1
00:00:00,730 --> 00:00:08,190
Now you know how you can use a injection in order to hack a website, but the whole process is manually,

2
00:00:08,470 --> 00:00:11,430
so you have to take part in the whole process.

3
00:00:11,920 --> 00:00:12,160
Right.

4
00:00:12,550 --> 00:00:19,540
But now in this video, we will see how we can automate the process and we will use a tool called Escorial

5
00:00:19,540 --> 00:00:20,000
Map.

6
00:00:20,860 --> 00:00:23,930
So what is a skill and how it actually works?

7
00:00:24,670 --> 00:00:27,400
So we will start with what is Eskild map first.

8
00:00:27,610 --> 00:00:33,720
So as MAP is a software that helps us to detect and exploit vulnerabilities in database.

9
00:00:34,460 --> 00:00:43,000
Also, it will help us to inject some malicious code into that database and it is open source software.

10
00:00:44,150 --> 00:00:45,710
So let's see how it works.

11
00:00:45,860 --> 00:00:52,820
First of all, let's open the browser and let's switch to Mattilda.

12
00:00:57,640 --> 00:01:00,790
So we have to enter the IP address of a Web server.

13
00:01:03,950 --> 00:01:05,510
And then open day.

14
00:01:07,040 --> 00:01:13,820
Now, here we have to switch to this step, which says injection extract data and user info.

15
00:01:15,530 --> 00:01:19,760
OK, now here, enter any user name or password.

16
00:01:19,790 --> 00:01:26,760
OK, because we don't know the password, so I have entered the wrong password now.

17
00:01:27,270 --> 00:01:27,860
Copy this.

18
00:01:27,860 --> 00:01:28,370
You ordered.

19
00:01:33,630 --> 00:01:34,830
And close the browser.

20
00:01:37,070 --> 00:01:46,460
And here they Eskil Map Hifa new novel I am using hyphen you for this, you have to type and I can help.

21
00:01:48,780 --> 00:01:55,570
OK, and here are so many options you can use with a scale map, right?

22
00:01:57,330 --> 00:02:05,670
So I am using Hifa new so that I can enter the euro or the target.

23
00:02:05,680 --> 00:02:06,870
You all right?

24
00:02:07,230 --> 00:02:08,490
So there are so many options.

25
00:02:08,490 --> 00:02:09,730
We will use some of them.

26
00:02:10,110 --> 00:02:11,880
But first, let's continue with.

27
00:02:15,060 --> 00:02:23,940
Eskil map, I found you and then based on the wall, OK, and close this in double quotes.

28
00:02:24,750 --> 00:02:34,320
Now I have added the wilkos so that a school map will read each spatial character like Dot Hyphen is

29
00:02:34,320 --> 00:02:35,540
equal to etc..

30
00:02:36,150 --> 00:02:36,500
Right.

31
00:02:37,790 --> 00:02:38,930
And Ed.

32
00:02:41,300 --> 00:02:44,330
And now let's wait for the process to complete.

33
00:02:45,800 --> 00:02:49,060
So it's a long process, so I have to pause the video.

34
00:02:52,030 --> 00:02:56,000
Now it's asking some questions like, do you want to skip the test payloads?

35
00:02:57,700 --> 00:03:00,030
OK, so you can press why here.

36
00:03:01,240 --> 00:03:03,610
And again, you can press.

37
00:03:03,610 --> 00:03:04,020
Right.

38
00:03:05,410 --> 00:03:08,230
And now let's wait for the process to complete.

39
00:03:10,730 --> 00:03:14,570
Finally, the process has been completed and here is the output.

40
00:03:14,780 --> 00:03:19,580
It says the back end database management system is my Ezekial, which is correct.

41
00:03:20,150 --> 00:03:28,100
Now, operating system, Barzani's Lennix, Window BHB, BHP and is this and Web server, which is Apache

42
00:03:28,250 --> 00:03:33,430
is running on 2.0 that it wasn't right and MySQL was and is five.

43
00:03:34,280 --> 00:03:38,260
Now, all of the information provided here is absolutely correct.

44
00:03:38,450 --> 00:03:39,770
Right now.

45
00:03:39,770 --> 00:03:43,060
It says fetch data, log to text file under this.

46
00:03:43,070 --> 00:03:49,560
So anytime if you want to see this output again, you can switch to this directory.

47
00:03:49,610 --> 00:03:54,410
OK, this is the part where this data has been stored right now.

48
00:03:54,410 --> 00:03:59,960
Let's see what more we can do using Eskild map and let's explore the database.

49
00:04:00,740 --> 00:04:01,370
And now.

50
00:04:04,550 --> 00:04:14,600
OK, so repeat the combined last command and then type hyphenation current hyphen DBI stands for database.

51
00:04:14,840 --> 00:04:21,320
So we're asking a ESKIL that which is the current database here is zero, which is default.

52
00:04:22,070 --> 00:04:26,300
And now you can see that the current database name is already then.

53
00:04:27,080 --> 00:04:29,300
OK, so.

54
00:04:32,160 --> 00:04:38,580
Let's repeat the command and this time, as we know the database name, so we use a hyphen and then

55
00:04:38,580 --> 00:04:40,920
the name of the database and then.

56
00:04:42,410 --> 00:04:45,720
Hyphen, hyphen columns.

57
00:04:46,580 --> 00:04:54,390
OK, so now we will asking a school map to show all of the available columns under arrest, then database.

58
00:04:54,740 --> 00:04:56,970
So here is a list of all of the columns.

59
00:04:56,990 --> 00:04:57,350
Right.

60
00:04:57,860 --> 00:05:02,630
So we will use, let's say, this one username and password.

61
00:05:02,660 --> 00:05:02,970
OK.

62
00:05:02,990 --> 00:05:03,660
Both of these.

63
00:05:04,040 --> 00:05:10,100
So let's try them and let's remove columns, type hyphen, capital S..

64
00:05:10,670 --> 00:05:18,400
And then name of the column, let's say password, comma, username or user name.

65
00:05:18,450 --> 00:05:24,140
OK, and then hyphenation tables hit enter.

66
00:05:24,980 --> 00:05:31,220
And now we're asking a school map to show all of the available papers under these two columns.

67
00:05:31,490 --> 00:05:32,480
So zero.

68
00:05:35,000 --> 00:05:39,150
Done now here are all of the available tables, right?

69
00:05:39,710 --> 00:05:41,120
So repeat the last command.

70
00:05:42,550 --> 00:05:49,150
And they t and then the name of the table, which is accounts, OK, and then hyphenation don't.

71
00:05:54,500 --> 00:05:56,480
Now, let's wait for the output.

72
00:05:57,710 --> 00:06:02,820
So here are all the available usernames and passwords, right?

73
00:06:03,560 --> 00:06:11,420
So this way you can use a map to automate the process of injecting ESKIL injections and exploring the

74
00:06:11,420 --> 00:06:13,700
database right now.

75
00:06:13,730 --> 00:06:17,360
This only works on the websites which are still vulnerable.