1 00:00:00,310 --> 00:00:08,550 Right now, it's time to write our own first Web directory discovery, so again, I already write the 2 00:00:08,550 --> 00:00:09,810 code and upload it. 3 00:00:10,410 --> 00:00:15,810 So to avoid any stupid mistakes syntax in order to avoid wasting your time. 4 00:00:15,840 --> 00:00:16,980 OK, but don't worry. 5 00:00:16,980 --> 00:00:21,420 Again, we would go through this line by line and explain everything indicates. 6 00:00:21,600 --> 00:00:22,890 OK, all right. 7 00:00:23,070 --> 00:00:30,030 Now, actually, again, I already upload the code so you can download it and open it so we can test 8 00:00:30,030 --> 00:00:30,560 it together. 9 00:00:31,050 --> 00:00:37,380 Right now, the first thing we import this library, which is called requests, and actually this is 10 00:00:37,410 --> 00:00:42,010 the main library that used for their directory discovery tool. 11 00:00:42,150 --> 00:00:45,660 OK, now here we define a target. 12 00:00:45,660 --> 00:00:52,800 You are a variable and we input please enter a target you are in and then we have that fine name variable 13 00:00:52,800 --> 00:00:58,230 and inside it this enter the name of the file containing directory is OK by the way. 14 00:00:58,650 --> 00:01:04,350 You can but that addresses that are the one that are V2 and so on. 15 00:01:04,560 --> 00:01:07,460 But it's up to you how to customize your script. 16 00:01:07,470 --> 00:01:10,300 But for now just we will do these things. 17 00:01:10,320 --> 00:01:11,390 OK, ok. 18 00:01:11,850 --> 00:01:18,060 Now we define a function and this function as you can see, we call that request and we put a barometer 19 00:01:18,060 --> 00:01:19,180 called You are OK. 20 00:01:19,470 --> 00:01:23,790 Now this function we will call here, actually, by the way, here you can see. 21 00:01:23,790 --> 00:01:25,980 But don't worry, we'll go to there. 22 00:01:26,160 --> 00:01:33,550 So for now, def request you are now try this except this and on this exception. 23 00:01:33,610 --> 00:01:35,720 Besse OK, now try this. 24 00:01:35,730 --> 00:01:36,390 What is this. 25 00:01:36,690 --> 00:01:42,420 So we will return because this is a function, we will return the requests, which is the name of the 26 00:01:42,420 --> 00:01:49,920 library we use here or you don't get and we will use this function digit function and this will get 27 00:01:49,920 --> 00:01:53,070 when I get to request OK for it. 28 00:01:53,580 --> 00:01:54,150 For what. 29 00:01:54,760 --> 00:02:03,570 Or wear to this HDB slash plus which is a concatenation with the U R N and the R is that variable or 30 00:02:03,570 --> 00:02:06,930 the parameter we bust here from here as you can see. 31 00:02:06,930 --> 00:02:12,720 But don't worry, we will go to there and we will kind of that and repeat that, repeat the logic again. 32 00:02:12,930 --> 00:02:14,920 But don't worry, it's fine for me for now. 33 00:02:15,300 --> 00:02:16,500 No, try this. 34 00:02:17,480 --> 00:02:26,750 So if there is no hero, it's OK, we will return request to that response to somewhere, OK, but if 35 00:02:26,750 --> 00:02:34,190 we have excessive except request the exception, that connection and by the way, that I accept here, 36 00:02:34,400 --> 00:02:37,900 this is something from that library itself, which is the request library. 37 00:02:38,090 --> 00:02:45,140 So accept this thing and this thing actually, which is request the exceptions, that connection, then 38 00:02:45,140 --> 00:02:46,910 do what best or you can. 39 00:02:46,910 --> 00:02:49,280 But this is not found or something. 40 00:02:49,280 --> 00:02:55,910 But actually it is makes sense to only send there what we found, not what is not exist. 41 00:02:56,180 --> 00:02:56,570 Right. 42 00:02:56,870 --> 00:03:00,430 Because it is a it is a directory discovery after. 43 00:03:00,720 --> 00:03:01,160 All right. 44 00:03:01,460 --> 00:03:02,210 So far so good. 45 00:03:02,240 --> 00:03:03,370 Now this is the function. 46 00:03:03,620 --> 00:03:07,370 This would be used to send the request or return the request. 47 00:03:07,400 --> 00:03:11,660 Now, how this logic actually work, we would talk about this right away, which is fine. 48 00:03:11,690 --> 00:03:14,990 We define this fine variable equally open. 49 00:03:15,110 --> 00:03:17,650 And the open is we already talked about this. 50 00:03:18,020 --> 00:03:23,500 So we open the find in the directory or the file that containing all the directories. 51 00:03:23,840 --> 00:03:27,120 So slash admin, slash something or whatever. 52 00:03:27,290 --> 00:03:29,300 OK, and we will open it. 53 00:03:29,300 --> 00:03:34,970 AZRI so the file we provided here, we will open it as readable and we will go. 54 00:03:35,270 --> 00:03:39,380 As for loop here, which is for line in file. 55 00:03:40,370 --> 00:03:46,560 So we would go through line by line for this specific file that we provided here by timing its name. 56 00:03:46,790 --> 00:03:52,700 So this is for the first line and the first line, we defined a variable called directory. 57 00:03:52,850 --> 00:03:57,740 And we can see that we used a line, which is the first line from this fight dot strip. 58 00:03:57,770 --> 00:04:01,470 Now this to strip it from any white spaces, OK? 59 00:04:02,090 --> 00:04:09,170 And after we strip it from any spaces for this specific line in this file, we store it inside the directory 60 00:04:09,170 --> 00:04:09,620 variable. 61 00:04:09,890 --> 00:04:15,080 OK, now we have the full you are, which is the target you are in, which is that something, as you 62 00:04:15,080 --> 00:04:16,730 can see, that we provide here? 63 00:04:16,880 --> 00:04:17,720 Enter the target. 64 00:04:17,720 --> 00:04:21,140 You are in either IP address or at the domain name. 65 00:04:21,140 --> 00:04:21,670 It's OK. 66 00:04:21,680 --> 00:04:27,980 It will do the job, then we will add or concatenate that slash here, the forward slash and then we 67 00:04:27,980 --> 00:04:35,660 would call that in the directory, which is the one we strip from here, which is line the strip and 68 00:04:35,660 --> 00:04:37,970 we will put it inside the actually and we will use it here. 69 00:04:38,010 --> 00:04:44,270 OK, so the four year old will be the IP address or the domain name would clash with the directory or 70 00:04:44,270 --> 00:04:49,980 the line we have in this specific file, which is the one that we open it from here. 71 00:04:50,000 --> 00:04:50,750 You, as you can see. 72 00:04:50,810 --> 00:04:51,150 All right. 73 00:04:51,320 --> 00:04:52,040 So far, so good. 74 00:04:52,340 --> 00:04:56,500 Now we will create a variable called response, as you can see. 75 00:04:56,990 --> 00:05:01,670 So we will use the request function, as you can see that we define here. 76 00:05:01,880 --> 00:05:05,360 And we would bet the full you are that we have it here. 77 00:05:05,520 --> 00:05:12,050 OK, so the phone you are in will be best to this request function and then it will try or accept. 78 00:05:12,260 --> 00:05:12,940 Depends on it. 79 00:05:13,130 --> 00:05:17,280 So try if it is good, nothing or nothing. 80 00:05:17,300 --> 00:05:22,940 The problem we will return the value and the value will be request to get the HDTV. 81 00:05:23,210 --> 00:05:27,980 With that you are ok, which is what we provided here. 82 00:05:28,010 --> 00:05:29,480 OK, where it is yet. 83 00:05:29,600 --> 00:05:35,960 Which is the point we are OK, including the target you the slash and this directive by the way, if 84 00:05:35,960 --> 00:05:42,470 we provide the photo array or that target, you are right, if we provided HDB, this will be redundant 85 00:05:42,470 --> 00:05:43,820 actually or it will be extra. 86 00:05:43,940 --> 00:05:48,790 So actually to be slash dash and another activist, that's OK too. 87 00:05:48,860 --> 00:05:51,200 There are a lot of ways to get rid of that. 88 00:05:51,200 --> 00:05:53,260 But anyway, we will not enter it here. 89 00:05:53,270 --> 00:05:53,840 It's OK. 90 00:05:53,840 --> 00:05:55,040 It's not nobody deal actually. 91 00:05:55,040 --> 00:06:00,400 You can just put the filter if is or or you can do a lot of things actually. 92 00:06:00,410 --> 00:06:07,580 But anyway we will just assume that you are on is the domain name or the IP address OK without using 93 00:06:07,580 --> 00:06:08,540 that protocol. 94 00:06:08,870 --> 00:06:14,770 Which is that to be all right now after we got the request from here and return everything. 95 00:06:14,780 --> 00:06:21,320 So either this or Besse, if there is requested exception, that connection, which means there is no 96 00:06:21,320 --> 00:06:21,820 connection. 97 00:06:21,830 --> 00:06:26,480 So we would best Abbott if there is a connection, which means that you are on is existed or the directory 98 00:06:26,480 --> 00:06:29,750 is existed, it will be returned and will be stored inside the. 99 00:06:30,170 --> 00:06:30,510 OK. 100 00:06:30,770 --> 00:06:38,990 Now if the response is empty, so it will not this if statement will not work, but if the response 101 00:06:38,990 --> 00:06:41,400 has value or has a retained value. 102 00:06:41,600 --> 00:06:42,500 So yes. 103 00:06:42,500 --> 00:06:43,370 If response. 104 00:06:43,370 --> 00:06:43,700 Yes. 105 00:06:43,700 --> 00:06:45,520 Which means yeah it has value. 106 00:06:45,740 --> 00:06:50,090 So which means that we will bring this thing which is discovery or discovery. 107 00:06:50,090 --> 00:06:51,440 Discovery at this Beth. 108 00:06:51,590 --> 00:06:55,420 And we would bring the footbath that we basit to the request. 109 00:06:55,460 --> 00:06:55,860 All right. 110 00:06:56,090 --> 00:06:57,440 OK, so far so good. 111 00:06:57,680 --> 00:06:59,290 Now let's have it here. 112 00:06:59,300 --> 00:07:03,890 As you can see, I already have the code here, which is directories that by by the way, I already 113 00:07:03,890 --> 00:07:05,060 uploaded it. 114 00:07:05,300 --> 00:07:08,660 So you can just download it and destroy it out together. 115 00:07:08,690 --> 00:07:09,650 OK, all right. 116 00:07:10,070 --> 00:07:13,430 Now, Python three and then directives. 117 00:07:13,470 --> 00:07:20,450 OK, by the way, I have this list, the text file, actually if I open open it using any text, ignore 118 00:07:20,450 --> 00:07:24,080 them, for example, you can see that I have some data inside it. 119 00:07:24,530 --> 00:07:29,090 OK, so text login and login here. 120 00:07:29,780 --> 00:07:40,610 As you can see, BHB, my admin web log in this for the WordPress, WordPress admin tweaky or actually 121 00:07:40,610 --> 00:07:41,780 a lot of things actually. 122 00:07:42,230 --> 00:07:44,610 But this is just for testing for for example. 123 00:07:45,050 --> 00:07:45,320 Yeah. 124 00:07:45,350 --> 00:07:52,130 Actually before I run this command on this program, I already have this Brotherman machine that I already 125 00:07:52,130 --> 00:07:53,780 talked about in the previous section. 126 00:07:54,230 --> 00:07:57,050 So you can see that I have it here and this is the IP address for it. 127 00:07:57,290 --> 00:07:59,890 So I will use it here actually. 128 00:07:59,900 --> 00:08:06,410 And by the way, if I go to its IP address, which is this one, you can see that we have it here and 129 00:08:06,620 --> 00:08:09,740 you can see that we have the wiki readme the text. 130 00:08:09,740 --> 00:08:16,460 Actually, I put some of these actually here so you can see that bhb my admins or copy that and basically 131 00:08:16,460 --> 00:08:16,820 they're. 132 00:08:17,990 --> 00:08:18,830 Well, actually. 133 00:08:20,250 --> 00:08:21,440 Yeah, and let's put it here. 134 00:08:23,420 --> 00:08:23,840 Yeah. 135 00:08:24,790 --> 00:08:26,300 So actually, this is for this thing. 136 00:08:26,350 --> 00:08:32,440 So instead of testing on real machines and actually this is a better way to do that. 137 00:08:32,590 --> 00:08:40,960 By the way, if you are using Linux, you already have a long list of words, which is the text? 138 00:08:41,580 --> 00:08:42,100 I think it is. 139 00:08:42,370 --> 00:08:43,240 It is very big. 140 00:08:43,810 --> 00:08:47,890 And you can just use it there if you are interested to check more. 141 00:08:48,070 --> 00:08:48,350 OK. 142 00:08:48,870 --> 00:08:49,180 All right. 143 00:08:49,180 --> 00:08:50,670 Now it's an under command. 144 00:08:50,680 --> 00:08:52,780 You can see it will start asking for Target. 145 00:08:52,780 --> 00:08:58,030 You are in that spot or provide the IP address, which is one one, as you can see, one one down. 146 00:08:58,270 --> 00:08:58,710 Yeah. 147 00:08:59,440 --> 00:09:03,730 So enter the name of the fight, which is what we have on the current directory. 148 00:09:03,740 --> 00:09:10,640 But remember, this is this must be in the current working directory of the program or of that outreach 149 00:09:10,960 --> 00:09:11,280 by. 150 00:09:11,710 --> 00:09:12,910 So yeah, you can see that. 151 00:09:12,910 --> 00:09:13,380 Yeah. 152 00:09:13,840 --> 00:09:21,070 Discovered directory at this because I already know there is something that I've discovered we actually 153 00:09:21,070 --> 00:09:21,690 might have missed. 154 00:09:21,760 --> 00:09:22,140 All right. 155 00:09:22,420 --> 00:09:31,300 So actually if we have a long list of words and we want to test them out, we can put it and use this 156 00:09:31,300 --> 00:09:33,840 long list of words, OK? 157 00:09:33,850 --> 00:09:38,020 And it will start looking and searching for directories inside this. 158 00:09:38,260 --> 00:09:38,650 OK. 159 00:09:39,130 --> 00:09:39,590 All right. 160 00:09:40,210 --> 00:09:45,730 And by the way, you can customize it whatever you want so you can instead of putting please input or 161 00:09:45,730 --> 00:09:50,010 present into the target or present that containing directories. 162 00:09:50,770 --> 00:09:57,610 No, actually, you can just provide this as a sister, RTV, as what we learned in that Botkin section 163 00:09:57,910 --> 00:10:03,850 and use this actually, again, that RTV two or three or whatever. 164 00:10:04,890 --> 00:10:08,820 And you can just use this instead of writing it like this. 165 00:10:08,860 --> 00:10:15,660 No, you can go to the IP address here and provide the name of the directory or the list of the directories 166 00:10:15,840 --> 00:10:17,560 that's supposed to be here. 167 00:10:17,610 --> 00:10:18,630 OK, or the. 168 00:10:19,670 --> 00:10:21,180 Suggested that. 169 00:10:21,710 --> 00:10:22,060 OK. 170 00:10:22,490 --> 00:10:29,060 By the way, you need to provide your Python program here with a very huge list so it can search everything 171 00:10:29,060 --> 00:10:30,260 possible for this. 172 00:10:30,590 --> 00:10:30,970 You are. 173 00:10:31,400 --> 00:10:32,510 And again, I'm using. 174 00:10:33,380 --> 00:10:38,680 I recommend you to install it to download as a virtual machine and run your program on this method. 175 00:10:39,230 --> 00:10:44,150 Don't use that on real machines or servers because you will get in trouble. 176 00:10:44,360 --> 00:10:44,810 All right. 177 00:10:45,320 --> 00:10:49,310 I want you actually you need to be cautious in these situations. 178 00:10:49,520 --> 00:10:49,850 All right. 179 00:10:49,850 --> 00:10:50,690 Thanks for watching.