1
00:00:00,780 --> 00:00:07,290
Hi, within this lecture, we're going to go to level 26 of the Bendat, and it's very easy.

2
00:00:07,290 --> 00:00:15,840
If you're on the list, you will see the Bendat 26 assess key, which is our key to go into S.H., into

3
00:00:15,840 --> 00:00:16,950
the level 26.

4
00:00:17,130 --> 00:00:18,540
So it's fairly easy, right.

5
00:00:18,840 --> 00:00:20,340
But it doesn't stop there.

6
00:00:20,760 --> 00:00:22,590
So it gets harder at this point.

7
00:00:22,710 --> 00:00:29,580
And at this point, I had to actually stop the videos and go to Google to find the solution because

8
00:00:29,850 --> 00:00:34,890
it actually had to do something with the rim.

9
00:00:35,460 --> 00:00:42,100
And as I said before, I don't use usually used of them very often at least, OK?

10
00:00:42,420 --> 00:00:50,670
And it turns out it has something in particular to do with the command line and do with the more comment.

11
00:00:50,910 --> 00:00:54,360
I'm going to show you whether this and again, this is a hard one.

12
00:00:54,360 --> 00:01:00,110
I couldn't solve it by myself because I had no idea that we could do that with them.

13
00:01:00,750 --> 00:01:03,000
So I'm going to show you what I mean.

14
00:01:03,000 --> 00:01:10,110
But just before that, I had to give you a heads up so I couldn't figure it out in a short period of

15
00:01:10,110 --> 00:01:11,540
time like I did before.

16
00:01:12,000 --> 00:01:17,580
And as a matter of fact, for the previous lectures, I didn't even look at the Google.

17
00:01:17,580 --> 00:01:19,770
I didn't even do any research.

18
00:01:19,770 --> 00:01:23,010
I just figured that out because I got used to it.

19
00:01:23,010 --> 00:01:25,220
I had the experience, but not this time.

20
00:01:25,770 --> 00:01:33,390
So let's run this comment and say I Bendit twenty six SS HQ, OK, and we're going to login has been

21
00:01:33,390 --> 00:01:36,210
the twenty six to look host.

22
00:01:36,450 --> 00:01:39,210
OK, so we are in the local store.

23
00:01:39,210 --> 00:01:41,520
In this case we're in the server in this case.

24
00:01:41,520 --> 00:01:42,900
So we can say localhost.

25
00:01:43,260 --> 00:01:45,450
I'm just going to say yes OK.

26
00:01:45,450 --> 00:01:46,320
And here we go.

27
00:01:46,560 --> 00:01:52,170
We managed to log in, but as you can see the connection to localhost closed.

28
00:01:52,980 --> 00:01:58,350
So in that case we can try to change the show like we have done before.

29
00:01:58,530 --> 00:02:07,350
OK, like I remember we used the as a channel rather than Bashar Lynard to maintain our session before,

30
00:02:07,530 --> 00:02:10,830
but it doesn't even work over here as well.

31
00:02:11,370 --> 00:02:13,080
So of course we can try it.

32
00:02:13,710 --> 00:02:18,060
But here we have some kind of tools like tips.

33
00:02:18,540 --> 00:02:20,520
We have more tools.

34
00:02:21,030 --> 00:02:26,910
And it was pretty confusing for me to understand how we can use the more tool in here.

35
00:02:27,240 --> 00:02:32,010
So of course, I went on and do that, so I had to try this.

36
00:02:32,010 --> 00:02:32,340
Right.

37
00:02:32,340 --> 00:02:37,380
So Dashty with bin S.H. or Bin Bash.

38
00:02:37,560 --> 00:02:39,630
OK, just go with bin Bash.

39
00:02:39,630 --> 00:02:43,170
If it doesn't work, go with business age, it won't work either.

40
00:02:43,560 --> 00:02:52,350
So as you can see the connection to localhost cost and we didn't even get the detailed information like

41
00:02:52,350 --> 00:02:53,850
we did last time.

42
00:02:54,510 --> 00:03:01,860
So you can go for being without the quotation marks and you can try the other alternatives as well.

43
00:03:02,010 --> 00:03:05,010
But as you can see, it doesn't work.

44
00:03:05,880 --> 00:03:10,200
So what can we do with the more comment?

45
00:03:10,860 --> 00:03:15,240
More comment is something like chat, OK, it's very simple.

46
00:03:15,600 --> 00:03:23,430
So I try to I actually stopped at this point and tried to Google it out to find out about more.

47
00:03:24,150 --> 00:03:29,370
And I found out that it's actually connected with them at some point.

48
00:03:29,730 --> 00:03:31,410
So let me show you what I mean.

49
00:03:31,890 --> 00:03:41,580
So when we do, let me show you when we do chat, OK, we get the result back like this, right?

50
00:03:41,760 --> 00:03:46,400
So if we do, the more it will give us the same result, exactly the same result.

51
00:03:46,950 --> 00:03:50,010
So as you can see, it's nothing different than cat.

52
00:03:50,220 --> 00:03:58,230
But if we have something like this, OK, if we do cat password TXI, as you can see, we cannot see

53
00:03:58,230 --> 00:04:05,910
all the lines, but if you do more password-protected, it will show us the first page and then when

54
00:04:05,910 --> 00:04:12,360
we click enter, it will show us the second page turn page and we can just use the arrow points arrow

55
00:04:12,690 --> 00:04:18,120
key arrow up key arrow down to see the whole thing over here.

56
00:04:18,570 --> 00:04:20,160
So more does this.

57
00:04:20,550 --> 00:04:27,570
It's exactly the same with Cat, but not exactly because it lets you see the part of it.

58
00:04:27,810 --> 00:04:31,370
Then the space is not enough for you.

59
00:04:31,890 --> 00:04:33,840
So how can we use this?

60
00:04:34,410 --> 00:04:39,930
And furthermore, we have other tools over here like we it's vem.

61
00:04:39,960 --> 00:04:41,730
OK, so we are vem.

62
00:04:42,420 --> 00:04:45,120
So how can we combine those two together?

63
00:04:45,360 --> 00:04:48,390
This is where I actually had to Google it and understand.

64
00:04:48,540 --> 00:04:54,840
If I hadn't have the tips over here, maybe I wouldn't actually think of that as well.

65
00:04:55,470 --> 00:04:57,540
So let me show you what I mean.

66
00:04:57,540 --> 00:04:59,790
I'm just going to run this as it is.

67
00:04:59,920 --> 00:05:07,000
OK, I'm going to go into the Bendat 26 and I'm going to say yes, and as you can see, we have a lot

68
00:05:07,000 --> 00:05:08,440
of information over here.

69
00:05:09,100 --> 00:05:14,980
So what I'm going to do, I'm going to make this a little bit smaller so that it would lack in size.

70
00:05:15,010 --> 00:05:21,030
OK, so if you can think about this, it will run it with more automatically.

71
00:05:21,070 --> 00:05:27,130
It turns out that when we run this, let me make it even a little bit smaller when we run this and say,

72
00:05:27,130 --> 00:05:30,280
yes, as you can see, it displays it with more.

73
00:05:30,970 --> 00:05:40,230
And the point is, if you right, we right now, we and I in your keyboard, it will open the window

74
00:05:40,240 --> 00:05:40,820
for you.

75
00:05:41,440 --> 00:05:44,140
So that's what I didn't know.

76
00:05:44,650 --> 00:05:50,950
You can go into the room and you can write some commands over here, OK?

77
00:05:51,430 --> 00:05:53,350
So it's a little strange.

78
00:05:53,350 --> 00:05:54,760
It's a little strange.

79
00:05:55,240 --> 00:06:04,050
And more strange part is if you hit escape, you can write some comments like we used to do Kullen WQ.

80
00:06:04,150 --> 00:06:06,450
Now we're going to do Cullom set.

81
00:06:07,210 --> 00:06:11,860
So it turns out that we can set the bash over here.

82
00:06:11,860 --> 00:06:13,740
We can set the shadow over here.

83
00:06:14,230 --> 00:06:19,840
OK, so I found I found this out by Googling it.

84
00:06:19,840 --> 00:06:20,980
I didn't know that.

85
00:06:21,550 --> 00:06:28,270
And the way it works, you have to write Schellekens to whatever you want, like in this case being

86
00:06:28,270 --> 00:06:28,810
Basche.

87
00:06:29,200 --> 00:06:32,650
OK, so I want to set it to be back.

88
00:06:33,250 --> 00:06:36,580
And if I had entered, this will be set for me.

89
00:06:37,270 --> 00:06:38,860
And if I run Shell.

90
00:06:39,610 --> 00:06:40,270
Here you go.

91
00:06:40,270 --> 00:06:42,850
We have the shell in twenty six.

92
00:06:43,240 --> 00:06:47,740
Now I can clear this up and I can just do what I want to do.

93
00:06:48,730 --> 00:06:56,650
And it's a little strange I admit that and I didn't know that you can go into from Mark and I didn't

94
00:06:56,650 --> 00:07:00,780
know you can set the shell in them with a command like that.

95
00:07:01,600 --> 00:07:03,880
So so far so good.

96
00:07:03,880 --> 00:07:04,870
I learned anything.

97
00:07:04,870 --> 00:07:06,280
I hope you did as well.

98
00:07:06,490 --> 00:07:06,990
Right.

99
00:07:07,600 --> 00:07:13,780
So right now we are independent twenty six and we are maintaining our recession.

100
00:07:14,500 --> 00:07:24,490
So that's what we were trying to do, even though we had DSH keep it didn't let us go into because the

101
00:07:24,490 --> 00:07:27,670
shell was something else rather than the big bash.

102
00:07:28,030 --> 00:07:35,020
Of course I'm going to cut out the pass for just twenty six as well because when we use this as a key

103
00:07:35,080 --> 00:07:36,730
it doesn't let us in.

104
00:07:37,240 --> 00:07:43,210
So I'm going to copy this and I'm going to save it to level twenty six over here.

105
00:07:43,240 --> 00:07:51,400
OK, let me now it and I'm going to come down, I'm going to pass this and I'm going to say level twenty

106
00:07:51,400 --> 00:07:53,200
six and here you go.

107
00:07:54,610 --> 00:08:03,640
OK, now we have this but I will show you some more depth of this lecture, more depth of this level

108
00:08:03,820 --> 00:08:08,290
in order for you to grasp it in an intense way as well.

109
00:08:08,530 --> 00:08:10,240
So I'm going to exit out of this one.

110
00:08:10,240 --> 00:08:15,700
OK, you can just do column Q exclamation point and you can exit out of this one.

111
00:08:15,850 --> 00:08:20,220
I want to go into Bendit twenty five because I want to show you something.

112
00:08:20,680 --> 00:08:27,190
So as as you can see, there is a tip saying that it doesn't use beanbag.

113
00:08:27,220 --> 00:08:33,970
OK, so if the cat, the ATSE password like we always do in the penetration test, ok, you just do

114
00:08:33,970 --> 00:08:35,410
cat atse password.

115
00:08:35,980 --> 00:08:42,610
You can see all the shells that are used in this machine or in the server.

116
00:08:42,880 --> 00:08:48,610
If you come over here, all of them are being Basche actually, but not Bendit 26.

117
00:08:48,850 --> 00:08:52,210
So in here we have the user bientôt text.

118
00:08:52,600 --> 00:08:58,900
So this is not the regular bash and maybe we can get something out of this as well.

119
00:08:58,900 --> 00:09:02,770
Right, so we can get this and see what it does.

120
00:09:02,770 --> 00:09:07,410
Or we can just try to go into that folder and try to understand something.

121
00:09:07,780 --> 00:09:09,310
So let me come over here.

122
00:09:09,520 --> 00:09:17,500
As you can see in the user being show text, it exports the term to Linux, it changes the environmental

123
00:09:17,770 --> 00:09:18,580
variables.

124
00:09:18,610 --> 00:09:25,450
It's more it more actually the text I that is why we have been seeing that more.

125
00:09:26,020 --> 00:09:33,880
So it isn't as standard standard procedure that we come across our face off, but this is how it's supposed

126
00:09:33,880 --> 00:09:34,390
to be.

127
00:09:34,780 --> 00:09:38,860
And it actually had this exit over here.

128
00:09:39,070 --> 00:09:45,580
That's why we actually had the trouble of maintaining our recession.

129
00:09:46,060 --> 00:09:50,110
So maybe we could have understand something from here as well.

130
00:09:50,290 --> 00:09:55,180
So that's why more tax Taxotere to happen.

131
00:09:55,180 --> 00:09:59,740
That's why we managed to get into the we like.

132
00:09:59,860 --> 00:10:01,100
Yes, OK.

133
00:10:01,540 --> 00:10:02,350
So here you go.

134
00:10:02,380 --> 00:10:07,100
That's why we are seeing the more that's why we can write V and go into the Web.

135
00:10:07,300 --> 00:10:11,110
That's why we can actually change the Basche.

136
00:10:11,860 --> 00:10:13,410
Change the channel, to be sure.

137
00:10:13,420 --> 00:10:17,530
We can just say said, shall ECAs been Basche.

138
00:10:18,730 --> 00:10:21,900
So maybe you now understand it in a better way.

139
00:10:22,210 --> 00:10:27,490
Anyhow, we managed to go into the Bendat twenty six by running Shell.

140
00:10:28,300 --> 00:10:28,840
Right.

141
00:10:28,860 --> 00:10:30,820
So so far so good.

142
00:10:31,990 --> 00:10:33,790
Right now we are in twenty six.

143
00:10:33,790 --> 00:10:39,550
Let's come over here and say see how we can go to level twenty seven.

144
00:10:39,970 --> 00:10:42,280
As you can see it says that.

145
00:10:42,280 --> 00:10:43,510
Good job getting your shell.

146
00:10:43,510 --> 00:10:46,650
Now hurry and grab the password from the twenty seven.

147
00:10:46,930 --> 00:10:53,350
Yeah I would say it's a good chap to get this show and it only saves around less.

148
00:10:53,800 --> 00:10:59,800
So I believe it's cutting us a slack and it's a fairly simple step in this point.

149
00:11:00,070 --> 00:11:03,190
So I'm going to run that this and see what happens over here.

150
00:11:03,550 --> 00:11:13,600
So we have as set eweida I believe again, so we have a text taxi over here and just text taxi was the

151
00:11:13,600 --> 00:11:17,350
thing that we have been seeing with more, I believe.

152
00:11:17,890 --> 00:11:19,780
So I'm going to run this band.

153
00:11:19,780 --> 00:11:20,950
It's twenty seven.

154
00:11:20,950 --> 00:11:21,640
As you can see.

155
00:11:21,640 --> 00:11:26,110
It says that to run the government as another user, I will run it with ID.

156
00:11:26,110 --> 00:11:29,080
We can see that it belongs to the 27.

157
00:11:29,350 --> 00:11:33,490
So I'm going to cap the password of Bendat 27 like we have done before.

158
00:11:33,670 --> 00:11:35,080
So it's fairly easy.

159
00:11:35,380 --> 00:11:37,300
It's Usted one more time.

160
00:11:37,540 --> 00:11:41,920
So Bendit Pass kept that seben the pass and banded 27.

161
00:11:42,460 --> 00:11:44,080
So here you go.

162
00:11:44,680 --> 00:11:47,200
This is the password for the twenty seven.

163
00:11:47,380 --> 00:11:50,760
So I'm going to copy this and I'm going to save this as well.

164
00:11:51,520 --> 00:11:54,850
So again this is very easy because we have done this before.

165
00:11:54,850 --> 00:12:00,670
We know what how it works and stuff, but we didn't know the rim thing.

166
00:12:01,450 --> 00:12:07,840
So here we are in the band twenty six so I'm going to exit out of this one.

167
00:12:08,050 --> 00:12:16,750
I'm going to hit Callon Escape column two, exclamation point and I'm going to exit out of this one

168
00:12:16,750 --> 00:12:20,390
as well so that I can log into Bendit.

169
00:12:20,410 --> 00:12:21,550
Twenty seven.

170
00:12:21,820 --> 00:12:22,450
Right.

171
00:12:22,990 --> 00:12:24,010
So do that.

172
00:12:24,010 --> 00:12:29,590
Go into twenty, twenty seven and let's see if this works.

173
00:12:29,590 --> 00:12:33,390
I'm going to paste this over here and hit enter and here you go.

174
00:12:33,850 --> 00:12:36,790
Now let's continue with in the next lecture.