1
00:00:00,120 --> 00:00:00,930
Hello everybody.

2
00:00:00,930 --> 00:00:01,800
Welcome back.

3
00:00:01,980 --> 00:00:08,040
And in this editorial as I said we will cover the shutdown but before we go on to the shutdown I just

4
00:00:08,040 --> 00:00:12,910
want to show you the harvester from the previous lecture which we couldn't get to work.

5
00:00:12,990 --> 00:00:14,070
Maybe if we tried.

6
00:00:14,070 --> 00:00:18,410
Right now we just located once again.

7
00:00:18,450 --> 00:00:24,370
So all local users share goes Merrow tools and then the harvester.

8
00:00:25,250 --> 00:00:32,650
Now one cover right now how to use harvesters since we did that in the previous story.

9
00:00:32,670 --> 00:00:36,920
But I will just try to run it once again so we can see if it will work.

10
00:00:36,930 --> 00:00:39,860
Now now let me just type here.

11
00:00:39,860 --> 00:00:45,500
The harvester and as the domain with the leaves the same website would trade on in the previous video

12
00:00:45,590 --> 00:00:47,030
which is which is this one

13
00:00:50,000 --> 00:00:57,920
for the mines El command level with 500 results obs and the minus B command.

14
00:00:58,280 --> 00:01:01,430
We want to search over the Google engine.

15
00:01:02,240 --> 00:01:08,210
So if we just enter right here we will just wait a few seconds until it searches Google and we'll see

16
00:01:08,210 --> 00:01:14,690
if right now we get some of the results that we couldn't get in the previous video.

17
00:01:14,690 --> 00:01:16,620
And as we can see it will finish soon.

18
00:01:16,700 --> 00:01:20,420
It processed 400 results.

19
00:01:20,420 --> 00:01:21,770
And here we go.

20
00:01:21,890 --> 00:01:26,900
As you can see the same website that in the previous lecture didn't work right now gave us some of the

21
00:01:27,140 --> 00:01:28,070
information.

22
00:01:28,160 --> 00:01:33,430
For example we found a bunch of e-mail addresses that belong to that domain.

23
00:01:33,470 --> 00:01:39,500
As you can see right here we also found some of the hosts with their IP addresses that also belong to

24
00:01:39,500 --> 00:01:41,140
that domain.

25
00:01:41,190 --> 00:01:44,840
You can see auto all inclusive.

26
00:01:44,840 --> 00:01:50,060
And we found some of the e-mail addresses that if this was a company that we were testing we could use

27
00:01:50,090 --> 00:01:57,750
in order to process with our attacks for example with some malware to all of these email addresses and

28
00:01:58,340 --> 00:02:02,140
hope that some of them will open it.

29
00:02:02,490 --> 00:02:04,680
I just want to show you that it works sometimes.

30
00:02:04,680 --> 00:02:08,450
So let's just proceed on to the shutdown which is a Web site.

31
00:02:08,460 --> 00:02:10,140
So just open up your Firefox

32
00:02:21,730 --> 00:02:29,500
to just open up a new tab and type here and show the will will click on the first link and it will lead

33
00:02:29,500 --> 00:02:35,050
us to the Web site where we can discover some of the Moorabool devices on the Internet as we can see

34
00:02:35,110 --> 00:02:38,040
this Web site right here explore the Internet of Things.

35
00:02:38,030 --> 00:02:41,650
My Internet security and bunch of other things.

36
00:02:41,710 --> 00:02:43,900
So we are on this Web site right now.

37
00:02:43,900 --> 00:02:47,130
And basically let us just search for some of the wearable devices.

38
00:02:47,140 --> 00:02:55,460
So in the search bar I would just like your password and as you can see we got two million results right

39
00:02:55,460 --> 00:02:56,730
here.

40
00:02:56,810 --> 00:02:58,750
We got 70 IP addresses.

41
00:02:58,810 --> 00:03:00,550
Let me just type here.

42
00:03:00,550 --> 00:03:01,520
Default password.

43
00:03:01,530 --> 00:03:07,520
So maybe it will show us the results of the IP addresses that have the rotors configured with the default

44
00:03:07,550 --> 00:03:11,530
password as we can see this one right here.

45
00:03:11,540 --> 00:03:12,210
Default.

46
00:03:12,230 --> 00:03:13,520
Name admin password.

47
00:03:13,520 --> 00:03:14,620
One two three four.

48
00:03:15,090 --> 00:03:16,240
But it is unauthorized.

49
00:03:16,240 --> 00:03:18,740
So that is this go down here.

50
00:03:18,830 --> 00:03:20,080
This IP address right here.

51
00:03:20,090 --> 00:03:24,620
An Internet search user name is admin and password is password.

52
00:03:25,370 --> 00:03:27,170
So if you click on this IP address

53
00:03:31,170 --> 00:03:39,080
and it will open some of its information let us just copy the IP address right here and paste it in

54
00:03:39,080 --> 00:03:40,590
Google.

55
00:03:40,670 --> 00:03:44,330
Now there is a good chance that we that this won't work.

56
00:03:44,700 --> 00:03:48,920
Just before I type here the user name and password let me just check here.

57
00:03:48,920 --> 00:03:49,580
What was it.

58
00:03:49,580 --> 00:03:55,770
I believe admin and password as a user name.

59
00:03:57,110 --> 00:03:58,940
Let's try which admin and password.

60
00:03:58,940 --> 00:04:01,430
Let me just refresh this and type here.

61
00:04:01,460 --> 00:04:05,900
Admin and as a password password

62
00:04:08,450 --> 00:04:12,430
now it will let you type it once again.

63
00:04:13,190 --> 00:04:19,030
As for yeah sometimes it's just fun perks inside.

64
00:04:19,780 --> 00:04:21,310
These could be updated.

65
00:04:21,330 --> 00:04:23,660
So they are not really vulnerable anymore.

66
00:04:23,670 --> 00:04:27,880
So someone could have changed the username and password.

67
00:04:27,880 --> 00:04:30,270
And right now we can't log in anymore to it.

68
00:04:30,390 --> 00:04:32,930
So let me just find another one

69
00:04:36,270 --> 00:04:41,600
as we can see this one username Cisco with the password Cisco.

70
00:04:42,120 --> 00:04:43,310
The default user name.

71
00:04:43,320 --> 00:04:45,160
Let's just click on this fund for now.

72
00:04:48,750 --> 00:04:52,500
The default username and password have a privileged level of 15.

73
00:04:52,500 --> 00:04:57,480
Please change the police in own initial credential using here the Cisco Isles.

74
00:04:57,510 --> 00:05:06,400
I commend so basically if this one didn't changed we should be able to log in with the default username

75
00:05:06,430 --> 00:05:07,020
and password.

76
00:05:07,030 --> 00:05:13,230
So let me just paste it right here and we are unable to connect right here.

77
00:05:13,240 --> 00:05:19,670
Well it doesn't really matter even if you could possibly connect to someone and he they didn't update

78
00:05:19,670 --> 00:05:22,840
it and they still have the default username and password.

79
00:05:22,850 --> 00:05:30,620
You shouldn't really do anything with it since it is illegal to change other people's settings on their

80
00:05:30,630 --> 00:05:32,220
alter.

81
00:05:32,370 --> 00:05:37,050
That's why people get notified here about their more abilities and they can just type.

82
00:05:37,050 --> 00:05:39,750
Here let me just show you how you can check.

83
00:05:39,810 --> 00:05:41,010
Check yourself out.

84
00:05:41,370 --> 00:05:42,360
So just type here.

85
00:05:42,360 --> 00:05:45,610
What is my IP address.

86
00:05:46,930 --> 00:05:53,610
Basically just copy your public library address right here as it says your public IP address and paste

87
00:05:53,610 --> 00:05:55,680
it in the search bar.

88
00:05:55,710 --> 00:05:57,440
And if it finds something.

89
00:05:58,140 --> 00:06:03,040
Basically it means that your device or your router is more about or something.

90
00:06:03,090 --> 00:06:09,500
In my case I didn't find anything since it is not really vulnerable but in your case it might find something

91
00:06:11,000 --> 00:06:12,420
before we finish this tutorial.

92
00:06:12,440 --> 00:06:17,990
I just want to show you for example if you found out that your own IP address is stored and shut down

93
00:06:18,020 --> 00:06:21,230
that means that it has some kind of vulnerability.

94
00:06:21,590 --> 00:06:24,350
So in order for you to change that.

95
00:06:24,380 --> 00:06:30,080
For example if it has a default password and user name portability you will need to update your username

96
00:06:30,080 --> 00:06:31,690
and password in the water.

97
00:06:31,790 --> 00:06:36,240
So in order to find out what your proper IP addresses you can just type here.

98
00:06:36,510 --> 00:06:45,170
Let's say that minus an hour and the IP address that is a it PPA below the gateway is the routers IP

99
00:06:45,170 --> 00:06:51,370
address so you can just copy it and go onto the Firefox let's open a new tab.

100
00:06:51,380 --> 00:06:56,690
And right here you paste the IP address and it will ask you for your username and password.

101
00:06:57,530 --> 00:07:01,610
So you just type here your username and password whatever it is.

102
00:07:01,640 --> 00:07:02,540
If you do not know.

103
00:07:02,540 --> 00:07:09,440
Basically just search the name of your router on the Internet and it will show you the default username

104
00:07:09,440 --> 00:07:15,890
and password that you get in the configuration of the router so if you didn't change it the user name

105
00:07:15,890 --> 00:07:17,270
and password will be the same.

106
00:07:17,810 --> 00:07:24,660
So you can find the default username and password for any router on the Internet.

107
00:07:24,720 --> 00:07:26,840
We do not want to say the name password.

108
00:07:26,840 --> 00:07:31,520
So now we wait for it to log in.

109
00:07:31,550 --> 00:07:36,710
Let me just show you for example you can just type here on Google.

110
00:07:36,710 --> 00:07:46,910
Default router passwords and you can just go to any website basically and just search your model of

111
00:07:46,910 --> 00:07:54,440
your outer and the find out what their default IP addresses and also what their default password is.

112
00:07:54,440 --> 00:07:59,050
Now most likely it will be something like admin admin or admin password.

113
00:07:59,840 --> 00:08:02,320
But it could also be something else.

114
00:08:02,330 --> 00:08:04,520
Now this is the site I didn't use in before.

115
00:08:04,520 --> 00:08:09,170
So let me just check out is there anything available here.

116
00:08:09,200 --> 00:08:15,380
So here you can basically just type paste the name of your router and it will let just try this one.

117
00:08:15,380 --> 00:08:19,990
So for example let's say this was a router and you find out what the name of your arteries.

118
00:08:20,000 --> 00:08:26,660
You just pasted right here and it will find the router you're searching for.

119
00:08:26,660 --> 00:08:33,820
It will also give you its IP address by default and the default username and password for the traveler.

120
00:08:35,360 --> 00:08:41,330
So once you find that out you can just face the IP address right here and it will log in.

121
00:08:41,330 --> 00:08:45,180
Now for me it is for some reason logging for too long.

122
00:08:45,180 --> 00:08:51,050
Let me just type here once again and here we are.

123
00:08:51,140 --> 00:08:52,020
We are logged in.

124
00:08:52,020 --> 00:08:56,300
No I didn't ask me for a user name and password because it started two minutes ago.

125
00:08:56,300 --> 00:09:01,540
So now we are in my router here you can have a bunch of the informations.

126
00:09:01,550 --> 00:09:05,900
Now depending on your router different settings could be in different places.

127
00:09:05,900 --> 00:09:07,980
It can be the same as mine router.

128
00:09:08,000 --> 00:09:09,990
My my rather is an old one.

129
00:09:10,430 --> 00:09:15,190
So it will probably not look even nearly the same as mine does.

130
00:09:15,210 --> 00:09:20,210
So you just want to play with the settings a little bit and click on a bunch of things until you find

131
00:09:20,210 --> 00:09:27,980
the username and password change section where basically you can change your default password into any

132
00:09:27,980 --> 00:09:29,550
parts you want.

133
00:09:29,570 --> 00:09:36,190
So once you do that nobody will be able to logging into your router anymore with the default username

134
00:09:36,210 --> 00:09:43,980
and password it is really important for you to do that because if someone logs in it can change any

135
00:09:43,980 --> 00:09:48,050
of the settings for the router it can change the way.

136
00:09:48,090 --> 00:09:52,100
For example port forwarding it can change your wireless pass password.

137
00:09:52,140 --> 00:09:59,430
Basically it can change anything so it is a pretty honorable device and you want to change that.

138
00:09:59,430 --> 00:10:03,300
Now that would be about it for this shutdown website.

139
00:10:03,330 --> 00:10:08,360
And with that we finished the most part default printing.

140
00:10:08,530 --> 00:10:08,840
Yeah.

141
00:10:08,870 --> 00:10:15,540
We just leave the two tools in for the next lecture which would be the Digg and the DNS and tools which

142
00:10:15,540 --> 00:10:16,590
I will cover briefly.

143
00:10:16,590 --> 00:10:20,690
And after that we can continue on to the scanning session.

144
00:10:20,820 --> 00:10:23,890
So I hope I see you in the next lecture and take a.