1
00:00:00,930 --> 00:00:09,090
Now, let's use as fuel injection to hack our target website, so first of all, let's open our Web

2
00:00:09,090 --> 00:00:20,970
browser, so 10 or 2.5 and let's open a website, BBWAA, and let's type the user name and password,

3
00:00:20,970 --> 00:00:23,960
like eliminate admin, OK?

4
00:00:23,970 --> 00:00:27,430
It's not working, so let's try admin and password.

5
00:00:29,490 --> 00:00:34,410
OK, so we are able to log in to this website right now.

6
00:00:34,410 --> 00:00:40,530
You might be thinking that why I'm using these kind of easy passwords, because there are still some

7
00:00:40,530 --> 00:00:45,290
website owners that are using these kind of simple passwords on their websites.

8
00:00:45,780 --> 00:00:46,050
Right.

9
00:00:46,320 --> 00:00:48,040
So don't ignore the little things.

10
00:00:48,540 --> 00:00:54,030
Now, let's load from here and let's switch to another website.

11
00:00:56,430 --> 00:00:59,040
Let's set this one, which is Medidata.

12
00:01:01,130 --> 00:01:04,070
Now click here, login or register.

13
00:01:04,550 --> 00:01:07,670
OK, so let's try the same thing here as well.

14
00:01:10,430 --> 00:01:18,110
OK, not working admin password again, not working.

15
00:01:18,480 --> 00:01:24,860
OK, so first of all, let's find out the real username and password for this website.

16
00:01:25,770 --> 00:01:29,420
So let's switch to our terminal.

17
00:01:33,180 --> 00:01:36,420
OK, now let's try to log in

18
00:01:39,060 --> 00:01:41,670
again, show databases.

19
00:01:44,190 --> 00:01:50,300
Use of ESP then, so Westend is used by Mojadidi.

20
00:01:50,490 --> 00:01:55,110
OK, hit, enter and let's show Gable's.

21
00:01:57,900 --> 00:02:03,780
And select staff from accounts.

22
00:02:08,600 --> 00:02:16,000
OK, so username and password is admin buzz, OK, and this is the signature is Elamine Drew.

23
00:02:16,400 --> 00:02:20,160
So this is the admin and this is another admin user.

24
00:02:20,460 --> 00:02:28,520
Right now, let's close this and let's try to log in using admin and admin pass.

25
00:02:31,140 --> 00:02:31,600
OK.

26
00:02:31,920 --> 00:02:36,460
It says, we are not able to log in via OK, here is an error.

27
00:02:36,920 --> 00:02:43,800
Now, if you are using this for the very first time, then you will also get the same error.

28
00:02:43,860 --> 00:02:51,060
OK, there are chances that you will get the same error in that case, switch to your MLO label and

29
00:02:52,620 --> 00:02:59,480
change your directory to where w w w and motility.

30
00:02:59,900 --> 00:03:03,770
OK, and now let's edit a configuration file.

31
00:03:04,170 --> 00:03:11,130
So we use Neno, Neno is a text editor and then config file.

32
00:03:11,250 --> 00:03:16,680
OK, but before it aired sudo hit enter.

33
00:03:18,190 --> 00:03:28,020
OK, now let's change this thing, OK, which is databased name to change, databased name to all of

34
00:03:28,050 --> 00:03:29,050
us then.

35
00:03:30,110 --> 00:03:36,260
Now, to save the final use control X and Y hit enter.

36
00:03:37,690 --> 00:03:48,550
Then now let's switch back to Cali and let's try admin and admin bus.

37
00:03:51,710 --> 00:03:55,400
OK, so now we are logged in as admin then.

38
00:03:57,450 --> 00:04:07,230
Click on Logged, now let's try the same thing using Eskil injection, so Edman and simply a single

39
00:04:07,230 --> 00:04:09,000
good hit Enter.

40
00:04:10,630 --> 00:04:20,970
Now, read this line, which says, Select a star from accounts where user name is admin and password.

41
00:04:20,980 --> 00:04:22,680
Is this OK?

42
00:04:24,230 --> 00:04:36,530
So let's select this line and let me open a file editor or edit, OK, it is a graphical editor.

43
00:04:37,730 --> 00:04:40,030
Now, what's happening behind the scenes?

44
00:04:40,340 --> 00:04:43,420
The system will be selected from accounts.

45
00:04:43,430 --> 00:04:46,490
OK, account is a table in which we have access to only.

46
00:04:46,570 --> 00:04:46,960
Right.

47
00:04:47,300 --> 00:04:49,020
So user name is admin, OK?

48
00:04:49,070 --> 00:04:49,850
That's correct.

49
00:04:51,260 --> 00:04:54,540
Now, password is this, which is wrong.

50
00:04:55,310 --> 00:04:57,200
That's why it's giving us an error.

51
00:04:57,590 --> 00:04:59,900
OK, so delayed this for now.

52
00:05:00,440 --> 00:05:04,450
And let's try to bypass this authentication using a injection.

53
00:05:05,000 --> 00:05:11,350
So let's say I want to try password as one, two, three, four, five, six, which you know, it is

54
00:05:11,360 --> 00:05:13,790
a wrong password right now.

55
00:05:15,580 --> 00:05:18,780
And a single chord here, OK?

56
00:05:19,990 --> 00:05:25,060
And then space order one is equal to one.

57
00:05:25,810 --> 00:05:30,020
Now, what happening is we have provided two different conditions.

58
00:05:30,090 --> 00:05:38,570
OK, two different statements that whether this is a password, but if not, then one is equal to one.

59
00:05:38,750 --> 00:05:41,070
So, yes, this condition is true.

60
00:05:41,200 --> 00:05:43,110
One is actually equal to one.

61
00:05:44,230 --> 00:05:52,090
So we are informing system that, hey, we are providing you two different conditions, this and this.

62
00:05:52,390 --> 00:06:03,370
If any of them is true, then you must allow us to log into our account now space and hash hash Stobbs

63
00:06:03,370 --> 00:06:06,340
system from reading further information.

64
00:06:06,640 --> 00:06:10,320
OK, so system is not able to go beyond hash, right?

65
00:06:11,350 --> 00:06:20,650
So now the actual scenario is like this based here, so it will look like this fourth system.

66
00:06:20,950 --> 00:06:26,350
So system will check whether a user name element is existing in its stable account or not.

67
00:06:26,380 --> 00:06:28,930
So yes, it is a user name which exists.

68
00:06:29,380 --> 00:06:29,660
Right.

69
00:06:30,040 --> 00:06:32,260
Then it will check whether it has a password.

70
00:06:32,260 --> 00:06:33,370
123456.

71
00:06:33,640 --> 00:06:34,720
No, it is wrong.

72
00:06:35,200 --> 00:06:40,910
But still, we have provided one more condition that all one is equal to one.

73
00:06:40,930 --> 00:06:42,460
So yes, it is true.

74
00:06:43,370 --> 00:06:48,520
OK, then system will not read this single code because of hash.

75
00:06:49,510 --> 00:06:49,850
Right?

76
00:06:50,410 --> 00:06:57,310
So let's try this and let's see whether we are able to bypass authentication or not.

77
00:06:59,930 --> 00:07:08,210
Coming back to login page, so user name is admin and password list Baystate and click on login.

78
00:07:10,160 --> 00:07:15,120
So, yes, we have successfully logged in as admin, right?

79
00:07:15,530 --> 00:07:20,420
So this way is a good indication actually works right now.

80
00:07:20,420 --> 00:07:24,560
You may see here that our security level is zero right now.

81
00:07:24,590 --> 00:07:28,850
OK, so security level is zero, which is a low security.

82
00:07:29,210 --> 00:07:37,330
Now, let's increase our website security by clicking on this step, which is double security, OK,

83
00:07:37,340 --> 00:07:40,390
now at security level has been improved.

84
00:07:41,240 --> 00:07:47,330
So let's log and let's try to log in again using the same password.

85
00:07:49,010 --> 00:07:52,040
OK, now it says username too long.

86
00:07:52,040 --> 00:07:54,080
We don't want to many characters, so might have enough.

87
00:07:54,290 --> 00:07:57,620
OK, see now the system stopped us.

88
00:07:58,170 --> 00:08:00,830
OK, so this is the level of security.

89
00:08:00,990 --> 00:08:07,060
OK, now in the next video, I will show you how you can bypass improved security as well.