1
00:00:00,450 --> 00:00:07,950
So this year they will be enumerating all your friends from the rubric and then we'll be testing whether

2
00:00:07,950 --> 00:00:10,430
we can we have the right access to that site.

3
00:00:10,620 --> 00:00:11,730
So let's get started.

4
00:00:12,150 --> 00:00:14,340
First of be using the namespace.

5
00:00:14,340 --> 00:00:15,250
That is standard.

6
00:00:20,600 --> 00:00:22,160
That's great and function.

7
00:00:25,980 --> 00:00:29,160
Let's get right to it.

8
00:00:31,620 --> 00:00:32,200
And we will.

9
00:00:32,220 --> 00:00:36,000
Passing a string that is about a syndrome.

10
00:00:36,570 --> 00:00:37,230
That is this.

11
00:00:38,250 --> 00:00:39,270
That is the legacy.

12
00:00:39,720 --> 00:00:40,530
That's a group.

13
00:00:46,680 --> 00:00:53,010
So we can enumerate the better trees in try using that better trade class that.

14
00:00:55,330 --> 00:00:56,710
And you've read that actress.

15
00:01:06,730 --> 00:01:07,060
Sorry.

16
00:01:07,140 --> 00:01:07,320
It's.

17
00:01:07,320 --> 00:01:07,330
It's.

18
00:01:11,140 --> 00:01:17,150
So we have a better trainer so he can see the number seven work rate directly.

19
00:01:17,170 --> 00:01:20,810
You put it number three, we can create one get current directory.

20
00:01:21,490 --> 00:01:29,140
So interesting about the new directories and we're finding out that I presume this area and within each

21
00:01:29,260 --> 00:01:40,570
directory will be finding ah the fence so that uh, new directories and the syntax is the string you

22
00:01:40,570 --> 00:01:47,950
need to pass that is root, that is directory and you can also pass the search pattern.

23
00:01:48,520 --> 00:01:48,910
Right.

24
00:01:49,480 --> 00:01:50,980
It's like a search filter.

25
00:01:51,250 --> 00:02:00,640
You can say starboard xy, our starboard deal or you can simply we need to get other directories.

26
00:02:01,390 --> 00:02:07,810
And the third option is that in the search option, search option that you can see here, there are

27
00:02:07,810 --> 00:02:10,350
two values order trees and double tyranny.

28
00:02:10,600 --> 00:02:15,100
So are better trees in the sense we get better directories as well.

29
00:02:16,120 --> 00:02:25,600
So that's about this various constructions, uh, which are various functions for this enumerate directories.

30
00:02:25,900 --> 00:02:28,000
So for another way enumerating directory.

31
00:02:28,000 --> 00:02:34,240
So see Drew, and if you hold on to this the return type, this collections.

32
00:02:34,630 --> 00:02:40,570
So again just string $10 business equals two.

33
00:02:40,670 --> 00:02:49,690
And now I can say for each spring that a tree in our trees I can put into this directory.

34
00:02:50,170 --> 00:02:51,400
So let's go and run.

35
00:02:51,400 --> 00:02:53,110
This one will be.

36
00:03:04,590 --> 00:03:06,720
So let's about this one.

37
00:03:07,050 --> 00:03:11,370
So class one CS equals two new class.

38
00:03:13,610 --> 00:03:16,670
And see that they're right about.

39
00:03:28,480 --> 00:03:32,560
So you can see I have created a very good router with the agency.

40
00:03:32,680 --> 00:03:40,330
So at the rate of a sport, these special characters, if you do not put this address, this will be

41
00:03:40,330 --> 00:03:45,010
treated as a backward trash code.

42
00:03:45,100 --> 00:03:48,230
So this will be treated as a code, not a backward.

43
00:03:54,050 --> 00:03:57,680
And here you can see, uh, we've got the trees.

44
00:03:58,490 --> 00:04:02,960
So in these trees, we want to move forward.

45
00:04:02,960 --> 00:04:03,830
Are the fires.

46
00:04:21,170 --> 00:04:25,040
So we can say better trade not enumerate friends of.

47
00:04:25,610 --> 00:04:32,330
So in the same way we can say this is the syntax for this, the parameters are also seen in foreign

48
00:04:32,510 --> 00:04:33,080
territories.

49
00:04:33,980 --> 00:04:39,560
You need to pass the directory that is there and the search pattern.

50
00:04:39,560 --> 00:04:46,790
I want to get order that addresses are the values and the search option, not all directories.

51
00:04:48,170 --> 00:04:50,750
So I want to get all the files under there.

52
00:04:50,750 --> 00:04:57,380
Considered press against the references equals to this one.

53
00:05:01,760 --> 00:05:02,010
No.

54
00:05:02,030 --> 00:05:05,840
I want to include a trigger to block if there is any error.

55
00:05:07,130 --> 00:05:08,330
We can just ignore that.

56
00:05:11,720 --> 00:05:20,420
So you will be getting nano radiation x etc. for some files because you are accessing from the sea.

57
00:05:20,420 --> 00:05:24,510
Do not understand how the access.

58
00:05:25,970 --> 00:05:36,050
So what I can do is for each string file in violence against the printing the file.

59
00:05:37,790 --> 00:05:45,230
So that's where this and on this one and here I can see you can see we get all the files.

60
00:05:46,040 --> 00:05:54,770
So in these files, what we are going to do is we are going to try to open this file in the read, write

61
00:05:54,770 --> 00:05:55,100
more.

62
00:05:56,360 --> 00:05:58,010
So we can use photographs.

63
00:05:58,340 --> 00:05:59,480
So file dot.

64
00:05:59,660 --> 00:06:02,270
You can see if you can also use it.

65
00:06:02,270 --> 00:06:04,670
Just read our text, read our list.

66
00:06:04,820 --> 00:06:09,270
Those are normal functionality and the one we are interested in.

67
00:06:09,410 --> 00:06:09,890
Open.

68
00:06:10,790 --> 00:06:12,170
So file that open.

69
00:06:12,410 --> 00:06:13,820
So are we using open?

70
00:06:14,270 --> 00:06:15,760
You can also use this one.

71
00:06:15,800 --> 00:06:17,000
So open.

72
00:06:17,000 --> 00:06:17,260
Right.

73
00:06:17,280 --> 00:06:23,060
Is it will directory write the fire when we are running this one.

74
00:06:23,450 --> 00:06:24,800
So we don't want that.

75
00:06:24,800 --> 00:06:28,130
We just want to open the handle to the file.

76
00:06:30,890 --> 00:06:31,570
Open off.

77
00:06:32,330 --> 00:06:37,070
So this will open how many arguments?

78
00:06:37,190 --> 00:06:41,450
So first one is the part, the file part and the file mode.

79
00:06:42,200 --> 00:06:48,660
Whether we want to open or open do or open right, etc. and file access or whatever practice you want

80
00:06:48,660 --> 00:06:50,680
to have or read.

81
00:06:50,680 --> 00:06:51,080
All right.

82
00:06:52,550 --> 00:06:56,570
So first one is obviously the file name and the second one is file more.

83
00:06:56,940 --> 00:07:00,470
You save, file more, not open.

84
00:07:01,520 --> 00:07:09,580
And next one is file access that so far I accidentally.

85
00:07:10,070 --> 00:07:14,780
So we are checking for the files that we have both read and write access.

86
00:07:15,560 --> 00:07:21,560
You can also have another one that is violation or whenever you are opening this one, when this process

87
00:07:21,560 --> 00:07:27,290
is opening this file, what should other paths process?

88
00:07:27,290 --> 00:07:28,940
How the access.

89
00:07:29,600 --> 00:07:38,780
So you can define that if you want like X with you access to this file so far that open so it will return

90
00:07:38,780 --> 00:07:42,950
if I in stream object so it is a file stream.

91
00:07:43,160 --> 00:07:51,920
FCC goes to this one and what we're going to do is we are going to try this one if there is many exceptions

92
00:07:51,920 --> 00:07:56,720
because of the files, those are in the central which you don't have access to.

93
00:07:57,350 --> 00:08:06,590
So if there is any exception, we just simply want to catch that and the following lines of code only

94
00:08:06,590 --> 00:08:11,540
execute if the file access that we write is successful.

95
00:08:11,840 --> 00:08:18,230
So that means we can say, uh, all right, access on.

96
00:08:22,370 --> 00:08:23,030
This fight.

97
00:08:27,820 --> 00:08:28,990
So let's run this.

98
00:08:39,450 --> 00:08:49,410
So would have been see how a lot of you have access to a lot of friends and we can say, I'm going to

99
00:08:49,410 --> 00:08:52,650
promote this one and to our self zero.

100
00:08:55,110 --> 00:08:56,550
So I want to come on then.

101
00:08:59,210 --> 00:09:01,070
I want to give covenant arguments.

102
00:09:05,710 --> 00:09:06,520
So far.

103
00:09:06,880 --> 00:09:07,960
Simplicity, purpose.

104
00:09:07,960 --> 00:09:11,380
I want to do only this small Florida.

105
00:09:16,440 --> 00:09:17,490
So it's a desktop.

106
00:09:17,490 --> 00:09:23,160
And here you can see we've got we have a lot more straight access to everything.

107
00:09:24,990 --> 00:09:31,860
So let's see Windows System32.

108
00:09:35,820 --> 00:09:38,520
And we have raised taxes on fuel our planes.

109
00:09:43,100 --> 00:09:50,690
Okay, so let's remove this one because we are not, uh, we are getting confused whether the script

110
00:09:50,690 --> 00:09:54,260
is running in the background or it has completed the search.

111
00:09:54,800 --> 00:10:01,610
Now let's run this and you can see the script exited with this output.

112
00:10:09,330 --> 00:10:12,270
So you can also add the filter functionality.

113
00:10:12,390 --> 00:10:13,620
So let's stop here.

114
00:10:14,340 --> 00:10:17,490
And the filter is this one, right?

115
00:10:17,880 --> 00:10:19,260
So what we can do is.

116
00:10:42,090 --> 00:10:46,650
We can get out of the argument, and that is we are going to pass.

117
00:10:49,960 --> 00:10:50,680
ARGs.

118
00:10:51,940 --> 00:10:55,530
So the first one would be our golf grow.

119
00:10:56,530 --> 00:11:04,600
That is the that is actually the part we want to search for.

120
00:11:04,810 --> 00:11:10,210
And the next one is going to be half of our gulf.

121
00:11:10,210 --> 00:11:16,210
One is equals, two is equals two, not as equals two.

122
00:11:16,210 --> 00:11:19,450
Now then it's a string.

123
00:11:27,690 --> 00:11:29,670
Then it's a filter is equal to.

124
00:11:31,230 --> 00:11:32,160
I've got one.

125
00:11:35,710 --> 00:11:40,540
Alice we conservatory sequence to that is start.

126
00:11:43,880 --> 00:11:48,260
And here we need to replace the numerator first with the filter.

127
00:11:54,180 --> 00:11:54,510
Okay.

128
00:11:54,510 --> 00:11:59,200
I think it should work now if I get windows.

129
00:11:59,220 --> 00:11:59,640
Okay.

130
00:11:59,640 --> 00:12:00,540
We got some real.

131
00:12:14,690 --> 00:12:16,880
Nix was outside the bounds of day.

132
00:12:21,960 --> 00:12:24,570
So let's get a spa for this.

133
00:12:26,350 --> 00:12:27,220
Well, there we are.

134
00:12:27,240 --> 00:12:30,390
The output when we gave the filter.

135
00:12:34,910 --> 00:12:35,480
Star.

136
00:12:36,370 --> 00:12:37,360
Don't be alone.

137
00:12:51,610 --> 00:12:52,390
So not.

138
00:12:56,040 --> 00:13:03,480
Gareth Scarborough To do it, we need to argue the start answer should be included in the center.

139
00:13:11,480 --> 00:13:13,820
So there is an error when we do not do.

140
00:13:16,880 --> 00:13:22,640
This one, when we did not do the filter, we got the index exemption.

141
00:13:36,460 --> 00:13:40,760
We can say if our Goodland.

142
00:13:44,280 --> 00:13:45,180
Greater than one.

143
00:13:45,480 --> 00:13:50,570
Then we can say the second argument is further.

144
00:13:51,000 --> 00:13:52,500
So they should might work.

145
00:13:54,240 --> 00:13:54,600
Okay.

146
00:13:54,600 --> 00:13:55,620
So it's working.

147
00:13:55,860 --> 00:14:02,440
Whenever you do not go any further, it is getting further and further extensions.

148
00:14:04,230 --> 00:14:05,550
We can also do that.

149
00:14:05,580 --> 00:14:06,440
Certainly XY.

150
00:14:07,890 --> 00:14:08,100
Okay.

151
00:14:08,100 --> 00:14:09,060
We don't have XY.

152
00:14:09,060 --> 00:14:09,900
We have X Animal.

153
00:14:10,320 --> 00:14:11,820
So we got the X of my first.

154
00:14:21,480 --> 00:14:21,730
So.

155
00:14:21,780 --> 00:14:22,410
Okay.

156
00:14:22,500 --> 00:14:26,460
How are the bees?

157
00:14:26,880 --> 00:14:27,600
Vulnerable.

158
00:14:27,810 --> 00:14:28,350
Machine.

159
00:14:29,160 --> 00:14:37,500
So let's go and download the binary onto this machine and check for any insect permissions.

160
00:14:56,690 --> 00:15:01,070
So I have training with this to do research about the taxi.

161
00:15:14,610 --> 00:15:15,150
Okay.

162
00:15:15,150 --> 00:15:18,030
Go download it now.

163
00:15:19,620 --> 00:15:28,080
So there is already a vulnerable binary insecure binary that is in the C program files for permissions

164
00:15:28,080 --> 00:15:28,620
service.

165
00:15:29,280 --> 00:15:31,140
This for an inverted exit.

166
00:15:31,560 --> 00:15:42,120
So from the c, i want to find star dot xy and what you can see we have the program files for permissions

167
00:15:42,120 --> 00:15:44,160
via C now.

168
00:15:44,220 --> 00:15:47,460
So we have another order in program program program 30 xy.

169
00:15:48,480 --> 00:15:52,500
You so adverbial as well any writable datas.

170
00:15:52,830 --> 00:16:03,570
Okay, we don't have any road clearance, so that's how we can use Shihab to find the writable files

171
00:16:03,570 --> 00:16:06,990
from the partition.