1 00:00:00,330 --> 00:00:06,360 In this video, we're going to take a look at this change to the tax posture and this data will be exposed 2 00:00:06,390 --> 00:00:12,570 using up with anyone, whether it is clever or any other, uh, vulnerability. 3 00:00:12,990 --> 00:00:21,450 But in this trackway room of the PORTEN, they have shown that there is a database leak and we can see 4 00:00:21,450 --> 00:00:22,920 what's going on in that database. 5 00:00:23,280 --> 00:00:30,450 So they have given here a few examples and there is a database file and you can open this with a security. 6 00:00:30,630 --> 00:00:38,910 So this is also, uh, similar to the MySQL we have had before, but it is used for, uh, very small 7 00:00:38,910 --> 00:00:39,480 projects. 8 00:00:39,840 --> 00:00:43,320 And this my is used for small and medium scale projects. 9 00:00:43,590 --> 00:00:49,180 So it will be very simple to open this database for using this correctly. 10 00:00:49,410 --> 00:00:54,540 And they have also shown you that, uh, that was to to lift the tables. 11 00:00:55,770 --> 00:01:04,350 And now what we are told is they'll set this material to and they have also they are searching this 12 00:01:04,350 --> 00:01:07,850 current situation, uh, website to crack the password hashes. 13 00:01:08,460 --> 00:01:09,020 So, OK. 14 00:01:09,090 --> 00:01:10,350 Now let's do this challenge. 15 00:01:10,560 --> 00:01:11,910 So this is very simple. 16 00:01:12,280 --> 00:01:15,710 Just the data is being exposed using the vulnerability. 17 00:01:16,140 --> 00:01:18,270 Uh, this is a skill on ability. 18 00:01:18,660 --> 00:01:25,380 And what you want to do is we need to extract as much data, as much useful information from this data 19 00:01:25,620 --> 00:01:26,040 server. 20 00:01:26,040 --> 00:01:27,930 Copy this and go to this website. 21 00:01:28,110 --> 00:01:31,410 So we have here this is a server condescension, sensitivity. 22 00:01:31,980 --> 00:01:38,150 So I click on this login so you can perform this as good indications as well. 23 00:01:38,490 --> 00:01:45,040 But what I have on this, I proceed to control you to see the, uh, page, uh, source code. 24 00:01:45,060 --> 00:01:52,740 So there is like plain text that you always you check the, uh, source code for the comments or any 25 00:01:52,740 --> 00:01:54,320 other useful information. 26 00:01:54,360 --> 00:02:01,080 Sometimes even comments can contain very useful information, which can be very useful, insidious and 27 00:02:01,080 --> 00:02:02,080 also normative. 28 00:02:03,210 --> 00:02:05,170 I know there is an image. 29 00:02:05,230 --> 00:02:06,300 Let me open this. 30 00:02:10,220 --> 00:02:15,350 So this so he's like Imagists, let me go to this. 31 00:02:17,390 --> 00:02:24,260 So this is the same challenge that is in the order, not us, and if you you can just take a look at 32 00:02:24,260 --> 00:02:25,340 this, there is one level. 33 00:02:25,340 --> 00:02:30,290 Each is similar to like this be made and you need to go back to the apparatus, could click on this 34 00:02:30,330 --> 00:02:33,470 predator and you have this face, you can see the result. 35 00:02:34,490 --> 00:02:43,020 So this is the database file which is getting exposed to normal user, so to say file and go to downloads, 36 00:02:43,110 --> 00:02:44,760 returns to your. 37 00:02:45,980 --> 00:02:53,390 And let me open this using this escalatory application. 38 00:02:54,290 --> 00:02:57,920 Now you can see that Helfer comments are going to execute. 39 00:02:59,750 --> 00:03:03,110 So these are the kinds I can execute, unfortunately. 40 00:03:04,070 --> 00:03:07,950 I traded a school case, then I just got stuck. 41 00:03:08,990 --> 00:03:13,100 So now what we have to do is you need to share that database's. 42 00:03:18,580 --> 00:03:28,150 So there is OK, this is the data sorry, we need to reset the tables, so let me say this. 43 00:03:31,790 --> 00:03:39,460 So there are tutorial sessions and users let me use the data from the sessions, so start from sessions. 44 00:03:40,370 --> 00:03:47,870 So this experiment has been successful executer but other comments like Shorter will show that the visuals 45 00:03:47,870 --> 00:03:49,010 are not executing. 46 00:03:49,620 --> 00:03:50,540 Uh, no. 47 00:03:50,810 --> 00:03:54,250 I think the sessions table has been empty. 48 00:03:54,260 --> 00:03:54,620 No. 49 00:03:58,250 --> 00:04:05,370 So from the user's table, you have this admin boundaries, so I don't know, I think this is the harsh 50 00:04:07,130 --> 00:04:10,210 reality check or cockiness. 51 00:04:10,490 --> 00:04:12,020 And they have mentioned the. 52 00:04:12,800 --> 00:04:18,430 Let me pasted in here and that this website cracked the hashes for you. 53 00:04:21,930 --> 00:04:28,010 It's not fun, but we do use the hash, try this. 54 00:04:29,590 --> 00:04:36,070 So we can't really see the difference between Herschend or not normal value. 55 00:04:41,120 --> 00:04:48,860 OK, this is the hash, OK, sorry for this, we have got this to you are your copy this and open a 56 00:04:48,950 --> 00:04:49,400 open. 57 00:04:56,930 --> 00:04:58,590 Analysts say. 58 00:05:01,890 --> 00:05:14,190 I mean, past four years, this one and the same are let me try to crack these passwords of Buganda's 59 00:05:14,940 --> 00:05:17,340 copy and paste it here. 60 00:05:23,660 --> 00:05:25,670 And the about is destitute. 61 00:05:30,680 --> 00:05:33,530 So do the same for this, Alice. 62 00:05:45,840 --> 00:05:50,070 So maybe the hash of these arrests was difficult. 63 00:05:50,320 --> 00:05:55,890 OK, so what they have done, what they are asking is why do they never mentioned the three? 64 00:05:56,950 --> 00:05:58,980 You have got this assets. 65 00:05:59,250 --> 00:06:01,440 So it's that it's. 66 00:06:08,610 --> 00:06:14,640 So now we're together three, four in question, what and what stands out likely to continue and which 67 00:06:14,640 --> 00:06:15,890 is where the. 68 00:06:19,070 --> 00:06:23,540 Use this opportunity to access the data and what is the password of that one user? 69 00:06:23,840 --> 00:06:26,360 So this is the password hash of this admin user. 70 00:06:28,620 --> 00:06:33,030 I don't think I'll be this and pasted in the answer for. 71 00:06:34,970 --> 00:06:39,500 And what is that plaintext, quartey, you or you will be? 72 00:06:45,560 --> 00:06:54,350 Now, what they are asking to in as they had been and what is so also, we need to use this as a message 73 00:06:54,350 --> 00:07:01,160 to login as the search had been, the date of the I.P. address. 74 00:07:02,960 --> 00:07:07,850 I think as such, maybe the search service is running on that computer. 75 00:07:13,780 --> 00:07:21,370 All right, so I just forgot this, there is a law in place so you can just log in to the settlement 76 00:07:21,580 --> 00:07:24,940 and covid is password. 77 00:07:33,240 --> 00:07:37,510 So you need to memorize all the elements of this achievement. 78 00:07:37,540 --> 00:07:42,380 You see, this is a in which is the end of this toolbar. 79 00:07:42,810 --> 00:07:53,220 And if you log in and they welcome it and there is a flag, it's going to cover this and just pasted 80 00:07:53,220 --> 00:07:53,670 in here. 81 00:07:57,100 --> 00:08:04,930 So, as you can see, simple database has been exposed and from the database we have got this past year 82 00:08:05,140 --> 00:08:12,070 and we have corrected those issues with correction, and then we log in to this council as the admin 83 00:08:12,520 --> 00:08:18,520 so you can see even a small file exposer will create many problems. 84 00:08:19,060 --> 00:08:22,810 Even now you can see are the users here. 85 00:08:22,840 --> 00:08:26,320 He can delete the rest of the article, reset the puzzle. 86 00:08:26,770 --> 00:08:36,760 So simple database file or any simple change to data exposer is very dangerous and you need to protect 87 00:08:36,760 --> 00:08:38,430 this or those files. 88 00:08:39,970 --> 00:08:46,170 So I hope you have understood this to ensure that it can be exposed by any matter. 89 00:08:46,510 --> 00:08:52,210 But what we want to do is you need to look for these important assets are important data.