WEBVTT

00:00.570 --> 00:05.610
Hello everyone and welcome back to Part 25 of my lane ethical hacking course.

00:05.940 --> 00:11.210
So every video of you've watched or until this point now has been the client side section.

00:11.320 --> 00:15.960
What I mean by that is this course is splitting up into five different sections.

00:15.960 --> 00:18.640
So the first lot of videos you have watched.

00:18.750 --> 00:19.720
Up until this point.

00:19.740 --> 00:23.630
So every single video in this course you've watched has been Klein's side.

00:23.640 --> 00:30.690
And what I mean by that is just the general hacking as in into a computer a standalone computer that

00:30.690 --> 00:38.610
someone owns that is more client side because the someone using the computer i.e. a client that involves

00:38.610 --> 00:44.430
like the social engineer and I expect so all of videos you watch like that that I briefly touched on

00:44.430 --> 00:47.300
DNS spoofing or device for the network section.

00:47.340 --> 00:55.230
However there's the create the payload execute the payload using a fake access point and create a fake

00:55.230 --> 00:59.250
access point a making or persuading someone to connect to it.

00:59.970 --> 01:06.750
Also creating like beef pork injecting gear with man and middle f all of that stuff together.

01:06.750 --> 01:08.090
Now it's up to you.

01:08.130 --> 01:13.740
And it's important to when learning through this course is make up your own like methods of putting

01:13.740 --> 01:15.060
everything together.

01:15.690 --> 01:21.810
So if you've watched my live hacking demonstration I essentially put multiple things together to create

01:21.840 --> 01:23.740
one whole hacking method.

01:23.910 --> 01:30.730
So if you watch that video in that video I use the man in the middle f attack to inject beef once beef

01:30.740 --> 01:36.410
so open a create a payload use beef to create a fake notification bar.

01:36.660 --> 01:43.350
They download the payload directly to the local server and basically then they hacked.

01:43.350 --> 01:48.180
So all of that's been discussed now so that's Klein's side over with.

01:48.180 --> 01:49.850
Hopefully it was useful for you.

01:49.860 --> 01:53.460
And if you're only after that sorts of stuff then you can leave the course here now and you don't have

01:53.460 --> 01:55.100
to continue watching.

01:55.230 --> 02:00.330
But now we're onto the Web site penetration testing so this is the Web site attacks and what I've done

02:00.330 --> 02:06.840
is I've decided to split the course up into client side Web site attacks or Web site pan testing.

02:06.840 --> 02:10.720
Then it's going to be the server pan testing or saver attacks.

02:10.740 --> 02:12.660
Then it's going to be a network.

02:12.720 --> 02:17.670
Now if briefly touched on network within clients I'd like the fake access point but I will revisit it

02:17.850 --> 02:18.970
in more detail.

02:19.860 --> 02:26.920
So the network attacks or pan testing will involve cracking WPA keys to be keys cetera.

02:27.090 --> 02:32.730
And then the last section is just going to be a miscellaneous section so there's going to be pivoting

02:32.940 --> 02:40.350
now to make an old man in midlife or metaphor to wait outside the local network so you can use it on

02:40.350 --> 02:43.230
one for example.

02:43.230 --> 02:44.750
So that stuff's really interesting.

02:45.420 --> 02:48.360
But right now we're onto the Web site pen testing.

02:49.740 --> 02:52.990
So essentially what is a Web site.

02:52.990 --> 02:58.870
Our Web site is just a collection of pages that access through the Internet or through web browser access

02:58.890 --> 03:01.280
via the Internet.

03:01.350 --> 03:05.250
So when you visit Facebook you're visiting a Web site a Web page.

03:05.340 --> 03:07.530
That is one page of a collection of many.

03:07.590 --> 03:12.690
Now if Facebook had a an about page then you click on the about page and I'll send you to that.

03:12.690 --> 03:16.230
So they're all connected together which makes up the whole Web site.

03:16.230 --> 03:19.710
Web sites will have web applications on them.

03:19.740 --> 03:26.730
So this is the Web site slash web application pen testing because Web sites will have these sorts of

03:26.730 --> 03:27.780
things on them.

03:27.780 --> 03:34.180
So think of like a search function that processes information that's a web application on a Web site.

03:34.360 --> 03:37.930
They think of a logging system that's a web application on a Web site.

03:38.040 --> 03:44.640
So the person's Web site might be secure enough but they might be one small vulnerability within a web

03:44.640 --> 03:51.840
application on one of their web pages that allows you to gain access to their whole Web site.

03:51.840 --> 03:58.680
So this is like very important very critical for businesses to understand web applications may also

03:58.680 --> 04:03.400
be installed on computers as applications.

04:03.900 --> 04:10.620
So if you think of steam now steam is just an application that you can buy games from the Steam store

04:10.710 --> 04:13.250
and install them and then directly play them.

04:13.260 --> 04:15.590
So it's very popular for P.C. gamers.

04:15.660 --> 04:17.860
It's like the one with all the games on it.

04:17.940 --> 04:21.030
Everyone uses it to play games.

04:21.180 --> 04:23.100
Now that's not a Web site.

04:23.130 --> 04:30.220
It's a web application and it's installed so you can have a web application on a Web site and you can

04:30.220 --> 04:33.300
also have a web application that's installed on your computer.

04:33.310 --> 04:39.680
The reason that's a web application is because it talks to the server of the steam web and the Web sites

04:39.940 --> 04:46.060
the saver of the Web site and it communicates with each of those to the client and the web application

04:46.180 --> 04:50.270
or the Web site will talk to the client on the computer.

04:50.730 --> 04:55.270
And that's why it's a web applications that might have a vulnerability within it because it's installed

04:55.270 --> 04:55.990
on your computer.

04:56.020 --> 05:00.970
And then you might be able to get access through that and then get to the actual Web site.

05:00.980 --> 05:02.470
Now I've already discussed this.

05:02.470 --> 05:07.240
So a computer that uses an operating system that will be for the safer side attacks on the client side

05:07.240 --> 05:14.380
attacks we've already discussed and I'm pretty sure I've discussed enough about the client side attacks

05:14.380 --> 05:17.260
to give you a better understanding of ethical hacking.

05:18.850 --> 05:23.740
So in this video we're just going to start with basic information gathering and we're going to start

05:23.740 --> 05:24.380
to build on it.

05:25.090 --> 05:29.700
So because we start with Web sites we're just going to start at the very basic level.

05:29.710 --> 05:32.640
So if you go to college and open up your colleague Linux machine.

05:32.650 --> 05:40.180
So I'm just going to log in here and then I'll make you expand the screen so I'm on a Web site here

05:40.180 --> 05:41.630
called Who is.

05:41.650 --> 05:47.050
So if you go to the link in the description and just click on it it will send you to this Web site.

05:47.080 --> 05:50.650
So for this part we're just going to do some basic information gathering.

05:50.740 --> 05:58.180
So the set methods what you do with hacking in and testing and pen testing is you start information

05:58.180 --> 05:58.800
gathering.

05:58.840 --> 06:02.310
Then you build up to the next one then you go to the next stage.

06:02.380 --> 06:04.000
The next stage and the next one.

06:04.000 --> 06:05.950
So these will all be discussed.

06:05.950 --> 06:12.310
But right now what are the things like the information gathering to understand what we're targeting

06:12.310 --> 06:15.190
better.

06:15.190 --> 06:20.680
This principle applies for client side because you need to like sniff out networks.

06:20.710 --> 06:23.410
If our computers understand the person you're talking to.

06:23.410 --> 06:26.050
So you could fish for information which is like social engineering.

06:26.500 --> 06:30.010
So all of these attacks and pen testing will start with this.

06:30.010 --> 06:33.060
So once you're on who is little hope you type in the domain.

06:33.070 --> 06:34.020
Now what can be absolute.

06:34.030 --> 06:35.440
Any domain you want.

06:35.590 --> 06:39.010
I'm going to type in my web site so just make this a little bit larger so you can see it.

06:39.010 --> 06:41.100
So if I type code on come on dot com.

06:41.290 --> 06:45.330
This is my Web site and click and it's going to who is little corp.

06:45.520 --> 06:48.700
So it's going to get the DNS server etc..

06:49.180 --> 06:53.470
So as you can see this is how old my Web site is.

06:53.530 --> 06:54.730
This is when it was created.

06:54.730 --> 07:01.580
This is when it's going to expire and when it was updated so as you can see there is the host.

07:01.580 --> 07:02.430
So it's a wonder.

07:02.430 --> 07:06.250
Come on that's who I do pitches my Web site hosting from.

07:07.250 --> 07:15.700
So there's the DNS servers the name servers we go down here you can see an IP address you can see the

07:15.700 --> 07:19.800
IP location and there's one dot com again.

07:20.230 --> 07:27.430
Then the IP history so we can get the IP history so for changes for unique IP addresses over seven years

07:28.240 --> 07:34.690
save a type of patchy and so this is like very basic information gathering.

07:34.810 --> 07:36.070
You can see what it's registered

07:39.150 --> 07:44.540
right here is will is with the registrar will appear.

07:44.580 --> 07:51.870
So I have domain privacy so as you can see here it says in the tech Contact section it just says domain

07:51.870 --> 07:52.430
privacy.

07:52.430 --> 07:56.180
High I've domain privacy through one dot com.

07:56.490 --> 07:59.940
So I essentially pay a little bit more and it protects my information.

07:59.940 --> 08:06.030
Now some Web sites might not have this and it's really really important to have it I reckon.

08:06.030 --> 08:10.540
Now if you're a small local business then it doesn't really matter.

08:10.950 --> 08:17.790
Bill for ones that don't want their private information leaked essentially it's important because my

08:17.790 --> 08:19.220
information would appear right here.

08:19.230 --> 08:25.190
My address my phone number and my name and that's like the most private information I can have.

08:25.200 --> 08:25.680
Really.

08:25.680 --> 08:29.980
Because then you'll know exactly where I live on my exact name plus my phone number.

08:30.030 --> 08:36.930
So that's not really a good idea and so the tech contact I have domain privacy both types of websites

08:36.970 --> 08:39.700
in that doesn't have it all the owners information.

08:39.700 --> 08:44.070
Whoever bought the web address will appear here.

08:44.290 --> 08:50.620
So if you find a Web site that does have that then you can do that in fact that starts to get into docking

08:50.620 --> 08:55.990
which I'm not going to discuss in this course because it's I don't agree with it.

08:56.020 --> 08:56.680
I don't like it.

08:57.940 --> 09:00.130
So you can find information on that elsewhere.

09:00.130 --> 09:05.410
Just type indexing and find out information about that but this is how you start doing stuff like that.

09:06.460 --> 09:12.280
So dates over a discourse that you can see the dates et cetera but the most important part here is the

09:12.280 --> 09:16.810
IP address so we've got an IP address of the actual server so you could take this down if you wanted

09:16.840 --> 09:17.730
to.

09:17.890 --> 09:26.190
And if we just open the terminal so Terminator and what we'll do is we'll just type and ping if you

09:26.190 --> 09:27.290
type ping.

09:27.870 --> 09:29.760
And then the address.

09:29.760 --> 09:35.030
Now you don't type the IP addressing you type the web address so type w w w draw.

09:35.130 --> 09:38.060
Now you can type in any Web site you want here or type in mine.

09:38.070 --> 09:39.910
So coding command dot com click on site.

09:39.930 --> 09:40.650
I'll stop pinging.

09:41.940 --> 09:46.140
So wait a few seconds it's just pinging to get response from the server so they would go we can see

09:46.140 --> 09:48.260
the Web site's live may get a response.

09:49.110 --> 09:51.270
But if you noticed here we get an IP address.

09:51.270 --> 09:59.150
Now let's see if it matches the IP address on who is as you can see it those forty six thirty to 1 5

09:59.290 --> 10:00.530
to 15.

10:00.860 --> 10:01.660
Ninety five.

10:01.680 --> 10:04.180
There we go.

10:04.230 --> 10:10.920
So that's how to get the IP address of the server of the Web site because the Web sites use DNS is an

10:11.080 --> 10:19.250
a DNS basically will fetch the IP address that's attached to the DNS and then that translates an IP

10:19.250 --> 10:20.600
address into a web address.

10:21.290 --> 10:26.510
So essentially when you type in facebook dot com are typing in the IP address for Facebook dot com the

10:26.510 --> 10:28.580
saver on Facebook dot com.

10:28.580 --> 10:34.040
It's just to make translation easier between the IP address of the Web site and the actual name of the

10:34.040 --> 10:40.130
Web site because people don't want to be remember and IP addresses to go to Facebook Google etc..

10:40.160 --> 10:45.660
Just be really annoying because you have to remember thousands of IP addresses just to go to Web sites.

10:47.990 --> 10:52.550
But that's essentially the first video of the Web site pen testing.

10:52.550 --> 10:59.090
This is just a basic information gathering later on in this section we will get onto the more interesting

10:59.090 --> 11:05.250
parts such as astral injection defacing Web sites or collating shells.

11:05.330 --> 11:09.140
Well that's it for this video so if it did help please leave like comments if you stuck with anything.

11:09.140 --> 11:13.700
I'll be happy to help subscribe for future content and I will see you all in the next video.