1 00:00:00,060 --> 00:00:01,180 All right, welcome back, everyone. 2 00:00:01,200 --> 00:00:10,260 This is a speech and this session is actually about hacking or performing the injection manually, and 3 00:00:10,260 --> 00:00:19,230 this session will be getting access into our target Web site without even having the valid username 4 00:00:19,230 --> 00:00:19,800 and password. 5 00:00:19,950 --> 00:00:21,630 All right, let's get started. 6 00:00:22,290 --> 00:00:25,740 So for those who will be making use of. 7 00:00:26,670 --> 00:00:29,410 Yeah, let's first get into a candy machine. 8 00:00:29,430 --> 00:00:29,790 Yeah. 9 00:00:30,600 --> 00:00:36,840 So this is where we are and we need to have. 10 00:00:38,360 --> 00:00:45,920 So let's log into our Altero Mutual, by the way, the actual name is Temodar. 11 00:00:45,960 --> 00:00:50,680 That's fine, but it is pretty easy to remember this spam. 12 00:00:54,200 --> 00:01:05,930 OK, so now we are on on our Altero side from each side, and now it's pretty, very similar to any 13 00:01:05,930 --> 00:01:06,640 banking thing. 14 00:01:06,800 --> 00:01:14,430 But remember, this is just a demo site and intentionally infected site itself, so you go to sign it. 15 00:01:14,960 --> 00:01:19,460 So now we have just learned that there's a payload which we could use. 16 00:01:19,850 --> 00:01:27,950 We can make use of the payload that we created, which had apostrophe, and then R one is equal to one 17 00:01:27,950 --> 00:01:32,280 that was for user name and then for the password we can use anything great. 18 00:01:32,870 --> 00:01:37,000 So let's see if that works so I can use both stuff. 19 00:01:37,580 --> 00:01:42,160 OK, and then or one is equal to one. 20 00:01:42,470 --> 00:01:46,230 And then there was the double down after that. 21 00:01:46,670 --> 00:01:51,740 So if you remember correctly, this was the username where I posed to indicate to ignore everything 22 00:01:51,740 --> 00:01:52,460 before this. 23 00:01:52,850 --> 00:01:59,620 And double dash indicates that anything after this will be taken as common. 24 00:01:59,630 --> 00:02:01,840 So it is just a common denominator. 25 00:02:02,240 --> 00:02:03,900 Then what would be the password? 26 00:02:04,280 --> 00:02:10,240 So if you remember, I said you're going to have passwords, anything, so you can have simply anything. 27 00:02:10,250 --> 00:02:13,840 I mean, you can type even just the term typing desk. 28 00:02:14,030 --> 00:02:16,390 OK, it doesn't matter what you type after this. 29 00:02:16,850 --> 00:02:23,240 But remember one thing, you have seen the signaling, what it comma that is just to indicate there 30 00:02:23,240 --> 00:02:26,380 is some string inside, some some something into it. 31 00:02:26,720 --> 00:02:29,390 But because we are in the field at this moment. 32 00:02:29,390 --> 00:02:30,680 So you don't have to do that. 33 00:02:30,680 --> 00:02:30,970 Right. 34 00:02:31,310 --> 00:02:33,650 And what you have seen as a part of a. 35 00:02:34,060 --> 00:02:34,510 Great. 36 00:02:34,820 --> 00:02:39,500 Now once we submit this information to the Web application, the application get it. 37 00:02:39,500 --> 00:02:46,520 And this will be given to the database in the script query format and Lowville head blogging. 38 00:02:46,760 --> 00:02:51,800 And we'll see if we get the access to the system right. 39 00:02:51,860 --> 00:02:54,890 Without even having login and login. 40 00:02:54,890 --> 00:02:56,420 Valid login and password. 41 00:02:56,420 --> 00:02:56,650 Right. 42 00:02:57,260 --> 00:02:57,990 That's it. 43 00:02:58,220 --> 00:02:59,570 And let's see what happens. 44 00:03:01,130 --> 00:03:01,730 Oh, wow. 45 00:03:01,730 --> 00:03:02,280 Lovely. 46 00:03:02,810 --> 00:03:03,800 Can you see this? 47 00:03:04,460 --> 00:03:05,680 Can you see this? 48 00:03:05,690 --> 00:03:11,420 We actually got the access to the system as an admin user. 49 00:03:11,420 --> 00:03:13,640 And this is we are already into the system. 50 00:03:13,640 --> 00:03:15,020 We can view our accounts. 51 00:03:15,440 --> 00:03:17,600 We can view over a checking account. 52 00:03:18,440 --> 00:03:22,430 We can see the balance, our saving account details. 53 00:03:23,210 --> 00:03:25,820 We can see all the information in it. 54 00:03:25,820 --> 00:03:26,160 Right. 55 00:03:26,630 --> 00:03:33,770 So it is possible and this is the way we can begin compromised the system as well. 56 00:03:34,250 --> 00:03:41,270 Now, this is this is something we tried on the infected system most of the time. 57 00:03:41,270 --> 00:03:44,690 This is not the only way we can compromise the system. 58 00:03:44,690 --> 00:03:47,330 There are possible payload. 59 00:03:47,330 --> 00:03:49,940 We can have we have budesonide right now. 60 00:03:49,940 --> 00:03:55,200 You may ask, OK, how do we get all those, you know, possible strain for first things? 61 00:03:55,230 --> 00:03:58,510 You have to learn my script quite quickly. 62 00:03:58,580 --> 00:04:06,410 First of all, the way I have talked to you about how the how the my school is basically how the individual 63 00:04:06,800 --> 00:04:10,520 rules as created databases created exactly the same way. 64 00:04:10,520 --> 00:04:11,780 There are multiple Syntex. 65 00:04:11,900 --> 00:04:13,580 So you have to learn those indexed. 66 00:04:14,090 --> 00:04:20,480 You will have to learn the union as well as a part of a screen injection, which I'll teach you in the 67 00:04:20,480 --> 00:04:24,020 advanced section as well in advance section of Web application. 68 00:04:24,020 --> 00:04:31,040 And that's but as you go further, you have to really be smart enough and understand the skill already. 69 00:04:31,460 --> 00:04:37,160 Second, as you have to you have to understand the need in the real world. 70 00:04:37,160 --> 00:04:40,430 You have to test and try multiple keywords. 71 00:04:40,430 --> 00:04:45,500 You have to make use of multiple databases, which is available on the GitHub. 72 00:04:45,500 --> 00:04:51,650 If you remember when I talked about the lab setup and the resources video, that's what I have mentioned, 73 00:04:51,650 --> 00:04:54,080 you three GitHub repository. 74 00:04:54,080 --> 00:05:00,740 And that you can if you go to all all of them individually, you get to see there that are individual 75 00:05:00,740 --> 00:05:03,440 dictionary and that individual payload for the screen. 76 00:05:03,710 --> 00:05:10,040 So you can copy all those Eskild injections, you know, below and try and assume this is the manual 77 00:05:10,040 --> 00:05:11,720 way of doing it within. 78 00:05:11,720 --> 00:05:17,630 The next station will be making use of a tool called UpSweep to perform the same operation. 79 00:05:17,630 --> 00:05:25,070 But the beauty is, if you want to do it for multiple trial and, you know, multiple trial, you have 80 00:05:25,070 --> 00:05:26,540 to get into it. 81 00:05:26,540 --> 00:05:28,660 You will you will get a login for a year. 82 00:05:28,880 --> 00:05:32,570 You will try another payload, organ failure, trial and error, all this stuff. 83 00:05:32,870 --> 00:05:35,240 But the bumps are it it just automated. 84 00:05:35,240 --> 00:05:40,430 You have to just plan your payload and wait and watch what's going to happen next. 85 00:05:40,640 --> 00:05:41,030 All right. 86 00:05:41,390 --> 00:05:44,990 So I hope you like this session with catching the next one. 87 00:05:45,110 --> 00:05:45,590 Thank you.