1 00:00:00,060 --> 00:00:06,890 Welcome back, my friends, this is Rosnes, and this issue is about demonstrating the ambassador, 2 00:00:07,260 --> 00:00:10,210 trust me, this is gonna be fun for sure. 3 00:00:10,650 --> 00:00:11,660 Let's get something. 4 00:00:12,150 --> 00:00:12,530 All right. 5 00:00:13,050 --> 00:00:18,720 So now let me open my candy machine hacking machine. 6 00:00:19,260 --> 00:00:22,710 OK, so the first. 7 00:00:26,010 --> 00:00:36,390 Once you are in the machine, how to launch the idea, just idea of it at the moment you die. 8 00:00:37,320 --> 00:00:40,170 This is how the two really. 9 00:00:41,070 --> 00:00:41,890 What are you need? 10 00:00:42,120 --> 00:00:47,100 You need to specify the target you are in and you need the wordlist. 11 00:00:47,130 --> 00:00:52,870 OK, let's start with the simple one here. 12 00:00:52,870 --> 00:01:10,020 Yeah, I started the the OS B.W. itself and currently the BWV is on an IP address so you can access 13 00:01:10,020 --> 00:01:10,110 it. 14 00:01:10,650 --> 00:01:17,220 So once you install your OS everywhere you can access the IP address. 15 00:01:17,990 --> 00:01:21,010 Luckily I have made it online. 16 00:01:21,030 --> 00:01:23,070 You could see very. 17 00:01:24,080 --> 00:01:24,800 This is what. 18 00:01:26,410 --> 00:01:36,220 The system really works if all Granges are rude and always BWB, OK, and this is the IP address of 19 00:01:36,220 --> 00:01:38,540 the system, I can access to the IP address. 20 00:01:39,040 --> 00:01:50,470 Now, there are many applications of this project that has basically consolidated all the application 21 00:01:51,160 --> 00:01:52,920 in one single platform. 22 00:01:53,500 --> 00:01:58,830 You get to see that code, you get to see the lead, Lee-Anne. 23 00:01:58,960 --> 00:02:03,100 So I'm not sure how to pronounce it perfectly. 24 00:02:03,730 --> 00:02:06,570 And then you have the map as well. 25 00:02:07,210 --> 00:02:08,880 Just again, pretty popular. 26 00:02:09,550 --> 00:02:19,660 Then there are a couple of mortgages which are outdated, but I'll be focusing more on this mutely ad 27 00:02:19,810 --> 00:02:27,000 and then we have that code, which is pretty new one, and then we'll be focusing on oil. 28 00:02:27,010 --> 00:02:28,720 And this is pretty, pretty old. 29 00:02:28,720 --> 00:02:35,860 And I mean, this is in the market from like last six or seven years, maybe even more than that. 30 00:02:37,060 --> 00:02:41,950 So people will be using it because this is this is very generic. 31 00:02:42,100 --> 00:02:44,290 Every other day, people do all the stuff. 32 00:02:44,890 --> 00:02:53,020 The new one is B, that and that gold and this one even this is all we didn't try to do it. 33 00:02:53,100 --> 00:02:57,970 OK, you keep making use of each one of them for our application testing. 34 00:02:58,180 --> 00:02:59,920 There will be more as well. 35 00:02:59,920 --> 00:03:07,690 If you have seen the nation's video where I have shown you the list of tools that will be making use 36 00:03:07,690 --> 00:03:07,970 of it. 37 00:03:08,140 --> 00:03:10,710 These are the laptops. 38 00:03:10,720 --> 00:03:17,770 There are some which are publicly available or mutual which will be using it in the next edition and 39 00:03:17,770 --> 00:03:18,100 on this. 40 00:03:18,100 --> 00:03:24,930 But you are not that as you can type, if you will, in the name of it. 41 00:03:24,950 --> 00:03:25,330 You can 42 00:03:28,490 --> 00:03:32,520 go to the fire site. 43 00:03:32,560 --> 00:03:34,420 You can see this a demo. 44 00:03:34,430 --> 00:03:38,010 Despierta, this project, this is the demo site. 45 00:03:38,020 --> 00:03:43,960 Remember, this looks like exactly like a syndic or financial services site or banking site. 46 00:03:44,360 --> 00:03:46,800 It's being developed by IBM, IBM. 47 00:03:46,810 --> 00:03:48,850 Now, it's a part of the product. 48 00:03:49,750 --> 00:03:58,360 It is basically made to test the IBM product security of IBM, which is now which is now a part of an 49 00:03:58,360 --> 00:04:05,260 I of sale after after it has been purchased by its purchased by you. 50 00:04:05,710 --> 00:04:06,070 All right. 51 00:04:09,520 --> 00:04:13,200 Let's go to the system will be targeting this site. 52 00:04:13,260 --> 00:04:19,410 OK, so this is where cyber units and so let's say I go into it. 53 00:04:19,430 --> 00:04:22,630 So this is how the entire application really looks like. 54 00:04:23,050 --> 00:04:24,430 This is a dump site. 55 00:04:24,430 --> 00:04:27,700 So you get to see all the best that you can perform. 56 00:04:28,030 --> 00:04:34,510 You could perform injections and injection and all those stuff, which would be it would be doing it 57 00:04:34,780 --> 00:04:35,590 for the edition. 58 00:04:36,130 --> 00:04:37,700 And we are not recording. 59 00:04:37,840 --> 00:04:42,400 So we we don't you don't even have to do this because this is a target site. 60 00:04:42,850 --> 00:04:46,660 We have to scan it from over the left hand side. 61 00:04:46,750 --> 00:04:48,040 This is the poster. 62 00:04:48,550 --> 00:04:53,820 And what you see on your right, this is our target site. 63 00:04:54,480 --> 00:04:57,570 Okay, so on the left, we have our. 64 00:04:59,780 --> 00:05:03,350 Attacking Blackphone on the right, we have our target. 65 00:05:03,710 --> 00:05:11,260 OK, so let's specify the URL so we can be then and you to launch one. 66 00:05:11,610 --> 00:05:17,690 Well, you can make it easy if you want, but it's not OK. 67 00:05:17,990 --> 00:05:18,440 It's done. 68 00:05:18,450 --> 00:05:19,850 You can keep both of it. 69 00:05:19,880 --> 00:05:21,030 What you can be. 70 00:05:21,290 --> 00:05:28,250 You can either keep it get of the or you can keep order, which I suggest you do keep order which then 71 00:05:29,630 --> 00:05:34,100 it require you to browse if you don't browse and select the world. 72 00:05:34,410 --> 00:05:37,400 It won't be wordlist. 73 00:05:37,850 --> 00:05:48,470 The word list is usually present in the user, then share and then search for vier. 74 00:05:50,870 --> 00:05:52,060 Oh yeah, here it is. 75 00:05:52,070 --> 00:05:54,380 And then the wordlist lovely. 76 00:05:54,740 --> 00:05:56,790 Now you see there are many decks. 77 00:05:57,020 --> 00:06:00,530 These are on the list of OK list of X files. 78 00:06:02,270 --> 00:06:04,650 It's kind of big study database. 79 00:06:04,700 --> 00:06:12,560 So they must make use of all those X marks basically to guess the possible directories. 80 00:06:12,560 --> 00:06:14,580 So that's why it is a brute force. 81 00:06:14,930 --> 00:06:23,430 OK, so there I recommend you Google the medium, but if the application is pretty smaller, Sandeep's 82 00:06:23,450 --> 00:06:24,980 or something, you can go for a small. 83 00:06:25,430 --> 00:06:33,270 If it is, you feel it's heavy website WordPress or maybe any e-commerce platform as well. 84 00:06:33,290 --> 00:06:34,700 You can go for a medium as well. 85 00:06:35,210 --> 00:06:37,230 Let's start with medium then. 86 00:06:37,250 --> 00:06:43,450 Now, if you would like to scan the entire application, then you can just go inside. 87 00:06:43,550 --> 00:06:50,590 If you have some folders to scan, some directly to scan as well so you can select them. 88 00:06:50,630 --> 00:06:56,840 In our case, we have multiple applications that are part of multiple directory subjects. 89 00:06:57,140 --> 00:07:01,790 So you could see if I can go to any application, let's have a. 90 00:07:02,540 --> 00:07:04,720 These are all part of different directions. 91 00:07:04,730 --> 00:07:08,900 You see this if they go to be back. 92 00:07:09,200 --> 00:07:11,770 OK, this is again about this. 93 00:07:11,870 --> 00:07:15,790 This is nothing but folders similar to this. 94 00:07:17,600 --> 00:07:20,950 This is another XO, because my target is this. 95 00:07:20,960 --> 00:07:24,250 I mentioned this to the. 96 00:07:27,460 --> 00:07:28,060 Sprey. 97 00:07:31,570 --> 00:07:33,210 You mean that, right? 98 00:07:34,000 --> 00:07:34,550 OK. 99 00:07:35,680 --> 00:07:37,360 I hope I'm right. 100 00:07:39,530 --> 00:07:41,590 Lovely and kind. 101 00:07:42,170 --> 00:07:45,070 OK, let's start with was lovely. 102 00:07:45,800 --> 00:07:49,520 You can see it has it started. 103 00:07:49,700 --> 00:07:57,590 You can see the number of requests being sent to one seven, all of the staff. 104 00:07:57,590 --> 00:07:57,860 Right. 105 00:07:58,040 --> 00:07:59,870 These are all the possible requests. 106 00:08:01,010 --> 00:08:03,530 Insane than average speed. 107 00:08:03,530 --> 00:08:06,830 You see pass size, total request. 108 00:08:07,310 --> 00:08:08,370 Everything OK? 109 00:08:09,320 --> 00:08:12,300 These are the possible directories that you can find. 110 00:08:12,620 --> 00:08:14,690 These are all you could see. 111 00:08:14,720 --> 00:08:18,050 This is the home page, which is available images. 112 00:08:18,060 --> 00:08:19,320 These are all in this speech. 113 00:08:20,060 --> 00:08:24,710 These are directories, basically, OK, and the size of the directory is one. 114 00:08:24,710 --> 00:08:27,470 And you see the response code is 200. 115 00:08:27,470 --> 00:08:32,050 If you have if you're following me correctly, to convert is OK. 116 00:08:32,100 --> 00:08:36,540 That means this site seems to be valid when you see 500. 117 00:08:36,560 --> 00:08:40,940 That means it is so rare, but it might not be available as well. 118 00:08:41,450 --> 00:08:42,910 So what are you seeing doing? 119 00:08:43,110 --> 00:08:51,380 That means it's actually available and the DRM buster is going to jump right on that part of you. 120 00:08:52,820 --> 00:08:54,080 There are many other as well. 121 00:08:54,080 --> 00:08:56,840 And you can see because we have selected the medium. 122 00:08:57,230 --> 00:09:05,190 So this might take a whole lot of time to scan all possible directories and any possible fights as well. 123 00:09:05,840 --> 00:09:12,650 And once you see all of them, you can see you can get there is and there is a path you can get to see 124 00:09:12,650 --> 00:09:16,820 how many files has been scanned and how many of them have tested. 125 00:09:16,820 --> 00:09:20,120 And if there is any error, you see the errors over here. 126 00:09:20,870 --> 00:09:24,520 OK, so you already know what files to look for. 127 00:09:24,530 --> 00:09:31,920 You already know if there's any directories with the backup or dot dot files or files and all that stuff. 128 00:09:32,240 --> 00:09:37,550 This is something which is pretty much important for you and this is something which you can try looking 129 00:09:37,550 --> 00:09:37,790 for. 130 00:09:37,940 --> 00:09:42,780 This is also being very useful to gather the hidden files as well. 131 00:09:42,920 --> 00:09:43,250 Right. 132 00:09:43,550 --> 00:09:46,220 So in spite of you never know. 133 00:09:46,230 --> 00:09:46,590 Right. 134 00:09:46,610 --> 00:09:51,060 You can you can't really just go to the very place on a file. 135 00:09:51,080 --> 00:09:51,330 Right. 136 00:09:51,650 --> 00:09:58,800 So if you already know that this is the possibility that files, you can simply go to the retrieval 137 00:09:59,300 --> 00:10:05,830 directly to the directory there so you can straightaway go to the directly by specifying the name of 138 00:10:05,840 --> 00:10:05,920 it. 139 00:10:05,940 --> 00:10:13,750 Let's say in this situation, the images is available point two hundred so I can search for images directly. 140 00:10:15,230 --> 00:10:15,670 Lovely. 141 00:10:16,160 --> 00:10:23,420 So this means I could actually get all these images otherwise just by looking at looking at the looking 142 00:10:23,420 --> 00:10:29,670 at the site, you never know how many folders or how many how many directories might be there. 143 00:10:29,690 --> 00:10:29,960 Right. 144 00:10:29,990 --> 00:10:36,440 But because of the buster, you can't possibly get the idea about what are the possible directories 145 00:10:36,590 --> 00:10:39,290 for of Melbourne based on images. 146 00:10:39,290 --> 00:10:40,640 I can get those images. 147 00:10:40,640 --> 00:10:42,730 I can download this similarly. 148 00:10:42,730 --> 00:10:43,730 Let's try one more. 149 00:10:47,510 --> 00:10:52,230 These are all hidden files in the images sections. 150 00:10:52,640 --> 00:10:54,500 You can also look for this one. 151 00:10:55,070 --> 00:10:57,150 This is, again, part of images. 152 00:10:57,500 --> 00:11:01,480 This is also said followed right here. 153 00:11:01,970 --> 00:11:11,270 Let's see what we get for this set up database, BHP. 154 00:11:13,040 --> 00:11:13,510 Lovely. 155 00:11:18,900 --> 00:11:26,670 OK, so we see some error with this, and this might be useful for many of the problems, but you can 156 00:11:26,670 --> 00:11:30,850 get the idea of what all the information you have, right? 157 00:11:31,260 --> 00:11:35,610 This is all the Kuwaitis and you can make use of it. 158 00:11:35,970 --> 00:11:46,770 And even this can be used for the Eskil Egyptians as well, if it is possible, possibly information. 159 00:11:47,040 --> 00:11:47,380 Right. 160 00:11:48,090 --> 00:11:51,780 So this is all it is giving you as a part of information. 161 00:11:51,790 --> 00:11:54,060 So let's say this is for Web services. 162 00:11:57,730 --> 00:11:58,160 Right. 163 00:11:58,180 --> 00:12:01,400 So we get to see different services that are available. 164 00:12:01,420 --> 00:12:08,070 We can look for this so we can look for best for everything, right. 165 00:12:08,230 --> 00:12:12,530 That's output on the Starbright and we can see if it is really useful or not. 166 00:12:13,030 --> 00:12:18,250 This is usually usually as a part of best practices developer. 167 00:12:19,240 --> 00:12:22,960 It's able to directly browsing. 168 00:12:23,110 --> 00:12:24,990 You can't really call the directories. 169 00:12:25,390 --> 00:12:28,440 So this can be useful on the situation. 170 00:12:29,530 --> 00:12:31,290 So I hope this was useful. 171 00:12:31,300 --> 00:12:37,060 We can make use of a couple of more systems in following situations to then keep learning. 172 00:12:37,150 --> 00:12:37,750 Thank you.