1
00:00:00,150 --> 00:00:07,320
OK, guys, so we went over, met this boy and actually doing setting off some boys and using metastable

2
00:00:07,380 --> 00:00:10,590
to break into systems, but there are other ways to do it as well.

3
00:00:10,740 --> 00:00:11,600
In what ways?

4
00:00:11,610 --> 00:00:12,650
A brute force attack.

5
00:00:13,080 --> 00:00:16,060
So you don't always have to use the exploit you.

6
00:00:16,230 --> 00:00:19,800
Like I was saying, you can pretty much brute force you into the system.

7
00:00:19,950 --> 00:00:21,690
And it's exactly what it sounds like.

8
00:00:22,290 --> 00:00:27,090
You know, when you launch a brute force attack, you continuously just trying to log into a specific

9
00:00:27,090 --> 00:00:30,060
account or at least accounts kind of depends on how you set it up.

10
00:00:30,840 --> 00:00:35,400
And you usually have a large password, a file, and you just keep going.

11
00:00:35,400 --> 00:00:39,450
And so you get access and it typically works against systems.

12
00:00:39,450 --> 00:00:46,050
They use weak passwords and trust me, a lot of systems passwords or have the default passwords.

13
00:00:47,010 --> 00:00:50,490
So it's typically going to work better against those systems.

14
00:00:50,670 --> 00:00:54,810
And like, if you know something about like, you know, how many characters the password is or what

15
00:00:54,810 --> 00:00:57,460
the structure is, that makes it a lot easier as well.

16
00:00:58,020 --> 00:01:02,970
So a good tool for brute force is actually got to hydrate.

17
00:01:03,300 --> 00:01:10,140
So Hydra is a program and cause on Linux by default, and it's going to allow you to launch some brute

18
00:01:10,140 --> 00:01:10,830
force attacks.

19
00:01:11,640 --> 00:01:14,760
And the typical syntax for it is as follows.

20
00:01:14,790 --> 00:01:23,310
So he's going to Hydra, that's command dash L and S username dash P, the list you're going to link

21
00:01:23,310 --> 00:01:30,450
over to a wordlist file and then you put the IP address that you're targeting and then also the login

22
00:01:30,450 --> 00:01:30,870
with it.

23
00:01:31,740 --> 00:01:40,890
So like an example is Hijau Dash L Route P world is that t t the target address and then ECES H.

24
00:01:41,070 --> 00:01:49,350
So this is going to attempt to brute force that IP address over s h for the root account using each

25
00:01:49,350 --> 00:01:52,270
password inside of this wordlist that we have right there.

26
00:01:53,100 --> 00:01:56,790
So this is pretty much how Hydra works.

27
00:01:58,070 --> 00:02:02,180
So let's actually go ahead and check this out.

28
00:02:02,630 --> 00:02:07,250
OK, guys, so back in our colonics machine, so let's go ahead and check out how to use hydrous.

29
00:02:07,250 --> 00:02:17,900
So as I said before, the command for Hijaz does Hijrah and a dash L and then you would just do whatever

30
00:02:17,930 --> 00:02:19,010
username you wanted to do.

31
00:02:19,010 --> 00:02:26,420
So in this case, we could try like Envisat admin and then we wanted to dash PEV to a list.

32
00:02:26,600 --> 00:02:28,400
So let's say I have a word list.

33
00:02:28,970 --> 00:02:32,990
So actually I'm going to do that right now just so that we have this word lists.

34
00:02:32,990 --> 00:02:38,260
And just to be safe, I'm not sure what directory you are in the work directory.

35
00:02:38,280 --> 00:02:40,370
Did you set list?

36
00:02:40,700 --> 00:02:41,010
Perfect.

37
00:02:41,220 --> 00:02:44,770
OK, so I'm going to change to that directory.

38
00:02:45,500 --> 00:02:56,990
So let's see so that I can rouverol quick CD Sutcliffe's and then I'm going to create a new file.

39
00:02:57,000 --> 00:03:02,120
So just like passwords and then let's see.

40
00:03:02,120 --> 00:03:04,580
So we want to make like a quick pastoralist's.

41
00:03:05,060 --> 00:03:07,910
So there's only ones available that I'm going to show you in a moment.

42
00:03:07,910 --> 00:03:09,950
But just to show you how I do works.

43
00:03:10,220 --> 00:03:14,720
So let's see, let's just try like sumos or password.

44
00:03:16,010 --> 00:03:18,470
Password once you three.

45
00:03:18,700 --> 00:03:27,530
Um, I don't know, I an administrator and then let's put em in at the bottom just because we know this

46
00:03:27,530 --> 00:03:27,970
password.

47
00:03:28,430 --> 00:03:32,300
But the point is, you're going to have a wordlist list that's going to have a lot of different passwords

48
00:03:32,300 --> 00:03:35,670
in it and it's going to go through each one of them and try to brute force into the account.

49
00:03:36,050 --> 00:03:38,290
So let's do it right quick on this.

50
00:03:38,420 --> 00:03:42,520
Uh, so now we can go back over here.

51
00:03:42,770 --> 00:03:45,090
So let's do our hijau come in.

52
00:03:45,890 --> 00:03:54,680
So just to confirm as well, just do it last and we see our passwords file that we created, so.

53
00:03:55,680 --> 00:04:04,180
Let me see, we are going to do Hijrah Dash l unless you have an.

54
00:04:05,750 --> 00:04:15,980
The SPI passwords, and then we're going to do targets one at zero one six eight one zero one six eight.

55
00:04:16,900 --> 00:04:23,780
The five six one zero four SDH is never going to enter and see what happens.

56
00:04:23,800 --> 00:04:32,170
So now is going through and is brute forcing and hey said we found Love You and Mr. MSF Admin and the

57
00:04:32,170 --> 00:04:33,700
password is MSF admin.

58
00:04:33,710 --> 00:04:36,250
So it does it pretty quickly.

59
00:04:36,250 --> 00:04:41,290
Even if you have like a gigantic like wordlist, actually you can do it pretty quickly.

60
00:04:41,290 --> 00:04:44,290
It's pretty useful, pretty handy tool for brute force.

61
00:04:45,160 --> 00:04:54,190
It just to show you guys really quickly, there is a folder or there is a GitHub repository that I recommend

62
00:04:54,190 --> 00:04:59,970
that you closed down so I can actually show you it over here.

63
00:05:00,160 --> 00:05:07,420
So if you just go to Google and type in sexless GitHub, so I'm right here.

64
00:05:08,290 --> 00:05:11,500
But you guys grab this, you are your GitHub dot com.

65
00:05:11,740 --> 00:05:18,310
See, we can just grab that and then you could do a get Kalanchoe in and.

66
00:05:19,250 --> 00:05:24,850
Just clone that repository, and that's what that's the folder that I'm in right now, so you can go

67
00:05:24,860 --> 00:05:25,670
in and clone that.

68
00:05:25,790 --> 00:05:33,710
And what it is, is a bunch of, like, lists of different username, username lists, password list

69
00:05:33,710 --> 00:05:34,190
and stuff.

70
00:05:34,190 --> 00:05:38,450
So if you wanted to get passwords, we can change over passwords.

71
00:05:38,970 --> 00:05:40,790
I would do a list and see what's in here.

72
00:05:40,790 --> 00:05:45,670
And it's a bunch of text files with all kinds of passwords inside of it.

73
00:05:45,680 --> 00:05:46,550
So it's pretty useful.

74
00:05:47,450 --> 00:05:55,850
These are like common credentials, you know, lists of passwords from breaches, you know, typical

75
00:05:55,850 --> 00:05:56,990
things that you're going to find.

76
00:05:56,990 --> 00:06:03,170
And you'll be surprised that a lot of people use these common passwords.

77
00:06:03,770 --> 00:06:06,500
So it's definitely these are gigantic lists, too.

78
00:06:06,920 --> 00:06:11,300
So you can use these when you're doing your ethical hacking and it might actually be able to get you

79
00:06:11,300 --> 00:06:13,940
access into some systems.

80
00:06:14,160 --> 00:06:21,320
So if we wanted to, we could use one of these passwords, password lists for this for this Haja thing

81
00:06:21,320 --> 00:06:21,770
as well.

82
00:06:21,950 --> 00:06:27,440
But, you know, if we're trying to break in for the MSF admin account, we can maybe put in one of

83
00:06:27,470 --> 00:06:29,060
these as the pastoralists.

84
00:06:29,780 --> 00:06:31,250
So I just wanted to point that out.

85
00:06:31,340 --> 00:06:37,540
And then, like I said before, it also has a bunch of, like, username lists as well.

86
00:06:37,750 --> 00:06:40,640
So you can see the user names.

87
00:06:42,720 --> 00:06:49,500
As to and enlistee different username lists and stuff like that, so definitely a useful repository

88
00:06:49,500 --> 00:06:53,100
and I recommend that if you're going to do any brute force in that, you have these lists available

89
00:06:53,100 --> 00:06:53,390
to you.