 So let's that's we've got it now on Google. 287 00:17:48,670 --> 00:18:00,070 Oh, so we can close for folks cause and we can just copy this first copy, and we didn't close this. 288 00:18:01,070 --> 00:18:04,050 OK, so now let's use just Google. 289 00:18:05,460 --> 00:18:05,690 OK. 290 00:18:06,260 --> 00:18:07,790 So we are going to. 291 00:18:08,810 --> 00:18:09,410 Rogan, who? 292 00:18:11,630 --> 00:18:11,850 Oh. 293 00:18:14,680 --> 00:18:15,200 All right. 294 00:18:15,350 --> 00:18:17,150 So this is small. 295 00:18:17,660 --> 00:18:19,450 So we all want this control issue. 296 00:18:19,640 --> 00:18:20,120 Bruce. 297 00:18:23,840 --> 00:18:25,100 OK, so this is enough. 298 00:18:26,570 --> 00:18:30,600 So here we type, we're using and facilities road. 299 00:18:36,650 --> 00:18:37,470 So we are here. 300 00:18:37,620 --> 00:18:38,430 So let's go back. 301 00:18:38,520 --> 00:18:41,580 So we have twenty five point. 302 00:18:42,990 --> 00:18:51,330 So it's scored on the scale basically of hacking and we have been here. 303 00:18:51,840 --> 00:18:53,160 OK, so we are clicking. 304 00:18:55,030 --> 00:18:56,530 And come here. 305 00:18:56,680 --> 00:18:59,630 So now we are going to create and use it. 306 00:18:59,680 --> 00:19:00,340 Agent. 307 00:19:01,690 --> 00:19:07,080 So we are going to compete like that and we will beat and then we come back. 308 00:19:07,990 --> 00:19:10,130 And then we can say, John. 309 00:19:11,460 --> 00:19:13,720 And then he would pass it here positive. 310 00:19:13,980 --> 00:19:17,730 And in the group would pass the string as well. 311 00:19:18,070 --> 00:19:19,180 And then we praise. 312 00:19:19,240 --> 00:19:21,520 We leave it like that and we press one. 313 00:19:22,360 --> 00:19:26,770 And therefore, of the deadlifts, let's make it bigger. 314 00:19:27,310 --> 00:19:30,850 So we click on add to that we add the user agent. 315 00:19:31,960 --> 00:19:34,110 Now, what we're going to do, we are going to keep. 316 00:19:34,450 --> 00:19:38,090 And then before that, we are going to click here. 317 00:19:38,800 --> 00:19:42,490 And we choose the user agent that we have just created. 318 00:19:42,820 --> 00:19:43,960 And then we click here. 319 00:19:44,010 --> 00:19:44,590 Like that. 320 00:19:45,100 --> 00:19:45,820 Now we use it. 321 00:19:45,910 --> 00:19:46,780 This is blah. 322 00:19:46,960 --> 00:19:48,760 So we click on Junblatt. 323 00:19:50,210 --> 00:19:52,670 And then it's going to send the weakest. 324 00:19:52,780 --> 00:19:55,800 You see, Sophie, you already biddy's. 325 00:19:55,970 --> 00:19:58,070 That's because we have already made it. 326 00:19:58,130 --> 00:20:02,030 So as a as we have told you earlier. 327 00:20:02,300 --> 00:20:02,620 Ah. 328 00:20:03,180 --> 00:20:03,770 And this video. 329 00:20:04,010 --> 00:20:11,000 So now you when you do it like that, you will see it kind of congratulations. 330 00:20:12,670 --> 00:20:14,090 So let's go to the fourth one. 331 00:20:14,200 --> 00:20:15,740 So we hopefully that we didn't do it. 332 00:20:16,250 --> 00:20:18,080 So let's close this. 333 00:20:19,190 --> 00:20:21,890 And let's come back here to before one. 334 00:20:23,270 --> 00:20:23,890 All right. 335 00:20:24,120 --> 00:20:24,780 So let's check. 336 00:20:25,050 --> 00:20:25,590 What is that? 337 00:20:26,400 --> 00:20:26,750 Okay. 338 00:20:28,540 --> 00:20:31,660 Equal is to pass this fine. 339 00:20:32,250 --> 00:20:33,740 Not from an NBC crew. 340 00:20:34,280 --> 00:20:34,540 OK. 341 00:20:35,100 --> 00:20:42,340 So, as always, just by clicking to see what kind of things they are, the view suits called. 342 00:20:42,890 --> 00:20:43,170 OK. 343 00:20:43,530 --> 00:20:45,910 But we have to note that this is a BHB phyla. 344 00:20:46,050 --> 00:20:46,300 OK. 345 00:20:46,360 --> 00:20:52,310 So that means we might not find some codes there, but never mind. 346 00:20:52,320 --> 00:20:58,440 So we are going to I can give you a view page source like that. 347 00:20:59,560 --> 00:21:00,420 OK, OK. 348 00:21:00,610 --> 00:21:06,850 So you can scroll down to just see if if they are also encrypted text or Iran or something like that, 349 00:21:06,860 --> 00:21:11,060 that that might be very interested for you, as usual. 350 00:21:11,270 --> 00:21:17,540 But the common sense say suppose that if it is funny, isn't that phone and basic forward. 351 00:21:17,570 --> 00:21:24,860 That means probably it is on basic Twohey two, five, six, and then we just have to try it out. 352 00:21:24,920 --> 00:21:32,300 So let's copy despite first let's go eat and then we will pass it here. 353 00:21:33,650 --> 00:21:36,440 So we will pass it here just to see. 354 00:21:36,620 --> 00:21:37,190 It's not there. 355 00:21:37,250 --> 00:21:37,740 OK. 356 00:21:38,300 --> 00:21:42,080 So let's make it like that again. 357 00:21:43,220 --> 00:21:43,610 OK. 358 00:21:43,680 --> 00:21:48,330 Now so let's just to change change the path. 359 00:21:49,590 --> 00:21:53,040 So we would know what to say to to see if it's there. 360 00:21:53,100 --> 00:21:53,730 Nothing. 361 00:21:54,960 --> 00:22:02,980 So it's not so we enjoy music one into music, one man is one. 362 00:22:05,730 --> 00:22:07,370 And this was it. 363 00:22:07,410 --> 00:22:08,010 It's in there. 364 00:22:08,040 --> 00:22:08,730 So let's try it. 365 00:22:08,850 --> 00:22:13,440 Busiek is it six or is it by first? 366 00:22:13,450 --> 00:22:15,180 So he didn't trade. 367 00:22:17,830 --> 00:22:18,340 It's there. 368 00:22:18,730 --> 00:22:21,560 So we just copy this file. 369 00:22:22,190 --> 00:22:25,570 This this stream, and then you come back here. 370 00:22:26,500 --> 00:22:29,590 And so we are going to put it in this. 371 00:22:30,780 --> 00:22:35,360 And so therefore, we can just put a. 372 00:22:37,990 --> 00:22:42,520 Okay, so now I sit this string U four and then we submit. 373 00:22:44,420 --> 00:22:46,910 So are you already Bidis points will then be added. 374 00:22:46,970 --> 00:22:48,800 You see, so that's good guys. 375 00:22:49,100 --> 00:22:51,620 So let's go back to the next one. 376 00:22:52,250 --> 00:22:53,420 Let's go to the next one. 377 00:22:54,320 --> 00:22:57,500 So what is this going? 378 00:22:57,920 --> 00:22:58,550 This one. 379 00:22:59,210 --> 00:22:59,630 So. 380 00:23:00,020 --> 00:23:00,260 Yeah. 381 00:23:01,790 --> 00:23:05,980 Okay, so it's click here to see what kind of information that we have. 382 00:23:07,040 --> 00:23:07,560 Okay. 383 00:23:07,630 --> 00:23:10,180 Welcome to Asterisk Asterisks. 384 00:23:11,470 --> 00:23:18,040 Certainly Spotify is any metasearch system that uses these new type of asterisk that are paid too much 385 00:23:18,040 --> 00:23:21,380 for search and uses the same type of formal like looking. 386 00:23:22,600 --> 00:23:28,320 And as they put it, it's a no against system, which also uses this advanced type as things that are 387 00:23:28,320 --> 00:23:29,200 based too much. 388 00:23:29,560 --> 00:23:34,060 Your username password is a new buzz word. 389 00:23:35,340 --> 00:23:39,520 OK, so this form is interesting. 390 00:23:40,510 --> 00:23:43,460 This is a put it that is just sort of OK if something is one. 391 00:23:43,810 --> 00:23:46,820 Well, you have found a bug and put a price talk. 392 00:23:46,900 --> 00:23:47,200 OK. 393 00:23:47,290 --> 00:23:49,290 So we have an email address here. 394 00:23:49,840 --> 00:23:51,320 OK, so let's just wait. 395 00:23:51,400 --> 00:23:54,280 Clicking in view page source. 396 00:23:56,620 --> 00:24:00,000 As usual, let's check in, though, on. 397 00:24:05,200 --> 00:24:08,180 See what type of information we do have here. 398 00:24:09,640 --> 00:24:12,360 So let's wait a moment. 399 00:24:14,230 --> 00:24:15,100 Much, nothing. 400 00:24:15,910 --> 00:24:17,190 Nothing interesting. 401 00:24:17,750 --> 00:24:20,140 So induce a new buzz word. 402 00:24:20,200 --> 00:24:20,900 This could be. 403 00:24:21,000 --> 00:24:22,610 This is treeing in Boston. 404 00:24:22,760 --> 00:24:25,260 They'll all be buses there. 405 00:24:25,460 --> 00:24:26,930 So do a search. 406 00:24:28,750 --> 00:24:29,030 OK. 407 00:24:29,240 --> 00:24:30,200 So we are here. 408 00:24:32,130 --> 00:24:32,720 All right. 409 00:24:33,870 --> 00:24:35,040 So. 410 00:24:36,280 --> 00:24:37,020 Let's call. 411 00:24:37,440 --> 00:24:43,060 This e-mail address and try to find it, you can find it under the Tubby's. 412 00:24:44,170 --> 00:24:47,290 So I sit here and the vent. 413 00:24:48,790 --> 00:24:50,650 We will win, it will do much research future. 414 00:24:50,830 --> 00:24:51,070 OK. 415 00:24:51,280 --> 00:24:51,530 OK. 416 00:24:52,120 --> 00:24:53,110 So we have to go back. 417 00:24:54,870 --> 00:24:55,600 All right. 418 00:24:56,480 --> 00:24:57,620 It's all. 419 00:24:58,710 --> 00:25:06,030 OK, so you can try to put some characters, because as we know that we are in S2 is so we can put here 420 00:25:06,230 --> 00:25:13,830 or here so as to cut some Stoics characters that we see if we can get something. 421 00:25:14,190 --> 00:25:20,000 So but before that, then we can just try a single quotes and words. 422 00:25:20,250 --> 00:25:21,360 No, nothing. 423 00:25:21,390 --> 00:25:22,860 So let's go back. 424 00:25:24,200 --> 00:25:24,740 Good luck. 425 00:25:26,630 --> 00:25:35,960 No can die well, durras, just Bursley, you will usernames and passwords thought we could add much 426 00:25:35,960 --> 00:25:36,460 more social. 427 00:25:36,530 --> 00:25:38,670 OK, so this is one dusty. 428 00:25:38,780 --> 00:25:40,280 So let's check. 429 00:25:40,290 --> 00:25:41,210 We can tie. 430 00:25:42,730 --> 00:25:43,720 User name. 431 00:25:44,560 --> 00:25:45,460 Oh, Venus. 432 00:25:45,740 --> 00:25:47,990 I mean, a mean. 433 00:25:49,100 --> 00:25:51,020 Let's try to find me. 434 00:25:51,050 --> 00:25:51,220 Good. 435 00:25:51,430 --> 00:25:52,060 No, nothing. 436 00:25:53,420 --> 00:25:54,470 Let's check. 437 00:25:54,560 --> 00:25:59,310 So some people might say this is user name and user. 438 00:25:59,320 --> 00:26:00,440 And again. 439 00:26:02,510 --> 00:26:03,220 Very bustling. 440 00:26:03,460 --> 00:26:03,840 Okay. 441 00:26:04,910 --> 00:26:07,450 Now, what we can do, we have to follow. 442 00:26:07,470 --> 00:26:08,270 D. 443 00:26:08,450 --> 00:26:09,090 D. 444 00:26:10,070 --> 00:26:10,840 D from. 445 00:26:13,250 --> 00:26:19,620 OK, so this one might be a nemer form so we can try to vote. 446 00:26:22,820 --> 00:26:23,770 User name. 447 00:26:24,940 --> 00:26:28,870 Let's say, and then we submit was into nothing. 448 00:26:30,280 --> 00:26:32,200 OK, let's try I mean. 449 00:26:38,970 --> 00:26:40,020 Send me more. 450 00:26:41,880 --> 00:26:41,990 OK. 451 00:26:42,440 --> 00:26:43,700 So let's try the same thing. 452 00:26:43,910 --> 00:26:47,880 No, we are going to take a neat in sauciness. 453 00:26:47,930 --> 00:26:49,370 We are still exporting. 454 00:26:49,450 --> 00:26:54,270 So let's say bad things. 455 00:26:54,470 --> 00:27:01,160 And then you follow this and pussies who us wouldn't it say a mysterious and we submit. 456 00:27:02,760 --> 00:27:06,670 So you already bid disciplines, OK, you would find it late. 457 00:27:07,560 --> 00:27:08,610 Congratulations. 458 00:27:08,910 --> 00:27:09,330 Perfect. 459 00:27:09,570 --> 00:27:11,220 So let's get to the next one. 460 00:27:13,360 --> 00:27:15,910 We can close this and move. 461 00:27:16,240 --> 00:27:18,100 We don't see any smoking cause it's for. 462 00:27:19,190 --> 00:27:19,780 Six. 463 00:27:20,390 --> 00:27:20,790 All right. 464 00:27:20,840 --> 00:27:22,450 So now let's click here. 465 00:27:23,750 --> 00:27:30,470 So this challenges my friend, my friend Juric has found this new way on how to do security. 466 00:27:30,470 --> 00:27:33,220 Unix commands from a simple P2P file. 467 00:27:33,800 --> 00:27:35,240 But it was this thing. 468 00:27:35,240 --> 00:27:41,920 The security and the logs recorded his activities and reported it to the FBI and eat. 469 00:27:43,060 --> 00:27:43,820 Change mode. 470 00:27:43,980 --> 00:27:46,610 The file logs that to 60. 471 00:27:47,000 --> 00:27:55,970 Now, the only chance for him to be safe is that you change the mode of the file to all execute and 472 00:27:55,970 --> 00:27:56,950 delayed that file. 473 00:27:57,050 --> 00:27:58,910 And then you have also to delete. 474 00:27:58,970 --> 00:28:03,770 And then so that he has a chance, you have to delete the tracks file. 475 00:28:04,260 --> 00:28:04,640 OK. 476 00:28:05,120 --> 00:28:14,480 So let's avoid click and it say something that Mr. Data also said the command to do all these actions, 477 00:28:15,060 --> 00:28:20,330 to do all these actions needs a Durrow in the beginning. 478 00:28:20,660 --> 00:28:26,720 So that means that we have to put Durrow sign, you know, sign what is the Unix command. 479 00:28:27,170 --> 00:28:27,470 So. 480 00:28:28,030 --> 00:28:28,330 Okay. 481 00:28:28,570 --> 00:28:31,910 But first let's go to do view page source. 482 00:28:32,910 --> 00:28:33,930 When allays it. 483 00:28:35,770 --> 00:28:36,370 Let's look. 484 00:28:36,650 --> 00:28:38,210 So we have this. 485 00:28:38,570 --> 00:28:40,130 OK, so it's it's nothing. 486 00:28:40,610 --> 00:28:41,660 You do the same thing. 487 00:28:41,710 --> 00:28:45,100 And just looking for something encrypted in common. 488 00:28:46,200 --> 00:28:47,120 Oh yeah. 489 00:28:47,530 --> 00:28:47,820 Okay. 490 00:28:47,900 --> 00:28:49,100 So what we are going to do. 491 00:28:49,880 --> 00:28:53,300 We have found that there exists a log. 492 00:28:53,560 --> 00:28:54,800 But the 60 file. 493 00:28:55,310 --> 00:29:03,410 But we don't know in which path it is encoded or we don't know in which path the logs, the text, the 494 00:29:03,530 --> 00:29:04,400 file is. 495 00:29:04,750 --> 00:29:05,780 So what we can do. 496 00:29:06,050 --> 00:29:11,900 We can't just say it is in the index and declare victory. 497 00:29:11,960 --> 00:29:13,870 It is in the blabbed about our victory. 498 00:29:13,940 --> 00:29:19,360 We can't say something like that to to to be able to test something. 499 00:29:19,440 --> 00:29:24,050 You have to have some techniques so that you can detect it by yourself. 500 00:29:24,470 --> 00:29:27,740 So we will require you to go back and. 501 00:29:28,670 --> 00:29:30,660 And by due course. 502 00:29:31,270 --> 00:29:36,520 Part one there, one who performed some penetration testing in some tutorials. 503 00:29:36,730 --> 00:29:41,200 So we have made many things using durable and map or some stuff like that. 504 00:29:41,680 --> 00:29:47,890 But here, what we want to do, I'm gonna try to find in which path the defined. 505 00:29:48,820 --> 00:29:53,580 This one is looked at lungs, the deep X, the E's. 506 00:29:54,030 --> 00:30:01,450 So what we can do, we can just try to open a terminal and then we'll try to scan the whole website. 507 00:30:01,870 --> 00:30:02,860 So by design of it. 508 00:30:02,890 --> 00:30:09,040 So we claig we we call, we eat and we don't need index that. 509 00:30:09,970 --> 00:30:13,960 So we need to to end my all. 510 00:30:14,680 --> 00:30:18,550 So we type durable, durable. 511 00:30:18,850 --> 00:30:22,950 And then we passed the path to everything. 512 00:30:23,020 --> 00:30:23,850 Then we delay this. 513 00:30:24,250 --> 00:30:29,970 So now we are scanning the basic Seek's path funding to help Bones Harker's. 514 00:30:30,160 --> 00:30:31,790 It's life scanning guys. 515 00:30:32,140 --> 00:30:38,020 So you have to be aware of this since it's a Web site that we can train. 516 00:30:38,080 --> 00:30:40,880 That we can perform or hacking phase. 517 00:30:41,080 --> 00:30:43,090 So there is nothing once so we can do it. 518 00:30:43,120 --> 00:30:44,930 So we just blessin with Endor. 519 00:30:45,490 --> 00:30:48,070 And then we are waiting to scan the whole website. 520 00:30:48,490 --> 00:30:54,320 So it might take probably five minutes or two minutes or even eight minutes until needed. 521 00:30:54,430 --> 00:30:56,860 But we we should just wait. 522 00:30:57,190 --> 00:31:02,290 Just to know the directly when we use Durbar is a very well known tool. 523 00:31:02,320 --> 00:31:12,890 And clearly nukes, which when we are used to eat arrows, goes to to scan all the territories and a 524 00:31:12,910 --> 00:31:14,170 particular Web site for. 525 00:31:14,330 --> 00:31:17,410 But if you want to to scan Yahoo! 526 00:31:17,410 --> 00:31:25,720 Dot com or Facebook that console, you can just type in the terminal dobe and then you pass, then you 527 00:31:25,720 --> 00:31:27,190 pass the website there. 528 00:31:27,490 --> 00:31:34,450 If that Web site is with some some Port Lombroso, you have to know that before you scanning it. 529 00:31:35,230 --> 00:31:38,410 You have to try to find a way to get the port. 530 00:31:38,450 --> 00:31:40,660 No, we can use a map to find it. 531 00:31:41,170 --> 00:31:41,380 Okay. 532 00:31:41,410 --> 00:31:42,640 So we are just going do it. 533 00:33:48,650 --> 00:33:50,450 And were tupa you? 534 00:34:06,660 --> 00:34:07,350 Interesting. 535 00:34:08,260 --> 00:34:09,280 William, I don't think so. 536 00:34:09,310 --> 00:34:12,220 Let's let it you see. 537 00:34:12,340 --> 00:34:13,620 So what did you find? 538 00:34:13,970 --> 00:34:14,850 There were two guys. 539 00:34:15,010 --> 00:34:17,530 I'm telling you that it is a very well-known it. 540 00:34:17,560 --> 00:34:21,970 And it's very helpful for finding that Victoria's. 541 00:34:51,860 --> 00:34:58,650 Well, we shouldn't have to escalate disproof age, but here it's not your task to escalate the privilege 542 00:34:58,680 --> 00:35:00,140 so that we cannot bend this violent butt. 543 00:35:00,630 --> 00:35:07,260 So we know how we can we can have it just go by a different course in the course of one. 544 00:35:07,260 --> 00:35:09,570 So we'll see how we escalate. 545 00:35:09,740 --> 00:35:12,780 Oh, we made the escalation of the privileges. 546 00:35:19,420 --> 00:35:20,590 So let's just meet. 547 00:35:33,650 --> 00:35:36,030 I'm w quiet to the end. 548 00:35:36,270 --> 00:35:37,120 So we can just wait. 549 00:35:39,370 --> 00:35:40,730 All right, good. 550 00:35:41,330 --> 00:35:49,910 So we have can do a Web site, both of them of the basic sinks. 551 00:35:50,030 --> 00:35:53,150 So this is all the territories that it includes. 552 00:35:53,680 --> 00:35:56,450 OK, so now let's go to task. 553 00:36:00,010 --> 00:36:05,910 OK, so no can come back and check what we have as this task. 554 00:36:06,700 --> 00:36:15,140 So they say that the only chance for him to be safe is that you change the mode of the fight to own 555 00:36:15,160 --> 00:36:18,580 and execute and then you delivered it back, which is that. 556 00:36:18,930 --> 00:36:21,280 So that it is this one. 557 00:36:21,290 --> 00:36:23,850 So we can try to bend need. 558 00:36:29,550 --> 00:36:31,380 Now, what we can do, we can go back. 559 00:36:32,480 --> 00:36:42,000 And then we assume that we are here, as would because defined path ease and basic sex. 560 00:36:42,330 --> 00:36:43,440 So now we can just guide. 561 00:36:43,640 --> 00:36:44,310 We do it today. 562 00:36:44,520 --> 00:36:49,240 So don't do what we can just change mode. 563 00:36:50,080 --> 00:36:54,530 And then a loose ex. 564 00:36:54,700 --> 00:36:56,730 And this is execute and define. 565 00:36:57,360 --> 00:37:01,590 He's in this fight and we should never doing drugs. 566 00:37:01,620 --> 00:37:02,160 They would do. 567 00:37:02,760 --> 00:37:06,750 So we go back and slash logs. 568 00:37:06,810 --> 00:37:07,460 That would delete. 569 00:37:07,520 --> 00:37:12,910 And if it is named logs that the. 570 00:37:14,320 --> 00:37:14,720 Perfect. 571 00:37:15,100 --> 00:37:16,470 Now what we can do. 572 00:37:16,800 --> 00:37:20,680 They said that and deleted that file. 573 00:37:20,880 --> 00:37:22,410 So we type. 574 00:37:22,580 --> 00:37:23,100 We move. 575 00:37:23,910 --> 00:37:30,510 And again delete logs ex. 576 00:37:31,620 --> 00:37:34,670 And then they it their trucks. 577 00:37:34,680 --> 00:37:36,320 People dakotah fire trucks. 578 00:37:36,330 --> 00:37:37,170 We put the beach. 579 00:37:38,130 --> 00:37:40,000 It is the beach be fired. 580 00:37:40,130 --> 00:37:42,150 So we like clicking to see it. 581 00:37:44,920 --> 00:37:47,450 So you see, you don't have the right to see his face. 582 00:37:47,510 --> 00:37:48,130 Well, never mind. 583 00:37:48,670 --> 00:37:50,510 We don't need to see it. 584 00:37:50,560 --> 00:37:53,920 We just need to delay to get this or let's copy. 585 00:37:56,610 --> 00:37:57,150 Kopi. 586 00:37:58,170 --> 00:37:59,120 And then you come back here, you. 587 00:37:59,520 --> 00:38:01,210 And then we were delayed. 588 00:38:01,750 --> 00:38:07,490 So we delay the envelopes and then we busted here. 589 00:38:08,040 --> 00:38:08,470 Sit here. 590 00:38:08,700 --> 00:38:10,470 OK, now we can submit. 591 00:38:11,910 --> 00:38:12,640 And when is it? 592 00:38:14,140 --> 00:38:14,800 Let's go back. 593 00:38:20,150 --> 00:38:24,820 We had a mistake because it gives us a.. 594 00:38:25,240 --> 00:38:25,540 All right. 595 00:38:25,660 --> 00:38:30,130 So let's let's try first to take in loans thigs. 596 00:38:33,000 --> 00:38:39,660 Okay, let's try if we need to have some some blank spaces which we're in, it need to be. 597 00:38:42,100 --> 00:38:43,690 Look, first thing first, let's go here. 598 00:38:44,670 --> 00:38:51,210 We have to do this space to move this one, okay. 599 00:38:56,800 --> 00:38:59,380 So let's check that begin. 600 00:38:59,590 --> 00:38:59,830 OK. 601 00:39:00,070 --> 00:39:05,750 Looking good in this. 602 00:39:08,030 --> 00:39:08,780 No space. 603 00:39:09,190 --> 00:39:09,650 All right. 604 00:39:10,070 --> 00:39:11,930 So straight to submit it again. 605 00:39:14,380 --> 00:39:14,950 Congrats. 606 00:39:15,190 --> 00:39:19,410 So we had a space after the first line, guys. 607 00:39:20,140 --> 00:39:24,220 So now Open is not 75 anymore. 608 00:39:24,250 --> 00:39:25,390 It's 100 in five. 609 00:39:25,980 --> 00:39:26,400 Oh, right. 610 00:39:26,470 --> 00:39:29,560 So let's go to the next step. 611 00:39:32,460 --> 00:39:33,390 Now we hear. 612 00:39:36,660 --> 00:39:37,370 Oh, right. 613 00:39:37,950 --> 00:39:46,180 So let's read first this time Mr. Do Tree decided to make a cookie like a game script, and he said 614 00:39:46,240 --> 00:39:51,060 he decapitated it, equipped to read from a C encryption. 615 00:39:51,510 --> 00:39:52,500 Oh, interesting. 616 00:39:53,070 --> 00:39:57,220 And for you to go again, you need to encrypt it, OK? 617 00:39:58,110 --> 00:40:01,800 And after you log in, there is another log in. 618 00:40:01,860 --> 00:40:05,570 But it's a log in that uses a skewer that obeys. 619 00:40:05,670 --> 00:40:11,720 OK, so we know we know how to put some obscure command so that we inject some script. 620 00:40:13,740 --> 00:40:19,260 But he thinks that the logging that they ask you to log in page is renewable. 621 00:40:19,420 --> 00:40:23,060 It is is vulnerable to a simple screw it injection. 622 00:40:23,120 --> 00:40:23,330 OK. 623 00:40:23,910 --> 00:40:27,000 And when he gets back from his vacation, he would fix it. 624 00:40:27,900 --> 00:40:31,710 Let's try this one, for example, and try to log in. 625 00:40:32,760 --> 00:40:33,390 It shouldn't be. 626 00:40:33,660 --> 00:40:38,650 Yeah, because it should be encrypted on AC. 627 00:40:38,820 --> 00:40:40,350 I mean by now. 628 00:40:41,500 --> 00:40:44,130 Okay, let's put this. 629 00:40:45,780 --> 00:40:46,050 All right. 630 00:40:46,190 --> 00:40:49,380 You know, so what we are going to do. 631 00:40:49,440 --> 00:40:50,940 Let's embrace it. 632 00:40:51,490 --> 00:40:56,250 We are going to I click and view page source. 633 00:40:57,580 --> 00:40:59,240 Well, before let's let's. 634 00:41:00,210 --> 00:41:03,200 Would this extension of. 635 00:41:05,240 --> 00:41:06,020 Extension. 636 00:41:08,720 --> 00:41:09,680 Extension. 637 00:41:13,580 --> 00:41:14,310 Let's put it off. 638 00:41:15,090 --> 00:41:16,860 We don't need it now. 639 00:41:17,250 --> 00:41:17,610 All right. 640 00:41:18,030 --> 00:41:20,280 So, as usual, we are going to be worse. 641 00:41:20,600 --> 00:41:29,190 They could you they are something that is encrypted or some information as plain text and a comment. 642 00:41:29,460 --> 00:41:30,210 So. 643 00:41:31,410 --> 00:41:33,260 It's just a joke, Jake. 644 00:41:34,360 --> 00:41:34,580 It. 645 00:41:36,590 --> 00:41:37,020 It. 646 00:41:37,670 --> 00:41:39,070 Oh, cool kid. 647 00:41:39,230 --> 00:41:42,850 This is a joke script, OK? 648 00:41:44,240 --> 00:41:50,820 In using every sum and it's in plain text, we guess we copy it controversy. 649 00:41:52,760 --> 00:41:53,960 Let's go back here. 650 00:41:53,990 --> 00:41:59,490 It shouldn't be working because he said that encrypted form is encryption. 651 00:41:59,500 --> 00:42:02,690 What it say, Logan? 652 00:42:03,840 --> 00:42:05,040 Okay, so never mind. 653 00:42:06,690 --> 00:42:14,370 Okay, so what we are going to do, we have to increase their user name some. 654 00:42:15,590 --> 00:42:18,320 So that we can log in. 655 00:42:18,440 --> 00:42:24,440 So let's try to use terminal first all its straight worksheet if we have any solution on Brooke's route. 656 00:42:25,520 --> 00:42:28,320 So decoding. 657 00:42:29,850 --> 00:42:38,690 The key is, and it's joy to see and good is Exar in Bonaly looking neat and may be good, but we will 658 00:42:38,690 --> 00:42:40,850 need it by no use any power comment. 659 00:42:41,210 --> 00:42:41,460 All right. 660 00:42:41,720 --> 00:42:46,910 So let's let's open a new terminal and then we're going to type this command. 661 00:42:50,390 --> 00:42:51,680 It's movie hero. 662 00:42:55,310 --> 00:42:58,280 So we'll take a call and then, whoops. 663 00:42:59,020 --> 00:43:06,680 There was a name which we phone here, some positive, some. 664 00:43:08,320 --> 00:43:13,380 And Carol, my nose l e. 665 00:43:14,650 --> 00:43:20,280 Then single court this sign on onto a school pulled back. 666 00:43:20,350 --> 00:43:22,600 So this is the command that you're going to type, guys. 667 00:43:25,910 --> 00:43:30,670 He quoted in the book and quotes. 668 00:43:32,460 --> 00:43:35,190 We stopped by Nowy Star. 669 00:43:36,580 --> 00:43:38,880 And then we closed the single quotes. 670 00:43:39,020 --> 00:43:40,150 A dead end presenter. 671 00:43:41,910 --> 00:43:47,060 So despite knowing we're going to try to use it, is Binyomin good encryption? 672 00:43:47,610 --> 00:43:53,970 When I tried to use it so that we can best date and use an informed seniors. 673 00:43:55,650 --> 00:44:00,290 He said that looking for me, he dictated from AC and cushion. 674 00:44:00,380 --> 00:44:02,300 And for you to log in, you need to acquited. 675 00:44:03,820 --> 00:44:09,180 With these encrypted code so we can copy, eat and pass it here. 676 00:44:09,700 --> 00:44:19,780 But before posting it here, we see that Mr. Durch re say to us that he decided to make a cookie rule 677 00:44:19,850 --> 00:44:20,740 against creep. 678 00:44:20,860 --> 00:44:23,080 And he said and he said he decrypted it. 679 00:44:23,220 --> 00:44:24,880 It is C encryption. 680 00:44:25,270 --> 00:44:27,700 That means cookies are involved. 681 00:44:28,180 --> 00:44:34,470 So first thing first, we are going to try to add a rogue and cookies into all Boser. 682 00:44:34,550 --> 00:44:36,010 That's a good extension. 683 00:44:36,760 --> 00:44:38,090 Wudu extension. 684 00:44:39,570 --> 00:44:46,310 Okay, so we have no clue who can go to an open com Web store. 685 00:44:47,860 --> 00:44:51,580 And here we are going to type, let's say, kooky to find any. 686 00:44:52,510 --> 00:44:53,350 If there are any. 687 00:44:53,570 --> 00:44:53,780 OK. 688 00:44:53,890 --> 00:44:55,150 So let's choose the first one. 689 00:44:57,830 --> 00:44:59,170 And extension to Quim. 690 00:45:01,160 --> 00:45:01,770 All right. 691 00:45:01,860 --> 00:45:05,690 So you can turn this off so we don't need you in your own, so. 692 00:45:06,920 --> 00:45:07,470 Okay. 693 00:45:08,480 --> 00:45:10,300 It's just we finish this to see. 694 00:45:10,480 --> 00:45:12,070 OK, Okogie is here now. 695 00:45:12,390 --> 00:45:13,550 So we don't need this bridge anymore. 696 00:45:13,570 --> 00:45:14,410 We can close it. 697 00:45:16,130 --> 00:45:22,220 OK, now, so that so that all cookie gets into action, so we have to do DuPage boss. 698 00:45:22,430 --> 00:45:27,460 But first thing first, let's try to click on cookies to see no cookies here. 699 00:45:27,710 --> 00:45:33,070 Okay, so now let's go back here and we try to reload this page again. 700 00:45:33,340 --> 00:45:35,780 Now let's go back to cookies. 701 00:45:36,050 --> 00:45:40,070 Okay, so we have the user name some here. 702 00:45:40,280 --> 00:45:46,070 But here we're going to we're going to be wasted and we've passed this code. 703 00:45:47,040 --> 00:45:47,690 That could be. 704 00:45:47,690 --> 00:45:49,820 This could be. 705 00:45:51,100 --> 00:45:51,640 Copy. 706 00:45:51,930 --> 00:45:53,610 And then we're going to come back here. 707 00:45:55,370 --> 00:45:55,880 Come on. 708 00:45:56,810 --> 00:45:59,420 And then we waited and we busted here. 709 00:46:00,970 --> 00:46:01,720 And we save. 710 00:46:01,780 --> 00:46:06,190 So let's ban this bigger game. 711 00:46:09,120 --> 00:46:11,700 And then we posted here and. 712 00:46:12,750 --> 00:46:13,910 We save it here. 713 00:46:14,250 --> 00:46:15,520 They did terrific. 714 00:46:16,020 --> 00:46:19,200 Now we can try to do the same for a password as well. 715 00:46:20,160 --> 00:46:22,800 So now so far, so good. 716 00:46:23,160 --> 00:46:28,820 We can come back here and try to bust it here and then not again. 717 00:46:30,520 --> 00:46:31,420 Excellent. 718 00:46:31,450 --> 00:46:33,650 Now we are here and they're looking pitch guys. 719 00:46:34,030 --> 00:46:34,880 You see how it works. 720 00:46:35,230 --> 00:46:36,310 So if you don't. 721 00:46:36,790 --> 00:46:41,410 Since the task force is that cookies are involved. 722 00:46:41,560 --> 00:46:48,670 So you have to use a cookie so that when you lunch the page and your cookies get decision. 723 00:46:48,970 --> 00:46:58,210 And after that, as it says it encrypts it's a wee wee was binary so that we encrypted and we encrypted 724 00:46:58,300 --> 00:47:00,950 and save it in two or cookies. 725 00:47:01,010 --> 00:47:03,160 Therefore we can submit it and boom. 726 00:47:03,470 --> 00:47:04,240 Now it's work. 727 00:47:04,710 --> 00:47:04,950 OK. 728 00:47:05,110 --> 00:47:15,040 So now the task is now he realizes that these logging escarole pillage is vulnerable to a school injection. 729 00:47:15,370 --> 00:47:18,630 So as usual, then they escalate in addition. 730 00:47:18,670 --> 00:47:29,170 So what we can do in just type single code all and space we can put. 731 00:47:30,490 --> 00:47:39,280 Single quotes, one with Rosie Ekwall Peace and War on one end, then weekly submit. 732 00:47:39,340 --> 00:47:48,250 But before that, we are going to click on Submit before we increase or password if my network board. 733 00:47:48,280 --> 00:47:49,660 So where are we? 734 00:47:50,020 --> 00:47:52,470 It's just a matter of trying, so we will try. 735 00:47:52,840 --> 00:47:56,860 But my favorite script for a good injection is not. 736 00:47:56,860 --> 00:47:58,580 This one is first thing for us. 737 00:47:58,900 --> 00:47:59,370 So. 738 00:47:59,450 --> 00:48:08,380 So the easiest one to remember is that you put it single to single what I did here and then you go here. 739 00:48:08,800 --> 00:48:12,960 So now what you are going to do, you are going to type in number one. 740 00:48:13,150 --> 00:48:20,320 That means Drew and you put you close it like that and then you put space. 741 00:48:20,350 --> 00:48:23,860 You see all this is the easiest one to remember. 742 00:48:24,640 --> 00:48:27,040 And then before we are going to wood again. 743 00:48:27,040 --> 00:48:28,360 To what before did you. 744 00:48:28,510 --> 00:48:29,320 We put again. 745 00:48:30,370 --> 00:48:30,970 One. 746 00:48:32,040 --> 00:48:34,980 Equal one. 747 00:48:35,560 --> 00:48:36,340 And that's it. 748 00:48:36,850 --> 00:48:38,810 You see how admitted posting first. 749 00:48:39,220 --> 00:48:41,560 We equate two single comments. 750 00:48:41,590 --> 00:48:43,630 This one did last one. 751 00:48:43,660 --> 00:48:44,500 And the first one. 752 00:48:44,560 --> 00:48:45,280 And this one. 753 00:48:45,940 --> 00:48:54,280 Now we put one, two single quote, all single quotes. 754 00:48:54,370 --> 00:49:00,700 We put this single quote again, because we have to we have to put the all in the middle. 755 00:49:01,480 --> 00:49:05,710 We have to put the oil in the middle of the single quotes. 756 00:49:05,920 --> 00:49:10,060 And then we say one equal one without anything. 757 00:49:10,120 --> 00:49:15,850 Now, we don't need this anymore and we don't need this anymore. 758 00:49:16,090 --> 00:49:21,540 As you can detect that they all in space is big. 759 00:49:21,970 --> 00:49:29,140 All in space and space, again, is between the cause and then one equal, one nothing. 760 00:49:29,260 --> 00:49:30,550 One, this is nothing. 761 00:49:30,820 --> 00:49:36,460 So two single quotes, space or space, single quote. 762 00:49:36,520 --> 00:49:37,600 And then you present it. 763 00:49:37,870 --> 00:49:46,540 So let's go and press enter so that we can see if if it would work without having to encrypt the password 764 00:49:46,570 --> 00:49:48,670 that we have seen here. 765 00:49:48,970 --> 00:49:49,700 OB's. 766 00:49:49,800 --> 00:49:53,090 Well, OK, so we get these cookies. 767 00:49:54,040 --> 00:49:57,610 So we'd would post with us, would you. 768 00:49:59,160 --> 00:50:01,910 Here, okay, so we get you can get it here as well. 769 00:50:02,450 --> 00:50:03,540 I think so, ladies. 770 00:50:03,640 --> 00:50:03,860 Okay. 771 00:50:04,430 --> 00:50:04,750 This one. 772 00:50:05,390 --> 00:50:06,420 Okay, so that's Klieg. 773 00:50:06,860 --> 00:50:09,230 Submit to see if it will work. 774 00:50:09,380 --> 00:50:09,920 Congrats. 775 00:50:10,040 --> 00:50:14,300 You see, we don't even need to increase the password. 776 00:50:14,420 --> 00:50:22,040 So because it's e because it's just a matter of the bypassing the obscure injection common space. 777 00:50:22,430 --> 00:50:24,690 So we get the 30 points. 778 00:50:24,700 --> 00:50:26,950 So let's go to the next step. 779 00:50:28,620 --> 00:50:31,800 We can carry up to it with this and more. 780 00:50:32,590 --> 00:50:34,090 And then the next one was. 781 00:50:34,390 --> 00:50:36,400 So we were on seven, so let's go. 782 00:50:37,000 --> 00:50:37,450 It's Joy. 783 00:50:37,560 --> 00:50:39,010 Eight by accident. 784 00:50:39,010 --> 00:50:39,910 We will have you. 785 00:50:41,160 --> 00:50:41,400 OK. 786 00:50:41,640 --> 00:50:42,690 So it was this one. 787 00:50:42,830 --> 00:50:48,430 Now let's try this again to see if you here. 788 00:50:57,060 --> 00:50:58,030 OK, so let's try to. 789 00:50:58,470 --> 00:51:08,820 Call it a sting, a second dress it a smaller view page source code to see if we have something encrypted 790 00:51:09,830 --> 00:51:11,170 school No. 791 00:51:11,230 --> 00:51:11,630 One. 792 00:51:18,530 --> 00:51:20,000 Like an omen. 793 00:51:21,920 --> 00:51:22,690 Rupertswood. 794 00:51:28,920 --> 00:51:29,880 So let's go. 795 00:51:31,380 --> 00:51:31,820 It's good. 796 00:51:32,120 --> 00:51:33,050 No, no, no. 797 00:51:33,180 --> 00:51:35,010 It seems to have nothing. 798 00:51:35,250 --> 00:51:37,550 OK, so never mind what we can do. 799 00:51:38,710 --> 00:51:42,250 It's tried to put bias toward, let's say. 800 00:51:44,380 --> 00:51:45,910 Swoon, low gain. 801 00:51:48,240 --> 00:51:49,600 You. 802 00:51:51,840 --> 00:52:00,650 We find something that it says, say, look, stuff from fermented Tobey's oil, plus we're equal, 803 00:52:00,660 --> 00:52:01,190 blah, blah. 804 00:52:01,530 --> 00:52:03,380 Your person was not on in order to. 805 00:52:03,690 --> 00:52:08,190 That means we had information. 806 00:52:09,750 --> 00:52:10,120 They did. 807 00:52:10,380 --> 00:52:17,770 It has a database which we each name is Familly Underscore DBI. 808 00:52:18,580 --> 00:52:18,900 OK. 809 00:52:19,620 --> 00:52:21,090 So let's go back. 810 00:52:21,200 --> 00:52:21,720 He'll. 811 00:52:23,830 --> 00:52:25,850 Oh, first thing first, let's come here. 812 00:52:27,780 --> 00:52:28,770 And ups. 813 00:52:30,720 --> 00:52:31,550 They're all about it. 814 00:52:31,630 --> 00:52:35,030 All of you all and and and so let's try to log in again. 815 00:52:35,090 --> 00:52:35,490 Okay. 816 00:52:35,510 --> 00:52:40,370 Now you can try to find a source code if you Peach's was called. 817 00:52:41,670 --> 00:52:45,010 Say again, Intermezzo, let's joyed. 818 00:52:46,670 --> 00:52:47,300 OK, good. 819 00:52:47,690 --> 00:52:49,050 Now we can try again. 820 00:52:49,080 --> 00:52:49,990 Control F. 821 00:52:50,060 --> 00:52:55,280 And let's start with a comment like that to see if we have something. 822 00:52:55,460 --> 00:53:00,230 No, they have nothing as command. 823 00:53:00,260 --> 00:53:03,830 So we can just call this big began. 824 00:53:04,280 --> 00:53:04,410 What? 825 00:53:04,420 --> 00:53:05,850 We have to invade Depass. 826 00:53:06,800 --> 00:53:07,970 They did have these guys. 827 00:53:09,710 --> 00:53:14,600 Now, let's see if we can bypass the log in page sheet using insulin injection. 828 00:53:15,730 --> 00:53:28,610 So we can use this and as usual, the Oval Office or for Voit comment is we don't need you anymore. 829 00:53:30,100 --> 00:53:31,660 And then we don't need you anymore. 830 00:53:31,840 --> 00:53:34,150 Soft fruit non-controlling to. 831 00:53:35,650 --> 00:53:36,160 Gaine. 832 00:53:39,850 --> 00:53:41,010 Nokia. 833 00:53:42,970 --> 00:53:48,910 So now what we can do as we see, we cannot bypass it using escarole injection here. 834 00:53:48,970 --> 00:53:49,870 And this phase. 835 00:53:50,200 --> 00:53:56,410 But we got the E.U. will pop up message or reflected on this page. 836 00:53:56,570 --> 00:53:58,900 Therefore, we can try to put that. 837 00:53:59,100 --> 00:53:59,760 And there you are. 838 00:54:00,700 --> 00:54:02,680 Okay, so let's try it again. 839 00:54:02,750 --> 00:54:06,280 Oh, blah, blah, blah, blah, blah, blah, blah, blah, blah. 840 00:54:06,310 --> 00:54:08,210 And then it was a no, OK. 841 00:54:08,680 --> 00:54:15,620 Now what we can do, we can try to go to view which suits you. 842 00:54:16,030 --> 00:54:17,140 Come on. 843 00:54:20,920 --> 00:54:23,340 Okay, so we are trying to find you. 844 00:54:23,410 --> 00:54:29,290 We hope some some ticks encrypted or in comments. 845 00:54:38,130 --> 00:54:39,020 Let's go to. 846 00:54:46,980 --> 00:54:48,160 We enjoyed it. 847 00:54:48,630 --> 00:54:49,190 It's good. 848 00:54:51,180 --> 00:54:53,320 It's true in your case that. 849 00:54:56,120 --> 00:54:58,980 He will only skewer Chloe. 850 00:55:00,760 --> 00:55:01,070 A. 851 00:55:02,200 --> 00:55:05,890 So we can do some things since we have been this cool you all so we can. 852 00:55:07,470 --> 00:55:11,250 Try to put a specific call in the wheel well. 853 00:55:12,000 --> 00:55:12,420 All right. 854 00:55:12,630 --> 00:55:22,260 Yes, good query is this disguise, because we know the password is not found in the database of family 855 00:55:22,850 --> 00:55:23,880 underscore DBI. 856 00:55:23,970 --> 00:55:27,780 So what we can do now, let's try to put a comment here. 857 00:55:28,560 --> 00:55:29,460 So. 858 00:55:34,110 --> 00:55:41,800 Sings Dispatcher For P, it should be fired so we can try to put this code here. 859 00:55:41,860 --> 00:55:44,920 Let's say it's cruel. 860 00:55:46,330 --> 00:55:50,030 Clearly equal to let's say. 861 00:55:52,990 --> 00:55:54,320 One is true equity. 862 00:55:56,030 --> 00:55:58,500 It's related to what? 863 00:56:00,930 --> 00:56:04,390 Okay, so let's put some of the quote, but. 864 00:56:06,700 --> 00:56:07,060 Well. 865 00:56:14,270 --> 00:56:15,250 It's just. 866 00:56:19,190 --> 00:56:29,270 So what we are going to do because we cannot use this is criminal, that it's a it's a killer. 867 00:56:31,060 --> 00:56:31,480 Here. 868 00:56:33,060 --> 00:56:33,350 Whoops. 869 00:56:41,140 --> 00:56:44,440 So, blah, blah. 870 00:56:45,430 --> 00:56:46,680 Log in again. 871 00:56:49,670 --> 00:56:55,120 Okay, so now let's try to put on this that Abey's. 872 00:56:56,350 --> 00:57:01,490 Here, because since it it's reflected here, Plessey is cruel. 873 00:57:02,320 --> 00:57:06,770 Clearly, this is the BHB commentary Ekwall. 874 00:57:08,190 --> 00:57:10,860 No equal select. 875 00:57:12,760 --> 00:57:14,310 Let's do it like that. 876 00:57:14,930 --> 00:57:18,310 Cevik still hopes. 877 00:57:22,000 --> 00:57:23,600 Really did. 878 00:57:23,740 --> 00:57:24,280 These. 879 00:57:25,650 --> 00:57:27,010 So good. 880 00:57:27,240 --> 00:57:28,920 It's good to see. 881 00:57:30,240 --> 00:57:31,650 Whole Excelente. 882 00:57:32,220 --> 00:57:34,750 Your password is King Kong. 883 00:57:35,010 --> 00:57:36,150 It's not even encrypted. 884 00:57:36,690 --> 00:57:39,690 All right, so let's call it. 885 00:57:41,080 --> 00:57:42,960 Let's literally to see if we can do okay. 886 00:57:43,190 --> 00:57:45,940 We can be gay. 887 00:57:46,730 --> 00:57:50,270 Come on, let's go to submit to see if it'll work. 888 00:57:51,510 --> 00:57:53,050 Congress tour. 889 00:57:53,080 --> 00:57:56,240 The prize has been added again, so that's perfect. 890 00:57:57,010 --> 00:58:00,160 You see, guys always try to know this stuff. 891 00:58:00,250 --> 00:58:09,260 For example, if you have your own if you have the equal of the database, UPU to you. 892 00:58:09,320 --> 00:58:15,470 So it's a very good chance that you have so that you can since the you will be frex to that page, you 893 00:58:15,470 --> 00:58:17,860 can try to take that equal and pass it in the. 894 00:58:17,860 --> 00:58:20,630 You were following a specific comment. 895 00:58:20,630 --> 00:58:25,250 Let me do is actual query equal this, this, this. 896 00:58:25,910 --> 00:58:30,320 Because here we got days as escarole query equal. 897 00:58:30,770 --> 00:58:32,660 So we found that. 898 00:58:33,040 --> 00:58:38,310 So it is a escarole query comment that is required to put behind that. 899 00:58:38,330 --> 00:58:43,460 You were well and then wait the specific message that it has. 900 00:58:43,850 --> 00:58:44,770 So perfect. 901 00:58:45,140 --> 00:58:45,500 All right. 902 00:58:45,560 --> 00:58:47,460 So now we don't need this or we can close it. 903 00:58:47,480 --> 00:58:50,480 And we I to the next step. 904 00:58:50,540 --> 00:58:53,670 It was eight and I can't remember. 905 00:58:53,700 --> 00:58:54,330 Let me try. 906 00:58:54,530 --> 00:58:55,190 It was eight. 907 00:58:55,880 --> 00:58:57,240 So go back here. 908 00:58:57,510 --> 00:58:59,680 It will go nine now. 909 00:59:00,360 --> 00:59:02,930 Or Newbridge in Newtown. 910 00:59:03,020 --> 00:59:05,010 Hulky case. 911 00:59:05,670 --> 00:59:06,140 Gail. 912 00:59:07,980 --> 00:59:08,650 All right. 913 00:59:09,690 --> 00:59:12,330 Search for files with this file. 914 00:59:12,390 --> 00:59:13,690 Search and search engine. 915 00:59:14,100 --> 00:59:17,160 You can search firings only on the photo files. 916 00:59:17,530 --> 00:59:17,950 OK. 917 00:59:20,470 --> 00:59:23,440 Which your administrator has set up for you to search. 918 00:59:23,860 --> 00:59:26,260 You can search anything in files folder. 919 00:59:26,320 --> 00:59:26,450 OK. 920 00:59:27,190 --> 00:59:32,560 And if your search was much easier, then it would show you the content of that file. 921 00:59:33,280 --> 00:59:37,120 Let's we still conserve this page. 922 00:59:37,240 --> 00:59:41,280 Let's copy this and open a new page and pass it here. 923 00:59:42,100 --> 00:59:47,130 Now, I'm going to try a default without having to dub. 924 00:59:48,950 --> 00:59:50,000 OK, good. 925 00:59:50,030 --> 00:59:52,670 So we have the content. 926 00:59:53,210 --> 00:59:55,180 Let's try to open them. 927 59:56.300 --> 1:00:01.460 I'd make an opening there to open a new page. 928 1:00:02.530 --> 1:00:05.400 So this is the content or wrong password? 929 1:00:06.640 --> 1:00:10.360 Let me check if I can use this code injection here. 930 1:00:10.480 --> 1:00:17.470 So as we roll or probably is window faludi's on one. 931 1:00:19.850 --> 1:00:31.160 One slash all those pay or select one single quote so that you understand space or space. 932 1:00:31.250 --> 1:00:35.210 Single quote one equals one Gaith. 933 1:00:35.370 --> 1:00:36.800 No, we don't need this anymore. 934 1:00:38.750 --> 1:00:39.950 We don't need this anymore. 935 1:00:40.040 --> 1:00:42.590 So this joy to log in. 936 1:00:44.610 --> 1:00:44.780 No. 937 1:00:45.370 --> 1:00:46.610 OK, so. 938 1:00:46.810 --> 1:00:53.380 So this is the log in page guys that we have now and we click on it so we can try to view. 939 1:00:55.040 --> 1:00:56.000 Source code. 940 1:00:56.680 --> 1:00:58.460 What's wrong with this? 941 1:01:01.480 --> 1:01:05.030 Okay, so that's good on. 942 1:01:06.590 --> 1:01:07.730 It's good, Alan. 943 1:01:11.160 --> 1:01:16.560 So we're hoping both to see their view page, to see the source code of all of them. 944 1:02:30.990 --> 1:02:32.310 Okay, so let's go back. 945 1:02:32.390 --> 1:02:32.670 You. 946 1:02:34.640 --> 1:02:37.740 Since this page is a BHP fired. 947 1:02:37.940 --> 1:02:44.870 So we cannot read the speech codes and sides so we can read the the HDMI codes. 948 1:02:45.080 --> 1:02:45.940 So yes, yes. 949 1:02:46.070 --> 1:02:47.600 And Jeff, as quick inside. 950 1:02:47.600 --> 1:02:48.650 But we cannot wait. 951 1:02:48.680 --> 1:02:51.040 The PSP codes inside. 952 1:02:51.350 --> 1:02:52.280 So what can we do? 953 1:02:52.280 --> 1:02:55.220 So we should just click here. 954 1:02:55.880 --> 1:02:56.870 As we check. 955 1:02:56.930 --> 1:03:03.020 So we had we have to fires so we can try to look for them here. 956 1:03:03.590 --> 1:03:04.640 So we don't need them anymore. 957 1:03:04.680 --> 1:03:07.030 But just what is proposed of this video? 958 1:03:07.040 --> 1:03:09.410 Log into each piece so that you can see. 959 1:03:09.760 --> 1:03:10.530 Oh yeah. 960 1:03:10.670 --> 1:03:12.370 So this is exactly how it will look. 961 1:03:12.580 --> 1:03:15.790 Let's a gain edge. 962 1:03:16.580 --> 1:03:17.470 So we saw it already. 963 1:03:17.690 --> 1:03:18.090 All right. 964 1:03:18.200 --> 1:03:20.930 So now what we can do. 965 1:03:21.510 --> 1:03:23.120 Let's close this. 966 1:03:24.830 --> 1:03:28.160 So would have been, oh, nine. 967 1:03:29.910 --> 1:03:30.330 Get. 968 1:03:33.540 --> 1:03:33.840 Right. 969 1:03:34.430 --> 1:03:36.080 So so what can we do? 970 1:03:36.230 --> 1:03:46.210 We can try to put to logging the PSP and then we put a no bite behind this, the no bite comment. 971 1:03:47.300 --> 1:03:49.640 It is usually the percentage. 972 1:03:50.120 --> 1:03:52.000 And then in. 973 1:03:52.680 --> 1:03:54.060 So this. 974 1:03:55.370 --> 1:03:55.750 OK. 975 1:03:55.880 --> 1:03:57.950 So log in and the percentage. 976 1:03:57.950 --> 1:03:59.400 And then zero. 977 1:03:59.530 --> 1:03:59.920 Zero. 978 1:04:00.590 --> 1:04:04.590 What it does is it truncates all the bytes which should be. 979 1:04:04.790 --> 1:04:06.170 Which comes after. 980 1:04:06.290 --> 1:04:07.760 Which comes behind. 981 1:04:09.640 --> 1:04:15.160 Oh, so let's just click on Search to see how do we add. 982 1:04:18.260 --> 1:04:18.980 Good job. 983 1:04:19.340 --> 1:04:20.900 You doing good? 984 1:04:21.220 --> 1:04:24.620 So continue to the second part. 985 1:04:24.680 --> 1:04:25.670 So it's just. 986 1:04:27.590 --> 1:04:32.930 Check it like that and we can and you scored as well. 987 1:04:33.770 --> 1:04:35.590 So let's go here first. 988 1:04:36.230 --> 1:04:37.970 Okay, so we had a log in page. 989 1:04:39.950 --> 1:04:51.390 So what we can do first thing first we gonna try to come here and find if there is anything in the aid 990 1:04:51.440 --> 1:04:52.970 or commended. 991 1:04:56.060 --> 1:04:56.810 Nothing. 992 1:04:58.860 --> 1:05:00.720 Let's click here, hail. 993 1:05:02.890 --> 1:05:07.100 And now what are we going to do, we're going to try to view the source code for this thing as well. 994 1:05:07.750 --> 1:05:09.730 So view page source. 995 1:05:12.150 --> 1:05:20.700 You see you see how things happen when you used to view suspect, so code of of any page. 996 1:05:21.120 --> 1:05:22.470 They are not even encrypted. 997 1:05:22.900 --> 1:05:27.450 Sometimes it's like that, but sometimes so people they can put it in a comment. 998 1:05:28.770 --> 1:05:33.490 Week by day and coded or encrypted or how she took her. 999 1:05:33.760 --> 1:05:34.860 Sometimes you say that. 1000 1:05:35.130 --> 1:05:35.680 Well, it is. 1001 1:05:35.700 --> 1:05:38.290 So we're going to use this username. 1002 1:05:39.470 --> 1:05:44.010 And we just go be could be cooking it like that. 1003 1:05:44.060 --> 1:05:45.270 And then we come back here to. 1004 1:05:46.770 --> 1:05:48.570 Oh, oh, come back here. 1005 1:05:51.410 --> 1:05:52.830 Congo Tunisian Ocky. 1006 1:05:54.380 --> 1:05:55.080 So welcome back. 1007 1:05:55.190 --> 1:05:59.550 He'll use a name plus in here and buzzword. 1008 1:05:59.930 --> 1:06:01.610 Let's hope. 1009 1:06:01.640 --> 1:06:02.130 Inhale. 1010 1:06:03.730 --> 1:06:04.120 Lips. 1011 1:06:06.970 --> 1:06:07.500 Go on. 1012 1:06:09.010 --> 1:06:09.270 OK. 1013 1:06:09.820 --> 1:06:10.310 Copy. 1014 1:06:12.070 --> 1:06:13.310 And come back here. 1015 1:06:15.510 --> 1:06:17.800 Here, that's what we posted here. 1016 1:06:19.190 --> 1:06:19.640 In. 1017 1:06:21.190 --> 1:06:26.780 When I collude to see, okay, so you know, you know, I it's not you. 1018 1:06:28.480 --> 1:06:32.440 So let's just look that. 1019 1:06:34.870 --> 1:06:36.190 Since we check. 1020 1:06:37.320 --> 1:06:39.500 For research, he'll join with the best. 1021 1:06:39.650 --> 1:06:42.930 He'll again just sit here because we had it already. 1022 1:06:43.850 --> 1:06:44.750 So now. 1023 1:06:46.540 --> 1:06:53.200 In Kobe, again, gold in Kobe again and Pleasant Hill. 1024 1:06:55.060 --> 1:06:57.190 Now let's take on search. 1025 1:06:59.130 --> 1:06:59.670 Perfect. 1026 1:07:00.130 --> 1:07:01.450 Congress, so we have this. 1027 1:07:01.660 --> 1:07:02.440 Okay, guys. 1028 1:07:02.560 --> 1:07:03.760 So not as good. 1029 1:07:04.180 --> 1:07:13.480 Next, Nicholson so we can try to close this Dub's close, close, close, close. 1030 1:07:14.230 --> 1:07:14.660 So I. 1031 1:07:14.740 --> 1:07:15.730 In about 10.