1 00:00:00,180 --> 00:00:03,740 Hello everyone and welcome back to the low penetration testing. 2 00:00:04,050 --> 00:00:11,580 Now in the previous videos we covered some of the less common attacks including the session fixation 3 00:00:11,580 --> 00:00:18,750 hijacking obsession and the basically the brute force tech as well. 4 00:00:18,750 --> 00:00:21,410 Now the first tech will work in any case. 5 00:00:21,460 --> 00:00:22,970 You can always try it. 6 00:00:23,020 --> 00:00:30,900 It's not 100 percent possibility that you will get into someone's account but it will always work. 7 00:00:30,910 --> 00:00:35,290 Now here is where the real attacks start. 8 00:00:35,320 --> 00:00:41,480 And by real I mean the most common attacks which is the attacks based on injection. 9 00:00:41,560 --> 00:00:48,080 So we'll be covering some of the exploitations based on injections such as the actual injection dyno 10 00:00:48,090 --> 00:00:52,930 scale injection the X amount injection and the command injection. 11 00:00:52,930 --> 00:00:57,750 Now after all that we will also cover the cross site scripting attack. 12 00:00:57,910 --> 00:01:05,130 Those are some of the attacks that you will actually encounter on the Internet on the Web sites. 13 00:01:05,230 --> 00:01:10,540 Most commonly I believe that you will encounter the FTL injection attack which is the attack on the 14 00:01:10,540 --> 00:01:11,820 database. 15 00:01:11,950 --> 00:01:16,310 But before we we again with these attacks let me just walk in first. 16 00:01:16,450 --> 00:01:18,610 So let's test one two three four 17 00:01:23,560 --> 00:01:24,180 now. 18 00:01:24,310 --> 00:01:31,990 The idea behind these attacks based on injection is the interactive that applications that require the 19 00:01:31,990 --> 00:01:33,890 user input. 20 00:01:33,910 --> 00:01:43,430 Now they're all very similar since the mobility is actually the code itself of the Web site where you 21 00:01:43,430 --> 00:01:51,230 have the user input not filtered well enough so if we have a user input where for example on some Web 22 00:01:51,230 --> 00:01:55,990 site where we search the online shop for some of the tools we need. 23 00:01:56,370 --> 00:02:03,660 Basically if you type there the part of the code it might actually interpret the website might actually 24 00:02:03,660 --> 00:02:06,880 interpret that user input as a part of their code. 25 00:02:06,900 --> 00:02:16,700 If it's not filtering enough now by filter they mean it is excluding some of the uh characters used 26 00:02:16,760 --> 00:02:23,290 in for example ask your queries in JavaScript code and so on and so on. 27 00:02:23,300 --> 00:02:32,360 Now we will start off with the command dejection and we will need also to start our let me just find 28 00:02:32,360 --> 00:02:32,560 it. 29 00:02:32,600 --> 00:02:34,010 Oh WASP word to machine. 30 00:02:34,010 --> 00:02:35,690 So if you have it started already. 31 00:02:35,690 --> 00:02:36,680 Good. 32 00:02:36,680 --> 00:02:38,480 Let me just start mine. 33 00:02:39,770 --> 00:02:41,120 While that is doing. 34 00:02:41,640 --> 00:02:49,170 Let me just check one thing and that thing is if we are connected to the Internet we should be. 35 00:02:49,190 --> 00:02:52,340 Yeah that one that find the one that five. 36 00:02:52,340 --> 00:02:52,790 Good. 37 00:02:52,850 --> 00:02:57,230 So let's start off with some pretty basic injection types. 38 00:02:57,230 --> 00:03:03,110 The first one as I said that we will be doing will be the command injection. 39 00:03:03,110 --> 00:03:07,130 Now the command ejection let's say for example. 40 00:03:07,490 --> 00:03:10,370 This example will practically cover in the next lecture. 41 00:03:10,370 --> 00:03:17,780 But let's say you have a website that is used for anyone to ping their own machines. 42 00:03:17,780 --> 00:03:25,620 So you have a website you put Putin in the user input your IP address and deep web site will perform. 43 00:03:25,890 --> 00:03:30,080 Being the end then the IP address or the domain name. 44 00:03:30,140 --> 00:03:39,590 So as we can see these command paying Google dot com is executed by the operating system on this machine. 45 00:03:39,600 --> 00:03:47,160 Now if you have a website that performs this same exact command the command is also executing on the 46 00:03:47,220 --> 00:03:54,660 operating system of that service machine which means that our user input which was the IP address of 47 00:03:54,660 --> 00:04:03,570 the machine we wanted to ping on that certain Web site was processed into the into the command of the 48 00:04:03,600 --> 00:04:07,170 server in its own terminal. 49 00:04:07,170 --> 00:04:14,820 Now that can be dangerous if for example the the input which was the IP address isn't good enough and 50 00:04:14,820 --> 00:04:22,580 we can type basically any command and executed in the server's terminal the next attack would be the 51 00:04:22,710 --> 00:04:25,460 actual injection or the noise kill injection. 52 00:04:25,460 --> 00:04:28,220 That is basically the attack on the database itself. 53 00:04:28,280 --> 00:04:33,310 Now it is also happening when the user is not filtering enough. 54 00:04:33,620 --> 00:04:39,550 It basically allows us to query the database and possibly find something very useful such as bunch of 55 00:04:39,560 --> 00:04:41,720 usernames and passwords. 56 00:04:41,750 --> 00:04:49,260 It also could potentially allow us to delete the entire database if we wanted to also the next thing 57 00:04:49,260 --> 00:04:56,490 would be the X amount injection which basically is attacking the X amount itself and also at the end 58 00:04:56,490 --> 00:05:02,910 we will cover the cross site scripting attack which is basically the attack where recover or recover 59 00:05:02,910 --> 00:05:11,250 injecting javascript code into a web page so let me just check if our machine is on it. 60 00:05:11,270 --> 00:05:16,750 I will log in and then I will continue into the next tutorial where well will start off with the command 61 00:05:16,750 --> 00:05:18,300 ejection. 62 00:05:18,300 --> 00:05:25,140 So that's about it for this story I just give you a brief view of the injection attacks and we'll cover 63 00:05:25,170 --> 00:05:28,520 each one of them in details in the next pictures. 64 00:05:28,650 --> 00:05:30,890 So I hope I see you there and take care. 65 00:05:30,900 --> 00:05:31,200 Bye.