1
00:00:12,310 --> 00:00:17,800
Hey, guys, welcome back to another episode on How to Hack, so we'll be learning about Web application

2
00:00:17,800 --> 00:00:20,920
penetration testing series with Web Gote.

3
00:00:21,130 --> 00:00:24,550
So SWEPCO is a vulnerable Web application system.

4
00:00:24,870 --> 00:00:25,160
All right.

5
00:00:25,210 --> 00:00:32,470
That we can install into a Linux box and or a Windows computer as well, because it allows us to do

6
00:00:32,470 --> 00:00:38,830
different kind of penetration testing via open web application security project.

7
00:00:38,950 --> 00:00:44,140
Okay, so over here, I get good running and I have on GitHub, so we'll go through the installation

8
00:00:44,140 --> 00:00:44,830
instructions.

9
00:00:45,430 --> 00:00:48,610
So over here I'll paste a link as well onto the comment section.

10
00:00:49,000 --> 00:00:53,740
And we have, of course, a deliberately insecure Web application that we can learn from.

11
00:00:53,790 --> 00:00:56,890
And I'll be starting a series on days to learn more about Web code.

12
00:00:57,880 --> 00:00:59,380
So over here we can run it.

13
00:00:59,410 --> 00:01:04,480
Of course, in terms of the installation instructions, we can run with Docker, we can also run with

14
00:01:04,480 --> 00:01:06,970
stand standalone in which will be doing so in the moment.

15
00:01:07,240 --> 00:01:09,730
And we can also run from these sources itself.

16
00:01:10,170 --> 00:01:15,850
OK, so all these installation instructions for our site, we will be doing so on the Web, Gote and

17
00:01:15,850 --> 00:01:17,950
Web Wolf release so you can go in.

18
00:01:17,950 --> 00:01:18,190
Right.

19
00:01:18,190 --> 00:01:20,850
Click on this and open link in a new tab.

20
00:01:21,490 --> 00:01:26,080
So once you're in a tab over here, as you can see all the different information, you can just go ahead

21
00:01:26,230 --> 00:01:27,130
and download it.

22
00:01:27,140 --> 00:01:33,970
So go in and click on, say, Web, go dash server dash eight, dot 1.0, click on it.

23
00:01:34,580 --> 00:01:34,960
All right.

24
00:01:34,960 --> 00:01:36,270
And you can save default.

25
00:01:36,280 --> 00:01:39,190
So go in save to fall to any directories that you want.

26
00:01:39,190 --> 00:01:41,200
In no case would be automatically saving it.

27
00:01:41,200 --> 00:01:44,270
And Dudi Download Sackman oriented download folder.

28
00:01:44,320 --> 00:01:49,310
So once we download it into the download folder, you can go ahead and open up the download folder.

29
00:01:49,660 --> 00:01:49,950
All right.

30
00:01:49,960 --> 00:01:51,840
So once we are in the download folder.

31
00:01:51,880 --> 00:01:56,070
All right, I've already downloaded before, so it's eighty three point nine megabyte.

32
00:01:56,590 --> 00:01:58,120
So we have to file running.

33
00:01:58,480 --> 00:02:02,200
OK, so all you got to do is open up a terminal.

34
00:02:02,200 --> 00:02:04,470
OK, I'll also paste his instruction over here.

35
00:02:04,750 --> 00:02:04,970
All right.

36
00:02:04,990 --> 00:02:07,090
Let me zoom in a little more so it's easier for you to see.

37
00:02:09,880 --> 00:02:15,730
All right, all you got to do is to enter the following instructions over here, Javor All right, Desh

38
00:02:15,730 --> 00:02:24,880
J.R. Web Godus Server Dash eight, DOT 1.0, J.R. Space Debris Dash Server Port Equal eight zero eight

39
00:02:24,910 --> 00:02:26,610
zero, followed by space debris.

40
00:02:26,620 --> 00:02:29,950
Dash server don't address equal localhost.

41
00:02:30,430 --> 00:02:33,400
So once you do so you will have it running.

42
00:02:33,730 --> 00:02:39,700
So you have to Springwood, as you can see from here, and we have all these web server running.

43
00:02:39,700 --> 00:02:46,750
So all you got to do is go back to your Web browser and you can go under this fulling URL so we can

44
00:02:46,750 --> 00:02:57,550
actually enter the following one two seven zero zero one, followed by AT&T Web Gote, followed by Start

45
00:02:57,550 --> 00:02:58,900
MVC lesson.

46
00:02:58,900 --> 00:03:00,730
All right, Web go introduction lesson.

47
00:03:00,730 --> 00:03:06,280
OK, so if you click on here on this section, OK, so deliberately and application I will be going

48
00:03:06,280 --> 00:03:07,060
through on the left side.

49
00:03:07,060 --> 00:03:09,130
As you can see, we have the introduction.

50
00:03:09,430 --> 00:03:15,760
We have general, we have injection broken authentication sensitive data exposure, XML external entities,

51
00:03:15,760 --> 00:03:22,240
broken access control, cross site scripting in security serialisation, vulnerable components, request

52
00:03:22,270 --> 00:03:25,210
forgeries, client site and different challenges.

53
00:03:25,420 --> 00:03:30,730
So we'll be going through all of the lessons here as part of a Web application penetration testing.

54
00:03:31,100 --> 00:03:31,510
All right.

55
00:03:31,510 --> 00:03:35,680
So once again, I hope you have learned something valuable in today's tutorial while we kick start on

56
00:03:35,680 --> 00:03:37,810
your Web application penetration testing.

57
00:03:37,960 --> 00:03:38,320
All right.

58
00:03:38,500 --> 00:03:42,310
So if you like, would have just watch them to, like, sharin subscribe to the channel so that you

59
00:03:42,310 --> 00:03:44,590
can be kept abreast of the latest cybersecurity.

60
00:03:44,590 --> 00:03:44,850
Gitari.

61
00:03:44,950 --> 00:03:46,360
Thank you so much once again for watching.