1

00:00:00,060 --> 00:00:01,180

All right, welcome back, everyone.



2

00:00:01,200 --> 00:00:10,260

This is a speech and this session is actually about hacking or performing the injection manually, and



3

00:00:10,260 --> 00:00:19,230

this session will be getting access into our target Web site without even having the valid username



4

00:00:19,230 --> 00:00:19,800

and password.



5

00:00:19,950 --> 00:00:21,630

All right, let's get started.



6

00:00:22,290 --> 00:00:25,740

So for those who will be making use of.



7

00:00:26,670 --> 00:00:29,410

Yeah, let's first get into a candy machine.



8

00:00:29,430 --> 00:00:29,790

Yeah.



9

00:00:30,600 --> 00:00:36,840

So this is where we are and we need to have.



10

00:00:38,360 --> 00:00:45,920

So let's log into our Altero Mutual, by the way, the actual name is Temodar.



11

00:00:45,960 --> 00:00:50,680

That's fine, but it is pretty easy to remember this spam.



12

00:00:54,200 --> 00:01:05,930

OK, so now we are on on our Altero side from each side, and now it's pretty, very similar to any



13

00:01:05,930 --> 00:01:06,640

banking thing.



14

00:01:06,800 --> 00:01:14,430

But remember, this is just a demo site and intentionally infected site itself, so you go to sign it.



15

00:01:14,960 --> 00:01:19,460

So now we have just learned that there's a payload which we could use.



16

00:01:19,850 --> 00:01:27,950

We can make use of the payload that we created, which had apostrophe, and then R one is equal to one



17

00:01:27,950 --> 00:01:32,280

that was for user name and then for the password we can use anything great.



18

00:01:32,870 --> 00:01:37,000

So let's see if that works so I can use both stuff.



19

00:01:37,580 --> 00:01:42,160

OK, and then or one is equal to one.



20

00:01:42,470 --> 00:01:46,230

And then there was the double down after that.



21

00:01:46,670 --> 00:01:51,740

So if you remember correctly, this was the username where I posed to indicate to ignore everything



22

00:01:51,740 --> 00:01:52,460

before this.



23

00:01:52,850 --> 00:01:59,620

And double dash indicates that anything after this will be taken as common.



24

00:01:59,630 --> 00:02:01,840

So it is just a common denominator.



25

00:02:02,240 --> 00:02:03,900

Then what would be the password?



26

00:02:04,280 --> 00:02:10,240

So if you remember, I said you're going to have passwords, anything, so you can have simply anything.



27

00:02:10,250 --> 00:02:13,840

I mean, you can type even just the term typing desk.



28

00:02:14,030 --> 00:02:16,390

OK, it doesn't matter what you type after this.



29

00:02:16,850 --> 00:02:23,240

But remember one thing, you have seen the signaling, what it comma that is just to indicate there



30

00:02:23,240 --> 00:02:26,380

is some string inside, some some something into it.



31

00:02:26,720 --> 00:02:29,390

But because we are in the field at this moment.



32

00:02:29,390 --> 00:02:30,680

So you don't have to do that.



33

00:02:30,680 --> 00:02:30,970

Right.



34

00:02:31,310 --> 00:02:33,650

And what you have seen as a part of a.



35

00:02:34,060 --> 00:02:34,510

Great.



36

00:02:34,820 --> 00:02:39,500

Now once we submit this information to the Web application, the application get it.



37

00:02:39,500 --> 00:02:46,520

And this will be given to the database in the script query format and Lowville head blogging.



38

00:02:46,760 --> 00:02:51,800

And we'll see if we get the access to the system right.



39

00:02:51,860 --> 00:02:54,890

Without even having login and login.



40

00:02:54,890 --> 00:02:56,420

Valid login and password.



41

00:02:56,420 --> 00:02:56,650

Right.



42

00:02:57,260 --> 00:02:57,990

That's it.



43

00:02:58,220 --> 00:02:59,570

And let's see what happens.



44

00:03:01,130 --> 00:03:01,730

Oh, wow.



45

00:03:01,730 --> 00:03:02,280

Lovely.



46

00:03:02,810 --> 00:03:03,800

Can you see this?



47

00:03:04,460 --> 00:03:05,680

Can you see this?



48

00:03:05,690 --> 00:03:11,420

We actually got the access to the system as an admin user.



49

00:03:11,420 --> 00:03:13,640

And this is we are already into the system.



50

00:03:13,640 --> 00:03:15,020

We can view our accounts.



51

00:03:15,440 --> 00:03:17,600

We can view over a checking account.



52

00:03:18,440 --> 00:03:22,430

We can see the balance, our saving account details.



53

00:03:23,210 --> 00:03:25,820

We can see all the information in it.



54

00:03:25,820 --> 00:03:26,160

Right.



55

00:03:26,630 --> 00:03:33,770

So it is possible and this is the way we can begin compromised the system as well.



56

00:03:34,250 --> 00:03:41,270

Now, this is this is something we tried on the infected system most of the time.



57

00:03:41,270 --> 00:03:44,690

This is not the only way we can compromise the system.



58

00:03:44,690 --> 00:03:47,330

There are possible payload.



59

00:03:47,330 --> 00:03:49,940

We can have we have budesonide right now.



60

00:03:49,940 --> 00:03:55,200

You may ask, OK, how do we get all those, you know, possible strain for first things?



61

00:03:55,230 --> 00:03:58,510

You have to learn my script quite quickly.



62

00:03:58,580 --> 00:04:06,410

First of all, the way I have talked to you about how the how the my school is basically how the individual



63

00:04:06,800 --> 00:04:10,520

rules as created databases created exactly the same way.



64

00:04:10,520 --> 00:04:11,780

There are multiple Syntex.



65

00:04:11,900 --> 00:04:13,580

So you have to learn those indexed.



66

00:04:14,090 --> 00:04:20,480

You will have to learn the union as well as a part of a screen injection, which I'll teach you in the



67

00:04:20,480 --> 00:04:24,020

advanced section as well in advance section of Web application.



68

00:04:24,020 --> 00:04:31,040

And that's but as you go further, you have to really be smart enough and understand the skill already.



69

00:04:31,460 --> 00:04:37,160

Second, as you have to you have to understand the need in the real world.



70

00:04:37,160 --> 00:04:40,430

You have to test and try multiple keywords.



71

00:04:40,430 --> 00:04:45,500

You have to make use of multiple databases, which is available on the GitHub.



72

00:04:45,500 --> 00:04:51,650

If you remember when I talked about the lab setup and the resources video, that's what I have mentioned,



73

00:04:51,650 --> 00:04:54,080

you three GitHub repository.



74

00:04:54,080 --> 00:05:00,740

And that you can if you go to all all of them individually, you get to see there that are individual



75

00:05:00,740 --> 00:05:03,440

dictionary and that individual payload for the screen.



76

00:05:03,710 --> 00:05:10,040

So you can copy all those Eskild injections, you know, below and try and assume this is the manual



77

00:05:10,040 --> 00:05:11,720

way of doing it within.



78

00:05:11,720 --> 00:05:17,630

The next station will be making use of a tool called UpSweep to perform the same operation.



79

00:05:17,630 --> 00:05:25,070

But the beauty is, if you want to do it for multiple trial and, you know, multiple trial, you have



80

00:05:25,070 --> 00:05:26,540

to get into it.



81

00:05:26,540 --> 00:05:28,660

You will you will get a login for a year.



82

00:05:28,880 --> 00:05:32,570

You will try another payload, organ failure, trial and error, all this stuff.



83

00:05:32,870 --> 00:05:35,240

But the bumps are it it just automated.



84

00:05:35,240 --> 00:05:40,430

You have to just plan your payload and wait and watch what's going to happen next.



85

00:05:40,640 --> 00:05:41,030

All right.



86

00:05:41,390 --> 00:05:44,990

So I hope you like this session with catching the next one.



87

00:05:45,110 --> 00:05:45,590

Thank you.