1 00:00:00,550 --> 00:00:09,070 Now it's time to create our look in brute force, OK, for the application right now. 2 00:00:09,280 --> 00:00:14,830 Actually, I already uploaded this file, which is the brute force that bite so you can download it 3 00:00:14,830 --> 00:00:19,150 and writing the code step by step or tracing the code step by step. 4 00:00:19,540 --> 00:00:25,000 And already I have this file, which is RockYou that text. 5 00:00:25,240 --> 00:00:29,030 And actually this is the file, as you can see, it is here. 6 00:00:29,380 --> 00:00:37,030 So this is the file, the same fight as the Linux file, which is which contains a lot of text file. 7 00:00:37,030 --> 00:00:43,090 So Vacanti here, it will take a lot of time, as you can see, still bending as you can see it. 8 00:00:43,210 --> 00:00:43,900 Copy that. 9 00:00:44,200 --> 00:00:49,770 So it's if I get here, dude, this is to see the size of the file. 10 00:00:49,780 --> 00:00:52,750 You can see it is one hundred and forty four megabyte. 11 00:00:53,200 --> 00:00:56,830 And by the way, I already uploaded that for you if you want to use it. 12 00:00:57,890 --> 00:01:02,480 This is a huge wordlist, and by the way, if you have Kelly, you can find it. 13 00:01:02,780 --> 00:01:06,210 It's OK, but if you don't have it, you can download it and start with me. 14 00:01:06,440 --> 00:01:15,020 And by the way, I will use this you the text as a wordlist so we can check and check the users or the 15 00:01:15,020 --> 00:01:15,280 bus. 16 00:01:15,290 --> 00:01:17,780 What I mean for this specific user that we provide. 17 00:01:17,990 --> 00:01:19,980 Don't worry, we will handle that right away. 18 00:01:20,210 --> 00:01:21,200 But for me for now. 19 00:01:21,410 --> 00:01:28,130 OK, now but again, please don't use this to attack people to damage systems and so on. 20 00:01:28,190 --> 00:01:29,240 OK, I want you. 21 00:01:29,390 --> 00:01:31,210 I'm not responsible for anything of that. 22 00:01:31,250 --> 00:01:37,730 OK, please use it for you as a white hacker to have a career, to have a job, to defend people and 23 00:01:37,730 --> 00:01:38,060 so on. 24 00:01:38,270 --> 00:01:40,070 OK, now let's start. 25 00:01:40,880 --> 00:01:43,890 So this is the first thing which is that important. 26 00:01:44,150 --> 00:01:46,580 We already talked about this in the previous section. 27 00:01:46,910 --> 00:01:47,810 Now here I. 28 00:01:47,810 --> 00:01:52,500 I'm using something new, which is color and it is no big deal. 29 00:01:52,520 --> 00:01:58,050 Actually, it is just print cut out for a specific text or something, because as you can see from color, 30 00:01:58,070 --> 00:02:00,150 we imported colors here. 31 00:02:00,170 --> 00:02:05,570 So the colored function, as you can see, this found username or password will be printed as a green. 32 00:02:05,750 --> 00:02:08,610 And you can see that where it is. 33 00:02:08,630 --> 00:02:09,830 Yeah, yeah. 34 00:02:09,830 --> 00:02:10,790 You can see that here. 35 00:02:10,790 --> 00:02:13,440 The trying with the best will it will be printed as written. 36 00:02:13,500 --> 00:02:16,610 What we would like when we handed that right away step by step. 37 00:02:16,790 --> 00:02:22,530 But for now these are used just for coloring the text. 38 00:02:22,760 --> 00:02:26,890 OK, just to give you the vibe of a hacker or something anyway. 39 00:02:27,260 --> 00:02:27,860 No big deal. 40 00:02:28,070 --> 00:02:28,550 All right. 41 00:02:29,000 --> 00:02:30,900 So now let's have this. 42 00:02:30,950 --> 00:02:32,140 This is the first thing you are. 43 00:02:32,450 --> 00:02:35,660 This is a barrier between what these bejewelled. 44 00:02:35,810 --> 00:02:40,940 So you so the beautiful you are right here that you want to try and brute force on it. 45 00:02:41,190 --> 00:02:43,550 OK, now we have the user name here. 46 00:02:44,000 --> 00:02:46,420 Please enter the user name for the brute force. 47 00:02:46,430 --> 00:02:50,760 So you are using user route admin user one, whatever. 48 00:02:50,780 --> 00:02:52,310 OK, so it depends on you. 49 00:02:52,880 --> 00:02:56,600 And by the way, we can have a list this for this as well. 50 00:02:56,810 --> 00:02:58,930 But actually it is, it would be exponential. 51 00:02:58,940 --> 00:03:02,360 So it will take a it will take forever anyway. 52 00:03:02,360 --> 00:03:05,000 But we are assuming that we know the user. 53 00:03:05,240 --> 00:03:06,990 So that's why they use them. 54 00:03:07,080 --> 00:03:13,360 OK, now here we have the buzzword file and here you can see in the five to use. 55 00:03:13,370 --> 00:03:15,520 So you put the name of the file. 56 00:03:15,530 --> 00:03:22,510 But by the way, which is the RockYou, the text, this is the text file or the word file that has all 57 00:03:22,520 --> 00:03:23,570 the passwords inside it. 58 00:03:23,930 --> 00:03:29,090 And you can see that they are in the same division as the post posted by which is the program we are 59 00:03:29,270 --> 00:03:31,550 writing or we are interpreting. 60 00:03:32,030 --> 00:03:37,540 OK, now finally we have this variable, which is the login string. 61 00:03:37,640 --> 00:03:41,900 So here you can see that please enter a string that occurs when logging fits. 62 00:03:42,050 --> 00:03:47,960 So when you type root and with the password taught, for example, which is the inverse of root, it 63 00:03:47,960 --> 00:03:53,320 will give you login failed or an invalid credential or access denied or something like that. 64 00:03:53,420 --> 00:03:59,350 So you need to know that the target machine, what will give you when you watch it? 65 00:03:59,840 --> 00:04:02,880 OK, don't worry, we will handle all of that in this picture. 66 00:04:03,140 --> 00:04:07,050 So just follow me for now and we will reach that level. 67 00:04:07,920 --> 00:04:11,180 OK, now we have this function, which is the diff cracking. 68 00:04:11,390 --> 00:04:15,320 But before I go into it, actually, this is the main logic of the forcing. 69 00:04:15,560 --> 00:04:19,500 Before I go through it, I want to check here or I want to have a look here. 70 00:04:19,820 --> 00:04:27,660 So to understand this more so you can see here, actually this will be executed before or interpreted, 71 00:04:27,660 --> 00:04:34,250 let's say, before that cracking because we call the cracking from here and wait for me for now so you 72 00:04:34,250 --> 00:04:41,570 can see that you with open and here you can see that we are using the width and as statement. 73 00:04:41,600 --> 00:04:48,350 OK, so with this function, which is open Basswood fight the fight we opened for the Basswood, as 74 00:04:48,350 --> 00:04:49,760 you can see, which is this one. 75 00:04:50,680 --> 00:04:58,780 And as I read more so with that as a basswood, so which means that everything you opened here as read 76 00:04:58,930 --> 00:05:05,680 or all the best words that you have it here, open it as a buzzer to you so in there and we will start 77 00:05:05,890 --> 00:05:07,090 that right away. 78 00:05:07,150 --> 00:05:14,230 OK, so after that, you can see that we have a code in here with this w this inside that inside there 79 00:05:14,260 --> 00:05:15,640 with s statement. 80 00:05:15,850 --> 00:05:22,350 We are calling the cracking function OK, which is cracking the username that we insert here. 81 00:05:23,050 --> 00:05:25,510 We assuming it is user admin root whatever. 82 00:05:26,490 --> 00:05:31,180 And with the Warrell, which is they are we put here interbody, you are OK. 83 00:05:31,350 --> 00:05:38,000 So we are calling the cracking function with these arguments on these various bits that we thought here 84 00:05:38,490 --> 00:05:45,810 and using that with as statement by doing with open this file, which is the buzzword file as readable 85 00:05:45,990 --> 00:05:47,190 and as a buzzword. 86 00:05:47,820 --> 00:05:49,030 Make it as a buzzword. 87 00:05:49,070 --> 00:05:49,460 OK. 88 00:05:50,270 --> 00:05:59,280 OK, now actually after we use that with s statement and we call the cracking function, so now it is 89 00:05:59,280 --> 00:06:03,460 time to hand it the cracking function so you can see that we define a cracking function. 90 00:06:03,690 --> 00:06:06,060 This is the first parameter, by the way. 91 00:06:06,060 --> 00:06:07,290 I'm using username here. 92 00:06:07,470 --> 00:06:09,690 By the way, this is not the same variable. 93 00:06:09,750 --> 00:06:14,030 This is only for the scope of the tracking, not for this one. 94 00:06:14,280 --> 00:06:16,410 Don't don't get confused, please. 95 00:06:16,630 --> 00:06:19,230 OK, and the warrant here is not the same for this. 96 00:06:19,230 --> 00:06:22,160 You are I mean, as a variable, not as a value. 97 00:06:22,170 --> 00:06:22,430 Yeah. 98 00:06:22,440 --> 00:06:28,440 By the way, because we are basing this username as which is this one, as you can see, this variable 99 00:06:29,010 --> 00:06:34,920 that we are passing to the cracking function here, but we defined the name here is user name, by the 100 00:06:34,920 --> 00:06:35,040 way. 101 00:06:35,040 --> 00:06:42,570 I can put username to OK and user and you are to and I need to change the necessity here inside this 102 00:06:42,570 --> 00:06:48,780 function, OK, because this is username or this variable is not the same as this from the direct point 103 00:06:48,780 --> 00:06:50,200 to the same address. 104 00:06:50,220 --> 00:06:58,440 OK, anyway, for now, just for me it's listed as is which is username and you are in now here we have 105 00:06:58,440 --> 00:07:00,510 that for password and passwords. 106 00:07:00,700 --> 00:07:06,090 OK, now we already talked about the false statement and by the way, we are using the passwords that 107 00:07:06,090 --> 00:07:11,040 we use it with the open password but read as a password. 108 00:07:11,070 --> 00:07:12,180 All right, good. 109 00:07:12,660 --> 00:07:16,020 Now we are handling the best words one by one. 110 00:07:16,020 --> 00:07:22,650 So you can see that we open this password file, that they are OK for you file and you can see it is 111 00:07:23,040 --> 00:07:23,310 better. 112 00:07:23,310 --> 00:07:23,960 Huge, fine. 113 00:07:23,970 --> 00:07:28,310 So if I catch it here, you can see I'm still still printing. 114 00:07:28,330 --> 00:07:28,670 Yeah. 115 00:07:29,070 --> 00:07:29,990 So I interrupted. 116 00:07:30,630 --> 00:07:37,620 Alright, so you can see that it will start using this password one by one so and all of that will be 117 00:07:37,620 --> 00:07:39,370 inside the for loop which is this one. 118 00:07:39,390 --> 00:07:45,090 OK, so it will start with, with this one for example, until it reach or complete or whatever. 119 00:07:45,090 --> 00:07:46,200 It will start with this one. 120 00:07:46,200 --> 00:07:46,710 This one. 121 00:07:46,710 --> 00:07:50,560 This one until we got what we want or anyway we we handed that right away. 122 00:07:50,850 --> 00:07:55,860 So here we have after the first statement, which is the password, the password. 123 00:07:55,860 --> 00:07:58,500 Now it would be best for touchup again. 124 00:07:58,500 --> 00:08:03,200 We already saw that in the previous section as we don't need white spaces or whatever. 125 00:08:03,210 --> 00:08:05,160 So we are using this one. 126 00:08:05,460 --> 00:08:10,770 OK, now, Brent, now, as you can see now, we are using that colored function here that I mentioned, 127 00:08:10,770 --> 00:08:12,810 which is using the term library. 128 00:08:13,050 --> 00:08:16,500 So Sokolove by actually actually this is a function except a table. 129 00:08:16,830 --> 00:08:22,740 And with that first thing, which is, as you can see, the first thing and the second thing, which 130 00:08:22,740 --> 00:08:22,950 is. 131 00:08:23,980 --> 00:08:30,010 As you can see, so the first thing which is trying with the Basswood and the other thing, which is 132 00:08:30,010 --> 00:08:31,880 that cut out of this text, which is. 133 00:08:32,290 --> 00:08:33,610 All right, don't worry. 134 00:08:33,670 --> 00:08:35,760 We will handle that as hands on right away. 135 00:08:36,040 --> 00:08:39,640 But currently, let's understand the code first, then we can try it at. 136 00:08:40,490 --> 00:08:45,770 All right, so we just printing trying with the Basswood, which is we have it here after we strip it 137 00:08:46,460 --> 00:08:47,670 and we have it Azerrad. 138 00:08:47,750 --> 00:08:54,080 So this detail that we are trying this bastard currently so we don't need something or utility. 139 00:08:54,860 --> 00:09:00,800 So to give me a black screen and it is still rendering, we don't know the progress about it. 140 00:09:01,040 --> 00:09:06,450 No, we need to know where are we currently, what is the best work that we are currently trying on 141 00:09:06,500 --> 00:09:07,070 and so on. 142 00:09:07,130 --> 00:09:09,290 So that's why we are printing, trying on this. 143 00:09:09,330 --> 00:09:14,900 Bestway so now we have data and this is a variable inside that you can see that we have these things 144 00:09:15,080 --> 00:09:21,470 and you can see that the username with username, the password is password as a dictionary if you noticed, 145 00:09:21,710 --> 00:09:29,900 and the login as a login or the log in here is as a submit, OK, because here this is used for that 146 00:09:29,960 --> 00:09:35,710 login button when when we put the user name and when we put the password and so on. 147 00:09:35,900 --> 00:09:38,420 And you can see that the user name here is the user name. 148 00:09:38,420 --> 00:09:40,130 We have it here actually. 149 00:09:40,850 --> 00:09:42,350 We got it from the user name. 150 00:09:42,740 --> 00:09:44,870 And the best word here is the password. 151 00:09:44,900 --> 00:09:46,430 We got it after we strip it. 152 00:09:46,440 --> 00:09:47,630 OK, all right. 153 00:09:47,780 --> 00:09:53,110 Now you may get confused, but for me in the next step, we will understand actually in the next line. 154 00:09:53,420 --> 00:10:00,320 So here you can see we have a response variable and we are using the request post this time, OK, we 155 00:10:00,320 --> 00:10:06,050 don't use the gate and we have that you are in, which is the right way inserted here, which is this 156 00:10:06,050 --> 00:10:06,920 you are, by the way. 157 00:10:07,070 --> 00:10:07,460 Yeah. 158 00:10:07,790 --> 00:10:09,320 And data equals data. 159 00:10:09,320 --> 00:10:15,440 So the data here, this is used for the post function and the data at this time would be this data, 160 00:10:15,440 --> 00:10:17,270 which is this one that we have. 161 00:10:17,450 --> 00:10:23,600 That includes the username, as you can see, which is the username, the buzzword, which is the password 162 00:10:23,870 --> 00:10:24,800 after we serve it. 163 00:10:24,920 --> 00:10:28,370 And then again, which is submit, OK, because this is a post request. 164 00:10:29,400 --> 00:10:34,470 Now, you may get confused or you don't know what we are talking about, but don't worry, when we try 165 00:10:34,470 --> 00:10:36,750 this court, you would understand everything, OK? 166 00:10:37,350 --> 00:10:42,140 Now, if this Logan fence drink in various points, that to good. 167 00:10:42,390 --> 00:10:47,610 And you can see that the response here, which is this one after we got it from the requested post. 168 00:10:47,940 --> 00:10:51,330 So the response that content that the code. 169 00:10:51,870 --> 00:10:59,190 So if we find the look in felt string that we entered here, that when that occurs, when we login fails, 170 00:11:00,030 --> 00:11:05,430 which means that we need to pass, which means that that this didn't work or else which means that, 171 00:11:05,430 --> 00:11:07,380 yeah, we found that we didn't find it. 172 00:11:07,560 --> 00:11:13,050 We didn't found that Logan for string, which means that yeah, we connect successfully, which means 173 00:11:13,290 --> 00:11:16,170 this time we need to break with the current function. 174 00:11:16,310 --> 00:11:16,610 Yeah. 175 00:11:16,640 --> 00:11:22,410 Found this username and we would with the username we found with a screen this time that that is added. 176 00:11:22,680 --> 00:11:28,770 And yet Brint found the password and again, the password we have here after we distribute it out. 177 00:11:29,400 --> 00:11:29,700 Yeah. 178 00:11:29,730 --> 00:11:30,690 As a green as well. 179 00:11:30,690 --> 00:11:32,870 And let's exit from this function. 180 00:11:32,880 --> 00:11:38,220 So as we don't need as you can see, this is an infinite loop, or maybe it's not an infinite, but 181 00:11:38,220 --> 00:11:46,530 it is a very huge actually, it is the same as the number of lines here inside this that this fight, 182 00:11:46,710 --> 00:11:47,870 which is the rockyou. 183 00:11:47,880 --> 00:11:54,990 So if I use this command, which is the word count nacelle, so this is to count the lines inside the 184 00:11:54,990 --> 00:11:59,940 robot you takes, you can see that we have a huge number of action. 185 00:11:59,960 --> 00:12:01,590 You can see there's a huge number of lines. 186 00:12:02,130 --> 00:12:04,050 So we will wait until that. 187 00:12:04,080 --> 00:12:05,400 This doesn't make sense. 188 00:12:05,580 --> 00:12:11,550 If we find the password and the username or the password for this username, then we are good to go. 189 00:12:11,730 --> 00:12:13,840 We don't need the other things right. 190 00:12:14,010 --> 00:12:17,910 OK, now imagine or let's assume that we didn't found anything. 191 00:12:17,910 --> 00:12:24,660 We still inside the bass bass bass until we reach the last command or the last password in this file, 192 00:12:24,660 --> 00:12:26,280 which is which is this number. 193 00:12:26,460 --> 00:12:34,560 OK, so after we finished the Q the text file and still we didn't find the password, it will get out 194 00:12:34,560 --> 00:12:38,760 from this tracking function and it will print password, not in the list. 195 00:12:38,790 --> 00:12:42,330 OK, so that's why we what the exit function here. 196 00:12:42,480 --> 00:12:47,610 So this exit function, it will exit from the current brute force, that python, which is this one. 197 00:12:47,740 --> 00:12:50,400 OK, so if we find it it will exit. 198 00:12:50,760 --> 00:12:57,480 If we didn't find it, it will still keep this until we get out from this cracking function and then 199 00:12:57,480 --> 00:12:59,070 we will print this password. 200 00:12:59,070 --> 00:13:00,390 Not in the least, by the way. 201 00:13:00,420 --> 00:13:01,770 This is my logic. 202 00:13:01,780 --> 00:13:03,360 You can use your own logic. 203 00:13:03,390 --> 00:13:07,560 Actually, there are a lot of critics out to do that and to do such as things. 204 00:13:07,790 --> 00:13:08,960 You need to try this out. 205 00:13:08,970 --> 00:13:13,350 Actually, it's getting boring here, so it's time to do this. 206 00:13:13,650 --> 00:13:15,000 So, yeah, by three. 207 00:13:15,420 --> 00:13:18,780 So brute force to try and enter. 208 00:13:19,050 --> 00:13:20,650 Please enter the orbit of the wall. 209 00:13:20,700 --> 00:13:26,850 By the way, I recommend you to download and install the meters plot of it, which is the ultimate machine. 210 00:13:26,850 --> 00:13:33,270 And here you can see that we have this thing, which is the DPW or the Web application. 211 00:13:33,270 --> 00:13:34,920 And actually this is something very popular. 212 00:13:35,370 --> 00:13:40,170 That is your Web application and so on to test your skills on hacking the. 213 00:13:40,860 --> 00:13:43,160 So actually, this is very good for the username. 214 00:13:43,350 --> 00:13:46,110 We have this one, anything and the password, anything. 215 00:13:46,260 --> 00:13:48,260 So you can see that we have a login fit. 216 00:13:48,270 --> 00:13:48,690 All right. 217 00:13:48,840 --> 00:13:49,770 Now let's return here. 218 00:13:49,950 --> 00:13:52,040 So what is that badge for the. 219 00:13:52,560 --> 00:13:57,020 As you can see, I just copy and paste it like this, as is press enter. 220 00:13:57,240 --> 00:13:58,540 Now, what is the username? 221 00:13:58,830 --> 00:14:05,310 So actually, by the way, if you can see that the username is maybe Ruwart, maybe admin, I don't 222 00:14:05,310 --> 00:14:05,630 know. 223 00:14:05,640 --> 00:14:06,670 So let's admin. 224 00:14:06,780 --> 00:14:08,000 I think it is admin. 225 00:14:08,010 --> 00:14:08,550 Yeah. 226 00:14:09,530 --> 00:14:15,230 And for the basswood, by the way, actually, this is something very simple because the user name is 227 00:14:15,230 --> 00:14:17,320 admin, by the way, and the password is password. 228 00:14:17,330 --> 00:14:20,300 So it is something very simple and easy. 229 00:14:20,330 --> 00:14:25,250 I didn't need to be programmed actually to point this out, but let's assume that it is something complex 230 00:14:25,250 --> 00:14:25,650 anyway. 231 00:14:25,910 --> 00:14:34,040 Now enter password use, which is rock you the text file that we have and enter the stream that occurs 232 00:14:34,040 --> 00:14:37,470 when logging fades, which is look and feel like this. 233 00:14:37,700 --> 00:14:38,950 So let's put it like this. 234 00:14:38,960 --> 00:14:43,670 And here you can see that trying this, trying this, trying this until we reach the password. 235 00:14:43,670 --> 00:14:47,350 So you can see that trying password admin basswood. 236 00:14:47,360 --> 00:14:48,500 So let's try this out. 237 00:14:48,510 --> 00:14:48,890 All right. 238 00:14:49,050 --> 00:14:50,930 Time for testing password. 239 00:14:51,620 --> 00:14:52,070 Yeah. 240 00:14:52,100 --> 00:14:57,830 Everything working as expected so you can see that yak's you change your password because it is very 241 00:14:57,830 --> 00:15:02,890 simple and very easy, but actually better than the simple stupid password anyway. 242 00:15:03,170 --> 00:15:09,320 Now you can see that we are able to log in to the page with this username and password and with very 243 00:15:09,650 --> 00:15:14,390 and you can see the way as you can see, this will give you the vibe of a hacker. 244 00:15:14,390 --> 00:15:18,500 As you can see, this is the cutout here is red and the carrot here is green. 245 00:15:18,500 --> 00:15:22,400 But you you can see that because I'm using already a green card up here. 246 00:15:22,760 --> 00:15:25,970 So you can see that this is why it is green. 247 00:15:25,970 --> 00:15:32,080 But actually the green skill here of the green color is not bright like this one. 248 00:15:32,450 --> 00:15:34,580 This is just for it to be fun. 249 00:15:34,880 --> 00:15:35,300 OK. 250 00:15:35,480 --> 00:15:37,820 And by the way, one last thing I want to mention, please. 251 00:15:37,820 --> 00:15:41,580 I want you to use this on a real target or machines. 252 00:15:41,630 --> 00:15:49,460 OK, so actually, I'm not responsible for any attacks, damages or anything that I'm teaching you and 253 00:15:49,460 --> 00:15:51,350 ethical hacking to use it to. 254 00:15:51,350 --> 00:15:56,370 Good for you and good for your company or your organization, country, institution, whatever. 255 00:15:56,420 --> 00:15:58,640 OK, so don't use it for bad purposes. 256 00:15:58,820 --> 00:15:59,720 Thanks for watching.