1 00:00:00,090 --> 00:00:01,260 All right, welcome back, everyone. 2 00:00:01,290 --> 00:00:06,130 This is a snitch and this is about getting getting started with census, right? 3 00:00:06,570 --> 00:00:14,700 So we'll be having a demo wherein will launch will launch our census platform and we'll see if we can, 4 00:00:14,700 --> 00:00:20,760 you know, get access to any of the Web cameras or IP cameras. 5 00:00:21,480 --> 00:00:22,350 Let's get started. 6 00:00:23,070 --> 00:00:28,560 So what do you need to do is directly access to the. 7 00:00:30,030 --> 00:00:30,480 All right. 8 00:00:30,490 --> 00:00:32,460 So this is where our platform is. 9 00:00:33,030 --> 00:00:38,210 Oh, well, you can you don't need to sign up to this account. 10 00:00:38,490 --> 00:00:41,220 Wanting to do is just go to sensors on IoE. 11 00:00:41,760 --> 00:00:50,340 This is how the website really looks like the platform web application really looks like and this is 12 00:00:50,340 --> 00:00:53,760 more for enterprise focused platform. 13 00:00:54,360 --> 00:01:02,280 The reason because it does this capturing more relevant information, more relevant than showing as 14 00:01:02,280 --> 00:01:09,960 well in many contexts, but in many other contexts and really doing a great job. 15 00:01:10,980 --> 00:01:15,720 So when you look at this, this will give you an idea about what exactly it is doing. 16 00:01:15,720 --> 00:01:20,460 And when it looks you know, when you go to the Web based on the rules, the process is based on the 17 00:01:20,460 --> 00:01:20,730 rule. 18 00:01:21,120 --> 00:01:27,570 You get the idea that it is for Sisso Chief Security Chief Information Security Officers attack surface 19 00:01:27,570 --> 00:01:31,720 defender, third hunters, government defender researchers as well. 20 00:01:32,010 --> 00:01:33,600 So how they can make use of it? 21 00:01:33,850 --> 00:01:35,820 What are the different use cases? 22 00:01:35,820 --> 00:01:39,360 Discovering unknown assets, identifying the threat. 23 00:01:39,360 --> 00:01:43,220 Actors want to draw remote workers, both forces. 24 00:01:43,230 --> 00:01:45,990 It might be latest product and many of the. 25 00:01:46,260 --> 00:01:46,670 Oh yeah. 26 00:01:47,040 --> 00:01:53,870 So this this product is something which we'll be making use of as incenses, platforms, APIs. 27 00:01:53,880 --> 00:02:00,090 So there are many other information available when you scroll down the rest of the information. 28 00:02:00,650 --> 00:02:04,320 But our interest is here, OK? 29 00:02:05,130 --> 00:02:12,180 We can search for our desired keywords and we can select three options IP host websites, certificates 30 00:02:12,630 --> 00:02:15,710 and go for IP and search for Web cam. 31 00:02:16,350 --> 00:02:19,830 And the moment you do that, you will find the results coming in. 32 00:02:20,310 --> 00:02:24,210 Well, it is more it's pretty similar to what you do. 33 00:02:24,210 --> 00:02:25,800 You usually get it for the children. 34 00:02:26,010 --> 00:02:28,980 On the left hand side, you get more specific filters. 35 00:02:30,720 --> 00:02:33,200 You know, you see the autonomous system. 36 00:02:34,050 --> 00:02:39,060 This is what indicates and dumps of Internet. 37 00:02:39,300 --> 00:02:47,970 Every every organizations who need to who need to be on the Internet have to appear with the other organizations. 38 00:02:47,970 --> 00:02:51,440 But BGP, that's Border Gateway protocol. 39 00:02:51,450 --> 00:02:51,800 Right. 40 00:02:52,200 --> 00:02:55,890 And that's the backbone of the entire Internet. 41 00:02:56,160 --> 00:03:00,870 OK, so just like GPS, BGP really works on the Internet. 42 00:03:01,030 --> 00:03:01,460 Right. 43 00:03:02,310 --> 00:03:10,790 And then for BGP to work, every organization need to have autonomous system and that's why every organizations 44 00:03:11,580 --> 00:03:13,830 is being referred or here. 45 00:03:14,310 --> 00:03:21,690 It might be, it might not be the same context, but this is what the autonomous system refers to protocol. 46 00:03:21,870 --> 00:03:26,300 These are the different protocols being used to protocol when it comes to a webcam. 47 00:03:26,700 --> 00:03:30,600 So I'll show you some of the search results. 48 00:03:30,990 --> 00:03:37,700 You will probably get the idea that the with the sensors, you will you will mostly find the webcams 49 00:03:37,710 --> 00:03:39,450 pretty much openly available. 50 00:03:39,810 --> 00:03:46,800 When I say openly available, that means you don't bring the credentials to see what Web cameras are 51 00:03:46,800 --> 00:03:47,370 capturing. 52 00:03:47,580 --> 00:03:58,320 OK, for example, if I click on the post results, if I copy the IP address wildhorn, can I directly 53 00:03:58,320 --> 00:03:58,920 access it? 54 00:03:59,130 --> 00:04:04,860 I would say yes, because you see it is making use of EDI on for SCDP. 55 00:04:04,860 --> 00:04:11,060 But as I told you earlier, SCDP is can also be used only for port as well. 56 00:04:11,340 --> 00:04:15,690 So in that case you have to be sure you put the IP address and then calling the port. 57 00:04:15,690 --> 00:04:17,460 No, maybe it's your work. 58 00:04:17,820 --> 00:04:19,890 But in our case we are pretty specific. 59 00:04:19,890 --> 00:04:23,460 We don't need to specify the port or we can even specify already. 60 00:04:23,970 --> 00:04:26,570 But because that's the default, not need it. 61 00:04:27,330 --> 00:04:30,390 So you see, we get the access to the entire webcam. 62 00:04:30,690 --> 00:04:37,560 You see, you can access to any camera and you can see the light streaming coming in about every location. 63 00:04:38,340 --> 00:04:40,350 You can see the data as well. 64 00:04:41,370 --> 00:04:44,460 That's exactly eleven for twenty one. 65 00:04:45,060 --> 00:04:46,470 Ten twenty. 66 00:04:46,470 --> 00:04:48,330 That's the temperature and everything. 67 00:04:49,360 --> 00:04:54,690 What if you can get to see about every detail of every location in that city? 68 00:04:55,530 --> 00:04:59,570 So that's something which is pretty much openly available and exactly like. 69 00:04:59,630 --> 00:05:07,610 This way, you can even get the access to the rest of the organizations as well, and you could possibly 70 00:05:07,610 --> 00:05:10,780 see what what is the live streaming over there? 71 00:05:11,270 --> 00:05:13,600 And that's easy. 72 00:05:13,700 --> 00:05:15,560 Is that for the webcam? 73 00:05:15,830 --> 00:05:19,790 You can even go deeper and make use of keywords as well. 74 00:05:20,180 --> 00:05:27,530 There are some maps options as well, which is which specify the total number of host matches for every 75 00:05:27,530 --> 00:05:28,120 location. 76 00:05:28,130 --> 00:05:36,440 So you get the idea of how many webcams are hosted or are currently exposed and what location and different 77 00:05:36,440 --> 00:05:37,150 metadata does. 78 00:05:37,160 --> 00:05:40,070 Well, metadata is basically depends on the breakdown. 79 00:05:40,610 --> 00:05:47,210 So you get the breakdown based on the autonomous system, the country, and then you can apply the filter 80 00:05:47,210 --> 00:05:49,820 as well, according the way I have told you earlier. 81 00:05:50,270 --> 00:05:51,640 And that's how it works. 82 00:05:51,680 --> 00:05:53,830 You can even refer some documents as well. 83 00:05:54,080 --> 00:05:57,910 Once you sign in, you can try searching you. 84 00:05:57,920 --> 00:06:02,420 You will get a bit more search results as well. 85 00:06:02,630 --> 00:06:03,050 All right. 86 00:06:03,320 --> 00:06:05,540 So you limit may be enhanced in that case. 87 00:06:06,230 --> 00:06:13,220 I hope you got the sense this is just to find the webcams or getting access to the webcams through sensors 88 00:06:14,290 --> 00:06:20,340 will try to find what much more vulnerable devices through sensors as well, and for the station to 89 00:06:20,570 --> 00:06:21,900 keep learning with Gattuso.