1
00:00:00,330 --> 00:00:03,630
Instructor: Okay, time for another coding project.

2
00:00:03,630 --> 00:00:08,070
After a long, long section of covering web vulnerabilities,

3
00:00:08,070 --> 00:00:10,770
let's see how we can test some of them

4
00:00:10,770 --> 00:00:13,410
by using our own tools.

5
00:00:13,410 --> 00:00:18,410
For this, I have decided to show you two different projects.

6
00:00:18,600 --> 00:00:21,330
Now both of them are going to be rather small

7
00:00:21,330 --> 00:00:25,800
and they work rather similar, so once we create one of them,

8
00:00:25,800 --> 00:00:28,890
we won't have any problem in figuring out

9
00:00:28,890 --> 00:00:30,573
how the second one works.

10
00:00:31,590 --> 00:00:36,030
These two projects are going to be Login Page Bruteforcer,

11
00:00:36,030 --> 00:00:38,940
and Directories Bruteforcer.

12
00:00:38,940 --> 00:00:40,230
In the first one,

13
00:00:40,230 --> 00:00:42,960
we are going to try to break a login password

14
00:00:42,960 --> 00:00:44,670
by only knowing the username,

15
00:00:44,670 --> 00:00:46,500
and in the second program,

16
00:00:46,500 --> 00:00:48,810
we're just going to see whether we can find

17
00:00:48,810 --> 00:00:51,360
some hidden directories on a webpage,

18
00:00:51,360 --> 00:00:55,440
and maybe those directories could be useful for us.

19
00:00:55,440 --> 00:00:57,540
Nonetheless, both of these programs

20
00:00:57,540 --> 00:01:00,000
are going to work similar.

21
00:01:00,000 --> 00:01:02,370
Our Login Bruteforcer is going to open

22
00:01:02,370 --> 00:01:05,040
a TXT file with bunch of passwords

23
00:01:05,040 --> 00:01:08,130
and we are going to send each one of those passwords

24
00:01:08,130 --> 00:01:11,640
from the file in hope that one of them is the correct one,

25
00:01:11,640 --> 00:01:15,120
which will grant us an access to that account.

26
00:01:15,120 --> 00:01:19,170
The second program is going to work by opening a TXT file

27
00:01:19,170 --> 00:01:21,210
and reading common directory names

28
00:01:21,210 --> 00:01:23,430
that we will then request to visit,

29
00:01:23,430 --> 00:01:27,540
and if we manage to visit them and get status code 200,

30
00:01:27,540 --> 00:01:30,270
that means that page exists.

31
00:01:30,270 --> 00:01:32,400
If we get connection error,

32
00:01:32,400 --> 00:01:36,150
well then that page doesn't exist.

33
00:01:36,150 --> 00:01:38,310
Nonetheless, enough of talking,

34
00:01:38,310 --> 00:01:41,400
we are already intermediate with our Python skills,

35
00:01:41,400 --> 00:01:45,150
so let's get straight into coding these two programs.

36
00:01:45,150 --> 00:01:46,450
See you in the next video.