1
00:00:00,430 --> 00:00:07,650
In this lesson, we will see how they can hack into our target website using ESKIL injection.

2
00:00:08,470 --> 00:00:16,170
So in my virtual environment I am using callisthenics as my client machine and I'm going to access Web

3
00:00:16,180 --> 00:00:18,490
server directly using IP address.

4
00:00:18,620 --> 00:00:21,510
OK, I'm not using being a server in between.

5
00:00:22,030 --> 00:00:26,110
And this is my Web server and web server is MLO Tabun.

6
00:00:27,190 --> 00:00:33,790
So Middies Floatable using a web server called Apogee and database name Myersville.

7
00:00:34,180 --> 00:00:34,530
Right.

8
00:00:35,570 --> 00:00:44,000
So what is Eskil OK, or Eskil injection, so an injection is a very popular vulnerability, right?

9
00:00:44,480 --> 00:00:50,790
And Eskil is a structured query language which help a website to interact with its database.

10
00:00:50,810 --> 00:00:59,300
As you know, most of the websites use databases to store their data data like username, password or

11
00:00:59,330 --> 00:01:05,600
other critical information, etc. And so the data is stored in databases in the form of tables, which

12
00:01:05,600 --> 00:01:07,430
consist of rows and columns.

13
00:01:07,700 --> 00:01:14,150
OK, so Eskil is the language which help a Web application to interact with data in order to read data,

14
00:01:14,180 --> 00:01:17,110
abdeh data or delete data, etc..

15
00:01:17,990 --> 00:01:21,990
Now here is the Middlesborough table, which is a web server.

16
00:01:22,010 --> 00:01:24,930
So first of all, let's find out its IP address.

17
00:01:25,310 --> 00:01:27,620
It is standard zero 2.5.

18
00:01:27,920 --> 00:01:32,830
Now let's switch to client machine, which is Scali, OK?

19
00:01:33,230 --> 00:01:36,780
And now I'm not going to hack into any website.

20
00:01:36,800 --> 00:01:42,110
Instead, I first want you to show how database look like.

21
00:01:42,380 --> 00:01:46,250
So my Ezekial hyphen U hyphen you stand for user.

22
00:01:46,250 --> 00:01:47,320
User name is route.

23
00:01:48,230 --> 00:01:56,530
Now my web server, which is most notable, is not using any password and then the IP of the web server.

24
00:01:57,170 --> 00:02:02,150
See now I am in the MySQL of 10 or 2.5.

25
00:02:03,250 --> 00:02:06,430
The first command we use is data bases.

26
00:02:06,470 --> 00:02:17,620
OK, so show databases and then hit enter and here you even see all of the databases right now.

27
00:02:17,620 --> 00:02:18,890
We will use this one.

28
00:02:19,450 --> 00:02:24,030
So let's use w e OK.

29
00:02:24,040 --> 00:02:24,940
And hit enter.

30
00:02:25,210 --> 00:02:26,650
It says database changed.

31
00:02:27,700 --> 00:02:32,990
Now they show tables, as I told you, that they stored in the form of tables.

32
00:02:33,880 --> 00:02:35,400
So here are two tables.

33
00:02:35,890 --> 00:02:38,320
First is Guestbook and other users.

34
00:02:38,410 --> 00:02:40,470
So let's see information about users.

35
00:02:40,840 --> 00:02:44,140
So select star from.

36
00:02:45,340 --> 00:02:52,670
Users could enter and see this when you get access to a database of a website.

37
00:02:52,690 --> 00:02:58,760
So this is the user really first name, last name and this is the user name, which is admin.

38
00:02:58,780 --> 00:03:00,520
OK, and then there is password.

39
00:03:01,780 --> 00:03:08,890
OK, and this is the Eurail to access or to get a login page.

40
00:03:09,070 --> 00:03:09,400
OK.

41
00:03:12,720 --> 00:03:18,780
No, actually, it's a deputy, right, so we go to the login page of debatably, and then if we try

42
00:03:18,810 --> 00:03:23,680
this as a user name and this is the password, we will be able to get access into that website.

43
00:03:23,700 --> 00:03:24,060
Right.

44
00:03:24,750 --> 00:03:29,100
So let's exit for now and let me open a browser.

45
00:03:29,820 --> 00:03:30,810
That's the Firefox.

46
00:03:31,380 --> 00:03:37,620
And if you type in that order 2.5, you will be able to see all of the Web applications that are posted

47
00:03:37,620 --> 00:03:38,160
on me.

48
00:03:39,540 --> 00:03:42,250
OK, now you can open any of them.

49
00:03:42,270 --> 00:03:43,230
So this is.

50
00:03:44,770 --> 00:03:49,260
OK, it's using BHP and here you can enter username and password.

51
00:03:50,270 --> 00:03:56,060
As we have extracted earlier, right, let's go back and if you want to access to a database, you can

52
00:03:56,060 --> 00:03:57,870
also go to BHB, my elamine.

53
00:03:58,950 --> 00:04:10,070
OK, so these are some of the reconfigured websites in exploitable, OK, so that the penetration testers

54
00:04:10,070 --> 00:04:16,280
can perform their penetration testing techniques on all of these websites like.