1
00:00:00,900 --> 00:00:07,470
So in this know, we are going to see this command in action tutorial where this project called induction,

2
00:00:07,470 --> 00:00:13,010
so you can go to track me and sign up for an account and search for induction in the activities, you

3
00:00:13,020 --> 00:00:17,280
will get this induction to walk through a voice command induction, the one set of command commanding

4
00:00:17,280 --> 00:00:19,500
action and explain how to prevent the dinosaurs.

5
00:00:20,160 --> 00:00:22,880
OK, now, before this, we need to connect to the network.

6
00:00:22,890 --> 00:00:24,560
It's using this open VPN.

7
00:00:25,140 --> 00:00:26,580
You don't need to worry about this.

8
00:00:26,580 --> 00:00:29,540
Open will be an installation that is referred to the cardinals.

9
00:00:29,850 --> 00:00:33,570
I have to do is go to this access machines and click on this open.

10
00:00:33,570 --> 00:00:35,340
Will you look at this website?

11
00:00:35,340 --> 00:00:38,520
And what you have to do is you need to download this configuration file.

12
00:00:38,790 --> 00:00:45,560
So using this open configuration, what you need to connect to the servers to access these machines.

13
00:00:45,870 --> 00:00:49,920
So I have already downloaded this, uh, configuration file.

14
00:00:52,810 --> 00:01:04,090
So you need to run this open, we've as a route user, so open VPN and you need to say the open open

15
00:01:04,270 --> 00:01:12,910
a file and you need to enter now enter the password for your username and it will be corrected in a

16
00:01:12,940 --> 00:01:14,870
few minutes, less than a minute.

17
00:01:15,820 --> 00:01:18,900
Now we need to go in this room.

18
00:01:19,120 --> 00:01:22,570
I have already joined the room and we need to deploy this server.

19
00:01:22,660 --> 00:01:23,860
So let me do this.

20
00:01:26,280 --> 00:01:34,630
Uh, before I want to explain something, we are not commensurate with zipRealty, which shows the industry

21
00:01:34,670 --> 00:01:36,690
and, uh.

22
00:01:37,660 --> 00:01:44,460
OK, show some, uh, output and let me go to the desktop.

23
00:01:46,710 --> 00:01:54,270
So here's what I can do is I was happy Labor Day and I put this car and if I, uh, put another comment,

24
00:01:54,450 --> 00:01:59,580
then this bill will be executed as a separate comments.

25
00:02:00,150 --> 00:02:04,400
And as you can see, the Koran has been executed and output is displayed.

26
00:02:04,590 --> 00:02:12,240
And after the Koran, the interpreter will identify that this current has been completed and then the

27
00:02:12,240 --> 00:02:13,890
next comment will be executed.

28
00:02:14,070 --> 00:02:18,280
You can see the evidence output here and output here.

29
00:02:18,310 --> 00:02:26,910
So if any website that's, uh, giving this option for searching the files are executing any comments.

30
00:02:27,150 --> 00:02:33,870
And if you put this me and you can, uh, type in another comment to display the output.

31
00:02:34,020 --> 00:02:37,490
So this is where when the Web server is put recorded.

32
00:02:37,710 --> 00:02:41,490
So let's, uh, this is called command in action.

33
00:02:41,490 --> 00:02:48,550
We can inject the comments in the, uh, extra box or any other variable field.

34
00:02:48,630 --> 00:02:49,630
We have enough.

35
00:02:50,970 --> 00:02:53,080
So red circle.

36
00:02:54,600 --> 00:02:57,390
So I think the machine is the.

37
00:02:57,840 --> 00:03:02,070
So as you can see, the IP address of this machine is this IP address.

38
00:03:02,550 --> 00:03:14,580
Let me copy it and say export to, uh, let's say now a new word processor injection is equal to this,

39
00:03:14,940 --> 00:03:18,430
uh, very fuzzy IPA.

40
00:03:19,680 --> 00:03:23,190
So we get the new interface that is standard zero adapter.

41
00:03:23,460 --> 00:03:27,850
And this channel is connected to this open within.

42
00:03:27,900 --> 00:03:29,080
They track it.

43
00:03:29,490 --> 00:03:37,200
And I got the new IP address, which is a crazy IP address, not once I do not want be a private IP

44
00:03:37,200 --> 00:03:37,650
address.

45
00:03:38,460 --> 00:03:42,830
So what I can do is I can just ping dollar injection.

46
00:03:51,690 --> 00:04:01,250
So as you can see, I am successfully, uh, Bingol to this, uh, this Web website, recopy this one

47
00:04:01,620 --> 00:04:06,990
and let me open this in the Firefox browser to see anything rideable.

48
00:04:09,510 --> 00:04:13,320
So in the meantime, I run the Google Tattooer on this, you order.

49
00:04:23,930 --> 00:04:28,190
To restart any directress so fast before the.

50
00:04:31,370 --> 00:04:33,290
Sorry, two times.

51
00:04:42,020 --> 00:04:52,820
So it is the research, I think, order to do the right thing, so that's the right research in this.

52
00:04:53,030 --> 00:04:54,950
I have explained all this data here.

53
00:04:55,220 --> 00:04:57,080
I can just say computer.

54
00:04:58,070 --> 00:05:02,660
You can also read this description if you want to.

55
00:05:03,170 --> 00:05:07,640
So this is a command in action and you can put the semicolon and then execute the next command.

56
00:05:09,500 --> 00:05:11,270
This is part of brain communication.

57
00:05:11,510 --> 00:05:15,980
So the source code of this has been displayed here in a screenshot.

58
00:05:16,240 --> 00:05:17,640
You can see that username.

59
00:05:18,080 --> 00:05:22,160
So this is a letter M.

60
00:05:24,810 --> 00:05:26,460
So as you can see this.

61
00:05:30,430 --> 00:05:36,640
So this timber has been stored in the U.S. and it is being sent to the pier to back it, as you can

62
00:05:36,640 --> 00:05:42,700
see here, the user name date of his attempt to trace the value we typed in this username.

63
00:05:42,700 --> 00:05:53,440
Feel that is that so it will get the term value and then it will just go for the filename or the exact

64
00:05:53,500 --> 00:05:57,990
syntax of this exact filename and then execute this comment.

65
00:05:58,390 --> 00:06:04,740
And then if that is not allowed to say that user name has not fallen on the system.

66
00:06:05,140 --> 00:06:11,430
So let me try to search, since this is the territory that it's searching for, any directories that

67
00:06:11,540 --> 00:06:15,390
say, see, possibly

68
00:06:18,010 --> 00:06:22,230
so user it's possible is not for an assistant maybe searching for you.

69
00:06:22,450 --> 00:06:31,450
OK, we don't care about this research because we can put the semicolon and then execute our comment.

70
00:06:31,630 --> 00:06:37,030
So you can all read this description if you want and just explaining directory.

71
00:06:38,230 --> 00:06:41,200
So I need to I need to ping the box with back.

72
00:06:41,200 --> 00:06:41,860
That's what it is.

73
00:06:42,280 --> 00:06:51,370
So I told you we can take the temp semicolon and then to a list.

74
00:06:52,720 --> 00:07:00,160
As you can see, even though my temp was not for this and this has been found on the system, so that

75
00:07:00,190 --> 00:07:07,060
we, uh, since Arizonan's each time we just temporalis has found on the system, it is considered whole

76
00:07:07,120 --> 00:07:16,930
output as it found on the system, because it triggered any any value on executing this current temp,

77
00:07:16,960 --> 00:07:24,430
comma, semicolon, unless even the user error and unless you some output rate.

78
00:07:24,580 --> 00:07:27,760
So that output will be measured in this ls rock.

79
00:07:27,790 --> 00:07:31,780
And then we discussed, uh, this user was for another system.

80
00:07:32,950 --> 00:07:40,490
So I can simply put, uh, with ten packets minus C, C for comp and 10.

81
00:07:40,870 --> 00:07:42,580
And this IP address.

82
00:07:49,510 --> 00:07:51,700
Occupying the box with 10 packets.

83
00:07:54,080 --> 00:07:57,960
OK, we thought maybe it was OK, I'm sorry, OK?

84
00:07:58,010 --> 00:08:02,760
OK, my answer is correct and the box connect to the file on the web server.

85
00:08:02,790 --> 00:08:04,110
What is the scanner?

86
00:08:04,420 --> 00:08:07,400
So we need to a final conclusion.

87
00:08:07,420 --> 00:08:12,730
I can say McMorran and then I can say this as you name.

88
00:08:14,320 --> 00:08:15,270
Minus yet.

89
00:08:18,230 --> 00:08:25,300
OK, you know, it was not for us, so we need to say we need to straighten in a file.

90
00:08:25,310 --> 00:08:32,210
I need you to be spread the search further for, you know, my minister greater than so reverting to

91
00:08:34,970 --> 00:08:36,830
logs, if not be.

92
00:09:10,070 --> 00:09:11,280
OK, since.

93
00:09:11,300 --> 00:09:15,640
OK, OK, I have understood not our output has been stored in the logs.

94
00:09:16,970 --> 00:09:29,130
Again, sir, not the sensor not found on the system, they are exposed to what is really controversial.

95
00:09:30,680 --> 00:09:35,220
So, OK, up to now we have see just executing commands here.

96
00:09:35,420 --> 00:09:40,250
Now I will show you how to get the reversal from this command.

97
00:09:40,940 --> 00:09:49,360
Let me go to test monkey monkey one key and a reversal.

98
00:09:50,990 --> 00:09:58,000
So before that, I want to identify which programming languages have been installed on the system.

99
00:09:58,010 --> 00:10:01,010
I can see which, uh, python.

100
00:10:03,230 --> 00:10:12,860
So Python has been found on a system that's fine and go to this reversal, Jegede, and you can see

101
00:10:12,860 --> 00:10:17,640
the Python reversal circle, so you need to copy this.

102
00:10:18,950 --> 00:10:26,210
So this is like similar to net cat and you see the socket module and module in the python section.

103
00:10:26,240 --> 00:10:27,530
No need to worry about this.

104
00:10:32,460 --> 00:10:34,420
So let me put it in here.

105
00:10:34,470 --> 00:10:43,050
So we need to modify some changes, we need to modify the IP address to our current Linux machine,

106
00:10:43,080 --> 00:10:46,320
which is our Canizaro adapter.

107
00:10:48,280 --> 00:10:52,920
We did this IP address, so let me turn this.

108
00:10:52,940 --> 00:10:59,860
So this is you can also this is not only to the Koran addiction.

109
00:10:59,950 --> 00:11:03,970
You can just get a reversal from this whole Koran addiction.

110
00:11:04,750 --> 00:11:06,470
So I think that's all for this.

111
00:11:06,520 --> 00:11:08,650
I can I'm happy with this.

112
00:11:08,650 --> 00:11:09,340
One, two, three, four.

113
00:11:10,150 --> 00:11:10,750
Copy this.

114
00:11:10,750 --> 00:11:11,350
Another one.

115
00:11:11,620 --> 00:11:18,690
And, uh, before, uh, decoding this that rehearsal, we need to set up a prisoner.

116
00:11:19,240 --> 00:11:23,880
Uh, I think this card will be sufficient.

117
00:11:24,100 --> 00:11:31,220
And now let's use the semicolon and space and copy paste my entire python socket programming code together.

118
00:11:32,170 --> 00:11:38,380
Now, if I submit this and if I go to my journal and you can see, uh, we have got the.

119
00:11:40,030 --> 00:11:40,630
All right.

120
00:11:43,120 --> 00:11:50,330
And what they have asked is, Cannava, no, now it's very comfortable to execute our commands, all

121
00:11:50,380 --> 00:11:57,060
these Russian four point four point on this one is the Russian.

122
00:12:00,240 --> 00:12:06,090
And there you go, inter-group into the output and the other type of therapy you get.

123
00:12:06,660 --> 00:12:07,200
All right.

124
00:12:09,000 --> 00:12:11,270
Want to pick up this IP address?

125
00:12:15,500 --> 00:12:24,230
So how open in an, again, newly and let's say route and sea route was found on the.

126
00:12:26,160 --> 00:12:35,420
On top of her big success and the world will return to that input and say the other w w w.

127
00:12:43,830 --> 00:12:53,240
The rebel leader has also been found on a system that's a success and, OK, my name is, uh, Michael,

128
00:12:54,560 --> 00:12:55,850
and we got the.

129
00:13:00,130 --> 00:13:09,550
Now you see the actor commanding the action that is a similar way without this comment, but we will

130
00:13:09,550 --> 00:13:16,720
use the power struggle and it's also seems make a good command and you can see the description here.

131
00:13:18,720 --> 00:13:28,320
And you can try to identify whether it's a Linux system or the Windows are the only two types you can

132
00:13:28,320 --> 00:13:36,230
differentiate between the system and what the system is using in your config if you got any output or

133
00:13:36,240 --> 00:13:37,440
a phone on the system.

134
00:13:37,470 --> 00:13:40,710
It means our server is in the Linux.

135
00:13:41,910 --> 00:13:52,520
So are have config was not the admin type IP config then maybe this IP configure also not for me type.

136
00:13:53,220 --> 00:13:54,600
OK, who am I going.

137
00:13:54,600 --> 00:13:55,110
Who am I.

138
00:13:55,160 --> 00:13:59,120
Is it the Linux and whoever else finance system.

139
00:13:59,180 --> 00:14:02,910
Maybe I have configured the tools or she has not been installed.

140
00:14:02,910 --> 00:14:04,530
So it's Linux system.

141
00:14:04,530 --> 00:14:05,600
We have conformed with that.

142
00:14:05,910 --> 00:14:06,920
This is the next system.

143
00:14:06,940 --> 00:14:09,320
You can also try are these comments as well.

144
00:14:10,050 --> 00:14:13,170
What is a strange text file in the website troubador.

145
00:14:13,740 --> 00:14:21,070
So we got this one letter address and we have got this expert, Dr Pepper.

146
00:14:21,170 --> 00:14:25,710
But let's get Dr. Pepper.

147
00:14:28,780 --> 00:14:29,920
Not directly.

148
00:14:31,240 --> 00:14:32,570
It's just I do not remember.

149
00:14:33,460 --> 00:14:37,550
So we to Dr. Pepper dirty.

150
00:14:39,160 --> 00:14:43,080
So my answer is how many non non service even users are there?

151
00:14:43,300 --> 00:14:50,770
So to find out this, you need to go to the home further in that you will find the number of users who.

152
00:14:54,350 --> 00:14:58,150
In the conference room, find a home, there is a father who's available.

153
00:15:00,860 --> 00:15:01,470
Am I wrong?

154
00:15:06,060 --> 00:15:11,130
OK, I think there are zero, yes, zero.

155
00:15:12,180 --> 00:15:14,950
OK, my answer is there are not zero users.

156
00:15:14,970 --> 00:15:16,110
You can also check this.

157
00:15:17,040 --> 00:15:20,870
It's impossible to file for the end in order to receive from that.

158
00:15:20,940 --> 00:15:23,370
And why is this happening?

159
00:15:23,370 --> 00:15:23,700
Is.

160
00:15:26,170 --> 00:15:35,720
Go on to say who, but I put out my answer, the available data, and I need to get this done.

161
00:15:36,340 --> 00:15:37,350
OK, my answer is correct.

162
00:15:38,080 --> 00:15:40,650
So why do the users shall us?

163
00:15:41,350 --> 00:15:43,630
So what you can do is to find out.

164
00:15:44,320 --> 00:15:45,100
We need to read.

165
00:15:45,100 --> 00:15:53,890
The Tea Party will differ in that our user is the word that I need to re see the contents of the shell

166
00:15:54,430 --> 00:16:03,270
from where the shell is executing for this data to get it see already.

167
00:16:04,600 --> 00:16:07,470
And so there we go as well.

168
00:16:07,480 --> 00:16:14,420
All the services and the user you can see from the last there are no non users, right?

169
00:16:14,440 --> 00:16:16,690
There is only the one service.

170
00:16:17,020 --> 00:16:25,170
And you can see the whatever the data has encrypted password user group and some comment and the home

171
00:16:25,180 --> 00:16:31,140
folder where the whatever W and the user bin Asbill system will not it.

172
00:16:31,480 --> 00:16:37,480
So this is the directory where the shell is starting for this available data.

173
00:16:40,560 --> 00:16:46,830
So I personally want to use running, OK, this is I need to find using LSP.

174
00:16:48,650 --> 00:16:50,390
Police minister.

175
00:16:52,480 --> 00:16:58,630
So that is good reason to use this, uh, information about the next distribution.

176
00:16:58,840 --> 00:17:08,500
You can also find out this LSP release and there are some like this, what looks like a lesbian, gay

177
00:17:08,500 --> 00:17:14,820
and lesbian recipe, etc., which relates to the system information.

178
00:17:15,580 --> 00:17:18,570
So we have got this 18 zero four four.

179
00:17:19,480 --> 00:17:20,170
Copy this.

180
00:17:24,460 --> 00:17:28,930
So print out the what the old photos, Bonaparte Felder, Bernie Shaw.

181
00:17:31,530 --> 00:17:33,780
OK, what is the message of the day?

182
00:17:34,020 --> 00:17:37,380
I don't know what's the territory exactly the Maudy.

183
00:17:37,680 --> 00:17:39,480
Let me look at this, Maudy.

184
00:17:44,370 --> 00:17:52,590
So a bit more before Mardi Gras, so let me copy this one.

185
00:17:52,620 --> 00:17:55,710
Let me see whether this is the.

186
00:17:57,110 --> 00:18:03,350
Excerpt or not, so it is Daltry now let me see this aerofoil.

187
00:18:08,620 --> 00:18:15,620
OK, this is the I think this is harder, if not, let's try Dr. Pepper makes the world taste better.

188
00:18:17,750 --> 00:18:25,700
Superintendent Mark felt it very short and so beverage, so Dr. Pepper, maybe the beverage, because

189
00:18:25,700 --> 00:18:32,780
we have the two of us work on the platform, it's let me try this, Dr. Pepper.

190
00:18:33,410 --> 00:18:33,850
Good.

191
00:18:34,310 --> 00:18:39,810
OK, I talked to Dr. Neme, so we need to get the flag.

192
00:18:39,840 --> 00:18:40,030
Good.

193
00:18:40,100 --> 00:18:41,030
We're getting this far.

194
00:18:41,030 --> 00:18:42,410
We have completed the walk through.

195
00:18:42,860 --> 00:18:44,090
Oh.

196
00:18:44,810 --> 00:18:47,330
Exposed the vulnerability and get the flak for this.

197
00:18:47,330 --> 00:18:48,860
You can expect a better one.

198
00:18:50,930 --> 00:18:54,560
So I think we need to do this preregistration.

199
00:18:58,380 --> 00:19:04,050
OK, let's do this prescription, not a problem, need to.

200
00:19:06,750 --> 00:19:10,590
Let us review any other comments we can execute as to the.

201
00:19:13,390 --> 00:19:19,620
Oh, OK, I will explain this is an opportunity for you to get the pediatrician and also.

202
00:19:27,690 --> 00:19:33,750
So I discoursing about this in previous question topic, how to get the prescription together.

203
00:19:34,410 --> 00:19:36,000
So don't worry about this.

204
00:19:36,270 --> 00:19:41,570
Mr. Carter is only about this at the current injection or just current injection.

205
00:19:42,030 --> 00:19:45,780
I hope you have understood decongest the main concept.

206
00:19:45,780 --> 00:19:50,840
You need to understand this if you have any the current addiction possibilities.

207
00:19:50,850 --> 00:19:56,220
You need to execute this reversal for better convenience so you can go to this market.

208
00:19:56,220 --> 00:20:02,930
You cheat and you need to find out what programming languages have been installed on the Web server,

209
00:20:03,040 --> 00:20:10,730
Surbiton and BHP and the PSP to modify the IP address to the correct machine so that the connection

210
00:20:11,130 --> 00:20:16,170
to your correct machine and then we need to execute the revolution, then we will get the cell and we

211
00:20:16,170 --> 00:20:22,910
can comfortably consider a lot of, uh, whatever shortages are there.

212
00:20:23,670 --> 00:20:25,470
So don't worry about this.

213
00:20:25,830 --> 00:20:30,720
All Rorschach's and you of the network conditioning and prescription.

214
00:20:30,720 --> 00:20:34,380
After those sections, you get a card table.

215
00:20:34,440 --> 00:20:35,070
Are these.