1
00:00:00,300 --> 00:00:07,970
OK, so another attack that you actually do when you conducting your test on a network is actually arms

2
00:00:08,030 --> 00:00:11,460
spoofing and you have to be on the same network as those, of course.

3
00:00:11,670 --> 00:00:14,340
So our stands for address and protocol.

4
00:00:14,550 --> 00:00:19,380
And that pretty much allows computers to associate, you know, Mac addresses with IP addresses on the

5
00:00:19,380 --> 00:00:19,860
network.

6
00:00:20,220 --> 00:00:25,740
So this is how computers on an Internet work typically know who each other are.

7
00:00:26,340 --> 00:00:32,780
And using our spoofing, you can actually impersonate another computer and potentially, you know,

8
00:00:32,790 --> 00:00:36,890
intercept information like credentials that would go somewhere else.

9
00:00:36,920 --> 00:00:40,780
So let's go ahead and check out a quick example of how we can do some movement.

10
00:00:41,100 --> 00:00:43,530
OK, guys, so I'm back of my politics machine.

11
00:00:43,590 --> 00:00:46,910
So what we're going to do is we're going to do an arm spoofing attack.

12
00:00:47,190 --> 00:00:52,570
So you're not sure AAP stands for adverse resolution protocol?

13
00:00:52,630 --> 00:00:57,120
This is pretty much how the networks map IP addresses to America.

14
00:00:57,440 --> 00:01:03,150
So how network the computers on a local network know who each other are?

15
00:01:04,290 --> 00:01:11,250
So what we're going to do is we're going to act like we're the router and intercept traffic that's going

16
00:01:11,250 --> 00:01:12,630
to our target device.

17
00:01:12,870 --> 00:01:15,510
So we can do this with an application called AACAP.

18
00:01:15,750 --> 00:01:19,610
So you can start better just by opening up a terminal.

19
00:01:20,280 --> 00:01:21,800
You have to avoid it as route.

20
00:01:21,810 --> 00:01:23,330
So you're going to want to do pseudo.

21
00:01:23,610 --> 00:01:26,190
So pseudo better cat.

22
00:01:26,670 --> 00:01:31,940
And then you want to do Dashi face and then we're going to do the interface.

23
00:01:31,950 --> 00:01:39,240
So I'm using my wireless network card attached to my Linux machine, whatever, how to install that

24
00:01:39,240 --> 00:01:39,720
before it.

25
00:01:39,930 --> 00:01:45,370
So just I phase in zero and they just hit enter and that is going to start up.

26
00:01:45,390 --> 00:01:52,000
So you're going to see right here, it shows us the subnet that we're on that it also shows our IP address.

27
00:01:52,020 --> 00:01:56,160
So this is my IP address on the network that I have locally here.

28
00:01:56,580 --> 00:02:03,900
So what we're going to do when you first get in here, you can just pretty much just taman help and

29
00:02:03,900 --> 00:02:09,240
it will show you all the different modules that are available to us.

30
00:02:10,200 --> 00:02:14,180
So what we're going to be using is the AAFP spoof module.

31
00:02:14,460 --> 00:02:18,210
So now you can look into these other ones that we're going to talk about, some of the other ones as

32
00:02:18,210 --> 00:02:18,540
well.

33
00:02:18,870 --> 00:02:21,710
But right now, we're just going to look at sort of our spoof module.

34
00:02:21,840 --> 00:02:28,380
So if you ever want to just know more about the module or what's inside of it, you just do help in

35
00:02:28,380 --> 00:02:29,850
the Narmada module name.

36
00:02:29,850 --> 00:02:36,000
So you can't just help our spoof and then it's just going to show you some different stuff.

37
00:02:36,210 --> 00:02:40,260
So this is how you turn on used to do a spoof on.

38
00:02:40,740 --> 00:02:46,140
And then if you want to, you know, turn it off, you just turn it off in the same type of manner and

39
00:02:46,140 --> 00:02:48,070
then sell you the parameters down here.

40
00:02:48,090 --> 00:02:49,860
So we're going to want to set these.

41
00:02:50,790 --> 00:02:55,250
So this one right here is our spoof, that full duplex.

42
00:02:55,530 --> 00:03:00,630
So this is going to do it means it's going to attack both the target and the gateway.

43
00:03:01,020 --> 00:03:04,410
In my experience, I've had more success having this.

44
00:03:04,410 --> 00:03:05,600
Just kept this false.

45
00:03:05,610 --> 00:03:06,270
That'd be fun.

46
00:03:06,720 --> 00:03:08,370
But you said that is true as well.

47
00:03:08,370 --> 00:03:14,530
But if your router does have some spoofing protection, it might cause issues and you also can mess

48
00:03:14,530 --> 00:03:15,360
with the network as well.

49
00:03:15,360 --> 00:03:16,210
So just be careful.

50
00:03:17,910 --> 00:03:23,670
And then also we're going to set the spoofed targets one, and that's just the target address.

51
00:03:23,690 --> 00:03:28,790
So for here is going to be my Windows time machine here.

52
00:03:29,070 --> 00:03:41,700
So just open up a command prompt IP config and for my local network, my IP address here to do this

53
00:03:41,730 --> 00:03:46,950
is one nine two one six eight one two two six.

54
00:03:47,580 --> 00:03:49,230
This is my address.

55
00:03:49,270 --> 00:03:50,150
So just remember that.

56
00:03:50,370 --> 00:03:51,870
So also just see you guys.

57
00:03:51,870 --> 00:03:57,660
See, we're going to do a Ardeche a command and this going to show pretty much all the mappings that

58
00:03:57,660 --> 00:04:02,820
my computer is aware of right now for this local network.

59
00:04:03,600 --> 00:04:11,130
So it sees the router right now for this interface on my Wi-Fi interface for my laptop, one or two,

60
00:04:11,130 --> 00:04:13,020
two one six eight, one down one.

61
00:04:13,020 --> 00:04:13,920
That is my router.

62
00:04:14,160 --> 00:04:17,720
And this is the Mac address that it has for right now.

63
00:04:18,060 --> 00:04:19,430
So just remember that.

64
00:04:19,680 --> 00:04:29,820
And then also what we're going to do is we're going to paying our colonics machine just so that it can

65
00:04:29,820 --> 00:04:32,030
actually put it into its ARP table.

66
00:04:32,250 --> 00:04:32,950
So let's see.

67
00:04:32,970 --> 00:04:34,300
So now it knows what it is.

68
00:04:34,320 --> 00:04:38,610
So now we're going to do Arpey again and we're going to scroll up to that interface.

69
00:04:38,790 --> 00:04:45,600
And now you see that 19 this is the Mac address for my colonics interface.

70
00:04:45,900 --> 00:04:54,660
So we can also confirm that over here if we just do pseudo RF config, super secret password.

71
00:04:56,700 --> 00:05:02,270
And then we've got to look at Thailand zero, so you see, this is the IP address that we see in Better

72
00:05:02,290 --> 00:05:08,550
Cap, and then you can see that this is the exact same Mac address as we pulled up there.

73
00:05:08,580 --> 00:05:14,070
So now what is the machine knows that this is us and it knows what the router is.

74
00:05:14,490 --> 00:05:19,070
So now what we're going to do is we're going to do go through and do our spoof stuff.

75
00:05:19,080 --> 00:05:27,420
So what we want to do right now is we can just go when you want to set the different parameters inside

76
00:05:27,420 --> 00:05:29,290
of module's, you should do set.

77
00:05:29,580 --> 00:05:31,650
So we're going to do our spoof.

78
00:05:33,470 --> 00:05:38,840
Targets, we're going to keep the full duplex as normal, we'll just keep it as false.

79
00:05:38,870 --> 00:05:40,160
That doesn't mean we do.

80
00:05:40,760 --> 00:05:49,330
In my experience, so we set our targets one or two, that one six eight down one to two to six.

81
00:05:49,850 --> 00:05:52,160
And that is for my Windows laptop.

82
00:05:53,000 --> 00:05:53,790
So bam.

83
00:05:54,080 --> 00:06:01,760
And then what we can do is actually turn on the net sniff module as well.

84
00:06:01,910 --> 00:06:04,730
So let us sniff.

85
00:06:05,150 --> 00:06:09,590
And this is apparently going to sniff traffic on the network and look out for different things.

86
00:06:09,590 --> 00:06:15,800
And we can also another one that we could turn on is not dog recon.

87
00:06:15,900 --> 00:06:19,460
And this is going to also look out for different things on network.

88
00:06:19,760 --> 00:06:21,170
So we just turn that on.

89
00:06:22,100 --> 00:06:27,740
And it's actually already running because we turn on an advanced module, and if you ever want to see,

90
00:06:27,740 --> 00:06:29,900
like what modules are running, you just type in help.

91
00:06:30,110 --> 00:06:32,920
So actually, we are and it doesn't have any record.

92
00:06:33,140 --> 00:06:35,260
And there's another one called Nektar Probe.

93
00:06:35,270 --> 00:06:36,790
It'll look around to see what's in that.

94
00:06:37,490 --> 00:06:38,750
So we need that probe.

95
00:06:40,070 --> 00:06:42,480
And put that on, so it's going to look around.

96
00:06:42,500 --> 00:06:49,580
CDC is detecting IP addresses and seeing what the Mac address is and then it'll put it in this nice

97
00:06:49,700 --> 00:06:50,440
little table.

98
00:06:50,450 --> 00:06:54,350
So let us show and show us a nice little table of everything.

99
00:06:55,190 --> 00:06:58,670
Has the different devices that are on my network right now and the Mac addresses.

100
00:06:58,790 --> 00:07:01,060
So back to the spoof.

101
00:07:01,370 --> 00:07:05,580
So we set that where we set our target.

102
00:07:05,810 --> 00:07:07,370
So now we can just turn it on.

103
00:07:07,370 --> 00:07:14,930
And so our got spoof and then on and now we're spoofing.

104
00:07:15,170 --> 00:07:21,580
So it should be pretty instantaneous because right now our machine is sending out a bunch of requests

105
00:07:22,340 --> 00:07:29,930
for a responsible budget request to our Windows laptop and is going to tell us, hey, you know, this

106
00:07:29,930 --> 00:07:31,790
is the address, this is the magnetosphere about it.

107
00:07:32,060 --> 00:07:36,830
So what we can do is actually go back to here and we could do another Ardeche A.

108
00:07:38,160 --> 00:07:39,540
And what we're going to see.

109
00:07:41,540 --> 00:07:43,640
Is that right now?

110
00:07:44,030 --> 00:07:48,720
So remember, the one time 19 was our colonics machine.

111
00:07:48,980 --> 00:07:51,500
So now what was before?

112
00:07:51,500 --> 00:07:57,600
The router is now showing the exact same Mac address for callisthenics machine.

113
00:07:57,620 --> 00:08:03,470
So now this Windows machine thinks that our Linux machine is the router.

114
00:08:03,470 --> 00:08:11,900
So that means that everything that everything gets sent from the Windows laptop is going to come through

115
00:08:13,040 --> 00:08:14,830
our Linux machine.

116
00:08:14,840 --> 00:08:20,780
So that means that we can literally control kind of like what happens with their network traffic in

117
00:08:20,780 --> 00:08:21,110
a way.

118
00:08:21,320 --> 00:08:25,010
So that is pretty much how you are spoofed.

119
00:08:25,220 --> 00:08:33,200
So the next thing that we're going to do is actually do a DNS spoof and be able to for the traffic to

120
00:08:33,200 --> 00:08:34,340
a site that we want.

121
00:08:34,350 --> 00:08:42,320
So we're going to take their requests and actually send it to a website that we create on our own that

122
00:08:42,320 --> 00:08:44,080
we're hosting on account of the next machine.

123
00:08:44,240 --> 00:08:47,780
And that's going to be based on what domain they try to go to.

124
00:08:47,960 --> 00:08:49,310
So let's go ahead and try that.

125
00:08:49,580 --> 00:08:50,960
OK, so we're back in America.

126
00:08:51,030 --> 00:08:54,610
So what we're going to do is a DNS spoof, like I said before.

127
00:08:54,890 --> 00:08:56,630
So enable to do this.

128
00:08:57,770 --> 00:09:05,990
First of all, we need to make sure that we have Apache running and that we have some files on our account

129
00:09:05,990 --> 00:09:06,730
of the next machine.

130
00:09:06,920 --> 00:09:09,630
So before we do anything, just clear my screen here.

131
00:09:09,980 --> 00:09:12,260
So there's a service called Apache.

132
00:09:12,260 --> 00:09:18,410
Apache allows you to run websites and it's installed by default on your colonics machine.

133
00:09:18,410 --> 00:09:26,210
And all you have to do is add in pseudo servers, Apache to and then start and then it'll start at the

134
00:09:26,210 --> 00:09:27,010
Apache service.

135
00:09:27,020 --> 00:09:31,590
So now you have Linux turning to Web server.

136
00:09:31,610 --> 00:09:35,750
So if we were to go to a Web browser and really quickly just inside of Linux.

137
00:09:36,990 --> 00:09:44,160
We can just type in localhost in the address bar, just give me a second, then load up so we can just

138
00:09:44,160 --> 00:09:52,160
type in like localhost in the address bar localhost, and it should pull up this page right here.

139
00:09:52,170 --> 00:09:54,680
So I have a I have a website I kind of made.

140
00:09:54,700 --> 00:09:56,130
I'm going to give you guys the files.

141
00:09:56,130 --> 00:10:00,140
But this is well, it's like a simple login screen, just like I like a proof of concept.

142
00:10:00,390 --> 00:10:10,290
So the file that gets loaded when you load, localhost or load your holiday Linux's IP address over

143
00:10:10,590 --> 00:10:26,780
80 when Apache's running is located and Vaslav WDW a.m. but to me there a and this stuff is in here.

144
00:10:26,790 --> 00:10:29,250
So I'm going to give you guys first.

145
00:10:29,250 --> 00:10:36,930
We're going to look at this index e-mail that's was loaded up here right now in Mozilla, Firefox.

146
00:10:37,440 --> 00:10:39,570
So this is just a simple login form.

147
00:10:39,900 --> 00:10:44,190
And what is going to to do is go ahead and look at that actually.

148
00:10:44,190 --> 00:10:50,410
So V for w e html indexed e-mail.

149
00:10:51,810 --> 00:10:54,650
So this is the e-mail code is pretty basic.

150
00:10:55,230 --> 00:11:03,480
So the code that you see right here is for the form and what happens like right here was this form action.

151
00:11:03,750 --> 00:11:11,610
So it pretty much takes the information func login form it loads of this action page type form and then

152
00:11:11,610 --> 00:11:13,540
it's going to do the actions inside of that.

153
00:11:13,770 --> 00:11:24,930
So what we're going to do right now is we're going to force our target machine to visit this page instead

154
00:11:24,930 --> 00:11:26,250
of what they were expecting.

155
00:11:26,430 --> 00:11:28,950
And we're going to do that via DNS spoofing.

156
00:11:29,070 --> 00:11:34,710
So what you're going to need to do is take the take the files that are located in the resources and

157
00:11:34,710 --> 00:11:36,380
paste it into this directory.

158
00:11:36,540 --> 00:11:43,230
You're going to paste into this directory right here or you're going to paste it into the VA demidov

159
00:11:43,230 --> 00:11:47,640
w e-mail directory and then you should be good to go.

160
00:11:48,030 --> 00:11:53,250
So what we can do is go back to better time now that we have that set up.

161
00:11:53,460 --> 00:11:58,800
When she pays that stuff in there, you can start Apache and you'll be good to go.

162
00:11:59,370 --> 00:12:02,320
So what we can do now is the DNS spoof.

163
00:12:02,340 --> 00:12:08,520
So once again, if you ever need to know something about a module, just type and help the DNS spoof

164
00:12:08,880 --> 00:12:13,390
and it's going to give you stuff about it, like the different parameters that you can set.

165
00:12:13,740 --> 00:12:17,130
So all we're going to set is DNS to spoof.

166
00:12:18,910 --> 00:12:20,720
All and they said that the truth.

167
00:12:21,160 --> 00:12:26,090
So this one to just say is going to apply to first of all, of course, they come through.

168
00:12:26,860 --> 00:12:28,150
So that's what we want to do.

169
00:12:28,900 --> 00:12:32,310
So we need to put sense, make sure you said before those.

170
00:12:32,560 --> 00:12:38,380
So the next one we're going to do is set Dennis the spoof Dr Means.

171
00:12:40,440 --> 00:12:43,750
And then let's say we want to do my website.

172
00:12:43,770 --> 00:12:46,260
Anthony Timber's dot com.

173
00:12:47,170 --> 00:12:53,950
Maybe that's the way we want to do, or maybe if they tried to go to Facebook dot com, you know, we

174
00:12:53,950 --> 00:12:55,550
could separate them by commas.

175
00:12:55,780 --> 00:12:57,620
So now you do that.

176
00:12:57,640 --> 00:12:59,050
So now those are set.

177
00:12:59,320 --> 00:13:01,450
All we have to do now is just turn it on.

178
00:13:01,510 --> 00:13:07,570
So DNA is the spoof and then put on it enter and now it's on.

179
00:13:07,610 --> 00:13:10,730
So now you can see right here the DNA spoof is on.

180
00:13:10,750 --> 00:13:16,990
So any time they type in, Anthony Summers dot com is going to go is going to direct them right back

181
00:13:16,990 --> 00:13:26,530
to our callisthenics machine and it's going to load the index, the e-mail file as long as Apache is

182
00:13:26,530 --> 00:13:26,860
running.

183
00:13:26,980 --> 00:13:32,710
And the same thing for Facebook dot com is going to load over to our colorist, which is going to load

184
00:13:32,710 --> 00:13:34,300
up this file.

185
00:13:35,830 --> 00:13:43,540
So let's go over to our Windows machine and actually see what happens when they try to do that.

186
00:13:43,550 --> 00:13:50,320
So one day you might notice that you may or may not have to clear the browser cache.

187
00:13:50,320 --> 00:13:54,400
And I'll see you, by the way, in a few minutes just for everything to replicate on the network and

188
00:13:54,400 --> 00:13:55,400
for it to actually work.

189
00:13:55,840 --> 00:13:57,700
So let's actually see what happens.

190
00:13:58,300 --> 00:14:01,420
So right now, let's try to type in HTP.

191
00:14:02,170 --> 00:14:03,840
We'll go through without any steps.

192
00:14:04,570 --> 00:14:09,540
HGP Anthony Sevres Dotcom fun fact.

193
00:14:09,550 --> 00:14:12,710
You don't have to figure it out recently, so let's do that.

194
00:14:13,030 --> 00:14:15,010
So right now it is not working.

195
00:14:15,020 --> 00:14:18,370
So let's give it like a minute or two and then we're going to come back and try it out.

196
00:14:18,750 --> 00:14:23,440
OK, so actually like 10 seconds later I just tried it again and now it worked.

197
00:14:24,160 --> 00:14:27,510
So a load of this page, it says, give me a password.

198
00:14:27,730 --> 00:14:32,680
So let's say like I was if I was going to add that in service dot com and I knew that it was a login

199
00:14:32,680 --> 00:14:33,820
page that looked like this.

200
00:14:34,120 --> 00:14:37,110
So I would really just, you know, log in as usual.

201
00:14:37,140 --> 00:14:43,100
If it looks like I thought it was a timber's and a super secret password, you can never guess.

202
00:14:43,420 --> 00:14:47,740
So then what we're going to do is we're going to click log in.

203
00:14:48,780 --> 00:14:50,220
And then we're going to see what happens.

204
00:14:50,250 --> 00:14:58,570
So remember, like I told you on the back end, it is going to run the action on the page that file,

205
00:14:58,950 --> 00:15:01,560
and this is what that page actually does.

206
00:15:01,980 --> 00:15:06,180
So I made yesterday output this when you do it.

207
00:15:06,190 --> 00:15:09,780
So says I now know your username is a timber's.

208
00:15:09,780 --> 00:15:10,560
And are you serious?

209
00:15:10,590 --> 00:15:12,330
The password is password.

210
00:15:12,330 --> 00:15:13,490
One exclamation point.

211
00:15:13,500 --> 00:15:14,250
Don't worry.

212
00:15:14,430 --> 00:15:21,580
I've written into a file called President and the Virus Folder for safekeeping.

213
00:15:21,640 --> 00:15:23,030
Thanks hashtag.

214
00:15:23,040 --> 00:15:23,940
You've been hacked.

215
00:15:24,210 --> 00:15:28,680
Imagine if you saw this when you're browsing on the web and we can actually confirm it.

216
00:15:28,690 --> 00:15:30,990
I'm going to show you guys the file as well.

217
00:15:31,180 --> 00:15:33,360
So let's go over to our colleagues and check that out.

218
00:15:33,480 --> 00:15:40,040
OK, so let's actually change directory over to there just to make it easier for us to know.

219
00:15:40,740 --> 00:15:46,870
So now if we do an less this directory, so you see that there's a text file.

220
00:15:46,890 --> 00:15:57,060
So if you had a cat that might need to do Suto because this directory pseudo cat friends dot text and

221
00:15:57,060 --> 00:16:01,440
Bam has a username in there and has the password that we saw in the browser.

222
00:16:01,470 --> 00:16:04,330
So now we know that it actually works.

223
00:16:04,530 --> 00:16:08,810
So using this thing in your mind, the different types of things you can do.

224
00:16:09,090 --> 00:16:13,110
I'm going to show you also like kind of a practical example, and I'm going to give you a research file

225
00:16:13,110 --> 00:16:13,800
for it as well.

226
00:16:14,160 --> 00:16:19,530
A first is actually go look at this, because it's very helpful for you guys to understand a little

227
00:16:19,530 --> 00:16:23,260
bit Sustiva and then check out the action page I can follow.

228
00:16:23,610 --> 00:16:27,560
So just to walk you through this, just see see, I showed you what happened.

229
00:16:27,570 --> 00:16:30,360
So let's the back end exactly how this is working.

230
00:16:30,390 --> 00:16:40,740
So first of all, scripts typically start with this right here, the open bracket and then sideways,

231
00:16:41,070 --> 00:16:44,580
what they want to call lessness, San Diego, questionmark.

232
00:16:45,240 --> 00:16:48,400
And then it ends with a question mark and the grated inside.

233
00:16:48,540 --> 00:16:50,550
So that's how PSP works.

234
00:16:51,390 --> 00:16:57,510
So the first thing I did, I set a variable called login creds equal to a function called F Open, and

235
00:16:57,510 --> 00:16:59,010
that's just going to create the file.

236
00:16:59,230 --> 00:17:02,640
And I put a directory right here and then you separate about column.

237
00:17:02,710 --> 00:17:04,140
I put W right here.

238
00:17:04,150 --> 00:17:05,060
This means right.

239
00:17:05,070 --> 00:17:06,510
This means right to the file.

240
00:17:07,140 --> 00:17:12,570
Note that if you do this it will overwrite the file every single time and delete the contents of the

241
00:17:12,570 --> 00:17:13,530
file was already there.

242
00:17:13,540 --> 00:17:18,030
So if you do this multiple times you're going to see that the file is going to be deleted and then it's

243
00:17:18,030 --> 00:17:18,940
going to recreate it.

244
00:17:19,620 --> 00:17:24,670
Whatever you know is is written in this instance up and running.

245
00:17:24,960 --> 00:17:27,270
So right here I just have a quick conditional.

246
00:17:27,810 --> 00:17:32,370
If it can't create the file opening for whatever reason is just going to spit out an error.

247
00:17:32,370 --> 00:17:34,710
This is unable to open a file in the browser.

248
00:17:34,710 --> 00:17:35,050
So.

249
00:17:35,220 --> 00:17:42,740
So as you saw before on the C I just saw before, it says all this stuff here, Nonno username Bubu

250
00:17:43,290 --> 00:17:47,040
so we could do that with echo commands are very similar to Linux.

251
00:17:47,190 --> 00:17:53,820
So just echo and make sure also with all IP and with a semicolon on each line of code.

252
00:17:53,850 --> 00:18:02,250
So we just echo that we put a space and then when you're catching post parameters, which is so when

253
00:18:02,250 --> 00:18:08,010
you make a login request, like with this form, it was making a post request and that's how it was

254
00:18:08,010 --> 00:18:10,730
sending the e-mail to this file.

255
00:18:11,190 --> 00:18:17,200
So the name of that post request was you name, so we can actually check it out.

256
00:18:17,460 --> 00:18:20,440
So let's go it up.

257
00:18:21,440 --> 00:18:38,570
So to do so is the search for such WTW, such a low price index, the Gmail password, so so as you

258
00:18:38,570 --> 00:18:45,130
can see, like before I told you right here that the form, you know, sends everything to action page

259
00:18:45,530 --> 00:18:47,150
up in the Methodist post.

260
00:18:47,160 --> 00:18:54,890
So sending a post request and what is how it knows what parameters, what is right here where it says

261
00:18:54,890 --> 00:18:56,900
name, you can send it to whatever you want.

262
00:18:56,910 --> 00:19:01,580
I have it as you name for the username and then p e w for the password.

263
00:19:01,610 --> 00:19:02,840
So let's go back over here.

264
00:19:03,800 --> 00:19:12,140
So I echoed the value that was submitted under the name of you name and that was username.

265
00:19:12,380 --> 00:19:19,540
And then, you know, I got another line and your super secret password I put this is also like a Tommo

266
00:19:19,550 --> 00:19:20,300
that is outputting.

267
00:19:20,300 --> 00:19:22,190
So I just use the line break right here.

268
00:19:22,340 --> 00:19:30,290
The B-R with the two greater than less than signs around it as I start a new line in HTML and then also

269
00:19:30,290 --> 00:19:35,780
echoed the password as W and then I this other stuff right here, just because that would be neat.

270
00:19:36,560 --> 00:19:44,750
And to put it into the file, what I did was I say the username, so same exact thing, save the post

271
00:19:45,470 --> 00:19:51,350
vye that was passed in as a verb will save the password when as a variable and then you use F right.

272
00:19:51,950 --> 00:19:59,320
And then what you can do is put the default, the variable that we set earlier that actually, you know,

273
00:19:59,390 --> 00:20:00,420
created the file.

274
00:20:00,620 --> 00:20:07,700
So this is going to go into that file and write this right here and then have different lines just to

275
00:20:07,700 --> 00:20:09,840
separate it out and make it look nice and everything.

276
00:20:10,400 --> 00:20:11,360
So f right.

277
00:20:11,660 --> 00:20:12,800
Same exact thing.

278
00:20:12,980 --> 00:20:18,470
You put that variable right here that has the file in it and then we put the variable before.

279
00:20:19,070 --> 00:20:25,760
I also could have just put the username one right there, but I went through and actually just put post

280
00:20:26,060 --> 00:20:28,810
in there so you don't have to do this part is kind of optional.

281
00:20:28,820 --> 00:20:32,630
Just I guess if you wanted to make a little cleaner a little bit easier, you get it that way.

282
00:20:32,630 --> 00:20:33,680
That's why I cut that in there.

283
00:20:34,340 --> 00:20:37,880
So as you can see, that's how the code works.

284
00:20:38,150 --> 00:20:42,860
You can modify this and make it do a lot of different things on PSP isn't too complicated.

285
00:20:42,860 --> 00:20:43,880
Is that the pretty's language?

286
00:20:44,330 --> 00:20:47,210
But it is very powerful and is used extensively on the Internet.

287
00:20:47,390 --> 00:20:50,360
So it's very helpful to understand how that works.

288
00:20:50,810 --> 00:20:53,960
OK, so now we know how to launch attacks and breaking the computers.

289
00:20:53,960 --> 00:20:55,340
So what's next?

290
00:20:55,610 --> 00:21:02,720
So since we know how to actually get in there and compromise now we're now we're going to be going over

291
00:21:02,720 --> 00:21:05,390
what you do after you successfully completed.

292
00:21:05,400 --> 00:21:08,450
And inside is a wide variety of things that you can do.

293
00:21:09,090 --> 00:21:15,530
You familiar with some of the stuff that you should probably be taking when you actually get into a

294
00:21:15,530 --> 00:21:19,400
system because you might need to gain administrative access.

295
00:21:19,400 --> 00:21:22,270
You might want to look for some files, a lot of different things.

296
00:21:22,490 --> 00:21:26,810
So I appreciate you listening this far and I'll see you guys in the next section.