1 00:00:00,300 --> 00:00:07,970 OK, so another attack that you actually do when you conducting your test on a network is actually arms 2 00:00:08,030 --> 00:00:11,460 spoofing and you have to be on the same network as those, of course. 3 00:00:11,670 --> 00:00:14,340 So our stands for address and protocol. 4 00:00:14,550 --> 00:00:19,380 And that pretty much allows computers to associate, you know, Mac addresses with IP addresses on the 5 00:00:19,380 --> 00:00:19,860 network. 6 00:00:20,220 --> 00:00:25,740 So this is how computers on an Internet work typically know who each other are. 7 00:00:26,340 --> 00:00:32,780 And using our spoofing, you can actually impersonate another computer and potentially, you know, 8 00:00:32,790 --> 00:00:36,890 intercept information like credentials that would go somewhere else. 9 00:00:36,920 --> 00:00:40,780 So let's go ahead and check out a quick example of how we can do some movement. 10 00:00:41,100 --> 00:00:43,530 OK, guys, so I'm back of my politics machine. 11 00:00:43,590 --> 00:00:46,910 So what we're going to do is we're going to do an arm spoofing attack. 12 00:00:47,190 --> 00:00:52,570 So you're not sure AAP stands for adverse resolution protocol? 13 00:00:52,630 --> 00:00:57,120 This is pretty much how the networks map IP addresses to America. 14 00:00:57,440 --> 00:01:03,150 So how network the computers on a local network know who each other are? 15 00:01:04,290 --> 00:01:11,250 So what we're going to do is we're going to act like we're the router and intercept traffic that's going 16 00:01:11,250 --> 00:01:12,630 to our target device. 17 00:01:12,870 --> 00:01:15,510 So we can do this with an application called AACAP. 18 00:01:15,750 --> 00:01:19,610 So you can start better just by opening up a terminal. 19 00:01:20,280 --> 00:01:21,800 You have to avoid it as route. 20 00:01:21,810 --> 00:01:23,330 So you're going to want to do pseudo. 21 00:01:23,610 --> 00:01:26,190 So pseudo better cat. 22 00:01:26,670 --> 00:01:31,940 And then you want to do Dashi face and then we're going to do the interface. 23 00:01:31,950 --> 00:01:39,240 So I'm using my wireless network card attached to my Linux machine, whatever, how to install that 24 00:01:39,240 --> 00:01:39,720 before it. 25 00:01:39,930 --> 00:01:45,370 So just I phase in zero and they just hit enter and that is going to start up. 26 00:01:45,390 --> 00:01:52,000 So you're going to see right here, it shows us the subnet that we're on that it also shows our IP address. 27 00:01:52,020 --> 00:01:56,160 So this is my IP address on the network that I have locally here. 28 00:01:56,580 --> 00:02:03,900 So what we're going to do when you first get in here, you can just pretty much just taman help and 29 00:02:03,900 --> 00:02:09,240 it will show you all the different modules that are available to us. 30 00:02:10,200 --> 00:02:14,180 So what we're going to be using is the AAFP spoof module. 31 00:02:14,460 --> 00:02:18,210 So now you can look into these other ones that we're going to talk about, some of the other ones as 32 00:02:18,210 --> 00:02:18,540 well. 33 00:02:18,870 --> 00:02:21,710 But right now, we're just going to look at sort of our spoof module. 34 00:02:21,840 --> 00:02:28,380 So if you ever want to just know more about the module or what's inside of it, you just do help in 35 00:02:28,380 --> 00:02:29,850 the Narmada module name. 36 00:02:29,850 --> 00:02:36,000 So you can't just help our spoof and then it's just going to show you some different stuff. 37 00:02:36,210 --> 00:02:40,260 So this is how you turn on used to do a spoof on. 38 00:02:40,740 --> 00:02:46,140 And then if you want to, you know, turn it off, you just turn it off in the same type of manner and 39 00:02:46,140 --> 00:02:48,070 then sell you the parameters down here. 40 00:02:48,090 --> 00:02:49,860 So we're going to want to set these. 41 00:02:50,790 --> 00:02:55,250 So this one right here is our spoof, that full duplex. 42 00:02:55,530 --> 00:03:00,630 So this is going to do it means it's going to attack both the target and the gateway. 43 00:03:01,020 --> 00:03:04,410 In my experience, I've had more success having this. 44 00:03:04,410 --> 00:03:05,600 Just kept this false. 45 00:03:05,610 --> 00:03:06,270 That'd be fun. 46 00:03:06,720 --> 00:03:08,370 But you said that is true as well. 47 00:03:08,370 --> 00:03:14,530 But if your router does have some spoofing protection, it might cause issues and you also can mess 48 00:03:14,530 --> 00:03:15,360 with the network as well. 49 00:03:15,360 --> 00:03:16,210 So just be careful. 50 00:03:17,910 --> 00:03:23,670 And then also we're going to set the spoofed targets one, and that's just the target address. 51 00:03:23,690 --> 00:03:28,790 So for here is going to be my Windows time machine here. 52 00:03:29,070 --> 00:03:41,700 So just open up a command prompt IP config and for my local network, my IP address here to do this 53 00:03:41,730 --> 00:03:46,950 is one nine two one six eight one two two six. 54 00:03:47,580 --> 00:03:49,230 This is my address. 55 00:03:49,270 --> 00:03:50,150 So just remember that. 56 00:03:50,370 --> 00:03:51,870 So also just see you guys. 57 00:03:51,870 --> 00:03:57,660 See, we're going to do a Ardeche a command and this going to show pretty much all the mappings that 58 00:03:57,660 --> 00:04:02,820 my computer is aware of right now for this local network. 59 00:04:03,600 --> 00:04:11,130 So it sees the router right now for this interface on my Wi-Fi interface for my laptop, one or two, 60 00:04:11,130 --> 00:04:13,020 two one six eight, one down one. 61 00:04:13,020 --> 00:04:13,920 That is my router. 62 00:04:14,160 --> 00:04:17,720 And this is the Mac address that it has for right now. 63 00:04:18,060 --> 00:04:19,430 So just remember that. 64 00:04:19,680 --> 00:04:29,820 And then also what we're going to do is we're going to paying our colonics machine just so that it can 65 00:04:29,820 --> 00:04:32,030 actually put it into its ARP table. 66 00:04:32,250 --> 00:04:32,950 So let's see. 67 00:04:32,970 --> 00:04:34,300 So now it knows what it is. 68 00:04:34,320 --> 00:04:38,610 So now we're going to do Arpey again and we're going to scroll up to that interface. 69 00:04:38,790 --> 00:04:45,600 And now you see that 19 this is the Mac address for my colonics interface. 70 00:04:45,900 --> 00:04:54,660 So we can also confirm that over here if we just do pseudo RF config, super secret password. 71 00:04:56,700 --> 00:05:02,270 And then we've got to look at Thailand zero, so you see, this is the IP address that we see in Better 72 00:05:02,290 --> 00:05:08,550 Cap, and then you can see that this is the exact same Mac address as we pulled up there. 73 00:05:08,580 --> 00:05:14,070 So now what is the machine knows that this is us and it knows what the router is. 74 00:05:14,490 --> 00:05:19,070 So now what we're going to do is we're going to do go through and do our spoof stuff. 75 00:05:19,080 --> 00:05:27,420 So what we want to do right now is we can just go when you want to set the different parameters inside 76 00:05:27,420 --> 00:05:29,290 of module's, you should do set. 77 00:05:29,580 --> 00:05:31,650 So we're going to do our spoof. 78 00:05:33,470 --> 00:05:38,840 Targets, we're going to keep the full duplex as normal, we'll just keep it as false. 79 00:05:38,870 --> 00:05:40,160 That doesn't mean we do. 80 00:05:40,760 --> 00:05:49,330 In my experience, so we set our targets one or two, that one six eight down one to two to six. 81 00:05:49,850 --> 00:05:52,160 And that is for my Windows laptop. 82 00:05:53,000 --> 00:05:53,790 So bam. 83 00:05:54,080 --> 00:06:01,760 And then what we can do is actually turn on the net sniff module as well. 84 00:06:01,910 --> 00:06:04,730 So let us sniff. 85 00:06:05,150 --> 00:06:09,590 And this is apparently going to sniff traffic on the network and look out for different things. 86 00:06:09,590 --> 00:06:15,800 And we can also another one that we could turn on is not dog recon. 87 00:06:15,900 --> 00:06:19,460 And this is going to also look out for different things on network. 88 00:06:19,760 --> 00:06:21,170 So we just turn that on. 89 00:06:22,100 --> 00:06:27,740 And it's actually already running because we turn on an advanced module, and if you ever want to see, 90 00:06:27,740 --> 00:06:29,900 like what modules are running, you just type in help. 91 00:06:30,110 --> 00:06:32,920 So actually, we are and it doesn't have any record. 92 00:06:33,140 --> 00:06:35,260 And there's another one called Nektar Probe. 93 00:06:35,270 --> 00:06:36,790 It'll look around to see what's in that. 94 00:06:37,490 --> 00:06:38,750 So we need that probe. 95 00:06:40,070 --> 00:06:42,480 And put that on, so it's going to look around. 96 00:06:42,500 --> 00:06:49,580 CDC is detecting IP addresses and seeing what the Mac address is and then it'll put it in this nice 97 00:06:49,700 --> 00:06:50,440 little table. 98 00:06:50,450 --> 00:06:54,350 So let us show and show us a nice little table of everything. 99 00:06:55,190 --> 00:06:58,670 Has the different devices that are on my network right now and the Mac addresses. 100 00:06:58,790 --> 00:07:01,060 So back to the spoof. 101 00:07:01,370 --> 00:07:05,580 So we set that where we set our target. 102 00:07:05,810 --> 00:07:07,370 So now we can just turn it on. 103 00:07:07,370 --> 00:07:14,930 And so our got spoof and then on and now we're spoofing. 104 00:07:15,170 --> 00:07:21,580 So it should be pretty instantaneous because right now our machine is sending out a bunch of requests 105 00:07:22,340 --> 00:07:29,930 for a responsible budget request to our Windows laptop and is going to tell us, hey, you know, this 106 00:07:29,930 --> 00:07:31,790 is the address, this is the magnetosphere about it. 107 00:07:32,060 --> 00:07:36,830 So what we can do is actually go back to here and we could do another Ardeche A. 108 00:07:38,160 --> 00:07:39,540 And what we're going to see. 109 00:07:41,540 --> 00:07:43,640 Is that right now? 110 00:07:44,030 --> 00:07:48,720 So remember, the one time 19 was our colonics machine. 111 00:07:48,980 --> 00:07:51,500 So now what was before? 112 00:07:51,500 --> 00:07:57,600 The router is now showing the exact same Mac address for callisthenics machine. 113 00:07:57,620 --> 00:08:03,470 So now this Windows machine thinks that our Linux machine is the router. 114 00:08:03,470 --> 00:08:11,900 So that means that everything that everything gets sent from the Windows laptop is going to come through 115 00:08:13,040 --> 00:08:14,830 our Linux machine. 116 00:08:14,840 --> 00:08:20,780 So that means that we can literally control kind of like what happens with their network traffic in 117 00:08:20,780 --> 00:08:21,110 a way. 118 00:08:21,320 --> 00:08:25,010 So that is pretty much how you are spoofed. 119 00:08:25,220 --> 00:08:33,200 So the next thing that we're going to do is actually do a DNS spoof and be able to for the traffic to 120 00:08:33,200 --> 00:08:34,340 a site that we want. 121 00:08:34,350 --> 00:08:42,320 So we're going to take their requests and actually send it to a website that we create on our own that 122 00:08:42,320 --> 00:08:44,080 we're hosting on account of the next machine. 123 00:08:44,240 --> 00:08:47,780 And that's going to be based on what domain they try to go to. 124 00:08:47,960 --> 00:08:49,310 So let's go ahead and try that. 125 00:08:49,580 --> 00:08:50,960 OK, so we're back in America. 126 00:08:51,030 --> 00:08:54,610 So what we're going to do is a DNS spoof, like I said before. 127 00:08:54,890 --> 00:08:56,630 So enable to do this. 128 00:08:57,770 --> 00:09:05,990 First of all, we need to make sure that we have Apache running and that we have some files on our account 129 00:09:05,990 --> 00:09:06,730 of the next machine. 130 00:09:06,920 --> 00:09:09,630 So before we do anything, just clear my screen here. 131 00:09:09,980 --> 00:09:12,260 So there's a service called Apache. 132 00:09:12,260 --> 00:09:18,410 Apache allows you to run websites and it's installed by default on your colonics machine. 133 00:09:18,410 --> 00:09:26,210 And all you have to do is add in pseudo servers, Apache to and then start and then it'll start at the 134 00:09:26,210 --> 00:09:27,010 Apache service. 135 00:09:27,020 --> 00:09:31,590 So now you have Linux turning to Web server. 136 00:09:31,610 --> 00:09:35,750 So if we were to go to a Web browser and really quickly just inside of Linux. 137 00:09:36,990 --> 00:09:44,160 We can just type in localhost in the address bar, just give me a second, then load up so we can just 138 00:09:44,160 --> 00:09:52,160 type in like localhost in the address bar localhost, and it should pull up this page right here. 139 00:09:52,170 --> 00:09:54,680 So I have a I have a website I kind of made. 140 00:09:54,700 --> 00:09:56,130 I'm going to give you guys the files. 141 00:09:56,130 --> 00:10:00,140 But this is well, it's like a simple login screen, just like I like a proof of concept. 142 00:10:00,390 --> 00:10:10,290 So the file that gets loaded when you load, localhost or load your holiday Linux's IP address over 143 00:10:10,590 --> 00:10:26,780 80 when Apache's running is located and Vaslav WDW a.m. but to me there a and this stuff is in here. 144 00:10:26,790 --> 00:10:29,250 So I'm going to give you guys first. 145 00:10:29,250 --> 00:10:36,930 We're going to look at this index e-mail that's was loaded up here right now in Mozilla, Firefox. 146 00:10:37,440 --> 00:10:39,570 So this is just a simple login form. 147 00:10:39,900 --> 00:10:44,190 And what is going to to do is go ahead and look at that actually. 148 00:10:44,190 --> 00:10:50,410 So V for w e html indexed e-mail. 149 00:10:51,810 --> 00:10:54,650 So this is the e-mail code is pretty basic. 150 00:10:55,230 --> 00:11:03,480 So the code that you see right here is for the form and what happens like right here was this form action. 151 00:11:03,750 --> 00:11:11,610 So it pretty much takes the information func login form it loads of this action page type form and then 152 00:11:11,610 --> 00:11:13,540 it's going to do the actions inside of that. 153 00:11:13,770 --> 00:11:24,930 So what we're going to do right now is we're going to force our target machine to visit this page instead 154 00:11:24,930 --> 00:11:26,250 of what they were expecting. 155 00:11:26,430 --> 00:11:28,950 And we're going to do that via DNS spoofing. 156 00:11:29,070 --> 00:11:34,710 So what you're going to need to do is take the take the files that are located in the resources and 157 00:11:34,710 --> 00:11:36,380 paste it into this directory. 158 00:11:36,540 --> 00:11:43,230 You're going to paste into this directory right here or you're going to paste it into the VA demidov 159 00:11:43,230 --> 00:11:47,640 w e-mail directory and then you should be good to go. 160 00:11:48,030 --> 00:11:53,250 So what we can do is go back to better time now that we have that set up. 161 00:11:53,460 --> 00:11:58,800 When she pays that stuff in there, you can start Apache and you'll be good to go. 162 00:11:59,370 --> 00:12:02,320 So what we can do now is the DNS spoof. 163 00:12:02,340 --> 00:12:08,520 So once again, if you ever need to know something about a module, just type and help the DNS spoof 164 00:12:08,880 --> 00:12:13,390 and it's going to give you stuff about it, like the different parameters that you can set. 165 00:12:13,740 --> 00:12:17,130 So all we're going to set is DNS to spoof. 166 00:12:18,910 --> 00:12:20,720 All and they said that the truth. 167 00:12:21,160 --> 00:12:26,090 So this one to just say is going to apply to first of all, of course, they come through. 168 00:12:26,860 --> 00:12:28,150 So that's what we want to do. 169 00:12:28,900 --> 00:12:32,310 So we need to put sense, make sure you said before those. 170 00:12:32,560 --> 00:12:38,380 So the next one we're going to do is set Dennis the spoof Dr Means. 171 00:12:40,440 --> 00:12:43,750 And then let's say we want to do my website. 172 00:12:43,770 --> 00:12:46,260 Anthony Timber's dot com. 173 00:12:47,170 --> 00:12:53,950 Maybe that's the way we want to do, or maybe if they tried to go to Facebook dot com, you know, we 174 00:12:53,950 --> 00:12:55,550 could separate them by commas. 175 00:12:55,780 --> 00:12:57,620 So now you do that. 176 00:12:57,640 --> 00:12:59,050 So now those are set. 177 00:12:59,320 --> 00:13:01,450 All we have to do now is just turn it on. 178 00:13:01,510 --> 00:13:07,570 So DNA is the spoof and then put on it enter and now it's on. 179 00:13:07,610 --> 00:13:10,730 So now you can see right here the DNA spoof is on. 180 00:13:10,750 --> 00:13:16,990 So any time they type in, Anthony Summers dot com is going to go is going to direct them right back 181 00:13:16,990 --> 00:13:26,530 to our callisthenics machine and it's going to load the index, the e-mail file as long as Apache is 182 00:13:26,530 --> 00:13:26,860 running. 183 00:13:26,980 --> 00:13:32,710 And the same thing for Facebook dot com is going to load over to our colorist, which is going to load 184 00:13:32,710 --> 00:13:34,300 up this file. 185 00:13:35,830 --> 00:13:43,540 So let's go over to our Windows machine and actually see what happens when they try to do that. 186 00:13:43,550 --> 00:13:50,320 So one day you might notice that you may or may not have to clear the browser cache. 187 00:13:50,320 --> 00:13:54,400 And I'll see you, by the way, in a few minutes just for everything to replicate on the network and 188 00:13:54,400 --> 00:13:55,400 for it to actually work. 189 00:13:55,840 --> 00:13:57,700 So let's actually see what happens. 190 00:13:58,300 --> 00:14:01,420 So right now, let's try to type in HTP. 191 00:14:02,170 --> 00:14:03,840 We'll go through without any steps. 192 00:14:04,570 --> 00:14:09,540 HGP Anthony Sevres Dotcom fun fact. 193 00:14:09,550 --> 00:14:12,710 You don't have to figure it out recently, so let's do that. 194 00:14:13,030 --> 00:14:15,010 So right now it is not working. 195 00:14:15,020 --> 00:14:18,370 So let's give it like a minute or two and then we're going to come back and try it out. 196 00:14:18,750 --> 00:14:23,440 OK, so actually like 10 seconds later I just tried it again and now it worked. 197 00:14:24,160 --> 00:14:27,510 So a load of this page, it says, give me a password. 198 00:14:27,730 --> 00:14:32,680 So let's say like I was if I was going to add that in service dot com and I knew that it was a login 199 00:14:32,680 --> 00:14:33,820 page that looked like this. 200 00:14:34,120 --> 00:14:37,110 So I would really just, you know, log in as usual. 201 00:14:37,140 --> 00:14:43,100 If it looks like I thought it was a timber's and a super secret password, you can never guess. 202 00:14:43,420 --> 00:14:47,740 So then what we're going to do is we're going to click log in. 203 00:14:48,780 --> 00:14:50,220 And then we're going to see what happens. 204 00:14:50,250 --> 00:14:58,570 So remember, like I told you on the back end, it is going to run the action on the page that file, 205 00:14:58,950 --> 00:15:01,560 and this is what that page actually does. 206 00:15:01,980 --> 00:15:06,180 So I made yesterday output this when you do it. 207 00:15:06,190 --> 00:15:09,780 So says I now know your username is a timber's. 208 00:15:09,780 --> 00:15:10,560 And are you serious? 209 00:15:10,590 --> 00:15:12,330 The password is password. 210 00:15:12,330 --> 00:15:13,490 One exclamation point. 211 00:15:13,500 --> 00:15:14,250 Don't worry. 212 00:15:14,430 --> 00:15:21,580 I've written into a file called President and the Virus Folder for safekeeping. 213 00:15:21,640 --> 00:15:23,030 Thanks hashtag. 214 00:15:23,040 --> 00:15:23,940 You've been hacked. 215 00:15:24,210 --> 00:15:28,680 Imagine if you saw this when you're browsing on the web and we can actually confirm it. 216 00:15:28,690 --> 00:15:30,990 I'm going to show you guys the file as well. 217 00:15:31,180 --> 00:15:33,360 So let's go over to our colleagues and check that out. 218 00:15:33,480 --> 00:15:40,040 OK, so let's actually change directory over to there just to make it easier for us to know. 219 00:15:40,740 --> 00:15:46,870 So now if we do an less this directory, so you see that there's a text file. 220 00:15:46,890 --> 00:15:57,060 So if you had a cat that might need to do Suto because this directory pseudo cat friends dot text and 221 00:15:57,060 --> 00:16:01,440 Bam has a username in there and has the password that we saw in the browser. 222 00:16:01,470 --> 00:16:04,330 So now we know that it actually works. 223 00:16:04,530 --> 00:16:08,810 So using this thing in your mind, the different types of things you can do. 224 00:16:09,090 --> 00:16:13,110 I'm going to show you also like kind of a practical example, and I'm going to give you a research file 225 00:16:13,110 --> 00:16:13,800 for it as well. 226 00:16:14,160 --> 00:16:19,530 A first is actually go look at this, because it's very helpful for you guys to understand a little 227 00:16:19,530 --> 00:16:23,260 bit Sustiva and then check out the action page I can follow. 228 00:16:23,610 --> 00:16:27,560 So just to walk you through this, just see see, I showed you what happened. 229 00:16:27,570 --> 00:16:30,360 So let's the back end exactly how this is working. 230 00:16:30,390 --> 00:16:40,740 So first of all, scripts typically start with this right here, the open bracket and then sideways, 231 00:16:41,070 --> 00:16:44,580 what they want to call lessness, San Diego, questionmark. 232 00:16:45,240 --> 00:16:48,400 And then it ends with a question mark and the grated inside. 233 00:16:48,540 --> 00:16:50,550 So that's how PSP works. 234 00:16:51,390 --> 00:16:57,510 So the first thing I did, I set a variable called login creds equal to a function called F Open, and 235 00:16:57,510 --> 00:16:59,010 that's just going to create the file. 236 00:16:59,230 --> 00:17:02,640 And I put a directory right here and then you separate about column. 237 00:17:02,710 --> 00:17:04,140 I put W right here. 238 00:17:04,150 --> 00:17:05,060 This means right. 239 00:17:05,070 --> 00:17:06,510 This means right to the file. 240 00:17:07,140 --> 00:17:12,570 Note that if you do this it will overwrite the file every single time and delete the contents of the 241 00:17:12,570 --> 00:17:13,530 file was already there. 242 00:17:13,540 --> 00:17:18,030 So if you do this multiple times you're going to see that the file is going to be deleted and then it's 243 00:17:18,030 --> 00:17:18,940 going to recreate it. 244 00:17:19,620 --> 00:17:24,670 Whatever you know is is written in this instance up and running. 245 00:17:24,960 --> 00:17:27,270 So right here I just have a quick conditional. 246 00:17:27,810 --> 00:17:32,370 If it can't create the file opening for whatever reason is just going to spit out an error. 247 00:17:32,370 --> 00:17:34,710 This is unable to open a file in the browser. 248 00:17:34,710 --> 00:17:35,050 So. 249 00:17:35,220 --> 00:17:42,740 So as you saw before on the C I just saw before, it says all this stuff here, Nonno username Bubu 250 00:17:43,290 --> 00:17:47,040 so we could do that with echo commands are very similar to Linux. 251 00:17:47,190 --> 00:17:53,820 So just echo and make sure also with all IP and with a semicolon on each line of code. 252 00:17:53,850 --> 00:18:02,250 So we just echo that we put a space and then when you're catching post parameters, which is so when 253 00:18:02,250 --> 00:18:08,010 you make a login request, like with this form, it was making a post request and that's how it was 254 00:18:08,010 --> 00:18:10,730 sending the e-mail to this file. 255 00:18:11,190 --> 00:18:17,200 So the name of that post request was you name, so we can actually check it out. 256 00:18:17,460 --> 00:18:20,440 So let's go it up. 257 00:18:21,440 --> 00:18:38,570 So to do so is the search for such WTW, such a low price index, the Gmail password, so so as you 258 00:18:38,570 --> 00:18:45,130 can see, like before I told you right here that the form, you know, sends everything to action page 259 00:18:45,530 --> 00:18:47,150 up in the Methodist post. 260 00:18:47,160 --> 00:18:54,890 So sending a post request and what is how it knows what parameters, what is right here where it says 261 00:18:54,890 --> 00:18:56,900 name, you can send it to whatever you want. 262 00:18:56,910 --> 00:19:01,580 I have it as you name for the username and then p e w for the password. 263 00:19:01,610 --> 00:19:02,840 So let's go back over here. 264 00:19:03,800 --> 00:19:12,140 So I echoed the value that was submitted under the name of you name and that was username. 265 00:19:12,380 --> 00:19:19,540 And then, you know, I got another line and your super secret password I put this is also like a Tommo 266 00:19:19,550 --> 00:19:20,300 that is outputting. 267 00:19:20,300 --> 00:19:22,190 So I just use the line break right here. 268 00:19:22,340 --> 00:19:30,290 The B-R with the two greater than less than signs around it as I start a new line in HTML and then also 269 00:19:30,290 --> 00:19:35,780 echoed the password as W and then I this other stuff right here, just because that would be neat. 270 00:19:36,560 --> 00:19:44,750 And to put it into the file, what I did was I say the username, so same exact thing, save the post 271 00:19:45,470 --> 00:19:51,350 vye that was passed in as a verb will save the password when as a variable and then you use F right. 272 00:19:51,950 --> 00:19:59,320 And then what you can do is put the default, the variable that we set earlier that actually, you know, 273 00:19:59,390 --> 00:20:00,420 created the file. 274 00:20:00,620 --> 00:20:07,700 So this is going to go into that file and write this right here and then have different lines just to 275 00:20:07,700 --> 00:20:09,840 separate it out and make it look nice and everything. 276 00:20:10,400 --> 00:20:11,360 So f right. 277 00:20:11,660 --> 00:20:12,800 Same exact thing. 278 00:20:12,980 --> 00:20:18,470 You put that variable right here that has the file in it and then we put the variable before. 279 00:20:19,070 --> 00:20:25,760 I also could have just put the username one right there, but I went through and actually just put post 280 00:20:26,060 --> 00:20:28,810 in there so you don't have to do this part is kind of optional. 281 00:20:28,820 --> 00:20:32,630 Just I guess if you wanted to make a little cleaner a little bit easier, you get it that way. 282 00:20:32,630 --> 00:20:33,680 That's why I cut that in there. 283 00:20:34,340 --> 00:20:37,880 So as you can see, that's how the code works. 284 00:20:38,150 --> 00:20:42,860 You can modify this and make it do a lot of different things on PSP isn't too complicated. 285 00:20:42,860 --> 00:20:43,880 Is that the pretty's language? 286 00:20:44,330 --> 00:20:47,210 But it is very powerful and is used extensively on the Internet. 287 00:20:47,390 --> 00:20:50,360 So it's very helpful to understand how that works. 288 00:20:50,810 --> 00:20:53,960 OK, so now we know how to launch attacks and breaking the computers. 289 00:20:53,960 --> 00:20:55,340 So what's next? 290 00:20:55,610 --> 00:21:02,720 So since we know how to actually get in there and compromise now we're now we're going to be going over 291 00:21:02,720 --> 00:21:05,390 what you do after you successfully completed. 292 00:21:05,400 --> 00:21:08,450 And inside is a wide variety of things that you can do. 293 00:21:09,090 --> 00:21:15,530 You familiar with some of the stuff that you should probably be taking when you actually get into a 294 00:21:15,530 --> 00:21:19,400 system because you might need to gain administrative access. 295 00:21:19,400 --> 00:21:22,270 You might want to look for some files, a lot of different things. 296 00:21:22,490 --> 00:21:26,810 So I appreciate you listening this far and I'll see you guys in the next section.