All language subtitles for [English (United States)] Ethical Hacking Full Course - Learn Ethical Hacking in 10 Hours _ Ethical Hacking Tutorial _ Edureka [DownSub.com]
Afrikaans
Translate
Albanian
Translate
Amharic
Translate
Arabic
Translate
Armenian
Translate
Azerbaijani
Translate
Basque
Translate
Belarusian
Translate
Bengali
Translate
Bosnian
Translate
Bulgarian
Translate
Catalan
Translate
Cebuano
Translate
Chichewa
Translate
Chinese (Simplified)
Translate
Chinese (Traditional)
Translate
Corsican
Translate
Croatian
Translate
Czech
Translate
Danish
Translate
Dutch
Translate
English
Translate
Esperanto
Translate
Estonian
Translate
Filipino
Translate
Finnish
Translate
French
Translate
Frisian
Translate
Galician
Translate
Georgian
Translate
German
Translate
Greek
Translate
Gujarati
Translate
Haitian Creole
Translate
Hausa
Translate
Hawaiian
Translate
Hebrew
Translate
Hindi
Translate
Hmong
Translate
Hungarian
Translate
Icelandic
Translate
Igbo
Translate
Indonesian
Translate
Irish
Translate
Italian
Translate
Japanese
Translate
Javanese
Translate
Kannada
Translate
Kazakh
Translate
Khmer
Translate
Korean
Translate
Kurdish (Kurmanji)
Translate
Kyrgyz
Translate
Lao
Translate
Latin
Translate
Latvian
Translate
Lithuanian
Translate
Luxembourgish
Translate
Macedonian
Translate
Malagasy
Translate
Malay
Translate
Malayalam
Translate
Maltese
Translate
Maori
Translate
Marathi
Translate
Mongolian
Translate
Myanmar (Burmese)
Translate
Nepali
Translate
Norwegian
Translate
Pashto
Translate
Persian
Translate
Polish
Translate
Portuguese
Translate
Punjabi
Translate
Romanian
Translate
Russian
Translate
Samoan
Translate
Scots Gaelic
Translate
Serbian
Translate
Sesotho
Translate
Shona
Translate
Sindhi
Translate
Sinhala
Translate
Slovak
Translate
Slovenian
Translate
Somali
Translate
Spanish
Translate
Sundanese
Translate
Swahili
Translate
Swedish
Translate
Tajik
Translate
Tamil
Translate
Telugu
Translate
Thai
Translate
Turkish
Translate
Ukrainian
Translate
Urdu
Translate
Uzbek
Translate
Vietnamese
Translate
Welsh
Translate
Xhosa
Translate
Yiddish
Translate
Yoruba
Translate
Zulu
Translate
Odia (Oriya)
Translate
Kinyarwanda
Translate
Turkmen
Translate
Tatar
Translate
Uyghur
Translate
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:06,800 --> 00:00:08,770
Hi guys, my name
is Aarya and I'm going
2
00:00:08,770 --> 00:00:11,000
to be your instructor
for this course today.
3
00:00:11,000 --> 00:00:13,327
So in this Ethical
Hacking full course video,
4
00:00:13,327 --> 00:00:15,971
we'll be learning almost
everything that is required
5
00:00:15,971 --> 00:00:18,200
for you to get started
as an Ethical Hacker.
6
00:00:18,200 --> 00:00:20,156
So come let's quickly go
over the topics
7
00:00:20,156 --> 00:00:22,399
that we are going
to be covering today firstly.
8
00:00:22,399 --> 00:00:25,100
We're going to be going
to the basics of cyber security
9
00:00:25,100 --> 00:00:25,972
and cryptography
10
00:00:25,972 --> 00:00:28,100
where we'll be learning
the key concepts
11
00:00:28,100 --> 00:00:30,632
of confidentiality
integrity and availability
12
00:00:30,632 --> 00:00:32,900
and how the cryptography
Concepts also tie
13
00:00:32,900 --> 00:00:34,700
into the whole picture next.
14
00:00:34,700 --> 00:00:36,600
We'll be looking
at some cyber threats.
15
00:00:36,600 --> 00:00:37,248
We be seeing
16
00:00:37,248 --> 00:00:39,847
how the Cyber threads
actually affect our computer
17
00:00:39,847 --> 00:00:42,500
and then we will also see
how we can mitigate them.
18
00:00:42,500 --> 00:00:44,097
After which we will be looking
19
00:00:44,097 --> 00:00:46,000
into the history
of ethical hacking.
20
00:00:46,000 --> 00:00:47,497
We learn how this all began
21
00:00:47,497 --> 00:00:49,939
in the Massachusetts
Institute of Technology.
22
00:00:49,939 --> 00:00:52,763
And then we will be looking
into the fundamentals
23
00:00:52,763 --> 00:00:55,670
of networking and ethical
hacking in this will be learning
24
00:00:55,670 --> 00:00:56,556
the various tools
25
00:00:56,556 --> 00:00:57,321
that are used
26
00:00:57,321 --> 00:01:00,100
in ethical hacking and also
the network architectures.
27
00:01:00,100 --> 00:01:02,000
These tools are used
in after this.
28
00:01:02,000 --> 00:01:03,300
We will be having a look
29
00:01:03,300 --> 00:01:05,625
into what the most
famous operating systems
30
00:01:05,625 --> 00:01:06,400
that is there.
31
00:01:06,400 --> 00:01:07,519
That is Kali Linux.
32
00:01:07,519 --> 00:01:09,508
Kali Linux is used
by ethical hackers
33
00:01:09,508 --> 00:01:11,000
and penetration testers all
34
00:01:11,000 --> 00:01:12,900
around the world
will be learning
35
00:01:12,900 --> 00:01:13,763
how to install this
36
00:01:13,763 --> 00:01:16,150
on our local systems
will be learning the tools
37
00:01:16,150 --> 00:01:17,300
that come along with it
38
00:01:17,300 --> 00:01:19,900
and Bash we should be using
them after that.
39
00:01:19,900 --> 00:01:22,100
We'll be learning
about penetration testing
40
00:01:22,100 --> 00:01:22,900
and penetration.
41
00:01:22,900 --> 00:01:24,800
Testing is a subset
of ethical hacking.
42
00:01:25,100 --> 00:01:28,141
So in this we will be learning
about a tool called Metasploit
43
00:01:28,141 --> 00:01:30,074
and using Metasploit
will be learning.
44
00:01:30,074 --> 00:01:32,679
Learn more about vulnerability
analysis and how we
45
00:01:32,679 --> 00:01:35,500
can install back doors
in different computer systems
46
00:01:35,500 --> 00:01:36,600
and take advantages
47
00:01:36,600 --> 00:01:40,100
of these vulnerabilities now
nmap is also another tool
48
00:01:40,100 --> 00:01:42,249
that we are going
to be discussing in this course,
49
00:01:42,249 --> 00:01:43,200
we will be learning
50
00:01:43,200 --> 00:01:45,316
how we can use nmap
to gather information
51
00:01:45,316 --> 00:01:46,551
from our networks and
52
00:01:46,551 --> 00:01:49,767
how we can use this information
to our advantage after that.
53
00:01:49,767 --> 00:01:52,445
We'll be learning deeply
about three cyber attacks
54
00:01:52,445 --> 00:01:54,563
that are there
in this industry first
55
00:01:54,563 --> 00:01:58,100
is cross-site scripting secondly
distributed denial of service
56
00:01:58,100 --> 00:02:00,100
and thirdly SQL
injection attacks.
57
00:02:00,200 --> 00:02:03,000
Now we be doing these attacks
ourselves on dummy targets
58
00:02:03,000 --> 00:02:04,800
and learning more
about these attacks
59
00:02:04,800 --> 00:02:07,850
and how they are orchestrated
and thus we will be learning
60
00:02:07,850 --> 00:02:09,400
more about how we
can mitigate them.
61
00:02:09,400 --> 00:02:12,100
If we actually become
ethical hackers now,
62
00:02:12,100 --> 00:02:13,400
we will also be discussing
63
00:02:13,400 --> 00:02:16,400
some very Advanced cryptography
methods called steganography,
64
00:02:16,400 --> 00:02:19,000
which is basically used
for hiding digital code
65
00:02:19,000 --> 00:02:22,535
inside images last but not the
least we will be also discussing
66
00:02:22,535 --> 00:02:25,100
how you could become
an ethical hacker yourself.
67
00:02:25,100 --> 00:02:27,300
So we'll be discussing
a roadmap will also
68
00:02:27,300 --> 00:02:29,841
be discussing the job profiles
that are there in the industry.
69
00:02:29,841 --> 00:02:31,842
Re and we will also
be discussing the companies
70
00:02:31,842 --> 00:02:34,495
that are hiring for these job
profiles along with the salaries
71
00:02:34,495 --> 00:02:35,800
that they are trying to offer.
72
00:02:36,100 --> 00:02:39,000
Also, we won't be leaving
hanging right there will also
73
00:02:39,000 --> 00:02:41,620
be discussing the 50 most
common interview questions
74
00:02:41,620 --> 00:02:43,675
that come along
with these job profiles
75
00:02:43,675 --> 00:02:44,800
so that you can snag
76
00:02:44,800 --> 00:02:48,346
that job interview and if you do
like our content in the end,
77
00:02:48,346 --> 00:02:49,700
please leave us a like,
78
00:02:49,700 --> 00:02:50,832
please leave a comment
79
00:02:50,832 --> 00:02:53,200
if you want to and do hit
the Subscribe button
80
00:02:53,200 --> 00:02:55,200
so that you can
join our ever-growing
81
00:02:55,200 --> 00:02:56,600
community of learners.
82
00:03:01,800 --> 00:03:03,179
It can be rightfully said
83
00:03:03,179 --> 00:03:05,533
that today's generation
lives on the internet
84
00:03:05,533 --> 00:03:08,094
and we generally users
are almost ignorant as to
85
00:03:08,094 --> 00:03:09,800
how those random bits of ones
86
00:03:09,800 --> 00:03:12,150
and zeros Rich securely
to a computer.
87
00:03:12,150 --> 00:03:15,200
It's not magic its work
and sweat that makes sure
88
00:03:15,200 --> 00:03:18,814
that your packets reach to you
on sniffed today Ira ball
89
00:03:18,814 --> 00:03:19,800
from at Eureka.
90
00:03:19,800 --> 00:03:22,664
I'm here to tell you guys
about how cybersecurity makes
91
00:03:22,664 --> 00:03:23,900
this all possible now
92
00:03:23,900 --> 00:03:26,190
before we begin let me brief
you all about the topics
93
00:03:26,190 --> 00:03:27,600
that we're going to cover today.
94
00:03:27,600 --> 00:03:29,598
So basically we're going
to ask three questions.
95
00:03:29,598 --> 00:03:30,898
Options that are important
96
00:03:30,898 --> 00:03:33,100
to cybersecurity firstly
we're going to see why
97
00:03:33,100 --> 00:03:35,500
cyber security is needed next
we're going to see
98
00:03:35,500 --> 00:03:37,128
what exactly is cyber security
99
00:03:37,128 --> 00:03:39,894
and in the end I'm going
to show you also a scenario
100
00:03:39,894 --> 00:03:42,800
how cybersecurity can save
a whole organization
101
00:03:42,800 --> 00:03:44,449
from organized cybercrime.
102
00:03:44,449 --> 00:03:44,767
Okay.
103
00:03:44,767 --> 00:03:46,100
So let's get started.
104
00:03:46,200 --> 00:03:49,500
Now as I just said we
are living in a digital era
105
00:03:49,500 --> 00:03:52,415
whether it be booking a hotel
room ordering some dinner
106
00:03:52,415 --> 00:03:53,717
or even booking a cab.
107
00:03:53,717 --> 00:03:56,600
We're constantly using
the internet and inherently
108
00:03:56,600 --> 00:03:59,900
constantly generating data
this data is generally He
109
00:03:59,900 --> 00:04:01,000
stored on the cloud
110
00:04:01,100 --> 00:04:04,100
which is basically a huge
data server or data center
111
00:04:04,100 --> 00:04:05,918
that you can access online.
112
00:04:05,918 --> 00:04:07,395
Also, we use an array
113
00:04:07,395 --> 00:04:10,556
of devices to access
this data now for a hacker.
114
00:04:10,556 --> 00:04:11,700
It's a golden age
115
00:04:11,700 --> 00:04:14,700
with so many access points
public IP addresses
116
00:04:14,700 --> 00:04:15,700
and constant traffic
117
00:04:15,700 --> 00:04:18,944
and tons of data to exploit
black hat hackers are having
118
00:04:18,944 --> 00:04:21,423
one hell of a time
exploiting vulnerabilities
119
00:04:21,423 --> 00:04:23,100
and creating malicious software
120
00:04:23,100 --> 00:04:25,764
for the same above
that cyber attacks are evolving
121
00:04:25,764 --> 00:04:28,000
by the day hackers
are becoming smarter
122
00:04:28,000 --> 00:04:29,900
and more creative
with their malware's.
123
00:04:29,900 --> 00:04:31,671
And how they bypass virus scans
124
00:04:31,671 --> 00:04:33,900
and firewalls still
baffled many people.
125
00:04:33,900 --> 00:04:36,000
Let's go through some
of the most common types
126
00:04:36,000 --> 00:04:37,000
of cyber attacks now,
127
00:04:37,500 --> 00:04:40,600
so as you guys can see I've
listed out eight cyber attacks
128
00:04:40,600 --> 00:04:43,300
that have plagued us since
the beginning of the internet.
129
00:04:43,300 --> 00:04:44,888
Let's go through them briefly.
130
00:04:44,888 --> 00:04:46,000
So first on the list,
131
00:04:46,000 --> 00:04:48,149
we have General
malware's malware is
132
00:04:48,149 --> 00:04:51,500
an all-encompassing term
for a variety of cyber threats
133
00:04:51,500 --> 00:04:53,141
including Trojans viruses
134
00:04:53,141 --> 00:04:55,938
and worms malware
is simply defined as code
135
00:04:55,938 --> 00:04:57,263
with malicious intent
136
00:04:57,263 --> 00:04:59,600
that typically steals
data or destroy.
137
00:04:59,600 --> 00:05:01,700
On the computer
next on the list.
138
00:05:01,700 --> 00:05:04,400
We have fishing often
posing as a request for data
139
00:05:04,400 --> 00:05:07,400
from a trusted third
party phishing attacks are sent
140
00:05:07,400 --> 00:05:10,100
via email and ask users
to click on a link
141
00:05:10,100 --> 00:05:13,281
and enter the personal
data phishing emails have gotten
142
00:05:13,281 --> 00:05:16,693
much more sophisticated in
recent years making it difficult
143
00:05:16,693 --> 00:05:19,500
for some people to discern
a legitimate request
144
00:05:19,500 --> 00:05:23,100
for information from a false
one phishing emails often fall
145
00:05:23,100 --> 00:05:25,908
into the same category as
spam but are more harmful
146
00:05:25,908 --> 00:05:28,229
than just a simple ad
next on the list.
147
00:05:28,229 --> 00:05:29,514
We have password attacks.
148
00:05:29,514 --> 00:05:32,226
It's a password attack is
exactly what it sounds
149
00:05:32,226 --> 00:05:35,400
like a third party trying
to gain access to your system.
150
00:05:35,400 --> 00:05:37,300
My tracking a user's password.
151
00:05:37,300 --> 00:05:38,600
Next up is DDOS
152
00:05:38,600 --> 00:05:41,200
which stands for
distributed denial-of-service
153
00:05:41,200 --> 00:05:42,300
DDOS attack focuses
154
00:05:42,300 --> 00:05:45,023
on disrupting the service
of a network a darker send
155
00:05:45,023 --> 00:05:46,200
High volumes of data
156
00:05:46,200 --> 00:05:47,800
or traffic through the network
157
00:05:47,800 --> 00:05:50,035
that is making a lot
of connection requests
158
00:05:50,035 --> 00:05:52,190
until the network
becomes overloaded
159
00:05:52,190 --> 00:05:54,300
and can no longer
function next up.
160
00:05:54,300 --> 00:05:57,490
We have man-in-the-middle
attacks by impersonating
161
00:05:57,490 --> 00:05:59,900
the endpoint in
an online information.
162
00:05:59,900 --> 00:06:01,900
That is the connection
from your smartphone
163
00:06:01,900 --> 00:06:03,260
to a website the MIT.
164
00:06:03,260 --> 00:06:07,300
Emma docs can obtain information
from the end users and entity he
165
00:06:07,300 --> 00:06:09,800
or she is communicating
with for example,
166
00:06:09,800 --> 00:06:12,263
if your Banking online
the man in the middle
167
00:06:12,263 --> 00:06:15,004
would communicate with you
by impersonating your bank
168
00:06:15,004 --> 00:06:17,900
and communicate with the bank
by impersonating you the man
169
00:06:17,900 --> 00:06:20,600
in the middle would then receive
all the information transferred
170
00:06:20,600 --> 00:06:21,600
between both parties
171
00:06:21,600 --> 00:06:24,011
which could include
sensitive data such as
172
00:06:24,011 --> 00:06:26,562
bank accounts and personal
information next up.
173
00:06:26,562 --> 00:06:29,800
We have drive-by downloads
through malware on a Ledge.
174
00:06:29,800 --> 00:06:31,400
Emmett website a program
175
00:06:31,400 --> 00:06:34,570
is downloaded to a user system
just by visiting the site.
176
00:06:34,570 --> 00:06:36,400
It doesn't require
any type of action
177
00:06:36,400 --> 00:06:38,929
by the user to download
it actually next up.
178
00:06:38,929 --> 00:06:40,302
We have mail advertising
179
00:06:40,302 --> 00:06:42,487
which is a way to
compromise your computer
180
00:06:42,487 --> 00:06:43,517
with malicious code
181
00:06:43,517 --> 00:06:45,400
that is downloaded
to your system
182
00:06:45,400 --> 00:06:47,700
when you click
on an effective ad lastly,
183
00:06:47,700 --> 00:06:48,900
we have Rogue softwares,
184
00:06:48,900 --> 00:06:50,500
which are basically malware's
185
00:06:50,500 --> 00:06:51,900
that are masquerading as
186
00:06:51,900 --> 00:06:54,300
legitimate and necessary
security software
187
00:06:54,300 --> 00:06:56,100
that will keep your system safe.
188
00:06:56,100 --> 00:06:57,345
So as you guys can see
189
00:06:57,345 --> 00:06:59,552
now the internet sure
isn't the safe place.
190
00:06:59,552 --> 00:07:02,338
As you might think
it is this not only applies
191
00:07:02,338 --> 00:07:03,700
for us as individuals.
192
00:07:03,700 --> 00:07:05,500
But also large organizations.
193
00:07:05,600 --> 00:07:08,200
They're having multiple
cyber breaches in the past
194
00:07:08,200 --> 00:07:11,600
that has compromised the privacy
and confidentiality of a data.
195
00:07:11,600 --> 00:07:14,900
If we head over to the site
called information is beautiful.
196
00:07:14,900 --> 00:07:16,950
We can see all
the major cyber breaches
197
00:07:16,950 --> 00:07:18,300
that have been committed.
198
00:07:18,800 --> 00:07:22,493
So as you guys can see even
big companies like eBay,
199
00:07:22,493 --> 00:07:25,300
AOL Evernote Adobe
have actually gone
200
00:07:25,300 --> 00:07:27,005
through major cyber breaches,
201
00:07:27,005 --> 00:07:29,979
even though they have a lot
of security measures taken
202
00:07:29,979 --> 00:07:32,000
to protect the data
that they contain
203
00:07:32,000 --> 00:07:33,163
so it's not only
204
00:07:33,163 --> 00:07:36,289
that small individuals
are targeted by hackers
205
00:07:36,289 --> 00:07:37,400
and other people
206
00:07:37,400 --> 00:07:41,000
but even bigger organizations
are constantly being targeted
207
00:07:41,000 --> 00:07:41,900
by these guys.
208
00:07:42,100 --> 00:07:43,805
So after looking at all sorts
209
00:07:43,805 --> 00:07:46,625
of cyberattacks possible
the breaches of the past
210
00:07:46,625 --> 00:07:48,700
and the sheer amount
of data available.
211
00:07:48,700 --> 00:07:49,676
We must be thinking
212
00:07:49,676 --> 00:07:52,400
that there must be some sort
of mechanism and protocol
213
00:07:52,400 --> 00:07:55,600
to actually protect us from all
these sorts of cyberattacks
214
00:07:55,600 --> 00:07:57,178
and indeed there is a way
215
00:07:57,178 --> 00:07:59,392
and this is called
cyber security in
216
00:07:59,392 --> 00:08:02,666
a Computing context security
comprises of cybersecurity
217
00:08:02,666 --> 00:08:04,000
and physical security.
218
00:08:04,000 --> 00:08:06,320
Both are used by
Enterprises to protect
219
00:08:06,320 --> 00:08:08,885
against unauthorized access
to data centers
220
00:08:08,885 --> 00:08:12,000
and other computerized
systems information security,
221
00:08:12,000 --> 00:08:14,900
which is designed to maintain
the confidentiality integrity
222
00:08:14,900 --> 00:08:16,400
and availability of data is
223
00:08:16,400 --> 00:08:18,700
a subset of cybersecurity
the use of cyber.
224
00:08:18,700 --> 00:08:20,300
Cybersecurity can help prevent
225
00:08:20,300 --> 00:08:23,155
against cyberattacks data
breaches identity theft
226
00:08:23,155 --> 00:08:25,069
and can Aid in Risk Management.
227
00:08:25,069 --> 00:08:27,600
So when an organization
has a strong sense
228
00:08:27,600 --> 00:08:28,793
of network security
229
00:08:28,793 --> 00:08:31,300
and an effective
incident response plan,
230
00:08:31,300 --> 00:08:33,109
it is better able to prevent
231
00:08:33,109 --> 00:08:35,500
and mitigate these
attacks for example
232
00:08:35,500 --> 00:08:38,381
and user protection defense
information and guards
233
00:08:38,381 --> 00:08:39,616
against loss of theft
234
00:08:39,616 --> 00:08:42,177
while also scanning computers
for malicious code.
235
00:08:42,178 --> 00:08:44,100
Now when talking
about cybersecurity,
236
00:08:44,100 --> 00:08:45,550
there are three main activities
237
00:08:45,550 --> 00:08:48,500
that we are trying to protect
ourselves against and they
238
00:08:48,500 --> 00:08:52,100
are Unauthorized modification
unauthorised deletion
239
00:08:52,100 --> 00:08:53,725
and unauthorized access.
240
00:08:53,725 --> 00:08:54,931
These freedoms are
241
00:08:54,931 --> 00:08:58,347
very synonymous to the very
commonly known CIA Triad
242
00:08:58,347 --> 00:09:02,500
which stands for confidentiality
integrity and availability.
243
00:09:03,000 --> 00:09:04,500
The CIA Triad is also
244
00:09:04,500 --> 00:09:07,500
commonly referred to as
a three pillars of security
245
00:09:07,500 --> 00:09:10,500
and more security policies
of bigger organizations.
246
00:09:10,500 --> 00:09:13,887
And even smaller companies are
based on these three principles.
247
00:09:13,887 --> 00:09:15,800
So let's go through
them one by one.
248
00:09:16,300 --> 00:09:18,135
So first on the list we have
249
00:09:18,135 --> 00:09:21,429
confidentiality confidentiality
is roughly equivalent
250
00:09:21,429 --> 00:09:23,900
to privacy measures
undertaken to ensure
251
00:09:23,900 --> 00:09:27,099
confidentiality are designed
to prevent sensitive information
252
00:09:27,099 --> 00:09:28,700
from reaching the wrong people
253
00:09:28,700 --> 00:09:30,600
while making sure
that the right people
254
00:09:30,600 --> 00:09:33,100
can in fact get it access
must be restricted.
255
00:09:33,100 --> 00:09:36,000
To those authorized to view
the data in question
256
00:09:36,200 --> 00:09:39,300
in as common as well for data
to be categorized
257
00:09:39,300 --> 00:09:40,652
according to the amount
258
00:09:40,652 --> 00:09:41,746
and type of damage
259
00:09:41,746 --> 00:09:42,900
that could be done.
260
00:09:42,900 --> 00:09:45,451
Should it fall into
unintended hands more
261
00:09:45,451 --> 00:09:49,024
or less stringent measures
can then be implemented across
262
00:09:49,024 --> 00:09:50,300
to those categories?
263
00:09:50,400 --> 00:09:53,458
Sometimes safeguarding
data confidentiality meanwhile
264
00:09:53,458 --> 00:09:55,300
special training for those privy
265
00:09:55,300 --> 00:09:56,400
to such documents
266
00:09:56,400 --> 00:09:59,100
such training would typically
include security risks
267
00:09:59,100 --> 00:10:01,402
that could threaten
this information training
268
00:10:01,402 --> 00:10:02,984
can help familiarize ourselves.
269
00:10:02,984 --> 00:10:04,600
Her eyes people
with risk factors
270
00:10:04,600 --> 00:10:07,800
and how to guard against them
further aspects of training
271
00:10:07,800 --> 00:10:09,400
can include strong password
272
00:10:09,400 --> 00:10:11,400
and password related
best practices
273
00:10:11,400 --> 00:10:14,615
and information about social
engineering methods to prevent
274
00:10:14,615 --> 00:10:16,733
them from bending
data handling rules
275
00:10:16,733 --> 00:10:17,868
with good intention
276
00:10:17,868 --> 00:10:19,868
and potentially
disastrous results.
277
00:10:19,868 --> 00:10:20,633
Next on list.
278
00:10:20,633 --> 00:10:23,400
We have integrity Integrity
involves maintaining
279
00:10:23,400 --> 00:10:24,956
the consistency accuracy
280
00:10:24,956 --> 00:10:26,646
and trustworthiness of data
281
00:10:26,646 --> 00:10:30,400
over its entire lifecycle data
must not be changed in transit
282
00:10:30,400 --> 00:10:33,093
and steps must be taken
to ensure that data.
283
00:10:33,093 --> 00:10:34,300
Cannot be altered by
284
00:10:34,300 --> 00:10:38,200
unauthorized people for example
in a breach of confidentiality.
285
00:10:38,200 --> 00:10:39,582
These measures include
286
00:10:39,582 --> 00:10:43,149
file permissions and user
access controls Version Control
287
00:10:43,149 --> 00:10:45,700
may be used to prevent
are honest changes
288
00:10:45,700 --> 00:10:47,129
or accidental deletion
289
00:10:47,129 --> 00:10:49,462
by authorized users
becoming a problem.
290
00:10:49,462 --> 00:10:50,200
In addition.
291
00:10:50,200 --> 00:10:53,400
Some means must be in place
to detect any changes in data
292
00:10:53,400 --> 00:10:54,800
that might occur as a result
293
00:10:54,800 --> 00:10:58,600
of non-human caused events
such as electromagnetic pulses
294
00:10:58,600 --> 00:10:59,700
or server crash
295
00:10:59,700 --> 00:11:02,753
some data might include
checksums even cryptography.
296
00:11:02,753 --> 00:11:05,920
Graphic checksums for
verification of Integrity backup
297
00:11:05,920 --> 00:11:08,591
or redundancies must
be available to restore
298
00:11:08,591 --> 00:11:11,200
the affected data
to its correct State last
299
00:11:11,200 --> 00:11:14,800
but not least is availability
availability is best ensured
300
00:11:14,800 --> 00:11:16,100
by rigorous maintaining
301
00:11:16,100 --> 00:11:18,800
of all Hardware performing
Hardware repairs immediately
302
00:11:18,800 --> 00:11:20,400
when needed and maintaining
303
00:11:20,400 --> 00:11:22,800
a correctly functional
operating system environment
304
00:11:22,800 --> 00:11:24,800
that is free
of software conflicts.
305
00:11:24,800 --> 00:11:27,679
It's also important to keep
current with all necessary
306
00:11:27,679 --> 00:11:31,165
system upgrades providing
adequate communication bandwidth
307
00:11:31,165 --> 00:11:33,000
and preventing the occurrences
308
00:11:33,000 --> 00:11:36,400
of Bottlenecks are equally
important redundancy failover
309
00:11:36,400 --> 00:11:39,282
and even higher availability
clusters can mitigate
310
00:11:39,282 --> 00:11:40,564
serious consequences
311
00:11:40,564 --> 00:11:42,839
when hardware issues
do occur fast in
312
00:11:42,839 --> 00:11:45,382
as adaptive Disaster
Recovery is essential
313
00:11:45,382 --> 00:11:47,119
for the worst-case scenarios
314
00:11:47,119 --> 00:11:49,599
that capacity is reliant
on the existence
315
00:11:49,599 --> 00:11:52,599
of a comprehensive Disaster
Recovery plan safeguards
316
00:11:52,599 --> 00:11:53,613
against data loss
317
00:11:53,613 --> 00:11:55,400
or interruption in connection
318
00:11:55,400 --> 00:11:59,000
must include unpredictable
events such as natural disasters
319
00:11:59,000 --> 00:12:00,800
and file to prevent data loss
320
00:12:00,800 --> 00:12:02,700
from such occurrences
a backup copy.
321
00:12:02,700 --> 00:12:04,600
He must be stored
in a geographically
322
00:12:04,600 --> 00:12:05,691
isolated location,
323
00:12:05,691 --> 00:12:08,300
perhaps even in a fireproof
water safe place
324
00:12:08,400 --> 00:12:11,700
extra security equipments
or software such as firewalls
325
00:12:11,700 --> 00:12:12,700
and proxy servers
326
00:12:12,800 --> 00:12:14,633
and goddess against down times
327
00:12:14,633 --> 00:12:16,100
and unreachable data you
328
00:12:16,100 --> 00:12:19,200
to malicious actions such as
denial-of-service attacks
329
00:12:19,200 --> 00:12:20,700
and network intrusions.
330
00:12:20,800 --> 00:12:24,000
So now that we have seen what we
are actually trying to implement
331
00:12:24,000 --> 00:12:26,400
when trying to protect
ourselves on the internet.
332
00:12:26,400 --> 00:12:27,968
We should also know the ways
333
00:12:27,968 --> 00:12:29,870
that we actually
protect ourselves
334
00:12:29,870 --> 00:12:32,400
when we are attacked
by cyber organizations.
335
00:12:32,400 --> 00:12:35,579
So the Step to actually mitigate
any type of Cyber attack is
336
00:12:35,579 --> 00:12:37,943
to identify the malware
or the Cyber threat
337
00:12:37,943 --> 00:12:40,784
that is being currently going on
in your organization.
338
00:12:40,784 --> 00:12:41,079
Next.
339
00:12:41,079 --> 00:12:42,674
We have to actually analyze
340
00:12:42,674 --> 00:12:44,800
and evaluate all
the affected parties
341
00:12:44,800 --> 00:12:45,800
and the file systems
342
00:12:45,800 --> 00:12:47,317
that have been compromised
343
00:12:47,317 --> 00:12:50,200
and in the end we have
to patch the hole treatment
344
00:12:50,200 --> 00:12:52,427
so that our organization
can come back
345
00:12:52,427 --> 00:12:55,900
to its original running State
without any cyber breaches.
346
00:12:55,900 --> 00:12:57,600
So how is it exactly done?
347
00:12:57,600 --> 00:13:01,100
This is mostly done by actually
calculating three factors.
348
00:13:01,100 --> 00:13:02,923
The first factor is vulnerable.
349
00:13:02,923 --> 00:13:06,300
Leti the second factor is threat
and the third is risk.
350
00:13:06,300 --> 00:13:09,100
So let me tell you about
the three of them a little bit.
351
00:13:09,300 --> 00:13:10,421
So first on the list
352
00:13:10,421 --> 00:13:13,000
of actual calculation is
we have vulnerability.
353
00:13:13,000 --> 00:13:16,781
So a vulnerability refers
to a known weakness of an asset
354
00:13:16,781 --> 00:13:19,782
that can be exploited by
one or more attackers.
355
00:13:19,782 --> 00:13:20,700
In other words.
356
00:13:20,700 --> 00:13:21,833
It is a known issue
357
00:13:21,833 --> 00:13:24,099
that allows an attack
to be successful.
358
00:13:24,099 --> 00:13:24,728
For example,
359
00:13:24,728 --> 00:13:27,352
when a team member resigns
and you forget to disable
360
00:13:27,352 --> 00:13:29,757
their access to external
accounts change logins
361
00:13:29,757 --> 00:13:30,889
or remove their names
362
00:13:30,889 --> 00:13:33,100
from the company credit
cards this leaves.
363
00:13:33,100 --> 00:13:34,242
Your business open
364
00:13:34,242 --> 00:13:37,300
to both unintentional
and intentional threats.
365
00:13:37,300 --> 00:13:41,300
However, most vulnerabilities
are exploited by automated tacos
366
00:13:41,300 --> 00:13:43,700
and not a human typing
on the other side
367
00:13:43,700 --> 00:13:44,700
of the network.
368
00:13:45,200 --> 00:13:47,100
Next testing for vulnerabilities
369
00:13:47,100 --> 00:13:49,613
is critical to ensuring
the continued security
370
00:13:49,613 --> 00:13:52,125
of your systems
by identifying weak points
371
00:13:52,125 --> 00:13:54,647
and developing a strategy
to respond quickly.
372
00:13:54,647 --> 00:13:56,000
Here are some questions
373
00:13:56,000 --> 00:13:59,700
that you ask when determining
your security vulnerabilities.
374
00:13:59,700 --> 00:14:02,429
So you have questions
like is your data backed up
375
00:14:02,429 --> 00:14:05,899
and stored in a secure off-site
location is your data stored
376
00:14:05,899 --> 00:14:07,076
in the cloud if yes,
377
00:14:07,076 --> 00:14:08,958
how exactly is
it being protected
378
00:14:08,958 --> 00:14:10,400
from cloud vulnerabilities?
379
00:14:10,400 --> 00:14:13,100
What kind of security
do you have to determine
380
00:14:13,100 --> 00:14:14,372
who can access modify
381
00:14:14,372 --> 00:14:17,700
or delete information from
within your organization next
382
00:14:17,700 --> 00:14:19,280
like you could ask questions
383
00:14:19,280 --> 00:14:22,121
like what kind of antivirus
protection is in use?
384
00:14:22,121 --> 00:14:25,200
What is the license currents are
the license current?
385
00:14:25,200 --> 00:14:27,468
And is it running
as often as needed?
386
00:14:27,468 --> 00:14:29,800
Also, do you have
a data recovery plan
387
00:14:29,800 --> 00:14:32,700
in the event of
vulnerability being exploited?
388
00:14:32,700 --> 00:14:34,300
These are the normal questions
389
00:14:34,300 --> 00:14:37,600
that one asks when actually
checking their vulnerability.
390
00:14:37,600 --> 00:14:40,900
Next up is thread a thread
refers to a new or newly
391
00:14:40,900 --> 00:14:44,325
discovered incident with
potential to do harm to a system
392
00:14:44,325 --> 00:14:46,100
or your overall organization.
393
00:14:46,100 --> 00:14:47,400
There are three main types
394
00:14:47,400 --> 00:14:49,723
of thread National
threats like floods
395
00:14:49,723 --> 00:14:52,900
or tornadoes unintentional
threats such as employee
396
00:14:52,900 --> 00:14:55,509
mistakingly accessing
the wrong information
397
00:14:55,509 --> 00:14:57,000
and intentional threats.
398
00:14:57,000 --> 00:14:58,400
There are many examples
399
00:14:58,400 --> 00:15:02,492
of intentional threats including
spyware malware advert companies
400
00:15:02,492 --> 00:15:05,938
or the Actions of disgruntled
employees in addition worms
401
00:15:05,938 --> 00:15:07,600
and viruses are categorized
402
00:15:07,600 --> 00:15:10,382
as threats because they
could potentially cause harm
403
00:15:10,382 --> 00:15:13,852
to your organization through
exposure to an automated attack
404
00:15:13,852 --> 00:15:16,500
as opposed to one
perpetrated by human beings.
405
00:15:16,600 --> 00:15:19,082
Although these threats
are generally outside
406
00:15:19,082 --> 00:15:22,200
of one's control and difficult
to identify in advance.
407
00:15:22,200 --> 00:15:25,100
It is essential to take
appropriate measures to assess
408
00:15:25,100 --> 00:15:28,400
threats regularly here are
some ways to do so and sure
409
00:15:28,400 --> 00:15:30,393
that your team members
are staying informed
410
00:15:30,393 --> 00:15:31,200
of current trends
411
00:15:31,200 --> 00:15:34,486
in cyber security so they
can The identify new threats,
412
00:15:34,486 --> 00:15:37,574
they should subscribe to blogs
like wired and podcast
413
00:15:37,574 --> 00:15:39,457
like the Tech janek's Extreme it
414
00:15:39,457 --> 00:15:40,843
that covers these issues
415
00:15:40,843 --> 00:15:43,213
as well as join
professional associations,
416
00:15:43,213 --> 00:15:44,317
so they can benefit
417
00:15:44,317 --> 00:15:47,300
from breaking news feeds
conferences and webinars.
418
00:15:47,300 --> 00:15:49,716
You should also perform
regular threat assessment
419
00:15:49,716 --> 00:15:52,426
to determine the best approaches
to protecting a system
420
00:15:52,426 --> 00:15:54,749
against the specific threat
along with assessing
421
00:15:54,749 --> 00:15:57,800
different types of thread
in addition penetration,
422
00:15:57,800 --> 00:16:00,400
testing involves modeling
real-world threats in order
423
00:16:00,400 --> 00:16:03,500
to discover vulnerabilities
next on the List,
424
00:16:03,500 --> 00:16:04,318
we have risk.
425
00:16:04,318 --> 00:16:07,449
So risk refers to the potential
for loss or damage
426
00:16:07,449 --> 00:16:10,378
when a threat exploits
a vulnerability examples
427
00:16:10,378 --> 00:16:13,196
of risks include
Financial losses as a result
428
00:16:13,196 --> 00:16:14,871
of business disruption loss
429
00:16:14,871 --> 00:16:17,800
of privacy reputational
damage legal implications
430
00:16:17,800 --> 00:16:19,344
and can even include loss
431
00:16:19,344 --> 00:16:21,922
of life risk can also
be defined as follows,
432
00:16:21,922 --> 00:16:24,800
which is basically threat
X the vulnerability you
433
00:16:24,800 --> 00:16:27,305
can reduce the potential
for Risk by creating
434
00:16:27,305 --> 00:16:29,600
and implementing a
risk management plan.
435
00:16:29,600 --> 00:16:32,700
And here are the key aspects
to consider When developing
436
00:16:32,700 --> 00:16:35,682
your Management strategy firstly
we need to assess risk
437
00:16:35,682 --> 00:16:36,800
and determine needs
438
00:16:36,800 --> 00:16:38,065
when it comes to designing
439
00:16:38,065 --> 00:16:40,333
and implementing a
risk assessment framework.
440
00:16:40,333 --> 00:16:43,260
It is critical to prioritize
the most important breaches
441
00:16:43,260 --> 00:16:46,082
that need to be addressed all
the frequency May differ
442
00:16:46,082 --> 00:16:47,200
in each organization.
443
00:16:47,200 --> 00:16:49,000
This level of assessment
must be done
444
00:16:49,000 --> 00:16:50,700
on a regular recurring basis.
445
00:16:51,000 --> 00:16:51,500
Next.
446
00:16:51,500 --> 00:16:52,883
We also have to include
447
00:16:52,883 --> 00:16:55,927
a total stakeholder
perspective stakeholders include
448
00:16:55,927 --> 00:16:58,809
the business owners as
well as employees customers
449
00:16:58,809 --> 00:17:00,820
and even vendors all
of these players
450
00:17:00,820 --> 00:17:02,924
have the potential
to negatively impact.
451
00:17:02,924 --> 00:17:03,964
Actor organization,
452
00:17:03,964 --> 00:17:06,200
but at the same time
they can be Assets
453
00:17:06,200 --> 00:17:08,066
in helping to mitigate risk.
454
00:17:08,066 --> 00:17:11,800
So as we see risk management
is the key to cybersecurity.
455
00:17:11,800 --> 00:17:12,800
So now let's go
456
00:17:12,800 --> 00:17:14,800
through a scenario
to actually understand
457
00:17:14,800 --> 00:17:16,390
how cybersecurity actually
458
00:17:16,390 --> 00:17:20,000
defend an organization against
very manipulative cybercrime.
459
00:17:20,000 --> 00:17:21,000
So cyber crime
460
00:17:21,000 --> 00:17:22,800
as we all know is
a global problem
461
00:17:22,800 --> 00:17:24,600
that's been dominating
the new cycle.
462
00:17:24,800 --> 00:17:27,000
It poses a threat
to individual security
463
00:17:27,000 --> 00:17:30,100
and an even bigger threat
to large International companies
464
00:17:30,100 --> 00:17:33,000
Banks and government
today's organized cybercrime.
465
00:17:33,000 --> 00:17:35,100
Part of Shadows
loan hackers of Fast
466
00:17:35,100 --> 00:17:38,234
and Now large organized crime
Rings function like startups
467
00:17:38,234 --> 00:17:40,500
and often employ
highly trained developers
468
00:17:40,500 --> 00:17:42,703
were constantly innovating
new online adapt
469
00:17:42,703 --> 00:17:43,706
most companies have
470
00:17:43,706 --> 00:17:46,926
preventative security software
to stop these types of attacks,
471
00:17:46,926 --> 00:17:50,400
but no matter how secure we are
cyber crime is going to happen.
472
00:17:50,500 --> 00:17:51,300
So meet Bob,
473
00:17:51,300 --> 00:17:53,842
he's a chief security
officer for a company
474
00:17:53,842 --> 00:17:56,754
that makes a mobile app
to help customers track
475
00:17:56,754 --> 00:17:58,374
and manage their finances.
476
00:17:58,374 --> 00:18:00,202
So security is a top priority.
477
00:18:00,202 --> 00:18:02,700
So Bob's company has
an activity response.
478
00:18:02,700 --> 00:18:06,600
Platform in place that automates
the entire cybersecurity process
479
00:18:06,600 --> 00:18:09,266
the ARP software
integrates all the security
480
00:18:09,266 --> 00:18:12,161
and ID software needed
to keep a large company
481
00:18:12,161 --> 00:18:14,680
like Bob's secured
into a single dashboard
482
00:18:14,680 --> 00:18:15,783
and acts as a hub
483
00:18:15,783 --> 00:18:17,281
for the people processes
484
00:18:17,281 --> 00:18:20,900
and Technology needed to respond
to and contain cyber doll.
485
00:18:20,900 --> 00:18:23,200
Let's see how this platform
works in the case
486
00:18:23,200 --> 00:18:24,533
of a security breach
487
00:18:24,533 --> 00:18:25,600
while Bob is out
488
00:18:25,600 --> 00:18:28,179
on a business trip
irregular activity occurs
489
00:18:28,179 --> 00:18:29,200
on his account as
490
00:18:29,200 --> 00:18:32,900
a user Behavior analytic engine
that monitors account activity.
491
00:18:32,900 --> 00:18:36,468
Recognize a suspicious Behavior
involving late-night logins
492
00:18:36,468 --> 00:18:39,100
and unusual amounts
of data being downloaded.
493
00:18:39,100 --> 00:18:41,400
This piece of software
is the first signal
494
00:18:41,400 --> 00:18:42,900
that something is wrong
495
00:18:42,900 --> 00:18:45,900
and alert is sent to the next
piece of software in the chain,
496
00:18:45,900 --> 00:18:47,600
which is the
security information
497
00:18:47,600 --> 00:18:49,300
and event management system.
498
00:18:49,300 --> 00:18:52,500
Now the ARP can orchestrate
a chain of events
499
00:18:52,500 --> 00:18:55,617
that ultimately prevents
the company from encountering
500
00:18:55,617 --> 00:18:58,632
a serious security disaster
the ARP connects
501
00:18:58,632 --> 00:19:00,288
to a user directory software
502
00:19:00,288 --> 00:19:01,544
that Bob's company uses.
503
00:19:01,544 --> 00:19:04,217
Which immediately Cognizes
the user accounts belong
504
00:19:04,217 --> 00:19:05,100
to an executive
505
00:19:05,100 --> 00:19:06,800
who is out on a business trip
506
00:19:06,800 --> 00:19:09,000
and then proceeds
to lock his account.
507
00:19:09,200 --> 00:19:10,767
The ARP sends the incident
508
00:19:10,767 --> 00:19:13,179
IP address to threat
intelligence software
509
00:19:13,179 --> 00:19:14,900
which identifies the dress
510
00:19:14,900 --> 00:19:17,800
as a suspected malware
civil as each piece
511
00:19:17,800 --> 00:19:19,438
of security software runs.
512
00:19:19,438 --> 00:19:22,400
The findings are recorded
in the ARP s incident,
513
00:19:22,400 --> 00:19:25,100
which is already busy
creating a set of instructions
514
00:19:25,100 --> 00:19:26,100
called A playbook
515
00:19:26,100 --> 00:19:29,400
for a security analyst
to follow The analyst
516
00:19:29,400 --> 00:19:33,300
and locks Bob's a bounce and
changes his passwords this time.
517
00:19:33,300 --> 00:19:36,100
The software has determined
the attempted attack came
518
00:19:36,100 --> 00:19:38,300
from a well-known
cyber crime organization
519
00:19:38,300 --> 00:19:39,827
using stolen credentials.
520
00:19:39,827 --> 00:19:41,600
Bob's credentials were stolen
521
00:19:41,600 --> 00:19:44,717
when the hacker found
a vulnerability in his company's
522
00:19:44,717 --> 00:19:48,200
firewall software and use it to
upload a malware infected file.
523
00:19:48,200 --> 00:19:49,105
Now that we know
524
00:19:49,105 --> 00:19:51,600
how the attack happened
the analyst uses
525
00:19:51,600 --> 00:19:53,009
the ARP and identifies
526
00:19:53,009 --> 00:19:56,300
and patches all the things
the ARP uses information
527
00:19:56,300 --> 00:19:58,200
from endpoint tool to determine
528
00:19:58,200 --> 00:20:00,694
Which machines need
to be patched recommends
529
00:20:00,694 --> 00:20:04,400
how to pass them and then allows
the analyst to push the batches
530
00:20:04,400 --> 00:20:07,366
to all the computers
and mobile devices instantly.
531
00:20:07,366 --> 00:20:10,227
Meanwhile Bob has to allow
the legal Departments
532
00:20:10,227 --> 00:20:10,995
of the breach
533
00:20:10,995 --> 00:20:13,921
and the ARP instantly
notifies the correct version
534
00:20:13,921 --> 00:20:16,668
of the situation
and the status of the incident
535
00:20:16,668 --> 00:20:18,400
after the attack is contained
536
00:20:18,400 --> 00:20:20,800
and Bob's account
is secured the analyst
537
00:20:20,800 --> 00:20:24,400
and communicates which data may
have been stolen or compromised
538
00:20:24,400 --> 00:20:25,600
during the incident.
539
00:20:25,600 --> 00:20:28,321
He identifies which
geography is jurisdiction.
540
00:20:28,321 --> 00:20:30,075
And Regulatory Agencies cover
541
00:20:30,075 --> 00:20:33,100
the users and informations
affected by the adapter.
542
00:20:33,100 --> 00:20:35,700
Then the ARB creates
a series of tasks.
543
00:20:35,700 --> 00:20:39,088
So the organization can notify
the affected parties and follow
544
00:20:39,088 --> 00:20:40,500
all relevant compliances
545
00:20:40,500 --> 00:20:44,192
and liability procedures
in the past a security breach.
546
00:20:44,192 --> 00:20:46,545
This large would have
required Bob's company
547
00:20:46,545 --> 00:20:48,135
to involve several agencies
548
00:20:48,135 --> 00:20:50,900
and third parties to solve
the problem a process
549
00:20:50,900 --> 00:20:52,800
that could have taken
months or longer.
550
00:20:53,100 --> 00:20:56,376
But in a matter of hours
the incident response platform
551
00:20:56,376 --> 00:20:58,500
organized all of
the people processes.
552
00:20:58,500 --> 00:21:02,147
Has and Technology to identify
and contain the problem find
553
00:21:02,147 --> 00:21:05,000
the source of the attack
fix the vulnerability
554
00:21:05,000 --> 00:21:07,000
and notify all affected parties
555
00:21:07,000 --> 00:21:10,292
and in the future Bob and
his team will be able to turn
556
00:21:10,292 --> 00:21:12,000
to cognitive security tools.
557
00:21:12,000 --> 00:21:15,121
These tools will read
and learn from tens of thousands
558
00:21:15,121 --> 00:21:18,709
of trusted publication blogs and
other sources of information.
559
00:21:18,709 --> 00:21:21,542
This knowledge will uncover
new insights and patterns
560
00:21:21,542 --> 00:21:24,015
and dissipate an isolate
and minimize attacks
561
00:21:24,015 --> 00:21:26,423
as they happen and
immediately recommend actions
562
00:21:26,423 --> 00:21:29,423
for Security Professionals
to take Keeping data safe
563
00:21:29,423 --> 00:21:31,900
and companies like pops
out of the headlines.
564
00:21:36,500 --> 00:21:39,397
Cryptography is essentially
important because it allows
565
00:21:39,397 --> 00:21:40,900
you to securely protect data
566
00:21:40,900 --> 00:21:43,905
that you don't want anyone else
to have access to it is used
567
00:21:43,905 --> 00:21:47,000
to protect corporate Secrets
secure classified information
568
00:21:47,000 --> 00:21:48,700
and to protect
personal information
569
00:21:48,700 --> 00:21:51,100
to guard against things
like identity theft
570
00:21:51,100 --> 00:21:53,249
and today's video
is basically going to be
571
00:21:53,249 --> 00:21:54,366
about cryptography now
572
00:21:54,366 --> 00:21:56,300
before we actually jump
into the session.
573
00:21:56,300 --> 00:21:58,153
Let me give you guys
a brief on the topics
574
00:21:58,153 --> 00:21:59,588
that we're going to cover today.
575
00:21:59,588 --> 00:22:00,307
So first of all,
576
00:22:00,307 --> 00:22:01,900
we're going to cover
what is cryptography
577
00:22:01,900 --> 00:22:04,200
through the help
of a very simplistic scenario,
578
00:22:04,200 --> 00:22:07,300
then we are going to go through
the classifications of Rafi and
579
00:22:07,300 --> 00:22:10,544
how the different classification
algorithm works in the end.
580
00:22:10,544 --> 00:22:12,800
I'm going to show you
guys a Nifty demo on
581
00:22:12,800 --> 00:22:16,000
how a popular algorithm
called RSA actually works.
582
00:22:16,142 --> 00:22:17,757
So let's get started.
583
00:22:17,900 --> 00:22:18,200
Now.
584
00:22:18,200 --> 00:22:20,987
I'm going to take the help
of an example or a scenario
585
00:22:20,987 --> 00:22:22,164
to actually explain.
586
00:22:22,164 --> 00:22:23,400
What is cryptography.
587
00:22:23,470 --> 00:22:24,300
All right.
588
00:22:24,300 --> 00:22:27,500
So let's say we have
a person and let's call him Andy
589
00:22:27,500 --> 00:22:30,700
now suppose Andy sends a message
to his friend Sam who's
590
00:22:30,700 --> 00:22:32,700
on the other side
of the world now,
591
00:22:32,700 --> 00:22:35,200
obviously he wants
this message to be private
592
00:22:35,200 --> 00:22:38,200
and nobody else should Have
access to the message now.
593
00:22:38,200 --> 00:22:39,473
He uses a public forum.
594
00:22:39,473 --> 00:22:42,208
For example the internet
for sending this message.
595
00:22:42,208 --> 00:22:44,937
The goal is to actually
secure this communication.
596
00:22:44,937 --> 00:22:48,000
And of course we have to be
secured against someone now,
597
00:22:48,000 --> 00:22:50,200
let's say there is
a smart guy called Eve
598
00:22:50,200 --> 00:22:53,117
who is secretly got access
to your Communication channel
599
00:22:53,117 --> 00:22:55,605
since this guy has access
to your communication.
600
00:22:55,605 --> 00:22:57,900
He can do much more
than just eavesdrop.
601
00:22:57,900 --> 00:23:01,100
For example, you can try
to change the message in itself.
602
00:23:01,100 --> 00:23:03,100
Now this is just
a small example.
603
00:23:03,123 --> 00:23:06,123
What if Eve actually gets access
to your private information.
604
00:23:06,400 --> 00:23:09,500
Well that could actually result
in a big catastrophe.
605
00:23:09,500 --> 00:23:11,100
So, how can an D be sure
606
00:23:11,100 --> 00:23:14,400
that nobody in the middle could
access the message center sound.
607
00:23:14,500 --> 00:23:17,481
The goal here is to make
communication secure and that's
608
00:23:17,481 --> 00:23:19,000
where cryptography comes in.
609
00:23:19,000 --> 00:23:21,200
So what exactly is cryptography?
610
00:23:21,200 --> 00:23:23,082
Well cryptography
is the practice
611
00:23:23,082 --> 00:23:26,200
and the study of techniques
for securing communication
612
00:23:26,200 --> 00:23:28,500
and data in the
presence of adversaries.
613
00:23:28,600 --> 00:23:30,300
So, let me take
a moment to explain
614
00:23:30,300 --> 00:23:31,600
how that actually happens.
615
00:23:31,900 --> 00:23:34,200
Well, first of all,
we have a message.
616
00:23:34,200 --> 00:23:37,313
This message is firstly
converted into a Eric form
617
00:23:37,313 --> 00:23:40,292
and then this numeric form
is applied with a key
618
00:23:40,292 --> 00:23:41,800
called an encryption key
619
00:23:41,800 --> 00:23:45,100
and this encryption key is used
in encryption algorithm.
620
00:23:45,100 --> 00:23:46,688
So once the numeric message
621
00:23:46,688 --> 00:23:48,958
and the encryption key
has been applied
622
00:23:48,958 --> 00:23:50,500
in an encryption algorithm.
623
00:23:50,500 --> 00:23:52,600
What we get is called
a cipher text.
624
00:23:52,600 --> 00:23:55,209
Now this Cipher text
is sent over the network
625
00:23:55,209 --> 00:23:57,000
to the other side of the world
626
00:23:57,000 --> 00:23:59,900
where the other person
whose message is intended
627
00:23:59,900 --> 00:24:02,870
for will actually use
a decryption key and use
628
00:24:02,870 --> 00:24:06,384
the ciphertext as a parameter
of a decryption algorithm.
629
00:24:06,384 --> 00:24:07,500
And then he'll get
630
00:24:07,500 --> 00:24:09,719
what we actually send
as a message and
631
00:24:09,719 --> 00:24:12,900
if some error had actually
occurred he'd get an arrow.
632
00:24:13,000 --> 00:24:13,659
So let's see
633
00:24:13,659 --> 00:24:16,900
how cryptography can help secure
the connection between Andy
634
00:24:16,900 --> 00:24:19,100
and sound so
the protect his message
635
00:24:19,100 --> 00:24:21,700
and the first converts
his readable message
636
00:24:21,700 --> 00:24:23,431
to an unreadable form here.
637
00:24:23,431 --> 00:24:26,056
He converts a message
to some random numbers
638
00:24:26,056 --> 00:24:27,400
and after that he uses
639
00:24:27,400 --> 00:24:30,630
a key to encrypt his message
after applying this key
640
00:24:30,630 --> 00:24:32,700
to the numerical form
of his message.
641
00:24:32,700 --> 00:24:35,000
He gets a new
value in cryptography.
642
00:24:35,000 --> 00:24:36,600
We call this ciphertext.
643
00:24:36,700 --> 00:24:38,700
So now if Andy
sends the ciphertext
644
00:24:38,700 --> 00:24:41,100
or encrypted message
over Communication channel,
645
00:24:41,100 --> 00:24:42,212
he won't have to worry
646
00:24:42,212 --> 00:24:45,363
about somebody in the middle of
discovering the private message.
647
00:24:45,363 --> 00:24:47,763
Even if somebody manages
to discover the message,
648
00:24:47,763 --> 00:24:49,800
he won't be able
to decrypt the message
649
00:24:49,800 --> 00:24:52,500
without having a proper key
to unlock this message.
650
00:24:52,500 --> 00:24:54,800
So suppose Eve here
discovers the message
651
00:24:54,800 --> 00:24:57,500
and he somehow manages
to tamper with the message
652
00:24:57,500 --> 00:25:00,619
and message finally reaches
some Sam would need a key
653
00:25:00,619 --> 00:25:03,931
to decrypt the message to
recover the original plaintext.
654
00:25:03,931 --> 00:25:06,402
So using the key he
would convert a cipher.
655
00:25:06,402 --> 00:25:08,284
X2 numerical value corresponding
656
00:25:08,284 --> 00:25:11,351
to the plain text now after
using the key for decryption,
657
00:25:11,351 --> 00:25:14,200
what will come out is
the original plain text message
658
00:25:14,200 --> 00:25:16,900
or an adult now this error
is very important.
659
00:25:16,900 --> 00:25:18,252
It is the way Sam knows
660
00:25:18,252 --> 00:25:21,344
that message sent by Andy is
not the same as a message
661
00:25:21,344 --> 00:25:22,258
that you receive.
662
00:25:22,258 --> 00:25:23,964
So the error in a sense tells us
663
00:25:23,964 --> 00:25:26,200
that Eve has tampered
with the message.
664
00:25:26,200 --> 00:25:28,200
Now, the important thing
to note here is
665
00:25:28,200 --> 00:25:30,257
that in modern
cryptography the security
666
00:25:30,257 --> 00:25:33,000
of the system purely relies
on keeping the encryption
667
00:25:33,000 --> 00:25:35,295
and decryption key secret
based on the type
668
00:25:35,295 --> 00:25:36,497
of keys and encryption.
669
00:25:36,497 --> 00:25:37,711
Algorithms cryptography
670
00:25:37,711 --> 00:25:40,300
is classified under
the following categories.
671
00:25:40,300 --> 00:25:42,635
Now cryptography is
broadly classified
672
00:25:42,635 --> 00:25:44,300
under two categories namely
673
00:25:44,300 --> 00:25:47,900
symmetric key cryptography
and a symmetric key cryptography
674
00:25:47,900 --> 00:25:50,700
popularly also known as
public key cryptography.
675
00:25:50,700 --> 00:25:52,669
Now symmetric key cryptography
676
00:25:52,669 --> 00:25:55,789
is further classified
as classical cryptography
677
00:25:55,789 --> 00:25:57,300
and modern cryptography
678
00:25:57,600 --> 00:26:01,400
further drilling down classical
cryptography is divided into two
679
00:26:01,400 --> 00:26:03,107
which is transposition cipher
680
00:26:03,107 --> 00:26:06,700
and substitution Cipher on the
other hand modern cryptography.
681
00:26:06,700 --> 00:26:08,620
He is divided into stream Cipher
682
00:26:08,620 --> 00:26:11,300
and block Cipher
in the upcoming slides
683
00:26:11,300 --> 00:26:14,300
are broadly explain all
these types of cryptography.
684
00:26:14,300 --> 00:26:17,200
So let's start with symmetric
key cryptography first.
685
00:26:17,200 --> 00:26:20,800
So symmetric key algorithms
are algorithms for cryptography
686
00:26:20,800 --> 00:26:24,240
that use the same cryptographic
keys for broad encryption
687
00:26:24,240 --> 00:26:25,900
of plaintext and decryption
688
00:26:25,900 --> 00:26:28,600
of ciphertext the keys
may be identical
689
00:26:28,600 --> 00:26:31,400
or there may be some simple
transformation to go
690
00:26:31,400 --> 00:26:33,322
between the two keys the keys
691
00:26:33,322 --> 00:26:35,709
in practice represent
a shared secret
692
00:26:35,709 --> 00:26:37,300
between two or more parties
693
00:26:37,300 --> 00:26:38,700
that can be used to maintain
694
00:26:38,700 --> 00:26:41,300
a private information
link this requirement
695
00:26:41,300 --> 00:26:43,050
that both parties have access
696
00:26:43,050 --> 00:26:45,642
to the secret key is
not the main drawbacks
697
00:26:45,642 --> 00:26:48,200
of symmetric key
encryption in comparison
698
00:26:48,200 --> 00:26:50,039
to public key encryption also
699
00:26:50,039 --> 00:26:52,422
known as a symmetric
key encryption now
700
00:26:52,422 --> 00:26:54,052
symmetric key cryptography
701
00:26:54,052 --> 00:26:57,000
is sometimes also called
secret key cryptography
702
00:26:57,000 --> 00:26:59,356
and the most popular
symmetric key system is
703
00:26:59,356 --> 00:27:01,000
the data encryption standards,
704
00:27:01,000 --> 00:27:03,900
which also stands
for D EAS next up.
705
00:27:03,900 --> 00:27:06,400
We're going to discuss
transposition Cipher.
706
00:27:06,400 --> 00:27:07,600
So in cryptography
707
00:27:07,600 --> 00:27:10,600
a transposition cipher
is a method of encryption
708
00:27:10,600 --> 00:27:13,600
by which the positions held
by units of plain text,
709
00:27:13,600 --> 00:27:15,710
which are commonly
characters are groups
710
00:27:15,710 --> 00:27:18,655
of characters are shifted
according to a regular system
711
00:27:18,655 --> 00:27:21,419
so that the ciphertext
constitutes a permutation
712
00:27:21,419 --> 00:27:22,400
of the plain text.
713
00:27:22,400 --> 00:27:25,011
That is the order
of units is changed.
714
00:27:25,011 --> 00:27:27,200
The plaintext is reordered now,
715
00:27:27,200 --> 00:27:30,100
mathematically speaking
a bijective function is used
716
00:27:30,100 --> 00:27:31,500
on the characters position
717
00:27:31,500 --> 00:27:34,016
to encrypt and an inverse
function to decrypt.
718
00:27:34,016 --> 00:27:34,988
So as you can see
719
00:27:34,988 --> 00:27:37,500
that there is an example
All on the slide.
720
00:27:37,500 --> 00:27:40,088
So on the plain text side,
we have a message,
721
00:27:40,088 --> 00:27:42,096
which says meet me
after the party.
722
00:27:42,096 --> 00:27:42,339
Now.
723
00:27:42,339 --> 00:27:45,800
This has been carefully arranged
in the encryption Matrix,
724
00:27:45,800 --> 00:27:49,500
which has been divided
into six rows and the columns.
725
00:27:49,500 --> 00:27:51,200
So next we have a key
726
00:27:51,200 --> 00:27:54,100
which is basically
for to 165 and then
727
00:27:54,100 --> 00:27:57,200
we rearranged by looking
at the plain text Matrix
728
00:27:57,200 --> 00:27:59,023
and then we get the cipher text
729
00:27:59,023 --> 00:28:01,572
which basically is
some unreadable gibberish
730
00:28:01,572 --> 00:28:02,454
at this moment.
731
00:28:02,454 --> 00:28:04,500
So that's how this
whole algorithm works
732
00:28:04,500 --> 00:28:05,400
on the other hand
733
00:28:05,400 --> 00:28:08,100
when the ciphertext Being
converted into the plain text
734
00:28:08,100 --> 00:28:10,500
The plaintext Matrix
is going to be referred
735
00:28:10,500 --> 00:28:13,100
and it can be done
very easily moving on.
736
00:28:13,100 --> 00:28:15,500
We are going to discuss
substitution Cipher.
737
00:28:15,700 --> 00:28:19,182
So substitution of single letter
separately simple substitution
738
00:28:19,182 --> 00:28:20,361
can be demonstrated
739
00:28:20,361 --> 00:28:22,100
by writing out the alphabets
740
00:28:22,100 --> 00:28:24,800
in some order to represent
the substitution.
741
00:28:24,800 --> 00:28:27,800
This is termed a substitution
alphabet the cipher
742
00:28:27,800 --> 00:28:29,568
the alphabet may be shifted
743
00:28:29,568 --> 00:28:31,600
or reversed creating the Caesar
744
00:28:31,600 --> 00:28:34,700
and upstage Cipher
respectively or scrambled
745
00:28:34,700 --> 00:28:36,000
in a more complex fashion.
746
00:28:36,200 --> 00:28:38,657
In which case it is called
a mixed Alpha bit
747
00:28:38,657 --> 00:28:39,800
or deranged alphabet
748
00:28:39,800 --> 00:28:43,030
traditionally mixed alphabets
may be created by first writing
749
00:28:43,030 --> 00:28:45,435
out keyword removing
repeated letters in it.
750
00:28:45,435 --> 00:28:48,400
Then writing all the remaining
letters in the alphabet
751
00:28:48,400 --> 00:28:51,315
in the usual order now
consider this example shown
752
00:28:51,315 --> 00:28:53,100
on the slide using the system.
753
00:28:53,100 --> 00:28:55,150
We just discussed
the keyword zebras gives
754
00:28:55,150 --> 00:28:58,100
us the following alphabets
from the plain text alphabet,
755
00:28:58,100 --> 00:28:59,100
which is a to z.
756
00:28:59,300 --> 00:29:00,600
So the ciphertext alphabet
757
00:29:00,600 --> 00:29:03,617
is basically zebras Then
followed by all the alphabets.
758
00:29:03,617 --> 00:29:05,700
We have missed out
in the zebra word.
759
00:29:05,700 --> 00:29:06,600
So as you guys,
760
00:29:06,600 --> 00:29:09,495
Can see it's zebras followed
by s c d e f g h
761
00:29:09,495 --> 00:29:12,128
and so on now suppose
we were to actually
762
00:29:12,128 --> 00:29:14,200
encrypt a message
using this code.
763
00:29:14,200 --> 00:29:15,300
So as you guys can see
764
00:29:15,300 --> 00:29:17,200
on the screen,
I've shown you an example,
765
00:29:17,200 --> 00:29:18,900
which is a message flee at once.
766
00:29:18,900 --> 00:29:20,600
We are discovered
is being actually
767
00:29:20,600 --> 00:29:22,300
encrypted using this code.
768
00:29:22,301 --> 00:29:25,900
So if you guys can see
out here the F letter
769
00:29:25,900 --> 00:29:27,900
actually corresponds to S.
770
00:29:28,246 --> 00:29:31,400
And then the L letter
actually corresponds
771
00:29:31,400 --> 00:29:36,600
to I out here then we actually
get the cipher text which is Si
772
00:29:36,600 --> 00:29:38,700
a a is that you using the code
773
00:29:38,700 --> 00:29:41,935
and the process that I just
discussed now traditionally,
774
00:29:41,935 --> 00:29:44,100
the cipher text
is written out in blocks
775
00:29:44,100 --> 00:29:46,900
of fixed length omitting
punctuations and spaces.
776
00:29:46,900 --> 00:29:49,804
This is done to help avoid
transmission errors to disguise
777
00:29:49,804 --> 00:29:52,098
the word boundaries
from the plain text.
778
00:29:52,098 --> 00:29:53,800
Now these blocks
are called groups
779
00:29:53,800 --> 00:29:55,217
and sometimes a group count.
780
00:29:55,217 --> 00:29:57,900
That is the number of groups
is given as an additional
781
00:29:57,900 --> 00:30:00,400
check now five-letter
groups are traditional
782
00:30:00,400 --> 00:30:01,400
as you guys can see
783
00:30:01,400 --> 00:30:04,400
that we have also divided
our ciphertext into groups
784
00:30:04,400 --> 00:30:06,200
of five and this dates back.
785
00:30:06,200 --> 00:30:08,539
Back to when messages
were actually used
786
00:30:08,539 --> 00:30:10,300
to be transmitted by Telegraph.
787
00:30:10,300 --> 00:30:11,300
Now if the length
788
00:30:11,300 --> 00:30:14,080
of the message happens
not to be divisible by 5.
789
00:30:14,080 --> 00:30:16,300
It may be padded
at the end with nulls
790
00:30:16,300 --> 00:30:18,237
and these can be any characters
791
00:30:18,237 --> 00:30:20,860
that can be decrypted
to obvious nonsense.
792
00:30:20,860 --> 00:30:23,100
So the receiver
can easily spot them
793
00:30:23,100 --> 00:30:26,700
and discard them next on
our list is stream Cipher.
794
00:30:27,300 --> 00:30:29,300
So a stream Cipher is a method
795
00:30:29,300 --> 00:30:31,778
of encrypting text
to produce Cipher text
796
00:30:31,778 --> 00:30:33,589
in which a cryptographic key
797
00:30:33,589 --> 00:30:36,500
and algorithm are applied
to each binary digit
798
00:30:36,500 --> 00:30:38,660
in a data stream
one bit at a time.
799
00:30:38,660 --> 00:30:41,900
This method is not much used
in modern cryptography.
800
00:30:41,900 --> 00:30:44,944
The main alternative method
is block Cipher in which a key
801
00:30:44,944 --> 00:30:46,405
and algorithm are applied
802
00:30:46,405 --> 00:30:49,521
to block of data rather than
individual bits in a stream.
803
00:30:49,521 --> 00:30:49,800
Okay.
804
00:30:49,800 --> 00:30:52,249
So now that we've spoken
about block Cipher let's go
805
00:30:52,249 --> 00:30:53,800
and actually explain what block
806
00:30:53,800 --> 00:30:57,111
Cipher does a block Cipher
is an encryption method that
807
00:30:57,111 --> 00:30:58,582
A deterministic algorithm
808
00:30:58,582 --> 00:31:01,081
for the symmetric key
to encrypt a block
809
00:31:01,081 --> 00:31:03,900
of text rather than encrypting
one bit at a time as
810
00:31:03,900 --> 00:31:05,000
in stream ciphers.
811
00:31:05,000 --> 00:31:08,300
For example, a common block
Cipher AES encryption
812
00:31:08,300 --> 00:31:11,500
128-bit blocks with a key
of predetermined length.
813
00:31:11,500 --> 00:31:14,900
That is either 128 192
or 256 bits in length.
814
00:31:15,000 --> 00:31:16,100
Now block ciphers
815
00:31:16,100 --> 00:31:18,235
are pseudo-random
permutation families
816
00:31:18,235 --> 00:31:21,000
that operate on the fixed size
of block of bits.
817
00:31:21,000 --> 00:31:22,500
These prps our function
818
00:31:22,500 --> 00:31:25,000
that cannot be
differentiated from completely
819
00:31:25,000 --> 00:31:26,158
random permutation
820
00:31:26,158 --> 00:31:29,800
and thus are A reliable
and been proven to be unreliable
821
00:31:29,800 --> 00:31:30,686
by some Source.
822
00:31:30,686 --> 00:31:30,980
Okay.
823
00:31:30,980 --> 00:31:31,900
So now it's time
824
00:31:31,900 --> 00:31:34,200
that we discussed
some asymmetric cryptography.
825
00:31:34,400 --> 00:31:36,500
So asymmetric cryptography also
826
00:31:36,500 --> 00:31:40,006
known as public key cryptography
is any cryptography system
827
00:31:40,006 --> 00:31:41,400
that uses pair of keys,
828
00:31:41,400 --> 00:31:44,517
which is a public key
which may be disseminated widely
829
00:31:44,517 --> 00:31:45,458
and private Keys
830
00:31:45,458 --> 00:31:47,300
which are known
only to the owner.
831
00:31:47,300 --> 00:31:50,100
This accomplishes
two functions authentication
832
00:31:50,100 --> 00:31:51,600
where the public key verify is
833
00:31:51,600 --> 00:31:54,350
that a holder of the paired
private key send the message
834
00:31:54,350 --> 00:31:57,265
and encryption where only
the paired private key holder.
835
00:31:57,265 --> 00:31:58,823
Decrypt the message encrypted
836
00:31:58,823 --> 00:32:02,000
with the public key and
a public key encryption system.
837
00:32:02,000 --> 00:32:05,327
Any person can encrypt a message
using the receivers public key
838
00:32:05,327 --> 00:32:07,636
that encrypted message
can only be decrypted
839
00:32:07,636 --> 00:32:09,300
with the receivers private key.
840
00:32:09,300 --> 00:32:10,211
So to be practical
841
00:32:10,211 --> 00:32:12,800
the generation of public
and private key pair
842
00:32:12,800 --> 00:32:15,276
must be computationally
economical the strength
843
00:32:15,276 --> 00:32:17,451
of a public key
cryptography system relies
844
00:32:17,451 --> 00:32:20,629
on computational efforts
required to find the private key
845
00:32:20,629 --> 00:32:22,099
from its paid public key.
846
00:32:22,100 --> 00:32:23,307
So effective security
847
00:32:23,307 --> 00:32:25,896
only requires keeping
the private key private
848
00:32:25,992 --> 00:32:28,300
and the public key
can be a openly distributed
849
00:32:28,300 --> 00:32:29,800
without compromising security.
850
00:32:29,800 --> 00:32:30,100
Okay.
851
00:32:30,100 --> 00:32:31,800
So now that I've
actually shown you guys
852
00:32:31,800 --> 00:32:33,700
how cryptography actually
works and how
853
00:32:33,700 --> 00:32:36,423
the different classifications
are actually applied.
854
00:32:36,423 --> 00:32:38,600
Let's go and do
something interesting.
855
00:32:38,700 --> 00:32:41,800
So you guys are actually
watching this video
856
00:32:41,800 --> 00:32:43,319
on YouTube right now.
857
00:32:43,319 --> 00:32:45,128
So if you guys actually go
858
00:32:45,128 --> 00:32:48,400
and click on the secure part
besides the URL you
859
00:32:48,400 --> 00:32:50,920
can actually go and view
the digital certificates
860
00:32:50,920 --> 00:32:52,600
that are actually used out here.
861
00:32:52,676 --> 00:32:54,523
So click on certificates
862
00:32:54,600 --> 00:32:57,400
and you'll see the details
in the details.
863
00:32:57,400 --> 00:32:57,700
Up.
864
00:32:57,700 --> 00:33:00,905
Now as you guys can see
the signature algorithm
865
00:33:00,905 --> 00:33:01,818
that is used
866
00:33:01,818 --> 00:33:06,000
for actually securing YouTube
is being shot 256 with RSA
867
00:33:06,000 --> 00:33:09,100
and RC is a very very
common encryption algorithm
868
00:33:09,100 --> 00:33:09,700
that is used
869
00:33:09,700 --> 00:33:12,600
throughout the internet then
the signature hash algorithm
870
00:33:12,600 --> 00:33:15,000
that is being used is sha-256.
871
00:33:15,000 --> 00:33:18,100
And the issue is
Googling internet Authority
872
00:33:18,100 --> 00:33:20,525
and you can get
a lot of information
873
00:33:20,525 --> 00:33:23,894
about sites and all
their Authority Key identifiers
874
00:33:23,894 --> 00:33:27,600
or certificate policies
the key usage and a lot of thing
875
00:33:27,600 --> 00:33:31,218
about security just from
this small little button audio.
876
00:33:31,218 --> 00:33:32,600
Also, let me show you
877
00:33:32,600 --> 00:33:35,800
a little how public key
encryption actually works.
878
00:33:35,900 --> 00:33:37,053
So on the side,
879
00:33:37,053 --> 00:33:40,800
which is basically
cobwebs dot CSV or UGA dot edu.
880
00:33:40,800 --> 00:33:44,105
You can actually demo out
public key encryption.
881
00:33:44,105 --> 00:33:47,904
So suppose we had to send
a message first we would need
882
00:33:47,904 --> 00:33:49,067
to generate keys.
883
00:33:49,067 --> 00:33:50,300
So as you can see,
884
00:33:50,300 --> 00:33:53,000
I just click generate keys
and it got me two keys,
885
00:33:53,000 --> 00:33:54,696
which is one is the public key,
886
00:33:54,696 --> 00:33:57,164
which I will distribute
for the network and one.
887
00:33:57,164 --> 00:34:00,400
Private key which I will
actually keep secret to myself.
888
00:34:00,400 --> 00:34:01,200
Now.
889
00:34:01,200 --> 00:34:04,300
I want to send a message
saying hi there.
890
00:34:04,500 --> 00:34:07,600
When is the exam tomorrow?
891
00:34:07,900 --> 00:34:11,800
So now we are going to encrypt
it using the public key
892
00:34:11,800 --> 00:34:14,400
because that's exactly
what's distributed.
893
00:34:14,400 --> 00:34:17,833
So now as you can see we
have got our ciphertext saw
894
00:34:17,833 --> 00:34:20,643
this huge thing right
out here is ciphertext
895
00:34:20,643 --> 00:34:24,500
and absolutely makes no sense
whatsoever now suppose we were
896
00:34:24,500 --> 00:34:25,348
to actually then
897
00:34:25,348 --> 00:34:28,196
decrypt the message we
would Would use the private key
898
00:34:28,196 --> 00:34:31,726
that goes along with our account
and we would decode the message
899
00:34:31,726 --> 00:34:34,473
and as you guys can see
voila we have hi there
900
00:34:34,474 --> 00:34:35,800
when the exam tomorrow.
901
00:34:35,899 --> 00:34:37,500
So we are actually
sent a message
902
00:34:37,500 --> 00:34:40,500
on the internet in a very
secure fashion above that.
903
00:34:40,500 --> 00:34:43,400
There's also our essay
that needs some explaining
904
00:34:43,400 --> 00:34:46,164
because I had promised
that to now RSA is a very
905
00:34:46,164 --> 00:34:47,800
very commonly used algorithm
906
00:34:47,800 --> 00:34:49,688
that is used
throughout the internet
907
00:34:49,688 --> 00:34:51,900
and you just saw it
being used by YouTube.
908
00:34:51,900 --> 00:34:53,400
So it has to be common.
909
00:34:53,400 --> 00:34:57,100
So RSA has a very unique way
of applying this algorithm.
910
00:34:57,300 --> 00:34:58,900
There are many actual parameters
911
00:34:58,900 --> 00:35:00,600
that you actually
need to study.
912
00:35:00,600 --> 00:35:00,900
Okay.
913
00:35:00,900 --> 00:35:03,500
So now we're actually
going to discuss Odyssey,
914
00:35:03,500 --> 00:35:05,763
which is a very popular
algorithm that is used
915
00:35:05,763 --> 00:35:06,752
for of the internet.
916
00:35:06,752 --> 00:35:07,523
And you also saw
917
00:35:07,523 --> 00:35:09,600
that it's being used
by YouTube right now.
918
00:35:09,600 --> 00:35:12,300
So this cryptosystem is one
of the initial system.
919
00:35:12,300 --> 00:35:15,007
It remains most employed
cryptosystem even today
920
00:35:15,007 --> 00:35:17,600
and the system was invented
by three Scholars,
921
00:35:17,600 --> 00:35:21,123
which is Ron rivest ADI
Shamir and Len adleman
922
00:35:21,700 --> 00:35:25,500
hence the name RSA and we
will see the two aspects
923
00:35:25,500 --> 00:35:27,000
of the RSA cryptosystem.
924
00:35:27,000 --> 00:35:28,860
Firstly generation of key pair
925
00:35:28,860 --> 00:35:31,520
and secondly encryption
decryption algorithms.
926
00:35:31,520 --> 00:35:33,000
So each person or a party
927
00:35:33,000 --> 00:35:34,334
who desires to participate
928
00:35:34,334 --> 00:35:36,900
in communication using
encryption needs to generate
929
00:35:36,900 --> 00:35:39,700
a pair of keys namely
public key and private key.
930
00:35:39,700 --> 00:35:42,600
So the process followed
in the generation of keys is
931
00:35:42,600 --> 00:35:43,634
as follows first,
932
00:35:43,634 --> 00:35:45,400
we have to actually calculate
933
00:35:45,400 --> 00:35:48,900
n now n is actually given
by multiplying p and Q
934
00:35:48,900 --> 00:35:50,700
as you guys can see out here.
935
00:35:50,700 --> 00:35:54,792
So p and Q are supposed to be
very large prime numbers so
936
00:35:54,792 --> 00:35:56,400
out here P will be 35,
937
00:35:56,400 --> 00:35:58,600
but Are some very
strong encryption we
938
00:35:58,600 --> 00:36:01,000
are going to choose very
large prime numbers.
939
00:36:01,000 --> 00:36:04,430
Then we actually have
to calculate Phi L Phi is you
940
00:36:04,430 --> 00:36:06,900
can see the formula
goes is p minus 1
941
00:36:06,900 --> 00:36:09,900
into Q minus 1 and this
helps us determine
942
00:36:09,900 --> 00:36:11,734
for the encryption algorithm.
943
00:36:11,734 --> 00:36:13,577
Now, then we have to actually
944
00:36:13,577 --> 00:36:15,989
calculate e now he
must be greater than 1
945
00:36:15,989 --> 00:36:17,063
and less than Phi
946
00:36:17,063 --> 00:36:18,248
which is p minus 1
947
00:36:18,248 --> 00:36:21,985
into Q minus 1 and there must be
no common factors for e +
948
00:36:21,985 --> 00:36:23,100
5 except for one.
949
00:36:23,100 --> 00:36:24,118
So in other words,
950
00:36:24,118 --> 00:36:26,100
they must be co-prime
to each other.
951
00:36:26,400 --> 00:36:29,500
Now to form the public key
the pair of numbers
952
00:36:29,500 --> 00:36:32,423
n and E from the RSA
public Key System.
953
00:36:32,600 --> 00:36:35,029
This is actually made public
and is distributed
954
00:36:35,029 --> 00:36:37,800
throughout the network
interestingly though,
955
00:36:37,800 --> 00:36:40,664
N is a part of the public key
and the difficulty
956
00:36:40,664 --> 00:36:43,000
in factorizing a large
prime number ensures
957
00:36:43,000 --> 00:36:45,200
that the attacker
cannot find in finite time.
958
00:36:45,200 --> 00:36:47,109
The two primes that is p and Q
959
00:36:47,109 --> 00:36:50,800
that is used to obtain n this
actually ensures the strength
960
00:36:50,800 --> 00:36:54,509
of RSA now in the generation
of the private key.
961
00:36:54,700 --> 00:36:59,900
The private key D is It from p q
and E for given n and E.
962
00:36:59,900 --> 00:37:02,200
There is a unique number D. Now.
963
00:37:02,200 --> 00:37:05,300
The number D is the inverse
of B modulo 5.
964
00:37:05,300 --> 00:37:08,809
This means that D is a number
less than five such that
965
00:37:08,809 --> 00:37:10,200
when multiplied by E.
966
00:37:10,200 --> 00:37:11,200
It gives one.
967
00:37:11,400 --> 00:37:14,500
So let's go and actually
fill up these numbers.
968
00:37:14,500 --> 00:37:17,900
So n should be 35 out Hill
969
00:37:17,900 --> 00:37:21,100
and if we generate them
we get the value of V,
970
00:37:21,100 --> 00:37:21,999
which is 24,
971
00:37:21,999 --> 00:37:24,100
which is basically 4 into 6,
972
00:37:24,100 --> 00:37:28,154
and then we should also get It's
now he should be co-prime.
973
00:37:28,154 --> 00:37:32,400
So we are going to give it 11
as 11 is co-prime to both.
974
00:37:32,700 --> 00:37:36,779
So now for the actual encryption
part we have to put in p
975
00:37:36,779 --> 00:37:37,800
and N out here
976
00:37:38,000 --> 00:37:40,600
so he out here for us is 11
977
00:37:40,600 --> 00:37:45,200
and N is 35 and then we
are going to pick a letter
978
00:37:45,200 --> 00:37:46,584
to actually Cipher
979
00:37:46,584 --> 00:37:50,892
which is a and then we're going
to encode it as a number.
980
00:37:50,900 --> 00:37:53,400
So as you guys can see
we've encoded as
981
00:37:53,400 --> 00:37:56,200
one and out here now.
982
00:37:56,200 --> 00:37:59,000
After we've given the message
it's numerical form.
983
00:37:59,000 --> 00:38:00,400
We click on encryption
984
00:38:00,400 --> 00:38:03,600
and we get it now to actually
decrypt the message.
985
00:38:03,600 --> 00:38:07,300
We are going to need d
and n now D for us was 5
986
00:38:07,900 --> 00:38:11,900
and N was 35 so 5 and 35
987
00:38:12,300 --> 00:38:15,000
and then we're going
to take encrypted message
988
00:38:15,000 --> 00:38:18,100
from above and we're going
to decrypt this message.
989
00:38:18,100 --> 00:38:20,200
So after you decrypt it,
990
00:38:20,200 --> 00:38:22,800
we have the numerical form
of the plaintext
991
00:38:22,800 --> 00:38:26,118
and then decode the messages
click here decode messages.
992
00:38:26,118 --> 00:38:29,800
And as you guys can see we have
decoded the message using RSA.
993
00:38:29,980 --> 00:38:32,519
So guys that's
how I receive Oaks.
994
00:38:32,700 --> 00:38:34,700
I explained all the factors
995
00:38:34,700 --> 00:38:38,814
that we actually use
in our essay from n25 to e to D.
996
00:38:39,000 --> 00:38:41,500
And I hope you understood
a part of it
997
00:38:41,700 --> 00:38:42,709
if y'all are still
998
00:38:42,709 --> 00:38:45,400
more interested y'all can
actually research a lot
999
00:38:45,400 --> 00:38:48,900
on our say it's a very
in-depth cryptography system p
1000
00:38:48,900 --> 00:38:56,200
and N now D for us was 5
and N was 35 so 5 and 35.
1001
00:38:56,700 --> 00:38:59,300
And then we're going
to take encrypted message
1002
00:38:59,300 --> 00:39:02,400
from above and we're going
to decrypt this message.
1003
00:39:02,400 --> 00:39:05,900
So after you decrypted we
have the numerical form
1004
00:39:05,900 --> 00:39:07,000
of the plaintext
1005
00:39:07,000 --> 00:39:10,333
and then decode the messages
click here decode message.
1006
00:39:10,333 --> 00:39:14,100
And as you guys can see we have
decoded the message using RSA.
1007
00:39:14,200 --> 00:39:16,892
So guys, that's
how I receive books.
1008
00:39:17,000 --> 00:39:19,000
I explained all the factors
1009
00:39:19,000 --> 00:39:23,114
that we actually use
in our essay from n25 to e to D.
1010
00:39:23,200 --> 00:39:25,800
And I hope you understood
a part of it.
1011
00:39:26,100 --> 00:39:27,158
If y'all are still
1012
00:39:27,158 --> 00:39:29,700
more interested y'all can
actually research a lot
1013
00:39:29,700 --> 00:39:38,000
on our say it's a very in-depth
cryptography system just
1014
00:39:38,000 --> 00:39:41,300
as pollution was a side effect
of the Industrial Revolution.
1015
00:39:41,300 --> 00:39:43,451
So are the many
security vulnerabilities
1016
00:39:43,451 --> 00:39:46,100
that come with the
increase internet connectivity
1017
00:39:46,100 --> 00:39:47,900
cyber attacks are exploitations
1018
00:39:47,900 --> 00:39:51,254
of those vulnerabilities
for the most part individuals
1019
00:39:51,254 --> 00:39:54,576
and businesses have found ways
to counter cyber attacks using
1020
00:39:54,576 --> 00:39:56,400
a variety of security measures.
1021
00:39:56,400 --> 00:39:58,400
And just Good Old Common Sense.
1022
00:39:58,400 --> 00:39:59,700
We are going to examine eight
1023
00:39:59,700 --> 00:40:01,700
of the most common
cyber security threats
1024
00:40:01,700 --> 00:40:04,800
that your business could face
and the ways to avoid them.
1025
00:40:04,800 --> 00:40:07,065
So before we actually
jump into the session,
1026
00:40:07,065 --> 00:40:09,641
let me give you how the session
will actually work.
1027
00:40:09,641 --> 00:40:12,521
We are going to discuss
the most 8 common cyber threats.
1028
00:40:12,521 --> 00:40:15,085
We're going to discuss
in particular what they are
1029
00:40:15,085 --> 00:40:17,700
how the threat works
and how to protect yourself.
1030
00:40:17,700 --> 00:40:18,026
Okay.
1031
00:40:18,026 --> 00:40:19,108
So now let's jump
1032
00:40:19,108 --> 00:40:22,293
in now cyber attacks
are taking place all the time.
1033
00:40:22,293 --> 00:40:26,266
Even as we speak the security of
some organization big or small.
1034
00:40:26,266 --> 00:40:27,843
All is being compromised.
1035
00:40:27,843 --> 00:40:28,600
For example,
1036
00:40:28,600 --> 00:40:31,200
if you visit this site out here
that is threat Cloud.
1037
00:40:31,300 --> 00:40:34,000
You can actually view
all the cyber attacks
1038
00:40:34,000 --> 00:40:35,896
that are actually
happening right now.
1039
00:40:35,896 --> 00:40:38,200
Let me just give you
a quick demonstration of
1040
00:40:38,200 --> 00:40:39,200
how that looks like.
1041
00:40:39,400 --> 00:40:41,600
Okay, so as you
guys can see out here,
1042
00:40:41,600 --> 00:40:44,800
these are all the places that
are being compromised right now.
1043
00:40:44,800 --> 00:40:47,369
The red Parts actually
show us the part
1044
00:40:47,369 --> 00:40:50,116
that is being compromised
and the yellow places
1045
00:40:50,116 --> 00:40:53,400
actually show us from where
it's being compromised from.
1046
00:40:53,500 --> 00:40:55,200
Okay, as you guys can see now
1047
00:40:55,200 --> 00:40:58,729
that someone from Madeline's
is actually attacking this place
1048
00:40:58,729 --> 00:41:01,100
and someone from USA
was attacking Mexico.
1049
00:41:01,100 --> 00:41:02,431
It's a pretty interesting site
1050
00:41:02,431 --> 00:41:05,191
and actually gives you a scale
of how many cyber attacks
1051
00:41:05,191 --> 00:41:07,600
are actually happening
all the time in the world.
1052
00:41:07,600 --> 00:41:10,731
Okay now getting back I think
looking at all these types
1053
00:41:10,731 --> 00:41:11,700
of cyber attacks.
1054
00:41:11,700 --> 00:41:12,600
It's only necessary
1055
00:41:12,600 --> 00:41:14,800
that we educate ourselves
about all the types
1056
00:41:14,800 --> 00:41:16,500
of cyber threats that we have.
1057
00:41:16,500 --> 00:41:18,500
So these are
the eight cyber threats
1058
00:41:18,500 --> 00:41:20,750
that we're going to be
discussing today firstly.
1059
00:41:20,750 --> 00:41:22,600
We're going to start
off with malware.
1060
00:41:22,900 --> 00:41:26,000
So malware is
an all-encompassing term.
1061
00:41:26,100 --> 00:41:29,792
Or a variety of cyber attacks
including Trojans viruses
1062
00:41:29,792 --> 00:41:32,533
and worms malware
is simply defined as code
1063
00:41:32,533 --> 00:41:33,900
with malicious intent
1064
00:41:33,900 --> 00:41:35,577
that typically steals data
1065
00:41:35,577 --> 00:41:37,900
or destroy something
on the computer.
1066
00:41:38,300 --> 00:41:41,276
The way malware goes about doing
its damage can be helpful
1067
00:41:41,276 --> 00:41:44,200
in categorizing what kind
of malware you're dealing with.
1068
00:41:44,200 --> 00:41:45,700
So let's discuss it.
1069
00:41:45,700 --> 00:41:49,400
So first of all viruses like
the biological namesakes viruses
1070
00:41:49,400 --> 00:41:51,000
attach themselves to clean files
1071
00:41:51,000 --> 00:41:53,500
and infect other clean files
and they can spread
1072
00:41:53,500 --> 00:41:56,400
uncontrollably damaging
a systems core functionality.
1073
00:41:56,400 --> 00:41:58,100
I'm deleting or
corrupting files.
1074
00:41:58,100 --> 00:42:00,100
They usually appear
as executable files
1075
00:42:00,100 --> 00:42:02,400
that you might have downloaded
from the internet.
1076
00:42:02,400 --> 00:42:03,835
Then there are also Trojans.
1077
00:42:03,835 --> 00:42:04,600
Now this kind
1078
00:42:04,600 --> 00:42:07,400
of malware disguises
itself as legitimate software
1079
00:42:07,400 --> 00:42:10,400
or is included in legitimate
software that can be tampered
1080
00:42:10,400 --> 00:42:13,800
with it tends to act discreetly
and creates back doors
1081
00:42:13,800 --> 00:42:16,300
in your security to let
other malware sin.
1082
00:42:16,300 --> 00:42:17,815
Then we have worms worms.
1083
00:42:17,815 --> 00:42:20,604
In fact entire networks
of devices either local
1084
00:42:20,604 --> 00:42:23,898
or across the Internet by using
the Network's interfaces.
1085
00:42:23,898 --> 00:42:26,310
It uses each consecutive
infected machine.
1086
00:42:26,310 --> 00:42:28,900
To infect more and then
we have botnets and such
1087
00:42:28,900 --> 00:42:31,600
where botnets are networks
of infected computers
1088
00:42:31,600 --> 00:42:33,100
that are made to work together
1089
00:42:33,200 --> 00:42:35,319
under the controller
of an attacker.
1090
00:42:35,319 --> 00:42:37,497
So basically you
can encounter malware
1091
00:42:37,497 --> 00:42:39,674
if you have some OS
vulnerabilities or
1092
00:42:39,674 --> 00:42:42,640
if you download some legitimate
software from somewhere
1093
00:42:42,640 --> 00:42:44,725
or you have some
other email attachment
1094
00:42:44,725 --> 00:42:46,100
that was compromised with
1095
00:42:46,600 --> 00:42:46,949
Okay.
1096
00:42:46,949 --> 00:42:49,400
So how exactly
do you remove malware
1097
00:42:49,400 --> 00:42:51,800
or how exactly do you
fight against it?
1098
00:42:51,800 --> 00:42:54,996
Well, each form of malware
has its own way of infecting
1099
00:42:54,996 --> 00:42:56,290
and damaging computers
1100
00:42:56,290 --> 00:42:57,600
and data and so each one
1101
00:42:57,600 --> 00:42:59,807
requires a different
malware removal method.
1102
00:42:59,807 --> 00:43:02,826
The best way to prevent malware
is to avoid clicking on links
1103
00:43:02,826 --> 00:43:05,248
or downloading attachments
from unknown senders.
1104
00:43:05,248 --> 00:43:06,594
And this is sometimes done
1105
00:43:06,594 --> 00:43:08,766
by deploying a robust
and updated firewall
1106
00:43:08,766 --> 00:43:11,271
which prevents the transfer
of large data files
1107
00:43:11,271 --> 00:43:13,806
over the network in a hope
to be doubt attachments
1108
00:43:13,806 --> 00:43:15,100
that may contain malware.
1109
00:43:15,100 --> 00:43:17,000
It's also important
oughtn't to make sure
1110
00:43:17,000 --> 00:43:18,600
your computer's operating system
1111
00:43:18,600 --> 00:43:21,518
whether it be Windows Mac
OS Linux uses the most
1112
00:43:21,518 --> 00:43:23,177
up-to-date security updates
1113
00:43:23,177 --> 00:43:26,131
and software programmers
update programs frequently
1114
00:43:26,131 --> 00:43:28,200
to address any holes
or weak points,
1115
00:43:28,200 --> 00:43:30,882
and it's important to install
all these updates as
1116
00:43:30,882 --> 00:43:33,400
well as to decrease
your own system weaknesses.
1117
00:43:33,400 --> 00:43:36,900
So next up on our list of
cyber threats we have fishing.
1118
00:43:36,900 --> 00:43:38,900
So what exactly is fishing
1119
00:43:38,900 --> 00:43:41,500
well often posing as
a request for data
1120
00:43:41,500 --> 00:43:44,284
from a trusted third
party phishing attacks
1121
00:43:44,284 --> 00:43:45,406
are sent via email
1122
00:43:45,406 --> 00:43:47,403
and ask Those to click on a link
1123
00:43:47,403 --> 00:43:50,797
and enter their personal
data phishing emails have gotten
1124
00:43:50,797 --> 00:43:53,100
much more sophisticated
in recent years
1125
00:43:53,100 --> 00:43:54,400
and making it difficult
1126
00:43:54,400 --> 00:43:56,900
for some people to discern
a legitimate request
1127
00:43:56,900 --> 00:43:58,100
for an information
1128
00:43:58,100 --> 00:44:00,906
from a false one now
phishing emails often fall
1129
00:44:00,906 --> 00:44:04,200
into the same category as
spam but are way more harmful
1130
00:44:04,200 --> 00:44:05,600
than just a simple ad
1131
00:44:05,600 --> 00:44:08,200
so how exactly
does fishing work.
1132
00:44:08,600 --> 00:44:12,200
Well most people associate
fishing with email message
1133
00:44:12,200 --> 00:44:15,369
that spoof or mimic Bank
credit card companies
1134
00:44:15,369 --> 00:44:17,500
or other Genesis
like Amazon eBay
1135
00:44:17,500 --> 00:44:20,900
and Facebook these messages look
at entik and attempt
1136
00:44:20,900 --> 00:44:23,800
to get victims to reveal
their personal information.
1137
00:44:23,800 --> 00:44:25,300
But email messages are
1138
00:44:25,300 --> 00:44:27,200
only one small piece
of a phishing scam
1139
00:44:27,400 --> 00:44:30,500
from beginning to end
the process involves five steps.
1140
00:44:30,500 --> 00:44:32,600
The first step is
planning the Fisher
1141
00:44:32,600 --> 00:44:35,400
must decide which business
to Target and determine
1142
00:44:35,400 --> 00:44:36,913
how to get email addresses
1143
00:44:36,913 --> 00:44:38,888
for the customers
of that business.
1144
00:44:38,888 --> 00:44:41,300
Then they must go
through the setup phase.
1145
00:44:41,300 --> 00:44:44,500
Once they know which business
to spoof and who their victims
1146
00:44:44,500 --> 00:44:47,441
are fissures create methods
for Living the messages
1147
00:44:47,441 --> 00:44:50,515
and collecting the data then
they have to execute the attack.
1148
00:44:50,515 --> 00:44:51,620
And this is the step.
1149
00:44:51,620 --> 00:44:54,198
Most people are familiar
with that is the fishes
1150
00:44:54,198 --> 00:44:55,350
and the phony message
1151
00:44:55,350 --> 00:44:57,600
that appears to be
from a reputable Source
1152
00:44:57,600 --> 00:44:59,200
after that the Fisher records
1153
00:44:59,200 --> 00:45:01,700
the information the victims
enter into the web page
1154
00:45:01,700 --> 00:45:04,135
or pop-up windows
and in the last step,
1155
00:45:04,135 --> 00:45:07,200
which is basically identity
theft and fraud the Fisher's use
1156
00:45:07,200 --> 00:45:10,300
the information they've gathered
to make illegal purchases
1157
00:45:10,300 --> 00:45:11,721
or otherwise commit fraud
1158
00:45:11,721 --> 00:45:14,839
and as many as 1/4 of
the victims never fully recover.
1159
00:45:14,839 --> 00:45:18,322
So how exactly can Can you
be actually preventing yourself
1160
00:45:18,322 --> 00:45:19,563
from getting fished?
1161
00:45:19,563 --> 00:45:22,607
Well, the only thing
that you can do is being aware
1162
00:45:22,607 --> 00:45:24,887
of how phishing
emails actually work.
1163
00:45:24,887 --> 00:45:25,900
So first of all,
1164
00:45:25,900 --> 00:45:29,100
a phishing email has
some very specific properties.
1165
00:45:29,100 --> 00:45:31,041
So firstly you
will have something
1166
00:45:31,041 --> 00:45:32,800
like a very generalized way
1167
00:45:32,800 --> 00:45:36,700
of addressing someone liked
your client then your message
1168
00:45:36,700 --> 00:45:40,354
will not be actually from a very
reputable source so out here
1169
00:45:40,354 --> 00:45:43,400
as you can see it's written
as Amazon on the label,
1170
00:45:43,400 --> 00:45:46,500
but if you actually inspect
the email address that Came
1171
00:45:46,500 --> 00:45:49,276
from its from management
at Maison Canada dot C A
1172
00:45:49,276 --> 00:45:52,100
which is not exactly
a legitimate Amazon address.
1173
00:45:52,100 --> 00:45:52,500
Third.
1174
00:45:52,500 --> 00:45:55,900
You can actually hover
over the redirect links and see
1175
00:45:55,900 --> 00:45:59,500
where they actually redirect you
to now this redirects me
1176
00:45:59,500 --> 00:46:01,880
to www.facebook.com zone.com
1177
00:46:01,900 --> 00:46:03,100
as you can see out here.
1178
00:46:03,200 --> 00:46:04,599
So basically, you know,
1179
00:46:04,599 --> 00:46:07,605
this is actually a phishing
email and you should actually
1180
00:46:07,605 --> 00:46:09,734
report this email
to your administrators
1181
00:46:09,734 --> 00:46:10,616
or anybody else
1182
00:46:10,616 --> 00:46:13,886
that you think is supposed
to be concerned with this also.
1183
00:46:13,886 --> 00:46:16,300
Let me give you guys
a quick demonstration.
1184
00:46:16,300 --> 00:46:19,600
Chinon how fishing actually
works from the perspective
1185
00:46:19,600 --> 00:46:20,904
of an attacker.
1186
00:46:21,100 --> 00:46:22,500
So first of all,
1187
00:46:22,700 --> 00:46:26,600
I have actually created
a phishing website for
1188
00:46:26,600 --> 00:46:28,900
harvesting Facebook credentials.
1189
00:46:29,000 --> 00:46:31,600
I simply just took
the source code
1190
00:46:31,600 --> 00:46:33,600
of the Facebook login page
1191
00:46:33,600 --> 00:46:37,400
and paste it and then made
a back-end code in PHP
1192
00:46:37,400 --> 00:46:40,812
which makes a log file
of all the Facebook passwords
1193
00:46:40,812 --> 00:46:44,225
that get actually entered
onto the fishing page now.
1194
00:46:44,225 --> 00:46:46,300
I've also sent myself an email.
1195
00:46:46,300 --> 00:46:48,606
As to make sure
this looks legitimate,
1196
00:46:48,606 --> 00:46:51,100
but this is only
for spreading awareness.
1197
00:46:51,100 --> 00:46:53,600
So please don't use
this method for actually
1198
00:46:53,600 --> 00:46:55,007
harvesting credentials.
1199
00:46:55,007 --> 00:46:57,500
That's actually a very
legal thing to do.
1200
00:46:57,500 --> 00:46:58,945
So, let's get started.
1201
00:46:58,945 --> 00:46:59,600
First of all,
1202
00:46:59,600 --> 00:47:01,200
you will go
to your email and see
1203
00:47:01,200 --> 00:47:04,900
that you'll get some emails
saying your Facebook credentials
1204
00:47:04,900 --> 00:47:06,274
have been compromised.
1205
00:47:06,274 --> 00:47:09,000
So when you open it,
it looks pretty legit.
1206
00:47:09,000 --> 00:47:11,410
Well, I haven't made
it look all that legit.
1207
00:47:11,410 --> 00:47:12,515
It should look legit.
1208
00:47:12,515 --> 00:47:15,165
But the point out here is
to actually make you aware
1209
00:47:15,165 --> 00:47:16,100
of how this works.
1210
00:47:16,100 --> 00:47:18,550
So as you guys can see
it says Dear client we have
1211
00:47:18,550 --> 00:47:19,800
strong reasons to believe
1212
00:47:19,800 --> 00:47:21,900
that your credentials
may have been compromised
1213
00:47:21,900 --> 00:47:23,900
and might have been used
by someone else.
1214
00:47:23,900 --> 00:47:25,900
We have locked
your Facebook account.
1215
00:47:25,900 --> 00:47:28,419
Please click here
to unlock sincerely
1216
00:47:28,419 --> 00:47:30,100
Facebook associate Dean.
1217
00:47:30,283 --> 00:47:32,600
So if we actually click here,
1218
00:47:32,600 --> 00:47:36,518
we are actually redirected
to a nice-looking Facebook page,
1219
00:47:36,518 --> 00:47:37,600
which is exactly
1220
00:47:37,600 --> 00:47:41,079
how Facebook looks like when
you're logging in now suppose.
1221
00:47:41,079 --> 00:47:43,900
I were to actually log
into my Facebook account,
1222
00:47:43,900 --> 00:47:46,300
which I won't I'll just
use some brand my
1223
00:47:46,300 --> 00:47:52,000
Like this is an email addres
gmail.com and let's put
1224
00:47:52,000 --> 00:47:54,600
password as admin 1 2 3
1225
00:47:54,900 --> 00:47:56,800
and we click login now
1226
00:47:56,800 --> 00:48:00,373
since my Facebook is actually
already logged in it will just
1227
00:48:00,373 --> 00:48:01,855
redirect to facebook.com
1228
00:48:01,855 --> 00:48:05,500
and you might just see me logged
in but on a normal computer
1229
00:48:05,500 --> 00:48:08,115
is just redirect you
to www.facebook.com,
1230
00:48:08,115 --> 00:48:10,600
which should just
show this site again.
1231
00:48:10,715 --> 00:48:11,100
Okay.
1232
00:48:11,100 --> 00:48:13,300
So once I click
login out here all
1233
00:48:13,300 --> 00:48:16,300
that the backend code
that I've written in PHP.
1234
00:48:16,300 --> 00:48:18,000
PHP out here will do is
1235
00:48:18,000 --> 00:48:20,800
that it's going to take
all the parameters
1236
00:48:20,800 --> 00:48:22,876
that have entered
into this website.
1237
00:48:22,876 --> 00:48:24,300
That is my email address
1238
00:48:24,300 --> 00:48:27,000
and the password and just
generate a log file about it.
1239
00:48:27,100 --> 00:48:29,854
So let's just hit
login and see what happens.
1240
00:48:29,854 --> 00:48:32,600
So as you guys can see
I've been redirected
1241
00:48:32,600 --> 00:48:34,500
to the original Facebook page
1242
00:48:34,500 --> 00:48:38,700
that is not meant for fishing
and on my system audio.
1243
00:48:39,100 --> 00:48:41,100
I have a log file
1244
00:48:41,100 --> 00:48:43,400
and this log file
will show exactly
1245
00:48:43,400 --> 00:48:46,197
as you can see are fished
out the email address.
1246
00:48:46,197 --> 00:48:47,500
This is an email addres
1247
00:48:47,500 --> 00:48:50,043
gmail.com and it's also
showed the password.
1248
00:48:50,043 --> 00:48:51,700
That is admin one two three.
1249
00:48:51,700 --> 00:48:56,000
So this is how exactly fishing
works you enter an email address
1250
00:48:56,000 --> 00:48:58,125
and you're entering
the email address
1251
00:48:58,125 --> 00:48:59,300
on a phishing website.
1252
00:48:59,300 --> 00:49:02,010
And then it just redirects you
to the original site.
1253
00:49:02,010 --> 00:49:05,200
But by this time you've already
compromised your credentials.
1254
00:49:05,200 --> 00:49:08,100
So always be careful
when dealing with such emails.
1255
00:49:08,400 --> 00:49:09,403
So now jumping back
1256
00:49:09,403 --> 00:49:11,781
to our session the next type
of cyber attacks.
1257
00:49:11,781 --> 00:49:14,100
We're going to discuss
is password adducts.
1258
00:49:14,300 --> 00:49:15,900
So an attempt to obtain
1259
00:49:15,900 --> 00:49:17,773
or decrypt a user's password
1260
00:49:17,773 --> 00:49:21,086
for illegal use is exactly
what a password attack is
1261
00:49:21,086 --> 00:49:24,400
Hackers can use cracking
programs dictionary attacks
1262
00:49:24,400 --> 00:49:25,511
and passwords Nippers
1263
00:49:25,511 --> 00:49:28,100
and password attacks
password cracking refers
1264
00:49:28,100 --> 00:49:31,082
to various measures used
to discover computer passwords.
1265
00:49:31,082 --> 00:49:34,000
This is usually accomplished
by recovering passwords
1266
00:49:34,000 --> 00:49:35,942
from data stored
in or transported
1267
00:49:35,942 --> 00:49:38,700
from a computer system password
cracking is done by
1268
00:49:38,700 --> 00:49:41,200
either repeatedly guessing
the password usually
1269
00:49:41,200 --> 00:49:43,399
through a computer algorithm
in which the computer
1270
00:49:43,399 --> 00:49:44,800
tries numerous combinations.
1271
00:49:44,800 --> 00:49:47,700
Nations under the password
is successfully discovered now
1272
00:49:47,700 --> 00:49:50,100
password attacks can be done
for several reasons,
1273
00:49:50,100 --> 00:49:51,700
but the most malicious reason is
1274
00:49:51,700 --> 00:49:53,600
in order to gain
unauthorized access
1275
00:49:53,600 --> 00:49:54,414
to a computer
1276
00:49:54,414 --> 00:49:57,700
with the computers owners
awareness not being in place.
1277
00:49:57,700 --> 00:49:58,620
Now this results
1278
00:49:58,620 --> 00:50:01,835
in cyber crime such as stealing
passwords for the purpose
1279
00:50:01,835 --> 00:50:03,600
of accessing Bank information.
1280
00:50:03,600 --> 00:50:05,600
Now today, there are
three common methods
1281
00:50:05,600 --> 00:50:08,000
used to break into
a password-protected system.
1282
00:50:08,000 --> 00:50:10,498
The first is a Brute
Force attack a hacker
1283
00:50:10,498 --> 00:50:11,900
uses a computer program
1284
00:50:11,900 --> 00:50:14,300
or script to try
to login with possible.
1285
00:50:14,300 --> 00:50:16,900
Odd combinations usually
starting with the easiest
1286
00:50:16,900 --> 00:50:17,900
to guess password.
1287
00:50:17,900 --> 00:50:20,881
So just think if a hacker
has a company list he or she
1288
00:50:20,881 --> 00:50:22,200
can easily guess usernames.
1289
00:50:22,200 --> 00:50:24,600
If even one of the users
has a password one, two,
1290
00:50:24,600 --> 00:50:25,946
three, he will quickly
1291
00:50:25,946 --> 00:50:28,904
be able to get in the next
our dictionary attacks.
1292
00:50:28,904 --> 00:50:30,534
Now a hacker uses a program
1293
00:50:30,534 --> 00:50:31,500
or script to try
1294
00:50:31,500 --> 00:50:33,600
to login bicycling
through the combinations
1295
00:50:33,600 --> 00:50:36,570
of common words in contrast
with Brute Force attacks
1296
00:50:36,570 --> 00:50:40,099
where a large proportion key
space is searched systematically
1297
00:50:40,100 --> 00:50:42,900
a dictionary attack tries
only those possibilities
1298
00:50:42,900 --> 00:50:44,700
which are most
likely to succeed.
1299
00:50:44,900 --> 00:50:46,842
Typically derived
from a list of words,
1300
00:50:46,842 --> 00:50:50,000
for example a dictionary
generally dictionary attacks
1301
00:50:50,000 --> 00:50:53,703
succeed because most people have
a tendency to choose passwords
1302
00:50:53,703 --> 00:50:54,400
which are short
1303
00:50:54,400 --> 00:50:56,800
or such as single words found
in the dictionaries
1304
00:50:56,800 --> 00:50:59,200
or simple easy predicted
variations on words
1305
00:50:59,200 --> 00:51:01,200
such as a pending a digit or so.
1306
00:51:01,200 --> 00:51:02,300
Now the last kind
1307
00:51:02,300 --> 00:51:05,923
of password attacks are used
by keylogger tax hacker uses
1308
00:51:05,923 --> 00:51:08,900
a program to track all
of the users keystrokes.
1309
00:51:08,900 --> 00:51:11,550
So at the end of the day
everything the user has typed
1310
00:51:11,550 --> 00:51:14,350
including the login IDs and
passwords have been recorded.
1311
00:51:14,350 --> 00:51:17,100
Added a keylogger attack
is different than a brute force
1312
00:51:17,100 --> 00:51:19,800
or dictionary attack
in many ways not the least
1313
00:51:19,800 --> 00:51:22,682
of which the key logging program
used as a malware
1314
00:51:22,682 --> 00:51:25,329
that must first make it
onto the user's device
1315
00:51:25,329 --> 00:51:27,700
and the keylogger attacks
are also different
1316
00:51:27,700 --> 00:51:28,999
because stronger passwords
1317
00:51:28,999 --> 00:51:31,100
don't provide much
protection against them,
1318
00:51:31,100 --> 00:51:32,100
which is one reason
1319
00:51:32,100 --> 00:51:35,200
that multi-factor authentication
is becoming a must-have
1320
00:51:35,200 --> 00:51:37,500
for all businesses
and organizations.
1321
00:51:37,500 --> 00:51:40,500
Now, the only way to stop
yourself from getting killed
1322
00:51:40,500 --> 00:51:42,700
in the whole password
attack conundrum is
1323
00:51:42,700 --> 00:51:45,100
by actually practicing
the Best practices
1324
00:51:45,100 --> 00:51:48,600
that are being discussed in the
whole industry about passwords.
1325
00:51:48,600 --> 00:51:50,800
So basically you
should update your password.
1326
00:51:50,800 --> 00:51:51,400
Regularly.
1327
00:51:51,800 --> 00:51:53,200
You should use alphanumerics
1328
00:51:53,200 --> 00:51:55,414
in your password and you
should never use words
1329
00:51:55,414 --> 00:51:57,100
that are actually
in the dictionary.
1330
00:51:57,100 --> 00:51:59,511
It's always advisable
to use garbage words
1331
00:51:59,511 --> 00:52:00,600
that makes no sense
1332
00:52:00,600 --> 00:52:03,400
for passwords as a just
increase your security.
1333
00:52:03,900 --> 00:52:07,500
So moving on we're going
to discuss DDOS attacks.
1334
00:52:08,000 --> 00:52:12,000
So what exactly is a DDOS
or a Dos attack?
1335
00:52:12,200 --> 00:52:13,300
Well, first of all,
1336
00:52:13,300 --> 00:52:16,770
it stands for distributed denial
of service and a Dos attack
1337
00:52:16,770 --> 00:52:19,400
focuses on disrupting
the service to a network
1338
00:52:19,400 --> 00:52:21,164
as the name suggests attackers
1339
00:52:21,164 --> 00:52:24,038
and high volume of data
of traffic through the network
1340
00:52:24,038 --> 00:52:25,879
until the network
becomes overloaded
1341
00:52:25,879 --> 00:52:27,300
and can no longer function.
1342
00:52:27,300 --> 00:52:29,450
So there are a few
different ways attackers
1343
00:52:29,450 --> 00:52:30,681
can achieve dos attack,
1344
00:52:30,681 --> 00:52:31,651
but the most common
1345
00:52:31,651 --> 00:52:33,851
is the distributed
denial-of-service attack.
1346
00:52:33,851 --> 00:52:36,411
This involves the attacker
using multiple computers
1347
00:52:36,411 --> 00:52:38,023
to send the traffic or data
1348
00:52:38,023 --> 00:52:41,588
that will overload the system
in many instances a person
1349
00:52:41,588 --> 00:52:42,691
may not even realize
1350
00:52:42,691 --> 00:52:44,949
that his or her computer
has been hijacked
1351
00:52:44,949 --> 00:52:45,943
and is contributing
1352
00:52:45,943 --> 00:52:48,426
to the Dos attack
now disrupting Services
1353
00:52:48,426 --> 00:52:51,100
can have serious consequences
relating to security
1354
00:52:51,100 --> 00:52:53,100
and online access many instances
1355
00:52:53,100 --> 00:52:56,041
of large-scale Dos attacks
have been implemented as
1356
00:52:56,041 --> 00:52:58,263
a single sign of protest
towards governments
1357
00:52:58,263 --> 00:52:59,794
or individuals and have led
1358
00:52:59,794 --> 00:53:02,500
to severe punishment
including major jail time.
1359
00:53:02,500 --> 00:53:05,800
So, how can you Prevent
dos attacks against yourself.
1360
00:53:05,800 --> 00:53:08,100
Well, firstly unless
your company is huge.
1361
00:53:08,100 --> 00:53:11,380
It's rare that you would be even
targeted by an outside group
1362
00:53:11,380 --> 00:53:13,473
or attackers for
a Dos attack your site
1363
00:53:13,473 --> 00:53:15,739
or network could still
fall victim to one.
1364
00:53:15,739 --> 00:53:19,242
However, if another organization
on your network is targeted now
1365
00:53:19,242 --> 00:53:21,871
the best way to prevent
an additional breach
1366
00:53:21,871 --> 00:53:24,600
is to keep your system as
secure as possible with
1367
00:53:24,600 --> 00:53:27,653
regular software updates
online security monitoring
1368
00:53:27,653 --> 00:53:30,900
and monitoring of your data flow
to identify any unusual
1369
00:53:30,900 --> 00:53:32,500
or threatening spikes in traffic
1370
00:53:32,500 --> 00:53:34,000
before they become a problem.
1371
00:53:34,100 --> 00:53:36,400
Dos attacks can also
be perpetrated by
1372
00:53:36,400 --> 00:53:38,700
simply cutting a table
or dislodging a plug
1373
00:53:38,700 --> 00:53:41,523
that connects your website
server to the Internet
1374
00:53:41,523 --> 00:53:43,663
so due diligence
in physically monitoring.
1375
00:53:43,663 --> 00:53:45,700
Your connections is
recommended as well.
1376
00:53:46,100 --> 00:53:46,500
Okay.
1377
00:53:46,500 --> 00:53:50,200
So next up on our list
is man-in-the-middle attacks.
1378
00:53:50,600 --> 00:53:52,400
So by impersonating
1379
00:53:52,400 --> 00:53:56,700
the endpoints in an online
information exchange the man
1380
00:53:56,700 --> 00:53:59,700
in the middle attack can obtain
information from the end user
1381
00:53:59,700 --> 00:54:00,900
and the entity he
1382
00:54:00,900 --> 00:54:03,700
or she is communicating
with for example So
1383
00:54:03,700 --> 00:54:05,300
if you are Banking online
1384
00:54:05,300 --> 00:54:07,866
the man in the middle
would communicate with you
1385
00:54:07,866 --> 00:54:09,224
by impersonating your bank
1386
00:54:09,224 --> 00:54:12,200
and communicate with the bank
by impersonating you the man
1387
00:54:12,200 --> 00:54:14,900
in the middle would then
receive all of the information
1388
00:54:14,900 --> 00:54:16,518
transferred between both parties
1389
00:54:16,518 --> 00:54:19,300
which could include sensitive
data such as bank accounts
1390
00:54:19,300 --> 00:54:20,700
and personal information.
1391
00:54:20,800 --> 00:54:24,003
So how does it exactly
work normally an MI t--
1392
00:54:24,003 --> 00:54:25,000
M gains access
1393
00:54:25,000 --> 00:54:27,945
through an unencrypted
wireless access point
1394
00:54:27,945 --> 00:54:29,400
which is basically one
1395
00:54:29,400 --> 00:54:33,500
that doesn't use WEP WPA or any
of the other security measures.
1396
00:54:33,500 --> 00:54:36,300
Then they would have
to access all the information
1397
00:54:36,300 --> 00:54:37,300
being transferred
1398
00:54:37,300 --> 00:54:39,500
between both parties by actually
1399
00:54:39,500 --> 00:54:42,300
spoofing something called
address resolution protocol.
1400
00:54:42,300 --> 00:54:43,340
That is the protocol
1401
00:54:43,340 --> 00:54:45,743
that is used when you
are actually connecting
1402
00:54:45,743 --> 00:54:47,600
to your gateway
from your computer.
1403
00:54:47,600 --> 00:54:51,300
So how can you exactly prevent
MIT am attacks from happening
1404
00:54:51,300 --> 00:54:55,000
against you firstly you have
to use an encrypted W AP
1405
00:54:55,000 --> 00:54:58,400
that is an encrypted
wireless access point next.
1406
00:54:58,400 --> 00:55:00,300
You should always
check the security
1407
00:55:00,300 --> 00:55:01,800
of your connection because
1408
00:55:01,800 --> 00:55:05,200
when somebody is actually trying
to To compromise your security.
1409
00:55:05,200 --> 00:55:09,000
He will try to actually
strip down the HTTP or hsts
1410
00:55:09,000 --> 00:55:10,988
that is being injected
in the website,
1411
00:55:10,988 --> 00:55:13,399
which is basically
the security protocols.
1412
00:55:13,400 --> 00:55:14,275
So if something
1413
00:55:14,275 --> 00:55:16,964
like this HTTP is not appearing
in your website,
1414
00:55:16,964 --> 00:55:19,964
you're on an insecure website
where your credentials
1415
00:55:19,964 --> 00:55:22,000
or your information
can be compromised
1416
00:55:22,000 --> 00:55:23,800
and the last and final measure
1417
00:55:23,800 --> 00:55:26,211
that you can actually
use is by investing
1418
00:55:26,211 --> 00:55:27,900
in a virtual private Network
1419
00:55:27,900 --> 00:55:29,641
which spoofs your entire IP
1420
00:55:29,641 --> 00:55:31,900
and you can just
browse the internet
1421
00:55:31,900 --> 00:55:33,400
with perfect comfort.
1422
00:55:33,700 --> 00:55:36,800
Next up on our list
is drive-by downloads.
1423
00:55:36,800 --> 00:55:37,800
So Gone are the days
1424
00:55:37,800 --> 00:55:39,900
where you had to click
to accept a download
1425
00:55:39,900 --> 00:55:41,400
or install the software update
1426
00:55:41,400 --> 00:55:43,231
in order to become infected
1427
00:55:43,231 --> 00:55:45,673
now just opening
a compromise webpage
1428
00:55:45,673 --> 00:55:49,300
could allow dangerous code
to install on your device.
1429
00:55:49,300 --> 00:55:53,410
You just need to visit or drive
by a web page without stopping
1430
00:55:53,410 --> 00:55:55,500
or to click accept any software
1431
00:55:55,500 --> 00:55:57,241
at the malicious
code can download
1432
00:55:57,241 --> 00:56:00,592
in the background to your device
a drive-by download refers
1433
00:56:00,592 --> 00:56:03,407
to the unintentional download
of a virus or malicious.
1434
00:56:03,407 --> 00:56:04,995
Software onto your computer
1435
00:56:04,995 --> 00:56:07,200
or mobile device
a drive-by download
1436
00:56:07,200 --> 00:56:08,800
will usually take advantage
1437
00:56:08,800 --> 00:56:11,623
or exploit a browser or app
or operating system
1438
00:56:11,623 --> 00:56:14,200
that is out of date
and has security flaws.
1439
00:56:14,200 --> 00:56:15,200
This initial code
1440
00:56:15,200 --> 00:56:17,900
that is downloaded is
often very small and
1441
00:56:17,900 --> 00:56:21,000
since its job is often simply
to contact another computer
1442
00:56:21,000 --> 00:56:23,100
where it can pull down
the rest of the code
1443
00:56:23,100 --> 00:56:24,500
onto your smartphone tablet
1444
00:56:24,500 --> 00:56:27,100
or other computers often
a web page will contain
1445
00:56:27,100 --> 00:56:29,600
several different types
of malicious code in hopes
1446
00:56:29,600 --> 00:56:32,400
that one of them will match
a weakness on your computer.
1447
00:56:32,800 --> 00:56:36,900
So What is this exactly what
But first you visit the site
1448
00:56:36,900 --> 00:56:39,741
and during the three-way
handshake connection
1449
00:56:39,741 --> 00:56:43,100
of the TCP IP protocol a back
in script is triggered.
1450
00:56:43,100 --> 00:56:46,537
As soon as a connection is made
by Al the last ack packet
1451
00:56:46,537 --> 00:56:48,607
is sent a download
is also triggered
1452
00:56:48,607 --> 00:56:51,800
and the malware is basically
injected into your system.
1453
00:56:51,800 --> 00:56:54,309
Now the best advice I
can share about overriding
1454
00:56:54,309 --> 00:56:56,954
drive-by downloads is
to avoid visiting websites
1455
00:56:56,954 --> 00:56:59,600
that could be considered
dangerous or malicious.
1456
00:56:59,600 --> 00:57:02,870
This includes adult content
file sharing websites,
1457
00:57:02,870 --> 00:57:06,204
or Anything that offers you
a free trip to the Bahamas
1458
00:57:06,204 --> 00:57:07,400
Now some other tips
1459
00:57:07,400 --> 00:57:09,968
to stay protected include
keep your internet browser
1460
00:57:09,968 --> 00:57:13,220
and operating system up-to-date
use a saved search protocol
1461
00:57:13,220 --> 00:57:14,800
that once you went to navigate
1462
00:57:14,800 --> 00:57:18,300
to a malicious site and use
comprehensive security software
1463
00:57:18,300 --> 00:57:20,800
on all your devices
like McAfee all access
1464
00:57:20,800 --> 00:57:22,100
and keeping it up to date.
1465
00:57:22,700 --> 00:57:25,700
Okay, so that was it
about drive-by downloads.
1466
00:57:25,700 --> 00:57:28,900
Next up is Mal advertising
or malvert izing.
1467
00:57:28,900 --> 00:57:32,200
So malvit sizing is the name
we in the security industry
1468
00:57:32,200 --> 00:57:34,700
give to criminally
Android advertisements
1469
00:57:34,700 --> 00:57:35,899
which intentionally,
1470
00:57:35,899 --> 00:57:37,700
in fact people and businesses.
1471
00:57:37,700 --> 00:57:39,035
These can be any ad
1472
00:57:39,035 --> 00:57:42,200
on any site often ones
which you use as a part
1473
00:57:42,200 --> 00:57:46,000
of your everyday internet usage
and it is a growing problem
1474
00:57:46,000 --> 00:57:48,668
as is evident
by a recent US Senate report
1475
00:57:48,668 --> 00:57:50,612
and the establishment of bodies
1476
00:57:50,612 --> 00:57:54,085
like trust and ads now whilst
the technology being used
1477
00:57:54,085 --> 00:57:57,296
in the background is
very Advanced the way presents
1478
00:57:57,296 --> 00:58:00,700
to the person beings infected
is simple to all intents
1479
00:58:00,700 --> 00:58:03,361
and purposes the advertisement
looks the same.
1480
00:58:03,361 --> 00:58:06,300
Same as any other
but has been placed by criminal
1481
00:58:06,300 --> 00:58:08,395
like you can see
the mint at out here.
1482
00:58:08,395 --> 00:58:09,865
It's really out of place.
1483
00:58:09,865 --> 00:58:12,436
So you could say it's been made
by a criminal now
1484
00:58:12,436 --> 00:58:15,913
without your knowledge
a tiny piece of code hidden deep
1485
00:58:15,913 --> 00:58:18,618
in the advertisement
is making your computer go
1486
00:58:18,618 --> 00:58:21,500
to the criminal servers
these and catalog details
1487
00:58:21,500 --> 00:58:22,472
about your computer
1488
00:58:22,472 --> 00:58:23,291
and its location
1489
00:58:23,291 --> 00:58:25,800
before choosing which piece
of malware to send you
1490
00:58:25,800 --> 00:58:27,998
and this doesn't need
a new browser window
1491
00:58:27,998 --> 00:58:29,500
and you won't know about it.
1492
00:58:29,500 --> 00:58:33,200
So basically you're redirected
to some criminal server.
1493
00:58:33,200 --> 00:58:36,914
Neither injections takes place
and voila you're infected.
1494
00:58:36,914 --> 00:58:39,300
It's a pretty dangerous
thing to be in.
1495
00:58:39,300 --> 00:58:41,900
So how exactly can you
stop ma advertising.
1496
00:58:41,900 --> 00:58:43,127
Well, first of all,
1497
00:58:43,127 --> 00:58:45,000
you need to use
an ad blocker,
1498
00:58:45,000 --> 00:58:48,600
which is a very must
in this day and age you
1499
00:58:48,600 --> 00:58:51,411
can have ad blocker extensions
installed on your browser
1500
00:58:51,411 --> 00:58:53,051
whether it be Chrome Safari
1501
00:58:53,051 --> 00:58:56,400
or Mozilla also regular
software updates of your browser
1502
00:58:56,400 --> 00:58:57,556
and other softwares
1503
00:58:57,556 --> 00:59:00,600
that work very fertile
to your browser always helps
1504
00:59:00,600 --> 00:59:02,800
and next is some common sense.
1505
00:59:02,800 --> 00:59:05,121
And yeah, Advertisement
that is about a lottery
1506
00:59:05,121 --> 00:59:08,200
that's offering you free money
is probably going to scam you
1507
00:59:08,200 --> 00:59:09,600
and inject malware to
1508
00:59:09,600 --> 00:59:11,400
so now we click on those ads.
1509
00:59:11,800 --> 00:59:14,100
So the last kind
of cyber attacks.
1510
00:59:14,100 --> 00:59:16,500
We are going to discover
today and discuss
1511
00:59:16,500 --> 00:59:18,100
about is Rogue software.
1512
00:59:18,100 --> 00:59:21,600
So Rogue security software is
a form of malicious software
1513
00:59:21,600 --> 00:59:24,719
and internet fraud that misleads
users into believing
1514
00:59:24,719 --> 00:59:27,056
that there is a virus
on their computer
1515
00:59:27,056 --> 00:59:29,332
and manipulates them
into paying money
1516
00:59:29,332 --> 00:59:31,300
for a fake malware removal tool.
1517
00:59:31,400 --> 00:59:33,500
It is a form of scare
where that money.
1518
00:59:33,500 --> 00:59:34,915
Lets users through fear
1519
00:59:34,915 --> 00:59:38,300
and a form of ransomware rock
security software has been
1520
00:59:38,300 --> 00:59:41,800
a serious security thread
in desktop Computing since 2008.
1521
00:59:41,800 --> 00:59:44,536
So now how does a rogue
security software work
1522
00:59:44,536 --> 00:59:46,300
these cams manipulating users
1523
00:59:46,300 --> 00:59:49,200
in to download the program
through a variety of techniques.
1524
00:59:49,200 --> 00:59:51,543
Some of these methods
include ads offering
1525
00:59:51,543 --> 00:59:52,887
free or trial versions
1526
00:59:52,887 --> 00:59:55,391
of Security Programs
often pricey upgrades
1527
00:59:55,391 --> 00:59:58,200
or encouraging the purchase
of deluxe versions,
1528
00:59:58,207 --> 00:59:59,900
then also pops warning
1529
00:59:59,900 --> 01:00:01,999
that your computer
is infected with the virus
1530
01:00:01,999 --> 01:00:03,500
which encourages you to clean.
1531
01:00:03,500 --> 01:00:05,100
It by clicking on the program
1532
01:00:05,100 --> 01:00:07,700
and then manipulated
SEO rankings that put
1533
01:00:07,700 --> 01:00:09,500
infected website as the top hits
1534
01:00:09,500 --> 01:00:12,858
when you search these links then
redirect you to a landing page
1535
01:00:12,858 --> 01:00:14,700
that seems your
machine is infected
1536
01:00:14,700 --> 01:00:18,300
and encourages you a free trial
of the Rogue security program.
1537
01:00:18,300 --> 01:00:19,700
Now once the scareware
1538
01:00:19,700 --> 01:00:22,776
is installed it can steal
all your information slow
1539
01:00:22,776 --> 01:00:25,661
your computer corrupt
your files disable updates
1540
01:00:25,661 --> 01:00:27,532
for Less timet
antivirus softwares
1541
01:00:27,532 --> 01:00:28,564
or even prevent you
1542
01:00:28,564 --> 01:00:31,800
from visiting legitimate
security software vendor sites.
1543
01:00:32,000 --> 01:00:33,764
Well talking about prevention.
1544
01:00:33,764 --> 01:00:35,764
The best defense
is a good offense.
1545
01:00:35,764 --> 01:00:38,531
And in this case
and updated firewall makes sure
1546
01:00:38,531 --> 01:00:40,708
that you have a working
one in your office
1547
01:00:40,708 --> 01:00:41,611
that protects you
1548
01:00:41,611 --> 01:00:44,000
and your employees
from these type of attacks.
1549
01:00:44,000 --> 01:00:47,200
It is also a good idea
to install a trusted antivirus
1550
01:00:47,200 --> 01:00:49,169
or anti-spyware software program
1551
01:00:49,169 --> 01:00:51,100
that can detect
threats like these
1552
01:00:51,100 --> 01:00:54,100
and also a general level
of distrust on the internet
1553
01:00:54,100 --> 01:00:56,600
and not actually believing
anything right off.
1554
01:00:56,600 --> 01:00:58,882
The bat is the way
to go teen is infected
1555
01:00:58,882 --> 01:01:02,000
and encourages you a free trial
of the Rogue security.
1556
01:01:02,000 --> 01:01:05,658
Program now once the scareware
is installed it can steal all
1557
01:01:05,658 --> 01:01:08,143
your information slow
your computer corrupt
1558
01:01:08,143 --> 01:01:09,800
your files to siebel updates
1559
01:01:09,800 --> 01:01:12,864
for Less timet antivirus
softwares or even prevent you
1560
01:01:12,864 --> 01:01:16,100
from visiting legitimate
security software vendor sites.
1561
01:01:16,400 --> 01:01:17,900
Well talking about prevention.
1562
01:01:17,900 --> 01:01:19,788
The best defense
is a good offense.
1563
01:01:19,788 --> 01:01:22,600
And in this case
and updated firewall makes sure
1564
01:01:22,600 --> 01:01:25,920
that you have a working one
in your office that protects you
1565
01:01:25,920 --> 01:01:28,300
and your employees
from these type of attacks.
1566
01:01:28,300 --> 01:01:31,527
It is also a good idea
to install a trusted antivirus
1567
01:01:31,527 --> 01:01:33,403
or These fiber software program
1568
01:01:33,403 --> 01:01:35,400
that can detect
threats like these
1569
01:01:35,400 --> 01:01:38,252
and also a general level
of distrust on the internet
1570
01:01:38,252 --> 01:01:40,900
and not actually believing
anything right off.
1571
01:01:40,900 --> 01:01:48,000
The bat is the way
to go the key word
1572
01:01:48,000 --> 01:01:51,300
of this video is
ethical hacking course,
1573
01:01:51,500 --> 01:01:52,800
but in reality,
1574
01:01:52,800 --> 01:01:56,233
it's just an expansive video
on the fundamentals
1575
01:01:56,233 --> 01:01:57,500
of ethical hacking.
1576
01:01:57,500 --> 01:01:59,100
There is no such thing
1577
01:01:59,100 --> 01:02:01,356
as an ethical hacking
course to be honest
1578
01:02:01,356 --> 01:02:02,429
because snow course
1579
01:02:02,429 --> 01:02:05,974
can teach you a discipline like
ethical hacking all the best
1580
01:02:05,974 --> 01:02:06,868
that you can do
1581
01:02:06,868 --> 01:02:09,370
and creating content
for ethical hacking is
1582
01:02:09,370 --> 01:02:10,800
that you can tell people
1583
01:02:10,800 --> 01:02:13,500
about the fundamentals
are followed in this discipline.
1584
01:02:13,615 --> 01:02:14,000
Okay.
1585
01:02:14,000 --> 01:02:16,600
Now before we start
let me just give you
1586
01:02:16,600 --> 01:02:18,661
a general idea of the topics
1587
01:02:18,661 --> 01:02:21,820
that I intend to cover
throughout this video.
1588
01:02:21,820 --> 01:02:23,400
Okay now to be honest,
1589
01:02:23,400 --> 01:02:26,100
we're going to cover a pretty
broad range of material.
1590
01:02:26,100 --> 01:02:28,100
We are first we're going
to be going over
1591
01:02:28,100 --> 01:02:31,600
footprinting and recognitions
where you get an idea.
1592
01:02:31,700 --> 01:02:34,500
What's involved in
the ethical hacking engagement
1593
01:02:34,500 --> 01:02:35,600
that you're working
1594
01:02:35,600 --> 01:02:37,000
on and information
1595
01:02:37,000 --> 01:02:39,382
about the Target that
you're engaged with?
1596
01:02:39,382 --> 01:02:42,500
Then we're going to talk
about networking fundamentals
1597
01:02:42,500 --> 01:02:45,600
and here we're going to get
our hands dirty with buckets
1598
01:02:45,600 --> 01:02:46,900
and the understanding
1599
01:02:46,900 --> 01:02:50,000
of dcpip at a deeper level
and also understanding
1600
01:02:50,000 --> 01:02:53,600
how the different protocols work
and why they work that way now.
1601
01:02:53,600 --> 01:02:56,000
We are also going
to be talking about cryptography
1602
01:02:56,000 --> 01:02:58,700
where we talk about different
cryptography key ciphers.
1603
01:02:58,700 --> 01:03:01,580
We're going to deal
with web encryption to SSL
1604
01:03:01,580 --> 01:03:05,100
and And TLS we are also going
to talk about certificates
1605
01:03:05,100 --> 01:03:06,982
and the creation of certificates
1606
01:03:06,982 --> 01:03:08,191
and how they actually
1607
01:03:08,191 --> 01:03:11,300
operate we will also talk
about public key cryptography
1608
01:03:11,300 --> 01:03:14,700
and we are also scanning
an enumeration so nmap
1609
01:03:14,700 --> 01:03:16,846
and dealing with Windows servers
1610
01:03:16,846 --> 01:03:20,200
and using SNMP and ldap
and all that sort of stuff.
1611
01:03:20,200 --> 01:03:22,500
Then we're going to be
talking about penetration
1612
01:03:22,500 --> 01:03:24,277
where we deal
with different ways
1613
01:03:24,277 --> 01:03:27,600
of getting into systems and also
go over using Metasploit,
1614
01:03:27,600 --> 01:03:29,500
which is an exploit framework,
1615
01:03:29,500 --> 01:03:33,000
and we're going to talk
about how to Use Metasploit
1616
01:03:33,000 --> 01:03:34,700
and you actually
get in the systems
1617
01:03:34,700 --> 01:03:36,300
and make use of the exploits
1618
01:03:36,300 --> 01:03:39,947
that they have then we're going
to talk about malware's viruses
1619
01:03:39,947 --> 01:03:43,000
and worms and rootkits and all
of that sort of stuff.
1620
01:03:43,000 --> 01:03:45,300
We're going to take a look
at the different pieces
1621
01:03:45,300 --> 01:03:47,900
of malware and how you
would pull that apart
1622
01:03:47,900 --> 01:03:49,218
in order to understand
1623
01:03:49,218 --> 01:03:50,811
what is doing and potentially
1624
01:03:50,811 --> 01:03:54,400
make use of that malware during
an ethical hacking engagement.
1625
01:03:54,400 --> 01:03:56,800
Then we're going to talk
about different types of denial
1626
01:03:56,800 --> 01:03:58,800
of service attacks
or dos attacks
1627
01:03:58,800 --> 01:04:01,100
and the difference
between a denial-of-service
1628
01:04:01,100 --> 01:04:03,617
attack and Distributed
denial-of-service attack,
1629
01:04:03,617 --> 01:04:05,500
and there is a difference there.
1630
01:04:05,500 --> 01:04:08,000
So we're going to go
over this docks now.
1631
01:04:08,000 --> 01:04:10,600
We're also going to go
over web application hacking
1632
01:04:10,600 --> 01:04:11,700
and the types of tools
1633
01:04:11,700 --> 01:04:12,996
that you would use during
1634
01:04:12,996 --> 01:04:15,900
web application hacking and
the different vulnerabilities
1635
01:04:15,900 --> 01:04:17,500
that web applications have
1636
01:04:17,500 --> 01:04:19,300
and how to make use
of these exploits
1637
01:04:19,300 --> 01:04:20,600
and those vulnerabilities.
1638
01:04:20,600 --> 01:04:22,800
We're going to talk
about Wireless networking
1639
01:04:23,000 --> 01:04:24,800
how to probe wireless networks
1640
01:04:25,000 --> 01:04:26,600
what wireless networks are doing
1641
01:04:26,600 --> 01:04:28,600
and how to secure
wireless networks.
1642
01:04:28,600 --> 01:04:29,855
We're also going to talk
1643
01:04:29,855 --> 01:04:31,963
about a little bit
about detection vation.
1644
01:04:31,963 --> 01:04:33,303
And to be honest with you,
1645
01:04:33,303 --> 01:04:35,716
the direction of Asian kind
of comes up in a lot
1646
01:04:35,716 --> 01:04:38,329
of different areas
through the many of the topics
1647
01:04:38,329 --> 01:04:39,100
that were also
1648
01:04:39,100 --> 01:04:41,860
going to talk about
programming programming tax
1649
01:04:41,860 --> 01:04:45,100
and how to protect oneself
against programming attacks.
1650
01:04:45,200 --> 01:04:45,800
Okay.
1651
01:04:45,800 --> 01:04:48,100
So that was the number of topics
1652
01:04:48,100 --> 01:04:51,000
that we are actually going
to cover through this video.
1653
01:04:51,000 --> 01:04:51,900
Now the approach
1654
01:04:51,900 --> 01:04:54,700
that I'm going to be taking
in the series of videos
1655
01:04:54,700 --> 01:04:55,971
is whenever possible.
1656
01:04:55,971 --> 01:04:59,000
We're going to be going
to use a Hands-On approach.
1657
01:04:59,000 --> 01:05:02,500
So we're going to show you
the actual All tools I'm going
1658
01:05:02,500 --> 01:05:06,293
to make use of and the tools
to do some sort of demonstration
1659
01:05:06,293 --> 01:05:08,000
and how they actually work.
1660
01:05:08,000 --> 01:05:09,353
I am a big believer
1661
01:05:09,353 --> 01:05:13,700
in getting your hands dirty as
the best way to learn anything.
1662
01:05:13,800 --> 01:05:16,400
So as we go through
the series of videos,
1663
01:05:16,400 --> 01:05:19,063
I strongly encourage you
to get access to the tools
1664
01:05:19,063 --> 01:05:21,300
that I'm going to
be demonstrating wherever
1665
01:05:21,300 --> 01:05:24,334
possible and dig in and get
your hands dirty along with me
1666
01:05:24,334 --> 01:05:25,414
and there are places
1667
01:05:25,414 --> 01:05:28,600
where we're going to be going
over some theoretical material
1668
01:05:28,600 --> 01:05:30,900
and I'm not a big fan
of PowerPoint slides,
1669
01:05:30,900 --> 01:05:33,000
but That are necessary evil
1670
01:05:33,000 --> 01:05:35,640
and order to convey
certain types of information.
1671
01:05:35,640 --> 01:05:38,500
So wherever possible I'm going
to minimize their use,
1672
01:05:38,500 --> 01:05:40,129
but you will run across places
1673
01:05:40,129 --> 01:05:43,938
where they're just a necessity
and we're going to have to go
1674
01:05:43,938 --> 01:05:45,100
through some slides
1675
01:05:45,100 --> 01:05:47,500
where in order to get
some particular points
1676
01:05:47,500 --> 01:05:50,300
across they are primarily
of a theoretical nature.
1677
01:05:50,300 --> 01:05:52,300
So that's the process
that we will be taking
1678
01:05:52,300 --> 01:05:54,911
through this video
and I hope you have fun
1679
01:05:54,911 --> 01:05:56,200
as you go along the way.
1680
01:05:56,300 --> 01:05:57,100
Okay.
1681
01:05:57,100 --> 01:05:59,525
So let's begin now
the first topic
1682
01:05:59,525 --> 01:06:03,300
that we're going to tackle is
what What is hacking?
1683
01:06:03,300 --> 01:06:06,800
Okay, so let us take a trip
1684
01:06:06,800 --> 01:06:09,200
to the early days
of hacking the start
1685
01:06:09,200 --> 01:06:12,100
with now the internet
engineering task force
1686
01:06:12,100 --> 01:06:15,943
is responsible for maintaining
documentation about protocols
1687
01:06:15,943 --> 01:06:19,300
and very specification
and processes and procedures
1688
01:06:19,300 --> 01:06:21,000
regarding anything
on the internet.
1689
01:06:21,000 --> 01:06:24,800
They have a series of documents
called the request for comments
1690
01:06:24,800 --> 01:06:28,164
or the rfc's and according
to RFC one three eight nine.
1691
01:06:28,164 --> 01:06:29,983
It says a hacker is a person
1692
01:06:29,983 --> 01:06:33,100
who Delights in having
and Intimate understanding
1693
01:06:33,100 --> 01:06:36,400
of the internal workings
of a system computers
1694
01:06:36,400 --> 01:06:37,758
and computer networks
1695
01:06:37,758 --> 01:06:40,411
in particular while
the expression hackers
1696
01:06:40,411 --> 01:06:41,900
may go back a long time
1697
01:06:41,900 --> 01:06:45,400
and have many different
connotations are definitions.
1698
01:06:45,400 --> 01:06:46,400
As far as computers.
1699
01:06:46,400 --> 01:06:46,700
Go.
1700
01:06:46,700 --> 01:06:48,900
Some of the earliest
hackers were members
1701
01:06:48,900 --> 01:06:50,743
of the tech Model Railroad Club
1702
01:06:50,743 --> 01:06:53,300
at the Massachusetts
Institute of Technology
1703
01:06:53,300 --> 01:06:56,145
and what those people did
and the various things
1704
01:06:56,145 --> 01:06:59,900
that they did and were involved
in a detailed and Steven Levy's
1705
01:06:59,900 --> 01:07:02,800
book called hackers
for Our purposes now
1706
01:07:02,800 --> 01:07:04,500
for our purposes
would be talking
1707
01:07:04,500 --> 01:07:06,284
about other types of hackers.
1708
01:07:06,284 --> 01:07:08,848
Although the spirit of
what we do goes back
1709
01:07:08,848 --> 01:07:10,148
to those early days.
1710
01:07:10,148 --> 01:07:12,100
Now, the definition of hacking
1711
01:07:12,100 --> 01:07:15,457
or hackers has changed
particularly in the 1980s
1712
01:07:15,457 --> 01:07:18,600
and in part as a result
of a couple of people
1713
01:07:18,600 --> 01:07:21,600
namely Robert T Morris
who was a Cornell graduate
1714
01:07:21,600 --> 01:07:23,200
who Unleashed a
piece of software
1715
01:07:23,200 --> 01:07:26,418
that was called a worm on
what was an early version
1716
01:07:26,418 --> 01:07:29,800
of the internet Forum went
on to cause a lot of damage
1717
01:07:29,800 --> 01:07:33,300
and create a lot of downtime
on Systems across the country
1718
01:07:33,300 --> 01:07:34,602
and across the world.
1719
01:07:34,602 --> 01:07:38,200
Now the Morris worm did end up
resulting in something good.
1720
01:07:38,200 --> 01:07:41,300
However, that is
computer Emergency Response Team
1721
01:07:41,300 --> 01:07:43,900
at Carnegie Mellon
was created primarily
1722
01:07:43,900 --> 01:07:45,400
in response to the mall swarm.
1723
01:07:45,700 --> 01:07:48,700
Now, there's also Kevin mitnick
was another well-known hacker
1724
01:07:48,700 --> 01:07:50,881
who was responsible
for various acts
1725
01:07:50,881 --> 01:07:53,500
of computer crime
over a couple of decades.
1726
01:07:53,500 --> 01:07:56,100
He was the first
convicted in 1988.
1727
01:07:56,100 --> 01:07:59,400
So the definition of hacker
or hacking move from something
1728
01:07:59,400 --> 01:08:01,900
benign to something
far more sinister.
1729
01:08:01,900 --> 01:08:03,567
In popular culture now,
1730
01:08:03,567 --> 01:08:07,700
we see hacking or hackers
in all sorts of popular culture.
1731
01:08:07,700 --> 01:08:10,533
We've seen them in hacker movies
1732
01:08:10,533 --> 01:08:13,533
called War Games also
the movie hackers.
1733
01:08:13,533 --> 01:08:14,180
Of course.
1734
01:08:14,180 --> 01:08:17,301
You also see in The Matrix
movies where you can see
1735
01:08:17,301 --> 01:08:19,007
if you look really closely
1736
01:08:19,008 --> 01:08:21,500
that they are using
a tool called nmap,
1737
01:08:21,500 --> 01:08:25,600
which we will get into the use
of in great detail later on
1738
01:08:25,600 --> 01:08:26,800
as we go on now.
1739
01:08:26,800 --> 01:08:29,866
It's the movie sneakers
and the movie SWAT fish
1740
01:08:29,866 --> 01:08:31,051
and on television
1741
01:08:31,051 --> 01:08:34,294
in other Into other places
you can see the agents
1742
01:08:34,295 --> 01:08:37,200
at NCIS regularly doing
things like cracking
1743
01:08:37,200 --> 01:08:41,100
complex cryptography in just
a matter of seconds or minutes.
1744
01:08:41,100 --> 01:08:43,000
So what is hacking really
1745
01:08:43,000 --> 01:08:45,667
well hacking is about
a deep understanding
1746
01:08:45,667 --> 01:08:47,226
of something particularly
1747
01:08:47,227 --> 01:08:49,700
with relation to
computers and Computing.
1748
01:08:49,700 --> 01:08:53,200
It's also about exploring and
the joy of learning new things
1749
01:08:53,200 --> 01:08:55,200
and understanding
them very clearly
1750
01:08:55,200 --> 01:08:57,718
and being able to manipulate
those things in ways
1751
01:08:57,718 --> 01:09:00,252
that maybe other people
haven't before it's all
1752
01:09:00,252 --> 01:09:01,899
about digging into problems.
1753
01:09:01,899 --> 01:09:05,016
To find out Solutions
in creative and interesting ways
1754
01:09:05,017 --> 01:09:06,817
and sometimes finding problems
1755
01:09:06,817 --> 01:09:09,098
where there weren't
problems previously
1756
01:09:09,098 --> 01:09:11,800
and that's a little bit
about what is hacking.
1757
01:09:11,814 --> 01:09:12,199
Okay.
1758
01:09:12,200 --> 01:09:15,716
So now that we have talked
about what exactly is hacking
1759
01:09:15,716 --> 01:09:16,928
and how the meaning
1760
01:09:16,928 --> 01:09:20,091
and conditions of that word
has changed over time
1761
01:09:20,091 --> 01:09:22,899
how it came into existence
how it was coined.
1762
01:09:22,899 --> 01:09:26,699
Let's go over the reasons
that people normally hack.
1763
01:09:26,700 --> 01:09:28,859
Now you may want
to hack just for fun
1764
01:09:28,859 --> 01:09:31,762
as discussed previously
hacking is a tradition.
1765
01:09:31,763 --> 01:09:33,538
It goes back several decades
1766
01:09:33,538 --> 01:09:36,899
at MIT even preceding
the computer too late definition
1767
01:09:36,899 --> 01:09:41,599
of hacking now MIT has a long
and storied history of hacking
1768
01:09:41,600 --> 01:09:43,955
and sometimes have
a computer to lated nature
1769
01:09:43,955 --> 01:09:46,073
which in this case
happens to be true
1770
01:09:46,073 --> 01:09:47,100
and sometimes a fan
1771
01:09:47,100 --> 01:09:49,198
on computer-related
nature instance.
1772
01:09:49,198 --> 01:09:50,399
Now here you can see
1773
01:09:50,399 --> 01:09:53,185
that MIT is home page
has been hacked
1774
01:09:53,185 --> 01:09:56,124
or you might even say
the faced indicate
1775
01:09:56,124 --> 01:09:58,376
that Disney is buying a mighty.
1776
01:09:58,376 --> 01:10:01,500
This was an April Fool's
Day prank and 1998.
1777
01:10:01,500 --> 01:10:01,900
Eight.
1778
01:10:01,900 --> 01:10:04,370
And again, this is just
the kind of hacking
1779
01:10:04,370 --> 01:10:05,800
that it would do for fun.
1780
01:10:05,800 --> 01:10:06,300
Rather.
1781
01:10:06,300 --> 01:10:06,500
Now.
1782
01:10:06,500 --> 01:10:09,743
Sometimes you might want
to hack just to prove
1783
01:10:09,743 --> 01:10:13,996
a political point or any point
for that matter in this case.
1784
01:10:13,996 --> 01:10:17,600
Again, Bill Gates had donated
some money to the MIT
1785
01:10:17,600 --> 01:10:19,600
which allowed them
to have a new building
1786
01:10:19,700 --> 01:10:22,118
and he was coming
to MIT to visit
1787
01:10:22,118 --> 01:10:24,920
and give a talk
about Microsoft Windows
1788
01:10:24,920 --> 01:10:26,100
and its systems.
1789
01:10:26,100 --> 01:10:30,100
And as you can see the the
Windows systems are installed
1790
01:10:30,100 --> 01:10:31,800
in the entryway at the
1791
01:10:31,900 --> 01:10:35,800
Or hacked to be running Linux
instead and you can see here.
1792
01:10:35,800 --> 01:10:36,507
That ducks.
1793
01:10:36,507 --> 01:10:38,339
The penguin is saying welcome
1794
01:10:38,339 --> 01:10:41,000
to the William Edge
Gates Building again that
1795
01:10:41,000 --> 01:10:42,500
some students who decided
1796
01:10:42,500 --> 01:10:45,612
that they wanted to make a point
about Linux and Microsoft
1797
01:10:45,612 --> 01:10:47,121
and windows to Bill Gates
1798
01:10:47,121 --> 01:10:50,500
and they thought hacking was
the best way to go about it.
1799
01:10:50,500 --> 01:10:53,500
Sometimes you have just
for the challenge.
1800
01:10:53,500 --> 01:10:55,600
Here's an example again at MIT
1801
01:10:55,600 --> 01:10:58,700
where some students turned
the facade of a building
1802
01:10:58,700 --> 01:11:00,400
into a Tetris game board.
1803
01:11:00,400 --> 01:11:03,300
Now, this was
a reasonably difficult hack
1804
01:11:03,300 --> 01:11:04,700
and the students went
1805
01:11:04,700 --> 01:11:08,259
after it just for the challenge
of completing it and it just
1806
01:11:08,259 --> 01:11:10,700
so they could have
some pride of ownership
1807
01:11:10,700 --> 01:11:11,879
and to be able to say
1808
01:11:11,879 --> 01:11:13,899
that they were able
to pull this off,
1809
01:11:13,899 --> 01:11:16,782
you know, the things
that teenagers do to show off
1810
01:11:16,782 --> 01:11:17,900
to other teenagers.
1811
01:11:17,900 --> 01:11:19,664
It just increases with increase
1812
01:11:19,664 --> 01:11:22,027
in scale now in spite
of its difficulties
1813
01:11:22,027 --> 01:11:25,086
and its challenges and all
the obstacles and planning
1814
01:11:25,086 --> 01:11:26,526
that have to go into it.
1815
01:11:26,526 --> 01:11:28,263
They were able to pull it off
1816
01:11:28,263 --> 01:11:30,600
and now they have
those bragging rights.
1817
01:11:30,600 --> 01:11:33,481
So that was one Them and one
of the instances
1818
01:11:33,481 --> 01:11:35,446
where somebody would hack just
1819
01:11:35,446 --> 01:11:38,000
for the challenge and
for the fun of it.
1820
01:11:38,000 --> 01:11:41,400
Now, sometimes you want
to hack to prevent theft
1821
01:11:41,400 --> 01:11:42,924
and this is where we get
1822
01:11:42,924 --> 01:11:46,100
more specifically in
the computer-related hackings.
1823
01:11:46,100 --> 01:11:49,134
You see a lot of Articles
and stories in the news
1824
01:11:49,134 --> 01:11:51,600
over the last few
years about cybercrime
1825
01:11:51,600 --> 01:11:54,600
and here is an example
of data theft compromised
1826
01:11:54,800 --> 01:11:57,086
and a few than
one-and-a-half million cards
1827
01:11:57,086 --> 01:11:58,311
for Global claimants.
1828
01:11:58,311 --> 01:11:59,899
So there are some attackers
1829
01:11:59,899 --> 01:12:02,000
who got into this
company global payment
1830
01:12:02,000 --> 01:12:04,800
and they were able to pull
out about a million and a half
1831
01:12:04,800 --> 01:12:07,339
credit card numbers
during the intrusion there.
1832
01:12:07,339 --> 01:12:10,100
So what you may want to do
is you may want to learn
1833
01:12:10,100 --> 01:12:13,000
how to hack in order
to find these holes
1834
01:12:13,000 --> 01:12:16,900
in your systems or applications
or employer systems
1835
01:12:16,900 --> 01:12:19,900
so that you can fix these holes
and prevent these compromises
1836
01:12:19,900 --> 01:12:22,332
from happening because of
the reputation of hit
1837
01:12:22,332 --> 01:12:23,588
that your company takes
1838
01:12:23,588 --> 01:12:25,500
where were things
like these happen.
1839
01:12:25,500 --> 01:12:28,800
You have the risk of completely
running out of business.
1840
01:12:28,800 --> 01:12:32,139
So just to protect
our job to protect Company
1841
01:12:32,139 --> 01:12:35,100
and protect your own
desire of business.
1842
01:12:35,100 --> 01:12:36,835
You may just want
to learn to hack
1843
01:12:36,835 --> 01:12:38,600
and that's a very good reason.
1844
01:12:38,600 --> 01:12:41,305
Now, you may also want
to find all the problems
1845
01:12:41,305 --> 01:12:42,664
that exist in your system
1846
01:12:42,664 --> 01:12:44,728
for putting them out
and deploying them
1847
01:12:44,728 --> 01:12:47,500
so that you can keep
these attackers from getting in
1848
01:12:47,500 --> 01:12:50,297
and stealing critical
or sensitive information.
1849
01:12:50,297 --> 01:12:53,979
Sometimes you may want to hack
to get there before the bad guys
1850
01:12:53,979 --> 01:12:56,429
and the same sort
of idea is the last one
1851
01:12:56,429 --> 01:12:59,576
where we're just going to talk
about and it exactly is
1852
01:12:59,576 --> 01:13:00,700
ethical hacking now.
1853
01:13:00,700 --> 01:13:03,225
We were just talking Talking
about how sometimes
1854
01:13:03,225 --> 01:13:04,300
you may want to hack
1855
01:13:04,300 --> 01:13:05,300
into your own system
1856
01:13:05,300 --> 01:13:07,200
before publishing it
out to the public.
1857
01:13:07,200 --> 01:13:09,000
Let's take Internet Explorer.
1858
01:13:09,000 --> 01:13:09,818
For example.
1859
01:13:09,818 --> 01:13:13,515
Now Internet Explorer was
actually published the public
1860
01:13:13,515 --> 01:13:15,966
with some critical
error in the code.
1861
01:13:15,966 --> 01:13:19,099
And these flaws were heavily
exploited by people
1862
01:13:19,099 --> 01:13:20,700
who actually found them.
1863
01:13:20,700 --> 01:13:23,300
Now a number of people
in the world go out looking
1864
01:13:23,300 --> 01:13:24,215
for these flaws
1865
01:13:24,215 --> 01:13:26,900
and they call themselves
security researchers
1866
01:13:26,900 --> 01:13:28,900
and they get in touch
with the vendors
1867
01:13:28,900 --> 01:13:31,572
after they found a flaw
or a bug and work.
1868
01:13:31,572 --> 01:13:33,300
The vendors to get it fixed
1869
01:13:33,300 --> 01:13:36,000
what they end up with is
a bit of reputation.
1870
01:13:36,000 --> 01:13:37,623
They get a name for themselves
1871
01:13:37,623 --> 01:13:41,000
and that name recognition
may end up getting them a job
1872
01:13:41,000 --> 01:13:43,800
or some speaking engagements
or book deal
1873
01:13:43,800 --> 01:13:46,400
or any number of ways
that you could cash in
1874
01:13:46,400 --> 01:13:50,096
on some name recognition
from finding the sort of bugs
1875
01:13:50,096 --> 01:13:51,700
and getting them fixed.
1876
01:13:51,700 --> 01:13:54,288
If you want to get there
before the bad guys.
1877
01:13:54,288 --> 01:13:56,652
You may think you're
helping out a vendor.
1878
01:13:56,652 --> 01:13:59,300
You may want to just
make a name for yourself.
1879
01:13:59,300 --> 01:14:01,100
If you want to find
these sort of bugs
1880
01:14:01,100 --> 01:14:02,200
before the bad guys do
1881
01:14:02,200 --> 01:14:04,092
because think about the bad guys
1882
01:14:04,092 --> 01:14:06,506
finding then is they
don't announce them
1883
01:14:06,506 --> 01:14:08,300
and they don't get them fixed
1884
01:14:08,300 --> 01:14:11,100
and that makes everybody
a little less secure.
1885
01:14:11,100 --> 01:14:13,369
Finally may want
to protect yourself
1886
01:14:13,369 --> 01:14:17,000
from hacked computer companies
and fight cyber criminals,
1887
01:14:17,000 --> 01:14:19,800
and this is new headline
from June 18 2012,
1888
01:14:19,800 --> 01:14:21,686
and we're starting
to see these sort
1889
01:14:21,686 --> 01:14:22,992
of news headlines show up
1890
01:14:22,992 --> 01:14:25,980
as companies are starting
to retaliate against attackers
1891
01:14:25,980 --> 01:14:28,100
in order to retaliate
against attackers.
1892
01:14:28,100 --> 01:14:30,465
Now in order to
retaliate against Dockers,
1893
01:14:30,465 --> 01:14:32,441
you need to be able
to The same sort
1894
01:14:32,441 --> 01:14:35,900
of skills and techniques
and knowledge and experience
1895
01:14:35,900 --> 01:14:37,478
that those attackers have
1896
01:14:37,478 --> 01:14:40,700
and where your company
may want you to learn to hack
1897
01:14:40,700 --> 01:14:43,169
or the company may want
to bring in people
1898
01:14:43,169 --> 01:14:45,700
who are skilled
at these sort of activities
1899
01:14:45,700 --> 01:14:47,871
so that they can
attack the Dockers
1900
01:14:47,871 --> 01:14:51,000
and hopefully you end up
with more Steely exterior
1901
01:14:51,000 --> 01:14:53,600
and you get a reputation
for not being a company
1902
01:14:53,600 --> 01:14:57,071
that people wanted to go
after those are several reasons.
1903
01:14:57,071 --> 01:14:58,071
And there you go.
1904
01:14:58,071 --> 01:14:59,542
I gave you around a bunch
1905
01:14:59,542 --> 01:15:01,800
of reasons as to why
you may want to hack.
1906
01:15:01,800 --> 01:15:06,239
Back for fun prove a point take
yourself to protect the company
1907
01:15:06,239 --> 01:15:08,100
to not run out of business
1908
01:15:08,100 --> 01:15:10,900
and along with another
bunch of reasons.
1909
01:15:10,900 --> 01:15:11,243
Okay.
1910
01:15:11,243 --> 01:15:15,300
So now that we have talked about
why you would want to hack.
1911
01:15:15,300 --> 01:15:18,100
Let's move on to the types
of hackers that exist.
1912
01:15:18,100 --> 01:15:20,544
Now we're going to be talking
about the different types
1913
01:15:20,544 --> 01:15:22,494
of hacking and the first
step of Hawking
1914
01:15:22,494 --> 01:15:24,562
that I want to discuss
is ethical hacking
1915
01:15:24,562 --> 01:15:25,562
and ethical hackers,
1916
01:15:25,562 --> 01:15:26,300
which is really
1917
01:15:26,300 --> 01:15:28,500
what we're going to be talking
about for the rest
1918
01:15:28,500 --> 01:15:31,800
of these lessons now
an ethical hacker is Buddy
1919
01:15:31,800 --> 01:15:34,000
who thinks like
a black hat hacker
1920
01:15:34,000 --> 01:15:35,474
or things like somebody
1921
01:15:35,474 --> 01:15:38,100
who is intent on breaking
into your systems
1922
01:15:38,100 --> 01:15:39,780
but follows a moral compass
1923
01:15:39,780 --> 01:15:42,580
that's more in line
with probably the majority
1924
01:15:42,580 --> 01:15:43,700
of the population.
1925
01:15:43,700 --> 01:15:47,200
So their intent isn't to do
bad things their intent
1926
01:15:47,200 --> 01:15:49,700
is look for bad things
and get them fixed.
1927
01:15:49,700 --> 01:15:53,352
So that bad things don't happen
ethical hackers aren't out
1928
01:15:53,352 --> 01:15:55,588
to destroy anything
and they're not out
1929
01:15:55,588 --> 01:15:56,600
the break anything
1930
01:15:56,600 --> 01:15:59,240
unless it's deemed
to be acceptable as a part
1931
01:15:59,240 --> 01:16:01,400
of the engagement
and also necessary.
1932
01:16:01,400 --> 01:16:04,400
And in order to demonstrate
a particular vulnerability
1933
01:16:04,400 --> 01:16:07,300
to the organization that
they're working with so
1934
01:16:07,300 --> 01:16:08,500
that's an ethical hacker
1935
01:16:08,500 --> 01:16:10,128
and there's a certification
1936
01:16:10,128 --> 01:16:12,300
that's available
from the ec-council.
1937
01:16:12,300 --> 01:16:14,800
It's a certified ethical
hacker and you know,
1938
01:16:14,800 --> 01:16:16,800
if you find
certifications valuable
1939
01:16:16,900 --> 01:16:19,300
and this sort of thing is
what do you want to do?
1940
01:16:19,300 --> 01:16:21,700
We're seeing a set
of certified ethical hacker
1941
01:16:21,700 --> 01:16:24,603
may be something you
might want to look into now.
1942
01:16:24,603 --> 01:16:26,588
Let's talk about
black hat hacker.
1943
01:16:26,588 --> 01:16:29,315
There's a plenty of cases
of black hat hackers
1944
01:16:29,315 --> 01:16:31,739
through yours and
let's talk about a guy.
1945
01:16:31,739 --> 01:16:33,800
In particular called
Kevin mitnick.
1946
01:16:33,800 --> 01:16:36,114
This guy right here
is a particularly
1947
01:16:36,114 --> 01:16:37,492
good example probably
1948
01:16:37,492 --> 01:16:40,985
because he was a black hat
hacker for a lot of us years.
1949
01:16:40,985 --> 01:16:43,400
His goal was to cause
mischief to steal
1950
01:16:43,400 --> 01:16:46,400
where necessary and just
to be engaged in the lifestyle
1951
01:16:46,400 --> 01:16:47,400
of being a hacker
1952
01:16:47,400 --> 01:16:49,000
and doing whatever was necessary
1953
01:16:49,000 --> 01:16:51,515
to continue doing
whatever it craw doing
1954
01:16:51,515 --> 01:16:54,346
whatever he was doing it
cross moral boundaries
1955
01:16:54,346 --> 01:16:55,700
or ethical boundaries.
1956
01:16:55,700 --> 01:16:59,363
And so Kevin mitnick here was
involved for well over a decade
1957
01:16:59,363 --> 01:17:00,462
and computer crime
1958
01:17:00,462 --> 01:17:02,600
and was finally
picked up by the FBI
1959
01:17:02,600 --> 01:17:03,500
and he was charged
1960
01:17:03,500 --> 01:17:06,123
and prosecuted and he
was eventually convicted
1961
01:17:06,123 --> 01:17:09,300
of some of the activities
that he was involved with now
1962
01:17:09,300 --> 01:17:12,900
you may be able to argue
that Kevin is a gray hat hacker
1963
01:17:12,900 --> 01:17:16,100
and as well and a gray
hat hacker is somebody
1964
01:17:16,100 --> 01:17:17,140
who kind of skirts
1965
01:17:17,140 --> 01:17:19,700
the line between black
and white hat Hawking
1966
01:17:19,700 --> 01:17:21,673
and white had Hawking
is really what
1967
01:17:21,673 --> 01:17:25,154
an ethical hacker is so instead
of saying ethical hacker.
1968
01:17:25,154 --> 01:17:26,990
You could say white hat hacker.
1969
01:17:26,990 --> 01:17:28,111
It's the same idea
1970
01:17:28,111 --> 01:17:31,100
of white hat hacker is somebody
who acts for good
1971
01:17:31,100 --> 01:17:33,200
if you Think of it like that
1972
01:17:33,200 --> 01:17:36,000
if you want to think
of it as a good versus evil
1973
01:17:36,000 --> 01:17:38,500
and what they're really
doing is they're in it
1974
01:17:38,500 --> 01:17:39,900
for the technical challenge.
1975
01:17:39,900 --> 01:17:42,600
They're looking to make
things better make things
1976
01:17:42,600 --> 01:17:45,900
more efficient improve them
in some way on the other hand.
1977
01:17:45,900 --> 01:17:49,500
The black hat hacker is out
for the money for the thrill.
1978
01:17:49,500 --> 01:17:51,205
It's really criminal activity
1979
01:17:51,205 --> 01:17:53,935
and a gray hat hacker is
somebody who may employ
1980
01:17:53,935 --> 01:17:56,700
the tactics and technique
of a black hat hacker,
1981
01:17:56,700 --> 01:17:58,700
but have sort of a white hat
1982
01:17:58,700 --> 01:18:01,900
focus in other words
they're going to do Do things
1983
01:18:01,900 --> 01:18:04,600
that may be malicious
and destructive in nature,
1984
01:18:04,600 --> 01:18:06,800
but the reason they're doing
it is to improve
1985
01:18:06,800 --> 01:18:08,831
the security posture
of an organization
1986
01:18:08,831 --> 01:18:09,900
that they're working
1987
01:18:09,900 --> 01:18:11,200
with so you can see
1988
01:18:11,200 --> 01:18:14,083
there's actually a book
called gray hat hacking.
1989
01:18:14,083 --> 01:18:16,840
It's a pretty good book
and it details a lot
1990
01:18:16,840 --> 01:18:18,700
of the tactics and strategies
1991
01:18:18,700 --> 01:18:22,352
and techniques will be going
over in subsequent lessons
1992
01:18:22,352 --> 01:18:23,300
in this video.
1993
01:18:23,300 --> 01:18:25,095
Now one other type of hacking
1994
01:18:25,095 --> 01:18:28,400
that I want to talk about is
a thing called hacktivism
1995
01:18:28,400 --> 01:18:31,200
and you'll find hacktivism
all over the place
1996
01:18:31,200 --> 01:18:33,151
and Example in the last year
1997
01:18:33,151 --> 01:18:37,400
or so and certainly in recent
memory is called loves security.
1998
01:18:37,400 --> 01:18:38,795
Yeah, you heard that right?
1999
01:18:38,795 --> 01:18:41,342
It's called loves security
and you can argue
2000
01:18:41,342 --> 01:18:43,911
that lulls is actually
a response to another type
2001
01:18:43,911 --> 01:18:46,500
of activism and
organization called Anonymous
2002
01:18:46,500 --> 01:18:48,000
started hacking companies
2003
01:18:48,000 --> 01:18:51,000
like Sony to protest
their involvement in a lawsuit
2004
01:18:51,000 --> 01:18:54,112
regarding a PlayStation
3 hacker now allow security
2005
01:18:54,112 --> 01:18:57,092
was supposedly testing
the treatment of anonymous
2006
01:18:57,092 --> 01:19:00,000
or was hacking in support
of this group Anonymous,
2007
01:19:00,000 --> 01:19:01,300
so they hacked number.
2008
01:19:01,300 --> 01:19:04,600
Of companies and the things like
pulled information usernames
2009
01:19:04,600 --> 01:19:08,000
and passwords from the databases
at these companies and they said
2010
01:19:08,000 --> 01:19:10,500
that the reason was to shine
a light on the security
2011
01:19:10,500 --> 01:19:11,400
of these companies
2012
01:19:11,400 --> 01:19:14,311
and also theoretically
embarrassed the companies
2013
01:19:14,311 --> 01:19:16,700
with their weak
or poor security postures
2014
01:19:16,700 --> 01:19:18,147
and the problem with that
2015
01:19:18,147 --> 01:19:21,500
that they were doing this
through were posting information
2016
01:19:21,500 --> 01:19:22,899
that they had found online
2017
01:19:22,900 --> 01:19:25,156
and that information
often included details
2018
01:19:25,156 --> 01:19:27,704
about customers for
these particular corporations.
2019
01:19:27,704 --> 01:19:30,040
And for an ethical hacker
a white hat hacker
2020
01:19:30,040 --> 01:19:31,600
that would cross the boundary.
2021
01:19:31,600 --> 01:19:32,400
Of causing harm.
2022
01:19:32,500 --> 01:19:33,701
So there's no reason
2023
01:19:33,701 --> 01:19:36,407
for me as an ethical hacker
to post information
2024
01:19:36,407 --> 01:19:38,325
in a public forum about somebody
2025
01:19:38,325 --> 01:19:40,619
because I could be doing
damage to them.
2026
01:19:40,619 --> 01:19:44,000
But in this case law security
and Anonymous specifically lot
2027
01:19:44,000 --> 01:19:46,500
of security were engaged
in the form of hacktivism
2028
01:19:46,500 --> 01:19:48,870
and what they were doing
was not only damaging
2029
01:19:48,870 --> 01:19:49,823
to the corporation
2030
01:19:49,823 --> 01:19:51,588
that certainly was detrimental
2031
01:19:51,588 --> 01:19:54,176
to those people so
different types of hackers
2032
01:19:54,176 --> 01:19:56,400
and different types
of hacking we've got
2033
01:19:56,400 --> 01:19:58,100
ethical or white hat hacking.
2034
01:19:58,100 --> 01:20:01,800
You've got black hat gray hat
and then we finally got Mmm,
2035
01:20:01,800 --> 01:20:02,800
it's really the goal
2036
01:20:02,800 --> 01:20:05,500
and the means that vary
from one to the other.
2037
01:20:05,500 --> 01:20:05,802
Okay.
2038
01:20:05,802 --> 01:20:08,700
So now that we've discussed
the types of hackers.
2039
01:20:08,700 --> 01:20:11,508
Let's also discuss the skills
necessary to become one.
2040
01:20:11,508 --> 01:20:13,023
So what we're going to discuss
2041
01:20:13,023 --> 01:20:14,833
in this part are
the different skills
2042
01:20:14,833 --> 01:20:15,688
that are required
2043
01:20:15,688 --> 01:20:17,862
or will be learned as
a part of this video.
2044
01:20:17,862 --> 01:20:18,862
So initially just
2045
01:20:18,862 --> 01:20:21,496
for basic Computing you
need a basic understanding
2046
01:20:21,496 --> 01:20:23,700
of operating systems
and how to work them.
2047
01:20:23,700 --> 01:20:26,300
There are going to be several
fundamental types of tasks
2048
01:20:26,300 --> 01:20:28,829
that I won't be going
into any detail at all
2049
01:20:28,829 --> 01:20:31,329
or and you need to know
how to run programs.
2050
01:20:31,329 --> 01:20:33,800
And do things like open
up a command prompt
2051
01:20:33,800 --> 01:20:36,557
without me walking you
through and how to do that.
2052
01:20:36,557 --> 01:20:37,600
So I am going to assume
2053
01:20:37,600 --> 01:20:40,100
that you have some basic
understanding of how to do
2054
01:20:40,100 --> 01:20:41,202
these sorts of tasks.
2055
01:20:41,202 --> 01:20:44,340
Also, you need an understanding
of the basic system software
2056
01:20:44,340 --> 01:20:47,000
and you'll need a basic
understanding of how to use
2057
01:20:47,000 --> 01:20:48,300
command line utilities.
2058
01:20:48,300 --> 01:20:50,200
There are a number
of tools and programs
2059
01:20:50,200 --> 01:20:52,500
that we're going to be going
through this video
2060
01:20:52,500 --> 01:20:54,637
and many of them use
the command line now
2061
01:20:54,637 --> 01:20:55,990
whether it's on Windows
2062
01:20:55,990 --> 01:20:58,380
or Linux still need
to be familiar with typing
2063
01:20:58,380 --> 01:21:01,093
and being able to run programs
from the command line
2064
01:21:01,093 --> 01:21:03,894
and the various command
line switches and parameters
2065
01:21:03,894 --> 01:21:05,604
that those programs are types
2066
01:21:05,604 --> 01:21:09,251
of programs are going to use now
from a networking perspective.
2067
01:21:09,251 --> 01:21:11,000
You need a basic understanding
2068
01:21:11,000 --> 01:21:13,000
of some simple
networking Concepts.
2069
01:21:13,000 --> 01:21:15,400
You need to know
what cables are and switches
2070
01:21:15,400 --> 01:21:17,900
and hubs and how systems
are networked together.
2071
01:21:17,900 --> 01:21:20,450
You don't really need
a deep level of understanding.
2072
01:21:20,450 --> 01:21:22,100
I'll be going
through some protocols
2073
01:21:22,100 --> 01:21:23,368
as reasonably deep level
2074
01:21:23,368 --> 01:21:25,090
because I think
it's important as
2075
01:21:25,090 --> 01:21:26,900
an ethical hacker to understand
2076
01:21:26,900 --> 01:21:29,000
what's going on
at the protocol level
2077
01:21:29,000 --> 01:21:31,600
so that you can know
better what you are.
2078
01:21:31,600 --> 01:21:34,225
Going and how to achieve
the goals and tasks
2079
01:21:34,225 --> 01:21:37,272
that you have before you so
we're going to be going
2080
01:21:37,272 --> 01:21:38,305
over some protocols.
2081
01:21:38,305 --> 01:21:40,600
So just understanding
what protocols are
2082
01:21:40,600 --> 01:21:42,000
and how they go together.
2083
01:21:42,000 --> 01:21:43,900
They all sort
of things are necessary
2084
01:21:43,900 --> 01:21:45,481
from a networking perspective.
2085
01:21:45,481 --> 01:21:48,668
Now, we're going to also be
learning a bunch of life skills.
2086
01:21:48,668 --> 01:21:51,800
Yes, there are some life skills
that it's important to have.
2087
01:21:51,800 --> 01:21:54,970
I think the most important one
is the ability to accept failure
2088
01:21:54,970 --> 01:21:56,300
and persevere and by that.
2089
01:21:56,300 --> 01:21:59,250
I mean you're going to be just
running across several things
2090
01:21:59,250 --> 01:22:01,349
that just don't work
the first time around
2091
01:22:01,349 --> 01:22:03,500
and it's going to take
a little bit of time
2092
01:22:03,500 --> 01:22:06,645
and stick-to-itiveness to plug
away and keep going
2093
01:22:06,645 --> 01:22:08,700
until you get something to work.
2094
01:22:08,700 --> 01:22:11,500
And the way that you get
things to work is having
2095
01:22:11,500 --> 01:22:13,300
an ability to problem solve
2096
01:22:13,300 --> 01:22:15,926
and sometimes solving
problems requires being
2097
01:22:15,926 --> 01:22:17,000
a little creative.
2098
01:22:17,000 --> 01:22:18,982
Sometimes you need
thing out of the box
2099
01:22:18,982 --> 01:22:20,090
and come out a problem
2100
01:22:20,090 --> 01:22:23,040
from a different perspective
in order to find a solution
2101
01:22:23,040 --> 01:22:24,700
throughout the course
of this video.
2102
01:22:24,700 --> 01:22:27,200
You're going to run
across a lot of sticky problems
2103
01:22:27,200 --> 01:22:30,300
through the course of learning
about being an ethical hacker
2104
01:22:30,300 --> 01:22:31,600
and just doing the work.
2105
01:22:31,600 --> 01:22:33,228
Because it's not a simple.
2106
01:22:33,228 --> 01:22:37,000
So here's a little recipe for
how to do this now go follow
2107
01:22:37,000 --> 01:22:39,976
this recipe every time and
you're going to be successful.
2108
01:22:39,976 --> 01:22:41,459
Every situation is different.
2109
01:22:41,459 --> 01:22:42,789
Every system is different.
2110
01:22:42,789 --> 01:22:45,500
You're going to run across
some pretty sticky problems
2111
01:22:45,500 --> 01:22:49,000
and you're going to have to just
wait and get your hands dirty
2112
01:22:49,000 --> 01:22:51,826
and keep failing and failing
and failing and failing
2113
01:22:51,826 --> 01:22:53,533
until you find a way to succeed.
2114
01:22:53,533 --> 01:22:56,200
So I think those skills are
very necessary to learn
2115
01:22:56,200 --> 01:22:58,900
how to be an ethical hacker
digging through some
2116
01:22:58,900 --> 01:23:01,325
of the material
that will be going over in this.
2117
01:23:01,325 --> 01:23:03,700
Yo, as far as what you
are going to be learning
2118
01:23:03,700 --> 01:23:06,650
you're going to be learning
about how to use a lot of tools.
2119
01:23:06,650 --> 01:23:08,632
You're going to learn
networking and by that.
2120
01:23:08,632 --> 01:23:11,200
I mean we're going to be talking
about different Protocols
2121
01:23:11,200 --> 01:23:14,100
are evolved involved
in networking systems together,
2122
01:23:14,100 --> 01:23:16,641
you're going to learn
about security and security
2123
01:23:16,641 --> 01:23:19,729
postures security is the heart
and soul of ethical hacking.
2124
01:23:19,729 --> 01:23:21,493
It's why we do ethical hacking
2125
01:23:21,493 --> 01:23:24,100
in order to make systems
and networks more secure
2126
01:23:24,100 --> 01:23:25,400
than they were previously.
2127
01:23:25,400 --> 01:23:27,746
That's the goal
from a networking perspective.
2128
01:23:27,746 --> 01:23:30,400
We're going to be talking
about how to read packets
2129
01:23:30,400 --> 01:23:31,600
from Network captures.
2130
01:23:31,600 --> 01:23:34,800
You're going to be going
into TCP IP related protocols
2131
01:23:34,800 --> 01:23:36,330
and fairly significant amount
2132
01:23:36,330 --> 01:23:38,481
of detail and they're
going to understand
2133
01:23:38,481 --> 01:23:40,588
how protocols interact
with one another.
2134
01:23:40,588 --> 01:23:41,800
So we're going to do all
2135
01:23:41,800 --> 01:23:45,400
that and the reading packets
is going to be really important
2136
01:23:45,400 --> 01:23:47,500
and we're going to do
a fair amount of that
2137
01:23:47,500 --> 01:23:50,500
in addition to just
fundamental approach to learning
2138
01:23:50,500 --> 01:23:52,700
how to read packets
in several lessons.
2139
01:23:52,700 --> 01:23:55,300
We're going to read packets
as a way of understanding
2140
01:23:55,300 --> 01:23:56,200
the different tools
2141
01:23:56,200 --> 01:23:57,121
that were using
2142
01:23:57,121 --> 01:24:00,560
and how they're going to learn
tactics and methodologies
2143
01:24:00,560 --> 01:24:03,100
and you get to learn Learn
to use the information
2144
01:24:03,100 --> 01:24:06,000
you've gathered in order
to get more information
2145
01:24:06,000 --> 01:24:09,244
and information is really
what is this all about?
2146
01:24:09,244 --> 01:24:12,378
You can't do much anything
without information
2147
01:24:12,378 --> 01:24:15,923
and sometimes it takes
a fair bit of digging in order
2148
01:24:15,923 --> 01:24:17,500
to find that information
2149
01:24:17,500 --> 01:24:20,700
and what you're going
to learn is the entry points
2150
01:24:20,700 --> 01:24:23,347
and the Stepping Stones
to get the information
2151
01:24:23,347 --> 01:24:24,206
that you need.
2152
01:24:24,206 --> 01:24:26,600
And then once you
have that information,
2153
01:24:26,600 --> 01:24:29,472
you're going to be learning
about ways to exploit it
2154
01:24:29,472 --> 01:24:31,500
in order to get deeper
into the dark.
2155
01:24:31,900 --> 01:24:34,360
You're going to learn
security awareness.
2156
01:24:34,360 --> 01:24:37,500
We're going to talk about risk
and understanding risks
2157
01:24:37,500 --> 01:24:40,800
and vulnerabilities primarily
recognize the difference
2158
01:24:40,800 --> 01:24:42,100
between a vulnerability
2159
01:24:42,100 --> 01:24:44,988
and an exploit and there's
a significant difference.
2160
01:24:44,988 --> 01:24:48,525
There is so security awareness
and understanding what a risk is
2161
01:24:48,525 --> 01:24:50,300
and how that impacts your Target
2162
01:24:50,300 --> 01:24:51,449
and it's going to be key
2163
01:24:51,449 --> 01:24:53,400
to a lot of things
that we talked about.
2164
01:24:53,400 --> 01:24:56,000
So it sounds like a lot
we're going to cover a fair bit
2165
01:24:56,000 --> 01:24:58,311
of ground not all
of it at a deep level.
2166
01:24:58,311 --> 01:25:00,723
Sometimes we are going
to skim the surface
2167
01:25:00,723 --> 01:25:03,400
but there's an an awful lot
of material to be cover.
2168
01:25:03,400 --> 01:25:04,400
So let's get started
2169
01:25:04,400 --> 01:25:07,400
into talking about the different
skills are required
2170
01:25:07,400 --> 01:25:10,307
or will be learned as a part
of the series of video.
2171
01:25:10,307 --> 01:25:12,660
So initially just
for basic Computing you
2172
01:25:12,660 --> 01:25:15,400
need a basic understanding
of operating systems.
2173
01:25:15,400 --> 01:25:17,200
So it sounds like a lot weird
2174
01:25:17,200 --> 01:25:20,506
that we're going to cover
and fair bit of a is going to be
2175
01:25:20,506 --> 01:25:21,682
at a very deep level
2176
01:25:21,682 --> 01:25:24,300
and sometimes we're just
going to skip the surface
2177
01:25:24,300 --> 01:25:26,742
but there's an awful lot
of material to cover
2178
01:25:26,742 --> 01:25:27,831
so let's get started.
2179
01:25:27,831 --> 01:25:30,008
Okay, so that was all
about the skills
2180
01:25:30,008 --> 01:25:31,600
that we are going to develop.
2181
01:25:31,600 --> 01:25:34,644
Throughout this video
and that might be necessary
2182
01:25:34,644 --> 01:25:36,800
for you to become
an ethical hackl.
2183
01:25:37,000 --> 01:25:37,200
Now.
2184
01:25:37,200 --> 01:25:39,100
Let's talk about
the types of attacks
2185
01:25:39,100 --> 01:25:42,600
that you might be dealing
with ethical hacker yourself.
2186
01:25:42,600 --> 01:25:46,072
So now we're going to be talking
about the types of attacks.
2187
01:25:46,072 --> 01:25:47,366
Now one type of attack
2188
01:25:47,366 --> 01:25:49,742
that you'll find common
particularly in cases
2189
01:25:49,742 --> 01:25:51,330
of hacktivism, for example,
2190
01:25:51,330 --> 01:25:54,400
or cases where people are trying
to make a particular point
2191
01:25:54,400 --> 01:25:56,200
or just be a general pain is
2192
01:25:56,200 --> 01:26:00,350
this idea of defacing defacing
goes back for quite a while.
2193
01:26:00,350 --> 01:26:01,289
It's the idea.
2194
01:26:01,289 --> 01:26:03,300
In of sort of digital graffiti
2195
01:26:03,300 --> 01:26:06,100
where you've left your mark
or your imprint behind
2196
01:26:06,100 --> 01:26:09,600
so that everybody knows you were
there primarily a website thing
2197
01:26:09,600 --> 01:26:12,500
and it's really just making
alterations to something
2198
01:26:12,500 --> 01:26:15,100
that used to be pretty common
a long time ago.
2199
01:26:15,100 --> 01:26:18,300
Now it's very particular
for businesses or people
2200
01:26:18,300 --> 01:26:20,594
or just organizations
in general to have
2201
01:26:20,594 --> 01:26:23,561
their homepage has been replaced
by this other thing
2202
01:26:23,561 --> 01:26:26,035
that was along the lines
of hey, I was here
2203
01:26:26,035 --> 01:26:27,800
and I took over your web page.
2204
01:26:27,800 --> 01:26:29,400
We also have a pretty common one
2205
01:26:29,400 --> 01:26:31,500
for certainly has been common
over the years.
2206
01:26:31,500 --> 01:26:34,100
And it's a pretty good part
towards quality exploits
2207
01:26:34,100 --> 01:26:35,800
in high-profile vulnerabilities.
2208
01:26:35,800 --> 01:26:37,790
And that's buffer overflow.
2209
01:26:37,790 --> 01:26:41,500
Now a buffer overflow is
a result of the way programs
2210
01:26:41,500 --> 01:26:42,900
are stored in memory
2211
01:26:42,900 --> 01:26:45,700
when programs are running
they make use of a chunk
2212
01:26:45,700 --> 01:26:47,100
of memory called a star
2213
01:26:47,100 --> 01:26:49,123
and it's just like
a stack of plates
2214
01:26:49,123 --> 01:26:50,300
when you put a bunch
2215
01:26:50,300 --> 01:26:52,900
of plates down when you pull
a plate off you're going
2216
01:26:52,900 --> 01:26:55,335
to pull the top plate
you're going to pull the old
2217
01:26:55,335 --> 01:26:57,800
displayed you're going to pull
the one that was on top.
2218
01:26:57,800 --> 01:26:59,781
So the same thing
with the stack here,
2219
01:26:59,781 --> 01:27:00,911
we're accessing memory
2220
01:27:00,911 --> 01:27:04,700
and This has to do with the way
functions are called in memory
2221
01:27:04,700 --> 01:27:07,973
when you call the function
a chunk of memory gets thrown
2222
01:27:07,973 --> 01:27:10,800
on top of the stack and
that's the chunk of memory
2223
01:27:10,800 --> 01:27:12,000
that gets accessed
2224
01:27:12,000 --> 01:27:14,602
and you've got a piece
of data in memory,
2225
01:27:14,602 --> 01:27:17,400
but in that stack and
that's called a buffer
2226
01:27:17,400 --> 01:27:20,700
and when too much data
is sent and try to put
2227
01:27:20,700 --> 01:27:23,600
into the buffer it
can overflow now the bounds
2228
01:27:23,600 --> 01:27:26,089
of the configured area
for that particular buffer.
2229
01:27:26,089 --> 01:27:27,479
It can overflow the bounds
2230
01:27:27,479 --> 01:27:30,200
of the configured area
for that particular buffer.
2231
01:27:30,200 --> 01:27:32,900
Now the way stack Are put
together we end up
2232
01:27:32,900 --> 01:27:34,433
with the part of the stock
2233
01:27:34,433 --> 01:27:37,500
where the return address
from the function is stored.
2234
01:27:37,500 --> 01:27:39,500
So when you overflow
the buffer you have
2235
01:27:39,500 --> 01:27:42,100
the ability to potentially
override that return
2236
01:27:42,100 --> 01:27:44,000
at which point you
can control the flow
2237
01:27:44,000 --> 01:27:45,339
of execution of programs.
2238
01:27:45,339 --> 01:27:48,556
And if you can control the flow
of execution of the program,
2239
01:27:48,556 --> 01:27:49,617
you can insert code
2240
01:27:49,617 --> 01:27:52,500
into that memory that could
be executed and that's
2241
01:27:52,500 --> 01:27:55,606
where we get buffer overflow
that turns into exploits
2242
01:27:55,606 --> 01:27:58,430
that creates the ability to get
like a command shell
2243
01:27:58,430 --> 01:28:00,800
or some other useful thing
from the system
2244
01:28:00,800 --> 01:28:02,900
where the The buffer
overflow is running.
2245
01:28:02,900 --> 01:28:04,811
So that's a buffer
overflow in short.
2246
01:28:04,811 --> 01:28:05,400
Sometimes.
2247
01:28:05,400 --> 01:28:07,382
We also have
format string attacks.
2248
01:28:07,382 --> 01:28:09,500
And sometimes these
can be precursors
2249
01:28:09,500 --> 01:28:11,100
to buffer overflow formats.
2250
01:28:11,100 --> 01:28:12,872
Now format strings come about
2251
01:28:12,872 --> 01:28:15,500
because the C programming
language makes use
2252
01:28:15,500 --> 01:28:16,764
of these format strings
2253
01:28:16,764 --> 01:28:20,000
that determines how data
is going to be input or output.
2254
01:28:20,000 --> 01:28:22,100
So you have a string
of characters that define
2255
01:28:22,100 --> 01:28:23,500
whether the subsequent input
2256
01:28:23,500 --> 01:28:26,000
or output is going
to be an integer or
2257
01:28:26,000 --> 01:28:27,800
whether it's going
to be a character
2258
01:28:27,800 --> 01:28:29,478
or whether it's going
to be a string
2259
01:28:29,478 --> 01:28:31,400
or a floating-point
that sort of thing.
2260
01:28:31,400 --> 01:28:33,090
So you have a format string
2261
01:28:33,090 --> 01:28:35,505
that defines the input
or the output now
2262
01:28:35,505 --> 01:28:37,917
for programmer leaves
of the format string
2263
01:28:37,917 --> 01:28:40,600
and just gets lazy
and provides only the variable
2264
01:28:40,600 --> 01:28:41,900
that's going to be output.
2265
01:28:41,900 --> 01:28:44,382
For example, you have
the ability to provide
2266
01:28:44,382 --> 01:28:45,500
that format string.
2267
01:28:45,500 --> 01:28:47,200
If you provide
that format string
2268
01:28:47,300 --> 01:28:49,600
what then happens is
the program starts picking
2269
01:28:49,600 --> 01:28:50,700
the next piece of data
2270
01:28:50,700 --> 01:28:52,300
of the stack displays them
2271
01:28:52,300 --> 01:28:54,791
because that way we
can start looking at data
2272
01:28:54,791 --> 01:28:55,909
that's on the stack
2273
01:28:55,909 --> 01:28:58,900
of the running program just
by providing a format string
2274
01:28:58,900 --> 01:29:02,438
if I can look at the data I
may be able to Find information
2275
01:29:02,438 --> 01:29:03,598
like return address
2276
01:29:03,598 --> 01:29:06,100
or some other use
of piece of information.
2277
01:29:06,300 --> 01:29:08,500
There is also a possibility
2278
01:29:08,500 --> 01:29:11,139
of being able to inject
data into the stock.
2279
01:29:11,139 --> 01:29:13,316
I may be able to
find some information
2280
01:29:13,316 --> 01:29:14,500
like a return address
2281
01:29:14,500 --> 01:29:16,763
or some other useful
piece of information.
2282
01:29:16,763 --> 01:29:19,800
There is also a possibility
of being able to inject data
2283
01:29:19,800 --> 01:29:20,682
into the stack.
2284
01:29:20,682 --> 01:29:22,632
I may be able to
find some information
2285
01:29:22,632 --> 01:29:23,739
like a return address
2286
01:29:23,739 --> 01:29:25,900
or some other useful
piece of information.
2287
01:29:25,900 --> 01:29:29,135
There is also a possibility
of being able to inject data
2288
01:29:29,135 --> 01:29:31,500
into the stock using
this particular type.
2289
01:29:31,700 --> 01:29:34,871
Now moving on to our next type
of attack is a denial
2290
01:29:34,871 --> 01:29:36,800
of service a denial of service.
2291
01:29:36,800 --> 01:29:38,388
This is a pretty common one
2292
01:29:38,388 --> 01:29:40,100
and you'll hear
about this a lot.
2293
01:29:40,100 --> 01:29:43,100
This is not to be confused with
the one that I'll be talking
2294
01:29:43,100 --> 01:29:46,411
about after this and that is
a distributed denial of service.
2295
01:29:46,411 --> 01:29:48,000
So this one that you see is
2296
01:29:48,000 --> 01:29:49,900
that this is a denial
of service attack
2297
01:29:50,100 --> 01:29:52,805
and a denial of service
is any attack or action
2298
01:29:52,805 --> 01:29:55,300
that prevents a service
from being available
2299
01:29:55,300 --> 01:29:57,900
to its legitimate
or authorized users.
2300
01:29:57,900 --> 01:30:01,100
So you hear about a ping flood
or a syn flood?
2301
01:30:01,100 --> 01:30:02,957
That is basically a syn packet
2302
01:30:02,957 --> 01:30:06,300
being sent to your machine
constantly or a Smurf attack
2303
01:30:06,300 --> 01:30:08,200
and Smurf attack
has to do something
2304
01:30:08,200 --> 01:30:09,720
with icmp Echo requests
2305
01:30:09,720 --> 01:30:12,300
and responses using
broadcast addresses.
2306
01:30:12,300 --> 01:30:14,100
That one's been pretty
well shot down
2307
01:30:14,100 --> 01:30:15,600
over the last several years.
2308
01:30:15,600 --> 01:30:17,900
You can also get a denial
of service simply
2309
01:30:17,900 --> 01:30:19,958
from a malformed packet
or piece of data
2310
01:30:19,958 --> 01:30:21,900
where a piece
of data is malformed
2311
01:30:21,900 --> 01:30:23,300
and sent into a program.
2312
01:30:23,300 --> 01:30:25,811
Now if the program
doesn't handle it correctly
2313
01:30:25,811 --> 01:30:28,401
if it crashes suddenly
you're not able to use
2314
01:30:28,401 --> 01:30:29,637
that program anymore.
2315
01:30:29,637 --> 01:30:31,147
So therefore you are denied.
2316
01:30:31,147 --> 01:30:34,500
The service of the program
and thus the denial of service.
2317
01:30:34,500 --> 01:30:37,945
Now, as I said a denial
of service is not to be confused
2318
01:30:37,945 --> 01:30:40,200
with a distributed
denial of service.
2319
01:30:40,200 --> 01:30:43,000
And I know it's
pretty trendy particularly
2320
01:30:43,000 --> 01:30:46,500
in the media to call it
any denial-of-service DDOS
2321
01:30:46,500 --> 01:30:49,100
or any denial-of-service DDOS.
2322
01:30:49,100 --> 01:30:51,600
Now it's important to note
2323
01:30:51,600 --> 01:30:55,600
that any denial of service
is not a DDOS a DDOS or
2324
01:30:55,600 --> 01:30:57,835
as you might know
a distributed denial
2325
01:30:57,835 --> 01:31:01,130
of service is a very specific
thing distributed denial
2326
01:31:01,130 --> 01:31:04,799
of the service is a coordinated
denial-of-service making use
2327
01:31:04,799 --> 01:31:07,100
of several hosts
in several locations.
2328
01:31:07,100 --> 01:31:10,900
So if you think about a botnet
as an example a botnet
2329
01:31:10,900 --> 01:31:14,300
could be used to trigger
a distributed denial of service,
2330
01:31:14,300 --> 01:31:15,752
but I've got a lot of bots
2331
01:31:15,752 --> 01:31:18,100
that I'm controlling
from a remote location
2332
01:31:18,100 --> 01:31:20,388
and I'm using all
these boards to do something
2333
01:31:20,388 --> 01:31:22,764
like sending a lot of data
to particular server
2334
01:31:22,764 --> 01:31:26,000
when I've got a lot of system
sending even small amounts
2335
01:31:26,000 --> 01:31:28,800
of data all of that data
can overwhelm the server
2336
01:31:28,800 --> 01:31:29,900
that I'm sending it to
2337
01:31:30,000 --> 01:31:33,759
so the Behind a distributed
denial-of-service attack is
2338
01:31:33,759 --> 01:31:35,500
too overwhelmed resources
2339
01:31:35,500 --> 01:31:36,930
on a particular server
2340
01:31:36,930 --> 01:31:40,667
in order to cause that server
not to be able to respond.
2341
01:31:40,667 --> 01:31:43,546
Now the first known
DDOS attack use the tool
2342
01:31:43,546 --> 01:31:44,985
called stock Old Rod,
2343
01:31:44,985 --> 01:31:48,970
which is German for barbed wire
the stock Old Rod came
2344
01:31:48,970 --> 01:31:52,100
out of some work that a guy
by the name of mr.
2345
01:31:52,100 --> 01:31:53,500
Was doing in 1999.
2346
01:31:53,600 --> 01:31:55,500
He wrote a proof
of concept piece
2347
01:31:55,500 --> 01:31:56,900
of code called tfn,
2348
01:31:56,900 --> 01:31:58,733
which was the
tribe flood Network.
2349
01:31:58,733 --> 01:32:00,400
Let me just show that for you.
2350
01:32:01,700 --> 01:32:02,711
So you can see
2351
01:32:02,711 --> 01:32:05,795
on the Wikipedia page
the try flat Network
2352
01:32:05,795 --> 01:32:08,200
or tfn is a set
of computer programs
2353
01:32:08,200 --> 01:32:12,000
that is used to conduct various
DDOS attacks such as icmp
2354
01:32:12,000 --> 01:32:15,100
flood syn floods UDP flowers
and small for tax.
2355
01:32:15,100 --> 01:32:15,600
Now.
2356
01:32:15,600 --> 01:32:18,100
I know many people
don't really consider
2357
01:32:18,100 --> 01:32:22,000
Wikipedia really good source
of any sort of knowledge,
2358
01:32:22,000 --> 01:32:23,802
but it's a good place
to start off.
2359
01:32:23,802 --> 01:32:26,011
So if you want to read
about all these types
2360
01:32:26,011 --> 01:32:27,576
of attacks like icmp floods
2361
01:32:27,576 --> 01:32:30,400
and what exactly is
a syn flood you can always do
2362
01:32:30,400 --> 01:32:33,200
that from It's
not that bad place.
2363
01:32:33,400 --> 01:32:36,600
Of course, you should use
Wikipedia as your final
2364
01:32:36,600 --> 01:32:38,200
Rosetta Stone moving on.
2365
01:32:38,200 --> 01:32:40,335
So this program called Old Rod,
2366
01:32:40,335 --> 01:32:44,400
which was it was used to attack
servers like eBay and Yahoo!
2367
01:32:44,400 --> 01:32:46,072
Back in February of 2000
2368
01:32:46,072 --> 01:32:49,000
so that tack in February
of 2000 was really
2369
01:32:49,000 --> 01:32:51,666
the first known distributed
denial-of-service attack,
2370
01:32:51,666 --> 01:32:52,783
which is not to say
2371
01:32:52,783 --> 01:32:55,970
that there weren't denial
of service attacks previously So
2372
01:32:55,970 --> 01:32:58,500
to that there were
certainly plenty of them,
2373
01:32:58,500 --> 01:33:00,419
but they were
not distributed now
2374
01:33:00,419 --> 01:33:02,949
this means If there
weren't a lot of systems
2375
01:33:02,949 --> 01:33:03,983
used to coordinate
2376
01:33:03,983 --> 01:33:07,101
and create a denial-of-service
condition and therefore
2377
01:33:07,101 --> 01:33:09,600
we get distributed
denial-of-service attack.
2378
01:33:09,600 --> 01:33:11,600
So that's a handful
of type of tax
2379
01:33:11,600 --> 01:33:13,100
and some pretty common attacks
2380
01:33:13,100 --> 01:33:15,500
that you're going to see
as an ethical hacker
2381
01:33:15,500 --> 01:33:16,905
when you become
an ethical hacker
2382
01:33:16,905 --> 01:33:19,050
or if you're trying
to become an ethical hacker,
2383
01:33:19,050 --> 01:33:21,600
you should always know
about these types of attacks.
2384
01:33:21,800 --> 01:33:22,300
Okay.
2385
01:33:22,300 --> 01:33:23,099
So in this lesson,
2386
01:33:23,099 --> 01:33:25,600
we're going to be talking
about penetration testing
2387
01:33:25,600 --> 01:33:28,000
and some of the details
around how it works
2388
01:33:28,000 --> 01:33:31,731
and Logistics and specifically
things like scope so,
2389
01:33:31,731 --> 01:33:33,944
Exactly is penetration testing.
2390
01:33:33,944 --> 01:33:35,800
So well, not surprisingly.
2391
01:33:35,800 --> 01:33:38,700
It's testing to see
if you can penetrate something
2392
01:33:38,700 --> 01:33:40,789
which means you're going
to check to see
2393
01:33:40,789 --> 01:33:43,200
whether you can break
into a particular thing.
2394
01:33:43,200 --> 01:33:46,400
Whether it's a server or
in applications depending
2395
01:33:46,400 --> 01:33:47,929
on the type of Engagement.
2396
01:33:47,929 --> 01:33:50,600
You've got you may have
the ability to try to break
2397
01:33:50,600 --> 01:33:52,038
in physically to a location
2398
01:33:52,038 --> 01:33:54,200
but primarily but you're
going to be doing
2399
01:33:54,200 --> 01:33:55,300
with penetration testing
2400
01:33:55,300 --> 01:33:57,500
is you're going to be trying
to break into systems
2401
01:33:57,500 --> 01:33:59,528
and networks and applications.
2402
01:33:59,528 --> 01:34:02,300
And that's the kind
of what It's all about
2403
01:34:02,300 --> 01:34:05,800
and this may actually involve
social engineering attacks.
2404
01:34:05,800 --> 01:34:08,700
So it may require you
to make a phone call
2405
01:34:08,700 --> 01:34:12,200
to somebody and get them
to give you their username
2406
01:34:12,200 --> 01:34:16,300
and password or some other type
of social engineering attack
2407
01:34:16,300 --> 01:34:20,300
where maybe you send a URL
via a crafted email.
2408
01:34:20,300 --> 01:34:23,800
Sometimes it's just strictly
a technical approach.
2409
01:34:23,800 --> 01:34:25,100
We're running scans
2410
01:34:25,100 --> 01:34:28,185
and you're running Metasploit
and you're gaining
2411
01:34:28,185 --> 01:34:31,500
access that way or maybe
some other type of Technology.
2412
01:34:31,500 --> 01:34:33,323
Application sort of connection,
2413
01:34:33,323 --> 01:34:36,051
sometimes it's physical access
that you need.
2414
01:34:36,051 --> 01:34:38,916
So in order to get access
to a particular system,
2415
01:34:38,916 --> 01:34:42,200
if you can get physical access
then maybe you can get in
2416
01:34:42,200 --> 01:34:43,500
so that was all about
2417
01:34:43,500 --> 01:34:45,970
that's what exactly
penetration testing is.
2418
01:34:45,970 --> 01:34:48,600
It's checking whether you
can get into a system
2419
01:34:48,600 --> 01:34:50,999
whether it be physically
or on a network.
2420
01:34:50,999 --> 01:34:52,300
So what are the goals
2421
01:34:52,300 --> 01:34:55,840
of penetration testing the goals
would be to assess weakness
2422
01:34:55,840 --> 01:34:58,000
in an organization
security postures.
2423
01:34:58,000 --> 01:34:59,900
We want to figure out
what they're vulnerable
2424
01:34:59,900 --> 01:35:03,235
so that they can go and fix
It's these problems you want
2425
01:35:03,235 --> 01:35:05,900
to help them understand
their risk positions better
2426
01:35:05,900 --> 01:35:06,972
and what they can
2427
01:35:06,972 --> 01:35:09,592
or may be able to do
to mitigate those risks
2428
01:35:09,592 --> 01:35:12,700
and ultimately you want
to be able to access systems
2429
01:35:12,700 --> 01:35:15,000
in a particular way
to find weaknesses.
2430
01:35:15,000 --> 01:35:17,256
So those are really
sort of the goals
2431
01:35:17,256 --> 01:35:20,341
of penetration testing now
from a result standpoint
2432
01:35:20,341 --> 01:35:23,700
when you're done you're testing
what you are going to do.
2433
01:35:23,700 --> 01:35:27,300
Well, you're probably going to
generate a report and by that,
2434
01:35:27,300 --> 01:35:29,878
I don't mean you're going
to run some automated tool
2435
01:35:29,878 --> 01:35:31,778
and you're going
to get it to generate.
2436
01:35:31,778 --> 01:35:32,600
The report for you,
2437
01:35:32,600 --> 01:35:34,500
you're actually going to give
that to the client.
2438
01:35:34,500 --> 01:35:36,630
You're actually going to give
you a report to the client
2439
01:35:36,630 --> 01:35:38,800
and then they're going to write
you a really large check.
2440
01:35:38,800 --> 01:35:40,508
So that's not really
how it works.
2441
01:35:40,508 --> 01:35:43,200
You're going to write a report
detailing the findings
2442
01:35:43,200 --> 01:35:44,400
in a detailed way
2443
01:35:44,400 --> 01:35:47,700
so that it includes
what did you do to find out
2444
01:35:47,700 --> 01:35:49,300
what you actually found out
2445
01:35:49,300 --> 01:35:52,200
and how you can actually
mitigate that particular risk.
2446
01:35:52,200 --> 01:35:55,359
So you should really include
remediation activities in order
2447
01:35:55,359 --> 01:35:56,812
to fix this vulnerabilities
2448
01:35:56,812 --> 01:35:58,958
that you find and it's
pretty easy to walk
2449
01:35:58,958 --> 01:35:59,900
around saying hey,
2450
01:35:59,900 --> 01:36:01,589
that's a problem
and that's problematic.
2451
01:36:01,589 --> 01:36:02,600
And that's a problem.
2452
01:36:02,600 --> 01:36:04,300
That's really not a lot of value
2453
01:36:04,300 --> 01:36:06,915
in that where there's
a value is that hey,
2454
01:36:06,915 --> 01:36:08,000
that's a problem.
2455
01:36:08,000 --> 01:36:10,232
And here's how you
can go about fixing it.
2456
01:36:10,232 --> 01:36:13,200
So let's talk about the scope
of penetration testing.
2457
01:36:13,200 --> 01:36:15,500
So firstly you want
to actually realize
2458
01:36:15,500 --> 01:36:18,900
how big is the breadbox
and how specifically what is it
2459
01:36:18,900 --> 01:36:21,600
that the you two of the two
of you have agreed
2460
01:36:21,600 --> 01:36:23,200
that being you
the ethical hacker
2461
01:36:23,200 --> 01:36:25,900
and the other guy being
the authorized person to give
2462
01:36:25,900 --> 01:36:29,300
you permission to ethically
hack specifically agree
2463
01:36:29,300 --> 01:36:31,700
that you can do
penetration testing.
2464
01:36:31,800 --> 01:36:35,177
And you can Target them as
an organization or decline
2465
01:36:35,177 --> 01:36:38,100
and what you have agreed
to our any exclusions
2466
01:36:38,100 --> 01:36:39,238
or any sort of areas
2467
01:36:39,238 --> 01:36:42,474
that they say you're not allowed
to touch so anything so
2468
01:36:42,474 --> 01:36:44,600
like if they've got
a database server,
2469
01:36:44,600 --> 01:36:47,678
maybe there's a lot
of really sensitive data on it
2470
01:36:47,678 --> 01:36:49,500
and there's a little hesitant
2471
01:36:49,500 --> 01:36:53,500
and they may put don't touch
this thing clause in the school.
2472
01:36:53,500 --> 01:36:55,300
So there are a lot
of different reasons
2473
01:36:55,300 --> 01:36:57,411
why they may exclude
areas from the scope
2474
01:36:57,411 --> 01:37:00,141
and if they exclude them
then trust their reason
2475
01:37:00,141 --> 01:37:01,199
and listen to them
2476
01:37:01,200 --> 01:37:03,438
what They have to say
in terms of this is
2477
01:37:03,438 --> 01:37:05,103
what we want you to accomplish.
2478
01:37:05,103 --> 01:37:07,786
So along those lines you
really need to get sign off
2479
01:37:07,786 --> 01:37:09,312
from the target organization.
2480
01:37:09,312 --> 01:37:11,182
Now, we've talked
about this before
2481
01:37:11,182 --> 01:37:14,241
and this is certainly all
about the ethics then trust
2482
01:37:14,300 --> 01:37:15,700
and it's also about legality
2483
01:37:15,700 --> 01:37:17,200
because if you do something
2484
01:37:17,200 --> 01:37:19,200
that you don't have
permissions to do you
2485
01:37:19,200 --> 01:37:20,900
could be prosecuted for that.
2486
01:37:20,900 --> 01:37:23,541
So definitely get the scope
very clear in writing
2487
01:37:23,541 --> 01:37:26,600
and with signatures attached
to it as to what you can
2488
01:37:26,600 --> 01:37:27,775
and what you can't do
2489
01:37:27,775 --> 01:37:30,207
and always get approval
from the right people
2490
01:37:30,207 --> 01:37:31,711
and make sure you get Buddy
2491
01:37:31,711 --> 01:37:33,064
who has the right level
2492
01:37:33,064 --> 01:37:35,900
of permissions and is
the right level of management
2493
01:37:35,900 --> 01:37:38,659
so that they can sign off
on its understanding
2494
01:37:38,659 --> 01:37:39,778
and accept the risk
2495
01:37:39,778 --> 01:37:42,263
that is associated
with a penetration test.
2496
01:37:42,263 --> 01:37:45,200
So let me talk a little bit
about security assessments
2497
01:37:45,200 --> 01:37:47,300
and how they differ
from penetration tests.
2498
01:37:47,300 --> 01:37:49,300
The security assessment
is a hand
2499
01:37:49,300 --> 01:37:51,092
in hand approach with clients.
2500
01:37:51,092 --> 01:37:53,900
So you would walk in doing
a collaborative thing
2501
01:37:53,900 --> 01:37:57,417
where you're a trusted partner
and you are live with them
2502
01:37:57,417 --> 01:37:59,612
and your goal
isn't to penetrate them
2503
01:37:59,612 --> 01:38:01,372
and point out all the things.
2504
01:38:01,372 --> 01:38:02,548
That are really bad,
2505
01:38:02,548 --> 01:38:04,891
but it's to get a full
assessment of the risk
2506
01:38:04,891 --> 01:38:06,547
that the organization is exposed
2507
01:38:06,547 --> 01:38:09,949
to and you would probably
provide more details about fixes
2508
01:38:09,949 --> 01:38:12,426
that maybe you would
in a penetration test.
2509
01:38:12,426 --> 01:38:15,434
Now what we're going to do
is we're going to walk in
2510
01:38:15,434 --> 01:38:16,229
and make sure
2511
01:38:16,229 --> 01:38:17,269
that the policies
2512
01:38:17,269 --> 01:38:20,000
and procedures they have
in place are really
2513
01:38:20,000 --> 01:38:21,700
what they need
for the organization
2514
01:38:21,900 --> 01:38:23,025
and the risk appetite
2515
01:38:23,025 --> 01:38:25,417
that they've got
and we're going to make sure
2516
01:38:25,417 --> 01:38:28,015
that the policies
and procedures have controlled
2517
01:38:28,015 --> 01:38:28,898
that can tell us
2518
01:38:28,898 --> 01:38:31,542
whether they are being
actually adhere to or not.
2519
01:38:31,542 --> 01:38:33,801
Procedures and policies
are being followed
2520
01:38:33,801 --> 01:38:36,141
a security assessment is
probably a little bit
2521
01:38:36,141 --> 01:38:37,132
more comprehensive
2522
01:38:37,132 --> 01:38:38,400
than a penetration test
2523
01:38:38,400 --> 01:38:40,600
and you would look
at more factors to assess
2524
01:38:40,600 --> 01:38:42,600
the security postures
of the organization
2525
01:38:42,600 --> 01:38:44,100
in their overall risk
2526
01:38:44,100 --> 01:38:47,600
and you would tailor the output
based on the risk appetite
2527
01:38:47,600 --> 01:38:50,769
and what they're most interested
in and that's not to say
2528
01:38:50,769 --> 01:38:53,600
that I'm going to tell them
what they want to hear.
2529
01:38:53,600 --> 01:38:56,600
But if there's something
that they know and I know
2530
01:38:56,600 --> 01:38:58,200
that they're just
not going to do
2531
01:38:58,200 --> 01:39:00,400
I'm not going to be making
a big deal out of it
2532
01:39:00,400 --> 01:39:02,499
because they're already
Eddie aware of it
2533
01:39:02,499 --> 01:39:04,400
and I'll make a note
of it in the report just
2534
01:39:04,400 --> 01:39:05,600
for a complete the sick,
2535
01:39:05,600 --> 01:39:07,700
but I'm not going to go out
in a lot of details.
2536
01:39:07,700 --> 01:39:08,800
So it's really kind of
2537
01:39:08,800 --> 01:39:11,200
a hand hand collaborative
approach where again,
2538
01:39:11,200 --> 01:39:12,178
you're not just saying
2539
01:39:12,178 --> 01:39:15,078
that they want us to say we're
providing some real security
2540
01:39:15,078 --> 01:39:17,200
and risk guidance
towards her activities
2541
01:39:17,200 --> 01:39:18,141
and other things
2542
01:39:18,141 --> 01:39:20,093
so it may provide
an unrealistic view.
2543
01:39:20,093 --> 01:39:21,213
So you've got a week.
2544
01:39:21,213 --> 01:39:23,114
Let's say to do
this penetration test
2545
01:39:23,114 --> 01:39:24,192
against your target.
2546
01:39:24,192 --> 01:39:26,600
Now, you're going to have
to go in you're going
2547
01:39:26,600 --> 01:39:27,700
to have to get setup.
2548
01:39:27,700 --> 01:39:30,000
You're also going to have
to start doing a bunch
2549
01:39:30,000 --> 01:39:31,170
of scans and make sure
2550
01:39:31,170 --> 01:39:32,700
that Gathering information
2551
01:39:32,700 --> 01:39:35,000
and screenshots and data
for your reports
2552
01:39:35,000 --> 01:39:37,500
you're going to have to do
all sorts of activities.
2553
01:39:37,500 --> 01:39:39,100
Also during the course
of that week.
2554
01:39:39,100 --> 01:39:41,100
You're going to be engaged
in probably beginning
2555
01:39:41,100 --> 01:39:42,200
to write your report
2556
01:39:42,200 --> 01:39:44,802
and getting a sense of
what is going to say
2557
01:39:44,802 --> 01:39:46,600
and what's going to be in it.
2558
01:39:46,600 --> 01:39:48,900
If you don't actually
get any major penetration
2559
01:39:48,900 --> 01:39:51,700
during the course of that week
the organization may feel
2560
01:39:51,700 --> 01:39:53,500
like their code and code secure.
2561
01:39:53,500 --> 01:39:55,900
That's one of the reasons
why penetration testing
2562
01:39:55,900 --> 01:39:59,200
while really sexy
and show is nice and all
2563
01:39:59,200 --> 01:40:02,199
but if an organization walks
out of it it believing
2564
01:40:02,199 --> 01:40:03,095
that in a week,
2565
01:40:03,095 --> 01:40:06,330
you didn't manage to get
no get the Keys of the Kingdom.
2566
01:40:06,330 --> 01:40:09,066
They might must be secure
that's really misguided view
2567
01:40:09,066 --> 01:40:11,700
because I'm dedicated skilled
and motivated attacker
2568
01:40:11,700 --> 01:40:14,500
isn't going to just take a week
or some portion of that fee.
2569
01:40:14,500 --> 01:40:16,700
They're after something
they're going to dedicate
2570
01:40:16,700 --> 01:40:19,200
themselves to do it
and really go after it.
2571
01:40:19,200 --> 01:40:22,784
So just because you didn't find
a penetration in some subset
2572
01:40:22,784 --> 01:40:24,000
of week doesn't mean
2573
01:40:24,000 --> 01:40:28,500
that they're secure and Illman
and in vulnerable to attacks.
2574
01:40:28,500 --> 01:40:30,400
It just means
that during the course
2575
01:40:30,400 --> 01:40:33,000
of that particular week
and The circumstances
2576
01:40:33,000 --> 01:40:35,562
that were in place you
can get a penetration
2577
01:40:35,562 --> 01:40:37,699
that was really
significant or major.
2578
01:40:37,699 --> 01:40:38,877
That's all it means.
2579
01:40:38,877 --> 01:40:41,000
It doesn't mean anything
beyond that and
2580
01:40:41,000 --> 01:40:42,800
if an organization
walks away feeling
2581
01:40:42,800 --> 01:40:44,269
like the secure they're going
2582
01:40:44,269 --> 01:40:46,500
to end up not fixing
the real vulnerabilities
2583
01:40:46,500 --> 01:40:47,547
that may be in place
2584
01:40:47,547 --> 01:40:49,800
that could expose them
to significant risks.
2585
01:40:49,800 --> 01:40:53,100
So that's penetration
testing its corpse its goals
2586
01:40:53,100 --> 01:40:55,880
and how it differs
to security assessments now,
2587
01:40:55,880 --> 01:40:57,909
it's time to go
over foot reading.
2588
01:40:57,909 --> 01:41:01,600
So what is footprinting well
for printing is getting an idea.
2589
01:41:01,600 --> 01:41:04,074
Via of the entire scope
of your target.
2590
01:41:04,074 --> 01:41:05,939
That means not just the scope
2591
01:41:05,939 --> 01:41:07,177
that you were given
2592
01:41:07,177 --> 01:41:10,701
which may be an address block
or it may be a domain name
2593
01:41:10,701 --> 01:41:13,200
that even maybe a set
of a truss blocks.
2594
01:41:13,200 --> 01:41:15,913
Now, what you want to do
is you want to figure
2595
01:41:15,913 --> 01:41:17,300
out all the information
2596
01:41:17,300 --> 01:41:20,500
that's associated with that
in great detail
2597
01:41:20,500 --> 01:41:24,700
as you can possibly get so you
want the list of domain names
2598
01:41:24,700 --> 01:41:26,641
as you're going
to go through this
2599
01:41:26,641 --> 01:41:28,100
you probably want some sort
2600
01:41:28,100 --> 01:41:31,500
of database or Excel
spreadsheet or something.
2601
01:41:31,500 --> 01:41:32,900
Track of all the information
2602
01:41:32,900 --> 01:41:35,300
because you're going to have
a lot of it at the end.
2603
01:41:35,300 --> 01:41:37,800
You want to be able
to find information quickly.
2604
01:41:37,800 --> 01:41:40,500
So having some sort
of in a notepad going
2605
01:41:40,500 --> 01:41:41,692
with your notes or
2606
01:41:41,692 --> 01:41:43,898
as I said spreadsheet
or a database.
2607
01:41:43,898 --> 01:41:45,600
So if you can get organized
2608
01:41:45,600 --> 01:41:49,000
in that way you want to keep
all those sorts of things down.
2609
01:41:49,000 --> 01:41:50,000
So in this case,
2610
01:41:50,000 --> 01:41:52,300
I want to do
some search on suppose.
2611
01:41:52,300 --> 01:41:54,064
Let's say Eddie
record dot go now.
2612
01:41:54,064 --> 01:41:55,300
I need Network block.
2613
01:41:55,300 --> 01:41:58,300
So so far we found out
that just made up IP addresses
2614
01:41:58,300 --> 01:42:00,400
because I'm just
putting information down,
2615
01:42:00,400 --> 01:42:01,700
but I need never be Block,
2616
01:42:01,700 --> 01:42:05,200
so you may have one IP address
that you can find externally
2617
01:42:05,200 --> 01:42:06,900
or you're going to want to hold
2618
01:42:06,900 --> 01:42:10,336
range of internal clocks and you
can do a little bit of digging.
2619
01:42:10,336 --> 01:42:13,500
If you aren't provided those you
want specific IP addresses
2620
01:42:13,500 --> 01:42:16,900
for critical systems web
servers email servers databases.
2621
01:42:16,900 --> 01:42:18,900
If you can find any
of these things
2622
01:42:18,900 --> 01:42:21,800
of those sorts and you
want system architectures
2623
01:42:21,800 --> 01:42:24,650
and what kind of stuff are they
running are they running Intel
2624
01:42:24,650 --> 01:42:25,900
are they running windows?
2625
01:42:25,900 --> 01:42:27,600
Are they running
some Unix systems?
2626
01:42:27,600 --> 01:42:28,618
What are they running?
2627
01:42:28,618 --> 01:42:30,768
What kind of Access
Control lists they have.
2628
01:42:30,768 --> 01:42:33,400
These are going to be To get
but you may be able to guess
2629
01:42:33,400 --> 01:42:35,932
them and you can guess
these by doing Port
2630
01:42:35,932 --> 01:42:39,700
can so what sort of responses
you get back from the port scans
2631
01:42:39,700 --> 01:42:42,806
with the filters and are
what you don't get back.
2632
01:42:42,806 --> 01:42:45,190
We'll tell you about
if there's an IDs
2633
01:42:45,190 --> 01:42:48,300
around or some you want
to do a system numeration,
2634
01:42:48,300 --> 01:42:49,619
or you can get access
2635
01:42:49,619 --> 01:42:53,200
to a system somehow you want
to know usernames group name.
2636
01:42:53,200 --> 01:42:55,400
So on so the basic idea
2637
01:42:55,400 --> 01:42:58,600
of footprinting is
gathering information now
2638
01:42:58,600 --> 01:43:01,600
if you can get access to system
somehow you want to no use
2639
01:43:01,600 --> 01:43:05,186
Names group names so you want
system banners routing tables
2640
01:43:05,186 --> 01:43:08,022
SNMP information if you
can get it DNS host names
2641
01:43:08,022 --> 01:43:09,500
if you can get those now,
2642
01:43:09,500 --> 01:43:12,200
this is for both internal
and external on the side.
2643
01:43:12,200 --> 01:43:14,379
If you're doing
an internal penetration test
2644
01:43:14,379 --> 01:43:15,900
or ethical hacking engagement.
2645
01:43:15,900 --> 01:43:18,500
You want to know the networking
protocols that are out there.
2646
01:43:18,500 --> 01:43:19,900
Are they using TCP IP,
2647
01:43:19,900 --> 01:43:21,700
or are they using some UDP
2648
01:43:21,700 --> 01:43:25,600
or are they on ipx
or SPX the using decnet
2649
01:43:25,600 --> 01:43:28,982
or appletalk or are they
using some sort of split DNS?
2650
01:43:28,982 --> 01:43:29,940
In other words?
2651
01:43:29,940 --> 01:43:31,600
Do they have internal DNS?
2652
01:43:31,800 --> 01:43:33,700
So was that give different foam
2653
01:43:33,700 --> 01:43:36,501
for the external and will it
give different information?
2654
01:43:36,501 --> 01:43:39,552
If you want to check for
remote access possibilities now
2655
01:43:39,552 --> 01:43:41,300
in the foot printing process
2656
01:43:41,300 --> 01:43:44,600
you want to be very exhaustive
you might want to try
2657
01:43:44,600 --> 01:43:48,857
and take out email addresses
server domain name Services.
2658
01:43:48,857 --> 01:43:51,900
I mean IP addresses
or even contact numbers
2659
01:43:51,900 --> 01:43:54,500
and you want to be very
exhausted with your approach.
2660
01:43:54,500 --> 01:43:56,686
You don't want to miss
anything out because
2661
01:43:56,686 --> 01:43:57,480
if you do that,
2662
01:43:57,480 --> 01:43:58,309
you can continue
2663
01:43:58,309 --> 01:44:01,222
and also provide some some
launching points for additional.
2664
01:44:01,222 --> 01:44:03,529
Tax or test that you
may be able to do but this
2665
01:44:03,529 --> 01:44:06,461
is definitely a starting point
of the types of information
2666
01:44:06,461 --> 01:44:07,576
that you need to have
2667
01:44:07,576 --> 01:44:09,700
as you go about
footprinting your target.
2668
01:44:09,700 --> 01:44:10,700
Now next thing
2669
01:44:10,700 --> 01:44:13,301
that we are going to see
is very interesting.
2670
01:44:13,301 --> 01:44:15,323
This is one
of the many common tools
2671
01:44:15,323 --> 01:44:17,500
that are out there
on the internet and
2672
01:44:17,500 --> 01:44:21,700
that is the Wayback machine
or also known as archive.org now
2673
01:44:21,700 --> 01:44:24,477
while it might not give you all
the information that you need
2674
01:44:24,477 --> 01:44:26,700
but it gives certainly
gives you a starting point
2675
01:44:26,700 --> 01:44:29,400
and what we're talking about
here is the Wayback machine
2676
01:44:29,400 --> 01:44:32,600
or archive.org so Just
give you a quick look
2677
01:44:32,600 --> 01:44:34,600
at what archive.org looks like.
2678
01:44:34,600 --> 01:44:34,900
Okay.
2679
01:44:34,900 --> 01:44:36,700
I already have it open out here.
2680
01:44:36,700 --> 01:44:39,100
So audio what you can see is
2681
01:44:39,100 --> 01:44:42,249
how a website look
like around some time ago.
2682
01:44:42,249 --> 01:44:43,322
So for example,
2683
01:44:43,322 --> 01:44:46,600
if you want to look at
with Google look like
2684
01:44:46,600 --> 01:44:50,600
so you just have to search
for Google out here and wait
2685
01:44:50,600 --> 01:44:52,100
for results to come back.
2686
01:44:52,515 --> 01:44:52,900
Okay.
2687
01:44:52,900 --> 01:44:56,100
So we see that Google goes
way back to 1998.
2688
01:44:56,100 --> 01:44:59,535
So that was the last capture
or the first capture other.
2689
01:44:59,535 --> 01:45:02,000
It was the first capture
by the Way back machine
2690
01:45:02,000 --> 01:45:02,700
and we can see
2691
01:45:02,700 --> 01:45:05,500
that it has a screenshot
of November 11th
2692
01:45:05,500 --> 01:45:07,382
and how Google looked so,
2693
01:45:07,382 --> 01:45:11,600
let's see what Google look
like in November 11th of 1988.
2694
01:45:11,600 --> 01:45:13,052
So this is what Google look
2695
01:45:13,052 --> 01:45:15,418
like it was there was
actually nothing to it.
2696
01:45:15,418 --> 01:45:18,700
It just said welcome to Google
Google search engine prototypes
2697
01:45:19,100 --> 01:45:21,200
and it hasn't link.
2698
01:45:21,200 --> 01:45:24,288
So yeah, this is what the Google
search engine look like.
2699
01:45:24,288 --> 01:45:25,700
It had a Stanford surge.
2700
01:45:25,700 --> 01:45:26,930
It had a Linux urge
2701
01:45:26,930 --> 01:45:29,149
and you could do
all sorts of stuff.
2702
01:45:29,149 --> 01:45:31,369
You could just put
the results now.
2703
01:45:31,369 --> 01:45:34,865
I'm trying to tell y'all is
you can see the evolution
2704
01:45:34,865 --> 01:45:38,000
of the website should time
to the Wayback machine
2705
01:45:38,000 --> 01:45:41,378
and this gives you rather
in informated look
2706
01:45:41,378 --> 01:45:44,200
into how website
has actually evolved.
2707
01:45:44,400 --> 01:45:44,800
Okay.
2708
01:45:44,800 --> 01:45:46,659
Now that we know what
for printing is
2709
01:45:46,659 --> 01:45:49,600
and how it falls into
the hole recognition process.
2710
01:45:49,600 --> 01:45:52,505
So let's go over a couple
of websites to do a little bit
2711
01:45:52,505 --> 01:45:55,200
of historical thinking
about companies and the types
2712
01:45:55,200 --> 01:45:56,137
of infrastructure
2713
01:45:56,137 --> 01:45:57,330
that they may be using
2714
01:45:57,330 --> 01:45:59,342
and this information
of course is useful
2715
01:45:59,342 --> 01:46:01,200
so that we can narrow
down our Focus.
2716
01:46:01,200 --> 01:46:03,650
Us in terms of what we want
to Target against them
2717
01:46:03,650 --> 01:46:06,300
for attacks now over time
we've improved our awareness
2718
01:46:06,300 --> 01:46:07,200
about what sorts
2719
01:46:07,200 --> 01:46:10,500
of information we may want
to divulge so several years ago
2720
01:46:10,500 --> 01:46:13,100
you may have gone to a company's
website and discover
2721
01:46:13,100 --> 01:46:15,200
that you could get
email addresses and names
2722
01:46:15,200 --> 01:46:16,345
of people in positions
2723
01:46:16,345 --> 01:46:17,701
that you may find relevant
2724
01:46:17,701 --> 01:46:20,100
and there were all sorts
of bits of information
2725
01:46:20,100 --> 01:46:22,073
that could be used
against the company
2726
01:46:22,073 --> 01:46:23,700
and over time we have discovered
2727
01:46:23,700 --> 01:46:24,788
that those are pieces
2728
01:46:24,788 --> 01:46:27,359
of information probably
don't belong in a website
2729
01:46:27,359 --> 01:46:29,464
where they can be used
against the company
2730
01:46:29,464 --> 01:46:32,288
and so they've been pulled
off now The used to be also
2731
01:46:32,288 --> 01:46:34,900
that Google had the ability
to pull up information
2732
01:46:34,900 --> 01:46:36,746
that it had cash so far.
2733
01:46:36,746 --> 01:46:37,469
For example,
2734
01:46:37,469 --> 01:46:39,700
if a website is
no longer available or
2735
01:46:39,700 --> 01:46:41,900
if it was temporarily
down and offline.
2736
01:46:41,900 --> 01:46:44,300
There was a little cash button
that you can click
2737
01:46:44,300 --> 01:46:46,400
when you did
and the Google search
2738
01:46:46,400 --> 01:46:48,571
and you could pull up
that cast information.
2739
01:46:48,571 --> 01:46:51,400
So even though the website
wasn't available you can still
2740
01:46:51,400 --> 01:46:54,716
get information from Google's
servers now Google's remove
2741
01:46:54,716 --> 01:46:57,400
that so we don't have
that ability any longer.
2742
01:46:57,400 --> 01:46:59,700
However, there is
an internet archive
2743
01:46:59,700 --> 01:47:03,700
that we can Use so this thing
is called the Wayback machine
2744
01:47:03,700 --> 01:47:05,600
and I have it open out here.
2745
01:47:05,600 --> 01:47:07,500
So it's archive.org / web.
2746
01:47:07,500 --> 01:47:09,400
So archive.org is a website
2747
01:47:09,400 --> 01:47:11,900
that gives us information
about other websites
2748
01:47:11,900 --> 01:47:13,900
and how they look
like in years ago
2749
01:47:13,900 --> 01:47:16,600
and by so I'm going to go
to the Wayback machine
2750
01:47:16,600 --> 01:47:19,032
which you can see is
at the archive.org
2751
01:47:19,032 --> 01:47:23,000
and I'm going to go and try and
search for Eddie record dot go.
2752
01:47:23,000 --> 01:47:25,293
So now we're going
to take a historical look
2753
01:47:25,293 --> 01:47:27,004
at Eddie record dot goes website
2754
01:47:27,004 --> 01:47:29,800
and you can see we've got
some years and they've got
2755
01:47:29,800 --> 01:47:31,300
information going back up
2756
01:47:31,300 --> 01:47:32,600
to Thousand thirteen,
2757
01:47:32,600 --> 01:47:35,405
so let's look at what
this website looked
2758
01:47:35,405 --> 01:47:37,300
like when it was just 2013.
2759
01:47:37,300 --> 01:47:40,833
Okay, there doesn't seem
to be any snapshots out here.
2760
01:47:40,833 --> 01:47:42,500
I wonder what's going on.
2761
01:47:42,500 --> 01:47:42,900
Okay.
2762
01:47:42,900 --> 01:47:47,600
So let's go 2014 and
the first snapshot seems to be
2763
01:47:47,700 --> 01:47:50,300
on the September 12th of 2014.
2764
01:47:50,300 --> 01:47:50,990
Actually.
2765
01:47:50,990 --> 01:47:53,600
It's on May 17 to so
let's see what
2766
01:47:53,600 --> 01:47:54,830
that looks like.
2767
01:47:55,600 --> 01:47:55,957
Okay.
2768
01:47:55,957 --> 01:47:59,600
So this is what Eddie
regular look like back in 2013
2769
01:47:59,600 --> 01:48:03,360
or other 2014 September
12 2014 to be actually exact
2770
01:48:03,360 --> 01:48:04,408
now you can see
2771
01:48:04,408 --> 01:48:06,700
that the we have
some live classes
2772
01:48:06,700 --> 01:48:08,400
and all this pictures there
2773
01:48:08,400 --> 01:48:11,033
and they've got this weird
picture of the sky
2774
01:48:11,033 --> 01:48:14,322
and here I don't know why
that was a thing back in 2014.
2775
01:48:14,322 --> 01:48:16,851
Now we can browse more
advanced screen shots
2776
01:48:16,851 --> 01:48:19,988
or rather the screen shots
that were taken later on and see
2777
01:48:19,988 --> 01:48:22,800
how this company has evolved
with this infrastructure
2778
01:48:22,800 --> 01:48:25,388
and the way it actually
lays out its content.
2779
01:48:25,388 --> 01:48:27,300
Okay, so it still hasn't evolved
2780
01:48:27,300 --> 01:48:30,100
but I can go a couple
of years ahead and see
2781
01:48:30,100 --> 01:48:32,602
what this has actually
evolved into so
2782
01:48:32,602 --> 01:48:34,700
if I would go to December 2016,
2783
01:48:36,400 --> 01:48:39,963
so this is what it looked
like in 2016 and we can see
2784
01:48:39,963 --> 01:48:42,683
that they've added
this weird box out here
2785
01:48:42,683 --> 01:48:46,000
about brides and courses
they have other search bar
2786
01:48:46,000 --> 01:48:47,298
that kind of looks weird,
2787
01:48:47,298 --> 01:48:49,478
but it's mostly
because my Internet is slow
2788
01:48:49,478 --> 01:48:51,328
and it's not loading
all the elements.
2789
01:48:51,328 --> 01:48:52,444
They've also changed
2790
01:48:52,444 --> 01:48:55,400
how they've actually laid
out the courses we can also.
2791
01:48:55,400 --> 01:48:57,800
Oh see a change
in the prices, I guess.
2792
01:48:57,800 --> 01:48:59,300
So, yeah, this tells us
2793
01:48:59,300 --> 01:49:02,800
about how it evolves
as complete website.
2794
01:49:02,900 --> 01:49:06,282
Now this other website I want to
talk about is called net crap.
2795
01:49:06,282 --> 01:49:07,400
Now next craft does
2796
01:49:07,400 --> 01:49:10,201
internet research including
the types of web servers
2797
01:49:10,201 --> 01:49:13,018
that companies run and they
have a web server service.
2798
01:49:13,018 --> 01:49:16,100
You can see here as we scroll
the Apache server service has
2799
01:49:16,100 --> 01:49:18,800
sixty four point three percent
of the internet Market,
2800
01:49:18,800 --> 01:49:19,300
of course,
2801
01:49:19,300 --> 01:49:20,700
and that's followed by Microsoft
2802
01:49:20,700 --> 01:49:23,453
with 13% interesting information
may be useful information,
2803
01:49:23,453 --> 01:49:25,400
but even more useful
than that is looking.
2804
01:49:25,400 --> 01:49:27,887
But different companies
Run for the websites
2805
01:49:27,887 --> 01:49:29,005
and you can see here.
2806
01:49:29,005 --> 01:49:29,300
Okay.
2807
01:49:29,300 --> 01:49:32,300
So let's try and search
for Eddie Rekha dot code here.
2808
01:49:32,300 --> 01:49:34,900
So let's just put
in the website URL
2809
01:49:34,900 --> 01:49:37,984
and that net craft
generate the site report.
2810
01:49:37,984 --> 01:49:39,141
So as you can see
2811
01:49:39,141 --> 01:49:41,340
that some stuff
is not available.
2812
01:49:41,340 --> 01:49:43,782
You know that the net
block owner is
2813
01:49:43,782 --> 01:49:47,900
by Amazon Technologies name
server is this thing right here?
2814
01:49:47,900 --> 01:49:51,300
DNS admin is
AWS DNS host Master.
2815
01:49:51,300 --> 01:49:55,033
We also have the IP address
we can go for a wire look up.
2816
01:49:55,033 --> 01:49:57,611
Up the IP on virustotal
you can do that.
2817
01:49:57,611 --> 01:49:59,272
There is no IPv6 present.
2818
01:49:59,272 --> 01:50:01,000
So that's some information
2819
01:50:01,000 --> 01:50:04,600
that we can see so we
can obviously opt-out not
2820
01:50:04,600 --> 01:50:06,400
Target IPv6 ranges.
2821
01:50:06,469 --> 01:50:08,700
Then there's also reverse DNS
2822
01:50:08,700 --> 01:50:11,400
then we also have a bunch
of Hosting history.
2823
01:50:11,400 --> 01:50:14,059
So this is a history
of it and we know
2824
01:50:14,059 --> 01:50:18,300
that it's hosted on a Linux
system with an Apache web server
2825
01:50:18,300 --> 01:50:19,500
and it was last seen
2826
01:50:19,500 --> 01:50:21,552
and this was when it
was last updated.
2827
01:50:21,552 --> 01:50:23,835
So this is some very
useful information.
2828
01:50:23,835 --> 01:50:26,600
You can also get information
on If like Netflix,
2829
01:50:26,600 --> 01:50:28,600
so if you just type, okay
2830
01:50:28,600 --> 01:50:30,500
I said I just
spelled that wrong.
2831
01:50:30,500 --> 01:50:33,200
So let me just change
from the URL out here.
2832
01:50:33,200 --> 01:50:36,700
So if you go and die for
netflix.com and you'll see
2833
01:50:36,700 --> 01:50:39,100
that it will show you
all sorts of information.
2834
01:50:39,100 --> 01:50:42,500
So as you see that it's
on an e WS server.
2835
01:50:42,500 --> 01:50:44,223
It's Amazon data services,
2836
01:50:44,223 --> 01:50:47,000
Ireland and this is
all the hosting history
2837
01:50:47,000 --> 01:50:48,099
that it goes along
2838
01:50:48,099 --> 01:50:51,556
with it has some send the
policy Frameworks domain-based
2839
01:50:51,556 --> 01:50:52,939
message authentication
2840
01:50:52,939 --> 01:50:54,700
and Reporting confirmations.
2841
01:50:55,100 --> 01:50:56,049
And there's all sorts
2842
01:50:56,049 --> 01:50:58,300
of information that you
can get about websites
2843
01:50:58,300 --> 01:51:00,054
and web servers from net craft.
2844
01:51:00,054 --> 01:51:01,300
So the Wayback machine
2845
01:51:01,300 --> 01:51:04,020
long with net craft make up
for some interesting tools
2846
01:51:04,020 --> 01:51:06,279
that are available
on the internet from which
2847
01:51:06,279 --> 01:51:09,000
you can do a little bit
of your reconnaissance recess.
2848
01:51:09,000 --> 01:51:09,301
Okay.
2849
01:51:09,301 --> 01:51:11,425
Now that we have gone
over net craft
2850
01:51:11,425 --> 01:51:13,078
and the Wayback machine now,
2851
01:51:13,078 --> 01:51:14,313
it's time to actually
2852
01:51:14,313 --> 01:51:16,800
get to know how to use
the little information
2853
01:51:16,800 --> 01:51:18,682
that the side actually provides.
2854
01:51:18,682 --> 01:51:20,027
So what the next topic
2855
01:51:20,027 --> 01:51:22,900
that we are going to go
over is using DNS to get
2856
01:51:22,900 --> 01:51:27,100
more information now we're going
to be Going over to land.
2857
01:51:27,100 --> 01:51:29,500
This is called
who is and the utility
2858
01:51:29,500 --> 01:51:31,900
that is used to query
the various Regional internet
2859
01:51:31,900 --> 01:51:34,669
registries the store information
about domain names
2860
01:51:34,669 --> 01:51:37,270
and IP addresses and let
me just show it to you
2861
01:51:37,270 --> 01:51:39,800
about all the internet
registries are there.
2862
01:51:39,800 --> 01:51:41,500
So I have Aaron dotnet open
2863
01:51:41,500 --> 01:51:43,795
out here and these are
the internet registries
2864
01:51:43,795 --> 01:51:44,900
that provides the isps
2865
01:51:44,900 --> 01:51:47,200
and looks over the Internet
control as a whole.
2866
01:51:47,200 --> 01:51:51,600
So here we have afrinic we
have up next we have Aaron
2867
01:51:51,600 --> 01:51:54,100
we have lacnic
and we have ripe NCC
2868
01:51:54,100 --> 01:51:57,732
so These are all the regions
and all the different types
2869
01:51:57,732 --> 01:52:01,300
of stuff that they support
all the different countries.
2870
01:52:01,300 --> 01:52:03,400
You can look at the map
2871
01:52:03,400 --> 01:52:06,550
that it is pouring out
here by just hovering
2872
01:52:06,550 --> 01:52:07,912
over the providers.
2873
01:52:07,912 --> 01:52:10,638
So as you can see all
these Brown region
2874
01:52:10,638 --> 01:52:11,941
out here is Africa
2875
01:52:11,941 --> 01:52:16,500
after Nick then we have up next
which is black or grayish thing,
2876
01:52:16,500 --> 01:52:18,600
which is India and Australia
2877
01:52:18,600 --> 01:52:21,676
and quite a lot of issue
then we have iron
2878
01:52:21,676 --> 01:52:25,400
which is a lot of North America
in the United States me.
2879
01:52:25,500 --> 01:52:27,943
Then this lacnic
which is mostly the Latino side,
2880
01:52:27,943 --> 01:52:29,550
which is a South American part.
2881
01:52:29,550 --> 01:52:31,300
Then we have the rest of Europe
2882
01:52:31,300 --> 01:52:33,600
which is ripe NCC
and this is the part
2883
01:52:33,600 --> 01:52:36,300
that ripe NCC is providing
internet to okay.
2884
01:52:36,300 --> 01:52:38,400
So that was all
about the internet registries.
2885
01:52:38,400 --> 01:52:40,000
Now, let's get back to the topic
2886
01:52:40,000 --> 01:52:42,723
and that is using DNS
to get more information.
2887
01:52:42,723 --> 01:52:46,342
Now for this we are going to
be using a Linux based system.
2888
01:52:46,342 --> 01:52:49,400
So I have a bunch of running
on my virtual machine
2889
01:52:49,400 --> 01:52:51,700
out here and let me
just log into it.
2890
01:52:51,700 --> 01:52:54,900
So firstly we are going
to be using this Square.
2891
01:52:54,900 --> 01:52:56,500
I recalled who is that looks up
2892
01:52:56,500 --> 01:52:58,900
these internet registries
that I just showed you.
2893
01:52:58,900 --> 01:53:00,500
Let me just quickly remove this.
2894
01:53:00,799 --> 01:53:01,300
Okay.
2895
01:53:01,800 --> 01:53:03,500
So for acquiring information
2896
01:53:03,500 --> 01:53:06,099
from the regional internet
registries that I just talked
2897
01:53:06,099 --> 01:53:06,992
about you can use
2898
01:53:06,992 --> 01:53:08,308
who is to get information
2899
01:53:08,308 --> 01:53:10,500
about who owns
a particular IP address.
2900
01:53:10,500 --> 01:53:11,400
So for example,
2901
01:53:11,400 --> 01:53:14,900
I could do who is and
let's see I could do
2902
01:53:14,900 --> 01:53:20,676
who is Google or rather
netflix.com and we can get
2903
01:53:20,676 --> 01:53:24,599
all sorts of information
about Netflix so we can see
2904
01:53:24,599 --> 01:53:28,200
that we Of the visit markmonitor
then let's see.
2905
01:53:28,200 --> 01:53:31,400
Let's go up and look
for all sorts of information
2906
01:53:31,400 --> 01:53:34,300
that has been given to
us by this who is query.
2907
01:53:34,300 --> 01:53:37,594
So as you guys can see I just
went a little bit too much.
2908
01:53:37,594 --> 01:53:37,871
Okay.
2909
01:53:37,871 --> 01:53:39,200
So registry domain ID,
2910
01:53:39,200 --> 01:53:42,000
we have the domain ID
where it is registered as
2911
01:53:42,000 --> 01:53:44,100
a registered URL is markmonitor.
2912
01:53:44,100 --> 01:53:44,434
Okay.
2913
01:53:44,434 --> 01:53:48,720
So this is for marking actually
now the creation date is 1997.
2914
01:53:48,720 --> 01:53:52,700
So you haven't realized Netflix
been around for a long time
2915
01:53:52,700 --> 01:53:54,900
and it's been updated on 2015.
2916
01:53:54,900 --> 01:53:56,432
And registry expiry date
2917
01:53:56,432 --> 01:54:00,200
as we see is 2019 that's going
to actually go off this here.
2918
01:54:00,200 --> 01:54:02,700
Then this is all
useful information
2919
01:54:02,700 --> 01:54:05,400
so we can see all sorts
of domain status
2920
01:54:05,400 --> 01:54:09,800
the name server URL the DNS SEC
that it says unsigned.
2921
01:54:09,800 --> 01:54:11,800
This is very useful information
2922
01:54:11,800 --> 01:54:14,423
that is being provided
by very simple query.
2923
01:54:14,423 --> 01:54:17,900
Now, if you want to know who
owns a particular IP address,
2924
01:54:17,900 --> 01:54:21,600
so let's see if we get back
the IP address out there.
2925
01:54:21,600 --> 01:54:23,557
We should have got
back the IP address,
2926
01:54:23,557 --> 01:54:25,000
but it's kind of lost on me.
2927
01:54:25,000 --> 01:54:28,335
So To get back the IP address
also for a domain name service.
2928
01:54:28,335 --> 01:54:29,100
So, you know,
2929
01:54:29,100 --> 01:54:31,100
so you could use
this command called dick.
2930
01:54:31,100 --> 01:54:33,023
So your dick netflix.com.
2931
01:54:34,100 --> 01:54:36,000
Now as you guys can see
2932
01:54:36,100 --> 01:54:40,800
that it has returned a bunch
of multiple IP addresses
2933
01:54:40,800 --> 01:54:42,400
at these are all
the IP addresses
2934
01:54:42,400 --> 01:54:45,500
that Netflix's so I
could do something like
2935
01:54:45,500 --> 01:54:47,147
if I was trying to check out
2936
01:54:47,147 --> 01:54:49,852
who all the certain
IP address and for example,
2937
01:54:49,852 --> 01:54:51,709
I have got one
of these IP addresses,
2938
01:54:51,709 --> 01:54:53,800
but let's just assume
I don't know
2939
01:54:53,800 --> 01:54:55,400
that actually belongs to Netflix
2940
01:54:55,400 --> 01:55:01,200
so I can go who is
50 4.77 dot hundred and eight to
2941
01:55:01,400 --> 01:55:03,500
and it'll give
me some information
2942
01:55:03,500 --> 01:55:07,200
so As you guys can see
it is giving us a bunch
2943
01:55:07,200 --> 01:55:12,800
of information as to who this is
and how it is happening.
2944
01:55:12,906 --> 01:55:14,500
So we see that it is
2945
01:55:14,500 --> 01:55:18,550
from Aaron dotnet and so
we can very smartly assume
2946
01:55:18,550 --> 01:55:21,700
that it's from the North
American part know
2947
01:55:21,700 --> 01:55:24,465
we can also see
that it's in Seattle.
2948
01:55:24,465 --> 01:55:27,000
So our guess was
completely right.
2949
01:55:27,100 --> 01:55:29,200
So it also gives us a range.
2950
01:55:29,200 --> 01:55:31,489
So this is
something very useful.
2951
01:55:31,489 --> 01:55:34,981
So if you see we now have
the rain age of the IPS
2952
01:55:34,981 --> 01:55:37,600
that might be being
used by this guy.
2953
01:55:37,600 --> 01:55:42,500
So we indeed have 54 and it
says it goes up to the 54.
2954
01:55:42,500 --> 01:55:43,958
There's also 34 lat now.
2955
01:55:43,958 --> 01:55:47,300
Let's check that out and see
what information we get set
2956
01:55:47,300 --> 01:55:49,607
who is and let's check it out.
2957
01:55:49,607 --> 01:55:50,761
What was the IP
2958
01:55:50,761 --> 01:55:56,600
that we were just seeing
is 34.2 49.1 25.1 67.
2959
01:55:57,000 --> 01:56:04,900
So 34.2 49.1 65 I don't know.
2960
01:56:05,000 --> 01:56:06,000
Let's see.
2961
01:56:06,000 --> 01:56:07,950
You can also put in
a random IP address.
2962
01:56:07,950 --> 01:56:08,955
It don't really matter
2963
01:56:08,955 --> 01:56:10,600
and they'll give
you the information.
2964
01:56:10,600 --> 01:56:12,104
So let's see is this
2965
01:56:12,104 --> 01:56:15,737
and some IP address even
this seems to be an error
2966
01:56:15,737 --> 01:56:19,000
and IP address
and it's also based in Seattle
2967
01:56:19,000 --> 01:56:20,703
and we got
a bunch of information.
2968
01:56:20,703 --> 01:56:22,200
So that's how you can use the
2969
01:56:22,200 --> 01:56:22,957
who is query
2970
01:56:22,957 --> 01:56:26,300
and the query do actually
get all sorts of information
2971
01:56:26,300 --> 01:56:29,769
about the domain name service
and get information
2972
01:56:29,769 --> 01:56:31,200
from a DNS basically.
2973
01:56:31,200 --> 01:56:33,500
So now let's go
over some theoretical part
2974
01:56:33,500 --> 01:56:34,700
that Is for DNS.
2975
01:56:34,700 --> 01:56:37,700
So using DNS to get
information so firstly
2976
01:56:37,700 --> 01:56:39,900
what is the domain name service?
2977
01:56:39,900 --> 01:56:41,040
And why do we need?
2978
01:56:41,040 --> 01:56:44,400
So a domain name service is
a name given to an IP address
2979
01:56:44,400 --> 01:56:46,352
so that it's easy to remember.
2980
01:56:46,352 --> 01:56:48,955
Of course you it's easy
to remember names
2981
01:56:48,955 --> 01:56:52,593
and demonics rather than a bunch
of random weird numbers.
2982
01:56:52,593 --> 01:56:53,838
Now, this was mainly
2983
01:56:53,838 --> 01:56:57,200
so that we can map names
to IP addresses and we can get
2984
01:56:57,200 --> 01:57:00,600
the a bunch of information
from the host name resolution.
2985
01:57:00,600 --> 01:57:03,266
So that's the purpose
of IP addresses now
2986
01:57:03,266 --> 01:57:06,300
we Also be looking at
how to find network ranges.
2987
01:57:06,300 --> 01:57:06,600
Okay.
2988
01:57:06,600 --> 01:57:08,952
Now before we get
onto actually moving on
2989
01:57:08,952 --> 01:57:10,897
to how to find out
the network ranges,
2990
01:57:10,897 --> 01:57:13,000
let me just show you
how you can also use
2991
01:57:13,000 --> 01:57:15,628
who is so who is suppose
you want to know the domains
2992
01:57:15,628 --> 01:57:16,900
with the word feu in it.
2993
01:57:16,900 --> 01:57:17,800
So you could go
2994
01:57:17,800 --> 01:57:21,600
who is fool and this
will give you a whole bunch
2995
01:57:21,600 --> 01:57:25,500
of things but hafu exist
and all the sorts of foods
2996
01:57:25,500 --> 01:57:27,677
that there is on the internet.
2997
01:57:27,677 --> 01:57:30,017
So that was
one interesting flag,
2998
01:57:30,017 --> 01:57:31,700
and if you want to know
2999
01:57:31,700 --> 01:57:36,400
how to use more about Who is
you could just go - - hell?
3000
01:57:36,400 --> 01:57:37,300
Yes.
3001
01:57:37,300 --> 01:57:37,610
Yeah.
3002
01:57:37,610 --> 01:57:39,600
So this is all
the types of stuff
3003
01:57:39,600 --> 01:57:41,000
that we can do with who is
3004
01:57:41,000 --> 01:57:43,555
so you can set the host
we can set the board
3005
01:57:43,555 --> 01:57:47,300
that we want to search for then
we can set with the elf laughing
3006
01:57:47,300 --> 01:57:49,800
and find one level
less specific match
3007
01:57:49,800 --> 01:57:52,664
and we can do an exact
match to an inverse
3008
01:57:52,664 --> 01:57:54,900
look up for
specified attributes.
3009
01:57:54,900 --> 01:57:59,700
Then we can also set the source
we can set verbose type
3010
01:57:59,843 --> 01:58:01,200
and we can choose
3011
01:58:01,200 --> 01:58:03,915
for request template
with this bunch of stuff.
3012
01:58:03,915 --> 01:58:06,300
Can do so you could suppose say
3013
01:58:06,300 --> 01:58:10,193
who is verbose and suppose
any record dot coal
3014
01:58:10,200 --> 01:58:12,234
and I'll give you
a verbose version
3015
01:58:12,234 --> 01:58:14,727
of the right database
query service objects
3016
01:58:14,727 --> 01:58:17,727
aren't RPS out format
the right database objectives.
3017
01:58:17,727 --> 01:58:18,527
So, okay.
3018
01:58:18,527 --> 01:58:21,900
Let's try something else
like who is netflix.com?
3019
01:58:23,300 --> 01:58:24,600
Okay, I'm sorry.
3020
01:58:24,600 --> 01:58:28,400
I was supposed to be were both
and I kept doing Edge silly me.
3021
01:58:28,400 --> 01:58:30,400
So you do V and that will give
3022
01:58:30,400 --> 01:58:33,600
you a much more like this
is the right database again.
3023
01:58:33,600 --> 01:58:35,400
And I think
I'm doing something wrong.
3024
01:58:35,400 --> 01:58:36,900
Okay, just for that thing.
3025
01:58:36,900 --> 01:58:38,600
OK V and tight okay,
3026
01:58:38,700 --> 01:58:40,593
or let's just see
that's let me just show you
3027
01:58:40,593 --> 01:58:42,600
how to use video primary
keys are returned.
3028
01:58:42,600 --> 01:58:43,500
Only primary Keys.
3029
01:58:43,500 --> 01:58:43,700
Okay.
3030
01:58:43,700 --> 01:58:44,200
Let's see.
3031
01:58:44,219 --> 01:58:45,680
Let's try that out.
3032
01:58:45,700 --> 01:58:47,400
Okay, so it seems to be
3033
01:58:47,400 --> 01:58:50,003
that this is a ripe
database query service
3034
01:58:50,003 --> 01:58:52,100
and objects are
in our PSL format.
3035
01:58:52,100 --> 01:58:54,100
So it won't really
work for that thing.
3036
01:58:54,100 --> 01:58:55,001
And it also says
3037
01:58:55,001 --> 01:58:57,200
that no entries found
because this error
3038
01:58:57,200 --> 01:58:59,450
so this is for
some layer lessons.
3039
01:58:59,450 --> 01:59:00,200
So for now,
3040
01:59:00,200 --> 01:59:03,200
I hope I gave you a good idea
of how to use Hue is
3041
01:59:03,200 --> 01:59:05,353
like you could Just go ho is
3042
01:59:05,353 --> 01:59:11,700
then some IP address 192.168.1.1
or some Gabriel just like that
3043
01:59:11,700 --> 01:59:14,300
or you could just go
for a domain name service
3044
01:59:14,300 --> 01:59:18,700
like Facebook and get all sorts
of information about Facebook
3045
01:59:18,700 --> 01:59:21,600
when the query actually
returns you something.
3046
01:59:21,600 --> 01:59:21,894
Okay.
3047
01:59:21,894 --> 01:59:22,804
So let's move on
3048
01:59:22,804 --> 01:59:25,921
to network range is now now
in this part of the video.
3049
01:59:25,921 --> 01:59:29,098
We are going to be going
over the utility called who is
3050
01:59:29,098 --> 01:59:31,800
which is used for getting
information from the DNS.
3051
01:59:31,800 --> 01:59:33,646
Now, let me just show
you a website.
3052
01:59:33,646 --> 01:59:34,299
Get out here.
3053
01:59:34,299 --> 01:59:36,449
So this is the regional
internet registries.
3054
01:59:36,449 --> 01:59:39,100
So the internet registries
are used to store information
3055
01:59:39,100 --> 01:59:40,000
about domain names
3056
01:59:40,000 --> 01:59:41,200
and IP addresses and there are
3057
01:59:41,200 --> 01:59:44,100
five Regional internet
registries first is iron,
3058
01:59:44,100 --> 01:59:46,000
which is responsible
for North America.
3059
01:59:46,000 --> 01:59:49,390
So that would be the US and
Canada then we have laugh make
3060
01:59:49,390 --> 01:59:51,294
which is responsible
for Latin America
3061
01:59:51,294 --> 01:59:53,000
and portions of the Caribbean
3062
01:59:53,000 --> 01:59:54,000
then there's ripe
3063
01:59:54,000 --> 01:59:56,322
that's responsible for Europe
and Middle East
3064
01:59:56,322 --> 01:59:57,211
and Central Asia.
3065
01:59:57,211 --> 01:59:59,561
There's afrinic which is
responsible for Africa.
3066
01:59:59,561 --> 02:00:01,007
And finally we have up next
3067
02:00:01,007 --> 02:00:03,201
which is responsible
for Asia Pacific Rim.
3068
02:00:03,201 --> 02:00:06,098
So, that's the Regional internet
registries and as I said
3069
02:00:06,098 --> 02:00:08,378
who is responsible
for acquiring information
3070
02:00:08,378 --> 02:00:10,723
from the various
Regional internet registries
3071
02:00:10,723 --> 02:00:13,961
as you can use who is to get
information about who owns
3072
02:00:13,961 --> 02:00:15,372
a particular IP address,
3073
02:00:15,372 --> 02:00:18,255
for example, let me just open
up my Ubuntu system.
3074
02:00:18,255 --> 02:00:19,900
Let me clear this out first.
3075
02:00:19,900 --> 02:00:21,400
So as I was just saying,
3076
02:00:21,400 --> 02:00:24,861
for example, you could go
who is facebook.com.
3077
02:00:26,900 --> 02:00:27,200
Okay.
3078
02:00:27,200 --> 02:00:29,000
So as you guys can see
we could find out
3079
02:00:29,000 --> 02:00:31,572
pretty quickly about who owns
a particular IP address.
3080
02:00:31,572 --> 02:00:32,300
So for example,
3081
02:00:32,300 --> 02:00:34,691
I could do who is
in just go facebook.com
3082
02:00:34,691 --> 02:00:37,800
and tells me about who it
belongs to a also gives you
3083
02:00:37,800 --> 02:00:39,682
who owns a particular IP address
3084
02:00:39,682 --> 02:00:42,400
and who's responsible
for them from the information.
3085
02:00:42,400 --> 02:00:43,847
You can get email addresses.
3086
02:00:43,847 --> 02:00:45,605
I belong to
a particular company.
3087
02:00:45,605 --> 02:00:47,200
This one has an email address
3088
02:00:47,200 --> 02:00:49,969
for Tech contact
of Ip reg address it
3089
02:00:49,969 --> 02:00:53,200
so you can get all sorts
of email addresses
3090
02:00:53,200 --> 02:00:56,278
attack contacts and all sorts
of stuff out there
3091
02:00:56,278 --> 02:00:58,900
the Database contains
only.com and dotnet
3092
02:00:58,900 --> 02:01:00,605
and all sorts of information.
3093
02:01:00,605 --> 02:01:01,400
Now.
3094
02:01:01,400 --> 02:01:03,100
I want to query
a different IP address
3095
02:01:03,100 --> 02:01:04,122
and different information
3096
02:01:04,122 --> 02:01:06,300
belongs in the different
Regional internet registries,
3097
02:01:06,300 --> 02:01:06,750
of course,
3098
02:01:06,750 --> 02:01:08,900
so if I want to go
to a particular database,
3099
02:01:08,900 --> 02:01:10,647
I will have to use
the minus H flag
3100
02:01:10,647 --> 02:01:14,000
so I could do who is Aaron net
and remember the IP address
3101
02:01:14,000 --> 02:01:15,650
and I'm going
to query that again.
3102
02:01:15,650 --> 02:01:17,953
And of course I get
the same information back
3103
02:01:17,953 --> 02:01:19,000
because I went there
3104
02:01:19,000 --> 02:01:20,600
so you could just go
3105
02:01:20,600 --> 02:01:24,200
who is Edge and then follow it
with an IP address.
3106
02:01:24,200 --> 02:01:26,490
So something like 30 4.25
3107
02:01:26,490 --> 02:01:30,600
the 176 the 98 so that's
just some random IP address.
3108
02:01:30,600 --> 02:01:34,100
I just made up and it says
that who is option?
3109
02:01:34,100 --> 02:01:34,800
Okay.
3110
02:01:34,800 --> 02:01:37,000
So it's a it's a capital H.
3111
02:01:37,200 --> 02:01:37,700
Okay.
3112
02:01:37,700 --> 02:01:38,491
So let's see
3113
02:01:38,491 --> 02:01:42,000
that and we get all sorts
of information back from that.
3114
02:01:42,000 --> 02:01:43,900
So area a Darren and all sorts
3115
02:01:43,900 --> 02:01:45,880
of stuff now I
can get information
3116
02:01:45,880 --> 02:01:47,190
about domains as well.
3117
02:01:47,190 --> 02:01:49,840
So if I can query
something like netflix.com
3118
02:01:49,840 --> 02:01:51,500
and I can find out that this is
3119
02:01:51,500 --> 02:01:52,600
that actually Netflix
3120
02:01:52,600 --> 02:01:54,300
and there's an
administrative contact
3121
02:01:54,300 --> 02:01:56,900
and the technical content that I
need to see the difference.
3122
02:01:56,900 --> 02:01:58,000
Main server so service
3123
02:01:58,000 --> 02:01:59,716
that foot have
authority of information
3124
02:01:59,716 --> 02:02:01,899
about the DNS entries
for that particular domain.
3125
02:02:01,899 --> 02:02:03,800
You can also see
other information like
3126
02:02:03,800 --> 02:02:05,700
when the record was created
3127
02:02:05,800 --> 02:02:08,700
and whole bunch
of different phone numbers
3128
02:02:08,700 --> 02:02:11,500
that you contact an
additional storing information
3129
02:02:11,500 --> 02:02:13,200
about IP addresses
and domain name.
3130
02:02:13,200 --> 02:02:14,745
Sometimes it will
store information
3131
02:02:14,745 --> 02:02:15,963
about particular host names
3132
02:02:15,963 --> 02:02:18,690
and there may be other reasons
why you would store a hostname
3133
02:02:18,690 --> 02:02:20,000
or particular information
3134
02:02:20,000 --> 02:02:22,100
about hosting on
the system where the one
3135
02:02:22,100 --> 02:02:23,400
of the rare rirs now
3136
02:02:23,400 --> 02:02:26,761
if I want to wanted to look
up something specifically So
3137
02:02:26,761 --> 02:02:27,800
once I have found
3138
02:02:27,800 --> 02:02:29,900
that I could know do a look up
3139
02:02:29,900 --> 02:02:34,000
on who is supposed say
something like who is full.
3140
02:02:34,000 --> 02:02:36,100
So let's say who is fool.
3141
02:02:36,100 --> 02:02:37,923
Now if you already don't have
3142
02:02:37,923 --> 02:02:40,500
who is installed you
can easily install it
3143
02:02:40,500 --> 02:02:42,576
by just going up to install
3144
02:02:42,600 --> 02:02:46,700
who is on your Unix system
and that should do the trick
3145
02:02:46,700 --> 02:02:49,900
and then you can start use
this really Nifty tool.
3146
02:02:49,900 --> 02:02:51,515
Okay, so that was all
3147
02:02:51,515 --> 02:02:56,100
about using who is now let's get
on to actually using
3148
02:02:56,300 --> 02:02:59,000
how to Network ranges
for a domain.
3149
02:02:59,100 --> 02:02:59,419
Okay.
3150
02:02:59,419 --> 02:03:03,000
So now let's talk about how we
are going to be going over
3151
02:03:03,000 --> 02:03:04,800
and fighting next ranges.
3152
02:03:04,800 --> 02:03:07,058
So suppose you bought it
at engagement and you only
3153
02:03:07,058 --> 02:03:07,941
know the domain name
3154
02:03:07,941 --> 02:03:08,945
and you don't know much
3155
02:03:08,945 --> 02:03:10,937
beyond that and you're
expected to figure out
3156
02:03:10,937 --> 02:03:12,850
where everything is
and what everything is.
3157
02:03:12,850 --> 02:03:14,500
So how do you go
about doing that?
3158
02:03:14,500 --> 02:03:17,000
Well use some of the tools that
we either have been talking
3159
02:03:17,000 --> 02:03:19,500
about or will soon be talking
about in more detail.
3160
02:03:19,500 --> 02:03:21,600
And the first thing
I'm going to do is I'm going
3161
02:03:21,600 --> 02:03:23,600
to use a domain name
that you record.com
3162
02:03:23,600 --> 02:03:26,400
and I'm going to look up at you
like a DOT go and see
3163
02:03:26,400 --> 02:03:28,500
if I get get an IP address back.
3164
02:03:28,500 --> 02:03:33,122
So let's just head over there
and go poo is Eddie record
3165
02:03:33,122 --> 02:03:34,043
or not cool,
3166
02:03:34,043 --> 02:03:36,500
or we could use
the host keyword.
3167
02:03:37,100 --> 02:03:39,633
So as you see we get
an IP address back
3168
02:03:39,633 --> 02:03:41,500
and that is 34 the to dander
3169
02:03:41,500 --> 02:03:45,800
to 30 the 35 and that is
the IP address and you see
3170
02:03:45,800 --> 02:03:47,400
that I've got back
an IP address.
3171
02:03:47,400 --> 02:03:49,000
So here's just an IP address
3172
02:03:49,000 --> 02:03:51,300
and I don't know what
that IP address belongs to
3173
02:03:51,300 --> 02:03:53,600
and I also don't know
how big the network range
3174
02:03:53,600 --> 02:03:54,800
or network block is
3175
02:03:54,800 --> 02:03:56,862
that's associated
with so what I'm
3176
02:03:56,862 --> 02:04:00,063
Do is a who is and I'm going
to look up with Aaron
3177
02:04:00,063 --> 02:04:01,500
who owns it IP address
3178
02:04:01,500 --> 02:04:08,200
so you can basically go
who is 34.2 10.2 3935.
3179
02:04:10,200 --> 02:04:11,588
So as you guys can see
3180
02:04:11,588 --> 02:04:13,972
that gives us a bunch
of information and
3181
02:04:13,972 --> 02:04:17,754
who is now this doesn't seem to
have a very big Network range,
3182
02:04:17,754 --> 02:04:19,800
but unlike something
like Netflix.
3183
02:04:19,800 --> 02:04:21,200
So suppose we were
3184
02:04:21,200 --> 02:04:27,238
to do something like host
netflix.com and see See now.
3185
02:04:27,238 --> 02:04:29,700
We have a bunch of IP addresses.
3186
02:04:29,700 --> 02:04:33,300
So suppose we will do
who is let's see
3187
02:04:33,700 --> 02:04:40,900
who is 52.99 the $40 147
3188
02:04:40,900 --> 02:04:44,900
now I'm expecting Netflix
to be a much larger company
3189
02:04:44,900 --> 02:04:46,800
and have a better.
3190
02:04:46,800 --> 02:04:48,600
Yeah now see we get net range.
3191
02:04:48,600 --> 02:04:51,100
So this is the network range
that we're talking about.
3192
02:04:51,100 --> 02:04:53,014
So we had a random IP address
3193
02:04:53,014 --> 02:04:55,608
and now we have found
the network range.
3194
02:04:55,608 --> 02:04:57,937
So that's how
Find network ranges
3195
02:04:57,937 --> 02:04:59,800
and this can be very useful.
3196
02:04:59,800 --> 02:05:01,330
So this gives me evidence
3197
02:05:01,330 --> 02:05:04,600
that netflix.com has a presence
on different addresses.
3198
02:05:04,600 --> 02:05:05,620
The one I have also
3199
02:05:05,620 --> 02:05:08,160
located by looking up
that particular host name.
3200
02:05:08,160 --> 02:05:10,700
So I've got one address
here that I can look at.
3201
02:05:10,700 --> 02:05:12,300
Let's take a look at the website
3202
02:05:12,300 --> 02:05:14,100
because let me
different address.
3203
02:05:14,100 --> 02:05:16,500
Now if I didn't have
that I could also go
3204
02:05:16,500 --> 02:05:19,000
and do something
like an MX flag.
3205
02:05:19,100 --> 02:05:22,200
So let's see I could go dig
3206
02:05:22,500 --> 02:05:26,600
and this will give us
all the male's so dig MX.
3207
02:05:27,500 --> 02:05:28,800
And let's see.
3208
02:05:28,800 --> 02:05:32,600
Let's see what MX
does actually you go help
3209
02:05:32,600 --> 02:05:36,200
so we could do dig -
Edge for a list of options.
3210
02:05:36,200 --> 02:05:42,200
So these are all the options
that we have and the one
3211
02:05:42,200 --> 02:05:44,800
that we're going to use
is something like this.
3212
02:05:44,800 --> 02:05:49,600
Do you think MX and we say
something like netflix.com.
3213
02:05:51,200 --> 02:05:55,000
So these are all
mailings and mx's
3214
02:05:55,000 --> 02:06:00,500
that we have gotten from Netflix
and this is information
3215
02:06:00,500 --> 02:06:03,172
regarding it's still
producing information.
3216
02:06:03,172 --> 02:06:04,905
That's a big thing to produce.
3217
02:06:04,905 --> 02:06:05,200
Okay.
3218
02:06:05,200 --> 02:06:07,200
So as I was just
saying you can use
3219
02:06:07,200 --> 02:06:10,900
the MX flag I could get back all
the mail handlers in this case
3220
02:06:10,900 --> 02:06:14,600
and their mail is being handled
by Google and let's see wait,
3221
02:06:14,600 --> 02:06:17,400
let's go until then
it's going to tell me
3222
02:06:17,400 --> 02:06:20,300
that Google is not particularly
surprising and other things
3223
02:06:20,300 --> 02:06:22,600
that you can do is check
for different host names
3224
02:06:22,600 --> 02:06:25,000
since I'm assuming DNS
probably doesn't allow
3225
02:06:25,000 --> 02:06:26,607
Zone transfers since most DNA.
3226
02:06:26,607 --> 02:06:28,001
Has servers don't anymore,
3227
02:06:28,001 --> 02:06:30,736
although they used to you
may have to start guessing
3228
02:06:30,736 --> 02:06:33,900
so I could do something like
Web Mail said we find out here.
3229
02:06:34,500 --> 02:06:38,000
So it's showed us a dump of all
the ascending memory stuff.
3230
02:06:38,000 --> 02:06:39,211
Okay, so that was all
3231
02:06:39,211 --> 02:06:41,639
about finding Network
ranges now moving on
3232
02:06:41,639 --> 02:06:44,600
to our next topic is using
Google for recognizance.
3233
02:06:44,600 --> 02:06:48,200
Now some people also call
this Google hacking now,
3234
02:06:48,200 --> 02:06:50,031
if you know how to use Google
3235
02:06:50,031 --> 02:06:53,301
to exactly Target and find
what you are looking for.
3236
02:06:53,301 --> 02:06:56,500
Google is an excellent tool
for recognitions purposes.
3237
02:06:56,500 --> 02:06:57,300
And today.
3238
02:06:57,300 --> 02:07:00,700
I'm going to show you
how you could use Google exactly
3239
02:07:00,700 --> 02:07:02,100
for your searches.
3240
02:07:02,100 --> 02:07:03,300
So first of all,
3241
02:07:03,300 --> 02:07:06,800
let's go Open a tab
of Google so open up here.
3242
02:07:06,900 --> 02:07:08,900
So let's go to google.com.
3243
02:07:09,200 --> 02:07:09,600
Ok.
3244
02:07:09,600 --> 02:07:11,200
So now we're going to be talking
3245
02:07:11,200 --> 02:07:14,961
about how we can use Google to
actually gain some information
3246
02:07:14,961 --> 02:07:16,700
or some targeted information.
3247
02:07:16,700 --> 02:07:19,400
So this is in general called
Google hacked now
3248
02:07:19,400 --> 02:07:21,300
when I say Google hacking
I'm not meaning
3249
02:07:21,300 --> 02:07:23,500
by breaking into Google
to steal information.
3250
02:07:23,500 --> 02:07:25,800
I'm talking about making use
of specific keywords
3251
02:07:25,800 --> 02:07:28,199
that Google uses to get
the most out of the queries
3252
02:07:28,199 --> 02:07:29,077
that you submit.
3253
02:07:29,077 --> 02:07:29,900
So for example,
3254
02:07:29,900 --> 02:07:33,134
a pretty basic one is the use
of quotations you go things
3255
02:07:33,134 --> 02:07:34,717
in order to use Civic phrases.
3256
02:07:34,717 --> 02:07:36,600
Otherwise Google will find pages
3257
02:07:36,600 --> 02:07:37,800
that have instances
3258
02:07:37,900 --> 02:07:40,800
of all those words rather than
the word specifically together
3259
02:07:40,800 --> 02:07:41,800
in particular order.
3260
02:07:41,800 --> 02:07:45,300
So I'm going to pull this query
up and this shows a list
3261
02:07:45,300 --> 02:07:47,100
of let me just show it to you.
3262
02:07:47,100 --> 02:07:50,800
So you go index off now.
3263
02:07:50,800 --> 02:07:54,500
This is showing us an index
of all the films now.
3264
02:07:54,500 --> 02:07:57,200
This is basically all
those index of size
3265
02:07:57,200 --> 02:07:58,411
that you want.
3266
02:07:58,500 --> 02:08:02,000
So as you guys can see the show
this index of all sorts of films
3267
02:08:02,000 --> 02:08:05,800
that are there now you
can Use index of and you see
3268
02:08:05,800 --> 02:08:07,000
that we have also
3269
02:08:07,000 --> 02:08:09,200
an index of downloads
or something like that.
3270
02:08:09,200 --> 02:08:11,500
-.com such download
3271
02:08:11,600 --> 02:08:14,199
and it is an index
of all sorts of stuff.
3272
02:08:14,199 --> 02:08:17,824
Now you can go into some folder
and check them out G Jones.
3273
02:08:17,824 --> 02:08:19,200
You weren't EG Perico.
3274
02:08:19,200 --> 02:08:21,396
I don't know what these are
but some sort of self.
3275
02:08:21,396 --> 02:08:23,100
And this is how you
can use Google Now.
3276
02:08:23,100 --> 02:08:24,700
Let me just show you
some more tricks.
3277
02:08:24,700 --> 02:08:28,500
So you can use this
suppose you're using Google
3278
02:08:28,500 --> 02:08:31,700
to find for something
like a presentation
3279
02:08:31,700 --> 02:08:34,100
so you could use something
like file type.
3280
02:08:34,100 --> 02:08:38,500
DP DX and it'll search
for every type of file there.
3281
02:08:38,500 --> 02:08:39,800
That is Peabody.
3282
02:08:40,000 --> 02:08:40,500
Okay.
3283
02:08:41,000 --> 02:08:44,900
Let's try some other
side PVD so config.
3284
02:08:45,215 --> 02:08:45,600
Okay.
3285
02:08:45,600 --> 02:08:48,400
So this brings up all
the types of files
3286
02:08:48,400 --> 02:08:50,500
that have some configs in them.
3287
02:08:50,500 --> 02:08:52,499
So some gaming configuration
3288
02:08:52,499 --> 02:08:56,000
as we see this initial
configuration of Liverpool.
3289
02:08:56,000 --> 02:09:00,838
Now, you could also use
something like the sing and URL
3290
02:09:00,838 --> 02:09:03,300
and you can use
some other route.
3291
02:09:03,700 --> 02:09:06,039
And this will give
you all the things
3292
02:09:06,039 --> 02:09:07,600
that route in their URL.
3293
02:09:07,600 --> 02:09:10,700
So King rude and Digital Trends
3294
02:09:10,700 --> 02:09:14,100
and how to root Android
so fasten the root
3295
02:09:14,100 --> 02:09:18,000
and suppose you want
to say something like all
3296
02:09:18,000 --> 02:09:20,300
in file type or suppose.
3297
02:09:20,300 --> 02:09:25,400
You want some extension
so so dot P BTW the pptx.
3298
02:09:25,400 --> 02:09:26,600
Does that work?
3299
02:09:26,600 --> 02:09:28,800
Let's search for
JavaScript files.
3300
02:09:28,900 --> 02:09:29,400
Okay.
3301
02:09:29,500 --> 02:09:31,500
I think it's JS.
3302
02:09:31,800 --> 02:09:34,100
Okay, that doesn't seem
to work either.
3303
02:09:34,700 --> 02:09:38,214
This shows us all the things
that she estimate.
3304
02:09:38,214 --> 02:09:40,198
No, it's just external JS.
3305
02:09:40,198 --> 02:09:41,800
I'm doing this wrong.
3306
02:09:44,600 --> 02:09:46,200
So you could use file type.
3307
02:09:46,200 --> 02:09:50,000
So let's see file type
and we go see doc.
3308
02:09:50,800 --> 02:09:52,175
So these are all the documents
3309
02:09:52,175 --> 02:09:54,100
that you could find
at the file type thing.
3310
02:09:54,100 --> 02:09:57,300
And you could also
do GS, I guess.
3311
02:09:57,500 --> 02:09:58,000
Yeah.
3312
02:09:58,000 --> 02:10:00,700
This is give you all
the JavaScript files are there.
3313
02:10:00,700 --> 02:10:03,800
So this is how you can use
Google to actually narrow
3314
02:10:03,800 --> 02:10:04,900
down your searches
3315
02:10:04,900 --> 02:10:07,000
to suppose you want
a particular set of keywords,
3316
02:10:07,000 --> 02:10:09,800
and we want to make sure we get
the password file from Google.
3317
02:10:09,800 --> 02:10:10,049
Okay.
3318
02:10:10,049 --> 02:10:10,800
So now let's go
3319
02:10:10,800 --> 02:10:12,900
into more details
about the various things.
3320
02:10:12,900 --> 02:10:14,800
You can find
using Google hacking.
3321
02:10:14,900 --> 02:10:17,900
Now while Google hacking
techniques are really useful
3322
02:10:17,900 --> 02:10:19,700
for just general
searching in Google.
3323
02:10:19,700 --> 02:10:21,982
They're also useful
for penetration testers
3324
02:10:21,982 --> 02:10:23,100
or ethical hackers.
3325
02:10:23,100 --> 02:10:24,806
You can narrow down information
3326
02:10:24,806 --> 02:10:28,000
that you get from Google you
get a specific list of systems
3327
02:10:28,000 --> 02:10:29,294
that may be vulnerable
3328
02:10:29,294 --> 02:10:31,610
so we can do things
like look for are pages
3329
02:10:31,610 --> 02:10:33,118
that do in the title error.
3330
02:10:33,118 --> 02:10:35,800
So I'm going to get
a whole bunch of information.
3331
02:10:35,800 --> 02:10:42,200
So suppose like we go in title
and we say error So
3332
02:10:42,200 --> 02:10:44,300
as that we get
all sorts of stuff
3333
02:10:44,300 --> 02:10:46,479
and we can do
the mines Google part.
3334
02:10:46,479 --> 02:10:49,717
So if you don't mind is
Google not show you the stuff
3335
02:10:49,717 --> 02:10:50,900
that's from Google.
3336
02:10:51,200 --> 02:10:52,901
So we get a variance
documentation pages
3337
02:10:52,901 --> 02:10:54,649
about different vendors
and the errors
3338
02:10:54,649 --> 02:10:55,500
that they support.
3339
02:10:55,500 --> 02:10:58,200
So here's one doc
about Oracle about Java error,
3340
02:10:58,200 --> 02:11:01,100
but you know something more
specific we may be able to get
3341
02:11:01,100 --> 02:11:03,100
errors about all sorts
of other stuff.
3342
02:11:03,100 --> 02:11:06,200
So this is how you could use
the Google hacking technique
3343
02:11:06,200 --> 02:11:09,200
to your own advantage
of your penetration tester.
3344
02:11:09,200 --> 02:11:11,900
Now, let's also show
You something called
3345
02:11:11,900 --> 02:11:14,179
the Google hacking database now.
3346
02:11:14,179 --> 02:11:17,100
This is very useful
for an ethical hacker.
3347
02:11:17,100 --> 02:11:19,678
Now on the Google hacking
database was created
3348
02:11:19,678 --> 02:11:22,200
several years ago by
a guy called Johnny Long
3349
02:11:22,200 --> 02:11:24,524
who put this Google hacking
database together to begin
3350
02:11:24,524 --> 02:11:25,950
to compile a list of searches
3351
02:11:25,950 --> 02:11:27,999
that would bring
up interesting information.
3352
02:11:27,999 --> 02:11:30,900
Now Johnny has written a couple
of books on Google hacking.
3353
02:11:30,900 --> 02:11:33,600
So we're at the Google
hacking database website here
3354
02:11:33,600 --> 02:11:34,600
and you can see them talk
3355
02:11:34,600 --> 02:11:36,600
about Google Docs
and all sorts of stuff.
3356
02:11:36,600 --> 02:11:37,608
Now you can see
3357
02:11:37,608 --> 02:11:40,700
that we can do all sorts
of search like and you
3358
02:11:40,700 --> 02:11:45,800
are Elsa BC B SP this brings up
some portal Pages now out here.
3359
02:11:45,800 --> 02:11:49,600
You can bring up some password
APS password and URL.
3360
02:11:49,600 --> 02:11:52,200
Now this will give
you all sorts of stuff
3361
02:11:52,200 --> 02:11:59,200
on Google suppose you go and URL
like a PS password.
3362
02:11:59,500 --> 02:12:01,186
Now, you can get all sorts
3363
02:12:01,186 --> 02:12:04,200
of stuff like which have
passwords in their URL.
3364
02:12:04,200 --> 02:12:07,600
So maybe you can just guess
a password from there to now
3365
02:12:07,600 --> 02:12:08,900
that was Google hacking
3366
02:12:08,900 --> 02:12:10,900
so Google hacking
entries and they also,
3367
02:12:10,900 --> 02:12:11,900
Number of categories
3368
02:12:11,900 --> 02:12:14,600
and that you can look through
to find some specific things.
3369
02:12:14,600 --> 02:12:16,400
So you may be interested
in of course
3370
02:12:16,400 --> 02:12:18,824
and you will search
specific information that you
3371
02:12:18,824 --> 02:12:21,400
may be looking for with regards
to specific product.
3372
02:12:21,400 --> 02:12:24,900
For example, let me
just show you XY database.
3373
02:12:24,900 --> 02:12:26,800
These are all
the certain types of stuff.
3374
02:12:26,800 --> 02:12:28,200
You can go through out here.
3375
02:12:28,300 --> 02:12:30,688
And as you see we have all sorts
3376
02:12:30,688 --> 02:12:33,600
of sound like is
an SQL injection thing.
3377
02:12:33,761 --> 02:12:37,300
This is something
regarding Pier archived ours.
3378
02:12:37,300 --> 02:12:40,600
So these let you get a foothold
in the some password cracking.
3379
02:12:40,600 --> 02:12:42,800
Alms and you can do
some Brute Force checking
3380
02:12:42,800 --> 02:12:43,825
and you can see here
3381
02:12:43,825 --> 02:12:46,800
if it talks about the type
of searches and what it reveals.
3382
02:12:46,800 --> 02:12:48,912
You can just click here
on Google search engine
3383
02:12:48,912 --> 02:12:51,300
will actually bring up
Google fit a list of responses
3384
02:12:51,300 --> 02:12:52,400
that Google generates.
3385
02:12:52,400 --> 02:12:54,500
So let's look at this one here.
3386
02:12:54,500 --> 02:12:56,600
This type is a log.
3387
02:12:56,600 --> 02:12:59,400
So this is something
about cross-site scripting logs
3388
02:12:59,400 --> 02:13:02,800
and we can also
see some party logs
3389
02:13:02,800 --> 02:13:04,600
if I was not wrong
3390
02:13:04,600 --> 02:13:09,000
so some denial-of-service POC
and we can see a bunch of stuff
3391
02:13:09,000 --> 02:13:11,000
and if you continue
to scroll down there,
3392
02:13:11,000 --> 02:13:12,300
Our interesting information
3393
02:13:12,300 --> 02:13:14,800
in here so somehow
somebody's got a party log
3394
02:13:14,800 --> 02:13:16,690
that has a lot of information.
3395
02:13:16,690 --> 02:13:19,400
They've got it up
on a website and basically
3396
02:13:19,400 --> 02:13:20,663
bunch of information
3397
02:13:20,663 --> 02:13:24,200
that you can see you can also
get some surveillance video
3398
02:13:24,200 --> 02:13:28,200
sometimes and you can look
into them and this basically
3399
02:13:28,200 --> 02:13:29,900
how you could use Google.
3400
02:13:29,900 --> 02:13:32,935
So it's basically a list of
queries that you can go through
3401
02:13:32,935 --> 02:13:34,700
and this is a very useful site
3402
02:13:34,700 --> 02:13:37,678
if you are a penetration tester
and looking for some help
3403
02:13:37,678 --> 02:13:39,700
with your Google
hacking terminologies,
3404
02:13:39,700 --> 02:13:40,600
so that's it for
3405
02:13:40,600 --> 02:13:41,800
Or Google hacking now.
3406
02:13:41,800 --> 02:13:42,625
Let's move on.
3407
02:13:42,625 --> 02:13:42,915
Okay.
3408
02:13:42,915 --> 02:13:45,700
So now it's time
for some networking fundamentals
3409
02:13:45,700 --> 02:13:48,500
and what better place
to begin with dcpip.
3410
02:13:48,500 --> 02:13:51,200
Now we're going to be talking
about the history of dcpip
3411
02:13:51,200 --> 02:13:51,863
and the network
3412
02:13:51,863 --> 02:13:53,500
that eventually morphed
into the thing
3413
02:13:53,500 --> 02:13:55,000
that we now call the internet.
3414
02:13:55,000 --> 02:13:57,291
So this thing began
in 1969 and it spun
3415
02:13:57,291 --> 02:14:00,100
out of this government
organization called arpa
3416
02:14:00,100 --> 02:14:02,897
which Advanced research
projects agency and they
3417
02:14:02,897 --> 02:14:05,246
had an idea to create
a computer network
3418
02:14:05,246 --> 02:14:07,484
that was resilient
to a certain type
3419
02:14:07,484 --> 02:14:08,700
of military attacks
3420
02:14:08,700 --> 02:14:11,400
and the idea was
to have This network
3421
02:14:11,400 --> 02:14:15,300
that could survive certain types
of war and warlike conditions.
3422
02:14:15,300 --> 02:14:18,900
So our percent out this request
for proposals to BBN,
3423
02:14:18,900 --> 02:14:22,021
which is Bolt beranek and Newman
and they were previously
3424
02:14:22,021 --> 02:14:24,668
and acoustical consulting
company and they won
3425
02:14:24,668 --> 02:14:25,900
the contract to build
3426
02:14:25,900 --> 02:14:27,700
what was called the arpanet.
3427
02:14:27,700 --> 02:14:30,200
The first connection
was in 1969.
3428
02:14:30,200 --> 02:14:32,170
So that's where we get the idea
3429
02:14:32,170 --> 02:14:35,300
that the internet began
in 1969 and the internet
3430
02:14:35,300 --> 02:14:38,534
as we call it now Then
Shall We Begin but arpanet it
3431
02:14:38,534 --> 02:14:40,500
and often it has a long history
3432
02:14:40,500 --> 02:14:42,731
that goes goes through NSF net
3433
02:14:42,731 --> 02:14:46,600
in 1980s and after arpanet
was sort of decommissioned
3434
02:14:46,600 --> 02:14:49,423
and a lot of other networks
were folded into this
3435
02:14:49,423 --> 02:14:50,800
this thing called nsfnet
3436
02:14:50,800 --> 02:14:53,400
that then turned into
what we now call the internet
3437
02:14:53,400 --> 02:14:55,700
and once a lot of other
networks were connected
3438
02:14:55,700 --> 02:14:57,800
into its first protocol
on the arpanet
3439
02:14:57,800 --> 02:15:00,122
initially there were
18 to 22 protocols,
3440
02:15:00,122 --> 02:15:03,100
which is very first protocol
defining communication
3441
02:15:03,100 --> 02:15:05,905
on arpanet and it
was called 1822 protocol
3442
02:15:05,905 --> 02:15:08,401
because BBN report
1822 which describes
3443
02:15:08,401 --> 02:15:10,800
how it works shortly
and after that.
3444
02:15:10,800 --> 02:15:13,800
It was just think all
the network control program
3445
02:15:13,800 --> 02:15:16,400
and the network
control program consisted
3446
02:15:16,400 --> 02:15:20,500
of arpanet host-to-host protocol
and an initial control protocol.
3447
02:15:20,500 --> 02:15:23,330
Now, they're certainly
not a direct correlation
3448
02:15:23,330 --> 02:15:24,500
or an analogy here.
3449
02:15:24,500 --> 02:15:25,804
But if you want to think
3450
02:15:25,804 --> 02:15:28,098
about it in particular
where you can say
3451
02:15:28,098 --> 02:15:31,400
that the arpanet host-to-host
protocol is kind of like UDP
3452
02:15:31,400 --> 02:15:34,100
and initial connection
protocol or ICP.
3453
02:15:34,100 --> 02:15:35,200
It's kind of like TCP.
3454
02:15:35,200 --> 02:15:37,200
So the host-to-host
protocol provided
3455
02:15:37,200 --> 02:15:40,600
a unidirectional flow control
steam stream between hosts.
3456
02:15:40,600 --> 02:15:42,900
Which sounded a little bit
like UDP and ICP
3457
02:15:42,900 --> 02:15:46,100
provided a bi-directional pair
of streams between Two Hosts.
3458
02:15:46,100 --> 02:15:48,300
And again, these
aren't perfect knowledge.
3459
02:15:48,300 --> 02:15:51,500
He's but the host-to-host
protocol is a little I bit
3460
02:15:51,500 --> 02:15:53,633
like UDP and ICP is a little bit
3461
02:15:53,633 --> 02:15:56,500
like TCP now now
the first router was called
3462
02:15:56,500 --> 02:15:59,869
an interface message processor
and that was developed by BBN.
3463
02:15:59,869 --> 02:16:02,500
It was actually
a ruggedized Honeywell computer
3464
02:16:02,500 --> 02:16:04,800
that had special
interfaces and software.
3465
02:16:04,800 --> 02:16:08,500
So the first router wasn't
Roundup built piece of Hardware,
3466
02:16:08,500 --> 02:16:10,900
but it was actually
an existing piece of hardware.
3467
02:16:10,900 --> 02:16:13,800
Especially published
for this particular application.
3468
02:16:13,800 --> 02:16:17,700
So Honeywell had this computer
that they made out and BBN took
3469
02:16:17,700 --> 02:16:20,186
that and made some specific
hardware and faces
3470
02:16:20,186 --> 02:16:21,900
and build some special software
3471
02:16:21,900 --> 02:16:23,252
that allowed it to turn
3472
02:16:23,252 --> 02:16:25,300
into this interface
message processor,
3473
02:16:25,300 --> 02:16:28,600
which passed messages
over arpanet from one location
3474
02:16:28,600 --> 02:16:29,800
to another so
3475
02:16:29,900 --> 02:16:33,000
where did I become
hint here in 1973?
3476
02:16:33,000 --> 02:16:35,600
So I became in here
as well in 1973
3477
02:16:35,600 --> 02:16:38,299
as I just said and a guy
but name of Vint Cerf
3478
02:16:38,299 --> 02:16:40,899
and another guy by the name
of Robert Kahn took.
3479
02:16:40,900 --> 02:16:44,100
The ideas of NCP and
what the arpanet was doing
3480
02:16:44,100 --> 02:16:46,049
and they tried to come up
with some Concepts
3481
02:16:46,049 --> 02:16:47,499
that would work for the needs
3482
02:16:47,500 --> 02:16:49,600
that the arpanet had
and so by 1974.
3483
02:16:49,600 --> 02:16:52,799
They had published a paper
that was published by the IEEE
3484
02:16:52,799 --> 02:16:54,899
and they propose
some new protocols.
3485
02:16:54,900 --> 02:16:58,200
They originally proposed
the central protocol called TCP
3486
02:16:58,200 --> 02:17:00,400
later on TCP was broken into TCP
3487
02:17:00,400 --> 02:17:03,183
and IP to get away
from the monolithic concept
3488
02:17:03,183 --> 02:17:05,713
that TCP was originally
so they broke it
3489
02:17:05,714 --> 02:17:09,000
into more modular protocols
and thus you get TCP and IP.
3490
02:17:09,000 --> 02:17:10,900
So how do we get to our version?
3491
02:17:10,900 --> 02:17:12,100
Or which is ipv4
3492
02:17:12,100 --> 02:17:13,245
since that's the kind
3493
02:17:13,245 --> 02:17:16,308
of Internet that we're using
right now version 6 is coming
3494
02:17:16,308 --> 02:17:18,641
and has been coming
for many many years now,
3495
02:17:18,641 --> 02:17:20,700
but you're still
kind of version for
3496
02:17:20,700 --> 02:17:24,300
so how did we get here
between 1977 and 79
3497
02:17:24,400 --> 02:17:28,500
and we went through version 0
to 3 By 1979 and 1980.
3498
02:17:28,500 --> 02:17:30,499
We started using version 4 and
3499
02:17:30,499 --> 02:17:33,477
that's eventually became
the de facto protocol
3500
02:17:33,477 --> 02:17:35,000
on the internet in 1983
3501
02:17:35,000 --> 02:17:38,376
when NCP was finally shut down
because of all the hosts
3502
02:17:38,376 --> 02:17:39,367
on the arpanet,
3503
02:17:39,367 --> 02:17:40,885
but we're using TCP IP.
3504
02:17:40,885 --> 02:17:42,912
By that point in 1992 work began
3505
02:17:42,912 --> 02:17:45,700
on an IP Next Generation
and for a long time,
3506
02:17:45,700 --> 02:17:47,400
although the specifications
3507
02:17:47,400 --> 02:17:50,400
in the rfc's talked
about P&G eventually
3508
02:17:50,400 --> 02:17:53,700
and I PNG became known as IPv6.
3509
02:17:53,700 --> 02:17:56,200
You may be wondering
where ipv5 went.
3510
02:17:56,200 --> 02:17:58,282
Well, it was
especially purpose protocol
3511
02:17:58,282 --> 02:17:59,693
that had to do something
3512
02:17:59,693 --> 02:18:02,499
with streaming and certainly
not a widespread thing.
3513
02:18:02,500 --> 02:18:04,600
One of the differences
between ipv4.
3514
02:18:04,600 --> 02:18:05,424
And IPv6 is
3515
02:18:05,424 --> 02:18:09,799
that IPv6 has a 128-bit address
which gives us the ability
3516
02:18:09,799 --> 02:18:13,199
to have some Recklessly
large numbers of devices
3517
02:18:13,200 --> 02:18:17,228
that have their own unique
IP address IP V4 by comparison
3518
02:18:17,228 --> 02:18:19,099
has only 32-bit addresses.
3519
02:18:19,100 --> 02:18:20,951
And as you probably
heard we're well
3520
02:18:20,951 --> 02:18:23,551
on our way to exhausting
the number of IP addresses
3521
02:18:23,552 --> 02:18:25,468
that are available
and we've done a lot
3522
02:18:25,468 --> 02:18:27,940
of things over the years
to conserve address space
3523
02:18:27,940 --> 02:18:29,100
and reuse address space
3524
02:18:29,100 --> 02:18:31,500
so we can continue to extending
to the point till
3525
02:18:31,500 --> 02:18:33,700
where we completely
run a 5p V4 addresses.
3526
02:18:33,700 --> 02:18:36,151
Another thing about IPv6
is it attempts to fix
3527
02:18:36,151 --> 02:18:37,732
on the inherent issues and IP
3528
02:18:37,732 --> 02:18:40,258
and some of those has to do
with security concerns
3529
02:18:40,258 --> 02:18:43,200
and there are certainly
a number of flaws and ipv4.
3530
02:18:43,200 --> 02:18:46,299
I'm going to start working
on IP Next Generation or IPv6.
3531
02:18:46,299 --> 02:18:48,999
They try to address some
of those concerns in some
3532
02:18:49,000 --> 02:18:51,700
of those issues and they
may not have done it perfectly
3533
02:18:51,700 --> 02:18:53,609
but it was certainly an attempt
3534
02:18:53,609 --> 02:18:56,200
and IPv6 attempt to fix
some of the issues
3535
02:18:56,200 --> 02:18:58,000
that were inherently in IP.
3536
02:18:58,000 --> 02:19:02,900
And so that's the history of
TCP IP still very reach today.
3537
02:19:03,500 --> 02:19:04,000
Okay.
3538
02:19:04,000 --> 02:19:07,419
So now that we've discussed
a brief history on TCP IP
3539
02:19:07,419 --> 02:19:10,100
and how it came about
to the TCP IP version
3540
02:19:10,100 --> 02:19:12,300
4 Cisco's the model itself.
3541
02:19:12,400 --> 02:19:14,700
Now we're going to be
discussing two models.
3542
02:19:14,700 --> 02:19:17,700
And those are the OSI model
and the TCP IP model.
3543
02:19:17,700 --> 02:19:21,307
Now as I said will be talking
about the OSI and TCP models
3544
02:19:21,307 --> 02:19:24,209
for Network protocols
and the network Stacks OSI.
3545
02:19:24,209 --> 02:19:25,600
First of all is the one
3546
02:19:25,600 --> 02:19:28,799
that you see out here is the one
on the left hand side
3547
02:19:28,799 --> 02:19:32,699
of the screen and OSI stands for
open systems interconnection.
3548
02:19:32,700 --> 02:19:34,100
And in the late 1970s,
3549
02:19:34,100 --> 02:19:37,258
they start working on a model
for how a network stack
3550
02:19:37,258 --> 02:19:40,302
and network protocols would look
originally the intent was
3551
02:19:40,302 --> 02:19:42,941
to develop the model
and then developed protocols
3552
02:19:42,941 --> 02:19:44,030
that went with it.
3553
02:19:44,030 --> 02:19:45,906
But what ended up happening was
3554
02:19:45,906 --> 02:19:49,600
after they develop the models
TCP IP started really taking off
3555
02:19:49,600 --> 02:19:51,303
and the TCP IP model was
3556
02:19:51,303 --> 02:19:54,000
what went along with it
and much better
3557
02:19:54,000 --> 02:19:56,300
what was going on with TCP IP,
3558
02:19:56,300 --> 02:19:59,766
which became the predominant
protocol and as a result
3559
02:19:59,766 --> 02:20:02,796
The OSI protocols
never actually got developed.
3560
02:20:02,796 --> 02:20:04,950
However, we still
use the OSI model
3561
02:20:04,950 --> 02:20:07,800
for teaching tool as
well as way of describing
3562
02:20:07,800 --> 02:20:10,071
what's going on
with the network stack
3563
02:20:10,071 --> 02:20:11,300
and the Applications
3564
02:20:11,300 --> 02:20:14,200
you'll often hear people talking
about different layers.
3565
02:20:14,200 --> 02:20:16,100
Like that's a little too problem
3566
02:20:16,100 --> 02:20:18,545
or render layer
3 space now continuing
3567
02:20:18,545 --> 02:20:20,000
through these lessons.
3568
02:20:20,000 --> 02:20:22,447
I'll refer occasionally
to the different layers.
3569
02:20:22,447 --> 02:20:25,052
And when I do that,
I'm referring to the OSI model.
3570
02:20:25,052 --> 02:20:27,658
So let's take a look
at the OSI model starting
3571
02:20:27,658 --> 02:20:28,641
from the bottom.
3572
02:20:28,641 --> 02:20:30,249
We have the physical layer,
3573
02:20:30,249 --> 02:20:34,033
which is where all the physical
stuff lives the wires and cables
3574
02:20:34,033 --> 02:20:35,355
and network interfaces
3575
02:20:35,355 --> 02:20:38,400
and hubs repeaters switches
and all that sort of stuff.
3576
02:20:38,400 --> 02:20:40,900
So all that's all physical stuff
is sitting Sitting
3577
02:20:40,900 --> 02:20:42,186
in the physical layer now
3578
02:20:42,186 --> 02:20:44,401
sitting Above This is
the data link layer.
3579
02:20:44,401 --> 02:20:46,400
And that's where
the ethernet protocol
3580
02:20:46,400 --> 02:20:48,200
ATM protocol frame relay.
3581
02:20:48,200 --> 02:20:49,636
Those are things live.
3582
02:20:49,636 --> 02:20:49,872
Now.
3583
02:20:49,872 --> 02:20:51,059
I mentioned the switch
3584
02:20:51,059 --> 02:20:53,599
below the physical
the switch lives at layer 1,
3585
02:20:53,599 --> 02:20:55,187
but it operates at layer 2.
3586
02:20:55,187 --> 02:20:57,267
And the reason it
operates at layer 2 is
3587
02:20:57,267 --> 02:20:59,400
because it looks
at the data link address
3588
02:20:59,400 --> 02:21:01,239
and the layer
to our physical address
3589
02:21:01,239 --> 02:21:04,100
and that's not to be confused
with in the physical layer.
3590
02:21:04,100 --> 02:21:06,176
It does get a little
mixed up sometimes
3591
02:21:06,176 --> 02:21:08,000
and we refer to the MAC address
3592
02:21:08,000 --> 02:21:10,800
now the MAC address is
not the physical address.
3593
02:21:10,900 --> 02:21:11,900
I'm talking about it
3594
02:21:11,900 --> 02:21:14,400
is the message
authentication code dress
3595
02:21:14,400 --> 02:21:17,100
on the system as
so the MAC address
3596
02:21:17,100 --> 02:21:18,779
on system as a physical address
3597
02:21:18,779 --> 02:21:21,000
because it lives
on the physical interface
3598
02:21:21,000 --> 02:21:22,400
and bound physically.
3599
02:21:22,400 --> 02:21:24,000
However that Mac address
3600
02:21:24,000 --> 02:21:26,800
or media Access Control
address lives at layer
3601
02:21:26,800 --> 02:21:29,700
2 at the data link layer
the network layer,
3602
02:21:29,700 --> 02:21:31,700
which is right above at layer 3.
3603
02:21:31,700 --> 02:21:35,500
That's why the IP lives
as well as icmp ipx
3604
02:21:35,500 --> 02:21:36,800
and from ipx SPX
3605
02:21:36,800 --> 02:21:40,400
to the protocols from novel
routers operate at layer 3.
3606
02:21:40,400 --> 02:21:44,000
Three and at layer 4 above that
is the transport layer.
3607
02:21:44,000 --> 02:21:48,000
That's the TCP UDP and SPX again
from the ipx SPX suit
3608
02:21:48,000 --> 02:21:50,900
of protocols number
of that is the session layer
3609
02:21:50,900 --> 02:21:52,328
and that's layer 5 and
3610
02:21:52,328 --> 02:21:55,900
that's a plot of SSH as well
as several other protocols.
3611
02:21:55,900 --> 02:21:57,326
Then there's a
presentation layer
3612
02:21:57,326 --> 02:21:59,600
which is a layer 6 and
you'll often see people refer
3613
02:21:59,600 --> 02:22:02,788
to something like jpeg
or MPEG as examples of protocols
3614
02:22:02,788 --> 02:22:06,141
that live on that layer then
there's a presentation layer,
3615
02:22:06,141 --> 02:22:07,500
which is the final layer
3616
02:22:07,500 --> 02:22:09,950
which is layer 6 and you'll
often see people refer
3617
02:22:09,950 --> 02:22:11,300
to something like Jpeg,
3618
02:22:11,300 --> 02:22:14,496
or MPEG as example the protocol
that live at that layer
3619
02:22:14,496 --> 02:22:18,202
and then the live at that layer
which is the presentation layer.
3620
02:22:18,202 --> 02:22:18,900
Finally.
3621
02:22:18,900 --> 02:22:19,851
We have Leo 7,
3622
02:22:19,851 --> 02:22:24,300
which is the application layer
and that's actually TP FTP SMTP
3623
02:22:24,300 --> 02:22:27,529
and similar application
protocols whose responsibility
3624
02:22:27,529 --> 02:22:29,982
is to deliver and use
the functionality.
3625
02:22:29,982 --> 02:22:32,199
So that's basically
the OSI model and
3626
02:22:32,199 --> 02:22:34,600
that's the seven layers
of the OSI model
3627
02:22:34,600 --> 02:22:36,700
and there's some important
thing to note here.
3628
02:22:36,700 --> 02:22:38,400
That is when we
are putting packets
3629
02:22:38,400 --> 02:22:40,618
onto the wire the packets
get built from Top.
3630
02:22:40,618 --> 02:22:41,716
Top of the Stack Down
3631
02:22:41,716 --> 02:22:44,544
by from the top of the stack
to the bottom of the stack
3632
02:22:44,544 --> 02:22:46,894
which is why it's called
a stack each layer sits
3633
02:22:46,894 --> 02:22:47,872
on top of the other
3634
02:22:47,872 --> 02:22:50,557
and the application layer
is responsible for beginning
3635
02:22:50,557 --> 02:22:51,566
the process and then
3636
02:22:51,566 --> 02:22:53,749
that follows through
the presentation session
3637
02:22:53,749 --> 02:22:56,600
and transport layer and down
through the network data link
3638
02:22:56,600 --> 02:22:59,637
until we finally drop it on
the wire at the physical layer
3639
02:22:59,637 --> 02:23:01,504
when it's received
from the network.
3640
02:23:01,504 --> 02:23:02,900
It goes from the bottom up
3641
02:23:02,900 --> 02:23:04,500
and we receive it
on the physical
3642
02:23:04,500 --> 02:23:06,186
and gets handled
by the data link
3643
02:23:06,186 --> 02:23:08,951
and then the network
and till the application layer.
3644
02:23:08,951 --> 02:23:11,700
So basically when a packet
Coming in it comes in
3645
02:23:11,700 --> 02:23:14,035
from the application goes
out from the physical
3646
02:23:14,035 --> 02:23:15,800
and then we're going out also,
3647
02:23:15,800 --> 02:23:18,400
it goes from the physical
through the data link,
3648
02:23:18,500 --> 02:23:20,800
then the network
transport session presentation
3649
02:23:20,800 --> 02:23:23,400
and application and finally
to the Target system.
3650
02:23:23,400 --> 02:23:26,150
Now what we're dealing with is
an encapsulation process.
3651
02:23:26,150 --> 02:23:29,200
So at every layer on the way
down the different layers
3652
02:23:29,200 --> 02:23:32,181
add bits of information
to the datagram all the packet.
3653
02:23:32,181 --> 02:23:33,500
So that's when it gets
3654
02:23:33,500 --> 02:23:35,500
to the other side
each layer knows
3655
02:23:35,500 --> 02:23:37,400
where it's demarcation pointers.
3656
02:23:37,400 --> 02:23:39,300
Well, it may seem
obvious each layer.
3657
02:23:39,300 --> 02:23:40,500
Talk to the same layer.
3658
02:23:40,600 --> 02:23:41,500
On the other side.
3659
02:23:41,500 --> 02:23:43,300
So when we drop a packet out
3660
02:23:43,300 --> 02:23:46,311
onto the wire the physical layer
talks to the physical layer
3661
02:23:46,311 --> 02:23:48,200
and in other words
the electrical bits
3662
02:23:48,200 --> 02:23:50,400
that get transmitted by
the network interface
3663
02:23:50,400 --> 02:23:51,919
on the first system are received
3664
02:23:51,919 --> 02:23:54,269
on the second system
on the second system.
3665
02:23:54,269 --> 02:23:55,400
The layer two headers
3666
02:23:55,400 --> 02:23:57,700
have report by the first
system get removed
3667
02:23:57,700 --> 02:23:59,300
and handled as necessary.
3668
02:23:59,300 --> 02:24:00,900
Same thing at the network layer.
3669
02:24:00,900 --> 02:24:03,000
It's a network layer
the puts the IP header
3670
02:24:03,000 --> 02:24:04,020
and the network layer
3671
02:24:04,020 --> 02:24:06,800
that removes the IP header
and determines what to do
3672
02:24:06,800 --> 02:24:08,900
from there and so
on and so on again
3673
02:24:08,900 --> 02:24:10,400
while it may seem obvious
3674
02:24:10,400 --> 02:24:12,511
It's an important
distinction to recognize
3675
02:24:12,511 --> 02:24:14,294
that each layer talk
to each layer
3676
02:24:14,294 --> 02:24:15,693
while it may seem obvious.
3677
02:24:15,693 --> 02:24:17,900
It's an important
distinction to recognize
3678
02:24:17,900 --> 02:24:19,653
that each layer talk
to each layer.
3679
02:24:19,653 --> 02:24:21,800
And when you're building
a packet you go down
3680
02:24:21,800 --> 02:24:22,600
through the stack
3681
02:24:22,600 --> 02:24:25,100
and when you're receiving
you come up to the stack.
3682
02:24:25,100 --> 02:24:26,600
And again, it's called a stack
3683
02:24:26,600 --> 02:24:29,264
because you keep pushing things
on top of the packet
3684
02:24:29,264 --> 02:24:31,500
and they get popped
off the other side.
3685
02:24:31,500 --> 02:24:33,184
So that was detailed
3686
02:24:33,184 --> 02:24:36,799
and brief working on
how the OSI model is set up
3687
02:24:36,799 --> 02:24:39,200
and how the OSI model works now,
3688
02:24:39,200 --> 02:24:41,100
let's move on to the VIP model,
3689
02:24:41,100 --> 02:24:43,350
which is on the right hand side
and you'll notice
3690
02:24:43,350 --> 02:24:45,900
that there's a really
big difference here that being
3691
02:24:45,900 --> 02:24:48,604
that there are only four layers
in the TCP IP model
3692
02:24:48,604 --> 02:24:51,153
as compared to the seven layers
of the OSI model.
3693
02:24:51,153 --> 02:24:53,061
Now, we have
the network access layer
3694
02:24:53,061 --> 02:24:56,400
the internet layer the transport
layer and the application layer
3695
02:24:56,400 --> 02:24:57,510
in the functionality.
3696
02:24:57,510 --> 02:24:59,038
Now, we have the access layer
3697
02:24:59,038 --> 02:25:00,877
the internet layer
the transport layer
3698
02:25:00,877 --> 02:25:03,100
and the application
layer the functionality
3699
02:25:03,100 --> 02:25:05,800
that the stack provides is
the same and in other words,
3700
02:25:05,800 --> 02:25:07,800
you're not going
to get less functionality
3701
02:25:07,800 --> 02:25:09,100
out of the TCP IP model.
3702
02:25:09,100 --> 02:25:12,149
It's just that they've changed
where And functionality decides
3703
02:25:12,149 --> 02:25:15,300
and where the demarcation point
between the different layers are
3704
02:25:15,300 --> 02:25:18,182
so there are only four layers
in the TCP IP model,
3705
02:25:18,182 --> 02:25:20,869
which means that a couple
of layers that have taken
3706
02:25:20,869 --> 02:25:22,931
in functions from some
of the OSI models
3707
02:25:22,931 --> 02:25:25,625
and we can get into that right
here the difference
3708
02:25:25,625 --> 02:25:28,100
between the models
at the network access layer
3709
02:25:28,100 --> 02:25:29,300
in the TCP IP model
3710
02:25:29,300 --> 02:25:30,750
that consists of the physical
3711
02:25:30,750 --> 02:25:32,916
and the data link layer
from The OSI model.
3712
02:25:32,916 --> 02:25:34,000
So on the right here,
3713
02:25:34,000 --> 02:25:35,761
you see the network access layer
3714
02:25:35,761 --> 02:25:38,900
that takes into the account
the physical and the data link
3715
02:25:38,900 --> 02:25:40,100
layers from The OSI model
3716
02:25:40,100 --> 02:25:41,700
and the Left hand side similarly
3717
02:25:41,700 --> 02:25:44,170
the application layer
from the TCP IP model
3718
02:25:44,170 --> 02:25:46,588
and compresses all
the session presentation
3719
02:25:46,588 --> 02:25:48,999
and the application layer
of the OSI model
3720
02:25:48,999 --> 02:25:51,500
on the right the very
top box the application layer
3721
02:25:51,500 --> 02:25:53,600
and Compass has
the session presentation
3722
02:25:53,600 --> 02:25:56,000
and application layer
and on the left hand side
3723
02:25:56,100 --> 02:25:58,400
that of course leaves
the transport layer to be
3724
02:25:58,400 --> 02:26:00,000
the same and the OSI model.
3725
02:26:00,000 --> 02:26:02,900
They call it the network layer
and then dcpip model.
3726
02:26:02,900 --> 02:26:05,318
It's called the internet layer
same sort of thing.
3727
02:26:05,318 --> 02:26:07,549
That's where the IP lives
and even though it's called
3728
02:26:07,549 --> 02:26:10,200
the internet layer as
compared to the network layer.
3729
02:26:10,200 --> 02:26:11,956
It's Same sort of functionality.
3730
02:26:11,956 --> 02:26:14,700
So those are the really
big differences between OSI
3731
02:26:14,700 --> 02:26:16,500
and dcpip model anytime.
3732
02:26:16,500 --> 02:26:20,200
I refer to layers
through the course of this video
3733
02:26:20,200 --> 02:26:23,100
that I'm going to be referring
to the OSI model and in part
3734
02:26:23,100 --> 02:26:25,299
because it makes
it easier to differentiate
3735
02:26:25,299 --> 02:26:26,700
the different functionality.
3736
02:26:26,700 --> 02:26:29,670
If I were to say live
on function in the TCP IP model,
3737
02:26:29,670 --> 02:26:31,200
you would necessarily know
3738
02:26:31,200 --> 02:26:33,100
if I was talking
about a physical thing
3739
02:26:33,100 --> 02:26:34,500
or a data link thing
3740
02:26:34,500 --> 02:26:38,000
since there's more granularity
in the OSI model.
3741
02:26:38,000 --> 02:26:40,639
It's better to talk about
the functionality in terms.
3742
02:26:40,639 --> 02:26:42,425
Terms of the layers
in the OSI model
3743
02:26:42,425 --> 02:26:44,723
and that's the predominant
model The OSI model
3744
02:26:44,723 --> 02:26:45,900
and the TCP IP model
3745
02:26:45,900 --> 02:26:49,200
for Network Stacks Network
protocols and applications.
3746
02:26:49,300 --> 02:26:50,100
Okay.
3747
02:26:50,100 --> 02:26:52,688
So now that we've discussed
the TCP IP model.
3748
02:26:52,688 --> 02:26:55,029
Let's go over some
another important protocol
3749
02:26:55,029 --> 02:26:55,970
and that is UDP.
3750
02:26:55,970 --> 02:26:57,441
So what do you see out here
3751
02:26:57,441 --> 02:26:59,452
on your screen right
now is Wireshark
3752
02:26:59,452 --> 02:27:02,100
and we'll be going
over the users of our shark
3753
02:27:02,100 --> 02:27:06,008
and what it's useful for
in the sock upcoming lessons.
3754
02:27:06,008 --> 02:27:09,200
But for now, let me
just show you a UDP packet.
3755
02:27:09,200 --> 02:27:10,049
Okay.
3756
02:27:10,049 --> 02:27:11,300
So before we get
3757
02:27:11,300 --> 02:27:15,300
into the analysis of the packet
while it's still filtering,
3758
02:27:15,300 --> 02:27:17,200
let me just tell you
a little bit about you to be
3759
02:27:17,200 --> 02:27:21,100
so UDP is a protocol and
the TCP IP suit of protocols.
3760
02:27:21,100 --> 02:27:22,558
It's in the network layer.
3761
02:27:22,558 --> 02:27:24,395
That's a network layer
in the OSI.
3762
02:27:24,395 --> 02:27:27,192
So similar reference model
the IP network layer carries
3763
02:27:27,192 --> 02:27:28,000
the IP address
3764
02:27:28,000 --> 02:27:30,699
and that has information
about how to get back is
3765
02:27:30,699 --> 02:27:31,600
to his destination
3766
02:27:31,600 --> 02:27:33,794
the transport layer sits
on top of the network layer
3767
02:27:33,794 --> 02:27:35,000
and that carries information
3768
02:27:35,000 --> 02:27:37,964
about how to differentiate
Network layer applications
3769
02:27:37,964 --> 02:27:41,199
and that information about
how those Network application
3770
02:27:41,200 --> 02:27:44,000
gets differentiated is
in the form of ports.
3771
02:27:44,000 --> 02:27:46,095
So the transport layer has ports
3772
02:27:46,095 --> 02:27:49,500
and the network layer has
in this case an IP address.
3773
02:27:49,500 --> 02:27:53,142
And UDP is a transport layer
protocol and UDP stands
3774
02:27:53,142 --> 02:27:55,000
for user datagram protocol
3775
02:27:55,000 --> 02:27:58,685
and often call connectionless
or sometimes unreliable.
3776
02:27:58,685 --> 02:28:00,498
Now unreliable doesn't mean
3777
02:28:00,498 --> 02:28:03,700
that you can't really rely
on it unreliable means
3778
02:28:03,700 --> 02:28:04,887
that you can't just
3779
02:28:04,887 --> 02:28:07,700
that what you sent
is reaching the other side.
3780
02:28:07,700 --> 02:28:09,800
So 1 means actually
that there's nothing
3781
02:28:09,800 --> 02:28:12,100
in the protocol that says
it's going to guarantee
3782
02:28:12,100 --> 02:28:14,600
that the data Will Graham
that you send or the fact
3783
02:28:14,600 --> 02:28:17,900
that you send is going to get
where you wanted send it.
3784
02:28:17,900 --> 02:28:21,700
So the Tikal has no sort
of safety feature like that.
3785
02:28:21,700 --> 02:28:24,049
So you shouldn't use
this protocol that is used to be
3786
02:28:24,049 --> 02:28:25,800
if you want some sort
of safety net.
3787
02:28:25,800 --> 02:28:27,900
And if you needed that type
of safety net you
3788
02:28:27,900 --> 02:28:30,200
would have to write it
into your own application.
3789
02:28:30,200 --> 02:28:33,100
So basically UDP is
a fast protocol and that's one
3790
02:28:33,100 --> 02:28:34,500
of the reason why it's good.
3791
02:28:34,700 --> 02:28:36,800
It's also on the reason
why it's unreliable
3792
02:28:36,800 --> 02:28:39,200
because in order to get
that speed you don't have
3793
02:28:39,200 --> 02:28:41,177
all of the error
checking and validation
3794
02:28:41,177 --> 02:28:42,800
that messages are getting there.
3795
02:28:42,800 --> 02:28:44,411
So because it's fast it's good
3796
02:28:44,411 --> 02:28:46,970
for things like games
and for real-time voice
3797
02:28:46,970 --> 02:28:49,500
and video anything
where speed is important.
3798
02:28:49,500 --> 02:28:50,794
And you would use UDP.
3799
02:28:50,794 --> 02:28:51,643
So right here.
3800
02:28:51,643 --> 02:28:53,100
I have a packet capture.
3801
02:28:53,100 --> 02:28:57,547
So I'm using Wireshark capture
some buckets and let's check out
3802
02:28:57,547 --> 02:28:59,747
UDP packet so out here you see
3803
02:28:59,747 --> 02:29:01,779
that there are some freedoms
3804
02:29:01,779 --> 02:29:05,700
that says 167 bites on bio
167 bites have been captured
3805
02:29:05,700 --> 02:29:07,894
but we're not really interested
in the frame part.
3806
02:29:07,894 --> 02:29:10,000
You're interested in
the user datagram protocol.
3807
02:29:10,000 --> 02:29:11,100
But so here you can see
3808
02:29:11,100 --> 02:29:13,300
that the source board is
one eight five three
3809
02:29:13,300 --> 02:29:16,000
and the destination
Port is Phi 2 0 8 1
3810
02:29:16,000 --> 02:29:19,400
now it has a length
and it has a checksum and Tough.
3811
02:29:19,400 --> 02:29:21,600
So as you guys see
out here, well,
3812
02:29:21,600 --> 02:29:23,600
we don't really see
a bunch of information
3813
02:29:23,600 --> 02:29:25,700
what you only see
is a source port
3814
02:29:25,700 --> 02:29:28,800
and the destination port land
and there is also a checksum
3815
02:29:28,800 --> 02:29:31,400
so you to be doesn't come
with an awful lot of headers
3816
02:29:31,400 --> 02:29:33,233
because it doesn't need any
3817
02:29:33,233 --> 02:29:36,900
of the things that you see
in the other packet headers.
3818
02:29:36,900 --> 02:29:38,900
The only thing it
needs is to tell you
3819
02:29:38,900 --> 02:29:41,200
how to get the application
on the receiving host.
3820
02:29:41,200 --> 02:29:43,300
And that's where
the destination Port comes in
3821
02:29:43,300 --> 02:29:45,000
and wants the message gets
to the destination.
3822
02:29:45,000 --> 02:29:46,299
The destination needs to know
3823
02:29:46,299 --> 02:29:48,300
how to communicate back
to the originator
3824
02:29:48,300 --> 02:29:50,400
and that would be
Through the source port
3825
02:29:50,400 --> 02:29:51,400
or a return message.
3826
02:29:51,400 --> 02:29:53,800
So a return message
would convert The Source port
3827
02:29:53,800 --> 02:29:54,787
to a destination port
3828
02:29:54,787 --> 02:29:56,050
and send back to that board
3829
02:29:56,050 --> 02:29:58,200
in order to communicate
with the originator.
3830
02:29:58,200 --> 02:30:00,240
So we have a source port
and destination port
3831
02:30:00,240 --> 02:30:01,090
and the length is
3832
02:30:01,090 --> 02:30:03,383
a minimal amount of checking
and to make sure that
3833
02:30:03,383 --> 02:30:06,169
if the packet that you received
as a different from the length
3834
02:30:06,169 --> 02:30:07,650
that specify in the UDP header,
3835
02:30:07,650 --> 02:30:09,600
then there may have
been something wrong
3836
02:30:09,600 --> 02:30:11,800
so you won't may want
to discard the message to check
3837
02:30:11,800 --> 02:30:12,700
for more messages.
3838
02:30:12,800 --> 02:30:14,300
So the checksum also make sure
3839
02:30:14,300 --> 02:30:17,700
that nothing in the middle
was tampered with although it's
3840
02:30:17,700 --> 02:30:19,414
if there's some sort
of man in the middle.
3841
02:30:19,414 --> 02:30:20,499
Attack or something like
3842
02:30:20,499 --> 02:30:22,700
that a checksum is
pretty easy to manufacture
3843
02:30:22,700 --> 02:30:24,153
after you've altered the packet
3844
02:30:24,153 --> 02:30:25,700
so you can see here
in the message
3845
02:30:25,700 --> 02:30:28,300
that there's a number
of UDP packets some of them
3846
02:30:28,300 --> 02:30:29,707
just UDP the one look
3847
02:30:29,707 --> 02:30:32,608
and happens to be
from some Skype application,
3848
02:30:32,608 --> 02:30:34,800
I guess so talking
to Skype servers
3849
02:30:34,800 --> 02:30:37,211
and we've already got
the DNS now DNS also
3850
02:30:37,211 --> 02:30:38,800
needs some Fast Response times
3851
02:30:38,800 --> 02:30:41,350
because you don't want
to send a lot of time looking
3852
02:30:41,350 --> 02:30:44,100
up information about service
that you're going to before
3853
02:30:44,100 --> 02:30:45,900
because just to go to them.
3854
02:30:45,900 --> 02:30:49,062
So DNS server through all
throughout their queries
3855
02:30:49,062 --> 02:30:52,000
on to the Using UDP hoping
to get fast sponsors.
3856
02:30:52,000 --> 02:30:55,000
They don't want to spend a lot
of time setting up connections
3857
02:30:55,000 --> 02:30:56,631
and during all the negotiating
3858
02:30:56,631 --> 02:30:58,700
that comes at the
protocol like TCP.
3859
02:30:58,700 --> 02:30:59,500
For example.
3860
02:30:59,500 --> 02:31:02,737
So here you see
that the DNS is using UDP and
3861
02:31:02,737 --> 02:31:06,594
what we've got here is another
UDP packet for Destination
3862
02:31:06,594 --> 02:31:08,100
and all sorts of stuff
3863
02:31:08,100 --> 02:31:09,700
so you can see it out here
3864
02:31:09,700 --> 02:31:11,400
so you can see the checksum.
3865
02:31:11,400 --> 02:31:13,500
It's unverified checksum status
3866
02:31:13,500 --> 02:31:17,400
so you can check out all sorts
of stuff using Wireshark.
3867
02:31:17,400 --> 02:31:21,100
So that was about UDP
or The user datagram protocol.
3868
02:31:21,300 --> 02:31:21,600
Okay.
3869
02:31:21,600 --> 02:31:24,551
So now that we're done
with the user datagram protocol.
3870
02:31:24,551 --> 02:31:26,300
Let's talk about
addressing mode.
3871
02:31:26,300 --> 02:31:27,631
So addressing modes is
3872
02:31:27,631 --> 02:31:30,900
how you address a packet
to your different destination.
3873
02:31:30,900 --> 02:31:33,200
So there are three kinds
of addressing mode.
3874
02:31:33,200 --> 02:31:35,400
The first kind of addressing
mode is unicast.
3875
02:31:35,400 --> 02:31:37,300
This is pretty simple
one to understand.
3876
02:31:37,300 --> 02:31:39,700
So there is one destination
and one source
3877
02:31:39,700 --> 02:31:42,400
and the source sends
the packet to the destination
3878
02:31:42,400 --> 02:31:44,455
and it's it depends
on the protocol
3879
02:31:44,455 --> 02:31:46,700
that you're using
to actually address.
3880
02:31:46,700 --> 02:31:47,912
So if it's something
3881
02:31:47,912 --> 02:31:50,700
like TCP IP your Using
a bi-directional stream.
3882
02:31:50,700 --> 02:31:53,030
So the blue computer can talk
to the red computer
3883
02:31:53,030 --> 02:31:55,700
and the red computer can talk
back to the blue computer,
3884
02:31:55,700 --> 02:31:58,270
but you can also use
a UDP stream which is
3885
02:31:58,270 --> 02:31:59,900
like One Direction stream.
3886
02:31:59,900 --> 02:32:02,802
So it's not sure
if I'm using the correct word.
3887
02:32:02,802 --> 02:32:05,219
So it's a stream that
in One Direction.
3888
02:32:05,219 --> 02:32:07,700
I guess I'm driving
home the point here.
3889
02:32:07,700 --> 02:32:10,037
So if it's UDP only
blue is talking
3890
02:32:10,037 --> 02:32:13,200
and when blue stops
talking then read can talk,
3891
02:32:13,200 --> 02:32:16,661
but if it's dcpip blue and red
him talk simultaneously
3892
02:32:16,661 --> 02:32:19,600
at the same time now moving
on there's also so
3893
02:32:19,600 --> 02:32:21,863
broadcast now broadcast means
3894
02:32:21,863 --> 02:32:25,400
that you are sending
your bracket to everybody
3895
02:32:25,400 --> 02:32:26,517
on the network.
3896
02:32:26,517 --> 02:32:29,200
So broadcast messages
are very common
3897
02:32:29,200 --> 02:32:31,221
from mobile network providers
3898
02:32:31,221 --> 02:32:34,448
so many get those
advertisements saying something
3899
02:32:34,448 --> 02:32:36,600
like you have
a new postpaid plan
3900
02:32:36,600 --> 02:32:39,300
from Vodafone or as hell
or something like that.
3901
02:32:39,300 --> 02:32:40,900
Those are broadcast messages.
3902
02:32:40,900 --> 02:32:43,687
So it's one server
that is sending out
3903
02:32:43,687 --> 02:32:47,100
one single message to all
the other systems now,
3904
02:32:47,100 --> 02:32:49,196
there's also multicast now.
3905
02:32:49,300 --> 02:32:51,700
The cast is like broadcast
3906
02:32:51,700 --> 02:32:55,000
but selective now
multicast is used
3907
02:32:55,000 --> 02:32:58,669
for actually casting yours
your screen to multiple people.
3908
02:32:58,669 --> 02:33:00,600
So something like screen share
3909
02:33:00,600 --> 02:33:03,700
and you're doing it with
multiple people is multicast
3910
02:33:03,700 --> 02:33:07,169
because you have the option
to not show particular computer
3911
02:33:07,169 --> 02:33:09,000
what you are actually sharing.
3912
02:33:09,000 --> 02:33:10,470
So those are three modes
3913
02:33:10,470 --> 02:33:13,303
of addressing unicast
broadcast and multicast.
3914
02:33:13,303 --> 02:33:15,948
Okay now moving
on let's look into the tool
3915
02:33:15,948 --> 02:33:17,900
that we just used once and UDP.
3916
02:33:17,900 --> 02:33:18,900
That is why sure.
3917
02:33:19,123 --> 02:33:21,276
So what exactly is wash off?
3918
02:33:21,400 --> 02:33:24,548
So this utility called
Wireshark is a packet capture.
3919
02:33:24,548 --> 02:33:26,607
Usually meaning that
it grabs data.
3920
02:33:26,607 --> 02:33:27,856
That's either going out
3921
02:33:27,856 --> 02:33:30,912
or coming in of a specific
Network and there are a number
3922
02:33:30,912 --> 02:33:32,795
of reasons why
this may be useful
3923
02:33:32,795 --> 02:33:35,543
or important on the reason
why it's really important is
3924
02:33:35,543 --> 02:33:38,124
what's going on in the network
is always accurate.
3925
02:33:38,124 --> 02:33:38,914
In other words.
3926
02:33:38,914 --> 02:33:40,597
You can't mess
around with things
3927
02:33:40,597 --> 02:33:43,700
once they're on the network
or you can't lie about something
3928
02:33:43,700 --> 02:33:46,650
that's actually on the network
as compared with applications
3929
02:33:46,650 --> 02:33:47,473
in their logs,
3930
02:33:47,473 --> 02:33:49,357
which can be
misleading or inaccurate.
3931
02:33:49,357 --> 02:33:51,700
Or if an attacker gets
into an application they
3932
02:33:51,700 --> 02:33:54,769
may be able to alter the logging
now several other behaviors
3933
02:33:54,769 --> 02:33:57,361
that make it difficult to see
what's really going on
3934
02:33:57,361 --> 02:33:59,058
and the network
you can really see
3935
02:33:59,058 --> 02:34:00,000
what's going on.
3936
02:34:00,000 --> 02:34:01,400
Once it hits the wire.
3937
02:34:01,400 --> 02:34:04,498
It's on the wire and you
can't change that fact now
3938
02:34:04,498 --> 02:34:05,800
once it hits the wire
3939
02:34:05,800 --> 02:34:08,800
so we're going to do here
is a quick packet capture.
3940
02:34:08,800 --> 02:34:11,300
So let me just open up
our shop for you guys.
3941
02:34:11,300 --> 02:34:12,634
So as you guys can see
3942
02:34:12,634 --> 02:34:15,000
I have already washed
Shock open for us.
3943
02:34:15,000 --> 02:34:17,700
Let me just remove
the CDP filter that was there.
3944
02:34:17,700 --> 02:34:19,500
So why shock is Cheering.
3945
02:34:19,500 --> 02:34:22,200
So let's go over the stuff
that you can see
3946
02:34:22,200 --> 02:34:25,148
on the screen some important
features of our sharks
3947
02:34:25,148 --> 02:34:26,700
so that we can use it later.
3948
02:34:26,700 --> 02:34:27,900
So what I'm doing here
3949
02:34:27,900 --> 02:34:30,349
is a quick packet capture
and I'm going to show some
3950
02:34:30,349 --> 02:34:32,200
of the important
features of Wireshark
3951
02:34:32,200 --> 02:34:33,850
so that we can use
it later on now
3952
02:34:33,850 --> 02:34:36,150
when we're starting to do
some more significant work.
3953
02:34:36,150 --> 02:34:38,500
I select the interface
that I'm using primarily,
3954
02:34:38,500 --> 02:34:39,600
which is my Wi-Fi,
3955
02:34:39,600 --> 02:34:42,900
and I'm going to be go over here
and we'll bring up a Google page
3956
02:34:42,900 --> 02:34:45,300
so that we can see
what's happening on the network.
3957
02:34:45,300 --> 02:34:47,600
So let me just quickly open
up a Google page
3958
02:34:48,100 --> 02:34:51,200
as you guys can see
It's capturing a bunch of data
3959
02:34:51,200 --> 02:34:52,500
that's going on here.
3960
02:34:52,800 --> 02:34:54,700
Let me just open
up a Google base
3961
02:34:54,700 --> 02:34:56,900
and that's going
to send up some data.
3962
02:34:57,000 --> 02:34:58,100
Let's go back.
3963
02:34:58,100 --> 02:35:00,600
So it's dropping a whole bunch
of stuff of the network.
3964
02:35:00,600 --> 02:35:02,902
I'm just going to stop
that going to go back
3965
02:35:02,902 --> 02:35:05,900
and go back and take a look
at some of the messages here.
3966
02:35:05,900 --> 02:35:07,921
So some of the features
of a shock as you can see
3967
02:35:07,921 --> 02:35:09,311
on the top part of the screen.
3968
02:35:09,311 --> 02:35:10,100
It doesn't window
3969
02:35:10,100 --> 02:35:13,147
that says number time Source
destination protocol length
3970
02:35:13,147 --> 02:35:15,300
and info and those are
all of the packets
3971
02:35:15,300 --> 02:35:18,221
that have been captured
in the numbering starting from 1
3972
02:35:18,221 --> 02:35:21,121
and the time I'm has to do
with being relative to the point
3973
02:35:21,121 --> 02:35:23,700
that we've started capturing
and you'll see the source
3974
02:35:23,700 --> 02:35:25,100
and destination addresses
3975
02:35:25,100 --> 02:35:26,927
and the protocol
the length of the packet
3976
02:35:26,927 --> 02:35:28,427
and bytes and some information
3977
02:35:28,427 --> 02:35:30,426
about the packet
the bottom of the screen.
3978
02:35:30,426 --> 02:35:32,549
You'll see detailed information
about the packet
3979
02:35:32,549 --> 02:35:33,700
that has been selected.
3980
02:35:33,700 --> 02:35:35,500
So suppose I'm sales selecting
3981
02:35:35,500 --> 02:35:38,000
this TCP packet out
here so we can go
3982
02:35:38,000 --> 02:35:40,100
through the frames frame also
3983
02:35:40,100 --> 02:35:43,000
has an interface ID
is encapsulation type
3984
02:35:43,000 --> 02:35:44,200
and all sorts of information.
3985
02:35:44,200 --> 02:35:46,200
Is there about the frame
then we can look
3986
02:35:46,200 --> 02:35:50,000
at the source Port
destination Port see Stumble
3987
02:35:50,369 --> 02:35:52,600
the flag said the check sums,
3988
02:35:52,600 --> 02:35:54,948
you can basically check
everything about a packet
3989
02:35:54,948 --> 02:35:56,548
because this is
a packet analyzer
3990
02:35:56,548 --> 02:35:57,453
and a packet sniffer.
3991
02:35:57,453 --> 02:35:58,100
Now, you'll see
3992
02:35:58,100 --> 02:36:00,144
some detail information
about the back of that.
3993
02:36:00,144 --> 02:36:00,900
I'll be selected.
3994
02:36:00,900 --> 02:36:04,300
So I'm going to select so
the selected this TCP IP packet.
3995
02:36:04,300 --> 02:36:07,468
We see that in the middle frame
and says frame 290.
3996
02:36:07,468 --> 02:36:10,700
It means that it has
a 298 lat packet and the packet
3997
02:36:10,700 --> 02:36:15,600
that was capture 66 bites and we
grabbed 66 Bisons 528 bit later.
3998
02:36:15,600 --> 02:36:18,200
So you what do you see
out here was source
3999
02:36:18,200 --> 02:36:20,500
and the destination In
Mac address of the layer
4000
02:36:20,500 --> 02:36:21,200
to layer address
4001
02:36:21,200 --> 02:36:22,900
and then you can see
the IP address
4002
02:36:22,900 --> 02:36:24,821
of both source and destination
4003
02:36:24,821 --> 02:36:27,000
and says it's
a TCP packet gives us
4004
02:36:27,000 --> 02:36:28,700
a source Port destination port
4005
02:36:28,700 --> 02:36:30,923
and we can start drilling down
into different bits
4006
02:36:30,923 --> 02:36:32,373
of the packet and you can see
4007
02:36:32,373 --> 02:36:34,649
when I select a particular
section of the packet down
4008
02:36:34,649 --> 02:36:35,999
at the very bottom you can see
4009
02:36:35,999 --> 02:36:37,300
what's actually a hex dump
4010
02:36:37,300 --> 02:36:40,239
of the packet and on the right
hand side is the a sky.
4011
02:36:40,239 --> 02:36:41,705
So this is the hex hex dump
4012
02:36:41,705 --> 02:36:43,800
and is the a sky that
you're looking at.
4013
02:36:43,800 --> 02:36:45,800
What's really cool
about varsha gate is
4014
02:36:45,800 --> 02:36:48,400
it really pulls the packet
into it's different layers
4015
02:36:48,400 --> 02:36:49,181
that we have.
4016
02:36:49,181 --> 02:36:51,800
Spoken about the different
layers of the OSI
4017
02:36:51,800 --> 02:36:53,338
and the TCP IP model
4018
02:36:53,500 --> 02:36:55,700
and the packets are put
into different layers
4019
02:36:55,700 --> 02:36:57,355
and there's a couple
of different models
4020
02:36:57,355 --> 02:36:58,720
that we can talk about with that
4021
02:36:58,720 --> 02:37:00,400
but were shocked
does really nicely.
4022
02:37:00,400 --> 02:37:02,300
Is it demonstrate
those layers for us
4023
02:37:02,300 --> 02:37:03,500
as we can see here.
4024
02:37:03,500 --> 02:37:05,100
It is actually four layers
4025
02:37:05,100 --> 02:37:08,536
and in this particular packet
here we can also do something.
4026
02:37:08,536 --> 02:37:10,400
So I've got
a Google web request.
4027
02:37:10,400 --> 02:37:14,181
So what I want to do here is
I want to filter based on HTTP,
4028
02:37:14,181 --> 02:37:15,400
so I find a filter.
4029
02:37:15,400 --> 02:37:18,300
So let's see
if we can do an http.
4030
02:37:19,200 --> 02:37:22,100
And what I see here
is says text input
4031
02:37:22,100 --> 02:37:24,022
and it's going to get an image.
4032
02:37:24,022 --> 02:37:25,200
That's a PNG image.
4033
02:37:25,200 --> 02:37:27,335
And this is a request
to get the icon
4034
02:37:27,335 --> 02:37:29,835
that's going to be displayed
in the address bar.
4035
02:37:29,835 --> 02:37:32,683
So you also see something
called our pouch here,
4036
02:37:32,683 --> 02:37:35,007
which I'll be talking
about very soon.
4037
02:37:35,007 --> 02:37:38,400
So let's just filtering
be done now in the web browser.
4038
02:37:38,400 --> 02:37:41,200
It's a favicon dot Ico
that can do here.
4039
02:37:41,200 --> 02:37:43,900
I can select analyze
and follow TCP streams.
4040
02:37:43,900 --> 02:37:45,793
You can see all
the requests related
4041
02:37:45,793 --> 02:37:47,200
to this particular request
4042
02:37:47,200 --> 02:37:49,100
and it breaks them
down very nicely.
4043
02:37:49,100 --> 02:37:51,600
You can see we've sent
some requests to Spotify
4044
02:37:51,600 --> 02:37:54,000
because I've been using
spotify you actually listen
4045
02:37:54,000 --> 02:37:57,368
to some music then you
can see all sorts of stuff.
4046
02:37:57,368 --> 02:38:00,600
Like this was something
to some not found place.
4047
02:38:00,700 --> 02:38:03,313
So let's just take
the Spotify one and you can see
4048
02:38:03,313 --> 02:38:04,430
that we get a bunch
4049
02:38:04,430 --> 02:38:06,500
of information from
the Spotify thing.
4050
02:38:06,500 --> 02:38:09,500
At least you can see
the destination The Source,
4051
02:38:09,500 --> 02:38:11,354
it's an Intel core machine.
4052
02:38:11,354 --> 02:38:12,569
So the first part
4053
02:38:12,569 --> 02:38:16,600
of the MAC address the first
few digits is lets you tell
4054
02:38:16,600 --> 02:38:21,800
if it's what what is vendor ID
so Intel has its own member ID.
4055
02:38:21,800 --> 02:38:26,600
So F 496 probably tells us
that it's that's an Intel Core.
4056
02:38:26,600 --> 02:38:29,380
So why shock does this
really neat little thing
4057
02:38:29,380 --> 02:38:32,506
that it also tells us
from the MAC address what type
4058
02:38:32,506 --> 02:38:34,808
of machine you're
sending your packets
4059
02:38:34,808 --> 02:38:36,800
to from the back address itself.
4060
02:38:36,800 --> 02:38:39,080
So it's coming
from Sophos foresee
4061
02:38:39,080 --> 02:38:42,600
and going to an Intel Core
in the type is ipv4.
4062
02:38:42,600 --> 02:38:44,733
So that was all about Bioshock.
4063
02:38:44,733 --> 02:38:47,900
You can use it extraneously
for packet sniffing
4064
02:38:47,900 --> 02:38:49,222
and pack analysis.
4065
02:38:49,222 --> 02:38:51,500
Packet analysis come very handy
4066
02:38:51,500 --> 02:38:54,000
when you're trying
to actually figure out
4067
02:38:54,000 --> 02:38:56,100
how to do some stuff
like IDs evasion
4068
02:38:56,100 --> 02:38:58,200
where you want to craft
your own packets
4069
02:38:58,200 --> 02:39:00,023
and you want to analyze packets
4070
02:39:00,023 --> 02:39:03,200
that are going into the IDS
system to see which packets
4071
02:39:03,200 --> 02:39:05,917
are actually getting detected
its as some intrusion
4072
02:39:05,917 --> 02:39:08,900
so you can craft your bucket
and a relative manner
4073
02:39:08,900 --> 02:39:12,700
so that it doesn't get actually
detected by the idea system.
4074
02:39:12,700 --> 02:39:15,500
So this is a very Nifty little
tool will be talking about
4075
02:39:15,500 --> 02:39:18,700
how you can craft your own
packets just a little while,
4076
02:39:18,700 --> 02:39:21,000
but for now, Now,
let's move ahead.
4077
02:39:21,200 --> 02:39:21,900
Okay.
4078
02:39:21,900 --> 02:39:25,294
So now that we're done with
our small little introduction
4079
02:39:25,294 --> 02:39:27,696
and a brief views
on history of our shop.
4080
02:39:27,696 --> 02:39:30,700
Now, let's move on
to our next topic for the video.
4081
02:39:30,700 --> 02:39:31,800
That is DHCP.
4082
02:39:32,000 --> 02:39:32,700
Okay.
4083
02:39:32,700 --> 02:39:35,400
So DHCP is a protocol
4084
02:39:35,400 --> 02:39:38,700
and it stands for dynamic
host configuration protocol.
4085
02:39:38,700 --> 02:39:41,301
So DHCP is a network
management protocol used
4086
02:39:41,301 --> 02:39:44,183
to dynamically assign
an Internet Protocol address
4087
02:39:44,183 --> 02:39:46,000
to any device on the network
4088
02:39:46,000 --> 02:39:49,000
so they can communicate
using IP now DHCP.
4089
02:39:49,000 --> 02:39:50,047
Means and centrally
4090
02:39:50,047 --> 02:39:52,927
manages these configurations
rather than requiring
4091
02:39:52,927 --> 02:39:56,111
some network administrator to
manually assigned IP addresses
4092
02:39:56,111 --> 02:39:57,700
to all the network devices.
4093
02:39:57,700 --> 02:39:59,642
So DHCP can be implemented
4094
02:39:59,642 --> 02:40:04,168
on small or small local networks
as well as large Enterprises.
4095
02:40:04,168 --> 02:40:08,100
Now DHCP will assign new
IP addresses in each location
4096
02:40:08,100 --> 02:40:10,700
when devices are moved
from place to place
4097
02:40:10,700 --> 02:40:13,195
which means Network
administrators do not have
4098
02:40:13,195 --> 02:40:15,680
to manually initially
configure each device
4099
02:40:15,680 --> 02:40:17,100
with a valid IP address.
4100
02:40:17,200 --> 02:40:21,000
So if device This is
a new IP address is moved
4101
02:40:21,000 --> 02:40:23,005
to a new location
of the network.
4102
02:40:23,005 --> 02:40:25,696
It doesn't need any sort
of reconfiguration.
4103
02:40:25,696 --> 02:40:28,200
So versions of DHCP
are available for use
4104
02:40:28,200 --> 02:40:31,200
in Internet Protocol version
4 and Internet Protocol
4105
02:40:31,200 --> 02:40:32,175
version 6 now
4106
02:40:32,175 --> 02:40:36,200
as you see on your screen
is a very simplistic diagram
4107
02:40:36,200 --> 02:40:37,500
on how DHCP works.
4108
02:40:37,500 --> 02:40:39,700
So let me just run
you down DHCP runs
4109
02:40:39,700 --> 02:40:40,900
at the application layer
4110
02:40:40,900 --> 02:40:42,328
of the TCP IP protocol
4111
02:40:42,328 --> 02:40:45,906
stack to dynamically assign
IP addresses to DHCP clients
4112
02:40:45,906 --> 02:40:49,000
and to allocate
TCP IP configuration information
4113
02:40:49,000 --> 02:40:50,288
to It's TB clients.
4114
02:40:50,288 --> 02:40:53,774
This includes subnet mask
information default gateways
4115
02:40:53,774 --> 02:40:56,800
IP addresses domain name
systems and addresses.
4116
02:40:56,800 --> 02:40:59,329
So DHCP is a client-server
protocol in which
4117
02:40:59,329 --> 02:41:00,454
servers managed full
4118
02:41:00,454 --> 02:41:01,748
of unique IP addresses
4119
02:41:01,748 --> 02:41:05,000
as well as information about
line configuration parameters
4120
02:41:05,000 --> 02:41:08,000
and assign addresses
out of those address pools now
4121
02:41:08,000 --> 02:41:11,100
DHCP enabled clients send
a request the DHCP server,
4122
02:41:11,100 --> 02:41:13,800
whenever they connect
to a network the clients
4123
02:41:13,800 --> 02:41:17,350
configure with DHCP broadcasts
a request the DHCP server
4124
02:41:17,350 --> 02:41:18,900
and the request Network.
4125
02:41:18,900 --> 02:41:21,985
In information for local network
to which they are attached
4126
02:41:21,985 --> 02:41:23,916
a client typically
broadcasts a query
4127
02:41:23,916 --> 02:41:25,800
for this information immediately
4128
02:41:25,800 --> 02:41:28,152
after booting up
the DHCP server response
4129
02:41:28,152 --> 02:41:29,460
to the client requests
4130
02:41:29,460 --> 02:41:33,048
by providing IP configuration
information previously specified
4131
02:41:33,048 --> 02:41:34,637
by a network administrator.
4132
02:41:34,637 --> 02:41:37,362
Now this includes
a specific IP address as well as
4133
02:41:37,362 --> 02:41:38,752
for the time period also
4134
02:41:38,752 --> 02:41:41,400
called Lee's for which
the allocation is valid
4135
02:41:41,400 --> 02:41:43,165
when refreshing an assignment
4136
02:41:43,165 --> 02:41:45,600
a DHCP client request
the same parameters
4137
02:41:45,600 --> 02:41:48,689
the DHCP server May assign
the new IP address based
4138
02:41:48,689 --> 02:41:51,100
on the You said by
the administrator now
4139
02:41:51,100 --> 02:41:53,195
a DHCP server manages a record
4140
02:41:53,195 --> 02:41:56,987
of all the IP addresses it
allocates to networks nodes.
4141
02:41:56,987 --> 02:42:00,541
If a node is we are located
in the network the server
4142
02:42:00,541 --> 02:42:04,300
identifies it using its media
Access Control address now
4143
02:42:04,300 --> 02:42:07,676
which prevents accidental
configuring multiple devices
4144
02:42:07,676 --> 02:42:11,500
with the same IP address now
the sap is not routable protocol
4145
02:42:11,500 --> 02:42:14,300
nor is it a secure one DHCP
4146
02:42:14,300 --> 02:42:16,938
is limited to a specific
local area network,
4147
02:42:16,938 --> 02:42:18,830
which means a
single DHCP server.
4148
02:42:18,830 --> 02:42:22,200
A pearl an is adequate now
larger networks may have a wide
4149
02:42:22,200 --> 02:42:25,559
area network containing multiple
individual locations depending
4150
02:42:25,559 --> 02:42:27,726
on the connections
between these points
4151
02:42:27,726 --> 02:42:30,057
and the number of clients
in each location.
4152
02:42:30,057 --> 02:42:30,557
Multiple.
4153
02:42:30,557 --> 02:42:32,500
DHCP servers can
be set up to handle
4154
02:42:32,500 --> 02:42:34,000
the distribution of addresses.
4155
02:42:34,200 --> 02:42:37,100
Now if Network administrators
want a DHCP server to provide
4156
02:42:37,100 --> 02:42:40,300
addressing to multiple subnets
on and given Network.
4157
02:42:40,300 --> 02:42:43,302
They must configure
DHCP relay Services located
4158
02:42:43,302 --> 02:42:45,000
on interconnecting routers
4159
02:42:45,000 --> 02:42:47,200
that DHCP request
to have to cross
4160
02:42:47,200 --> 02:42:49,166
these agents relay messages.
4161
02:42:49,166 --> 02:42:50,500
Between DHCP client
4162
02:42:50,500 --> 02:42:55,400
and servers dscp also lacks
any built-in mechanism
4163
02:42:55,400 --> 02:42:57,800
that would allow clients
and servers to authenticate
4164
02:42:57,800 --> 02:43:01,100
each other both are vulnerable
to deception and to attack
4165
02:43:01,100 --> 02:43:04,100
where row clients can exhaust
a DHCP servers pool.
4166
02:43:04,100 --> 02:43:04,457
Okay.
4167
02:43:04,457 --> 02:43:06,700
So let's move on
to our next topic
4168
02:43:06,700 --> 02:43:08,400
and that is why use DHCP.
4169
02:43:08,400 --> 02:43:09,600
So I just told you
4170
02:43:09,600 --> 02:43:13,174
that DHCP don't really have
any sort of authentication
4171
02:43:13,174 --> 02:43:15,344
so it can be
folded really easily.
4172
02:43:15,344 --> 02:43:18,200
So what are the advantages
of using DHCP
4173
02:43:18,200 --> 02:43:20,900
so The sap offers quite
a lot of advantages
4174
02:43:20,900 --> 02:43:23,900
firstly is IP address management
a primary advantage
4175
02:43:23,900 --> 02:43:27,633
of dscp is easier management
of IP addresses in a network
4176
02:43:27,633 --> 02:43:28,509
with the DHCP.
4177
02:43:28,509 --> 02:43:30,700
You must manually
assign IP address,
4178
02:43:30,700 --> 02:43:33,368
you must be careful
to assign unique IP addresses
4179
02:43:33,368 --> 02:43:34,089
to each client
4180
02:43:34,089 --> 02:43:36,247
and the configure
each client individually
4181
02:43:36,247 --> 02:43:38,300
the client moves
to a different network.
4182
02:43:38,300 --> 02:43:41,200
You must make model
modifications for that client.
4183
02:43:41,200 --> 02:43:42,684
Now when DHCP is enabled
4184
02:43:42,684 --> 02:43:45,900
the DHCP server manages
the assigning of IP addresses
4185
02:43:45,900 --> 02:43:49,057
without the administrators
intervention clients.
4186
02:43:49,057 --> 02:43:50,200
And move to other
4187
02:43:50,200 --> 02:43:52,670
subnets without panel
country configuration
4188
02:43:52,670 --> 02:43:53,900
because they obtained
4189
02:43:53,900 --> 02:43:56,600
from a DHCP server
new client information
4190
02:43:56,600 --> 02:44:00,730
appropriate for the new network
now apart from that you can say
4191
02:44:00,730 --> 02:44:01,773
that the hcp also
4192
02:44:01,773 --> 02:44:04,900
provides a centralized
Network client configuration.
4193
02:44:04,900 --> 02:44:07,700
It has support
for boot TP clients.
4194
02:44:07,700 --> 02:44:10,600
It supports of local clients
and remote clients.
4195
02:44:10,600 --> 02:44:12,387
It supports Network booting
4196
02:44:12,387 --> 02:44:15,300
and also it has a support
for a large Network
4197
02:44:15,300 --> 02:44:18,200
and not only for sure
like small-scale networks,
4198
02:44:18,200 --> 02:44:20,000
but for larger Works as well.
4199
02:44:20,000 --> 02:44:24,100
So that way you see DHCP has
a wide array of advantages even
4200
02:44:24,100 --> 02:44:27,000
though it doesn't really
have some authentication.
4201
02:44:27,000 --> 02:44:30,300
So because of these advantages
DHCP finds widespread use
4202
02:44:30,300 --> 02:44:32,100
in a lot of organizations.
4203
02:44:32,200 --> 02:44:34,700
Okay, so that winds
up DHCP for us.
4204
02:44:34,700 --> 02:44:38,100
So let us go into the history
of cryptography now.
4205
02:44:38,200 --> 02:44:39,905
So let me give you
a brief history
4206
02:44:39,905 --> 02:44:41,631
of cryptography now cryptography
4207
02:44:41,631 --> 02:44:44,600
actually goes back several
thousand years before shortly
4208
02:44:44,600 --> 02:44:48,300
after people began to find ways
to communicate there are some
4209
02:44:48,300 --> 02:44:51,182
of Who were finding ways
to make the understanding
4210
02:44:51,182 --> 02:44:52,800
of that communication difficult
4211
02:44:52,800 --> 02:44:55,100
so that other people
couldn't understand
4212
02:44:55,100 --> 02:44:56,000
what was going on.
4213
02:44:56,100 --> 02:44:59,300
And this led to the development
of Caesar Cipher
4214
02:44:59,300 --> 02:45:01,238
that was developed
by Julius Caesar
4215
02:45:01,238 --> 02:45:03,886
and it's a simple
rotation Cipher and by that,
4216
02:45:03,886 --> 02:45:05,700
I mean that you rotate a portion
4217
02:45:05,700 --> 02:45:08,600
of the key in order
to generate the algorithm.
4218
02:45:08,600 --> 02:45:10,066
So here's an example.
4219
02:45:10,066 --> 02:45:12,300
We've got two rows
of letters and
4220
02:45:12,300 --> 02:45:13,800
that are alphabetical in order
4221
02:45:13,800 --> 02:45:16,785
and means we basically wrecking
the alphabets down
4222
02:45:16,785 --> 02:45:19,100
and the second row
is shifted by three.
4223
02:45:19,100 --> 02:45:21,400
Letters so Abby is a z actually
4224
02:45:21,400 --> 02:45:24,635
because if you move that way B
is a z from the first row
4225
02:45:24,635 --> 02:45:26,700
gets shifted back the second row
4226
02:45:26,700 --> 02:45:29,400
and then the letter
D becomes letter C
4227
02:45:29,400 --> 02:45:32,600
the there's that's an example
of how encryption works.
4228
02:45:32,600 --> 02:45:35,500
So if you try to encrypt
a word like hello,
4229
02:45:35,500 --> 02:45:38,541
it would look completely
gibberish after it came
4230
02:45:38,541 --> 02:45:39,900
out of the algorithm.
4231
02:45:39,900 --> 02:45:43,951
So if you count the Letters
Out you can see that letter H
4232
02:45:43,951 --> 02:45:46,700
can be translated
to little a letter L.
4233
02:45:46,700 --> 02:45:48,000
So that's a Caesar Cipher.
4234
02:45:48,200 --> 02:45:51,229
Now you must Little things
like rot13 which means
4235
02:45:51,229 --> 02:45:54,887
that you rotate the 13 letters
instead of three letters.
4236
02:45:54,887 --> 02:45:56,900
That's what we
can do here again,
4237
02:45:56,900 --> 02:45:59,200
and this is just
a simple rotation Cipher
4238
02:45:59,200 --> 02:46:00,824
ourseives the cipher that's
4239
02:46:00,824 --> 02:46:04,190
what of course the rod stands
for its rotate or rotation.
4240
02:46:04,190 --> 02:46:06,543
Now coming forward
couple thousand years.
4241
02:46:06,543 --> 02:46:08,200
We have the Enigma Cipher now,
4242
02:46:08,200 --> 02:46:11,000
it's important to note
that the Enigma is not the word
4243
02:46:11,000 --> 02:46:13,950
given to this particular Cipher
by the people who developed it.
4244
02:46:13,950 --> 02:46:16,300
It's actually the word
given to it by the people
4245
02:46:16,300 --> 02:46:18,634
who were trying to crack
it the Enigma Cipher
4246
02:46:18,634 --> 02:46:19,642
is a German Cipher,
4247
02:46:19,642 --> 02:46:21,300
they develop this
Cipher and machine
4248
02:46:21,300 --> 02:46:24,000
that was capable of encrypting
and decrypting messages.
4249
02:46:24,000 --> 02:46:25,100
So they could messages
4250
02:46:25,100 --> 02:46:28,000
to and from different
battlefields and waterfronts,
4251
02:46:28,000 --> 02:46:29,800
which is similar
to the Caesar Cipher
4252
02:46:29,800 --> 02:46:32,678
sees a use it to communicate
with his Butterfield generals
4253
02:46:32,678 --> 02:46:33,633
and the same thing.
4254
02:46:33,633 --> 02:46:34,607
We're with the Germans.
4255
02:46:34,607 --> 02:46:36,600
You've got to get messages
from headquarter down
4256
02:46:36,600 --> 02:46:38,600
to where the people
are actually fighting
4257
02:46:38,600 --> 02:46:40,500
and you don't want
it to get intercepted
4258
02:46:40,500 --> 02:46:41,800
in between by the enemy.
4259
02:46:41,800 --> 02:46:43,443
So therefore you use encryption
4260
02:46:43,443 --> 02:46:45,618
and lots of energy
was spent by the allies
4261
02:46:45,618 --> 02:46:49,000
and in particular the British
trying to decrypt the messages.
4262
02:46:49,000 --> 02:46:50,582
One of the first instances
4263
02:46:50,582 --> 02:46:51,800
that we are aware of
4264
02:46:51,800 --> 02:46:54,732
where machine was used
to do the actual encryption
4265
02:46:54,732 --> 02:46:58,320
and we're going to come ahead
a few decades now into the 1970s
4266
02:46:58,320 --> 02:46:59,320
where it was felt
4267
02:46:59,320 --> 02:47:02,200
that there was a need for
a digital encryption standard.
4268
02:47:02,200 --> 02:47:04,300
Now the National
Institute of Standards
4269
02:47:04,300 --> 02:47:07,300
and technology is responsible
for that sort of thing.
4270
02:47:07,300 --> 02:47:11,000
So they put out a proposal for
this digital encryption standard
4271
02:47:11,000 --> 02:47:12,564
and an encryption algorithm.
4272
02:47:12,564 --> 02:47:14,800
What ended up happening
was IBM came up
4273
02:47:14,800 --> 02:47:16,415
with this encryption algorithm
4274
02:47:16,415 --> 02:47:18,358
that was based
on the Lucifer Cipher
4275
02:47:18,358 --> 02:47:21,800
that it was one of their people
had been working on on a couple
4276
02:47:21,800 --> 02:47:24,500
of years previously in 1974
4277
02:47:24,800 --> 02:47:26,500
and they put
this proposal together
4278
02:47:26,500 --> 02:47:28,100
based on the Lucifer Cipher
4279
02:47:28,100 --> 02:47:29,700
and in 1977 that proposal
4280
02:47:29,700 --> 02:47:31,935
for an encryption
algorithm was the one
4281
02:47:31,935 --> 02:47:34,866
that was chosen to be
the digital encryption standard.
4282
02:47:34,866 --> 02:47:37,300
And so that came
to be known as Des over time
4283
02:47:37,300 --> 02:47:38,588
and it became apparent
4284
02:47:38,588 --> 02:47:40,000
that there was a problem
4285
02:47:40,000 --> 02:47:43,563
with this and that was it
only had a 56 bit key size
4286
02:47:43,563 --> 02:47:45,100
and while in the 1970s
4287
02:47:45,100 --> 02:47:46,800
that was considered
adequate to defend
4288
02:47:46,800 --> 02:47:49,100
against brute forcing
and breaking of course.
4289
02:47:49,100 --> 02:47:49,900
By 1990s.
4290
02:47:49,900 --> 02:47:52,700
It was no longer considered
adequate and there was a need
4291
02:47:52,700 --> 02:47:55,600
for something more and it
took time to develop something
4292
02:47:55,600 --> 02:47:58,423
that would last long
for some long period of time
4293
02:47:58,423 --> 02:48:00,900
and so in the meantime
a stopgap has developed
4294
02:48:00,900 --> 02:48:02,000
and this stopgap is
4295
02:48:02,000 --> 02:48:03,400
what we call the triple Des.
4296
02:48:03,400 --> 02:48:05,554
The reason it's called
triple Des is
4297
02:48:05,554 --> 02:48:09,051
you apply the Des algorithm
three times in different ways
4298
02:48:09,051 --> 02:48:12,300
and you use three different keys
in order to do that.
4299
02:48:12,300 --> 02:48:16,411
So here's how triple Des Works
your first 56 bit key is used
4300
02:48:16,411 --> 02:48:18,200
to encrypt the plain text just
4301
02:48:18,200 --> 02:48:19,200
like you would do
4302
02:48:19,200 --> 02:48:21,458
with the standard
digital encryption standard
4303
02:48:21,458 --> 02:48:24,700
algorithm but changes
and you take that Cipher text
4304
02:48:24,700 --> 02:48:27,185
that's returned from
the first round of encryption
4305
02:48:27,185 --> 02:48:30,078
and you apply the decryption
algorithm to the cipher text.
4306
02:48:30,078 --> 02:48:31,723
However, the key
thing to note is
4307
02:48:31,723 --> 02:48:34,900
that you don't use the key
that you use to encrypt you.
4308
02:48:34,900 --> 02:48:36,700
Don't use the first
key to decrypt
4309
02:48:36,700 --> 02:48:39,100
because otherwise you'll get
the plain text back.
4310
02:48:39,100 --> 02:48:40,950
So what you do is
you use a second key
4311
02:48:40,950 --> 02:48:42,249
with the decryption algorithm
4312
02:48:42,249 --> 02:48:44,249
against the cipher text
from the first round.
4313
02:48:44,249 --> 02:48:45,900
So now you've got
some Cipher text
4314
02:48:45,900 --> 02:48:48,582
that has been encrypted
with one key and decrypt it
4315
02:48:48,582 --> 02:48:51,396
with Second key and we take
the cipher text from that
4316
02:48:51,396 --> 02:48:54,001
and we apply a turkey using
the encryption portion
4317
02:48:54,001 --> 02:48:56,578
of the algorithm to
that Cipher encryption portion
4318
02:48:56,578 --> 02:48:58,962
of the algorithm
to that ciphertext to receive
4319
02:48:58,962 --> 02:49:02,223
a whole new set of ciphertext
obviously to do the decryption.
4320
02:49:02,223 --> 02:49:03,400
You do the third key
4321
02:49:03,400 --> 02:49:06,400
and decrypt it with
the second key you encrypt it.
4322
02:49:06,400 --> 02:49:08,687
And then with the first
key you decrypt it.
4323
02:49:08,687 --> 02:49:10,275
And so you do reverse order
4324
02:49:10,275 --> 02:49:13,600
and the reverse algorithm at
each step to apply triple Des.
4325
02:49:13,600 --> 02:49:17,400
So we get an effective key size
of about one sixty eight bits,
4326
02:49:17,400 --> 02:49:20,300
but it's still only
X bits at a time.
4327
02:49:20,300 --> 02:49:22,300
Now I said triple Des
was only a stopgap.
4328
02:49:22,300 --> 02:49:23,700
What we were really looking
4329
02:49:23,700 --> 02:49:26,600
for was Advanced encryption
standard once again
4330
02:49:26,800 --> 02:49:29,100
and niste requested proposals
4331
02:49:29,100 --> 02:49:32,100
so that they could replace
the digital encryption standard
4332
02:49:32,100 --> 02:49:35,650
in 2001 after several thousands
of looking for algorithms
4333
02:49:35,650 --> 02:49:38,287
and looking them
over getting them evaluated
4334
02:49:38,287 --> 02:49:41,600
and getting them looked
into this selected an algorithm
4335
02:49:41,600 --> 02:49:44,358
and it was put together by
a couple of mathematicians.
4336
02:49:44,358 --> 02:49:45,770
The algorithm was called
4337
02:49:45,770 --> 02:49:49,100
rijndael and that became the
advanced encryption standard.
4338
02:49:49,100 --> 02:49:51,618
Or AES, it's one
of the most advantages
4339
02:49:51,618 --> 02:49:54,855
of AES is it supports
multiple key lens currently
4340
02:49:54,855 --> 02:49:56,793
what you'll typically see is
4341
02:49:56,793 --> 02:49:58,825
as we are using 128-bit keys.
4342
02:49:58,825 --> 02:50:01,430
However, AES supports
up to 256 bit key.
4343
02:50:01,430 --> 02:50:02,908
So if we get the point
4344
02:50:02,908 --> 02:50:06,486
where 128-bit isn't enough
we can move all the way up
4345
02:50:06,486 --> 02:50:08,500
to 256 bits of keying material.
4346
02:50:08,500 --> 02:50:10,800
So cryptography has
a really long history.
4347
02:50:10,800 --> 02:50:11,370
Currently.
4348
02:50:11,370 --> 02:50:12,900
We are in a state where we
4349
02:50:12,900 --> 02:50:16,058
have a reasonably stable
encryption standard and AES,
4350
02:50:16,058 --> 02:50:18,176
but the history
of cryptography shows
4351
02:50:18,176 --> 02:50:19,308
that with Every set
4352
02:50:19,308 --> 02:50:22,500
of encryption eventually
people find a way to crack it.
4353
02:50:22,500 --> 02:50:22,874
Okay.
4354
02:50:22,874 --> 02:50:26,100
So that was a brief
history of cryptography.
4355
02:50:26,100 --> 02:50:26,600
Now.
4356
02:50:26,600 --> 02:50:29,300
What I want to do
is let's go over
4357
02:50:29,300 --> 02:50:33,000
and talk about a yes
triple des and Des in themselves
4358
02:50:33,000 --> 02:50:36,000
because they are
some really key cryptography
4359
02:50:36,000 --> 02:50:37,500
key moments in history
4360
02:50:37,500 --> 02:50:40,030
because there's some really
key historic moments
4361
02:50:40,030 --> 02:50:41,700
in the history of cryptography.
4362
02:50:41,700 --> 02:50:42,678
Now, we're going to talk
4363
02:50:42,678 --> 02:50:44,921
about the different types
of cryptography key ciphers
4364
02:50:44,921 --> 02:50:46,000
and primarily we're going
4365
02:50:46,000 --> 02:50:48,700
to be talking about
this triple des and AES now.
4366
02:50:48,700 --> 02:50:50,900
This is the digital
encryption standard.
4367
02:50:50,900 --> 02:50:53,200
It was developed by
IBM in the 1970s.
4368
02:50:53,200 --> 02:50:55,700
And originally it
was cryptography Cipher
4369
02:50:55,700 --> 02:50:56,700
named Lucifer
4370
02:50:56,700 --> 02:50:59,500
and after some modifications
IBM proposed it as
4371
02:50:59,500 --> 02:51:01,124
digital encryption standard
4372
02:51:01,124 --> 02:51:04,241
and it was selected by
the digital encryption standard
4373
02:51:04,241 --> 02:51:06,423
ever since then
it's been known as dis.
4374
02:51:06,423 --> 02:51:07,187
Now one thing
4375
02:51:07,187 --> 02:51:09,335
that cost a little bit
of controversy was
4376
02:51:09,335 --> 02:51:11,061
during the process of selection
4377
02:51:11,061 --> 02:51:13,900
and it's a requested
some changes and it hasn't been
4378
02:51:13,900 --> 02:51:17,100
particularly clear but changes
were requested by the NSA.
4379
02:51:17,100 --> 02:51:19,300
There has been
some speculation that wondered
4380
02:51:19,300 --> 02:51:20,800
if the NSA was requesting
4381
02:51:20,800 --> 02:51:23,600
a back door into this
digital encryption standard
4382
02:51:23,600 --> 02:51:25,100
which would allow them to look
4383
02:51:25,100 --> 02:51:26,800
at encrypted messages
in the clear.
4384
02:51:26,800 --> 02:51:29,200
So basically it would
always give the NSA
4385
02:51:29,200 --> 02:51:31,900
the ability to decrypt
DS encrypted messages.
4386
02:51:31,900 --> 02:51:34,600
It remained the encryption
standard for the next couple
4387
02:51:34,600 --> 02:51:35,847
of decades or so.
4388
02:51:35,847 --> 02:51:38,493
So what is this and
how does it work?
4389
02:51:38,500 --> 02:51:39,000
Basically?
4390
02:51:39,000 --> 02:51:42,200
It uses 56-bit Keys rather
than the stream Cipher.
4391
02:51:42,200 --> 02:51:46,700
It's a block Cipher and it uses
a 64-bit blocks and a 1998 -
4392
02:51:46,700 --> 02:51:48,727
was effectively broken
when a desk
4393
02:51:48,727 --> 02:51:50,182
If the message was cracked
4394
02:51:50,182 --> 02:51:52,145
and three days a year
later a network
4395
02:51:52,145 --> 02:51:53,400
of ten thousand systems
4396
02:51:53,400 --> 02:51:55,700
around the world crack
the best encrypted message
4397
02:51:55,700 --> 02:51:56,600
in less than a day
4398
02:51:56,600 --> 02:51:57,900
and it's just gotten worse
4399
02:51:57,900 --> 02:52:01,300
since then with modern
computing power being what it is
4400
02:52:01,300 --> 02:52:03,300
since this was actually created
4401
02:52:03,300 --> 02:52:05,535
we already have come
to the realization
4402
02:52:05,535 --> 02:52:07,500
that we needed something else.
4403
02:52:07,500 --> 02:52:10,000
So Along Came triple Des
4404
02:52:10,000 --> 02:52:13,050
now triple DES isn't
three times the strength
4405
02:52:13,050 --> 02:52:15,172
of desk necessarily it applies.
4406
02:52:15,172 --> 02:52:18,800
There's just three times
and what I mean by that is is
4407
02:52:18,800 --> 02:52:21,952
what we do is we take a plain
text message then let's call
4408
02:52:21,952 --> 02:52:25,600
that P and we are going to use
a key called K 1 and we're going
4409
02:52:25,600 --> 02:52:28,350
to use that key to encrypt
a message and use a key
4410
02:52:28,350 --> 02:52:29,800
that will be will call K1
4411
02:52:29,800 --> 02:52:32,446
and we're going to use
that to encrypt the message
4412
02:52:32,446 --> 02:52:34,745
and that's going to result
in the ciphertext
4413
02:52:34,745 --> 02:52:36,400
and we will call the c 1 so c 1
4414
02:52:36,400 --> 02:52:38,500
the output of the first
round of encryption.
4415
02:52:38,500 --> 02:52:40,700
We're going to apply
a second key and we'll call
4416
02:52:40,700 --> 02:52:42,300
that K2 with that second key
4417
02:52:42,300 --> 02:52:44,900
and we're going to go
through a decryption process
4418
02:52:44,900 --> 02:52:45,600
on see one
4419
02:52:45,600 --> 02:52:46,850
since it's the wrong key.
4420
02:52:46,850 --> 02:52:48,850
We're not going to get
plain text out on the
4421
02:52:48,850 --> 02:52:51,700
And what we're going to get
is another round of ciphertext
4422
02:52:51,700 --> 02:52:54,533
and we will call this c 2
what we do with c 2.
4423
02:52:54,533 --> 02:52:57,800
We are going to apply a third
key and we will call this K 3
4424
02:52:57,800 --> 02:53:00,100
and we're going
to encrypt ciphertext c 2
4425
02:53:00,100 --> 02:53:03,000
and that's going to result
in another round the ciphertext
4426
02:53:03,000 --> 02:53:04,409
and we will call that c 3.
4427
02:53:04,409 --> 02:53:07,500
So we have 3 different Keys
applied in two different ways.
4428
02:53:07,500 --> 02:53:10,900
So with Chi 1 and Chi 3 we
do a round of encryption
4429
02:53:10,900 --> 02:53:13,450
and with key to we do
a round of decryption.
4430
02:53:13,450 --> 02:53:15,800
So it's an encrypted Crypt
and crypt process
4431
02:53:15,800 --> 02:53:18,800
with separate keys while
that doesn't really healed.
4432
02:53:18,800 --> 02:53:21,917
A full 168 bit key size
the three rounds of encryption
4433
02:53:21,917 --> 02:53:25,400
yields an effective key size of
a hundred and sixty eight bits
4434
02:53:25,400 --> 02:53:28,300
because you have
to find 356 bit keys.
4435
02:53:28,300 --> 02:53:31,541
So speaking of that technical
detail for triple Des.
4436
02:53:31,541 --> 02:53:35,100
We're still using the test block
Cipher with 56-bit keys.
4437
02:53:35,100 --> 02:53:37,300
But since we've got
three different Keys,
4438
02:53:37,300 --> 02:53:39,800
we get an effective length
of around 160 8.
4439
02:53:39,800 --> 02:53:42,900
Bits triple Des was really
just a stopgap measure.
4440
02:53:42,900 --> 02:53:45,886
We knew that if test
could be broken triple desk
4441
02:53:45,886 --> 02:53:49,000
surely we broke in
with just some more time again.
4442
02:53:49,000 --> 02:53:52,451
And so the nest was trying
to request a standard
4443
02:53:52,451 --> 02:53:53,759
that was in 1999.
4444
02:53:53,759 --> 02:53:56,900
And in 2001 this
published an algorithm
4445
02:53:56,900 --> 02:53:59,256
that was called a s
so this algorithm
4446
02:53:59,256 --> 02:54:00,482
that was originally
4447
02:54:00,482 --> 02:54:03,000
called rijndael was
published by nist as
4448
02:54:03,000 --> 02:54:06,300
advanced encryption standard
some technical specifications
4449
02:54:06,300 --> 02:54:07,600
about a s is
4450
02:54:07,600 --> 02:54:09,800
that the original drained
all album specified
4451
02:54:09,800 --> 02:54:11,700
variable block sizes
and key lengths
4452
02:54:11,700 --> 02:54:13,723
and as long as those lock sizes
4453
02:54:13,723 --> 02:54:16,400
and key lengths were
multiples of 32 bits.
4454
02:54:16,400 --> 02:54:18,100
So 32 64 96,
4455
02:54:18,100 --> 02:54:21,915
and so On you could use
those block sizes and key lens
4456
02:54:21,915 --> 02:54:23,500
when a s was published
4457
02:54:23,500 --> 02:54:26,200
a specified a fixed
128-bit block size
4458
02:54:26,200 --> 02:54:26,900
and key length
4459
02:54:26,900 --> 02:54:31,000
of 128 192 and 256 a yes
with three different key lengths
4460
02:54:31,000 --> 02:54:32,328
but one block size and
4461
02:54:32,328 --> 02:54:36,000
that's a little bit of detail
about desk triple des and AES.
4462
02:54:36,000 --> 02:54:37,600
So when a s was published
4463
02:54:37,600 --> 02:54:40,300
a specified fixed
128-bit block size
4464
02:54:40,400 --> 02:54:44,300
and a key length
of 128 192 and 256 bits.
4465
02:54:44,400 --> 02:54:47,338
So we've got with a S3
different key lens,
4466
02:54:47,338 --> 02:54:48,700
but one block size.
4467
02:54:48,700 --> 02:54:50,200
And that was a little bit
4468
02:54:50,200 --> 02:54:54,363
of detail about this triple des
and AES will use some of these
4469
02:54:54,363 --> 02:54:57,842
and doing some Hands-On work
and the subsequent part
4470
02:54:57,842 --> 02:54:58,700
of this video.
4471
02:54:58,700 --> 02:54:59,000
Okay.
4472
02:54:59,000 --> 02:55:01,232
So now that I've given
you a brief history
4473
02:55:01,232 --> 02:55:03,900
of how we have reached
to the encryption standards
4474
02:55:03,900 --> 02:55:05,350
that we're following today.
4475
02:55:05,350 --> 02:55:07,500
That is the advanced
encryption standard.
4476
02:55:07,500 --> 02:55:08,441
Let's go ahead
4477
02:55:08,441 --> 02:55:12,397
and talk a little bit more
about this triple des and AES.
4478
02:55:12,397 --> 02:55:15,065
So this is a digital
encryption standard.
4479
02:55:15,065 --> 02:55:18,600
It was developed by IBM
in the 1970s and originally it
4480
02:55:18,600 --> 02:55:21,000
it was a cryptographer
xi4 named Lucifer
4481
02:55:21,000 --> 02:55:23,771
and after some modifications
IBM proposed it as
4482
02:55:23,771 --> 02:55:25,500
the digital encryption standard.
4483
02:55:25,500 --> 02:55:28,100
It was selected to be
the digital encryption standard
4484
02:55:28,100 --> 02:55:31,106
and ever since then
it's been known as Tes
4485
02:55:31,106 --> 02:55:32,500
or deaths one thing
4486
02:55:32,500 --> 02:55:34,763
that caused a little bit
of controversy was
4487
02:55:34,763 --> 02:55:38,182
during the process of selection
the NSA requested some changes
4488
02:55:38,182 --> 02:55:40,206
and it hasn't been
particularly clear
4489
02:55:40,206 --> 02:55:42,441
what changes were
requested by the NSA.
4490
02:55:42,441 --> 02:55:45,500
There has been some sort
of speculation that wondered
4491
02:55:45,500 --> 02:55:48,600
if the NSA was requesting
a back door into this.
4492
02:55:48,600 --> 02:55:49,900
It'll encryption standard
4493
02:55:49,900 --> 02:55:52,597
which would allow them to look
at encrypted messages
4494
02:55:52,597 --> 02:55:53,361
in the clear.
4495
02:55:53,361 --> 02:55:55,600
So basically it would
always give the NSA
4496
02:55:55,600 --> 02:55:58,200
the ability to decrypt
this encrypted messages.
4497
02:55:58,200 --> 02:56:00,900
It Remains the encryption
standard for the next couple
4498
02:56:00,900 --> 02:56:02,300
of decades or so.
4499
02:56:02,400 --> 02:56:05,204
And what is this and
how does it work now
4500
02:56:05,204 --> 02:56:08,500
tests Remain the digital
standard for encryption
4501
02:56:08,500 --> 02:56:10,448
for the next couple of decades.
4502
02:56:10,448 --> 02:56:12,900
So what does it do
and how does it work?
4503
02:56:12,900 --> 02:56:14,366
So basically it uses
4504
02:56:14,366 --> 02:56:17,225
a 56 bit key rather
than a stream Cipher.
4505
02:56:17,225 --> 02:56:21,300
It's a block Cipher and it
uses 64-bit blocks and in 1998,
4506
02:56:21,300 --> 02:56:23,465
if you know there's
was effectively broken
4507
02:56:23,465 --> 02:56:26,159
when a des encrypted message
was cracked in three days
4508
02:56:26,159 --> 02:56:28,605
and then a year later
a network of 10,000 systems
4509
02:56:28,605 --> 02:56:31,000
around the world crack
the Des encrypted message
4510
02:56:31,000 --> 02:56:32,000
unless and a day
4511
02:56:32,000 --> 02:56:33,464
and it's just gotten worse
4512
02:56:33,464 --> 02:56:36,700
since then with modern Computing
being what it is today.
4513
02:56:36,700 --> 02:56:39,117
Now since this was created
4514
02:56:39,117 --> 02:56:41,964
and broken we knew
we needed something
4515
02:56:42,000 --> 02:56:45,778
and what came in between
Advanced encryption standards
4516
02:56:45,778 --> 02:56:48,000
and this is triple
Des now triple
4517
02:56:48,000 --> 02:56:51,647
Des is Three times the strength
of this necessarily it's really
4518
02:56:51,647 --> 02:56:53,263
there's applied three times
4519
02:56:53,263 --> 02:56:56,600
and what I mean by that is
we take a plain text message,
4520
02:56:56,600 --> 02:56:57,376
then let's call
4521
02:56:57,376 --> 02:56:59,688
that P and we are going
to use a key called K
4522
02:56:59,688 --> 02:57:02,613
1 and we're going to use
that key to encrypt the message
4523
02:57:02,613 --> 02:57:05,059
and that's going to result
in the ciphertext one.
4524
02:57:05,059 --> 02:57:07,400
So we'll call that C1
now c 1 is the output
4525
02:57:07,400 --> 02:57:08,858
of the first round of encryption
4526
02:57:08,858 --> 02:57:11,000
and we're going to apply
a second key called key
4527
02:57:11,000 --> 02:57:13,093
to and with that second piggy.
4528
02:57:13,093 --> 02:57:17,000
We are going to go through
a decryption process on C1 now
4529
02:57:17,000 --> 02:57:18,600
since it's the wrong key we are.
4530
02:57:18,600 --> 02:57:21,332
Not going to get the plain text
out of the decryption process
4531
02:57:21,332 --> 02:57:22,240
on the other end.
4532
02:57:22,240 --> 02:57:24,595
We are going to get
another round of ciphertext
4533
02:57:24,595 --> 02:57:26,900
and we're going to call
that c 2 now with c 2.
4534
02:57:26,900 --> 02:57:29,100
We are going to apply
a third key and we are going
4535
02:57:29,100 --> 02:57:32,177
to call that K 3 and we're going
to encrypt ciphertext c 2
4536
02:57:32,177 --> 02:57:34,509
and that's going to result
in ciphertext C 3
4537
02:57:34,509 --> 02:57:37,600
so we have 3 different Keys
applied in two different ways.
4538
02:57:37,600 --> 02:57:41,926
So what Chi 1 Chi 3 we do around
of encryption with key to we do
4539
02:57:41,926 --> 02:57:43,300
around a decryption.
4540
02:57:43,300 --> 02:57:46,845
So it's basically an unencrypted
decrypt encrypted process
4541
02:57:46,845 --> 02:57:48,400
with three separate keys,
4542
02:57:48,400 --> 02:57:51,861
but It does really is
it doesn't really healed
4543
02:57:51,861 --> 02:57:53,353
a 168 bit key size
4544
02:57:53,353 --> 02:57:57,200
because ineffectiveness it's
basically 256-bit keys
4545
02:57:57,200 --> 02:57:59,200
that are being used to race it
4546
02:57:59,200 --> 02:58:01,300
whether it be
three different keys.
4547
02:58:01,300 --> 02:58:02,600
So ineffectiveness,
4548
02:58:02,600 --> 02:58:05,270
you could say
that it's the 168 bit key,
4549
02:58:05,270 --> 02:58:09,000
but it is not the same strength
because people realize
4550
02:58:09,000 --> 02:58:11,058
that triple Des
can be easily broken
4551
02:58:11,058 --> 02:58:12,475
because if this is broken,
4552
02:58:12,475 --> 02:58:15,200
you can do the same thing
with three different ways
4553
02:58:15,200 --> 02:58:17,084
whether whatever key
that you use
4554
02:58:17,084 --> 02:58:18,790
so it just takes longer time.
4555
02:58:18,790 --> 02:58:20,600
To decrypt if you
don't know the tree
4556
02:58:20,600 --> 02:58:22,900
and if you are just using
a Brute Force attack,
4557
02:58:22,900 --> 02:58:25,000
you know that triple
Des can be broken
4558
02:58:25,000 --> 02:58:26,500
if this can be broken.
4559
02:58:26,500 --> 02:58:30,800
So triple Des was literally
a stop gap between Des and AES
4560
02:58:30,800 --> 02:58:32,000
because people knew
4561
02:58:32,000 --> 02:58:35,200
that we needed something
more than triple des and for
4562
02:58:35,200 --> 02:58:36,100
this the NISD
4563
02:58:36,100 --> 02:58:38,100
or the National
Institute of Standards
4564
02:58:38,100 --> 02:58:40,100
and technology in 2001.
4565
02:58:40,100 --> 02:58:43,100
They chose a s as the algorithm
4566
02:58:43,100 --> 02:58:46,100
that is now called
Advanced encryption algorithm.
4567
02:58:46,100 --> 02:58:48,600
So it was originally called
the rijndael algorithm.
4568
02:58:49,100 --> 02:58:52,200
And the main thing
about the rijndael algorithm
4569
02:58:52,200 --> 02:58:54,500
and advanced encryption
standard algorithm.
4570
02:58:54,500 --> 02:58:55,712
Is that the rijndael
4571
02:58:55,712 --> 02:58:58,300
algorithm specifically
States in its papers
4572
02:58:58,300 --> 02:59:00,317
that it has available block size
4573
02:59:00,317 --> 02:59:03,070
and available key size
as long as they are
4574
02:59:03,070 --> 02:59:04,300
in multiples of 32.
4575
02:59:04,300 --> 02:59:07,200
So 32 6496 like that.
4576
02:59:07,200 --> 02:59:09,500
But what AES does differently is
4577
02:59:09,500 --> 02:59:11,100
that it gives you one block size
4578
02:59:11,100 --> 02:59:14,900
that is 128 bits and gives
you three different key sizes
4579
02:59:14,900 --> 02:59:17,900
that is 128 192 and 256.
4580
02:59:17,900 --> 02:59:20,321
So with AES three
different key lens,
4581
02:59:20,321 --> 02:59:21,600
but one block size.
4582
02:59:21,600 --> 02:59:26,441
Okay, so that was a little bit
more information on a yes this
4583
02:59:26,441 --> 02:59:27,517
and triple des
4584
02:59:27,600 --> 02:59:29,900
and we are going
to be using this information
4585
02:59:29,900 --> 02:59:32,800
in some subsequent lessons
Okay now moving on.
4586
02:59:32,800 --> 02:59:33,137
Okay.
4587
02:59:33,137 --> 02:59:36,487
So now that we've discussed
the different history of
4588
02:59:36,487 --> 02:59:40,100
cryptography and more important
cryptography algorithms.
4589
02:59:40,100 --> 02:59:42,400
Let's discuss the different
types of cryptography.
4590
02:59:42,400 --> 02:59:44,500
Now, the first type of
cryptography I'm going to talk
4591
02:59:44,500 --> 02:59:48,000
about is symmetric cryptography
and by symmetric cryptography,
4592
02:59:48,000 --> 02:59:51,000
I mean Key is the same
for encrypting or decrypting.
4593
02:59:51,000 --> 02:59:52,400
So I use the same key
4594
02:59:52,400 --> 02:59:55,800
whether I am encrypting the data
or decrypting data.
4595
02:59:55,800 --> 02:59:58,508
Well things about symmetric
key cryptography is
4596
02:59:58,508 --> 03:00:00,500
that the use a shorter
key length then
4597
03:00:00,500 --> 03:00:02,004
for asymmetric cryptography,
4598
03:00:02,004 --> 03:00:04,100
which I'll get into
a couple of minutes.
4599
03:00:04,100 --> 03:00:06,276
It's also faster
than a symmetric
4600
03:00:06,276 --> 03:00:09,200
and you can use algorithms
like d EAS or a s
4601
03:00:09,200 --> 03:00:12,500
as those are both symmetric
key cryptography algorithms
4602
03:00:12,500 --> 03:00:15,100
and you can use a utility
like a a script.
4603
03:00:15,100 --> 03:00:16,344
Let me just demonstrate
4604
03:00:16,344 --> 03:00:18,400
how a symmetric key
cryptography works.
4605
03:00:18,400 --> 03:00:21,600
So for this we can use
a tool called a a script.
4606
03:00:21,600 --> 03:00:24,992
So in a a script is
actually available for Linux
4607
03:00:24,992 --> 03:00:27,400
and Windows and Mac
all the systems.
4608
03:00:27,400 --> 03:00:28,400
So I'm using it
4609
03:00:28,400 --> 03:00:31,100
on the Windows one and I'm using
the console version.
4610
03:00:31,100 --> 03:00:32,700
So first of all,
4611
03:00:32,700 --> 03:00:35,600
I have a text file
called text or txt.
4612
03:00:35,600 --> 03:00:37,200
So let me just show that to you.
4613
03:00:37,200 --> 03:00:38,700
So we as you guys can see
4614
03:00:38,700 --> 03:00:42,600
I have this thing called text
up txt now to do text or txt.
4615
03:00:42,600 --> 03:00:45,900
All I let me just show
what x dot txt contains.
4616
03:00:45,900 --> 03:00:48,600
So as you guys can see
it has a sentence.
4617
03:00:48,600 --> 03:00:50,562
The quick brown fox jumped
over the lazy dog.
4618
03:00:50,562 --> 03:00:51,450
So that's the sentence
4619
03:00:51,450 --> 03:00:54,300
that has all the alphabets
in the English language rather.
4620
03:00:54,300 --> 03:00:56,810
So now we are going
to try and encrypt it
4621
03:00:56,810 --> 03:00:58,982
so we can use
something like a SIDS
4622
03:00:58,982 --> 03:01:00,259
because both of them
4623
03:01:00,259 --> 03:01:03,900
are symmetric key ciphers
symmetric key algorithms rather.
4624
03:01:03,900 --> 03:01:06,561
So we are using AES
in this case.
4625
03:01:06,561 --> 03:01:09,638
So what we're going
to do is say s script
4626
03:01:09,700 --> 03:01:10,887
I'm going to encrypt it
4627
03:01:10,887 --> 03:01:12,900
and we're going to give
you the password
4628
03:01:12,900 --> 03:01:15,400
of let's say Pokemon.
4629
03:01:15,400 --> 03:01:18,000
We're going to call it
Pokémon and regarding
4630
03:01:18,300 --> 03:01:20,500
do Do text Dot txt.
4631
03:01:20,500 --> 03:01:22,281
We're gonna encrypt that file.
4632
03:01:22,281 --> 03:01:24,300
So now we have
encrypted that file.
4633
03:01:24,300 --> 03:01:26,982
Let's go see we must
be having a new file.
4634
03:01:26,982 --> 03:01:29,600
So this is called text
or txt that a yes.
4635
03:01:29,600 --> 03:01:31,100
So that is our encrypted file.
4636
03:01:31,100 --> 03:01:34,405
And this is what we would
generally send over the network
4637
03:01:34,405 --> 03:01:36,300
if we are sending it to anybody.
4638
03:01:36,300 --> 03:01:38,739
So let's assume
the person who's received.
4639
03:01:38,739 --> 03:01:41,300
It also knows
our encryption algorithm.
4640
03:01:41,300 --> 03:01:43,535
I mean encryption
algorithm and the key
4641
03:01:43,535 --> 03:01:44,803
that goes along with it.
4642
03:01:44,803 --> 03:01:47,563
So let's try to decrypt it
now now before I decrypted,
4643
03:01:47,563 --> 03:01:50,373
let me just show you What
an encrypted message looks
4644
03:01:50,373 --> 03:01:51,200
like so this is
4645
03:01:51,200 --> 03:01:56,600
what the ciphertext look
like a snow text Dot txt.
4646
03:01:56,600 --> 03:01:57,900
The AES.
4647
03:01:57,900 --> 03:01:58,700
So yeah,
4648
03:01:58,700 --> 03:02:01,299
as you guys can see
the windows control control
4649
03:02:01,299 --> 03:02:02,300
you she'd everything
4650
03:02:02,300 --> 03:02:06,400
but if I were to go here I
will just go into the file
4651
03:02:06,500 --> 03:02:11,600
and just ever notepad
plus plus you'll see
4652
03:02:11,600 --> 03:02:13,900
that it's a bunch of crap.
4653
03:02:13,900 --> 03:02:17,616
You really can't make out
anything what is being made?
4654
03:02:17,616 --> 03:02:18,557
Here we come.
4655
03:02:18,557 --> 03:02:20,007
Really decipher much.
4656
03:02:20,007 --> 03:02:22,800
So that's the point
of using encryption.
4657
03:02:22,800 --> 03:02:24,600
Now if you were to decrypted,
4658
03:02:24,600 --> 03:02:27,800
all you have to do is
a script we turned the crib.
4659
03:02:27,800 --> 03:02:30,723
We're trying to give
the password is going to be
4660
03:02:30,723 --> 03:02:32,900
what was the password
Pokémon I'll K
4661
03:02:32,900 --> 03:02:37,700
so and we're going to try
and create text txt.
4662
03:02:37,700 --> 03:02:39,100
The AES.
4663
03:02:39,500 --> 03:02:41,300
Let's dir that again.
4664
03:02:41,800 --> 03:02:44,705
Okay, so that just the crypts
are message for us.
4665
03:02:44,705 --> 03:02:45,310
So this is
4666
03:02:45,310 --> 03:02:48,700
how you would use a script
for encryption and decryption.
4667
03:02:48,700 --> 03:02:50,400
So that just
description and that's
4668
03:02:50,400 --> 03:02:53,000
how you would use symmetric key
encryption to encrypt a file
4669
03:02:53,000 --> 03:02:54,653
for this example symmetric key
4670
03:02:54,653 --> 03:02:57,300
uses the either a stream
Cipher or a block Cipher
4671
03:02:57,300 --> 03:02:59,957
and the differences
between stream or block ciphers.
4672
03:02:59,957 --> 03:03:02,288
Is that block takes a block
of bits at a time
4673
03:03:02,288 --> 03:03:03,700
and it's a fixed length.
4674
03:03:03,700 --> 03:03:04,879
For example 64 bits
4675
03:03:04,879 --> 03:03:07,527
if I were to use
a block Cipher with 64 bits,
4676
03:03:07,527 --> 03:03:09,440
I would need to take him 64 bits
4677
03:03:09,440 --> 03:03:11,300
before I could
start encrypting now
4678
03:03:11,300 --> 03:03:12,637
if I didn't have 64 bits
4679
03:03:12,637 --> 03:03:15,200
to encrypt I would have
to fill it with padding
4680
03:03:15,200 --> 03:03:18,013
in order to get
up to 64 bits a stream Cipher
4681
03:03:18,013 --> 03:03:19,100
on the Other hand
4682
03:03:19,100 --> 03:03:20,800
it will encrypt a bit at a time.
4683
03:03:20,800 --> 03:03:22,886
So it doesn't matter
how many bits you've got.
4684
03:03:22,886 --> 03:03:24,680
You don't need
to have some multiple
4685
03:03:24,680 --> 03:03:27,500
of the block length in order
to encrypt without padding.
4686
03:03:27,500 --> 03:03:30,667
And another type of cryptography
is a symmetric now asymmetric
4687
03:03:30,667 --> 03:03:32,900
as you would expect users
to different keys.
4688
03:03:32,900 --> 03:03:35,400
And that's where we have
public key and private key
4689
03:03:35,500 --> 03:03:38,500
a symmetric key cryptography
uses a longer Keelan
4690
03:03:38,500 --> 03:03:40,208
and also has more computation
4691
03:03:40,208 --> 03:03:42,267
and the encryption
process is slower
4692
03:03:42,267 --> 03:03:43,970
with a symmetric key encryption
4693
03:03:43,970 --> 03:03:45,400
and the encryption process
4694
03:03:45,400 --> 03:03:48,047
is slower than with
a symmetric key encryption
4695
03:03:48,047 --> 03:03:50,855
while the For symmetric key is
for signing documents
4696
03:03:50,855 --> 03:03:52,066
or emails for example,
4697
03:03:52,066 --> 03:03:54,600
but I would have
the private key sign something
4698
03:03:54,600 --> 03:03:57,800
and the public key would be used
to verify a signature
4699
03:03:57,800 --> 03:03:58,784
and another reason
4700
03:03:58,784 --> 03:04:01,317
for using a symmetric key
encryption is to ensure
4701
03:04:01,317 --> 03:04:03,400
that you got it from
who actually sent it
4702
03:04:03,400 --> 03:04:04,771
since you've got two keys.
4703
03:04:04,771 --> 03:04:07,511
You always knew who
the other end of the equation is
4704
03:04:07,511 --> 03:04:10,100
where it's symmetric
key senses just one key.
4705
03:04:10,100 --> 03:04:12,343
If you can intercept
the key you can decrypt
4706
03:04:12,343 --> 03:04:13,700
and also encrypt messages.
4707
03:04:13,700 --> 03:04:16,477
And so if somebody can figure
out the key you can break
4708
03:04:16,477 --> 03:04:18,689
into a communication
stream using symmetric.
4709
03:04:18,689 --> 03:04:20,929
Turkey and scription
so asymmetric gives you
4710
03:04:20,929 --> 03:04:22,434
the advantage of ensuring
4711
03:04:22,434 --> 03:04:25,788
that the other end is who
the other end says and they are
4712
03:04:25,788 --> 03:04:29,199
since they're the only ones
who should have the private key
4713
03:04:29,199 --> 03:04:31,900
and in this particular
instance in practice.
4714
03:04:31,900 --> 03:04:34,900
However, however hybrid
encryption models tend
4715
03:04:34,900 --> 03:04:36,300
to be used and that's
4716
03:04:36,300 --> 03:04:37,400
where you would use
4717
03:04:37,400 --> 03:04:40,700
a symmetric encryption to
encrypt asymmetric session keys.
4718
03:04:40,700 --> 03:04:43,297
So basically you
encrypt the message
4719
03:04:43,297 --> 03:04:47,113
that you are sending using
symmetric key encryption
4720
03:04:47,113 --> 03:04:47,908
and then you
4721
03:04:47,908 --> 03:04:49,300
when Changing the key
4722
03:04:49,300 --> 03:04:52,700
with somebody else you use
a symmetric key encryption.
4723
03:04:52,700 --> 03:04:54,599
So this is going to be
a slower process.
4724
03:04:54,599 --> 03:04:57,220
You probably won't want
to use it for a smaller files
4725
03:04:57,220 --> 03:04:58,227
in order to do that.
4726
03:04:58,227 --> 03:05:01,100
Fortunately the file example
that I have is a smaller one.
4727
03:05:01,100 --> 03:05:04,236
So I'm going to try
and generate a key right now.
4728
03:05:04,236 --> 03:05:07,700
So for this we have to head over
to our Ubuntu system.
4729
03:05:07,900 --> 03:05:09,100
So let's see.
4730
03:05:09,200 --> 03:05:12,500
Let me show you how public
key encryption actually works
4731
03:05:12,600 --> 03:05:15,184
and we are going
to first create a key.
4732
03:05:15,184 --> 03:05:17,700
So let me just clear
this out for you.
4733
03:05:17,700 --> 03:05:18,680
First of all.
4734
03:05:18,680 --> 03:05:22,600
Let's create a file and
let's call that text Dot txt.
4735
03:05:22,821 --> 03:05:23,621
Now.
4736
03:05:23,621 --> 03:05:28,382
If you see we are going to edit
text or txt to have some file.
4737
03:05:28,382 --> 03:05:30,215
So have some text in it.
4738
03:05:30,215 --> 03:05:33,500
So there seems to be
a warning with the GDK.
4739
03:05:33,600 --> 03:05:36,100
I'll just use Echo instead.
4740
03:05:38,200 --> 03:05:41,400
So now let's see
if that is in our file.
4741
03:05:42,100 --> 03:05:42,400
Okay.
4742
03:05:42,400 --> 03:05:45,392
So let me just show you
how a symmetric key encryption
4743
03:05:45,392 --> 03:05:47,200
or public key
cryptography works.
4744
03:05:47,200 --> 03:05:49,200
So first of all,
we need a text file.
4745
03:05:49,200 --> 03:05:51,600
So let me see do we
have a text file?
4746
03:05:51,600 --> 03:05:54,059
So there seems to be
a text Dot txt.
4747
03:05:54,059 --> 03:05:56,800
So let's see what
this text Dot txt says
4748
03:05:56,800 --> 03:05:59,641
so it says that this is
a random text file.
4749
03:05:59,641 --> 03:06:01,356
Now, what we want to do is
4750
03:06:01,356 --> 03:06:03,822
we want to create
a public key first,
4751
03:06:03,822 --> 03:06:06,700
so I'm going to use
openssl for doing this.
4752
03:06:06,700 --> 03:06:08,200
This so we go openssl
4753
03:06:08,200 --> 03:06:09,861
and we are going to use it
4754
03:06:09,861 --> 03:06:12,800
with our say so we're trying
to generate a key.
4755
03:06:12,800 --> 03:06:16,800
So generous e and we're going
to use this tree to use this
4756
03:06:16,800 --> 03:06:20,720
and we're going to Output it
into file called private key.
4757
03:06:20,720 --> 03:06:23,869
So we are also going
to be using a 4 0 9 6 bit.
4758
03:06:23,869 --> 03:06:26,513
So this is going
to be our private key.
4759
03:06:26,513 --> 03:06:30,200
So this will create a private
key using RSA algorithm.
4760
03:06:30,200 --> 03:06:32,200
So let it work its way out.
4761
03:06:32,200 --> 03:06:33,400
So first of all,
4762
03:06:33,400 --> 03:06:35,674
it's asking me
for the past three days now,
4763
03:06:35,674 --> 03:06:38,517
so since You can protect
your keys with the passphrase.
4764
03:06:38,517 --> 03:06:40,400
So I'm just going
to use my name.
4765
03:06:40,400 --> 03:06:41,000
Okay.
4766
03:06:41,000 --> 03:06:42,300
So now we see
4767
03:06:42,300 --> 03:06:46,100
if we LS and we have
a private key, I guess.
4768
03:06:46,100 --> 03:06:46,876
Yep.
4769
03:06:46,876 --> 03:06:48,300
So we have this private key.
4770
03:06:48,300 --> 03:06:48,800
Now.
4771
03:06:48,800 --> 03:06:50,500
We're using this private key.
4772
03:06:50,500 --> 03:06:53,010
We are going to generate
a public key.
4773
03:06:53,010 --> 03:06:56,200
So for this I'm again
going to be using open SSL
4774
03:06:56,300 --> 03:06:58,400
and open SSL is unix-based.
4775
03:06:58,400 --> 03:07:00,600
So you will need a Unix system.
4776
03:07:00,600 --> 03:07:02,300
So you go are say utl.
4777
03:07:02,300 --> 03:07:03,632
That's RC utility.
4778
03:07:03,632 --> 03:07:06,000
And what we want
to do is encrypt
4779
03:07:06,500 --> 03:07:08,500
and we want the public key
4780
03:07:08,500 --> 03:07:12,230
in and key and we want
to use the public key
4781
03:07:12,230 --> 03:07:14,000
that we just generated.
4782
03:07:14,000 --> 03:07:14,900
I'm sorry guys.
4783
03:07:14,900 --> 03:07:17,500
So we are going
to be using Odyssey.
4784
03:07:17,500 --> 03:07:18,592
So first of all,
4785
03:07:18,592 --> 03:07:20,800
we need to generate
a public key.
4786
03:07:20,800 --> 03:07:23,300
So for that we use
the private key.
4787
03:07:23,300 --> 03:07:26,700
So we will give the private
key as an argument
4788
03:07:26,700 --> 03:07:27,870
after the in flag.
4789
03:07:27,870 --> 03:07:31,566
So private key and we are trying
to get out a public key.
4790
03:07:31,566 --> 03:07:34,800
So pop out and we're going
to call public dot key.
4791
03:07:34,800 --> 03:07:39,500
Okay, so there seems to be Okay.
4792
03:07:39,900 --> 03:07:43,700
I messed it up a little I
forgot to give the output
4793
03:07:43,873 --> 03:07:47,026
so you go out and then
you use public key.
4794
03:07:47,580 --> 03:07:50,119
So it's asking me
for a passphrase
4795
03:07:50,600 --> 03:07:52,800
and now it's writing
the are sticky and
4796
03:07:52,800 --> 03:07:54,434
since the password was correct.
4797
03:07:54,434 --> 03:07:55,963
We have a public key to so
4798
03:07:55,963 --> 03:07:58,800
if you see now we have
a public key and a private key.
4799
03:07:58,800 --> 03:08:03,285
So we are going to encrypt
our file using the public key.
4800
03:08:03,400 --> 03:08:08,300
So we go openssl
and we go RS a utl.
4801
03:08:08,700 --> 03:08:13,800
And we go and crypt
and we can do pump in.
4802
03:08:14,600 --> 03:08:17,300
So we are going
to use the public key
4803
03:08:18,000 --> 03:08:20,946
and we want to put
the text at the XT
4804
03:08:20,946 --> 03:08:23,100
as the file to be encrypted.
4805
03:08:23,100 --> 03:08:24,500
So text Dot txt.
4806
03:08:24,600 --> 03:08:28,100
And what we want to Output
is an encrypted file.
4807
03:08:28,100 --> 03:08:29,900
So encrypted Dot txt.
4808
03:08:33,100 --> 03:08:38,000
Okay, I call it open SL L
need to go and edit that out.
4809
03:08:38,600 --> 03:08:41,300
Yeah, so that makes
it a correct command
4810
03:08:41,300 --> 03:08:43,900
and now we have
an encrypted file.
4811
03:08:43,900 --> 03:08:47,646
So let's see Alice and yep
encrypted dot txt.
4812
03:08:47,646 --> 03:08:49,800
So if you just cut that out,
4813
03:08:50,000 --> 03:08:51,600
so we see it's
a bunch of garbage
4814
03:08:51,600 --> 03:08:53,400
and we really can't read it
4815
03:08:53,400 --> 03:08:57,076
unless we decrypt it so
or decrypting the key.
4816
03:08:57,076 --> 03:09:00,000
All we have to do
is again use openssl.
4817
03:09:00,000 --> 03:09:02,846
Let's clear this out
first so openssl.
4818
03:09:03,200 --> 03:09:06,700
And we are going to be using
the RC utility again.
4819
03:09:06,700 --> 03:09:07,700
So RSA utl.
4820
03:09:07,700 --> 03:09:09,200
We're going to
decrypt this time.
4821
03:09:09,200 --> 03:09:11,200
So we go with the decrypt flag
4822
03:09:11,200 --> 03:09:14,200
and then we are going
to be giving the inky
4823
03:09:14,200 --> 03:09:16,100
and that is going
to be the private key
4824
03:09:16,600 --> 03:09:22,200
and what we want to decrypt
is encrypted the txt.
4825
03:09:22,900 --> 03:09:29,700
And what we want output it is
as let's say plain text txt.
4826
03:09:30,200 --> 03:09:32,200
So it's going to ask me
for my past rays,
4827
03:09:32,200 --> 03:09:32,961
which is mine.
4828
03:09:32,961 --> 03:09:35,300
Name and I've entered
the passphrase and now
4829
03:09:35,300 --> 03:09:37,000
we have a plain text Dot txt.
4830
03:09:37,100 --> 03:09:37,600
Now.
4831
03:09:37,800 --> 03:09:40,500
If we are to go and LS we see
4832
03:09:40,500 --> 03:09:43,100
that we have a plain
text txt out here just
4833
03:09:43,100 --> 03:09:44,765
with light info dot txt.
4834
03:09:44,765 --> 03:09:46,500
Let me just cut that out.
4835
03:09:46,500 --> 03:09:49,600
So plain text D XD.
4836
03:09:50,000 --> 03:09:51,500
So this is a random text file.
4837
03:09:51,500 --> 03:09:53,100
And if you go up we see
4838
03:09:53,100 --> 03:09:55,900
that it was a bunch
of garbage and before that.
4839
03:09:55,900 --> 03:09:57,672
It was a random text file.
4840
03:09:57,672 --> 03:10:00,400
Now, you can also run
this command called
4841
03:10:00,400 --> 03:10:05,600
if plain text Dot Txt text txt.
4842
03:10:05,600 --> 03:10:08,100
So this give you a difference
in the text rings.
4843
03:10:08,100 --> 03:10:10,600
So it's zero so it gives you
that's the difference.
4844
03:10:10,900 --> 03:10:12,500
So both files are the same
4845
03:10:12,500 --> 03:10:15,100
and that's how public
key cryptography works
4846
03:10:15,100 --> 03:10:17,900
and how symmetric
key cryptography works.
4847
03:10:18,000 --> 03:10:18,328
Okay.
4848
03:10:18,328 --> 03:10:20,368
Now moving ahead
of cryptography.
4849
03:10:20,368 --> 03:10:22,200
Let's talk about certificates.
4850
03:10:22,200 --> 03:10:22,400
Okay.
4851
03:10:22,400 --> 03:10:24,400
So now that we're done
with cryptography.
4852
03:10:24,400 --> 03:10:26,400
Let's talk about
digital certificates.
4853
03:10:26,400 --> 03:10:28,400
So what is
a digital certificate?
4854
03:10:28,400 --> 03:10:31,300
Well, a digital certificate
is an electronic password
4855
03:10:31,300 --> 03:10:33,974
that allows a person
or can ization to exchange
4856
03:10:33,974 --> 03:10:37,500
data securely over the internet
using public key infrastructure.
4857
03:10:37,500 --> 03:10:38,794
So digital certificate
4858
03:10:38,794 --> 03:10:41,149
is also known as
a public key certificate
4859
03:10:41,149 --> 03:10:44,796
or an identity certificate now
digital certificates are a means
4860
03:10:44,796 --> 03:10:45,800
by which consumers
4861
03:10:45,800 --> 03:10:48,700
and businesses can utilize
the Security application
4862
03:10:48,700 --> 03:10:50,400
of public key
infrastructure public
4863
03:10:50,400 --> 03:10:53,500
key infrastructure comprises
of the technology to enable
4864
03:10:53,500 --> 03:10:56,880
and secure e-commerce and
internet based communication.
4865
03:10:56,880 --> 03:11:00,700
So what kind of security does
a certificate provide so firstly
4866
03:11:00,700 --> 03:11:02,100
it provides identification
4867
03:11:02,100 --> 03:11:04,400
and Authentication Asian
the person or entities
4868
03:11:04,400 --> 03:11:07,562
with whom we are communicating
I really who they say they are
4869
03:11:07,562 --> 03:11:09,400
so that is
proved by certificates.
4870
03:11:09,400 --> 03:11:13,047
So then we have confidentiality
of information within a message
4871
03:11:13,047 --> 03:11:15,000
or transaction is
kept confidential.
4872
03:11:15,000 --> 03:11:16,034
It may only be read
4873
03:11:16,034 --> 03:11:17,959
and understood by
the intended sender.
4874
03:11:17,959 --> 03:11:20,300
Then there's Integrity
there's non-repudiation
4875
03:11:20,300 --> 03:11:22,400
the center cannot deny
sending the message
4876
03:11:22,400 --> 03:11:25,769
or transaction the receiver
really get to non-repudiation
4877
03:11:25,769 --> 03:11:26,727
and I'll explain
4878
03:11:26,727 --> 03:11:29,800
how non-repudiation comes
into digital certificates.
4879
03:11:29,800 --> 03:11:32,319
So digital certificates
are actually issued
4880
03:11:32,319 --> 03:11:34,300
by By authorities
who are business
4881
03:11:34,300 --> 03:11:37,476
who make it their business to
actually certify certify people
4882
03:11:37,476 --> 03:11:40,300
and their organization
with digital certificates.
4883
03:11:40,300 --> 03:11:43,000
Now, you can see these
on Google Chrome now,
4884
03:11:43,000 --> 03:11:44,900
let me just open
Chrome for you guys
4885
03:11:44,900 --> 03:11:46,300
and you can see it out here.
4886
03:11:46,300 --> 03:11:47,800
You can see certificates
4887
03:11:47,800 --> 03:11:50,848
and you can go into the issue
of statements and you can go
4888
03:11:50,848 --> 03:11:52,142
and all sorts of stuff
4889
03:11:52,142 --> 03:11:54,836
so you can see it's issued
by encrypt Authority X3.
4890
03:11:54,836 --> 03:11:57,800
So that's an issuing authority
for digital certificates.
4891
03:11:57,800 --> 03:12:00,400
Now that was all about
the theory of certificates.
4892
03:12:00,400 --> 03:12:02,800
Let's go and see
how you can create one.
4893
03:12:02,800 --> 03:12:05,100
Go to create
a digital certificate.
4894
03:12:05,100 --> 03:12:08,715
We are going to be using
the openssl tool again.
4895
03:12:09,800 --> 03:12:10,785
So first of all,
4896
03:12:10,785 --> 03:12:13,434
let me show you
how to create a certificate.
4897
03:12:13,434 --> 03:12:16,700
So we are going to be using
the openssl tool for that.
4898
03:12:16,700 --> 03:12:19,000
So first of all,
let me clear the screen out.
4899
03:12:19,000 --> 03:12:21,200
So in this case, I'm going
to generate a certificate
4900
03:12:21,200 --> 03:12:22,300
Authority certificate.
4901
03:12:22,300 --> 03:12:24,400
So I'm doing an artistic
key here to use
4902
03:12:24,400 --> 03:12:25,700
inside the certificate.
4903
03:12:25,700 --> 03:12:26,659
So first of all,
4904
03:12:26,659 --> 03:12:28,688
I need to generate
a private key.
4905
03:12:28,688 --> 03:12:30,400
So to do that as I had just
4906
03:12:30,400 --> 03:12:34,500
showed you guys we can use
the openssl tool ego openssl
4907
03:12:34,600 --> 03:12:37,400
and Jen are say and we're going
4908
03:12:37,400 --> 03:12:42,600
to use test three then
Ouches and let's call it c
4909
03:12:42,600 --> 03:12:45,292
a DOT key and we're
going to use 4 0
4910
03:12:45,292 --> 03:12:48,600
9 6 this so I'm doing
an RSA key here to use
4911
03:12:48,600 --> 03:12:51,050
inside the certificate
some generating private key and
4912
03:12:51,050 --> 03:12:53,600
the private key is used as
a part of the certificate
4913
03:12:53,600 --> 03:12:56,200
and there's a public key
associated with the certificate.
4914
03:12:56,200 --> 03:12:57,600
So you've got public and private
4915
03:12:57,600 --> 03:12:59,900
key and data gets encrypted
with the public key
4916
03:12:59,900 --> 03:13:02,343
and then gets decrypted
with the private key.
4917
03:13:02,343 --> 03:13:04,948
So they are mathematically
linked that the public
4918
03:13:04,948 --> 03:13:05,719
and private key
4919
03:13:05,719 --> 03:13:08,600
because you need one for the end
of the communication the
4920
03:13:08,600 --> 03:13:11,400
and the other for the the other
end of the communication
4921
03:13:11,400 --> 03:13:13,663
and they have to be linked
so that the data
4922
03:13:13,663 --> 03:13:14,781
that gets encrypted
4923
03:13:14,781 --> 03:13:17,700
with one key catch
to be decrypted with other key.
4924
03:13:17,700 --> 03:13:19,700
So this is asking
for a passphrase
4925
03:13:19,700 --> 03:13:22,000
and so I'm going to be giving
4926
03:13:22,000 --> 03:13:26,599
my name as a passphrase so that
has generated the key for us.
4927
03:13:26,600 --> 03:13:29,600
So now I'm going to generate
the certificate itself.
4928
03:13:29,600 --> 03:13:32,600
So I'm going to be using
the openssl utility.
4929
03:13:32,600 --> 03:13:37,100
So first of all,
you say openssl nice a request,
4930
03:13:37,100 --> 03:13:38,900
so it will be a new request
4931
03:13:38,900 --> 03:13:42,500
and it's going to be
An x.509 request it's going
4932
03:13:42,500 --> 03:13:44,700
to be valid for 365 days.
4933
03:13:45,500 --> 03:13:49,500
And let's see the key
is going to be see a DOT key
4934
03:13:49,907 --> 03:13:52,600
and we're going
to Output it into CA
4935
03:13:52,600 --> 03:13:55,300
or let's call it at Eureka dot
4936
03:13:55,300 --> 03:13:59,600
c r t so this is certificate
that I'm producing in the name
4937
03:13:59,600 --> 03:14:01,475
of the company that
I'm working for.
4938
03:14:01,475 --> 03:14:02,600
So that is at Eureka.
4939
03:14:02,600 --> 03:14:05,494
So it says it's unable
to load the private key.
4940
03:14:05,494 --> 03:14:08,400
Let me just see
as the private key existing.
4941
03:14:08,600 --> 03:14:09,500
I had a previous.
4942
03:14:09,500 --> 03:14:10,154
Private key.
4943
03:14:10,154 --> 03:14:11,300
So let me just remove
4944
03:14:11,300 --> 03:14:14,014
that doesn't have
a see a DOT key seems
4945
03:14:14,014 --> 03:14:16,300
like I put the name differently.
4946
03:14:16,600 --> 03:14:19,900
So let me just try
that again openssl
4947
03:14:20,600 --> 03:14:23,287
and we do request
4948
03:14:23,287 --> 03:14:24,825
so we are requesting
4949
03:14:25,200 --> 03:14:29,000
new certificate and
it's going to be x509
4950
03:14:30,700 --> 03:14:41,200
and it's going to be there
for 365 days and key is He
4951
03:14:41,200 --> 03:14:43,300
apparently that's
where it's cold out here.
4952
03:14:43,300 --> 03:14:48,600
So and it's going to be out
into Eddie record CRT.
4953
03:14:48,700 --> 03:14:51,700
That's another so
let's enter the past three.
4954
03:14:51,700 --> 03:14:53,107
So it's my name.
4955
03:14:53,200 --> 03:14:55,500
So now it's going to ask
me a bunch of information
4956
03:14:55,500 --> 03:14:57,400
that's going to be
inside the certificate.
4957
03:14:57,400 --> 03:14:59,766
So let's say it's asking
the country name
4958
03:14:59,766 --> 03:15:01,600
against let's put in the state.
4959
03:15:02,200 --> 03:15:02,700
Okay.
4960
03:15:02,700 --> 03:15:05,700
So iin State Province
named some states.
4961
03:15:05,700 --> 03:15:08,500
So Bangalore look ality.
4962
03:15:08,500 --> 03:15:12,400
Let's say white Field
organization name is Eddie.
4963
03:15:12,400 --> 03:15:16,400
Rekha unit name brain
Force common name.
4964
03:15:16,400 --> 03:15:18,560
Let's leave that
out email address.
4965
03:15:18,560 --> 03:15:22,200
Let's leave that out too,
and we have a certificate.
4966
03:15:22,200 --> 03:15:24,824
So if you go and list
all your files,
4967
03:15:24,824 --> 03:15:28,915
you'll see that there is
a certificate called any record
4968
03:15:28,915 --> 03:15:30,052
or CRT out here,
4969
03:15:30,052 --> 03:15:31,400
which is highlighted.
4970
03:15:31,400 --> 03:15:32,100
Okay.
4971
03:15:32,100 --> 03:15:34,800
So now if you want
to view this file,
4972
03:15:34,800 --> 03:15:39,700
you could always use the openssl
you can always use the openssl.
4973
03:15:39,700 --> 03:15:43,800
Utility, so you say you want to
read an extra five nine request
4974
03:15:43,800 --> 03:15:45,300
and you wanted to text
4975
03:15:45,400 --> 03:15:49,600
and what you want
to see is at Eureka CRT.
4976
03:15:50,300 --> 03:15:52,761
Okay, so that
is the certificate.
4977
03:15:52,761 --> 03:15:53,800
So you see
4978
03:15:53,800 --> 03:15:57,279
that it has all the signature
it has signature algorithm.
4979
03:15:57,279 --> 03:16:00,200
It has all the information
about the certificate
4980
03:16:00,300 --> 03:16:04,500
and it says signature issuer is
cin and state Bangalore
4981
03:16:04,500 --> 03:16:06,227
and location right field.
4982
03:16:06,227 --> 03:16:08,300
I wreck up reinforce velocity.
4983
03:16:08,300 --> 03:16:09,900
It has all sorts of information.
4984
03:16:09,900 --> 03:16:11,000
Nation so that was all
4985
03:16:11,000 --> 03:16:14,600
about digital certificates how
who issues digital certificates?
4986
03:16:14,600 --> 03:16:15,906
Where are they useful?
4987
03:16:15,906 --> 03:16:18,100
So this is
basically non-repudiation.
4988
03:16:18,100 --> 03:16:20,900
So nobody can say
with this certificate that
4989
03:16:20,900 --> 03:16:24,881
if this certificate is included
in some sort of website
4990
03:16:24,881 --> 03:16:28,300
and that website tends
to be samples malicious
4991
03:16:28,300 --> 03:16:30,600
and there's a complaint
now the website can go
4992
03:16:30,600 --> 03:16:33,200
to a court of law and say
they didn't know about this
4993
03:16:33,200 --> 03:16:34,369
because the certificate
4994
03:16:34,369 --> 03:16:36,523
that was included had
their private key and
4995
03:16:36,523 --> 03:16:39,378
private key was only supposed
to be known to the company
4996
03:16:39,378 --> 03:16:41,605
so that Non-repudiation
you just don't deny
4997
03:16:41,605 --> 03:16:42,900
that you didn't do it.
4998
03:16:42,900 --> 03:16:46,200
Okay, so that was all
about certificate not moving on.
4999
03:16:46,200 --> 03:16:46,500
Okay.
5000
03:16:46,500 --> 03:16:48,465
So moving on we're
going to be talking
5001
03:16:48,465 --> 03:16:49,900
about cryptography caching.
5002
03:16:50,000 --> 03:16:52,269
And while the word
cryptography is in
5003
03:16:52,269 --> 03:16:55,800
the term cryptography caching
and it does lead to believe
5004
03:16:55,800 --> 03:16:57,250
that there is encryption Vault.
5005
03:16:57,250 --> 03:17:00,000
There is no encryption involved
in a cryptographic hash.
5006
03:17:00,000 --> 03:17:02,200
There is a significant
difference between hashing
5007
03:17:02,200 --> 03:17:04,500
and any sort of encryption
and that is primarily
5008
03:17:04,500 --> 03:17:06,558
that encryption is
a two-way process
5009
03:17:06,558 --> 03:17:09,591
when I encrypt a piece of data
or a file or anything else.
5010
03:17:09,591 --> 03:17:11,885
So what I'm doing
is putting it into a state
5011
03:17:11,885 --> 03:17:14,776
where I expect it to be able
to get it back out again,
5012
03:17:14,776 --> 03:17:15,600
in other words
5013
03:17:15,600 --> 03:17:18,057
when I interrupt a file
expect it to be able
5014
03:17:18,057 --> 03:17:19,524
to decrypt the file and get
5015
03:17:19,524 --> 03:17:21,100
the original contents hashing
5016
03:17:21,100 --> 03:17:23,100
is a one-way function
on the other hand.
5017
03:17:23,100 --> 03:17:26,382
Once I've hashed piece of data
or file there is no expectation
5018
03:17:26,382 --> 03:17:28,500
and ability to get
the original piece
5019
03:17:28,500 --> 03:17:31,700
of data back hashing
generates a fixed length value
5020
03:17:31,700 --> 03:17:32,600
and different types
5021
03:17:32,600 --> 03:17:35,000
of hashing will generate
different length values.
5022
03:17:35,000 --> 03:17:38,294
For example, md5 will generate
a different length value
5023
03:17:38,294 --> 03:17:41,100
than sha-1 And they're
both hashing algorithms,
5024
03:17:41,100 --> 03:17:43,256
but they generate
different length values
5025
03:17:43,256 --> 03:17:45,573
and the resulting value
from a hash function
5026
03:17:45,573 --> 03:17:48,700
should be no relation at all
to the original piece of data.
5027
03:17:48,700 --> 03:17:49,700
As a matter of fact,
5028
03:17:49,900 --> 03:17:51,800
if two inputs generate
the same hash value
5029
03:17:51,800 --> 03:17:54,300
it's called the collision and
if you can generate collisions,
5030
03:17:54,300 --> 03:17:55,800
you may be able to get a point
5031
03:17:55,800 --> 03:17:57,650
where you can generate
a piece of data
5032
03:17:57,650 --> 03:17:59,700
that are going to generate
the same hash values
5033
03:17:59,700 --> 03:18:02,250
and that leads you to
the potential ability to break
5034
03:18:02,250 --> 03:18:03,700
the particular hashing algorithm
5035
03:18:03,700 --> 03:18:04,800
that you're using.
5036
03:18:04,800 --> 03:18:06,391
So what we can use hash is
5037
03:18:06,391 --> 03:18:09,553
for well one thing we can use
hashes for file in text.
5038
03:18:09,553 --> 03:18:10,647
T we can run a hash
5039
03:18:10,647 --> 03:18:13,000
on a file and get
a value back and later.
5040
03:18:13,000 --> 03:18:13,600
We can check
5041
03:18:13,600 --> 03:18:15,657
that the value make sure
if it's the same
5042
03:18:15,657 --> 03:18:17,200
if it's the same I can be sure
5043
03:18:17,200 --> 03:18:19,815
that the same file was hashed
in both instances.
5044
03:18:19,815 --> 03:18:22,932
So let me just show you
an example of what I just said
5045
03:18:22,932 --> 03:18:24,800
that if we Hash
a file we will get
5046
03:18:24,800 --> 03:18:27,862
the same hash every time so
remember the certificate
5047
03:18:27,862 --> 03:18:29,112
that we just created.
5048
03:18:29,112 --> 03:18:30,600
Let me just log in again.
5049
03:18:30,600 --> 03:18:31,700
So we are going
5050
03:18:31,700 --> 03:18:35,735
to Hash this certificate and it
will create a certain hash
5051
03:18:35,735 --> 03:18:37,281
and we are going to see
5052
03:18:37,281 --> 03:18:39,514
that every time
we hash it we are.
5053
03:18:39,514 --> 03:18:40,800
Being the same hash
5054
03:18:40,800 --> 03:18:44,793
so we can use this command
called md5sum and we can do
5055
03:18:44,793 --> 03:18:46,300
Eddie record or CRT.
5056
03:18:46,300 --> 03:18:48,200
So this is the harsh produced
5057
03:18:48,200 --> 03:18:51,100
after you've hatched
at your record or CRT.
5058
03:18:51,100 --> 03:18:53,800
So if I do an md5 again,
5059
03:18:53,900 --> 03:18:55,886
so md5 is a hashing algorithm
5060
03:18:55,886 --> 03:18:58,900
that you should move so
at your record or CRT
5061
03:18:58,900 --> 03:19:00,111
and it will produce
5062
03:19:00,111 --> 03:19:03,300
very similar has let's see
a sha-1 works like this.
5063
03:19:03,300 --> 03:19:05,700
So sha-1 and you record or CRT?
5064
03:19:05,800 --> 03:19:06,765
Okay, Xiao Chuan
5065
03:19:06,765 --> 03:19:09,600
is sha the shuffle
in the shower you tools back?
5066
03:19:09,600 --> 03:19:10,000
Courage.
5067
03:19:10,000 --> 03:19:12,600
Okay, so I proved
my point that but md5
5068
03:19:12,600 --> 03:19:14,900
if it is cryptography
hashing algorithm.
5069
03:19:14,900 --> 03:19:16,668
We are getting
the same hash back.
5070
03:19:16,668 --> 03:19:19,058
So if you are able
to produce the same hash
5071
03:19:19,058 --> 03:19:22,000
that means you have broken
the algorithm in itself.
5072
03:19:22,000 --> 03:19:23,900
So if you run md5 on the knocks,
5073
03:19:23,900 --> 03:19:27,000
you can get a version
of md5 and md5 summation program
5074
03:19:27,000 --> 03:19:28,300
on Windows and Mac OS
5075
03:19:28,300 --> 03:19:31,300
where with the utility
md5 is does the same thing.
5076
03:19:31,300 --> 03:19:34,300
So I just showed you
the file and I hashed it
5077
03:19:34,300 --> 03:19:37,980
and another reason we use
hashing is we are storing
5078
03:19:37,980 --> 03:19:39,600
passwords so password.
5079
03:19:39,600 --> 03:19:41,923
Stored after hashing,
we hashed passwords.
5080
03:19:41,923 --> 03:19:44,100
And the reason
for hashing password is
5081
03:19:44,100 --> 03:19:46,700
so you're not storing
the password in clear text
5082
03:19:46,700 --> 03:19:48,220
which would be easily seen in
5083
03:19:48,220 --> 03:19:50,285
if you got it protected
with low emissions
5084
03:19:50,285 --> 03:19:52,900
if I hashed password
every time I hash the password,
5085
03:19:52,900 --> 03:19:55,900
I'm going to get the same value
back from the same algorithm.
5086
03:19:55,900 --> 03:19:57,813
So what I do is store
the hash and some sort
5087
03:19:57,813 --> 03:20:00,413
of password database
since it's a one-way function.
5088
03:20:00,413 --> 03:20:02,957
You can't get the password
back directly from the hash.
5089
03:20:02,957 --> 03:20:04,700
Now what you can do
with most password
5090
03:20:04,700 --> 03:20:06,958
cracking programs do
some variation of this
5091
03:20:06,958 --> 03:20:09,672
and you just generate hashes
against list of words.
5092
03:20:09,672 --> 03:20:11,260
If you look at a hash value
5093
03:20:11,260 --> 03:20:13,035
that matches the one
in the password
5094
03:20:13,035 --> 03:20:14,100
once you get the hash
5095
03:20:14,100 --> 03:20:16,400
that matches the one
in the password, you know,
5096
03:20:16,400 --> 03:20:17,500
what password is there
5097
03:20:17,500 --> 03:20:20,000
and here and we come back
to the idea of collisions
5098
03:20:20,000 --> 03:20:21,700
if I can take
two different strings
5099
03:20:21,700 --> 03:20:23,615
of characters and get
the same values back
5100
03:20:23,615 --> 03:20:25,258
and it's easier
to crack the password
5101
03:20:25,258 --> 03:20:27,987
because I mean not necessarily
get the password with the hash
5102
03:20:27,987 --> 03:20:30,588
that I get back from particular
string of data is the same
5103
03:20:30,588 --> 03:20:32,588
as that I get from
the original password,
5104
03:20:32,588 --> 03:20:34,721
then it doesn't matter
whether I know the password
5105
03:20:34,721 --> 03:20:35,750
because the string of data
5106
03:20:35,750 --> 03:20:38,400
that I put in is going
to generate the same hash value
5107
03:20:38,400 --> 03:20:41,300
that you're going to compare
when Login and this hash value
5108
03:20:41,300 --> 03:20:42,374
will just give you
5109
03:20:42,374 --> 03:20:44,968
that as valid and you
will be able to login.
5110
03:20:44,968 --> 03:20:47,200
So suppose the password
that you chose
5111
03:20:47,200 --> 03:20:49,200
while making your account is dog
5112
03:20:49,200 --> 03:20:52,300
and the dog word
produces this hash value
5113
03:20:52,400 --> 03:20:56,100
and if I were to like hash cat
5114
03:20:56,100 --> 03:20:58,308
with the same algorithm
and if the other
5115
03:20:58,308 --> 03:20:59,900
than was prone to collisions,
5116
03:20:59,900 --> 03:21:02,278
it might produce
the same hash value as dog.
5117
03:21:02,278 --> 03:21:05,319
So with the password cat I
could open up your password.
5118
03:21:05,319 --> 03:21:07,300
I mean I could open
up your account.
5119
03:21:07,300 --> 03:21:09,798
So that was all
about hashing and hashing.
5120
03:21:09,798 --> 03:21:11,200
Rhythms, let's move on.
5121
03:21:11,200 --> 03:21:11,500
Okay.
5122
03:21:11,500 --> 03:21:12,900
So in this part of the video,
5123
03:21:12,900 --> 03:21:15,700
we are going to go
over SSL and TLS
5124
03:21:16,000 --> 03:21:18,400
or SSL and TLS are ways
of doing encryption
5125
03:21:18,400 --> 03:21:21,100
and they were developed
in order to do encryption
5126
03:21:21,100 --> 03:21:24,400
between websites web servers
and clients or browsers.
5127
03:21:24,400 --> 03:21:27,600
SSL was originally developed by
a company called Netscape and
5128
03:21:27,600 --> 03:21:29,850
if you don't remember
Netscape eventually spun
5129
03:21:29,850 --> 03:21:32,200
off their source code
and became Mozilla project
5130
03:21:32,200 --> 03:21:33,560
where we get Firefox
5131
03:21:33,560 --> 03:21:37,300
from so back in 1995 Netscape
released version 2 of SSL,
5132
03:21:37,300 --> 03:21:40,396
and there was a version one,
but nothing was Done with it.
5133
03:21:40,396 --> 03:21:43,729
So we got the version 2 of SSL
and that was used for encryption
5134
03:21:43,729 --> 03:21:45,724
of web transmission
between the server
5135
03:21:45,724 --> 03:21:47,883
and the browser
to do a whole number
5136
03:21:47,883 --> 03:21:49,585
of flaws between the server
5137
03:21:49,585 --> 03:21:52,774
and the browser now
SSL version 2 had a whole number
5138
03:21:52,774 --> 03:21:55,400
of flaws and SSL to has
the type of flowers
5139
03:21:55,400 --> 03:21:58,000
that can lead to decryption
of messages without actually
5140
03:21:58,000 --> 03:21:59,300
having the correct keys
5141
03:21:59,300 --> 03:22:01,500
and not being
the right endpoints
5142
03:22:01,500 --> 03:22:05,100
and so Netscape released
SSL version 3 in 1996.
5143
03:22:05,100 --> 03:22:07,700
And so we get SSL
3.0 which is better
5144
03:22:07,700 --> 03:22:09,681
than 2.0 but it still hurts.
5145
03:22:09,681 --> 03:22:12,300
Some issues and so
in 1999 we ended up
5146
03:22:12,300 --> 03:22:14,200
with TLS now SSL is secure
5147
03:22:14,200 --> 03:22:17,300
socket layer and TLS is
transport layer security.
5148
03:22:17,300 --> 03:22:19,200
They both accomplished
the same sort of thing
5149
03:22:19,200 --> 03:22:21,300
and they're designed
for primarily doing encryption
5150
03:22:21,300 --> 03:22:23,018
between web server
and web browsers
5151
03:22:23,018 --> 03:22:25,707
because we want to be able
to encrypt the type of traffic.
5152
03:22:25,707 --> 03:22:28,207
So let me show you what kind
of traffic looks like.
5153
03:22:28,207 --> 03:22:29,100
So first of all,
5154
03:22:29,100 --> 03:22:31,300
let me open bar shop
and out here.
5155
03:22:31,300 --> 03:22:34,082
I already have a TLS scan
ready for you guys
5156
03:22:34,082 --> 03:22:36,991
that you can see we have
all sorts of TLS data
5157
03:22:36,991 --> 03:22:37,941
so you can see
5158
03:22:37,941 --> 03:22:41,200
that here's my source
and it's 32 and destination
5159
03:22:41,200 --> 03:22:42,700
is sound 6 1 2.
5160
03:22:42,700 --> 03:22:45,500
4050 9.46 doing
a client key exchange
5161
03:22:45,500 --> 03:22:48,600
and the chain Cipher suspect
and Krypton handshake message
5162
03:22:48,600 --> 03:22:50,700
and then we start
getting application data.
5163
03:22:50,700 --> 03:22:52,800
So there are some other
steps involved here
5164
03:22:52,800 --> 03:22:54,100
and you're not seeing all of it
5165
03:22:54,100 --> 03:22:55,900
with this particular
Wireshark capture
5166
03:22:55,900 --> 03:22:57,229
because again, you know,
5167
03:22:57,229 --> 03:22:58,700
we get fragmented packets
5168
03:22:58,700 --> 03:23:00,900
and at some point it
starts getting encrypted
5169
03:23:00,900 --> 03:23:02,344
and you can see it anyways
5170
03:23:02,344 --> 03:23:03,200
because wash out
5171
03:23:03,200 --> 03:23:05,808
without having the key
can decrypt those messages
5172
03:23:05,808 --> 03:23:07,150
but one ends up happening
5173
03:23:07,150 --> 03:23:08,600
is the client sends a hello
5174
03:23:08,600 --> 03:23:10,350
and the silver is
Ponce with a Hello
5175
03:23:10,350 --> 03:23:12,800
and they end up exchanging
information as part
5176
03:23:12,800 --> 03:23:15,300
of that now including
version numbers supported
5177
03:23:15,300 --> 03:23:16,771
and you get random number
5178
03:23:16,771 --> 03:23:19,851
and the clients going to send
out a number of surface suits
5179
03:23:19,851 --> 03:23:23,300
that may want support and order
and it can support the server
5180
03:23:23,300 --> 03:23:25,800
and it's going to pick
from those sweet of ciphers.
5181
03:23:25,800 --> 03:23:28,880
Now, then we start doing
the key exchange and then
5182
03:23:28,880 --> 03:23:32,400
do the change Cipher spect
and from the client and server
5183
03:23:32,400 --> 03:23:35,123
and eventually the server
just sends a finished message
5184
03:23:35,123 --> 03:23:35,923
and at the point
5185
03:23:35,923 --> 03:23:38,108
we've got this encrypted
communication going on,
5186
03:23:38,108 --> 03:23:39,249
but there's this handshake
5187
03:23:39,249 --> 03:23:41,900
that Zone between the two
systems and there's a number
5188
03:23:41,900 --> 03:23:43,577
of different types
of handshakes depending
5189
03:23:43,577 --> 03:23:44,600
on the type of end points
5190
03:23:44,600 --> 03:23:45,300
that you've got.
5191
03:23:45,300 --> 03:23:47,774
But that's the type
of communication that goes on
5192
03:23:47,774 --> 03:23:50,300
between servers and the client
one important thing
5193
03:23:50,300 --> 03:23:51,800
about using SSL and TLS is
5194
03:23:51,800 --> 03:23:54,300
as I mentioned some
of the earlier versions had
5195
03:23:54,300 --> 03:23:56,272
vulnerabilities in them
and you want to make sure
5196
03:23:56,272 --> 03:23:58,299
that the server's
aren't actually running those.
5197
03:23:58,299 --> 03:24:00,500
So you want to run some scans
to figure out the type
5198
03:24:00,500 --> 03:24:03,000
of calls and ciphers
that different systems you
5199
03:24:03,000 --> 03:24:05,800
so for this we can use
something called SSL scan.
5200
03:24:05,800 --> 03:24:08,100
So this is available for Unix.
5201
03:24:08,100 --> 03:24:09,330
Not really sure.
5202
03:24:09,600 --> 03:24:11,300
If there is something
5203
03:24:11,300 --> 03:24:13,849
that is similar
for Windows or Mac,
5204
03:24:13,849 --> 03:24:18,200
but on Unix based system that is
Linux we can use SSL scan.
5205
03:24:18,200 --> 03:24:19,900
So let me just show
you how to use
5206
03:24:19,900 --> 03:24:21,900
that clear as far out.
5207
03:24:22,300 --> 03:24:25,838
So what we can do is run
SSL scan again suppose
5208
03:24:25,838 --> 03:24:28,600
www dot Ed u-- record dotco.
5209
03:24:30,600 --> 03:24:31,900
So we're doing Isis can hear
5210
03:24:31,900 --> 03:24:34,037
against the website
and you can see it's going out
5211
03:24:34,037 --> 03:24:36,000
and probing all
the different types of ciphers
5212
03:24:36,000 --> 03:24:39,100
after you know on this system
start with SSL V3
5213
03:24:39,100 --> 03:24:40,409
and are going to TLS
5214
03:24:40,409 --> 03:24:43,500
version 1 and we could force
as a substantive try
5215
03:24:43,500 --> 03:24:44,585
to do an SSL V2.
5216
03:24:44,585 --> 03:24:47,500
If I scroll back up here
I get the surface I
5217
03:24:47,500 --> 03:24:51,200
Firs which is SSL version
3 it's using RSA
5218
03:24:51,300 --> 03:24:53,400
and it's using RSA
for the asymmetric.
5219
03:24:53,400 --> 03:24:55,300
Now in order to do
the key exchange and
5220
03:24:55,300 --> 03:24:57,800
once we get the session key
up we're going to do use AES
5221
03:24:57,800 --> 03:24:59,200
256 and then we're going
5222
03:24:59,200 --> 03:25:02,400
to use the secure hash algorithm
to do the message authentication
5223
03:25:02,400 --> 03:25:03,200
or the Mac.
5224
03:25:03,200 --> 03:25:04,905
It's something calls the hmac
5225
03:25:04,905 --> 03:25:07,380
for the hashed message
authentication code and
5226
03:25:07,380 --> 03:25:09,800
what it does is simply
hashes the MAC address
5227
03:25:09,800 --> 03:25:12,527
that you would check one side
against the other to make sure
5228
03:25:12,527 --> 03:25:14,100
that the message
hasn't been fitted
5229
03:25:14,100 --> 03:25:15,200
with in transmission.
5230
03:25:15,200 --> 03:25:16,900
You can see here all
the different types
5231
03:25:16,900 --> 03:25:19,864
of Cipher suits that are
available peers TLS running rc4
5232
03:25:19,864 --> 03:25:21,100
at 40 bits using md5.
5233
03:25:21,100 --> 03:25:22,700
So that would be
a pretty vulnerable type
5234
03:25:22,700 --> 03:25:24,900
of communication to use
and between the server
5235
03:25:24,900 --> 03:25:27,000
and the client 40-bit
Cipher using rc4 is
5236
03:25:27,000 --> 03:25:29,750
a low strength Cipher and we
would definitely Recommend
5237
03:25:29,750 --> 03:25:32,400
that clients remove those
from the support of ciphers
5238
03:25:32,400 --> 03:25:33,850
that they have on their server.
5239
03:25:33,850 --> 03:25:35,600
All that configuration
would be done
5240
03:25:35,600 --> 03:25:37,247
at the web server as well as
5241
03:25:37,247 --> 03:25:40,500
when you generated your key
and your certificates normally
5242
03:25:40,500 --> 03:25:43,300
certificates would be handled
by a certificate Authority.
5243
03:25:43,400 --> 03:25:45,450
Now, you can also
self-signed certificates
5244
03:25:45,450 --> 03:25:47,550
and have those installed
in your web server
5245
03:25:47,550 --> 03:25:49,600
in order to Communications
with your clients
5246
03:25:49,600 --> 03:25:53,100
that the challenge with that is
browsers today warned when they
5247
03:25:53,100 --> 03:25:55,776
see a certificate against
the certificate Authority
5248
03:25:55,776 --> 03:25:58,805
that is entrusted of it and it
doesn't have any certificate.
5249
03:25:58,805 --> 03:26:00,500
Aditi tall so
you'll get a warning
5250
03:26:00,500 --> 03:26:01,580
in your browser indicating.
5251
03:26:01,580 --> 03:26:03,349
There may be a problem
with your certificate
5252
03:26:03,349 --> 03:26:04,878
if your clients
are Savvy enough and
5253
03:26:04,878 --> 03:26:06,800
if the users are Savvy
enough you may be able
5254
03:26:06,800 --> 03:26:09,658
to make use of these self
fine self-signed certificates
5255
03:26:09,658 --> 03:26:11,108
and save yourself some money,
5256
03:26:11,108 --> 03:26:12,960
but generally it's
not recommended simply
5257
03:26:12,960 --> 03:26:15,600
because clients are starting
to get these bad certificates
5258
03:26:15,600 --> 03:26:16,900
and when they run across one
5259
03:26:16,900 --> 03:26:19,146
that's really a problem
a real Rogue certificate.
5260
03:26:19,146 --> 03:26:21,300
They're going to ignore
the certificate message
5261
03:26:21,300 --> 03:26:23,321
in the browser
and just go to the sites
5262
03:26:23,321 --> 03:26:26,300
that could have malicious
purposes in mind and may end up
5263
03:26:26,300 --> 03:26:29,174
compromising the clients
or customers or users.
5264
03:26:29,174 --> 03:26:30,300
That's SSL and TLS
5265
03:26:30,300 --> 03:26:33,900
and how they work and negotiate
between servers and end points.
5266
03:26:34,300 --> 03:26:34,700
Okay.
5267
03:26:34,700 --> 03:26:37,500
So now that we've talked
about TLS and SSL.
5268
03:26:37,500 --> 03:26:39,300
Let's talk about
disk encryption.
5269
03:26:39,300 --> 03:26:41,365
Now this encryption
is actually something
5270
03:26:41,365 --> 03:26:44,618
that was not really difficult to
do but sort of out of the reach
5271
03:26:44,618 --> 03:26:47,200
of normal desktop computers
for a really long time.
5272
03:26:47,200 --> 03:26:50,116
Although there have long been
ways to encryption of files
5273
03:26:50,116 --> 03:26:52,200
and to a lesser degree
maybe entire disks
5274
03:26:52,200 --> 03:26:54,579
as we get faster processor
certainly encrypting
5275
03:26:54,579 --> 03:26:55,416
the entire disks
5276
03:26:55,416 --> 03:26:56,887
and being able to encrypt
5277
03:26:56,887 --> 03:26:59,030
and decrypt on the fly
without affecting.
5278
03:26:59,030 --> 03:27:00,358
Performance is something
5279
03:27:00,358 --> 03:27:02,465
that certainly comes
with Within Reach
5280
03:27:02,465 --> 03:27:03,562
and it's a feature
5281
03:27:03,562 --> 03:27:07,124
that shows up in most modern
operating systems to one degree
5282
03:27:07,124 --> 03:27:09,816
or another now these days
we are going to look
5283
03:27:09,816 --> 03:27:12,740
at a couple of ways here
of doing disk encryption.
5284
03:27:12,740 --> 03:27:15,152
I want to tell you
about one of them first
5285
03:27:15,152 --> 03:27:16,300
and it's not the one I
5286
03:27:16,300 --> 03:27:18,750
can show I can't really show
the other one either.
5287
03:27:18,750 --> 03:27:19,533
So with Microsoft
5288
03:27:19,533 --> 03:27:22,300
their Windows system have
this program called BitLocker
5289
03:27:22,300 --> 03:27:24,609
and BitLocker requires
either Windows Ultimate
5290
03:27:24,609 --> 03:27:25,600
or Windows and price.
5291
03:27:25,600 --> 03:27:26,700
I don't happen to have
5292
03:27:26,700 --> 03:27:28,905
either version so I
can't really show it.
5293
03:27:28,905 --> 03:27:30,200
You but I can tell you
5294
03:27:30,200 --> 03:27:33,200
that BitLocker has ability
to entire disk encryption
5295
03:27:33,200 --> 03:27:34,000
and they use a s
5296
03:27:34,000 --> 03:27:36,950
for the encryption Cipher
and the thing about BitLocker is
5297
03:27:36,950 --> 03:27:38,100
that they use a feature
5298
03:27:38,100 --> 03:27:41,200
that comes with most modern
systems particularly laptops.
5299
03:27:41,200 --> 03:27:42,360
Lll strip in them
5300
03:27:42,360 --> 03:27:45,658
that's called The Trusted
platform module or TPM.
5301
03:27:45,658 --> 03:27:46,957
The TPM chip is part
5302
03:27:46,957 --> 03:27:49,100
what it does is
it stores the keys
5303
03:27:49,100 --> 03:27:50,509
that allows operating system
5304
03:27:50,509 --> 03:27:53,228
to be able to access the disk
through this encryption
5305
03:27:53,228 --> 03:27:56,294
and decryption process and they
use a pretty strong encryption
5306
03:27:56,294 --> 03:27:57,400
Cipher which is a yes,
5307
03:27:57,400 --> 03:27:59,226
but you have to have
one of the cup Well
5308
03:27:59,226 --> 03:28:01,063
of different versions
of Windows in order
5309
03:28:01,063 --> 03:28:02,302
to be able to use BitLocker
5310
03:28:02,302 --> 03:28:04,799
and it's one of those things
you would normally run
5311
03:28:04,799 --> 03:28:05,799
in an Enterprise.
5312
03:28:05,799 --> 03:28:09,189
And so that's why they included
in on its Enterprise version.
5313
03:28:09,189 --> 03:28:10,432
Now on the Mac OS side
5314
03:28:10,432 --> 03:28:13,282
they have this thing called
file Vault and you see
5315
03:28:13,282 --> 03:28:16,500
in the system preferences
on the security and privacy.
5316
03:28:16,500 --> 03:28:20,000
If you go to filevault you
can turn on filevault now I
5317
03:28:20,000 --> 03:28:21,200
if you have the little button
5318
03:28:21,200 --> 03:28:23,000
that they're says
Stone on file wall,
5319
03:28:23,000 --> 03:28:24,917
then you can turn
on the file wall
5320
03:28:24,917 --> 03:28:27,300
and it would ask you
about setting up keys
5321
03:28:27,300 --> 03:28:30,300
and it works similar
to Those BitLocker now
5322
03:28:30,300 --> 03:28:33,659
pgp happens to have the ability
to do disk encryption
5323
03:28:33,659 --> 03:28:34,620
and you can see
5324
03:28:34,620 --> 03:28:37,504
that in the case of this
you burned the system.
5325
03:28:37,504 --> 03:28:40,700
They've got a package called
gde Crypt which is a GUI
5326
03:28:40,700 --> 03:28:44,200
that allows you to map and mount
a created encrypted volume
5327
03:28:44,200 --> 03:28:47,600
so I could run G decrypt and put
help me set up the process
5328
03:28:47,600 --> 03:28:50,500
of encrypting the volumes
have got on my system.
5329
03:28:50,500 --> 03:28:53,100
Now this conscription
is a really good idea
5330
03:28:53,100 --> 03:28:54,831
because when you are working
5331
03:28:54,831 --> 03:28:57,799
with clients the data is
normally very sensitive.
5332
03:28:57,799 --> 03:28:58,804
So as I mentioned
5333
03:28:58,804 --> 03:29:02,294
And you can always use things
like BitLocker and windows fault
5334
03:29:02,294 --> 03:29:04,830
or other search software's
for disk encryption.
5335
03:29:04,830 --> 03:29:07,830
So what I mentioned before
is now not only possible.
5336
03:29:07,830 --> 03:29:11,100
It's very much a reality
with current operating systems.
5337
03:29:11,100 --> 03:29:12,061
Now, let's talk
5338
03:29:12,061 --> 03:29:15,169
about scanning now
scanning is refers to the use
5339
03:29:15,169 --> 03:29:17,880
of computer networks
to gather information
5340
03:29:17,880 --> 03:29:19,600
regarding computer systems
5341
03:29:19,600 --> 03:29:20,600
and networks canning
5342
03:29:20,600 --> 03:29:23,400
is mainly used to security
assessment system maintenance
5343
03:29:23,400 --> 03:29:25,700
and also for performing
attacks by hackers.
5344
03:29:25,700 --> 03:29:28,200
The purpose of network
scanning is as follows,
5345
03:29:28,200 --> 03:29:30,280
it allows you
to Nice available UDP
5346
03:29:30,280 --> 03:29:33,400
and TCP Network Services running
on a targeted host.
5347
03:29:33,400 --> 03:29:35,654
It allows you to recognize
filtering systems
5348
03:29:35,654 --> 03:29:37,716
between the users
and the targeted host.
5349
03:29:37,716 --> 03:29:40,200
It allows you to determine
the operating systems
5350
03:29:40,200 --> 03:29:42,700
and used by assessing
the IP responses.
5351
03:29:42,700 --> 03:29:44,100
Then it also allows you
5352
03:29:44,100 --> 03:29:46,800
to evaluate the target
host TCP sequence numbers
5353
03:29:46,800 --> 03:29:49,900
and predictability to determine
the sequence prediction attacks
5354
03:29:49,900 --> 03:29:52,350
and the TCP spoofing now
Network scanning consists
5355
03:29:52,350 --> 03:29:53,700
of Network Port scanning as
5356
03:29:53,700 --> 03:29:56,569
well as vulnerability scanning
Network Port scanning refers
5357
03:29:56,569 --> 03:29:59,100
to the method of sending
data packets via the network.
5358
03:29:59,100 --> 03:30:01,350
Through computer system
specified Service Port
5359
03:30:01,350 --> 03:30:03,800
this is to identify
the available Network Services
5360
03:30:03,800 --> 03:30:05,117
on that particular system.
5361
03:30:05,117 --> 03:30:08,215
This procedure is effective for
troubleshooting systems issues
5362
03:30:08,215 --> 03:30:11,320
or for tightening the system
security vulnerability scanning
5363
03:30:11,320 --> 03:30:13,900
is a method used to discover
known vulnerabilities
5364
03:30:13,900 --> 03:30:16,131
of computing systems
available on network.
5365
03:30:16,131 --> 03:30:18,200
It helps to detect
a specific weak spot
5366
03:30:18,200 --> 03:30:20,913
in an application software
or the operating system,
5367
03:30:20,913 --> 03:30:22,880
which could be used
to crash the system
5368
03:30:22,880 --> 03:30:24,900
or compromise it
for undesired purposes.
5369
03:30:24,900 --> 03:30:27,800
Now Network Port scanning as
well as vulnerability scanning
5370
03:30:27,800 --> 03:30:29,000
is an information.
5371
03:30:29,000 --> 03:30:29,800
Rings technique,
5372
03:30:29,800 --> 03:30:32,149
but when carried out
by Anonymous individuals
5373
03:30:32,149 --> 03:30:35,290
are viewed as a pollutant
attack Network scanning process
5374
03:30:35,290 --> 03:30:36,300
is like Port scans
5375
03:30:36,300 --> 03:30:37,332
and pink stripes
5376
03:30:37,332 --> 03:30:38,437
and return details
5377
03:30:38,437 --> 03:30:41,200
about which IP address map
to active life hose
5378
03:30:41,200 --> 03:30:43,034
and the type
of service they provide
5379
03:30:43,034 --> 03:30:46,370
another Network scanning method
known as inverse mapping gathers
5380
03:30:46,370 --> 03:30:47,900
details about IP addresses
5381
03:30:47,900 --> 03:30:49,500
that do not map to Live host
5382
03:30:49,500 --> 03:30:50,856
which helps an attacker to focus
5383
03:30:50,856 --> 03:30:53,017
on feasible addresses
Network scanning is one
5384
03:30:53,017 --> 03:30:55,200
of the three important methods
used by an attacker
5385
03:30:55,200 --> 03:30:57,712
to gather information
during the footprint stage
5386
03:30:57,712 --> 03:30:59,211
and the attacker makes a File
5387
03:30:59,211 --> 03:31:01,949
of the target organization
this includes data
5388
03:31:01,949 --> 03:31:04,500
such as organization's
domain name systems
5389
03:31:04,500 --> 03:31:07,900
and email servers in additions
to its IP address range
5390
03:31:07,900 --> 03:31:10,950
and during the scanning stays
the attacker discovers details
5391
03:31:10,950 --> 03:31:12,450
about the specified IP addresses
5392
03:31:12,450 --> 03:31:15,250
that could be accessed online
their system architecture
5393
03:31:15,250 --> 03:31:16,437
their operating systems
5394
03:31:16,437 --> 03:31:18,673
and services running
on every computer now
5395
03:31:18,673 --> 03:31:20,200
during the enumeration stays
5396
03:31:20,200 --> 03:31:23,782
at a collects data including
routing tables Network user
5397
03:31:23,782 --> 03:31:27,299
and group names simple
Network management protocol data
5398
03:31:27,299 --> 03:31:27,876
and so on.
5399
03:31:27,876 --> 03:31:30,876
So now let's talk About
intrusion detection evasion.
5400
03:31:30,876 --> 03:31:32,830
So before we get
into IDs Salvation,
5401
03:31:32,830 --> 03:31:35,180
let's talk about
what exactly is an IDs now
5402
03:31:35,180 --> 03:31:37,623
an intrusion detection system
or IDs is a system
5403
03:31:37,623 --> 03:31:40,800
that honor does Network traffic
for suspicious activity
5404
03:31:40,800 --> 03:31:43,700
and issues alerts
when such activities discovered
5405
03:31:43,700 --> 03:31:46,900
while anomaly detection and
Reporting is primary function
5406
03:31:46,900 --> 03:31:50,055
some intrusion detection systems
are capable of taking actions
5407
03:31:50,055 --> 03:31:52,900
when malicious activity
or anomalous traffic is detected
5408
03:31:52,900 --> 03:31:55,900
including blocking traffic sent
from suspicious IP addresses,
5409
03:31:56,000 --> 03:31:58,600
although intrusion detection
systems monitor Network
5410
03:31:58,600 --> 03:32:01,867
for Ali malicious activity they
are also prone to false alarms
5411
03:32:01,867 --> 03:32:02,815
or false positives
5412
03:32:02,815 --> 03:32:05,900
consequently organizations need
to fine-tune their IDs product
5413
03:32:05,900 --> 03:32:07,300
when they first install them
5414
03:32:07,300 --> 03:32:09,900
that means properly configuring
their intrusion detection
5415
03:32:09,900 --> 03:32:11,900
system to recognize
what normal traffic
5416
03:32:11,900 --> 03:32:12,900
on the network looks
5417
03:32:12,900 --> 03:32:15,300
like compared to potentially
malicious activity
5418
03:32:15,300 --> 03:32:17,700
and intrusion prevention
system also monitors
5419
03:32:17,700 --> 03:32:20,500
Network packets for potentially
damaging Network traffic,
5420
03:32:20,500 --> 03:32:22,621
but we're an intrusion
detection system responds
5421
03:32:22,621 --> 03:32:25,049
to potentially malicious traffic
by logging the traffic
5422
03:32:25,049 --> 03:32:25,950
and issuing warning
5423
03:32:25,950 --> 03:32:28,400
notification intrusion
prevention systems response
5424
03:32:28,400 --> 03:32:31,678
to such By rejecting the
potentially malicious packets.
5425
03:32:31,678 --> 03:32:35,200
So there are different types
of intrusion detection system.
5426
03:32:35,200 --> 03:32:38,000
So intrusion detection system
come in different flavors
5427
03:32:38,000 --> 03:32:40,921
and detect suspicious activities
using different methods.
5428
03:32:40,921 --> 03:32:42,434
So kind of intrusion detection
5429
03:32:42,434 --> 03:32:44,400
is a network intrusion
detection systems
5430
03:32:44,400 --> 03:32:46,845
that is nids is it deployed
at a strategic point
5431
03:32:46,845 --> 03:32:48,305
or points within the network
5432
03:32:48,305 --> 03:32:50,882
where it can monitor
inbound and outbound traffic
5433
03:32:50,882 --> 03:32:53,200
to and from all the devices
on the network.
5434
03:32:53,200 --> 03:32:55,700
Then there is host
intrusion detection system
5435
03:32:55,700 --> 03:32:56,500
that is at IDs
5436
03:32:56,500 --> 03:32:58,863
which runs on all computers
or devices in the network.
5437
03:32:58,863 --> 03:33:00,600
With direct access
to both the internet
5438
03:33:00,600 --> 03:33:03,300
and the Enterprise internal
Network SIDS have an advantage
5439
03:33:03,300 --> 03:33:04,212
over any ideas in
5440
03:33:04,212 --> 03:33:07,498
that they have may be able to
detect anomalous Network packets
5441
03:33:07,498 --> 03:33:09,926
that originated from
inside the organization's
5442
03:33:09,926 --> 03:33:11,106
or malicious traffic
5443
03:33:11,106 --> 03:33:12,282
that nids has failed
5444
03:33:12,282 --> 03:33:15,700
to detect hid s may also be able
to identify malicious traffic
5445
03:33:15,700 --> 03:33:17,800
that originates from
the host itself as
5446
03:33:17,800 --> 03:33:19,950
when the host has been
infected with malware
5447
03:33:19,950 --> 03:33:21,073
and is attempting spread
5448
03:33:21,073 --> 03:33:23,787
to other systems signature
based intrusion detection system
5449
03:33:23,787 --> 03:33:25,600
monitors all packaged
traversing the network
5450
03:33:25,600 --> 03:33:26,400
and compare them
5451
03:33:26,400 --> 03:33:28,800
against database of
signatures or attributes.
5452
03:33:29,000 --> 03:33:32,000
I've known malicious threats
much like antivirus softwares.
5453
03:33:32,300 --> 03:33:35,700
So now let's talk
about into IDs evasion.
5454
03:33:35,900 --> 03:33:36,203
Okay.
5455
03:33:36,203 --> 03:33:38,300
So now let's talk
about IDs evasion.
5456
03:33:38,300 --> 03:33:40,500
Now IDs is
an intrusion detection system
5457
03:33:40,500 --> 03:33:43,098
as we just spoke about
and instead it detect exactly
5458
03:33:43,098 --> 03:33:45,900
the types of activities that
we are engaged in sometimes
5459
03:33:45,900 --> 03:33:49,500
and sometimes you may be in
called in to work on a Target
5460
03:33:49,500 --> 03:33:51,100
where activities are known
5461
03:33:51,100 --> 03:33:53,200
and should be known
by The Operators
5462
03:33:53,200 --> 03:33:55,618
or the operations people
involved in monitoring
5463
03:33:55,618 --> 03:33:58,300
and managing the network
and the idea being not only
5464
03:33:58,300 --> 03:34:00,360
do they want to assess
the technical controls
5465
03:34:00,360 --> 03:34:01,137
that are in place,
5466
03:34:01,137 --> 03:34:03,025
but they also want
to assess the operational
5467
03:34:03,025 --> 03:34:03,932
procedures and ensure
5468
03:34:03,932 --> 03:34:06,034
that the systems and processes
are working the way
5469
03:34:06,034 --> 03:34:07,506
that they are supposed
to be working.
5470
03:34:07,506 --> 03:34:09,100
Now when you are engaged
with the Target
5471
03:34:09,100 --> 03:34:10,700
that you are in full cooperation
5472
03:34:10,700 --> 03:34:13,562
with you don't need to do
these types of vision tactics.
5473
03:34:13,562 --> 03:34:15,745
All these techniques
may be actually avoided
5474
03:34:15,745 --> 03:34:17,945
but if you are asked
to perform an assessment
5475
03:34:17,945 --> 03:34:19,345
or a penetration on a Target
5476
03:34:19,345 --> 03:34:21,700
where they are not supposed
to see your activities,
5477
03:34:21,700 --> 03:34:22,935
then you need to know
5478
03:34:22,935 --> 03:34:25,981
some different techniques
to evade detection from an IDs.
5479
03:34:25,981 --> 03:34:29,000
So we're going to talk about
a couple of different things.
5480
03:34:29,200 --> 03:34:30,000
That you can do.
5481
03:34:30,000 --> 03:34:33,299
So one thing that you can do
is manipulate packaged to look
5482
03:34:33,299 --> 03:34:34,300
a particular way.
5483
03:34:34,300 --> 03:34:37,400
Now for this there is
a tool called packets.
5484
03:34:37,400 --> 03:34:41,300
So packet is a really good way
to actually manipulate traffic
5485
03:34:41,300 --> 03:34:44,358
and by actually manipulating
the contents of a packet
5486
03:34:44,358 --> 03:34:47,000
like you can specify
the destination and source.
5487
03:34:47,000 --> 03:34:48,647
So it's a really useful tool
5488
03:34:48,647 --> 03:34:50,753
to set up a package
look a particular way.
5489
03:34:50,753 --> 03:34:53,599
One thing it can do is allow
you to spoof IP addresses
5490
03:34:53,599 --> 03:34:55,848
so I could set
the source IP address here.
5491
03:34:55,848 --> 03:34:58,699
That was something completely
different from mine now
5492
03:34:58,699 --> 03:34:59,813
from Using TCP or UDP?
5493
03:34:59,813 --> 03:35:01,713
I'm not going to see
the response back.
5494
03:35:01,713 --> 03:35:02,632
And in this case TCP.
5495
03:35:02,632 --> 03:35:05,000
I'm not even going to get
the three weeks connection me
5496
03:35:05,000 --> 03:35:07,458
because responses are going
to go back to the source IP.
5497
03:35:07,458 --> 03:35:08,349
But what you can do
5498
03:35:08,349 --> 03:35:11,021
is an additional two spoofing
you can set a particular ways
5499
03:35:11,021 --> 03:35:12,049
that a packet may look
5500
03:35:12,049 --> 03:35:14,400
like changing the type
of service or by changing
5501
03:35:14,400 --> 03:35:17,326
the fragmentation of set or by
different flags settings
5502
03:35:17,326 --> 03:35:20,566
at me allow you through an IDs
without maybe getting flagged
5503
03:35:20,566 --> 03:35:22,864
and it may also allow
you to a firewall now
5504
03:35:22,864 --> 03:35:25,381
it's a slim possibility
but it's a possibility.
5505
03:35:25,381 --> 03:35:25,600
Now.
5506
03:35:25,600 --> 03:35:27,500
Another thing you
can do is use packets
5507
03:35:27,500 --> 03:35:29,879
to generate a A lot
of really bogus data
5508
03:35:29,879 --> 03:35:33,600
and what you might do is hide
in the noise generated by packet
5509
03:35:33,600 --> 03:35:36,000
so you can could create
some really bogus packets
5510
03:35:36,000 --> 03:35:37,510
that are sure to set
of ideas alarms
5511
03:35:37,510 --> 03:35:39,855
and then you can run
some legitimate scans underneath
5512
03:35:39,855 --> 03:35:42,200
and hopefully be able to get
some responses different
5513
03:35:42,200 --> 03:35:43,799
from mine now
from using TCP or UDP.
5514
03:35:43,799 --> 03:35:45,700
I'm not going to see
the response back.
5515
03:35:45,700 --> 03:35:46,800
And in this case DCP,
5516
03:35:46,800 --> 03:35:49,162
I'm not even going to get
the three weeks connection me
5517
03:35:49,162 --> 03:35:51,600
because responses are going
to go back to the source IP.
5518
03:35:51,600 --> 03:35:52,550
But what you can do
5519
03:35:52,550 --> 03:35:55,295
is an additional two spoofing
you can set up a particular ways
5520
03:35:55,295 --> 03:35:56,395
that a packet may look
5521
03:35:56,395 --> 03:35:58,600
like changing the type
of service or by changing
5522
03:35:58,600 --> 03:36:01,512
the augmentation offset or by
different flag settings
5523
03:36:01,512 --> 03:36:04,983
at me allow you through an IDs
without maybe getting flagged
5524
03:36:04,983 --> 03:36:07,186
and it may also allow
you to a firewall now
5525
03:36:07,186 --> 03:36:09,774
it's a slim possibility
but it's a possibility.
5526
03:36:09,774 --> 03:36:10,000
Now.
5527
03:36:10,000 --> 03:36:13,356
Another thing you can do is
use packet to generate a lot
5528
03:36:13,356 --> 03:36:14,511
of really bogus data
5529
03:36:14,511 --> 03:36:18,100
and what you might do is hide
in the noise generated by packet
5530
03:36:18,100 --> 03:36:20,200
so you can could create
some really bogus packets
5531
03:36:20,200 --> 03:36:21,817
that are sure to set
of ideas alarms
5532
03:36:21,817 --> 03:36:24,150
and then you can run
some legitimate scans underneath
5533
03:36:24,150 --> 03:36:26,300
and hopefully be able
to get some responses.
5534
03:36:30,900 --> 03:36:34,483
Kali Linux is the industry's
leading Linux distribution
5535
03:36:34,483 --> 03:36:35,972
and penetration testing
5536
03:36:35,972 --> 03:36:38,328
and ethical hacking
it offers tons
5537
03:36:38,328 --> 03:36:40,800
and tons of hacking
and penetration tools
5538
03:36:40,800 --> 03:36:43,346
and different kind
of software's by default.
5539
03:36:43,346 --> 03:36:46,488
It is widely recognized
in all parts of the world even
5540
03:36:46,488 --> 03:36:48,900
among window users
who may not even know
5541
03:36:48,900 --> 03:36:52,000
what Linux has well
to be precise Kali Linux
5542
03:36:52,000 --> 03:36:55,225
was developed by offensive
security as the rewrite
5543
03:36:55,225 --> 03:36:58,693
of backtrack backtrack just
like Kali Linux was a lie.
5544
03:36:58,693 --> 03:36:59,871
Linux distribution
5545
03:36:59,871 --> 03:37:03,540
that focused on security it
was used for digital forensics
5546
03:37:03,540 --> 03:37:05,600
and penetration testing purpose.
5547
03:37:05,600 --> 03:37:08,894
But the question here is why
should you choose Kali Linux
5548
03:37:08,894 --> 03:37:12,500
when you have other choices like
parrot security operating system
5549
03:37:12,500 --> 03:37:15,500
back box black art
and many more out there.
5550
03:37:15,500 --> 03:37:17,545
Let me list are few reasons as
5551
03:37:17,545 --> 03:37:20,300
to why Kali Linux is
the best choice first
5552
03:37:20,300 --> 03:37:24,300
and foremost it offers more than
600 penetration testing tools
5553
03:37:24,300 --> 03:37:26,700
from different kind
of security fields
5554
03:37:26,700 --> 03:37:28,700
and four and six secondly.
5555
03:37:29,123 --> 03:37:31,200
Kali Linux is customizable.
5556
03:37:31,200 --> 03:37:34,311
So if you're not comfortable
with current Kali Linux tools
5557
03:37:34,311 --> 03:37:36,813
or features or
graphical user interface,
5558
03:37:36,813 --> 03:37:39,700
you can customize
Kali Linux the way you want.
5559
03:37:39,700 --> 03:37:42,100
It is built
on a secure platform.
5560
03:37:42,100 --> 03:37:44,366
The Kali Linux team
is actually made up
5561
03:37:44,366 --> 03:37:46,144
of small group of individuals.
5562
03:37:46,144 --> 03:37:48,780
Those are the only ones
who can commit packages
5563
03:37:48,780 --> 03:37:50,617
and interact with repositories.
5564
03:37:50,617 --> 03:37:53,700
All of which is done using
multiple secure protocols.
5565
03:37:53,700 --> 03:37:57,000
So color Linux is definitely
a secure platform,
5566
03:37:57,100 --> 03:37:58,900
although penetration
tools tend to be
5567
03:37:58,900 --> 03:38:03,200
In an English colony includes
multilingual support this way
5568
03:38:03,200 --> 03:38:05,623
more users can operate
in the native language
5569
03:38:05,623 --> 03:38:06,800
and locate the tools
5570
03:38:06,800 --> 03:38:08,279
that they need for the job
5571
03:38:08,279 --> 03:38:10,100
that they are doing
on Kali Linux
5572
03:38:10,100 --> 03:38:11,914
and lastly Kali Linux just
5573
03:38:11,914 --> 03:38:15,308
like back truck is
completely free of charge on top
5574
03:38:15,308 --> 03:38:16,640
of all this benefits
5575
03:38:16,640 --> 03:38:20,436
Kali Linux offers different
installation options one way
5576
03:38:20,436 --> 03:38:22,277
of installing Kali Linux is
5577
03:38:22,277 --> 03:38:24,800
by making a collie
bootable USB drive.
5578
03:38:24,800 --> 03:38:26,164
This is the fastest way
5579
03:38:26,164 --> 03:38:29,599
of installing Kali Linux
and the most favorable as Well,
5580
03:38:29,600 --> 03:38:31,400
we will discuss why in a while.
5581
03:38:31,400 --> 03:38:33,742
You can also install
Kali Linux using
5582
03:38:33,742 --> 03:38:35,726
hard-disk installing Kali Linux
5583
03:38:35,726 --> 03:38:39,500
on your computer using the hard
disk is a very easy process,
5584
03:38:39,500 --> 03:38:40,700
but you should make sure
5585
03:38:40,700 --> 03:38:43,200
that your computer has
compatible Hardware.
5586
03:38:43,200 --> 03:38:47,100
You can also install Kali Linux
alongside your operating system.
5587
03:38:47,100 --> 03:38:48,800
It could be Windows or Mac,
5588
03:38:48,800 --> 03:38:51,800
but you should exercise caution
during setup process
5589
03:38:51,800 --> 03:38:53,464
because it might mess up
5590
03:38:53,464 --> 03:38:56,100
with your default
bios settings lastly.
5591
03:38:56,100 --> 03:38:59,200
You can use different kind
of virtualization software.
5592
03:38:59,200 --> 03:39:00,415
Just VMware or watch
5593
03:39:00,415 --> 03:39:04,200
a box to install Kali Linux on
your preferred operating system.
5594
03:39:04,200 --> 03:39:07,600
Well apart from all this you
can also set up Cal Linux
5595
03:39:07,600 --> 03:39:09,300
on Advanced risc machines
5596
03:39:09,300 --> 03:39:13,100
or a RM like Raspberry Pi
trim slice cube truck
5597
03:39:13,100 --> 03:39:13,800
and many more.
5598
03:39:13,900 --> 03:39:15,400
So there you go guys.
5599
03:39:15,400 --> 03:39:18,148
Now if you know what
color Linux is and why it
5600
03:39:18,148 --> 03:39:20,886
is a leading Linux distro
for ethical hacking
5601
03:39:20,886 --> 03:39:23,800
and penetration testing
in today's session.
5602
03:39:23,800 --> 03:39:27,200
We will explore different ways
to install Kali Linux.
5603
03:39:27,200 --> 03:39:29,697
Let's get started
then all Your I said
5604
03:39:29,697 --> 03:39:31,250
that the fastest method
5605
03:39:31,250 --> 03:39:35,300
for setting up Kali Linux is
to run it live from a USB drive.
5606
03:39:35,300 --> 03:39:38,400
But why first of all,
it's non-destructive,
5607
03:39:38,400 --> 03:39:41,411
it makes no changes
to the host systems hard drive
5608
03:39:41,411 --> 03:39:44,325
or the operating system
that it is installed on.
5609
03:39:44,325 --> 03:39:47,664
So once you remove USB your
operating system will return
5610
03:39:47,664 --> 03:39:49,100
to its original state.
5611
03:39:49,100 --> 03:39:49,765
Secondly.
5612
03:39:49,765 --> 03:39:50,800
It's portable.
5613
03:39:50,800 --> 03:39:53,157
You can carry color index
in your pocket
5614
03:39:53,157 --> 03:39:56,300
and can run it whenever you
want just in few minutes.
5615
03:39:56,307 --> 03:39:57,692
It's customizable.
5616
03:39:57,700 --> 03:39:58,900
You can create your own.
5617
03:39:58,900 --> 03:40:01,146
Kali Linux ISO image and put it
5618
03:40:01,146 --> 03:40:03,900
into USB drive using
a simple procedure
5619
03:40:03,900 --> 03:40:06,433
which we will discuss
later and lastly.
5620
03:40:06,433 --> 03:40:08,309
It's potentially persistent.
5621
03:40:08,309 --> 03:40:09,406
You can configure
5622
03:40:09,406 --> 03:40:13,000
your Kali Linux live USB drive
to have persistent storage
5623
03:40:13,000 --> 03:40:15,554
so that the data you
can collect is saved
5624
03:40:15,554 --> 03:40:18,300
and you can use it
across different reboots.
5625
03:40:18,300 --> 03:40:18,597
Now.
5626
03:40:18,597 --> 03:40:21,800
Let's see how to create
a bootable USB drive
5627
03:40:21,800 --> 03:40:23,200
on Windows guys.
5628
03:40:23,200 --> 03:40:25,321
Actually the process
is very simple.
5629
03:40:25,321 --> 03:40:27,200
It's just a three step process.
5630
03:40:27,200 --> 03:40:29,200
First of all,
you need to plug your USB.
5631
03:40:29,200 --> 03:40:32,700
USB drive into an available
USB port on your Windows PC
5632
03:40:32,700 --> 03:40:35,600
next you need to note down
the destination drive.
5633
03:40:35,600 --> 03:40:37,133
It uses one set mounts.
5634
03:40:37,133 --> 03:40:40,000
For example, it could be
F drive after that.
5635
03:40:40,000 --> 03:40:42,727
You will have to download
and launch a software
5636
03:40:42,727 --> 03:40:45,600
called win32 disk imager
on the software.
5637
03:40:45,600 --> 03:40:47,899
You'll have to choose
color Linux ISO file
5638
03:40:47,899 --> 03:40:49,900
that needs to be
matched and verify
5639
03:40:49,900 --> 03:40:51,039
that the USB drive
5640
03:40:51,039 --> 03:40:53,643
to be overwritten is
the correct one lastly.
5641
03:40:53,643 --> 03:40:55,462
Once the Imaging is complete.
5642
03:40:55,462 --> 03:40:57,783
You need to safely
eject the USB drive
5643
03:40:57,783 --> 03:40:59,100
from Windows machine.
5644
03:40:59,100 --> 03:41:01,700
So, like I said,
it's very simple, right?
5645
03:41:01,700 --> 03:41:04,200
Well, I'm not going to show
you a demo on this one
5646
03:41:04,200 --> 03:41:05,220
because like I said,
5647
03:41:05,220 --> 03:41:07,900
it's very easy, and I'm sure
you guys can pull it off.
5648
03:41:07,900 --> 03:41:08,955
If you have any doubts.
5649
03:41:08,955 --> 03:41:10,790
You can post them
in the comment session.
5650
03:41:10,790 --> 03:41:11,800
We'll get back to you.
5651
03:41:11,800 --> 03:41:15,097
And as for the demo part will
be doing for installations here.
5652
03:41:15,097 --> 03:41:15,800
First of all,
5653
03:41:15,800 --> 03:41:18,682
we'll see how to install
Kali Linux using VMware
5654
03:41:18,682 --> 03:41:20,300
on Windows operating system.
5655
03:41:20,300 --> 03:41:21,000
Then we'll see
5656
03:41:21,000 --> 03:41:24,500
how to install Kali Linux on Mac
using virtualbox moving on.
5657
03:41:24,500 --> 03:41:25,815
We'll see how to install
5658
03:41:25,815 --> 03:41:28,499
Kali Linux tools on
different Linux distributions.
5659
03:41:28,499 --> 03:41:30,800
I'll A showing
how to install it on Ubuntu.
5660
03:41:30,800 --> 03:41:33,928
Well, the procedure is same for
every other Linux distribution.
5661
03:41:33,928 --> 03:41:36,200
So you can go ahead and use
the same procedure
5662
03:41:36,200 --> 03:41:37,450
for the Linux distribution
5663
03:41:37,450 --> 03:41:39,900
that you're using
and lastly we will see
5664
03:41:39,900 --> 03:41:41,400
how to install Kali Linux
5665
03:41:41,400 --> 03:41:44,300
on Windows 10 using
Windows subsystem for Linux.
5666
03:41:44,700 --> 03:41:45,900
So, I hope it's clear
5667
03:41:45,900 --> 03:41:48,100
that what we'll be learning
in the session.
5668
03:41:48,300 --> 03:41:51,800
Let's get started with
the first demo in this demo.
5669
03:41:51,800 --> 03:41:55,400
We'll see how to launch
Kali Linux using VMware.
5670
03:41:55,900 --> 03:41:58,194
So guys you can install
Kali Linux using
5671
03:41:58,194 --> 03:41:59,894
any virtualization software.
5672
03:41:59,894 --> 03:42:02,700
It could be VMware
or virtualbox in this demo.
5673
03:42:02,700 --> 03:42:05,200
I'll show you
how to install it using VMware.
5674
03:42:05,200 --> 03:42:06,100
So first of all,
5675
03:42:06,100 --> 03:42:08,451
obviously we'll have
to install VMware light.
5676
03:42:08,451 --> 03:42:11,859
So just type of VMware
and it's the first link
5677
03:42:11,859 --> 03:42:14,200
that you find you can go
ahead and download
5678
03:42:14,200 --> 03:42:16,051
VMware Workstation Pro
5679
03:42:16,200 --> 03:42:18,100
you have it in the downloads.
5680
03:42:18,600 --> 03:42:21,300
Here you can download
workstation player as well
5681
03:42:21,300 --> 03:42:24,430
or you can download
VMware Workstation Pro now.
5682
03:42:24,430 --> 03:42:25,835
Once that is downloaded.
5683
03:42:25,835 --> 03:42:28,600
You will have to download
a curl Linux ISO image
5684
03:42:28,600 --> 03:42:32,000
so that you will have to go
for official Kali Linux website
5685
03:42:32,000 --> 03:42:33,567
just type for Kali Linux
5686
03:42:33,567 --> 03:42:36,900
and it's the first link you
can see downloads option
5687
03:42:36,900 --> 03:42:38,500
here click on download
5688
03:42:38,600 --> 03:42:39,094
and yeah,
5689
03:42:39,094 --> 03:42:41,800
you can see different
download options here you
5690
03:42:41,800 --> 03:42:44,987
have color Linux light
for 64-bit as well as 32 bit.
5691
03:42:44,987 --> 03:42:47,800
And then there is
Kali Linux 64-bit and 32-bit
5692
03:42:47,800 --> 03:42:50,800
and you have Great images
for VMware and Wachtel boxes.
5693
03:42:50,800 --> 03:42:53,900
Well suppose you want to skip
the entire lengthy procedure
5694
03:42:53,900 --> 03:42:56,450
of installing it and you
want to just use the image,
5695
03:42:56,450 --> 03:42:58,700
then you can go ahead and use
this color Linux
5696
03:42:58,700 --> 03:42:59,783
64-bit for VMware
5697
03:42:59,783 --> 03:43:02,692
or virtual box same goes
for the 32-bit as well.
5698
03:43:02,692 --> 03:43:05,700
But since we are focusing
on installing right now,
5699
03:43:05,700 --> 03:43:08,017
let's just go ahead
and download ISO file
5700
03:43:08,017 --> 03:43:10,900
and install it from
the beginning until last step.
5701
03:43:10,900 --> 03:43:12,464
I have already downloaded it.
5702
03:43:12,464 --> 03:43:15,000
So I have an ISO file
downloaded on my computer.
5703
03:43:15,000 --> 03:43:17,500
So all you have to do is
just click on the torrent link.
5704
03:43:17,500 --> 03:43:18,600
It will be downloaded.
5705
03:43:18,600 --> 03:43:21,700
Let's open VMware then so
as you can see,
5706
03:43:21,700 --> 03:43:24,300
I have the embed workstation
Pro installed here.
5707
03:43:24,300 --> 03:43:27,806
So I already have two about to
Virtual Machine installed
5708
03:43:27,806 --> 03:43:29,400
on my VMware Workstation.
5709
03:43:29,400 --> 03:43:31,900
As you can see on the home page
three different options.
5710
03:43:31,900 --> 03:43:33,650
It says create
a new virtual machine
5711
03:43:33,650 --> 03:43:36,350
or open a virtual machine
and connect to remote server.
5712
03:43:36,350 --> 03:43:37,818
So if you want to
create a color index
5713
03:43:37,818 --> 03:43:39,800
or any other washing machine
from step one,
5714
03:43:39,800 --> 03:43:42,434
you can use this create
a new virtual machine option.
5715
03:43:42,434 --> 03:43:45,489
Well, if you have an image of
and watch the machine already,
5716
03:43:45,489 --> 03:43:47,439
and if you want to just
use it and avoid
5717
03:43:47,439 --> 03:43:48,500
installation procedure.
5718
03:43:48,500 --> 03:43:50,400
Then you can go
ahead and use this open
5719
03:43:50,400 --> 03:43:51,600
a virtual machine option
5720
03:43:51,600 --> 03:43:54,400
while just click on this
create a new virtual machine
5721
03:43:54,400 --> 03:43:57,100
and click on next
as you can see here.
5722
03:43:57,100 --> 03:44:00,000
You have an option which says
installer disc image file.
5723
03:44:00,000 --> 03:44:01,100
ISO file.
5724
03:44:01,100 --> 03:44:03,400
You'll have to attach
your so click on browse.
5725
03:44:03,400 --> 03:44:05,897
Let's see where I've stored
my color Linux as you can see.
5726
03:44:05,897 --> 03:44:08,500
I already have it here
and there's one file here.
5727
03:44:08,500 --> 03:44:10,900
Let me click on that and open
5728
03:44:11,500 --> 03:44:13,333
so I don't bother
about this at all.
5729
03:44:13,333 --> 03:44:15,900
It usually shows that
and then click on next year.
5730
03:44:16,000 --> 03:44:17,000
So it's asking
5731
03:44:17,000 --> 03:44:18,950
which operating system
will Be installed
5732
03:44:18,950 --> 03:44:20,176
on this virtual machine.
5733
03:44:20,176 --> 03:44:21,300
I wanted to be Line-X.
5734
03:44:21,300 --> 03:44:26,100
So make sure you select
Linux 64-bit and click
5735
03:44:26,100 --> 03:44:29,500
on next you have an option
to name your virtual machine.
5736
03:44:29,500 --> 03:44:31,700
Let's say Kali Linux.
5737
03:44:32,500 --> 03:44:34,400
And where do I want to store it
5738
03:44:34,400 --> 03:44:37,600
in my documents under watching
machines color next sure
5739
03:44:37,600 --> 03:44:38,800
and click on next.
5740
03:44:39,000 --> 03:44:41,000
It says it already exists.
5741
03:44:41,000 --> 03:44:43,200
Let me try this one.
5742
03:44:43,200 --> 03:44:47,600
Then let's take our Linux one
and next Yeah,
5743
03:44:47,800 --> 03:44:51,100
so basically Your Kali Linux
will need about a 20 GB.
5744
03:44:51,100 --> 03:44:55,200
Let's assign some 40 GB are
that's the maximum this size
5745
03:44:55,200 --> 03:44:56,040
that you can a lot
5746
03:44:56,040 --> 03:44:58,000
while you can a lot more
than that as well.
5747
03:44:58,000 --> 03:45:01,215
But minimum it needs about 20 GB
and you have an option
5748
03:45:01,215 --> 03:45:04,500
with Stay Store virtual disk as
a single file or multiple files.
5749
03:45:04,500 --> 03:45:07,565
Let's just select store
virtual disk as a single file
5750
03:45:07,565 --> 03:45:10,100
toward complications
and click on next here.
5751
03:45:10,200 --> 03:45:10,950
So as you can see,
5752
03:45:10,950 --> 03:45:13,499
you can review your virtual
machine settings here.
5753
03:45:13,499 --> 03:45:16,000
You have an option to make
changes to the settings.
5754
03:45:16,000 --> 03:45:18,554
You can make changes right now,
or you can do it later.
5755
03:45:18,554 --> 03:45:19,099
It as well.
5756
03:45:19,099 --> 03:45:21,100
Let's just go ahead
and make changes now.
5757
03:45:21,100 --> 03:45:23,500
Click on the customize
Hardware option here.
5758
03:45:23,600 --> 03:45:26,300
Well as for the memory
for this virtual machine,
5759
03:45:26,300 --> 03:45:27,300
it totally depends
5760
03:45:27,300 --> 03:45:29,400
on what you're using
virtual machine for
5761
03:45:29,400 --> 03:45:31,300
if you're not using
it for heavy works.
5762
03:45:31,300 --> 03:45:33,300
Then you can assign
least amount of memory.
5763
03:45:33,365 --> 03:45:36,134
Let's say I want
to assign about 2GB.
5764
03:45:36,400 --> 03:45:37,200
There we go.
5765
03:45:37,200 --> 03:45:39,214
And as for the processors number
5766
03:45:39,214 --> 03:45:42,300
of processors 1 and the number
of core processors,
5767
03:45:42,300 --> 03:45:43,900
you can choose as
many as you want.
5768
03:45:43,900 --> 03:45:46,342
Let's say to this
will increase the performance
5769
03:45:46,342 --> 03:45:47,754
of your virtual machine,
5770
03:45:47,754 --> 03:45:48,600
so and again,
5771
03:45:48,600 --> 03:45:52,368
Totally depends on whatever
you want to choose and yeah,
5772
03:45:52,368 --> 03:45:55,900
we have already attached
the image network adapter you
5773
03:45:55,900 --> 03:45:58,900
can set for not USB controller
and sound card.
5774
03:45:58,900 --> 03:46:01,100
You can retain
the default settings.
5775
03:46:01,100 --> 03:46:04,783
And as for the display click
on accelerated 3D Graphics sense
5776
03:46:04,783 --> 03:46:07,600
what color Linux has
a graphical user interface
5777
03:46:07,600 --> 03:46:10,658
and it says 768mb is
the recommended amount of memory
5778
03:46:10,658 --> 03:46:12,320
that you can use for graphics.
5779
03:46:12,320 --> 03:46:15,200
So let's go ahead and select
that and click on close.
5780
03:46:15,200 --> 03:46:17,230
Well, you can actually
make all the settings
5781
03:46:17,230 --> 03:46:18,600
after installing color index.
5782
03:46:18,600 --> 03:46:19,800
As well no problem there.
5783
03:46:19,800 --> 03:46:21,900
Once you've done
that click on finish here,
5784
03:46:22,300 --> 03:46:24,550
as you can see,
my color Linux image is ready.
5785
03:46:24,550 --> 03:46:25,400
For installation.
5786
03:46:25,400 --> 03:46:26,733
You have two options to power up
5787
03:46:26,733 --> 03:46:28,400
as you can see you have
this option here.
5788
03:46:28,400 --> 03:46:30,500
You can click on that to power
on this virtual machine,
5789
03:46:30,500 --> 03:46:32,000
or you can go ahead
and click on this.
5790
03:46:32,000 --> 03:46:33,500
Let me click on this.
5791
03:46:35,700 --> 03:46:37,000
So once you click on that,
5792
03:46:37,000 --> 03:46:39,399
you should be greeted
with this Kali boot screen
5793
03:46:39,399 --> 03:46:41,800
as you can see,
there are a lot of options here.
5794
03:46:41,800 --> 03:46:44,221
We did discuss live
option earlier, right?
5795
03:46:44,221 --> 03:46:45,336
So if you don't want
5796
03:46:45,336 --> 03:46:48,001
any trace of Kali Linux
on your operating system,
5797
03:46:48,001 --> 03:46:50,316
you can go ahead and use
live option here.
5798
03:46:50,316 --> 03:46:51,082
You have live
5799
03:46:51,082 --> 03:46:54,258
USB persistence mode and live
USB encrypted persistence
5800
03:46:54,258 --> 03:46:55,093
as well suppose.
5801
03:46:55,093 --> 03:46:57,549
You want to store some data
and save it for later
5802
03:46:57,549 --> 03:47:00,004
the boots you can use
live persistent option here
5803
03:47:00,004 --> 03:47:02,000
and most of the time
people get confused
5804
03:47:02,000 --> 03:47:03,900
with this installing
graphical install.
5805
03:47:04,000 --> 03:47:05,700
Just don't go ahead
and click on it.
5806
03:47:05,700 --> 03:47:06,900
Style option do it only
5807
03:47:06,900 --> 03:47:09,500
if you are well versed
with command line interface.
5808
03:47:09,500 --> 03:47:12,600
So basically that install option
is for command line interface.
5809
03:47:12,600 --> 03:47:15,500
So you will be greeted with Kali
Linux command line interface
5810
03:47:15,500 --> 03:47:17,100
since if you're doing it
5811
03:47:17,100 --> 03:47:19,600
if you're using Kali Linux
for the first time go ahead
5812
03:47:19,600 --> 03:47:22,342
with graphical installed select
the graphical install
5813
03:47:22,342 --> 03:47:23,200
and click enter.
5814
03:47:26,000 --> 03:47:26,900
So as you can see,
5815
03:47:26,900 --> 03:47:29,542
it will start
mounting storage devices
5816
03:47:29,542 --> 03:47:33,400
whole installation process
might take about 10 minutes.
5817
03:47:33,500 --> 03:47:34,730
So it's prompting you
5818
03:47:34,730 --> 03:47:37,906
to select a language so select
your preferred language,
5819
03:47:37,906 --> 03:47:39,301
then you control location.
5820
03:47:39,301 --> 03:47:40,301
Let's say English
5821
03:47:40,301 --> 03:47:42,983
and click on enter
and it's asking you
5822
03:47:42,983 --> 03:47:45,500
for the country location
just give United States
5823
03:47:45,500 --> 03:47:48,881
and enter and I want
the keyboard to be configured
5824
03:47:48,881 --> 03:47:50,300
with American English.
5825
03:47:50,300 --> 03:47:52,000
You can choose
any native language.
5826
03:47:52,000 --> 03:47:53,958
Like I said earlier it supports
5827
03:47:53,958 --> 03:47:56,800
multilingual or it
supports Get the languages.
5828
03:47:56,800 --> 03:47:58,200
So go ahead and choose it,
5829
03:47:58,200 --> 03:48:01,200
but it might complicate the way
you use Khalil mix later.
5830
03:48:01,200 --> 03:48:04,300
So you can always go ahead
and stick out with English only.
5831
03:48:04,400 --> 03:48:05,800
Well, it doesn't matter.
5832
03:48:06,200 --> 03:48:08,900
So as you can see
it's configuring the network.
5833
03:48:09,200 --> 03:48:12,800
So it will detect the ISO file
and load installation component
5834
03:48:12,800 --> 03:48:15,800
and then prompt you to enter
the hostname for your system
5835
03:48:15,800 --> 03:48:17,446
while in this installation.
5836
03:48:17,446 --> 03:48:20,007
Let's just enter Kali
and click on and off.
5837
03:48:20,007 --> 03:48:23,200
You can give the name you want
and next it's asking you
5838
03:48:23,200 --> 03:48:24,600
for the domain name suppose.
5839
03:48:24,600 --> 03:48:25,985
You have set
up virtual machines.
5840
03:48:25,985 --> 03:48:28,200
Jeans, and if you want to give
all of them a domain name,
5841
03:48:28,200 --> 03:48:30,000
you can assign
a domain name as well,
5842
03:48:30,000 --> 03:48:31,000
but it's optional.
5843
03:48:31,000 --> 03:48:33,700
Let's not give any domain name
here and click on enter.
5844
03:48:33,700 --> 03:48:36,600
The next thing it does is it
will prompt you for the password
5845
03:48:36,600 --> 03:48:39,600
that you'll have to enter every
time you launch your Kali Linux.
5846
03:48:39,600 --> 03:48:42,100
So just give some password
of your choice.
5847
03:48:43,103 --> 03:48:44,796
And click on continue.
5848
03:48:46,000 --> 03:48:48,800
The best thing about callanetics
is you can set up date
5849
03:48:48,800 --> 03:48:49,700
and time as well.
5850
03:48:49,700 --> 03:48:51,150
You can make it
later as well,
5851
03:48:51,150 --> 03:48:52,568
but you can choose it here.
5852
03:48:52,568 --> 03:48:55,300
So just click on Eastern
of whichever choice you like
5853
03:48:55,300 --> 03:48:56,300
and click on enter.
5854
03:48:59,000 --> 03:49:00,618
So the installer will now prob
5855
03:49:00,618 --> 03:49:03,127
your disk and offer you
four different choices,
5856
03:49:03,127 --> 03:49:04,039
as you can see,
5857
03:49:04,039 --> 03:49:07,200
it says guided use entire disk
guided use entire disk
5858
03:49:07,200 --> 03:49:08,095
and setup lvm,
5859
03:49:08,095 --> 03:49:10,722
which is logical volume
manager same thing,
5860
03:49:10,722 --> 03:49:12,500
which is encrypted and manual.
5861
03:49:12,500 --> 03:49:13,900
So if you are an expert,
5862
03:49:13,900 --> 03:49:15,600
if you already use
this color index
5863
03:49:15,600 --> 03:49:16,795
before you can go ahead
5864
03:49:16,795 --> 03:49:19,500
and select any of this three
options from the bottom.
5865
03:49:19,500 --> 03:49:21,900
That's he'll be a more manual
or encrypted lvm.
5866
03:49:21,900 --> 03:49:23,187
Otherwise, you can always
5867
03:49:23,187 --> 03:49:25,918
go ahead and choose guided
use entire disk option here
5868
03:49:25,918 --> 03:49:27,000
if you are a beginner
5869
03:49:27,000 --> 03:49:30,017
and click on enter so This
is the disk partition.
5870
03:49:30,017 --> 03:49:33,500
Where'd all the data will be
stored and click on continue.
5871
03:49:33,500 --> 03:49:35,600
It's asking if you want
to stores all files
5872
03:49:35,600 --> 03:49:36,449
in one partition,
5873
03:49:36,449 --> 03:49:38,100
or if you want
to make partitions.
5874
03:49:38,100 --> 03:49:39,168
So depending on your needs,
5875
03:49:39,168 --> 03:49:41,200
you can go ahead and choose
to keep all your files
5876
03:49:41,200 --> 03:49:42,100
in single partition,
5877
03:49:42,100 --> 03:49:44,600
which is default or you
have separate partition
5878
03:49:44,600 --> 03:49:47,110
for one or more
of the top-level directories.
5879
03:49:47,110 --> 03:49:48,944
Let's just choose
the first option
5880
03:49:48,944 --> 03:49:50,000
and click on enter.
5881
03:49:50,100 --> 03:49:51,800
So once you've done
that you'll have
5882
03:49:51,800 --> 03:49:54,200
one last chance to review
our disk configuration.
5883
03:49:54,200 --> 03:49:55,000
Once you're sure
5884
03:49:55,000 --> 03:49:57,500
that you've given correct
details click on enter here.
5885
03:49:57,600 --> 03:50:00,582
It's asking if the changes
that you make to Kali Linux
5886
03:50:00,582 --> 03:50:02,700
should be written
to the disk or not.
5887
03:50:02,700 --> 03:50:03,600
So say yes.
5888
03:50:04,700 --> 03:50:08,100
So we did start partition
and install the washing machine.
5889
03:50:09,400 --> 03:50:10,552
It took a while but
5890
03:50:10,552 --> 03:50:13,100
as you can see installation
is almost done.
5891
03:50:13,100 --> 03:50:16,100
It's asking me to configure
the package manager.
5892
03:50:16,100 --> 03:50:17,950
Well, if you select
no in the session,
5893
03:50:17,950 --> 03:50:19,700
you will not be able
to install packages
5894
03:50:19,700 --> 03:50:23,000
from Cali repositories later
and click on continue.
5895
03:50:23,400 --> 03:50:26,300
So suppose if you want
to install other repositories
5896
03:50:26,300 --> 03:50:28,900
or updates later on you
can always go and click on yes.
5897
03:50:28,900 --> 03:50:31,900
Otherwise, it's always otherwise
you can go for know as well.
5898
03:50:32,000 --> 03:50:34,100
Now it's going to configure
the package manager
5899
03:50:34,400 --> 03:50:35,700
will install package manager
5900
03:50:35,700 --> 03:50:38,400
and configure it then it
will install GRUB boot loader.
5901
03:50:39,900 --> 03:50:40,692
And it's asking
5902
03:50:40,692 --> 03:50:43,966
if you want to install GRUB boot
loader to master boot record.
5903
03:50:43,966 --> 03:50:44,576
Definitely.
5904
03:50:44,576 --> 03:50:45,459
Yes so select.
5905
03:50:45,459 --> 03:50:47,100
Yes and click on continue.
5906
03:50:47,100 --> 03:50:50,000
So it's asking to select
the device manually.
5907
03:50:50,000 --> 03:50:52,600
You can click
the select the device.
5908
03:50:53,200 --> 03:50:55,000
So yeah, guys we're done here.
5909
03:50:55,000 --> 03:50:56,000
So you can finally click
5910
03:50:56,000 --> 03:50:58,900
on continue option to reboot
your new color installation.
5911
03:50:58,900 --> 03:50:59,900
So as you can see
5912
03:50:59,900 --> 03:51:02,600
the entire process took
about 10 to 11 minutes.
5913
03:51:02,900 --> 03:51:05,500
So yeah, let's go ahead
and click on continue here.
5914
03:51:05,500 --> 03:51:07,400
It's gonna finish
the installation.
5915
03:51:08,200 --> 03:51:10,685
So guys as you can see
the installation process
5916
03:51:10,685 --> 03:51:12,900
from the step where we
select the language
5917
03:51:12,900 --> 03:51:14,300
till the last step is same.
5918
03:51:14,300 --> 03:51:17,300
It's just the medium on which
you are installing is different
5919
03:51:17,300 --> 03:51:18,500
for example, right now.
5920
03:51:18,500 --> 03:51:20,006
We use VMware later on.
5921
03:51:20,006 --> 03:51:22,259
I'll show you
how to use virtualbox.
5922
03:51:22,259 --> 03:51:25,800
But once you color Linux image
is ready to boot the rest
5923
03:51:25,800 --> 03:51:28,400
of the installation process
is similar to this.
5924
03:51:29,300 --> 03:51:31,300
So it's finished installing.
5925
03:51:31,700 --> 03:51:33,600
It's loading the image.
5926
03:51:36,000 --> 03:51:36,796
So if you have done
5927
03:51:36,796 --> 03:51:38,875
everything right during
the installation process
5928
03:51:38,875 --> 03:51:40,600
and according to
your needs your land up
5929
03:51:40,600 --> 03:51:42,300
in this page use a name.
5930
03:51:42,338 --> 03:51:45,261
So we've given
at this Scully right kli
5931
03:51:45,584 --> 03:51:49,200
and password as you can see
it showing an error.
5932
03:51:49,200 --> 03:51:50,400
It says the didn't work.
5933
03:51:50,400 --> 03:51:51,500
Please try again.
5934
03:51:51,500 --> 03:51:53,703
This is mostly
because if first time
5935
03:51:53,703 --> 03:51:54,877
when you log in you
5936
03:51:54,877 --> 03:51:57,600
should use word root as
your default username.
5937
03:51:57,600 --> 03:51:58,200
But later on
5938
03:51:58,200 --> 03:52:00,700
once you have already logged
in you can change the username
5939
03:52:00,700 --> 03:52:02,500
according to your need so root
5940
03:52:02,500 --> 03:52:04,600
and password you can use
the same password
5941
03:52:04,600 --> 03:52:06,100
which you set
during installation.
5942
03:52:06,100 --> 03:52:09,800
In process so as you
can see login is successful
5943
03:52:10,300 --> 03:52:13,200
and here I go my Kali
Linux is up and running
5944
03:52:13,200 --> 03:52:16,144
so I can start using cullinan X
according to my needs.
5945
03:52:16,144 --> 03:52:17,165
So once you've done
5946
03:52:17,165 --> 03:52:19,539
that you can go ahead
and install VMware tools
5947
03:52:19,539 --> 03:52:22,600
so that you can maximize it
full screen and all that stuff.
5948
03:52:22,600 --> 03:52:24,300
You can also go ahead
and change the date
5949
03:52:24,300 --> 03:52:25,200
and time settings.
5950
03:52:25,200 --> 03:52:27,900
As you can see here can go
for the settings option here
5951
03:52:27,900 --> 03:52:28,908
and do the settings
5952
03:52:28,908 --> 03:52:30,157
and you can start using
5953
03:52:30,157 --> 03:52:33,200
Color Linux for hacking and
penetration testing purposes.
5954
03:52:33,200 --> 03:52:35,000
So it's as easy as that guys.
5955
03:52:35,100 --> 03:52:37,400
So please Please go
ahead and try installing it.
5956
03:52:37,400 --> 03:52:40,200
Well, if you find any errors
during installation process,
5957
03:52:40,200 --> 03:52:41,696
let us know
in the comment session.
5958
03:52:41,696 --> 03:52:43,500
We'll get back to you
as soon as possible.
5959
03:52:43,500 --> 03:52:43,732
Now.
5960
03:52:43,732 --> 03:52:45,500
Let's move on
to our second demo.
5961
03:52:45,700 --> 03:52:45,935
Now.
5962
03:52:45,935 --> 03:52:47,817
We'll see how to launch Cullen X
5963
03:52:47,817 --> 03:52:51,200
on Mac operating system using
virtualbox in the previous demo.
5964
03:52:51,200 --> 03:52:53,815
We use VMware and now
we'll be using virtualbox.
5965
03:52:53,815 --> 03:52:56,200
But actually I'm not using
any Mac system here
5966
03:52:56,200 --> 03:52:57,200
operating system,
5967
03:52:57,200 --> 03:53:00,082
but I'll show you
how to install using virtualbox.
5968
03:53:00,082 --> 03:53:01,800
The procedure is very similar.
5969
03:53:01,800 --> 03:53:04,600
So all you have to do is
on your Mac operating system.
5970
03:53:04,600 --> 03:53:08,100
Go ahead and click a
for Should box download.
5971
03:53:08,700 --> 03:53:10,700
So this is the
virtualbox official page.
5972
03:53:10,700 --> 03:53:12,900
You can go ahead and click
on downloads here.
5973
03:53:12,900 --> 03:53:15,300
As you can see you have
different options here.
5974
03:53:15,300 --> 03:53:16,272
It says windows
5975
03:53:16,272 --> 03:53:20,100
for Windows operating system
OS X host line X and solar host
5976
03:53:20,100 --> 03:53:22,020
since if you're using
Windows then go ahead
5977
03:53:22,020 --> 03:53:23,049
and select Windows host.
5978
03:53:23,049 --> 03:53:25,200
But as for Mark,
you'll have to select this.
5979
03:53:25,200 --> 03:53:26,600
It's mostly a DOT exe file.
5980
03:53:26,600 --> 03:53:29,000
Once you've done
that you can install virtualbox.
5981
03:53:29,000 --> 03:53:30,600
It's just click
on next next next
5982
03:53:30,600 --> 03:53:31,679
and it will walk out
5983
03:53:31,679 --> 03:53:33,965
and provide settings
according to your need.
5984
03:53:33,965 --> 03:53:35,812
I already have
installed virtualbox.
5985
03:53:35,812 --> 03:53:37,869
It's the next thing
you do is similar as
5986
03:53:37,869 --> 03:53:39,400
what you've done with VMware.
5987
03:53:39,400 --> 03:53:42,100
Go ahead and download
official Kali Linux image.
5988
03:53:42,100 --> 03:53:44,600
Make sure you don't download
any duplicate versions
5989
03:53:44,600 --> 03:53:46,422
of ISO file from other websites.
5990
03:53:46,422 --> 03:53:49,100
Make sure you download it
from original website.
5991
03:53:49,100 --> 03:53:51,092
If you want to do it
from the beginning
5992
03:53:51,092 --> 03:53:53,288
go ahead and install
ISO file your torrent
5993
03:53:53,288 --> 03:53:54,700
or you can just go ahead
5994
03:53:54,700 --> 03:53:58,100
and download just the image
for Wii virtual box here
5995
03:53:58,100 --> 03:54:00,982
for 64 bit and you have option
for 32-bit as well.
5996
03:54:00,982 --> 03:54:02,400
I've already done that.
5997
03:54:02,400 --> 03:54:04,500
So let me open my Virtual box.
5998
03:54:05,000 --> 03:54:08,400
Yeah artists the procedure
for VMware and watch
5999
03:54:08,400 --> 03:54:11,000
the box is almost seen
just slight difference.
6000
03:54:11,000 --> 03:54:13,000
Let me maximize
the screen for you guys
6001
03:54:13,000 --> 03:54:14,480
as you can see I already have
6002
03:54:14,480 --> 03:54:16,530
and watching machine
launched up here.
6003
03:54:16,530 --> 03:54:17,817
I haven't powered it up yet.
6004
03:54:17,817 --> 03:54:19,950
Anyway, I'll show you
how to install new one.
6005
03:54:19,950 --> 03:54:21,500
Just click on new' option here.
6006
03:54:21,600 --> 03:54:24,600
This is your
virtualbox homepage guys.
6007
03:54:24,700 --> 03:54:27,100
So click on New Year
and just give a name.
6008
03:54:27,100 --> 03:54:28,100
We've already given
6009
03:54:28,100 --> 03:54:30,349
color Linux all you're right
for the virtual machine.
6010
03:54:30,349 --> 03:54:32,000
So let's give it
some of the name.
6011
03:54:32,000 --> 03:54:34,492
Let's say capital K L line.
6012
03:54:34,492 --> 03:54:37,800
Unix and choose the type
of operating system
6013
03:54:37,800 --> 03:54:40,300
that's line X and here 64-bit -
6014
03:54:40,300 --> 03:54:42,800
64-bit according to
your operating system needs you
6015
03:54:42,800 --> 03:54:44,300
can go ahead and choose it 32
6016
03:54:44,300 --> 03:54:46,900
but as well click
on next and again,
6017
03:54:46,900 --> 03:54:47,900
like I said earlier
6018
03:54:47,900 --> 03:54:50,700
depending on what you're doing
on color Linux operating system
6019
03:54:50,700 --> 03:54:53,300
or virtual machine you go ahead
and design the memory
6020
03:54:53,400 --> 03:54:54,617
since I'm just showing you
6021
03:54:54,617 --> 03:54:57,100
how to install I'm not assigning
much memory you have.
6022
03:54:57,100 --> 03:55:00,000
So let's just retain
the default ones it to 4mb.
6023
03:55:00,000 --> 03:55:02,100
That's 1 GB and click on next
6024
03:55:02,100 --> 03:55:04,700
and it's asking you have
a three options here.
6025
03:55:04,700 --> 03:55:07,900
Of not to add virtual artists
create virtual orders now
6026
03:55:07,900 --> 03:55:10,400
and you can go ahead and add
a virtual hard disk,
6027
03:55:10,400 --> 03:55:12,200
you use an external
virtual hard disk.
6028
03:55:12,200 --> 03:55:14,300
Go ahead and select
the second option click
6029
03:55:14,300 --> 03:55:16,900
on create and use
virtualbox image.
6030
03:55:16,900 --> 03:55:19,400
Like I said earlier
we downloaded ISO image,
6031
03:55:19,400 --> 03:55:22,700
right and it's an ISO file
with extension dot
6032
03:55:22,700 --> 03:55:26,800
is oh, so basically it's nothing
but image so click on next
6033
03:55:26,800 --> 03:55:28,900
and I want to the storage
6034
03:55:28,900 --> 03:55:31,792
on physical hard disk
to be assigned dynamically
6035
03:55:31,792 --> 03:55:32,900
and click on next.
6036
03:55:32,900 --> 03:55:35,000
So this is the name
of the virtual machine
6037
03:55:35,000 --> 03:55:37,800
which we just gave all your
it's asking you to choose
6038
03:55:37,800 --> 03:55:40,300
the path wherever you want
to store your virtual machine.
6039
03:55:40,300 --> 03:55:42,500
Let's say documents
6040
03:55:43,046 --> 03:55:46,353
and watching machines click
on open and save
6041
03:55:46,900 --> 03:55:48,300
so that's the part of setup.
6042
03:55:48,600 --> 03:55:50,100
And as for the memory call
6043
03:55:50,100 --> 03:55:52,900
you always needs you
to assign at least 20 GB.
6044
03:55:53,000 --> 03:55:54,000
So let's go ahead
6045
03:55:54,000 --> 03:55:56,600
and give 20 GB you
can always assign more than that
6046
03:55:57,002 --> 03:55:58,540
and click on create.
6047
03:55:59,900 --> 03:56:02,000
So this is the one we
just created right?
6048
03:56:02,000 --> 03:56:02,860
It's ready.
6049
03:56:02,900 --> 03:56:05,000
Just click on settings
before you power up.
6050
03:56:05,000 --> 03:56:06,600
You'll have to make
certain settings.
6051
03:56:06,800 --> 03:56:08,311
So if you want to change name
6052
03:56:08,311 --> 03:56:10,500
or type and version
you can always go ahead
6053
03:56:10,500 --> 03:56:11,400
and do that here.
6054
03:56:11,400 --> 03:56:14,164
We don't have anything
in advance is just the folder
6055
03:56:14,164 --> 03:56:17,203
where your virtual machine
with this Toad go for systems.
6056
03:56:17,203 --> 03:56:19,700
We won't be using
any floppy disk are so right.
6057
03:56:19,700 --> 03:56:22,500
So on ticket or uncheck it and
6058
03:56:22,500 --> 03:56:23,500
yeah, this is memory
6059
03:56:23,500 --> 03:56:25,758
if you want to go ahead
and change or assign more memory
6060
03:56:25,758 --> 03:56:26,908
because the performance
6061
03:56:26,908 --> 03:56:28,600
of your virtual machine
is not that great.
6062
03:56:28,600 --> 03:56:31,100
It you can go ahead and do
that for the process
6063
03:56:31,100 --> 03:56:33,400
of make sure you enable
this extended features.
6064
03:56:33,400 --> 03:56:35,400
So basically if you want
to increase the performance
6065
03:56:35,400 --> 03:56:37,000
of your virtual
machine the number
6066
03:56:37,000 --> 03:56:39,800
of processors you assign
should increase Well for now
6067
03:56:39,800 --> 03:56:40,850
since I'm to show you
6068
03:56:40,850 --> 03:56:43,400
how to install and just going
to assign one you have option
6069
03:56:43,400 --> 03:56:45,400
to increase to say to like that.
6070
03:56:45,400 --> 03:56:47,000
And as for the display,
6071
03:56:47,000 --> 03:56:50,700
you can enable 3D acceleration
display storage settings.
6072
03:56:50,700 --> 03:56:52,800
This is the most
important one right now.
6073
03:56:52,800 --> 03:56:55,900
We don't have any image attached
to your so click on this empty
6074
03:56:55,900 --> 03:56:57,171
and click on the CD image
6075
03:56:57,171 --> 03:56:58,900
that you see here
and choose watch.
6076
03:56:59,500 --> 03:57:01,600
And attach the image or die.
6077
03:57:01,600 --> 03:57:03,130
So Fire torrent file,
6078
03:57:03,130 --> 03:57:06,718
which you just downloaded
click on open and audio
6079
03:57:06,718 --> 03:57:09,500
no settings default
Network by default.
6080
03:57:09,500 --> 03:57:11,200
You can always set it for Nat
6081
03:57:11,200 --> 03:57:13,800
since we're using only one
watching machine ha but
6082
03:57:13,800 --> 03:57:16,900
if you want to use a cuddle in X
with any other motion machine
6083
03:57:16,900 --> 03:57:20,800
like Metasploit able to you can
go ahead and use this host-only
6084
03:57:20,800 --> 03:57:23,422
adapter option here
because when you use Nat
6085
03:57:23,422 --> 03:57:25,200
and when you have
two virtual machines,
6086
03:57:25,200 --> 03:57:27,395
both of them will be assigned
with same IP address,
6087
03:57:27,395 --> 03:57:28,896
which will definitely a problem.
6088
03:57:28,896 --> 03:57:29,696
L'm because both
6089
03:57:29,696 --> 03:57:31,973
of these virtual machines
need to interact right?
6090
03:57:31,973 --> 03:57:32,400
So, yeah.
6091
03:57:32,400 --> 03:57:34,400
Well, I'm just saying all
this video information
6092
03:57:34,400 --> 03:57:36,482
so you can go ahead
and click on host-only adapter
6093
03:57:36,482 --> 03:57:37,887
if you using 2 virtual machines
6094
03:57:37,887 --> 03:57:39,700
and you want them
to interact as for now,
6095
03:57:39,700 --> 03:57:41,753
I'm just retaining
it Nat and rest
6096
03:57:41,753 --> 03:57:45,300
you can you don't have to make
any changes and click on OK
6097
03:57:45,400 --> 03:57:47,300
once you've made all
the settings click
6098
03:57:47,300 --> 03:57:50,100
on this or you can go ahead
and click on start option.
6099
03:57:50,100 --> 03:57:55,700
Are you can light click
on it and start Again,
6100
03:57:55,700 --> 03:57:56,300
like I said,
6101
03:57:56,300 --> 03:57:59,900
the installation process from
Step One is very similar to that
6102
03:57:59,900 --> 03:58:01,000
whether using VMware.
6103
03:58:01,000 --> 03:58:03,800
So again, you'll be greeted
with Kali boot screen and you
6104
03:58:03,800 --> 03:58:05,300
have multiple options again.
6105
03:58:05,300 --> 03:58:07,100
I'm not repeating
the entire thing here.
6106
03:58:07,100 --> 03:58:09,000
So go ahead and click
on graphical install.
6107
03:58:09,000 --> 03:58:10,889
And if you're a pro
and using command line,
6108
03:58:10,889 --> 03:58:12,437
you can always go
for install option.
6109
03:58:12,437 --> 03:58:15,000
And if you want to just use it
for one time purpose,
6110
03:58:15,000 --> 03:58:16,900
you can always go
for live option here.
6111
03:58:17,000 --> 03:58:17,800
That's all guys.
6112
03:58:17,800 --> 03:58:19,700
I'm sure you can catch
it from here, right?
6113
03:58:19,700 --> 03:58:22,964
Because it's almost similar
to the ones we did using VMware
6114
03:58:22,964 --> 03:58:26,200
if you have Here are just go
back and take a look at it.
6115
03:58:26,200 --> 03:58:27,751
Yeah, well, like I said,
6116
03:58:27,751 --> 03:58:31,600
I showed you on how to use
virtualbox to install Kali Linux
6117
03:58:31,600 --> 03:58:33,000
on Windows operating system.
6118
03:58:33,000 --> 03:58:34,800
Well, let's aim
for the Mac as well.
6119
03:58:34,800 --> 03:58:38,000
You just have to download your
stuff there instead of Windows.
6120
03:58:38,000 --> 03:58:40,400
You have another option
with this operating system.
6121
03:58:40,400 --> 03:58:42,200
You can dual boot
your color Linux
6122
03:58:42,200 --> 03:58:43,800
with Windows or Mac.
6123
03:58:43,800 --> 03:58:46,583
It's not as easy as
these installation process
6124
03:58:46,583 --> 03:58:49,907
because it will involve
you setting the BIOS to changes
6125
03:58:49,907 --> 03:58:51,076
that you get to see
6126
03:58:51,076 --> 03:58:53,600
when you power up
your computer initially.
6127
03:58:53,700 --> 03:58:56,800
Make sure you refer to color
Linux official documentation
6128
03:58:56,800 --> 03:58:59,300
and make sure you've done
the installation properly
6129
03:58:59,300 --> 03:59:01,600
so that you won't mess
up your default settings.
6130
03:59:02,200 --> 03:59:04,000
So guys we are done
with two ways
6131
03:59:04,000 --> 03:59:07,201
of installing Kali Linux one
on Windows and one on Mac.
6132
03:59:07,201 --> 03:59:10,700
We saw how to install it using
VMware as well as virtual box
6133
03:59:11,100 --> 03:59:13,000
in the third part will see
6134
03:59:13,000 --> 03:59:16,000
how to install Kali tools
on any Linux distribution.
6135
03:59:16,000 --> 03:59:19,109
It could be Ubuntu Fedora
peppermint operating system
6136
03:59:19,109 --> 03:59:21,800
or any other version
or distribution of Linux.
6137
03:59:21,800 --> 03:59:22,813
The procedure is
6138
03:59:22,813 --> 03:59:25,600
actually similar in
every Linux distribution.
6139
03:59:25,600 --> 03:59:27,876
So if you follow up
on one Linux distribution,
6140
03:59:27,876 --> 03:59:29,176
you can go ahead and do it
6141
03:59:29,176 --> 03:59:31,700
on the Linux distribution
of your choice or the one
6142
03:59:31,700 --> 03:59:34,000
that you use One thing
you should remember is
6143
03:59:34,000 --> 03:59:37,400
that Kali Linux is not for
the Dai Li line X purposes.
6144
03:59:37,500 --> 03:59:39,500
Well, it's only
for ethical hacking
6145
03:59:39,500 --> 03:59:43,100
or web application penetration
testing for these purposes.
6146
03:59:43,196 --> 03:59:46,503
So guys will be using
a tool called Catalan.
6147
03:59:46,900 --> 03:59:48,500
Let me spell it for you guys.
6148
03:59:48,500 --> 03:59:50,600
It's Ka T WL iron.
6149
03:59:51,196 --> 03:59:53,503
So let's just search for that.
6150
03:59:54,500 --> 03:59:55,500
There we go.
6151
03:59:55,500 --> 03:59:58,500
It's a script that helps you
to install Kali Linux tools
6152
03:59:58,500 --> 04:00:00,700
on your Linux distribution
of your choice.
6153
04:00:00,700 --> 04:00:02,417
So it's usually
the GitHub script.
6154
04:00:02,417 --> 04:00:04,500
So click on the first link
that you find.
6155
04:00:04,500 --> 04:00:05,617
So for those of you
6156
04:00:05,617 --> 04:00:08,400
who like to use penetration
testing tools provided by
6157
04:00:08,400 --> 04:00:09,932
Kali Linux development team.
6158
04:00:09,932 --> 04:00:11,226
You can effectively do
6159
04:00:11,226 --> 04:00:14,400
that on your preferred Linux
distribution using this tool
6160
04:00:14,400 --> 04:00:17,300
which is Catalan
or Ka t oo a lion.
6161
04:00:17,500 --> 04:00:20,290
So as you can see once you've
installed Catalan properly
6162
04:00:20,290 --> 04:00:21,400
on your operating system,
6163
04:00:21,400 --> 04:00:23,200
you should be greeted
with this page.
6164
04:00:23,200 --> 04:00:24,700
I'll show you how to do that.
6165
04:00:24,700 --> 04:00:25,500
What about it?
6166
04:00:25,500 --> 04:00:27,500
So the purpose of asking you
6167
04:00:27,500 --> 04:00:31,100
to see this page is to take
a look at prerequisite hours.
6168
04:00:31,100 --> 04:00:34,381
So first thing you need
to have a python of version
6169
04:00:34,381 --> 04:00:37,400
2.7 or above installed
in your operating system
6170
04:00:37,400 --> 04:00:39,610
and you need a line
exists efficient system.
6171
04:00:39,610 --> 04:00:41,811
It could be Ubuntu
or it could be Fedora
6172
04:00:41,811 --> 04:00:44,500
or peppermint any other
planets distribution.
6173
04:00:44,500 --> 04:00:45,785
I have a bun to here.
6174
04:00:45,785 --> 04:00:47,925
I'll be using
VMware Workstation Pro.
6175
04:00:47,925 --> 04:00:50,362
It's already open but let
me just go back.
6176
04:00:50,362 --> 04:00:52,800
All you have to do is
search for one, too.
6177
04:00:53,073 --> 04:00:55,226
And click on the first link.
6178
04:00:55,900 --> 04:00:58,500
So as you can see there are
a lot of options yet
6179
04:00:58,500 --> 04:01:01,202
for to install a bin
to just click on this
6180
04:01:01,202 --> 04:01:04,300
and you'll be able
to download a file ISO image.
6181
04:01:04,300 --> 04:01:05,400
I've already done that.
6182
04:01:05,400 --> 04:01:06,400
I'm not doing it again.
6183
04:01:06,400 --> 04:01:08,134
Let's go back
to VMware Workstation
6184
04:01:08,134 --> 04:01:08,900
as you can see.
6185
04:01:08,900 --> 04:01:11,700
I already have my Ubuntu
operating system installed
6186
04:01:11,700 --> 04:01:14,400
installing a window is
it's very straightforward.
6187
04:01:14,400 --> 04:01:16,400
So just take a look
at the instructions
6188
04:01:16,400 --> 04:01:19,150
that you need to know when
you're installing Ubuntu once
6189
04:01:19,150 --> 04:01:20,463
you've done the installation,
6190
04:01:20,463 --> 04:01:22,205
which should look
something like this.
6191
04:01:22,205 --> 04:01:23,100
So let me power up.
6192
04:01:23,100 --> 04:01:24,600
I've been to operating system.
6193
04:01:29,700 --> 04:01:30,600
So as you can see,
6194
04:01:30,600 --> 04:01:33,799
once you install your land up
on this page and it's asking
6195
04:01:33,799 --> 04:01:35,800
for the password you
set up this username
6196
04:01:35,800 --> 04:01:37,870
and password during
the installation process.
6197
04:01:37,870 --> 04:01:39,000
So don't worry about it.
6198
04:01:39,000 --> 04:01:40,200
Click on enter.
6199
04:01:40,400 --> 04:01:43,300
So let's say you are
a Unix lover you
6200
04:01:43,300 --> 04:01:45,500
like using your next platform.
6201
04:01:45,600 --> 04:01:46,930
But right now you want to use
6202
04:01:46,930 --> 04:01:49,000
certain tools for performing
application penetration,
6203
04:01:49,000 --> 04:01:50,400
testing and ethical hacking.
6204
04:01:50,400 --> 04:01:51,900
You just don't need
all the tools.
6205
04:01:51,900 --> 04:01:52,832
You need few Tools
6206
04:01:52,832 --> 04:01:55,224
in that case instead of
installing color index
6207
04:01:55,224 --> 04:01:57,814
on your operating system
installing only certain
6208
04:01:57,814 --> 04:02:00,929
color Linux tools will be
The best option right for that.
6209
04:02:00,929 --> 04:02:03,400
Like I said earlier
will be using cut Olin.
6210
04:02:03,400 --> 04:02:05,900
I have a set
of four five commands
6211
04:02:05,900 --> 04:02:08,300
that you need to use
to install Catalan Festival.
6212
04:02:08,300 --> 04:02:11,100
You need to have get
on your operating system.
6213
04:02:11,100 --> 04:02:13,100
Let me check
if I have it or not.
6214
04:02:13,100 --> 04:02:15,700
Anyway, I have these five
or four set of commands
6215
04:02:15,700 --> 04:02:17,867
which will be using
I'm going to attach them
6216
04:02:17,867 --> 04:02:19,050
in the description below.
6217
04:02:19,050 --> 04:02:20,600
So if you want you can use them
6218
04:02:20,600 --> 04:02:23,500
as you can see install
get First Command.
6219
04:02:24,500 --> 04:02:26,510
It says unable to use it
6220
04:02:26,510 --> 04:02:29,279
because have to login
as a root user.
6221
04:02:29,296 --> 04:02:32,603
So let me just it's asking
for the password.
6222
04:02:33,400 --> 04:02:35,400
Yeah now I'm a root user.
6223
04:02:35,400 --> 04:02:37,300
So let me try the command again.
6224
04:02:37,500 --> 04:02:41,600
That's apt-get install Kit.
6225
04:02:42,400 --> 04:02:46,700
Yeah installing get it's just
going to take few minutes.
6226
04:02:46,900 --> 04:02:48,684
But while this is happening,
6227
04:02:48,684 --> 04:02:50,892
let's go ahead
and explore cartoon
6228
04:02:50,892 --> 04:02:52,900
to let me go for Firefox here.
6229
04:02:52,900 --> 04:02:54,913
Let's search for Carter:
6230
04:02:55,000 --> 04:02:58,100
so it's the first link guys
like I said earlier,
6231
04:02:58,100 --> 04:02:59,600
so let me scroll down
6232
04:02:59,600 --> 04:03:02,100
as we saw the should be
the home page
6233
04:03:02,100 --> 04:03:04,700
and we did take a look
at the requirements.
6234
04:03:05,900 --> 04:03:08,000
So let's just go back and see
if it's done.
6235
04:03:08,000 --> 04:03:09,400
It's still happening.
6236
04:03:09,700 --> 04:03:12,564
So one thing is make
sure you have a python
6237
04:03:12,564 --> 04:03:14,200
or version 2.7 or above.
6238
04:03:14,200 --> 04:03:17,200
Otherwise the entire thing
won't work at all.
6239
04:03:17,900 --> 04:03:18,900
Yeah guys it's done.
6240
04:03:19,200 --> 04:03:19,999
Now.
6241
04:03:20,000 --> 04:03:21,549
We are done with the first step.
6242
04:03:21,549 --> 04:03:24,400
We need to install a we need
to clone the cartel in right?
6243
04:03:24,400 --> 04:03:25,400
So what you do?
6244
04:03:25,400 --> 04:03:26,293
Like I said,
6245
04:03:26,293 --> 04:03:29,233
I have a command right
here just copy this
6246
04:03:29,233 --> 04:03:31,600
and place it over
there control C.
6247
04:03:31,600 --> 04:03:34,900
Let's go back to terminal and it
makes your skin for you guys.
6248
04:03:34,900 --> 04:03:35,300
Yeah.
6249
04:03:35,800 --> 04:03:39,200
And based so basically
I'm cloning it here
6250
04:03:39,300 --> 04:03:42,650
and the next command is
I'm copying the python file
6251
04:03:42,650 --> 04:03:44,600
to this directory and click on
6252
04:03:44,600 --> 04:03:45,700
until it's done.
6253
04:03:45,700 --> 04:03:49,500
It's just quick process now,
we'll have to change permissions
6254
04:03:49,500 --> 04:03:52,500
so that we have access
to use Catalan for that.
6255
04:03:52,500 --> 04:03:53,000
Basically.
6256
04:03:53,000 --> 04:03:54,900
We are giving
execute permission.
6257
04:03:54,900 --> 04:03:59,100
So chmod plus X. Make sure
you take a look at that +
6258
04:03:59,100 --> 04:04:02,584
x + enter we are audio
is now our cut line
6259
04:04:02,584 --> 04:04:04,430
is installed say a lion,
6260
04:04:04,600 --> 04:04:05,800
so as you can see It's
6261
04:04:05,800 --> 04:04:08,100
already the first thing
that you should do is
6262
04:04:08,100 --> 04:04:09,950
before you upgrade
your system essays.
6263
04:04:09,950 --> 04:04:12,400
Please remove all the color
like repositories to avoid
6264
04:04:12,400 --> 04:04:13,591
any kind of problems.
6265
04:04:13,591 --> 04:04:16,600
So as you can see it shows
you like five options here.
6266
04:04:16,600 --> 04:04:18,866
First one is
Azad Kali repositories
6267
04:04:18,866 --> 04:04:21,000
and update next view categories.
6268
04:04:21,000 --> 04:04:21,748
Like I said,
6269
04:04:21,748 --> 04:04:23,838
Kali Linux is 600
plus tools, right?
6270
04:04:23,838 --> 04:04:26,107
So you have different
tools categorized
6271
04:04:26,107 --> 04:04:27,415
under different headings.
6272
04:04:27,415 --> 04:04:29,313
Then you have
classic menu indicator.
6273
04:04:29,313 --> 04:04:31,000
It's nothing here
as you can see.
6274
04:04:31,000 --> 04:04:32,500
I have a small icon here.
6275
04:04:32,500 --> 04:04:33,662
If you click on that,
6276
04:04:33,662 --> 04:04:35,600
it'll just show
you different menus.
6277
04:04:35,600 --> 04:04:38,004
That's all and if you
want to install color menu
6278
04:04:38,004 --> 04:04:40,000
for easy access you
can do that as well.
6279
04:04:40,000 --> 04:04:43,500
So let me just click one
under one that says add
6280
04:04:43,500 --> 04:04:47,293
color Linux repositories update
remove and view all kundan's.
6281
04:04:47,293 --> 04:04:49,000
So let's try removing them.
6282
04:04:49,000 --> 04:04:51,400
Let's drive with
adding repositories.
6283
04:04:52,000 --> 04:04:55,026
It is there are certain
duplicate signatures removed
6284
04:04:55,026 --> 04:04:55,800
and all that.
6285
04:04:55,800 --> 04:04:57,588
So let's just try to remove
6286
04:04:57,588 --> 04:05:01,800
like they suggested earlier
have been deleted now one.
6287
04:05:03,900 --> 04:05:05,256
So if you guys want to go ahead
6288
04:05:05,256 --> 04:05:07,578
and update the repositories
already existing ones,
6289
04:05:07,578 --> 04:05:08,883
you can go ahead and do that.
6290
04:05:08,883 --> 04:05:09,600
I'm not doing it now
6291
04:05:09,600 --> 04:05:11,300
because it's going
to take a while.
6292
04:05:11,300 --> 04:05:14,100
So if you want to go
back just click back.
6293
04:05:14,100 --> 04:05:15,400
It's as easy as that.
6294
04:05:15,400 --> 04:05:17,217
Now, let's say I want
to view categories
6295
04:05:17,217 --> 04:05:19,467
and install one to love it
as you can see.
6296
04:05:19,467 --> 04:05:21,300
There are like number
of fusion number
6297
04:05:21,300 --> 04:05:22,400
of categories here.
6298
04:05:22,400 --> 04:05:25,200
So I have web application
penetration tools your
6299
04:05:25,200 --> 04:05:26,800
have password attacks.
6300
04:05:26,800 --> 04:05:28,500
I have exploitation tools.
6301
04:05:28,500 --> 04:05:29,900
Well, if you are interested,
6302
04:05:29,900 --> 04:05:32,633
there's an introduction video
of what is Kali Linux
6303
04:05:32,633 --> 04:05:33,999
by director in the south.
6304
04:05:33,999 --> 04:05:34,900
Security playlist.
6305
04:05:34,900 --> 04:05:36,600
So go ahead and take
a look at that.
6306
04:05:36,600 --> 04:05:37,600
We have explained
6307
04:05:37,600 --> 04:05:40,100
like about five to six popular
tools in Kali Linux.
6308
04:05:40,200 --> 04:05:42,300
Anyway getting back
to today's session.
6309
04:05:42,300 --> 04:05:44,300
Let me just say for
6310
04:05:44,300 --> 04:05:47,900
as you can see it lists all
the web application tools.
6311
04:05:47,900 --> 04:05:50,961
So if I want to install
all those there's an option
6312
04:05:50,961 --> 04:05:53,900
that's zero, but let's
just say I want an install
6313
04:05:53,900 --> 04:05:55,300
a tool called SQL map.
6314
04:05:55,300 --> 04:05:57,600
I'm sure you might
have heard SQL map.
6315
04:05:57,600 --> 04:05:58,500
If not, it's okay.
6316
04:05:58,500 --> 04:06:00,754
It's a tool which you
use for checking out
6317
04:06:00,754 --> 04:06:03,927
vulnerabilities at a present
an application database system.
6318
04:06:03,927 --> 04:06:06,555
So anyway, it asks
inside the number of the tool
6319
04:06:06,555 --> 04:06:07,900
that you want to install.
6320
04:06:07,900 --> 04:06:08,900
Let's say 27.
6321
04:06:09,200 --> 04:06:11,200
So as you can
see it's installing.
6322
04:06:14,600 --> 04:06:18,155
So it's as if you said guys so
once you just done installing,
6323
04:06:18,155 --> 04:06:19,400
I'll get back to you.
6324
04:06:20,600 --> 04:06:22,834
Any tool I just
showed you how to use
6325
04:06:22,834 --> 04:06:24,200
how to install SQL map
6326
04:06:24,200 --> 04:06:26,275
which is there
in web application tools.
6327
04:06:26,275 --> 04:06:27,500
You can go ahead and do
6328
04:06:27,500 --> 04:06:30,100
that for other different types
of tools as well suppose.
6329
04:06:30,100 --> 04:06:31,800
You want to install
all the tools.
6330
04:06:31,800 --> 04:06:34,600
You can go forward 0 as
in click on zero option.
6331
04:06:36,000 --> 04:06:37,000
So there you go guys.
6332
04:06:37,000 --> 04:06:38,869
I just showed you
how to install one tool
6333
04:06:38,869 --> 04:06:41,300
so you can go ahead and do
that for any kind of stool
6334
04:06:41,300 --> 04:06:42,427
under any category.
6335
04:06:42,427 --> 04:06:44,800
So if you just want
to go back click pack
6336
04:06:44,800 --> 04:06:46,523
and go for other types of tools,
6337
04:06:46,523 --> 04:06:49,700
let's say eight there you can
see so whatever different time
6338
04:06:49,700 --> 04:06:51,900
of exploration tools you
want you can go ahead
6339
04:06:51,900 --> 04:06:53,033
and install them.
6340
04:06:53,033 --> 04:06:54,500
Let me just click back
6341
04:06:54,500 --> 04:06:58,800
and the back sometimes when you
try to install all the tools,
6342
04:06:58,800 --> 04:07:00,400
you might get an error saying
6343
04:07:00,400 --> 04:07:03,200
that's the file doesn't exist
or depository doesn't exist.
6344
04:07:03,200 --> 04:07:05,700
All you have to do is go
for one First Option here.
6345
04:07:05,800 --> 04:07:07,746
As you can see here
you have option two
6346
04:07:07,746 --> 04:07:08,568
which is update.
6347
04:07:08,568 --> 04:07:10,101
So update your repositories.
6348
04:07:10,101 --> 04:07:11,656
Make sure the Kali Linux mirror
6349
04:07:11,656 --> 04:07:14,100
which is present for
the updation as the right one.
6350
04:07:14,100 --> 04:07:16,100
Once I've done
that you won't get any errors.
6351
04:07:16,100 --> 04:07:18,100
All the tools will
be installed properly.
6352
04:07:18,200 --> 04:07:20,600
So suppose you want to get
back from these cattle
6353
04:07:20,600 --> 04:07:22,800
and easy just press control C.
6354
04:07:22,800 --> 04:07:24,900
And yeah as you can see
it says goodbye.
6355
04:07:24,900 --> 04:07:28,500
So that's as easy as it is to
use colonics tools on any kind
6356
04:07:28,500 --> 04:07:29,700
of Linux distribution
6357
04:07:29,700 --> 04:07:32,580
while I've showed you on a bun
to the procedure is same
6358
04:07:32,580 --> 04:07:34,500
on any other Linux
distribution guys.
6359
04:07:34,800 --> 04:07:35,800
So there we go guys.
6360
04:07:35,800 --> 04:07:37,832
I've done with
three things first.
6361
04:07:37,832 --> 04:07:39,927
We did on Windows
using VMware then
6362
04:07:39,927 --> 04:07:42,900
on Mac using virtualbox
and third I showed you
6363
04:07:42,900 --> 04:07:45,000
how to install Kali
Linux tools on any kind
6364
04:07:45,000 --> 04:07:46,334
of Linux distribution.
6365
04:07:46,334 --> 04:07:48,700
And finally, there's
one last demo here.
6366
04:07:48,700 --> 04:07:50,800
We'll see how to
install Kali Linux
6367
04:07:50,800 --> 04:07:53,900
or Windows operating system
using Windows subsystem
6368
04:07:53,900 --> 04:07:55,040
for Linux feature.
6369
04:07:55,040 --> 04:07:57,700
So, let me get back
to my operating system.
6370
04:07:57,700 --> 04:08:00,500
We won't be needing
VMware Workstation anymore.
6371
04:08:00,900 --> 04:08:03,500
So guys will be using
a feature called
6372
04:08:03,500 --> 04:08:05,207
windows subsystem for Linux,
6373
04:08:05,207 --> 04:08:08,500
which is By default present
in all the current versions
6374
04:08:08,500 --> 04:08:09,500
of Windows 10.
6375
04:08:09,500 --> 04:08:10,800
This is actually for those
6376
04:08:10,800 --> 04:08:13,700
who prefer using Color Linux
command line interface.
6377
04:08:13,700 --> 04:08:16,000
So make sure to listen
to me properly.
6378
04:08:16,000 --> 04:08:17,200
Oh use this option only
6379
04:08:17,200 --> 04:08:19,438
if you are a pro in using
command line interface
6380
04:08:19,438 --> 04:08:22,200
or if you have any experience
using command line interface.
6381
04:08:22,200 --> 04:08:24,968
Otherwise just go ahead and use
VMware watch the box
6382
04:08:24,968 --> 04:08:27,900
and install Kali Linux graphical
user interface option.
6383
04:08:27,900 --> 04:08:29,852
So yeah, this windows subsystem
6384
04:08:29,852 --> 04:08:33,649
for line X allows you to run
Linux distributions as subsystem
6385
04:08:33,649 --> 04:08:35,927
on your Windows
operating system this
6386
04:08:35,927 --> 04:08:37,700
Her is really a new feature.
6387
04:08:37,700 --> 04:08:39,800
It exists only in Windows 10.
6388
04:08:39,800 --> 04:08:42,400
So you need to use
latest version of Windows
6389
04:08:42,400 --> 04:08:45,000
10 to perform this demo
or use this option.
6390
04:08:45,000 --> 04:08:46,285
And in addition to that.
6391
04:08:46,285 --> 04:08:48,000
We also have
other prerequisites,
6392
04:08:48,000 --> 04:08:50,100
especially we need
to have git installed
6393
04:08:50,100 --> 04:08:52,222
or you can go ahead
and zip the file
6394
04:08:52,222 --> 04:08:55,164
which is Windows subsystem
for Linux files normally
6395
04:08:55,164 --> 04:08:56,925
but having it is
also a nice day.
6396
04:08:56,925 --> 04:08:58,687
Secondly, you need
to have python
6397
04:08:58,687 --> 04:09:02,100
of version 3 or above make sure
you've installed Python and set
6398
04:09:02,100 --> 04:09:03,100
up the path to check
6399
04:09:03,100 --> 04:09:05,700
if your python is installed
properly or not just sake.
6400
04:09:06,000 --> 04:09:09,700
Go via command prompt
and just type a python version.
6401
04:09:10,500 --> 04:09:11,300
It should show
6402
04:09:11,300 --> 04:09:13,446
you wasn't properly only
then you can be sure
6403
04:09:13,446 --> 04:09:15,149
that your python
is properly installed.
6404
04:09:15,149 --> 04:09:17,900
As you can see for made showing
three point six point seven,
6405
04:09:17,900 --> 04:09:19,800
which is definitely above three,
6406
04:09:19,800 --> 04:09:22,100
and it's properly installed
in the path is set.
6407
04:09:22,100 --> 04:09:24,900
The first thing you
need to do is enable WSL
6408
04:09:24,900 --> 04:09:26,895
or Windows subsystem for Linux.
6409
04:09:26,895 --> 04:09:30,888
Just go for the control panel
and there click on programs
6410
04:09:30,888 --> 04:09:32,471
and turn Windows features
6411
04:09:32,471 --> 04:09:35,700
on or off make sure
not to touch any other features.
6412
04:09:35,700 --> 04:09:37,824
It might mess up
your operating system.
6413
04:09:37,824 --> 04:09:38,706
So scroll down.
6414
04:09:38,706 --> 04:09:40,200
It's usually at the bottom.
6415
04:09:40,200 --> 04:09:40,400
Bye.
6416
04:09:40,400 --> 04:09:41,900
For let's never nibbled a few
6417
04:09:41,900 --> 04:09:44,300
using it for the first time you
need to enable it.
6418
04:09:44,300 --> 04:09:45,799
So first thing you
do is enable it
6419
04:09:45,799 --> 04:09:46,800
as you can see here.
6420
04:09:46,800 --> 04:09:48,908
It says windows
subsystem for Linux.
6421
04:09:48,908 --> 04:09:52,100
Make sure you enable it check
mark it and click on OK.
6422
04:09:52,100 --> 04:09:55,284
Once you have done
that run your command prompt
6423
04:09:55,284 --> 04:09:57,500
or terminal as an administrator.
6424
04:09:57,500 --> 04:09:59,700
All you have to do is
right-click on it and click
6425
04:09:59,700 --> 04:10:00,900
on run as administrator.
6426
04:10:01,100 --> 04:10:04,200
And yes now will be
enabling based distribution.
6427
04:10:04,200 --> 04:10:07,607
That is like I said windows
subsystem for Linux allows
6428
04:10:07,607 --> 04:10:10,300
you to run a line X
distribution as subsystem.
6429
04:10:10,300 --> 04:10:12,100
Right, but for that
we need to enable
6430
04:10:12,100 --> 04:10:13,800
this base distribution for that.
6431
04:10:13,800 --> 04:10:15,749
You need to install
the base distribution
6432
04:10:15,749 --> 04:10:18,100
or any kind of Linux
distribution that you need.
6433
04:10:18,300 --> 04:10:22,200
So just use LX run and install.
6434
04:10:22,900 --> 04:10:24,100
So once you type
6435
04:10:24,100 --> 04:10:26,400
that this is the output
which you get it says,
6436
04:10:26,400 --> 04:10:29,500
it's the Legacy Windows system
for Linux distribution.
6437
04:10:29,500 --> 04:10:32,456
So you can go ahead and install
other Linux distribution
6438
04:10:32,456 --> 04:10:34,500
which are available
in Microsoft store.
6439
04:10:34,500 --> 04:10:37,000
But unfortunately Kali Linux
is not available,
6440
04:10:37,000 --> 04:10:38,400
but it doesn't matter right.
6441
04:10:38,400 --> 04:10:40,600
We're anyway installing
it using the procedure.
6442
04:10:41,030 --> 04:10:43,569
Just click on why
here saying yes,
6443
04:10:43,800 --> 04:10:44,984
I've already installed.
6444
04:10:44,984 --> 04:10:46,959
So it's showing
Legacy Windows system
6445
04:10:46,959 --> 04:10:49,138
for Linux distribution
is already installed
6446
04:10:49,138 --> 04:10:50,202
on my system for you.
6447
04:10:50,202 --> 04:10:52,157
It might take a while
after installing.
6448
04:10:52,157 --> 04:10:54,070
The most important
thing is it lasts
6449
04:10:54,070 --> 04:10:55,600
for you to set up a password
6450
04:10:55,600 --> 04:10:58,100
and username don't skip
that step wait for a while
6451
04:10:58,100 --> 04:11:00,300
and make sure you set
up the password and use
6452
04:11:00,300 --> 04:11:03,300
an improperly only then
entire thing will work out
6453
04:11:03,300 --> 04:11:05,688
once you've done
that we are done here.
6454
04:11:05,688 --> 04:11:07,700
You can close
the command prompt.
6455
04:11:07,700 --> 04:11:10,200
The next thing you need
to do is install git
6456
04:11:10,200 --> 04:11:11,600
I already have it installed.
6457
04:11:11,600 --> 04:11:14,058
It's very easy install
dot exe file and click
6458
04:11:14,058 --> 04:11:15,400
on installation process.
6459
04:11:15,400 --> 04:11:18,364
It's very straightforward
and open git bash.
6460
04:11:18,364 --> 04:11:19,457
Yeah before that.
6461
04:11:19,457 --> 04:11:22,800
Let me go ahead and create
a folder called text here.
6462
04:11:23,000 --> 04:11:26,300
And as you can see it stored
on my desktop right now,
6463
04:11:26,300 --> 04:11:27,100
it's empty.
6464
04:11:27,185 --> 04:11:33,300
Anyway, let me go back
to get here and CD desktop
6465
04:11:33,800 --> 04:11:38,000
TST all your Venable
windows subsystem for Linux.
6466
04:11:38,000 --> 04:11:40,600
But now we have to download
the script right for that.
6467
04:11:41,080 --> 04:11:44,619
Search for Windows subsystem
for Linux Witcher.
6468
04:11:45,000 --> 04:11:48,700
And the first link is
the GitHub link click on that.
6469
04:11:49,200 --> 04:11:50,400
There you go guys.
6470
04:11:50,400 --> 04:11:53,573
It says windows subsystem
for Linux distributions,
6471
04:11:53,573 --> 04:11:57,200
which are it is the purpose
is to let you easily download
6472
04:11:57,200 --> 04:11:59,080
and install Linux distribution
6473
04:11:59,080 --> 04:12:01,900
as subsystem on your
Windows operating system.
6474
04:12:01,900 --> 04:12:04,500
So as you can see you have
different options here
6475
04:12:04,500 --> 04:12:06,400
for the base operating systems.
6476
04:12:06,700 --> 04:12:10,700
So yeah copy this link
here control see see
6477
04:12:11,000 --> 04:12:14,600
and go back to git git clone
6478
04:12:15,200 --> 04:12:18,700
and paste the link which you
just download it paste it.
6479
04:12:18,900 --> 04:12:20,600
It shouldn't take very long.
6480
04:12:21,323 --> 04:12:22,476
It's done guys.
6481
04:12:22,715 --> 04:12:25,584
So now if your check
your test folder
6482
04:12:25,600 --> 04:12:28,600
Windows subsystem for Linux
will be downloaded properly.
6483
04:12:28,600 --> 04:12:32,500
Let's just go back and check
that here is our test folder
6484
04:12:32,500 --> 04:12:35,700
as you can see windows subsystem
for Linux is already there
6485
04:12:35,700 --> 04:12:37,700
now open your command prompt.
6486
04:12:38,496 --> 04:12:40,803
CD let's go for the text file.
6487
04:12:41,500 --> 04:12:42,549
And if you search
6488
04:12:42,549 --> 04:12:45,700
for the directories under
that you can see WSL here.
6489
04:12:45,700 --> 04:12:47,600
Now, let's go for that as well.
6490
04:12:47,700 --> 04:12:50,700
You can just press stop
directories under that
6491
04:12:50,900 --> 04:12:54,400
so as you can see the two things
the most important things is
6492
04:12:54,400 --> 04:12:56,500
this get pre-built dot p y
6493
04:12:56,500 --> 04:12:57,900
and install py
6494
04:12:58,400 --> 04:13:02,900
this KET pre-build py will fetch
Kali Linux Docker files
6495
04:13:03,000 --> 04:13:06,300
and installed our py
will install Kali Linux for you.
6496
04:13:06,300 --> 04:13:07,855
I already have it installed.
6497
04:13:07,855 --> 04:13:09,800
But I'll just show you
how to do it.
6498
04:13:09,900 --> 04:13:13,900
So go back to the browser
and type talk a file.
6499
04:13:14,200 --> 04:13:15,807
Click on the second link.
6500
04:13:15,807 --> 04:13:16,900
I just wanted few
6501
04:13:16,900 --> 04:13:20,336
to copy the command easily
so that you won't make mistakes.
6502
04:13:20,336 --> 04:13:21,200
This is the one
6503
04:13:21,200 --> 04:13:23,700
which you'll have
to copy to fetch
6504
04:13:23,700 --> 04:13:25,600
the color index dog of files.
6505
04:13:25,600 --> 04:13:29,300
So you can just copy this part
and go for command prompt.
6506
04:13:29,300 --> 04:13:32,400
Let me maximize this for
you here you can say so
6507
04:13:32,400 --> 04:13:34,700
if you remember I said
python is masked.
6508
04:13:34,700 --> 04:13:36,000
So make sure you install
6509
04:13:36,000 --> 04:13:37,900
it properly and set
up the path White.
6510
04:13:37,900 --> 04:13:39,700
And get pre-built.
6511
04:13:39,776 --> 04:13:42,623
Let me just people dot
pi and copy it.
6512
04:13:43,700 --> 04:13:45,400
As you can see it's installing.
6513
04:13:45,400 --> 04:13:48,000
It's going to take
probably like 2 minutes.
6514
04:13:57,800 --> 04:13:59,500
So it says it's done
6515
04:13:59,500 --> 04:14:03,000
at says it's safe to this file
in the text folder.
6516
04:14:03,000 --> 04:14:05,700
Let's go back and check
if that's happened.
6517
04:14:06,000 --> 04:14:09,684
Here's a test folder
under WSL you have python
6518
04:14:09,684 --> 04:14:12,530
as you can see you
have python folder.
6519
04:14:12,700 --> 04:14:15,200
Is it folder
of Kali Linux installed
6520
04:14:15,200 --> 04:14:17,500
or fetched you'll have
to install it now,
6521
04:14:17,500 --> 04:14:18,000
right?
6522
04:14:18,400 --> 04:14:21,100
So let me now just type python.
6523
04:14:22,500 --> 04:14:24,200
This is the command
that you want to use
6524
04:14:24,200 --> 04:14:27,300
that's installed on pie
and stalled out pie
6525
04:14:27,800 --> 04:14:32,700
and copy this or just type
and enter tab lutefisk stabbed
6526
04:14:32,934 --> 04:14:34,165
and click enter.
6527
04:14:42,100 --> 04:14:44,145
So as you can see
it took a while
6528
04:14:44,145 --> 04:14:46,046
but it did install right now.
6529
04:14:46,046 --> 04:14:48,900
All you have to do is
it's installed so you
6530
04:14:48,900 --> 04:14:53,500
can close the CMD and open
your command prompt and run it
6531
04:14:53,500 --> 04:14:55,612
as an administrator click.
6532
04:14:55,612 --> 04:14:56,600
Yes.
6533
04:14:56,600 --> 04:14:59,600
Let me maximize the screen
you'll have to set
6534
04:14:59,600 --> 04:15:02,800
the root password are
the default user as brute so
6535
04:15:02,800 --> 04:15:05,500
set default the command
6536
04:15:05,500 --> 04:15:09,400
that you need to use
hit default user as root.
6537
04:15:10,226 --> 04:15:14,073
As you can see it's now set
to root and click Bash.
6538
04:15:15,300 --> 04:15:17,000
Done guys, right now.
6539
04:15:17,000 --> 04:15:17,800
We are running
6540
04:15:17,800 --> 04:15:20,700
on Callie operating system
on command line interface
6541
04:15:20,800 --> 04:15:21,800
if want to make sure
6542
04:15:21,800 --> 04:15:24,200
if you're actually running
on Curry just type
6543
04:15:24,200 --> 04:15:26,100
Cat ATC and issue.
6544
04:15:26,600 --> 04:15:29,300
It shows that
Kali Linux rolling.
6545
04:15:29,500 --> 04:15:30,600
So as you can see we
6546
04:15:30,600 --> 04:15:33,600
have successfully installed Kali
Linux command line interface
6547
04:15:33,600 --> 04:15:36,388
or how to use command line
interface on Windows using
6548
04:15:36,388 --> 04:15:40,299
Windows subsystem for Linux
and I'm telling it to you again
6549
04:15:40,299 --> 04:15:41,635
just use it if you know
6550
04:15:41,635 --> 04:15:44,400
how to use command line
interface very properly.
6551
04:15:44,400 --> 04:15:45,700
Otherwise Might be
6552
04:15:45,700 --> 04:15:49,044
a little overwhelming
subpoenas the fault.
6553
04:15:49,100 --> 04:15:53,300
It's the command that you need
to use hit default user as
6554
04:15:53,300 --> 04:15:55,069
root as you can see.
6555
04:15:55,069 --> 04:15:58,261
It's now set to root
and click Bash.
6556
04:15:59,600 --> 04:16:01,300
Done guys, right now.
6557
04:16:01,300 --> 04:16:02,100
We are running
6558
04:16:02,100 --> 04:16:05,000
on Callie operating system
on command line interface
6559
04:16:05,200 --> 04:16:06,200
if want to make sure
6560
04:16:06,200 --> 04:16:09,700
if you're actually running
on Curry just type Cat ATC
6561
04:16:09,700 --> 04:16:13,600
and issue its shows
that Kali Linux rolling.
6562
04:16:13,800 --> 04:16:14,900
So as you can see we
6563
04:16:14,900 --> 04:16:17,900
have successfully installed Kali
Linux command line interface
6564
04:16:17,900 --> 04:16:20,588
or how to use command line
interface on Windows using
6565
04:16:20,588 --> 04:16:24,599
Windows subsystem for Linux
and I'm telling it to you again
6566
04:16:24,599 --> 04:16:26,030
just use it if you know
6567
04:16:26,030 --> 04:16:28,547
how to use command line
interface very properly.
6568
04:16:28,547 --> 04:16:32,000
Otherwise It might be a little
overwhelming for beginners.
6569
04:16:36,800 --> 04:16:37,688
So now it's time
6570
04:16:37,688 --> 04:16:40,100
that we go through
the command line basics
6571
04:16:40,100 --> 04:16:41,471
of any Linux terminal.
6572
04:16:41,471 --> 04:16:44,400
Now, the Linux terminal
is a very powerful tool.
6573
04:16:44,400 --> 04:16:47,600
It allows you to move around
the whole operating system
6574
04:16:47,600 --> 04:16:49,100
through the files and folders.
6575
04:16:49,100 --> 04:16:50,949
It allows you to create files.
6576
04:16:50,949 --> 04:16:52,800
She's their permissions change
6577
04:16:52,800 --> 04:16:53,840
how they behave
6578
04:16:53,840 --> 04:16:58,000
and a bunch of other things you
can do filtering you can grab
6579
04:16:58,000 --> 04:17:00,700
stuff the specific stuff
from a specific file
6580
04:17:00,700 --> 04:17:02,794
and there's a bunch
of interesting thing
6581
04:17:02,794 --> 04:17:03,600
that you can do
6582
04:17:03,600 --> 04:17:06,200
and as an ethical hacker
you will be working
6583
04:17:06,200 --> 04:17:08,541
with Knox distribution
most of the time
6584
04:17:08,541 --> 04:17:10,220
whether it may be Kali Linux
6585
04:17:10,220 --> 04:17:12,200
or some other thing
like Peridot s
6586
04:17:12,200 --> 04:17:14,796
but you will be working
on enough most of the time
6587
04:17:14,796 --> 04:17:17,498
because it's a powerful tool
for networking analysis
6588
04:17:17,498 --> 04:17:19,337
and scanning and
all sorts of stuff
6589
04:17:19,337 --> 04:17:21,500
that you want to do
as an ethical hacker.
6590
04:17:21,500 --> 04:17:24,205
So the First Essential step
is to actually know
6591
04:17:24,205 --> 04:17:25,336
how to use the tool
6592
04:17:25,336 --> 04:17:28,212
that is available to you
and that is out here,
6593
04:17:28,212 --> 04:17:29,700
which is the terminal now
6594
04:17:29,700 --> 04:17:31,700
as I'm running this
on a virtual machine,
6595
04:17:31,700 --> 04:17:32,700
you might find it
6596
04:17:32,700 --> 04:17:35,733
that my execution times
a much slower and that is
6597
04:17:35,733 --> 04:17:38,200
because I I have
a very very slow laptop
6598
04:17:38,200 --> 04:17:41,200
because my virtual machine
is actually eating up a lot
6599
04:17:41,200 --> 04:17:43,800
of my Ram and I have a bunch
of other processes
6600
04:17:43,800 --> 04:17:45,100
that are also rendering
6601
04:17:45,100 --> 04:17:46,400
I do this on my free time.
6602
04:17:46,400 --> 04:17:49,784
So let's go ahead and go
through the commands
6603
04:17:49,784 --> 04:17:53,589
that we are going
to actually go through now.
6604
04:17:53,600 --> 04:17:56,000
Let me actually make
a list of commands
6605
04:17:56,000 --> 04:17:57,800
that I want to teach you guys.
6606
04:17:57,800 --> 04:17:58,845
So let me see
6607
04:17:58,845 --> 04:18:01,900
if leafpad is available
firstly leafpad is
6608
04:18:01,900 --> 04:18:03,300
basically a text editor.
6609
04:18:03,300 --> 04:18:04,300
So the first come on
6610
04:18:04,300 --> 04:18:06,600
that we're going
to start off with is CD.
6611
04:18:06,900 --> 04:18:10,100
CD stands for change directory
now at this moment.
6612
04:18:10,100 --> 04:18:11,500
We are in the root directory
6613
04:18:11,500 --> 04:18:15,192
as you guys can see we can print
the current working directory
6614
04:18:15,192 --> 04:18:18,664
with the single PWD and that is
a current working directory
6615
04:18:18,664 --> 04:18:20,311
as you see it's called route
6616
04:18:20,311 --> 04:18:23,600
and suppose we want to change
directory to the home directory.
6617
04:18:23,600 --> 04:18:25,600
So all you have to do
is CD which stands
6618
04:18:25,600 --> 04:18:26,600
for change directory
6619
04:18:26,600 --> 04:18:29,300
as I just said
and specify the part.
6620
04:18:29,300 --> 04:18:30,500
No CD / home.
6621
04:18:30,500 --> 04:18:31,105
Okay.
6622
04:18:31,105 --> 04:18:32,400
So once we're in home,
6623
04:18:32,400 --> 04:18:34,000
I want to make
a list of commands
6624
04:18:34,000 --> 04:18:36,900
that are used on the CLI
that I want to teach you guys.
6625
04:18:36,900 --> 04:18:39,832
Guys, so what would I do
I would firstly see
6626
04:18:39,832 --> 04:18:42,600
if any files are available
that I can edit.
6627
04:18:42,600 --> 04:18:43,600
Okay, so these files
6628
04:18:43,600 --> 04:18:46,700
are available, but let's create
a new file for ourselves.
6629
04:18:46,700 --> 04:18:51,000
So firstly let's do
Nano list dot txt.
6630
04:18:51,200 --> 04:18:51,900
Now.
6631
04:18:51,900 --> 04:18:54,600
What Nano does is
now we'll open up
6632
04:18:54,600 --> 04:18:56,482
a small command line text editor
6633
04:18:56,482 --> 04:18:58,100
now come online text editors
6634
04:18:58,100 --> 04:18:59,900
are very much used
by ethical hackers
6635
04:18:59,900 --> 04:19:01,500
because they save
a bunch of time
6636
04:19:01,500 --> 04:19:03,828
if there's always switching
between GUI and command-line
6637
04:19:03,828 --> 04:19:06,400
because you'll be doing a bunch
of stuff on the command line
6638
04:19:06,400 --> 04:19:08,600
and Will you want to write
something you're always
6639
04:19:08,600 --> 04:19:09,600
switching to gooey?
6640
04:19:09,600 --> 04:19:12,000
It's a waste of time
and you want to see
6641
04:19:12,000 --> 04:19:13,400
if I'm as an ethical hacker.
6642
04:19:13,400 --> 04:19:16,187
So you can use this thing
called a command line editor
6643
04:19:16,187 --> 04:19:19,500
and it can basically do most of
the stuff a GUI editor would do.
6644
04:19:19,700 --> 04:19:21,800
Now you say Nano
and the name of this file.
6645
04:19:21,900 --> 04:19:24,500
So now basically
has created this file now
6646
04:19:24,700 --> 04:19:27,535
and it has opened up
this new fresh window,
6647
04:19:27,535 --> 04:19:29,611
which overrides the command line
6648
04:19:29,611 --> 04:19:32,700
that we were in The Bash
and this is a place
6649
04:19:32,700 --> 04:19:34,288
where you can actually edit
6650
04:19:34,288 --> 04:19:36,500
what goes in the file
now, let's see.
6651
04:19:36,500 --> 04:19:38,700
See the list of commands
that I'm going to teach you.
6652
04:19:38,700 --> 04:19:42,600
I'm going to teach you LS LS
will be the list of files.
6653
04:19:42,600 --> 04:19:43,400
We did CD.
6654
04:19:43,800 --> 04:19:45,100
We saw a PWD.
6655
04:19:45,100 --> 04:19:48,342
So that was a print working
directory will be looking at
6656
04:19:48,342 --> 04:19:50,700
how you can copy stuff
at the CP command.
6657
04:19:50,700 --> 04:19:52,656
Then we will be looking at MV
6658
04:19:52,656 --> 04:19:56,300
which is basically move then
we will be looking at cap.
6659
04:19:56,300 --> 04:19:58,093
And that's an interesting one
6660
04:19:58,093 --> 04:20:01,000
and also less which is
another interesting thing
6661
04:20:01,000 --> 04:20:02,400
and we'll be looking at grep
6662
04:20:02,400 --> 04:20:04,563
which is actually
used for graphing
6663
04:20:04,563 --> 04:20:06,319
or grabbing things from files
6664
04:20:06,319 --> 04:20:08,500
that You might want
to see you'll see
6665
04:20:08,500 --> 04:20:09,900
what I mean and a short
6666
04:20:09,900 --> 04:20:13,389
while we will see echo which
probably does what you think.
6667
04:20:13,389 --> 04:20:15,900
If you have any experience
with the Linux,
6668
04:20:15,900 --> 04:20:17,685
then we'll be doing touch
6669
04:20:17,685 --> 04:20:21,400
and we'll be doing make
their which is make directory
6670
04:20:21,400 --> 04:20:25,100
and then we'll do
in ch own chmod
6671
04:20:25,100 --> 04:20:28,330
then all the most
dangerous commands has RM
6672
04:20:28,330 --> 04:20:30,400
and then you can do man.
6673
04:20:30,600 --> 04:20:31,500
Let's help.
6674
04:20:31,700 --> 04:20:32,200
Okay.
6675
04:20:32,542 --> 04:20:34,442
So these are
the list of commands
6676
04:20:34,442 --> 04:20:36,052
that we are going to go through
6677
04:20:36,052 --> 04:20:39,811
in this As part of the video so
suppose I was making this video
6678
04:20:39,811 --> 04:20:41,700
and I want to
save the somewhere.
6679
04:20:41,700 --> 04:20:43,000
So you see down here.
6680
04:20:43,000 --> 04:20:45,500
There are a bunch of options
that are sure to you.
6681
04:20:45,500 --> 04:20:49,016
Now this cat it sign
might be not really thinking
6682
04:20:49,016 --> 04:20:51,800
that the shift 6
1 it's not shift 6:00.
6683
04:20:51,800 --> 04:20:54,941
It's actually a controlled
so cat it is controlled
6684
04:20:54,941 --> 04:20:56,800
and then G of course means G.
6685
04:20:56,800 --> 04:20:59,900
So if you go Control G,
it will actually get help.
6686
04:20:59,900 --> 04:21:00,148
Now.
6687
04:21:00,148 --> 04:21:02,384
What we want to do
is save the file
6688
04:21:02,384 --> 04:21:03,700
and that is control.
6689
04:21:03,700 --> 04:21:05,800
Oh and that is right out.
6690
04:21:05,800 --> 04:21:08,600
So what we want
to Who is a control?
6691
04:21:08,600 --> 04:21:10,700
Oh, and now it's going to say
6692
04:21:10,700 --> 04:21:13,600
if we want to name
the file list at the XD
6693
04:21:13,600 --> 04:21:16,057
and we want to name
the file and it says
6694
04:21:16,057 --> 04:21:18,200
that we have written
down 15 lines.
6695
04:21:18,200 --> 04:21:19,974
So that's how you save a file.
6696
04:21:19,974 --> 04:21:20,211
Now.
6697
04:21:20,211 --> 04:21:22,400
All you want to do
is exit out of you.
6698
04:21:22,400 --> 04:21:22,900
Okay.
6699
04:21:23,200 --> 04:21:27,800
So first let's go LS and let's
go through whatever there is.
6700
04:21:27,800 --> 04:21:31,198
So LS showed us the list
of files that are there
6701
04:21:31,198 --> 04:21:32,484
in that directory.
6702
04:21:32,484 --> 04:21:34,985
Now Alice can also
show you the list
6703
04:21:34,985 --> 04:21:36,700
of files in a directory.
6704
04:21:36,700 --> 04:21:37,700
Curry with the paths
6705
04:21:37,700 --> 04:21:40,300
that you specify
likewise ALS VAR.
6706
04:21:40,300 --> 04:21:42,800
It'll show me everything
that is involved.
6707
04:21:42,800 --> 04:21:45,300
Okay, there are a lot
of interesting things like bar.
6708
04:21:45,300 --> 04:21:49,300
So let's head over twice CD /
bar and you hit enter
6709
04:21:49,400 --> 04:21:51,700
and now we are
in the folder bar.
6710
04:21:51,700 --> 04:21:54,100
So now to actually demonstrate
6711
04:21:54,100 --> 04:21:57,900
how powerful analysis we have
a few Flags now to see the flags
6712
04:21:57,900 --> 04:22:00,207
of any command you
can just do - -
6713
04:22:00,207 --> 04:22:04,100
help universally throughout
the Unix one line so out here
6714
04:22:04,100 --> 04:22:05,681
you see some information
6715
04:22:05,681 --> 04:22:08,449
that is Stuff to read
but if you go on top
6716
04:22:08,449 --> 04:22:09,800
and scroll out here,
6717
04:22:09,800 --> 04:22:11,800
you'll see all the flags
6718
04:22:11,800 --> 04:22:14,116
that you can use
with the command.
6719
04:22:14,116 --> 04:22:16,300
That is LS and
how you can use them
6720
04:22:16,300 --> 04:22:17,200
so you can see
6721
04:22:17,200 --> 04:22:19,800
what you use and you can read
a little bit about it.
6722
04:22:19,800 --> 04:22:24,200
So if you use all it ignores
entries starting with DOT,
6723
04:22:24,600 --> 04:22:26,800
so suppose we were to do LS
6724
04:22:26,800 --> 04:22:30,500
in why let's see so
it shows us like this now
6725
04:22:31,000 --> 04:22:32,200
if you do LSL,
6726
04:22:32,800 --> 04:22:35,500
it'll show a long list
with more information.
6727
04:22:35,500 --> 04:22:38,200
So these are the permissions
Options that you see out here
6728
04:22:38,200 --> 04:22:39,200
we will be seeing
6729
04:22:39,200 --> 04:22:40,200
how we can change
6730
04:22:40,200 --> 04:22:43,313
the permissions of a file
soon enough and this is
6731
04:22:43,313 --> 04:22:45,029
who owns the file the user
6732
04:22:45,029 --> 04:22:47,407
and the user group
is the file number.
6733
04:22:47,407 --> 04:22:47,901
I guess.
6734
04:22:47,901 --> 04:22:49,149
I'm not sure which is
6735
04:22:49,149 --> 04:22:52,000
when the created the name
of the file is the time
6736
04:22:52,000 --> 04:22:54,000
when the file was
created, I guess.
6737
04:22:54,000 --> 04:22:54,343
Okay.
6738
04:22:54,343 --> 04:22:57,403
So that's how you get
very detailed information
6739
04:22:57,403 --> 04:22:59,000
about all the files now.
6740
04:22:59,000 --> 04:23:01,500
That's another thing you
might want to use with ALS
6741
04:23:01,500 --> 04:23:04,200
and that is the 8X
so you can go LS
6742
04:23:04,200 --> 04:23:06,500
a and it will show you all.
6743
04:23:06,500 --> 04:23:08,066
Of the hidden files also.
6744
04:23:08,066 --> 04:23:11,700
So now you see some two files
that were not shown out here.
6745
04:23:11,700 --> 04:23:13,700
Our file is begins from backup.
6746
04:23:13,700 --> 04:23:16,400
But when we do LS, / I mean -
6747
04:23:16,400 --> 04:23:20,370
La we see two more files
at this Dot and Dot so let's see
6748
04:23:20,370 --> 04:23:25,465
if we can move into that CD dot
so we can't even move into that.
6749
04:23:25,465 --> 04:23:27,000
So that's interesting.
6750
04:23:27,000 --> 04:23:28,800
So these are hidden files.
6751
04:23:28,800 --> 04:23:31,612
So these are not seen
two random users
6752
04:23:31,612 --> 04:23:34,700
and we can actually
do stuff with them.
6753
04:23:34,700 --> 04:23:36,417
We will see how we
can use hidden.
6754
04:23:36,417 --> 04:23:37,300
Hours later on.
6755
04:23:37,300 --> 04:23:39,800
So if you want to show
hidden files through LSU,
6756
04:23:39,800 --> 04:23:43,666
all you have to do is LS and -
La so that was all about LS.
6757
04:23:43,666 --> 04:23:47,400
So let's move back to /home
where our list of commands
6758
04:23:47,400 --> 04:23:50,115
that I want to show you
always so silly home.
6759
04:23:50,115 --> 04:23:52,400
Let's Alas and see
what was it called,
6760
04:23:52,400 --> 04:23:54,500
its called list and suppose.
6761
04:23:54,500 --> 04:23:57,800
I want to see the condensed
of list or txt.
6762
04:23:57,800 --> 04:24:01,600
All I have to do
is say list dot txt.
6763
04:24:01,600 --> 04:24:01,858
Now.
6764
04:24:01,858 --> 04:24:04,700
It shows us whatever
this file is containing.
6765
04:24:04,700 --> 04:24:06,500
It will read it out for you.
6766
04:24:06,700 --> 04:24:08,400
Done CD we've done LS
6767
04:24:08,400 --> 04:24:09,800
and its various forms
6768
04:24:09,800 --> 04:24:13,600
we've done PWD now it's time
to do CP CP is basically used
6769
04:24:13,600 --> 04:24:16,926
for copying files from one place
to another so suppose.
6770
04:24:16,926 --> 04:24:18,705
I want to copy this address file
6771
04:24:18,705 --> 04:24:21,200
that is there into
some other directory.
6772
04:24:21,200 --> 04:24:25,600
Let's save our so all I would
have to do is CP name Dot txt.
6773
04:24:25,600 --> 04:24:28,300
And then you specify
which location you want
6774
04:24:28,300 --> 04:24:31,700
to actually copy it
to so CD / VAR.
6775
04:24:31,800 --> 04:24:35,805
So this is where I want to copy
my file to and you hit enter
6776
04:24:35,805 --> 04:24:39,200
and it's Copied but
that was a very small file now.
6777
04:24:39,200 --> 04:24:41,395
We can actually check
if it was copied
6778
04:24:41,395 --> 04:24:44,600
before I move on and pour
some more knowledge into you.
6779
04:24:44,700 --> 04:24:46,400
So let's go into VAR.
6780
04:24:46,400 --> 04:24:50,869
So CD / VAR hit enter
and you're involved again
6781
04:24:50,869 --> 04:24:54,100
and you CLS and now
you see a name dot txt.
6782
04:24:54,100 --> 04:24:56,800
So let's remove
name dot exe from here
6783
04:24:56,800 --> 04:24:59,700
because I want to copy
it again and show y'all
6784
04:24:59,700 --> 04:25:03,400
a difference between a flag
that I'm going to use right now.
6785
04:25:03,400 --> 04:25:04,200
So the -
6786
04:25:04,200 --> 04:25:06,726
and letters that you
use are called flag.
6787
04:25:06,726 --> 04:25:09,000
Technically in the
Linux terminal RG.
6788
04:25:09,000 --> 04:25:12,550
So let's go back to home now
instead of the name of the file
6789
04:25:12,550 --> 04:25:13,786
and moving back home.
6790
04:25:13,786 --> 04:25:15,300
Just like I did you can type
6791
04:25:15,300 --> 04:25:17,500
out the complete name
of the file out here.
6792
04:25:17,500 --> 04:25:20,465
So you could have gone
CD slash home slash name
6793
04:25:20,465 --> 04:25:22,400
Dot txt and copy to slash bar.
6794
04:25:22,400 --> 04:25:23,202
But this time
6795
04:25:23,202 --> 04:25:26,600
what we're going to do is
we're going to use a hyphen V,
6796
04:25:26,600 --> 04:25:28,116
which is basically used
6797
04:25:28,116 --> 04:25:31,081
for a verbose output
of whatever you're doing.
6798
04:25:31,081 --> 04:25:32,671
So most of the commands
6799
04:25:32,671 --> 04:25:35,300
that we're going
to using will have a -
6800
04:25:35,300 --> 04:25:36,400
V with them.
6801
04:25:36,500 --> 04:25:39,800
So, let's see how this
actually affects the output.
6802
04:25:39,800 --> 04:25:43,400
So what we're going to do
is we want to copy so sleepy
6803
04:25:43,400 --> 04:25:47,461
and verbose and we want
to copy the file name Dot txt.
6804
04:25:47,461 --> 04:25:51,600
And we want to copy it
to the folder called VAR, right?
6805
04:25:51,600 --> 04:25:52,819
So now you'll see
6806
04:25:52,819 --> 04:25:56,302
that it will give us
what is being moved rather
6807
04:25:56,302 --> 04:25:57,817
that is named Dot txt.
6808
04:25:57,817 --> 04:26:01,559
And where it is being moved
to so this is a very good way
6809
04:26:01,559 --> 04:26:04,500
of knowing what is
actually happening because
6810
04:26:04,500 --> 04:26:08,422
if you do it without the verbose
And suppose name not the XD was
6811
04:26:08,422 --> 04:26:10,857
just 20 GB file
and you just don't know
6812
04:26:10,857 --> 04:26:12,386
if it has finished or not.
6813
04:26:12,386 --> 04:26:13,711
So if it's a 20 GB file
6814
04:26:13,711 --> 04:26:17,300
that is continuously update you
on where what is being copied.
6815
04:26:17,300 --> 04:26:20,000
So basically all you
have to do is type -
6816
04:26:20,000 --> 04:26:21,307
V if you want to know
6817
04:26:21,307 --> 04:26:24,259
where your files being copied
and the exact part.
6818
04:26:24,259 --> 04:26:27,006
Okay, so that was about
how you can copy files
6819
04:26:27,006 --> 04:26:28,400
from here and there now,
6820
04:26:28,400 --> 04:26:31,300
what was the next command
that we want to see so cat.
6821
04:26:31,300 --> 04:26:33,900
So, let me just go and see
the next command
6822
04:26:33,900 --> 04:26:36,100
that is there so list at the XT
6823
04:26:36,100 --> 04:26:38,700
so after God I want
to show less Okay.
6824
04:26:38,700 --> 04:26:41,300
So we've done CP we
also have to do MV.
6825
04:26:41,300 --> 04:26:42,700
Now as you guys can see
6826
04:26:42,700 --> 04:26:45,100
that CP is basically
a copy copy is
6827
04:26:45,100 --> 04:26:48,002
as you would expect it leaves
a copy of the file that
6828
04:26:48,002 --> 04:26:49,249
in the original directory
6829
04:26:49,249 --> 04:26:51,542
while also maintaining
a copy in the directory
6830
04:26:51,542 --> 04:26:52,659
that you specified.
6831
04:26:52,659 --> 04:26:54,900
But if you want to move
the file completely,
6832
04:26:54,900 --> 04:26:57,614
all you would have to do
is use the command MV.
6833
04:26:57,614 --> 04:26:59,500
So MV is for moving
the file now,
6834
04:26:59,500 --> 04:27:01,400
let's see what all goes with MV
6835
04:27:01,400 --> 04:27:03,000
so you can type help
6836
04:27:03,000 --> 04:27:06,400
and as I said you get
the verbose option
6837
04:27:06,700 --> 04:27:09,800
And you get suffixes
you can force things
6838
04:27:09,800 --> 04:27:11,300
to happen to suppose.
6839
04:27:11,300 --> 04:27:14,400
You don't have the permission do
not problem before overwriting.
6840
04:27:14,400 --> 04:27:16,805
So it'll give you a prompt
and you can completely
6841
04:27:16,805 --> 04:27:19,100
overlooked the problem
with the F thing.
6842
04:27:19,100 --> 04:27:21,100
Let me just show you
how that looks like.
6843
04:27:21,100 --> 04:27:22,300
We'll be doing a verbose
6844
04:27:22,300 --> 04:27:27,400
and we will be coughing the
address dot txt file and okay.
6845
04:27:27,400 --> 04:27:29,918
So every time I've
been actually typing
6846
04:27:29,918 --> 04:27:33,100
so you can do address
or txt by just pressing Tab
6847
04:27:33,100 --> 04:27:36,922
and it will auto complete
so address or txt to / -
6848
04:27:36,922 --> 04:27:38,900
bar now, it will show you
6849
04:27:38,900 --> 04:27:42,438
that it is actually renamed
addressed at the XD
6850
04:27:42,438 --> 04:27:44,800
to VAR dress dot txt.
6851
04:27:45,600 --> 04:27:45,800
Now.
6852
04:27:45,800 --> 04:27:48,700
If you go and do LS
out here you will see
6853
04:27:48,700 --> 04:27:52,100
that address dot txt is
not actually he go
6854
04:27:52,100 --> 04:27:54,300
but if we were
to move to VAR,
6855
04:27:54,300 --> 04:27:55,800
so CD / far, okay.
6856
04:27:55,800 --> 04:27:57,454
I've also been
typing out commands
6857
04:27:57,454 --> 04:27:58,950
that have been previously using
6858
04:27:58,950 --> 04:28:01,600
and you can simply toggle
through all the commands
6859
04:28:01,600 --> 04:28:04,100
that you've used by
the up and down keys.
6860
04:28:04,100 --> 04:28:08,500
So LS MV MV V help I did CD home
6861
04:28:08,500 --> 04:28:11,333
and I have to go through all
this just to prove a point.
6862
04:28:11,333 --> 04:28:12,187
It's a seedy bar.
6863
04:28:12,187 --> 04:28:13,591
We want to change that now.
6864
04:28:13,591 --> 04:28:15,100
We're in the variable folder.
6865
04:28:15,100 --> 04:28:18,400
And we also want to see
what we have out here.
6866
04:28:18,400 --> 04:28:21,100
So address should be
out here and Alas and
6867
04:28:21,100 --> 04:28:23,700
as you guys can see addressed
at the XT is the first file
6868
04:28:23,700 --> 04:28:26,319
that has come up and it
is basically the same file
6869
04:28:26,319 --> 04:28:29,100
and it can prove that to you
by just getting the file
6870
04:28:29,100 --> 04:28:31,200
and as address txt.
6871
04:28:31,600 --> 04:28:32,258
And you see
6872
04:28:32,258 --> 04:28:35,200
that is some random address
for some random person.
6873
04:28:35,200 --> 04:28:39,000
Okay now, Let's quickly clear
out a file or window.
6874
04:28:39,000 --> 04:28:41,147
You can do that
with the control l
6875
04:28:41,147 --> 04:28:43,000
or you can just type or clear.
6876
04:28:43,000 --> 04:28:43,705
Now.
6877
04:28:43,705 --> 04:28:46,000
What we want to do
is move back to home.
6878
04:28:46,000 --> 04:28:46,999
So yeah
6879
04:28:46,999 --> 04:28:47,800
City home.
6880
04:28:48,100 --> 04:28:48,400
Okay.
6881
04:28:48,400 --> 04:28:50,400
So now that we're
back at home again.
6882
04:28:50,400 --> 04:28:52,584
Let's get out our next file.
6883
04:28:52,584 --> 04:28:54,200
So let's start the XT
6884
04:28:54,200 --> 04:28:57,500
and after move I wanted to go
through cap now cat
6885
04:28:57,500 --> 04:29:01,100
as you guys can see is printing
out the contents of a file
6886
04:29:01,100 --> 04:29:02,388
and there's also less
6887
04:29:02,388 --> 04:29:04,843
which does something
very similar to cat.
6888
04:29:04,843 --> 04:29:06,500
So, let's see what it does.
6889
04:29:06,500 --> 04:29:07,807
So if you go less
6890
04:29:07,807 --> 04:29:13,500
and you list.txt you actually
see the contents of the file
6891
04:29:13,600 --> 04:29:15,500
in a completely new window,
6892
04:29:15,500 --> 04:29:18,300
which overlays on
the previous window
6893
04:29:18,300 --> 04:29:21,050
and this is a very neat way
to actually see the contents
6894
04:29:21,050 --> 04:29:22,500
of a file which is true less.
6895
04:29:22,500 --> 04:29:25,500
If you want to keep
your main command line interface
6896
04:29:25,500 --> 04:29:28,700
not so cluttered which cat
clatters it completely.
6897
04:29:28,800 --> 04:29:33,000
So if you want to get out
of this place this less place
6898
04:29:33,000 --> 04:29:35,385
and all you have
to do is press q
6899
04:29:35,385 --> 04:29:37,100
and Q gets you back and
6900
04:29:37,100 --> 04:29:39,900
as you see nothing was printed
out on our main interface.
6901
04:29:39,900 --> 04:29:42,039
So this is a very
cool way to actually keep
6902
04:29:42,039 --> 04:29:45,300
your command line interface neat
and tidy when you're doing work.
6903
04:29:45,400 --> 04:29:46,938
Okay, so crap,
6904
04:29:46,938 --> 04:29:51,500
so grab is used for actually
filtering out stuff from file.
6905
04:29:51,500 --> 04:29:53,600
So suppose we want to see
6906
04:29:53,700 --> 04:29:57,066
whether a command has
some verbose option
6907
04:29:57,066 --> 04:29:58,066
to it or not.
6908
04:29:58,100 --> 04:29:59,200
So now I know
6909
04:29:59,200 --> 04:30:01,900
that MV has a purpose command
but suppose I didn't know
6910
04:30:01,900 --> 04:30:05,400
that so MV - - helped then
you use the pipe sign.
6911
04:30:05,400 --> 04:30:06,805
So what the pipes Means
6912
04:30:06,805 --> 04:30:09,800
is you have to take
this command the First Command
6913
04:30:09,800 --> 04:30:12,400
and then you five nine and two
the second come on
6914
04:30:12,400 --> 04:30:14,476
and you want to see graph -
6915
04:30:14,476 --> 04:30:16,100
V if that exists.
6916
04:30:16,569 --> 04:30:19,030
Okay, so let's see
grab for both.
6917
04:30:19,600 --> 04:30:19,800
Yep.
6918
04:30:19,800 --> 04:30:21,955
So a verbose exists
and that is -
6919
04:30:21,955 --> 04:30:23,100
be and that's - -
6920
04:30:23,100 --> 04:30:25,663
verbose so explaining
what is being done.
6921
04:30:25,663 --> 04:30:28,100
So what happened out
here is basically
6922
04:30:28,100 --> 04:30:29,900
we took this first command
6923
04:30:29,900 --> 04:30:31,400
and then we filter it
6924
04:30:31,400 --> 04:30:33,857
and filtering is done
through the piping.
6925
04:30:33,857 --> 04:30:36,500
So basically think
about you taking some Ian
6926
04:30:36,500 --> 04:30:38,920
and pipelining it
through something else
6927
04:30:38,920 --> 04:30:41,093
which funnels it
out of this command
6928
04:30:41,093 --> 04:30:41,900
which is grip
6929
04:30:41,900 --> 04:30:43,600
so you can use MV /
6930
04:30:43,600 --> 04:30:47,400
help in conjunction with a bunch
of other commands just
6931
04:30:47,400 --> 04:30:50,100
on correct and I'll leave
the creativity up to you.
6932
04:30:50,100 --> 04:30:52,400
So grab is basically
used for getting
6933
04:30:52,400 --> 04:30:54,002
what you want from a file
6934
04:30:54,002 --> 04:30:57,400
and graph is used very very much
throughout the source
6935
04:30:57,400 --> 04:30:59,400
of this video through
this Kali Linux tutorial
6936
04:30:59,400 --> 04:31:01,000
that you're going
to be watching.
6937
04:31:01,000 --> 04:31:03,387
So that is a very
easy way to see
6938
04:31:03,387 --> 04:31:05,700
if you have a particular option
6939
04:31:05,700 --> 04:31:09,000
or let me do Against also
so CD / VAR now,
6940
04:31:09,000 --> 04:31:10,800
we're in the bar folder.
6941
04:31:10,800 --> 04:31:11,798
And let's LS.
6942
04:31:11,798 --> 04:31:14,100
We actually have name dot txt.
6943
04:31:14,200 --> 04:31:14,800
Now.
6944
04:31:14,800 --> 04:31:19,000
Let's also go into backups
OCD be and tapped and
6945
04:31:19,000 --> 04:31:20,730
that brings us back up folder
6946
04:31:20,730 --> 04:31:23,664
and we're now in the backup
folder Let's do an LS out here.
6947
04:31:23,664 --> 04:31:25,690
Okay, so we have
a bunch of files.
6948
04:31:25,690 --> 04:31:25,997
Okay.
6949
04:31:25,997 --> 04:31:27,900
We have some password dot back.
6950
04:31:27,900 --> 04:31:33,300
No see if you have cat
and you go password got back.
6951
04:31:33,300 --> 04:31:35,500
You can see the entire thing.
6952
04:31:35,500 --> 04:31:36,300
Now what?
6953
04:31:36,300 --> 04:31:39,139
What if you didn't want
this entirety of it or
6954
04:31:39,139 --> 04:31:40,483
if you want something
6955
04:31:40,483 --> 04:31:42,844
in particular you
want to be very neat
6956
04:31:42,844 --> 04:31:44,876
so you can do that same command.
6957
04:31:44,876 --> 04:31:46,082
You can pipeline it
6958
04:31:46,082 --> 04:31:49,600
and you can see grab and you
want everything with no login
6959
04:31:49,600 --> 04:31:50,400
so we can see
6960
04:31:50,400 --> 04:31:51,900
that there's a bunch of things
6961
04:31:51,900 --> 04:31:52,800
that say no login
6962
04:31:52,800 --> 04:31:56,100
and we only want those
and these are all the things
6963
04:31:56,100 --> 04:31:58,337
that say no login in them and
6964
04:31:58,337 --> 04:32:02,100
it's a much less a list
and it gives us a very
6965
04:32:02,100 --> 04:32:03,900
particular list that
you are looking for.
6966
04:32:03,900 --> 04:32:05,300
So that is how you use crap.
6967
04:32:05,300 --> 04:32:06,652
So now let's head back.
6968
04:32:06,652 --> 04:32:07,300
To home.
6969
04:32:07,400 --> 04:32:09,092
Okay, I've done wrong.
6970
04:32:09,300 --> 04:32:11,500
And again, let's see
6971
04:32:11,500 --> 04:32:15,100
what the next Monday's so
now let's start the XD.
6972
04:32:15,100 --> 04:32:16,561
So we've done crap.
6973
04:32:16,561 --> 04:32:18,600
We now have to do Echo Echo
6974
04:32:18,600 --> 04:32:21,900
and then touch OK let's go
back a few we press q
6975
04:32:21,900 --> 04:32:23,400
and we get out of there.
6976
04:32:23,400 --> 04:32:25,700
So what did I have
to teach again?
6977
04:32:25,700 --> 04:32:27,300
I'm such a dummy
we have do Echo.
6978
04:32:27,300 --> 04:32:27,600
Okay.
6979
04:32:27,600 --> 04:32:31,000
So what does it Echo used
for so suppose you will say Echo
6980
04:32:31,000 --> 04:32:32,959
and open code hello world.
6981
04:32:32,959 --> 04:32:36,300
It would basically do
what the man says that is.
6982
04:32:36,300 --> 04:32:37,929
Echo whatever you say now,
6983
04:32:37,929 --> 04:32:41,000
it'll say Echo hello world
and that will basically
6984
04:32:41,000 --> 04:32:43,732
Echo whatever you typed out
in the conditions.
6985
04:32:43,732 --> 04:32:46,119
That is Hello World
spelled very wrong.
6986
04:32:46,119 --> 04:32:49,700
Okay now suppose you want
to actually put this into a file
6987
04:32:49,700 --> 04:32:52,100
so you could do
Echo hello world.
6988
04:32:52,100 --> 04:32:54,700
Let's spell it properly
this time and you want
6989
04:32:54,700 --> 04:32:56,000
to answer in the file.
6990
04:32:56,000 --> 04:32:59,100
We had a phone number I guess
for number dot exe.
6991
04:32:59,100 --> 04:33:01,700
Yep, and we can Echo
it at that thing.
6992
04:33:01,700 --> 04:33:03,300
Now that was done now.
6993
04:33:03,300 --> 04:33:03,800
Let's see.
6994
04:33:03,800 --> 04:33:06,646
What is it phone
number DOT txt phone.
6995
04:33:06,646 --> 04:33:09,599
Dot txt and it says hello world
6996
04:33:09,599 --> 04:33:13,499
so you can basically input
text it to a certain file
6997
04:33:13,500 --> 04:33:16,800
with the echo command and
that's how you do it.
6998
04:33:16,800 --> 04:33:17,184
Okay.
6999
04:33:17,200 --> 04:33:18,700
Now let's also see
7000
04:33:18,700 --> 04:33:22,200
how you can make directories and
that is with the make directory.
7001
04:33:22,200 --> 04:33:23,000
Come on.
7002
04:33:23,099 --> 04:33:23,899
So, okay.
7003
04:33:23,900 --> 04:33:26,017
We also have to do
touch before that.
7004
04:33:26,017 --> 04:33:29,605
I forgot now Dodge is used for
quickly creating files so touch
7005
04:33:29,605 --> 04:33:32,000
for you could save touch
and then the file name
7006
04:33:32,000 --> 04:33:34,700
so we can create
a name file again
7007
04:33:34,700 --> 04:33:38,599
name dot exe or or
that will create a name dot txt.
7008
04:33:38,599 --> 04:33:40,899
Let me just show it
to you and I sell
7009
04:33:40,900 --> 04:33:42,900
and we have a name dot txt.
7010
04:33:42,900 --> 04:33:46,099
We can also create
multiple files with touch
7011
04:33:46,099 --> 04:33:48,699
and you could say file1 file2
7012
04:33:48,900 --> 04:33:51,700
and file 3 so like this
7013
04:33:51,700 --> 04:33:54,541
you can create multiple
files and let me just LS
7014
04:33:54,541 --> 04:33:56,900
that out and show it
to you and let cell
7015
04:33:57,000 --> 04:33:59,900
and we have five on file
to open files three now.
7016
04:33:59,900 --> 04:34:01,880
We can also create a directory.
7017
04:34:01,880 --> 04:34:04,500
So make dir and the name
of the directory.
7018
04:34:04,500 --> 04:34:08,300
So suppose you wanted to say All
your movies in One Directory,
7019
04:34:08,300 --> 04:34:09,900
they make directory movie
7020
04:34:09,900 --> 04:34:12,000
and now you have
directory called movies
7021
04:34:12,000 --> 04:34:13,700
and you can also
move into movies.
7022
04:34:13,700 --> 04:34:14,700
So CD movie.
7023
04:34:14,700 --> 04:34:17,599
Okay, so that's
how you create directories
7024
04:34:17,599 --> 04:34:21,099
and you can move into them with
the change directory folder.
7025
04:34:21,099 --> 04:34:23,699
Now, let's see what
the next command was.
7026
04:34:23,700 --> 04:34:27,099
So CD and dot dot so
fit CD dot dot you can move back
7027
04:34:27,099 --> 04:34:29,299
to the previous folder
if I'm already know told you
7028
04:34:29,300 --> 04:34:32,700
that and since we're in movies
we can just go back to home
7029
04:34:32,700 --> 04:34:34,599
with CD dot dot after now.
7030
04:34:34,599 --> 04:34:38,599
Let's see what else is there,
so Cat list Dot txt.
7031
04:34:39,099 --> 04:34:41,199
And okay now CH own
7032
04:34:41,200 --> 04:34:45,000
chmod now CH own will be
a little tough to show
7033
04:34:45,000 --> 04:34:49,099
because we don't have any sort
of a user or here.
7034
04:34:49,099 --> 04:34:50,993
The root user is the only user
7035
04:34:50,993 --> 04:34:53,899
that we have on this virtual
box and set up but
7036
04:34:53,900 --> 04:34:56,200
if you want to change
the ownership of a file,
7037
04:34:56,200 --> 04:34:56,800
so let's see
7038
04:34:56,900 --> 04:35:01,008
so you can see the ownership
of a file through the LSL.
7039
04:35:01,008 --> 04:35:03,900
Come on and you see
that root and root.
7040
04:35:03,900 --> 04:35:06,300
So this is owner name.
7041
04:35:06,300 --> 04:35:09,500
And this is the owner group and
they're mostly the same thing.
7042
04:35:09,599 --> 04:35:11,199
So our next command app
7043
04:35:11,200 --> 04:35:13,631
you're going to actually
see is called CH own.
7044
04:35:13,631 --> 04:35:16,311
So let's see how CH own
is actually used CSU own
7045
04:35:16,311 --> 04:35:18,894
is used for changing
the ownership of a file.
7046
04:35:18,894 --> 04:35:21,599
So a actually don't remember
how to use CH own.
7047
04:35:21,599 --> 04:35:24,399
So if you actually don't
remember or you're getting stuck
7048
04:35:24,400 --> 04:35:26,099
somewhere just use
the help function.
7049
04:35:26,099 --> 04:35:28,199
So if a command
line argument symbolic,
7050
04:35:28,200 --> 04:35:29,900
so let me just go
through this one.
7051
04:35:29,900 --> 04:35:32,966
So this is how you use it owner
and then call them group.
7052
04:35:32,966 --> 04:35:34,500
Okay, and then the file name
7053
04:35:34,500 --> 04:35:35,700
so you go CH own
7054
04:35:35,700 --> 04:35:38,116
and then you want to say
the name of the owner
7055
04:35:38,116 --> 04:35:40,999
and the group you wanted
to belong to that is root
7056
04:35:41,000 --> 04:35:43,500
and rude and then you
specify the name of the file.
7057
04:35:43,500 --> 04:35:45,200
So suppose I
won't change file one
7058
04:35:45,200 --> 04:35:46,749
that already belongs
to root and root
7059
04:35:46,749 --> 04:35:48,099
so it doesn't really matter
7060
04:35:48,099 --> 04:35:49,299
because I don't have
7061
04:35:49,300 --> 04:35:53,599
any other username to actually
change the ownership to
7062
04:35:53,599 --> 04:35:56,341
so this is how you
would normally change ownership.
7063
04:35:56,342 --> 04:35:57,700
So let me just show you
7064
04:35:57,700 --> 04:36:00,599
where you can see the ownership
and that is LS -
7065
04:36:00,599 --> 04:36:04,199
L and I'll share the root
and root you see on file
7066
04:36:04,200 --> 04:36:06,300
one is basically
this is the owner.
7067
04:36:06,300 --> 04:36:07,500
This is the owner group.
7068
04:36:07,500 --> 04:36:09,900
They're normally the same thing
and the same name,
7069
04:36:09,900 --> 04:36:11,599
but if you had
some different owner
7070
04:36:11,599 --> 04:36:14,599
like a guest you could change it
7071
04:36:14,599 --> 04:36:16,499
by actually using the CH
7072
04:36:16,500 --> 04:36:19,900
own method the command methods
are different things.
7073
04:36:19,900 --> 04:36:22,500
I always get confused
because of the programming.
7074
04:36:22,500 --> 04:36:22,839
Okay.
7075
04:36:22,839 --> 04:36:24,200
Now the next command
7076
04:36:24,200 --> 04:36:27,800
that is left is called
chmod to actually show you
7077
04:36:27,800 --> 04:36:29,000
how chmod works.
7078
04:36:29,000 --> 04:36:31,099
Let me show you
an interesting file.
7079
04:36:31,099 --> 04:36:32,099
So suppose.
7080
04:36:32,099 --> 04:36:34,225
Let me just do this once okay
7081
04:36:34,225 --> 04:36:36,499
now Echo what you want to Echo?
7082
04:36:36,500 --> 04:36:38,200
Oh is let's Echo.
7083
04:36:38,200 --> 04:36:42,599
Hello world and let's put
that in quotation.
7084
04:36:42,599 --> 04:36:45,599
And we want to put
this in test now
7085
04:36:45,599 --> 04:36:46,899
once we've done that lets
7086
04:36:46,900 --> 04:36:47,889
Alas and we see
7087
04:36:47,889 --> 04:36:50,000
that we have
a test file out here
7088
04:36:50,000 --> 04:36:52,599
and we want to move test to test
7089
04:36:52,599 --> 04:36:56,137
our sh so tested sh
is the executable file
7090
04:36:56,137 --> 04:36:58,522
that is used in bash scripting.
7091
04:36:58,599 --> 04:37:02,337
So we move test to test
out sh the way you
7092
04:37:02,338 --> 04:37:06,800
actually execute batch files
on your command line is with .
7093
04:37:06,800 --> 04:37:10,400
+ / she say dot slash
and if I press T,
7094
04:37:10,400 --> 04:37:11,383
and I press tab.
7095
04:37:11,383 --> 04:37:14,399
You see that there is no options
that's coming up.
7096
04:37:14,400 --> 04:37:18,500
That is because they're start
sh is not an executable file
7097
04:37:18,500 --> 04:37:21,800
to test out sh is don't have
the executable permission.
7098
04:37:21,800 --> 04:37:25,000
So let me just show
that to you LS and you see test
7099
04:37:25,000 --> 04:37:27,313
or sh it doesn't
have the executable.
7100
04:37:27,313 --> 04:37:29,599
Now you see movie
it is executable.
7101
04:37:29,599 --> 04:37:31,497
I don't know why
it is a directory.
7102
04:37:31,498 --> 04:37:33,900
So it is an executable
you can move into it.
7103
04:37:33,900 --> 04:37:35,145
So it's blue and color.
7104
04:37:35,145 --> 04:37:36,500
So the way you I actually
7105
04:37:36,500 --> 04:37:39,700
can make this an executable is
by changing his permission.
7106
04:37:39,700 --> 04:37:40,700
So the way you do
7107
04:37:40,700 --> 04:37:45,400
that is chmod and basically
you change it to an executable.
7108
04:37:45,400 --> 04:37:48,500
So plus X that is
making an executable.
7109
04:37:48,500 --> 04:37:50,346
If you do plus RL
make it readable.
7110
04:37:50,346 --> 04:37:52,900
And if you do plus W
will make it writable also,
7111
04:37:52,900 --> 04:37:55,823
so if you do plus X
and do tests or SSH
7112
04:37:56,000 --> 04:37:58,300
and now you go and do LSL,
7113
04:37:58,500 --> 04:38:00,499
you'll see that SSH
has become green
7114
04:38:00,499 --> 04:38:04,099
because it is an executable file
now and now if you do dot slash
7115
04:38:04,099 --> 04:38:05,599
and you press T,
7116
04:38:05,599 --> 04:38:06,786
you get that Sh,
7117
04:38:06,787 --> 04:38:07,900
if I press tab,
7118
04:38:07,900 --> 04:38:10,026
so now it is
an executable file.
7119
04:38:10,026 --> 04:38:11,399
And if I executed it
7120
04:38:11,400 --> 04:38:14,000
presses out hello world
under the my screen.
7121
04:38:14,000 --> 04:38:16,700
So that's how you
can use the chmod
7122
04:38:16,700 --> 04:38:20,000
or which is basically the change
of emissions of files
7123
04:38:20,000 --> 04:38:22,500
and we'll be changing
permissions of files
7124
04:38:22,500 --> 04:38:25,099
throughout the course of
this video will be very useful
7125
04:38:25,099 --> 04:38:26,229
for us and you'll see
7126
04:38:26,230 --> 04:38:27,849
as we go along with this video.
7127
04:38:27,849 --> 04:38:28,086
Okay.
7128
04:38:28,087 --> 04:38:28,961
So the next thing
7129
04:38:28,961 --> 04:38:30,988
that I want to show
you only to our left
7130
04:38:30,988 --> 04:38:32,400
and I remember those now
7131
04:38:32,400 --> 04:38:36,176
and it is RM + RM is used
for actually removing.
7132
04:38:36,176 --> 04:38:38,919
A files so you
should be very careful
7133
04:38:38,919 --> 04:38:40,900
while using RM or any sort
7134
04:38:40,900 --> 04:38:43,400
of removing command
on a Linux system
7135
04:38:43,400 --> 04:38:45,300
because once you
remove something it is
7136
04:38:45,300 --> 04:38:47,900
very difficult to get it back
in as almost The Impossible.
7137
04:38:47,900 --> 04:38:49,674
It's not like Windows
where it's basically
7138
04:38:49,674 --> 04:38:51,350
just disappeared in
front of your eyes,
7139
04:38:51,350 --> 04:38:53,776
but it's still there in
the memory cluttering it all up.
7140
04:38:53,776 --> 04:38:55,535
That's why Linux
always Trump's Windows.
7141
04:38:55,536 --> 04:38:56,800
That's one of the reasons
7142
04:38:56,800 --> 04:38:58,500
and make a video
on that later on.
7143
04:38:58,500 --> 04:39:00,285
But for now,
let's focus on our M.
7144
04:39:00,285 --> 04:39:01,000
Now.
7145
04:39:01,000 --> 04:39:02,807
We can remove file one.
7146
04:39:02,807 --> 04:39:06,500
So, let's see so file one
is going to be removed.
7147
04:39:06,700 --> 04:39:08,500
So if he LS no,
7148
04:39:09,000 --> 04:39:12,700
you see 506 this but let
me show you our M.
7149
04:39:12,996 --> 04:39:14,303
And if I do movie
7150
04:39:14,400 --> 04:39:17,710
it'll say cannot remove
movie is a directory.
7151
04:39:17,710 --> 04:39:22,500
But if you go into the help menu
I bet there will be an option
7152
04:39:22,500 --> 04:39:25,500
that you can just
forcefully should move it.
7153
04:39:25,500 --> 04:39:30,000
So our M force will just
remove so our n /r
7154
04:39:30,430 --> 04:39:31,969
and you can do movie
7155
04:39:32,099 --> 04:39:35,891
and it will recursively remove
everything and if you go Hill
7156
04:39:35,892 --> 04:39:37,500
and do The LSL you'll see
7157
04:39:37,500 --> 04:39:38,777
that there is no movie.
7158
04:39:38,777 --> 04:39:39,872
He directory anymore.
7159
04:39:39,872 --> 04:39:41,800
And that is how you
can remove movies.
7160
04:39:41,800 --> 04:39:42,503
Now that problem
7161
04:39:42,503 --> 04:39:44,700
that you see out there is
actually a safety measure
7162
04:39:44,700 --> 04:39:46,400
because once you
remove a directory
7163
04:39:46,400 --> 04:39:47,800
and it's not retrievable,
7164
04:39:47,800 --> 04:39:49,000
that's a very sad scenario
7165
04:39:49,000 --> 04:39:51,600
and you don't want to get
yourself in such a scenario
7166
04:39:51,600 --> 04:39:53,200
in whatsoever possibility.
7167
04:39:53,200 --> 04:39:55,430
Okay moving on so on so forth
7168
04:39:55,430 --> 04:39:59,200
that was all about the RM folder
now you can do RM
7169
04:39:59,200 --> 04:40:01,200
and address of anything.
7170
04:40:01,200 --> 04:40:05,000
So RM, I know we moved
in address that the x
7171
04:40:05,000 --> 04:40:09,200
t so in The VAR folder
we can go our M VAR
7172
04:40:09,200 --> 04:40:11,600
and dress Dot txt.
7173
04:40:12,000 --> 04:40:15,800
And that will remove address
out the XD from the folder
7174
04:40:15,800 --> 04:40:18,700
of our let me just
show you that work.
7175
04:40:19,000 --> 04:40:21,600
So CD bar and LS and you see
7176
04:40:21,600 --> 04:40:24,277
that there is no address
or txt out here.
7177
04:40:24,277 --> 04:40:27,263
Okay, another way to get
help for any command
7178
04:40:27,263 --> 04:40:30,264
that you want is man
and suppose you want
7179
04:40:30,264 --> 04:40:33,257
to see what RM will show
everything about our M
7180
04:40:33,257 --> 04:40:35,600
that is there to show
to you show you
7181
04:40:35,600 --> 04:40:39,300
how to use use it'll give you
a description schnapps has named
7182
04:40:39,300 --> 04:40:41,100
remove files and directories.
7183
04:40:41,100 --> 04:40:45,115
It's a very useful way so out
here you see is the manual page.
7184
04:40:45,115 --> 04:40:46,739
So that is where means man
7185
04:40:46,739 --> 04:40:48,800
and you can press
line one nature.
7186
04:40:48,800 --> 04:40:50,300
You can press Q to quit.
7187
04:40:50,300 --> 04:40:51,929
So that's very much helpful.
7188
04:40:51,929 --> 04:40:52,400
OK guys.
7189
04:40:52,400 --> 04:40:55,000
So that was all
about the command line interface
7190
04:40:55,000 --> 04:40:58,305
and how we can use it to go
about the operating system
7191
04:40:58,305 --> 04:41:01,300
and change file permissions
copy fires move files
7192
04:41:01,300 --> 04:41:04,400
and a bunch of other stuff now
it's time to get on
7193
04:41:04,400 --> 04:41:05,700
with the interesting stuff
7194
04:41:05,700 --> 04:41:08,600
and that Is firstly we're going
to be learning how you
7195
04:41:08,600 --> 04:41:12,400
can actually see Anonymous
with proxy James OK guys.
7196
04:41:12,400 --> 04:41:15,000
So now that we are done
with the command line Basics.
7197
04:41:15,000 --> 04:41:17,378
It's time that we move
forward with proxy James.
7198
04:41:17,378 --> 04:41:19,845
So before we move forward
with proxy chains,
7199
04:41:19,845 --> 04:41:23,000
let us head back to PowerPoint
presentation and see what
7200
04:41:23,000 --> 04:41:24,700
exactly proxy chains are.
7201
04:41:24,800 --> 04:41:25,200
Okay.
7202
04:41:25,700 --> 04:41:27,800
So proxy chains now
7203
04:41:27,800 --> 04:41:30,966
as the name suggests
proxy chains are basically
7204
04:41:30,966 --> 04:41:32,500
a chain of proxies now,
7205
04:41:32,500 --> 04:41:33,800
where is the proxy used
7206
04:41:33,800 --> 04:41:36,397
a proxy is used whenever
you want to anonymize?
7207
04:41:36,397 --> 04:41:38,600
Has yourself on the wire
or the network?
7208
04:41:38,600 --> 04:41:42,100
You do not want to know or you
do not want to others know
7209
04:41:42,100 --> 04:41:46,400
what the source IP address was
for your client system
7210
04:41:46,400 --> 04:41:47,400
and to do this.
7211
04:41:47,400 --> 04:41:50,800
All you have to do is send
your package through a bunch
7212
04:41:50,800 --> 04:41:52,300
of intermediaries systems
7213
04:41:52,300 --> 04:41:54,900
and these intermediaries systems
carry the bucket out
7214
04:41:54,900 --> 04:41:57,300
and they transmit it
to the Target system.
7215
04:41:57,300 --> 04:41:59,858
And this is much
slower and let's see
7216
04:41:59,858 --> 04:42:02,526
how we can use this
in Kali Linux.
7217
04:42:02,526 --> 04:42:06,100
No in combination with tour
to in order to anonymize.
7218
04:42:06,100 --> 04:42:08,552
Pick not only
on web browsing traffic,
7219
04:42:08,552 --> 04:42:11,720
but rather instead on
all networks related traffic
7220
04:42:11,720 --> 04:42:14,500
generated by pretty
much older applications,
7221
04:42:14,500 --> 04:42:17,100
but you can also change
this in the settings.
7222
04:42:17,100 --> 04:42:19,318
Now, what we're going
to do is we're going
7223
04:42:19,318 --> 04:42:21,700
to open up the proxy
chain configuration file
7224
04:42:21,700 --> 04:42:23,900
and we're going to
understand all its options
7225
04:42:23,900 --> 04:42:25,000
that are available.
7226
04:42:25,000 --> 04:42:25,967
So to do that.
7227
04:42:25,967 --> 04:42:30,000
All you have to do is say no
you go into the ETC folder
7228
04:42:30,000 --> 04:42:33,100
and then you go
for the proxy chain
7229
04:42:33,176 --> 04:42:36,099
that conf and what
do you see out here?
7230
04:42:36,100 --> 04:42:37,500
Is in a new editor
7231
04:42:37,500 --> 04:42:39,900
and we had spoken
about Nano editor
7232
04:42:39,900 --> 04:42:42,017
when we were discussing
the CLI part.
7233
04:42:42,017 --> 04:42:43,900
I hope you haven't skip that now
7234
04:42:43,900 --> 04:42:45,900
what do you see
out here is a bunch
7235
04:42:45,900 --> 04:42:47,700
of instructions and options.
7236
04:42:47,700 --> 04:42:51,110
So let me just zoom in
into the Squall line interface
7237
04:42:51,110 --> 04:42:53,800
and now you can read
everything much well,
7238
04:42:53,800 --> 04:42:55,900
so what proxy jeans is well,
7239
04:42:55,900 --> 04:42:58,600
it gives you the ability
rather to draw out your traffic
7240
04:42:58,600 --> 04:43:00,482
through a series
of proxy servers
7241
04:43:00,482 --> 04:43:03,000
and stay Anonymous
in such a fashion by hiding
7242
04:43:03,000 --> 04:43:05,500
behind them or by having
them forward your request.
7243
04:43:05,500 --> 04:43:07,249
So it looks like
On the other side
7244
04:43:07,249 --> 04:43:09,700
that your requests are coming
from them as opposed
7245
04:43:09,700 --> 04:43:11,400
to you now surprisingly enough.
7246
04:43:11,400 --> 04:43:14,100
There are large amount
of these proxy servers out there
7247
04:43:14,100 --> 04:43:16,800
that you can use but they're
not very stable, you know,
7248
04:43:16,800 --> 04:43:17,889
they go up and down
7249
04:43:17,889 --> 04:43:20,700
and they're not very fast so
far specific targets,
7250
04:43:20,700 --> 04:43:23,700
they can be useful
but not for brute forcing
7251
04:43:23,700 --> 04:43:26,500
and not for any sort
of computing attack.
7252
04:43:26,500 --> 04:43:28,787
So suppose you're doing
something to certain Target
7253
04:43:28,787 --> 04:43:30,987
for trying to log in
or you're already logged
7254
04:43:30,987 --> 04:43:33,100
in you can definitely do it
through proxy chains,
7255
04:43:33,100 --> 04:43:36,158
and it will be reasonably fast
and reasonably stable.
7256
04:43:36,158 --> 04:43:36,800
As well, but
7257
04:43:36,800 --> 04:43:38,877
if you're doing some sort
of mass scanning
7258
04:43:38,877 --> 04:43:40,500
or your brute forcing a password
7259
04:43:40,500 --> 04:43:43,000
or something of a kind
of a proxy chain with a list
7260
04:43:43,000 --> 04:43:44,976
of proxies selected
from the internet,
7261
04:43:44,976 --> 04:43:46,407
especially the free proxies.
7262
04:43:46,407 --> 04:43:47,584
It's not going to work.
7263
04:43:47,584 --> 04:43:50,900
I mean it's going to work out
eventually in a technical sense,
7264
04:43:50,900 --> 04:43:54,429
but it will consume more time
than you can spare and by that.
7265
04:43:54,429 --> 04:43:56,400
I mean it can be
very very long time.
7266
04:43:56,400 --> 04:43:59,100
It can take about months
or two to do a simple scan.
7267
04:43:59,100 --> 04:44:01,900
So that's not an option and
there are other ways of doing
7268
04:44:01,900 --> 04:44:04,300
that but for the time being
I just want you to know
7269
04:44:04,300 --> 04:44:05,952
how you can use proxy jeans
7270
04:44:05,952 --> 04:44:08,400
and How you can configure
it and actually
7271
04:44:08,400 --> 04:44:09,700
because it's really useful
7272
04:44:09,700 --> 04:44:12,100
and I use it fairly
often a lot of people do
7273
04:44:12,100 --> 04:44:14,100
and it's a fantastic
piece of software.
7274
04:44:14,100 --> 04:44:16,400
So first off we have
the types of proxies.
7275
04:44:16,400 --> 04:44:20,000
So you see yes EDP socks
for and socks5 now,
7276
04:44:20,000 --> 04:44:23,050
they are fundamental differences
between these protocols
7277
04:44:23,050 --> 04:44:25,776
and you always want to find
yourself a socks5 proxy
7278
04:44:25,776 --> 04:44:27,594
as that's the best possible one
7279
04:44:27,594 --> 04:44:30,300
and that has the ability
to anonymize all sorts
7280
04:44:30,300 --> 04:44:31,600
of traffic scdp.
7281
04:44:31,600 --> 04:44:35,400
Well as a name it says
it's for HTTP traffic
7282
04:44:35,500 --> 04:44:37,100
and socks for Or is very similar
7283
04:44:37,100 --> 04:44:40,242
to Socks by but it
does not support IPv6 protocol
7284
04:44:40,242 --> 04:44:42,556
and it does not
support UDP protocol.
7285
04:44:42,556 --> 04:44:44,100
So this can be sucks for
7286
04:44:44,100 --> 04:44:47,200
and can be rather problematic
and you always want to make sure
7287
04:44:47,200 --> 04:44:50,571
that you're using socks5
wherever and however any way
7288
04:44:50,571 --> 04:44:53,100
down below you have
these other options,
7289
04:44:53,100 --> 04:44:54,394
which we will go over.
7290
04:44:54,394 --> 04:44:56,800
So basically how you
enable these options is
7291
04:44:56,800 --> 04:44:59,487
that you don't need to type
some complex lines of code
7292
04:44:59,487 --> 04:45:00,680
or anything of any kind
7293
04:45:00,680 --> 04:45:04,000
basically you all you have to do
is just leave the hash out here.
7294
04:45:04,000 --> 04:45:06,104
I'll show you so suppose we want
7295
04:45:06,104 --> 04:45:08,800
Do actually activate
Dynamic jeans option.
7296
04:45:08,800 --> 04:45:11,100
So all we have to do
is delete the hash.
7297
04:45:11,100 --> 04:45:13,100
But let's put
in the harsh right now.
7298
04:45:13,100 --> 04:45:14,550
So after you delete the harsh,
7299
04:45:14,550 --> 04:45:17,000
all you have to do is save
the file and the option
7300
04:45:17,000 --> 04:45:20,859
is enabled this hash presents
a commented out line meaning
7301
04:45:20,859 --> 04:45:23,500
that the system reading
this will ignore
7302
04:45:23,500 --> 04:45:24,748
if there is Harsh and
7303
04:45:24,748 --> 04:45:27,866
if there isn't hash it
will take it into consideration
7304
04:45:27,866 --> 04:45:29,633
and interpret it according you.
7305
04:45:29,633 --> 04:45:31,800
Anyway what we have
here are statements
7306
04:45:31,800 --> 04:45:33,431
which allow us to specify
7307
04:45:33,431 --> 04:45:36,416
how we want our traffic
to be routed the First
7308
04:45:36,416 --> 04:45:39,600
off we have Dynamic
chain Dynamic chain is a some
7309
04:45:39,600 --> 04:45:40,700
and is an option
7310
04:45:40,700 --> 04:45:43,425
which you will find
people using the most it
7311
04:45:43,425 --> 04:45:45,200
is most commonly used option
7312
04:45:45,200 --> 04:45:47,400
and a preferable want
to at that and honestly,
7313
04:45:47,400 --> 04:45:49,600
I think it's the best one
out there primarily
7314
04:45:49,600 --> 04:45:51,200
because it's the most stable one
7315
04:45:51,200 --> 04:45:54,600
and here's why now suppose
you have a b c d proxies.
7316
04:45:54,600 --> 04:45:57,206
So those are some servers
with IP addresses
7317
04:45:57,206 --> 04:45:58,200
with open ports.
7318
04:45:58,200 --> 04:45:59,884
And if you have
a strict chain policy,
7319
04:45:59,884 --> 04:46:01,800
which is enabled
on this computer right now
7320
04:46:01,800 --> 04:46:04,000
as you see if you have
a strict chain policy,
7321
04:46:04,000 --> 04:46:06,100
we can only be able
to access any site
7322
04:46:06,100 --> 04:46:08,700
on Internet in general
by going through ABCD.
7323
04:46:08,700 --> 04:46:10,500
So you have to go
through all of them
7324
04:46:10,500 --> 04:46:13,300
and you have to go through them
in that specific order.
7325
04:46:13,300 --> 04:46:16,209
That is ABCD and that's
not always a good thing.
7326
04:46:16,209 --> 04:46:18,300
I mean if you're paying
for 5 proxies,
7327
04:46:18,300 --> 04:46:19,300
that's not a problem
7328
04:46:19,300 --> 04:46:21,675
because they will
always be operational
7329
04:46:21,675 --> 04:46:23,300
and they will always be up
7330
04:46:23,300 --> 04:46:26,074
and why not that's
not a bad idea or an option
7331
04:46:26,074 --> 04:46:27,800
but there are however people
7332
04:46:27,800 --> 04:46:31,000
who use proxies for free and
they don't tend to pay for them.
7333
04:46:31,000 --> 04:46:33,700
Why would you pay for like
five proxies for simple scan
7334
04:46:33,700 --> 04:46:35,200
or something of that kind?
7335
04:46:35,300 --> 04:46:38,100
They're not free
and the a cost money and they're
7336
04:46:38,200 --> 04:46:39,300
rather expensive also,
7337
04:46:39,300 --> 04:46:42,400
but still, I mean the act
of paying itself identifies you
7338
04:46:42,400 --> 04:46:45,000
and kind of diminishes
the amount of anonymity you have
7339
04:46:45,000 --> 04:46:45,800
on the internet.
7340
04:46:45,800 --> 04:46:47,600
So some complex payment methods
7341
04:46:47,600 --> 04:46:50,300
can still be used
to actually anonymize yourself,
7342
04:46:50,300 --> 04:46:53,241
but it's fairly simple
to just use a dynamic chain.
7343
04:46:53,241 --> 04:46:56,192
So firstly we're going
to go ahead and uncomment
7344
04:46:56,192 --> 04:46:57,700
the dynamic chain option
7345
04:46:57,700 --> 04:47:00,400
and we're going to comment
out the strict chain option.
7346
04:47:00,400 --> 04:47:02,490
So strict chain will
no longer be used and I
7347
04:47:02,490 --> 04:47:03,900
will be using Dynamic chains.
7348
04:47:03,900 --> 04:47:05,271
And one more thing to note here.
7349
04:47:05,271 --> 04:47:06,900
Is that if you want
to use Rocky chains
7350
04:47:06,900 --> 04:47:08,100
in combination with door
7351
04:47:08,300 --> 04:47:09,900
if you want to Route
all your traffic
7352
04:47:09,900 --> 04:47:12,100
through the Tor Network
not just web traffic.
7353
04:47:12,100 --> 04:47:14,500
You must be
enabling Dynamic chains.
7354
04:47:14,500 --> 04:47:15,720
I mean, there's a chance
7355
04:47:15,720 --> 04:47:17,500
that it will work
with strict genes.
7356
04:47:17,500 --> 04:47:19,825
But give the instant
instability of door nodes.
7357
04:47:19,825 --> 04:47:20,900
It is highly unlikely.
7358
04:47:20,900 --> 04:47:23,800
You will need Dynamic jeans
and that is why I'm using them.
7359
04:47:23,800 --> 04:47:26,329
Anyway, if you're using
Dynamic changes just
7360
04:47:26,329 --> 04:47:27,873
give you the ability to go
7361
04:47:27,873 --> 04:47:30,973
from ABCD to your desired
destination by not having
7362
04:47:30,973 --> 04:47:32,400
to adhere to any order.
7363
04:47:32,400 --> 04:47:35,518
So let's say C is down
and you would go a b d
7364
04:47:35,518 --> 04:47:38,000
and it Woodworking
with no problems,
7365
04:47:38,000 --> 04:47:40,300
even if P was down
you would go to a d
7366
04:47:40,300 --> 04:47:42,900
and you would go and still
reach the destination.
7367
04:47:42,900 --> 04:47:46,144
So as long as one single proxy
is functional it's going to work
7368
04:47:46,144 --> 04:47:48,500
and you don't require
any specific order to do
7369
04:47:48,500 --> 04:47:49,842
it down below now down
7370
04:47:49,842 --> 04:47:52,606
below you have some other
options to so first is
7371
04:47:52,606 --> 04:47:54,400
random chains now random chains
7372
04:47:54,400 --> 04:47:55,607
in effect are basically
7373
04:47:55,607 --> 04:47:57,781
the same thing as
resetting your service.
7374
04:47:57,781 --> 04:47:59,767
I mean if you're
resetting your door,
7375
04:47:59,767 --> 04:48:02,428
you will be now assigned
new IP address in Taurus
7376
04:48:02,428 --> 04:48:04,814
is your new IP address
every 10 minutes or so.
7377
04:48:04,814 --> 04:48:06,052
Anyway with the random.
7378
04:48:06,052 --> 04:48:07,347
You can specify a list
7379
04:48:07,347 --> 04:48:09,578
of ips and then you
can tell your computer.
7380
04:48:09,578 --> 04:48:10,800
Okay, I want you to try
7381
04:48:10,800 --> 04:48:12,709
and I want you to connect
to this point and
7382
04:48:12,709 --> 04:48:15,300
every time you connect every
time you transmit the packet,
7383
04:48:15,300 --> 04:48:17,000
I want you to use
a different proxy
7384
04:48:17,000 --> 04:48:18,588
and we can do that as well.
7385
04:48:18,588 --> 04:48:21,700
And that's one of the options
definitely and you can see okay.
7386
04:48:21,700 --> 04:48:23,400
Use this is phone five times
7387
04:48:23,400 --> 04:48:26,300
and then change to another one
or some kind of like that.
7388
04:48:26,300 --> 04:48:28,575
There are a lot of options
to specify their family
7389
04:48:28,575 --> 04:48:30,300
the chain length
any way down below.
7390
04:48:30,300 --> 04:48:31,500
There's quite mode.
7391
04:48:31,500 --> 04:48:33,700
You don't really need
that then that's proxy.
7392
04:48:33,700 --> 04:48:34,900
DNS requests.
7393
04:48:34,900 --> 04:48:36,000
No leak from DNA.
7394
04:48:36,100 --> 04:48:37,600
Stata, this is very important.
7395
04:48:37,600 --> 04:48:40,800
You cannot have any DNA sleek
and let me explain to you what
7396
04:48:40,800 --> 04:48:42,100
DNS leaks are and even
7397
04:48:42,100 --> 04:48:44,994
though somebody cannot get
your particular IP address.
7398
04:48:44,994 --> 04:48:47,398
They can get the IP address
of the DNS server
7399
04:48:47,398 --> 04:48:48,670
that you are using and
7400
04:48:48,670 --> 04:48:52,200
that DNS servers do is resolved
main domain to the IP address
7401
04:48:52,200 --> 04:48:53,200
and vice versa.
7402
04:48:53,200 --> 04:48:54,082
So for example,
7403
04:48:54,082 --> 04:48:55,674
if you type in youtube.com,
7404
04:48:55,674 --> 04:48:58,792
the DNS server of your local
ISP provider will resolve
7405
04:48:58,792 --> 04:49:01,694
that into some sort
of IP address that YouTube has
7406
04:49:01,694 --> 04:49:03,293
and it will make a request.
7407
04:49:03,293 --> 04:49:05,900
No problem and you
do not want that happening
7408
04:49:05,900 --> 04:49:08,934
because Is your local DNS server
will be discovered
7409
04:49:08,934 --> 04:49:10,395
and that is information
7410
04:49:10,395 --> 04:49:11,407
that can be used
7411
04:49:11,407 --> 04:49:14,377
in order to figure out
your personal IP address.
7412
04:49:14,377 --> 04:49:17,094
And when that is done
your physical location
7413
04:49:17,094 --> 04:49:18,800
is pretty much compromised.
7414
04:49:18,800 --> 04:49:20,100
And that's an oval
7415
04:49:20,100 --> 04:49:22,300
and you definitely
need proxy DNS here.
7416
04:49:22,300 --> 04:49:23,700
It might slow you down a bit,
7417
04:49:23,700 --> 04:49:26,100
but without that you're
practically not Anonymous
7418
04:49:26,100 --> 04:49:29,800
and it's just a matter of time
before somebody finds you now,
7419
04:49:29,800 --> 04:49:32,600
if you go down below we have
some other options here,
7420
04:49:32,600 --> 04:49:35,000
but we're not really interested
in them at the moment.
7421
04:49:35,000 --> 04:49:36,600
What we here are for the formats
7422
04:49:36,600 --> 04:49:39,600
for entering proxies and I'm
going to leave it at that.
7423
04:49:39,600 --> 04:49:42,908
So what do you see out here
is first the type of the proxy
7424
04:49:42,908 --> 04:49:46,100
that is sucks 5 then the IP
address then the port number
7425
04:49:46,200 --> 04:49:47,500
and then two words
7426
04:49:47,500 --> 04:49:50,700
that Islam has secret
and then juice to Hidden.
7427
04:49:50,700 --> 04:49:51,000
Okay.
7428
04:49:51,000 --> 04:49:53,900
So now what you see out here
as I just said is
7429
04:49:53,900 --> 04:49:56,700
how you would actually write
down your proxy chains.
7430
04:49:56,700 --> 04:49:59,246
And now as I had already
also said you always want
7431
04:49:59,246 --> 04:50:02,033
to be using socks5 and you
don't want to be using HTTP
7432
04:50:02,033 --> 04:50:03,400
because they're not really
7433
04:50:03,400 --> 04:50:06,800
that safe and socks5
doesn't support a lot of Anyway,
7434
04:50:06,800 --> 04:50:09,200
and this is the IP address
of the proxy server
7435
04:50:09,200 --> 04:50:12,300
that we will enter a few
of them manually later on
7436
04:50:12,300 --> 04:50:14,383
and this here is the port number
7437
04:50:14,383 --> 04:50:17,682
that you see on which
the proxy server is listening
7438
04:50:17,682 --> 04:50:20,784
and that port is open
over here these two words.
7439
04:50:20,784 --> 04:50:22,300
Now what some proxy server
7440
04:50:22,300 --> 04:50:25,300
especially paid ones will always
have a username and password
7441
04:50:25,300 --> 04:50:27,716
so you can just type
them here in plain text
7442
04:50:27,716 --> 04:50:29,422
and fortunately it is assumed
7443
04:50:29,422 --> 04:50:32,600
that only you and you alone
have access to this computer
7444
04:50:32,600 --> 04:50:35,035
besides this file
and besides this file
7445
04:50:35,035 --> 04:50:35,900
is you not know.
7446
04:50:35,900 --> 04:50:37,504
Everybody can read
this file anyway,
7447
04:50:37,504 --> 04:50:39,654
so if you can just type
in the username here
7448
04:50:39,654 --> 04:50:40,500
and password here,
7449
04:50:40,500 --> 04:50:42,479
you will gain access
to a certain proxy
7450
04:50:42,479 --> 04:50:44,797
that you have chosen
or that you have paid for.
7451
04:50:44,797 --> 04:50:46,593
Anyway, these are
just some examples
7452
04:50:46,593 --> 04:50:48,800
and we won't actually
be using these proxies
7453
04:50:48,800 --> 04:50:50,391
or anything of the kind.
7454
04:50:50,391 --> 04:50:53,100
We need to go down
below here here you see
7455
04:50:53,100 --> 04:50:54,700
and at the end of the file.
7456
04:50:54,700 --> 04:50:56,500
So if I just press
enter a couple of times,
7457
04:50:56,500 --> 04:50:57,100
there we go.
7458
04:50:57,100 --> 04:51:01,510
So here is only one proxy active
at the moment and says socks
7459
04:51:01,510 --> 04:51:05,700
for and all traffic is routed
here through Tor by default.
7460
04:51:05,700 --> 04:51:10,000
So That to tour now and tardy
for listens on the sport.
7461
04:51:10,000 --> 04:51:14,600
So this 9:05 is report is white
or listens on now,
7462
04:51:14,600 --> 04:51:18,800
what we want to do is we want
to add socks5 proxy address.
7463
04:51:18,800 --> 04:51:21,700
So what you want to do
is just type in socks5
7464
04:51:21,946 --> 04:51:24,253
and the same IP address socks5
7465
04:51:24,800 --> 04:51:28,500
and you want to be keeping the
spacing correct just use tab.
7466
04:51:28,500 --> 04:51:34,300
So 127 dot 0 dot 0 dot one
and then you want to specify
7467
04:51:34,300 --> 04:51:37,800
the port number the
also so now 0 5 0 so
7468
04:51:37,800 --> 04:51:41,000
what you see out
here the 127. 0.021.
7469
04:51:41,000 --> 04:51:43,100
This is the loopback address
of your computer.
7470
04:51:43,100 --> 04:51:45,100
So this is for any
device communication and
7471
04:51:45,100 --> 04:51:46,700
if you're paying
this address and
7472
04:51:46,700 --> 04:51:48,800
if you're paying yourself
basically and usually
7473
04:51:48,800 --> 04:51:51,000
people think this address
in order to make sure
7474
04:51:51,000 --> 04:51:53,600
that the IP protocol
is set up correctly,
7475
04:51:53,600 --> 04:51:56,086
even though they don't have
internet connectivity.
7476
04:51:56,086 --> 04:51:57,000
So let's just type
7477
04:51:57,000 --> 04:52:02,600
in 1.27 dot 0 dot 0 dot one and
the same port number and 9:05.
7478
04:52:02,800 --> 04:52:07,100
So now we have to press Ctrl o
to save our You can save
7479
04:52:07,100 --> 04:52:08,097
on the same name
7480
04:52:08,097 --> 04:52:11,400
and we're o 65 lines of course
down and that's written
7481
04:52:11,400 --> 04:52:14,700
and now you have to press Ctrl X
and you exit out.
7482
04:52:14,700 --> 04:52:18,400
So let's press Ctrl L
and clear our screen now,
7483
04:52:18,400 --> 04:52:21,300
we just edited
our proxy change configuration
7484
04:52:21,300 --> 04:52:23,088
in a very neat environment.
7485
04:52:23,088 --> 04:52:26,400
So to go ahead and type
in our service door status.
7486
04:52:26,400 --> 04:52:29,700
So we want to check
status of our daughter.
7487
04:52:29,700 --> 04:52:35,900
So service tour still this so
torturous could not be found.
7488
04:52:35,996 --> 04:52:39,303
Sound so do we have
the torturers installed?
7489
04:52:39,600 --> 04:52:40,247
Okay sewed.
7490
04:52:40,247 --> 04:52:41,831
Our service is not installed.
7491
04:52:41,831 --> 04:52:44,700
Just give me a little moment
quickly install it.
7492
04:52:45,115 --> 04:52:45,500
Okay.
7493
04:52:45,500 --> 04:52:47,000
So now that we have set
7494
04:52:47,000 --> 04:52:49,559
up our broccoli
jeans configuration file
7495
04:52:49,559 --> 04:52:51,200
and we have put in a sock
7496
04:52:51,200 --> 04:52:54,100
5 proxy chain giving
it the torch service.
7497
04:52:54,100 --> 04:52:57,534
Now, what we need to do first
is start up our tour service
7498
04:52:57,534 --> 04:52:58,800
now to actually check
7499
04:52:58,800 --> 04:53:00,431
if the car is running or not or
7500
04:53:00,431 --> 04:53:02,411
if the door service
is running or not.
7501
04:53:02,411 --> 04:53:04,000
Let me just clear that out.
7502
04:53:04,000 --> 04:53:06,200
We need to go service
to our star.
7503
04:53:06,800 --> 04:53:09,000
And you see it
says it's inactive.
7504
04:53:09,000 --> 04:53:12,900
So what do you have to do
is say service to our star
7505
04:53:12,900 --> 04:53:15,400
and that will start
the tour service.
7506
04:53:15,400 --> 04:53:17,764
It might take some time
depending on the system
7507
04:53:17,764 --> 04:53:20,900
that you're using and what are
their it has started it for me.
7508
04:53:20,900 --> 04:53:24,400
Now what you have to do
to actually use proxy chains
7509
04:53:24,400 --> 04:53:26,766
before you go to any website.
7510
04:53:26,766 --> 04:53:29,766
So all I have to do
is say proxy chains,
7511
04:53:29,800 --> 04:53:32,303
then you specify the browser
that you're using.
7512
04:53:32,303 --> 04:53:34,100
So we're going
to be using Firefox
7513
04:53:34,100 --> 04:53:38,200
and you could say something
like www dot Duck duck duck
7514
04:53:38,200 --> 04:53:41,000
on so now here you will see
7515
04:53:41,200 --> 04:53:44,346
how your ping is
being transmitted to.
7516
04:53:44,346 --> 04:53:46,500
Dr. Go.com when I say thing,
7517
04:53:46,500 --> 04:53:48,600
I mean your packets
and your requests,
7518
04:53:48,600 --> 04:53:50,200
I'm sorry for my vocabulary.
7519
04:53:50,200 --> 04:53:52,894
So now your packets
are going to be directed
7520
04:53:52,894 --> 04:53:54,900
through a bunch of IP addresses,
7521
04:53:54,900 --> 04:53:57,200
but we haven't actually
put a bunch of you just
7522
04:53:57,200 --> 04:53:59,600
have put the loop back
for the Tor Network.
7523
04:53:59,600 --> 04:54:02,800
So we will let our do the rest
of the things for us.
7524
04:54:02,800 --> 04:54:04,100
Okay, so depending
7525
04:54:04,100 --> 04:54:06,702
on your system this
might take a little bit.
7526
04:54:06,702 --> 04:54:08,487
Of time to actually open up.
7527
04:54:08,487 --> 04:54:08,802
Okay.
7528
04:54:08,802 --> 04:54:10,416
So let's go ahead and see
7529
04:54:10,416 --> 04:54:12,998
what's actually happening
on the terminal
7530
04:54:12,998 --> 04:54:15,000
while this thing is loading up.
7531
04:54:15,100 --> 04:54:17,500
Okay, as you can see
it's going through a bunch
7532
04:54:17,500 --> 04:54:18,613
of proxies out of here
7533
04:54:18,613 --> 04:54:21,263
and some are denying it
and some are saying it's okay.
7534
04:54:21,263 --> 04:54:24,329
So as you guys can see most of
the time you might give tonight
7535
04:54:24,329 --> 04:54:26,388
and it will be a less
number of occasions
7536
04:54:26,388 --> 04:54:28,500
and that is exactly
what we're looking for
7537
04:54:28,500 --> 04:54:32,236
because primarily we have gone
a great extent for the anonymity
7538
04:54:32,236 --> 04:54:34,986
and what do you want
to do is stay like that.
7539
04:54:34,986 --> 04:54:37,800
So this is basically
how you Use proxy chains.
7540
04:54:37,800 --> 04:54:40,700
Now if this computer
just decides to open
7541
04:54:40,700 --> 04:54:43,100
up talk go.com on Mozilla.
7542
04:54:43,100 --> 04:54:45,800
I could actually show you
some interesting stuff
7543
04:54:45,800 --> 04:54:48,500
but it seems my computer
has kind of given up
7544
04:54:48,500 --> 04:54:52,000
on actually opening duck Taco
it still waiting for dr.
7545
04:54:52,000 --> 04:54:55,200
Goes actually confirmation,
but that's about it.
7546
04:54:55,200 --> 04:54:58,900
So this is how you can actually
configure proxy chains.
7547
04:54:58,900 --> 04:54:59,700
I'm really sorry
7548
04:54:59,700 --> 04:55:01,758
that my computer
isn't working right now,
7549
04:55:01,758 --> 04:55:04,747
so well and nothing
is actually opening on Mozilla.
7550
04:55:04,747 --> 04:55:06,608
It's mostly because
my Ram is over.
7551
04:55:06,608 --> 04:55:07,000
Loaded.
7552
04:55:07,000 --> 04:55:09,400
I think I should go
ahead and get myself a new Ram.
7553
04:55:09,400 --> 04:55:11,200
But for now,
let me just also say
7554
04:55:11,200 --> 04:55:13,593
that we can put
some custom proxy lists
7555
04:55:13,593 --> 04:55:16,307
and instead of just
saying let me just go ahead
7556
04:55:16,307 --> 04:55:17,900
and open up that file again
7557
04:55:17,900 --> 04:55:19,398
as you guys and see out here.
7558
04:55:19,398 --> 04:55:21,000
I'm going to end this right now
7559
04:55:21,000 --> 04:55:24,800
because my computer can't really
take all this pressure.
7560
04:55:24,953 --> 04:55:26,646
See it's like so hard.
7561
04:55:26,646 --> 04:55:26,940
Okay.
7562
04:55:26,940 --> 04:55:30,100
Let me just quit out of that and
let me just open up a new one.
7563
04:55:30,100 --> 04:55:31,318
Now as I had said
7564
04:55:31,318 --> 04:55:34,400
that you can put up
some custom proxy lists,
7565
04:55:34,400 --> 04:55:35,530
not really gonna do that.
7566
04:55:35,530 --> 04:55:36,780
But let me just show you.
7567
04:55:36,780 --> 04:55:37,900
You can do that you go.
7568
04:55:37,900 --> 04:55:41,400
No and you go cetera and proxy
7569
04:55:41,800 --> 04:55:45,100
so you basically have to go
into the proxy chain.
7570
04:55:45,400 --> 04:55:48,900
Okay, so I think I
should put this can yeah
7571
04:55:48,900 --> 04:55:51,500
now if you just go in
and edit out here,
7572
04:55:51,500 --> 04:55:53,900
all you have to do is
setup Dynamic jeans
7573
04:55:53,900 --> 04:55:55,900
and you can go online and search
7574
04:55:55,900 --> 04:55:59,000
for free proxy list and
that will give you everything
7575
04:55:59,000 --> 04:56:02,100
that the port number
to the IP address.
7576
04:56:02,200 --> 04:56:06,400
Let me just show it to
you free proxy server.
7577
04:56:06,400 --> 04:56:07,200
Our list.
7578
04:56:07,200 --> 04:56:10,700
So all you have to do is search
for free proxy server list
7579
04:56:10,700 --> 04:56:13,910
and you can see out here
the proxy Davis scbs
7580
04:56:13,910 --> 04:56:16,100
and you basically want to find
7581
04:56:16,100 --> 04:56:19,200
a soft fire proxy to find
self a proxy just add
7582
04:56:19,200 --> 04:56:20,435
that into your keyword.
7583
04:56:20,435 --> 04:56:22,621
And once you find
those proxy addresses,
7584
04:56:22,621 --> 04:56:25,200
all you have to do is take
down this IP address
7585
04:56:25,200 --> 04:56:27,200
and followed by the port number
7586
04:56:27,200 --> 04:56:28,412
and you go ahead
7587
04:56:28,412 --> 04:56:31,900
and just put it down
in this configuration file
7588
04:56:31,900 --> 04:56:33,700
and then you hit control.
7589
04:56:33,700 --> 04:56:37,700
Oh and you just save it
and And you just go back.
7590
04:56:37,700 --> 04:56:39,876
So that was all
about proxy chains and
7591
04:56:39,876 --> 04:56:42,600
how you can set up Roxy change
to set make yourself.
7592
04:56:42,600 --> 04:56:43,370
Very Anonymous.
7593
04:56:43,370 --> 04:56:44,899
I'm sorry hold muscle, uh,
7594
04:56:44,899 --> 04:56:47,800
pardon work that's still
sad state of my computer
7595
04:56:47,800 --> 04:56:51,300
but moving on let's go ahead
and study about Max changes.
7596
04:56:51,300 --> 04:56:51,800
OK guys.
7597
04:56:51,800 --> 04:56:53,800
So that was all
about proxy chains.
7598
04:56:53,800 --> 04:56:55,500
Let's move ahead
to match changer.
7599
04:56:55,500 --> 04:56:55,900
Okay.
7600
04:56:55,900 --> 04:56:58,300
Now before we go into the tool
called Mac changer,
7601
04:56:58,300 --> 04:56:58,974
let's just see
7602
04:56:58,974 --> 04:57:01,603
what a Mac addresses now
Mac address actually stands
7603
04:57:01,603 --> 04:57:03,700
for media Access Control
address of the device
7604
04:57:03,700 --> 04:57:06,600
and is a unique identifier
assigned to a network interface.
7605
04:57:06,600 --> 04:57:09,300
Stroller for communication
purposes now a Mac addresses
7606
04:57:09,300 --> 04:57:10,700
are used as a network address
7607
04:57:10,700 --> 04:57:12,900
for most IEEE a certain
ethnic Technologies,
7608
04:57:12,900 --> 04:57:14,872
including ethernet Wi-Fi
and Bluetooth.
7609
04:57:14,872 --> 04:57:17,000
Now in this context
Mac addresses are used
7610
04:57:17,000 --> 04:57:19,300
in the medium Access
Control protocol sub layer
7611
04:57:19,300 --> 04:57:20,900
and as typically represented
7612
04:57:20,900 --> 04:57:23,677
as Mac addresses are
not recognizable as six groups
7613
04:57:23,677 --> 04:57:25,501
of two hexadecimal digits each.
7614
04:57:25,501 --> 04:57:26,900
Now, these are separated
7615
04:57:26,900 --> 04:57:29,766
by a colon and the first
three hexadecimals are
7616
04:57:29,766 --> 04:57:32,750
actually the organizationally
unique identifier.
7617
04:57:32,750 --> 04:57:35,041
So they actually
represent your vendor
7618
04:57:35,041 --> 04:57:36,924
and the next three Hexadecimal
7619
04:57:36,924 --> 04:57:39,712
is actually represent
your network card unique.
7620
04:57:39,712 --> 04:57:42,518
Okay, so when you are
actually on a network you
7621
04:57:42,518 --> 04:57:45,283
are recognized on something
called an ARP table.
7622
04:57:45,283 --> 04:57:47,324
Let me just show
you the ARP table
7623
04:57:47,324 --> 04:57:48,483
how you can see it.
7624
04:57:48,483 --> 04:57:49,203
Let's go in.
7625
04:57:49,203 --> 04:57:51,893
So the password is root
still an ARP table is
7626
04:57:51,893 --> 04:57:54,599
basically an address
resolution protocol table.
7627
04:57:54,599 --> 04:57:56,480
And well, this is
a virtual machine
7628
04:57:56,480 --> 04:57:58,774
and it doesn't really
know many machines
7629
04:57:58,774 --> 04:58:00,000
on the local network.
7630
04:58:00,000 --> 04:58:01,200
But if I were to go
7631
04:58:01,200 --> 04:58:04,800
on my Windows system and show
you my ARP table, let's see.
7632
04:58:05,100 --> 04:58:07,000
Okay, so if I show
you the ARP table
7633
04:58:07,000 --> 04:58:09,013
of my Windows machine
and on any machine
7634
04:58:09,013 --> 04:58:11,271
that has a TCP IP protocol
suit installed you
7635
04:58:11,271 --> 04:58:12,400
will have this command
7636
04:58:12,400 --> 04:58:14,967
as working called are
and you gave the -
7637
04:58:14,967 --> 04:58:16,000
A and now you see
7638
04:58:16,000 --> 04:58:18,600
that your IP address
or somebody else's
7639
04:58:18,600 --> 04:58:21,400
IP address is actually map
to physical address.
7640
04:58:21,400 --> 04:58:21,600
Now.
7641
04:58:21,600 --> 04:58:23,300
The MAC address
is very commonly used
7642
04:58:23,300 --> 04:58:24,912
in the our protocol and this is
7643
04:58:24,912 --> 04:58:27,206
how you are actually
identified on a network.
7644
04:58:27,206 --> 04:58:28,597
Now sometimes what you want
7645
04:58:28,597 --> 04:58:30,400
to do is be unknown
on this network.
7646
04:58:30,400 --> 04:58:32,702
There are various reasons
why you want to do that.
7647
04:58:32,702 --> 04:58:35,281
Let me just give you an example
of a very malicious.
7648
04:58:35,281 --> 04:58:37,000
Reason that was done
in my college.
7649
04:58:37,000 --> 04:58:40,300
So we asked students would
actually change the MAC address
7650
04:58:40,300 --> 04:58:42,744
of our own computer
to the professor's computer.
7651
04:58:42,744 --> 04:58:45,500
So we would somehow look up
the professor's IP address
7652
04:58:45,500 --> 04:58:47,600
and then come to know
about his Mac address
7653
04:58:47,600 --> 04:58:50,409
and then we would spoof
our Mac to be his Mac address
7654
04:58:50,409 --> 04:58:52,300
and then we would do
some tripe sort
7655
04:58:52,300 --> 04:58:54,900
of malicious activity
on the college internet
7656
04:58:54,900 --> 04:58:56,600
and then internet administrators
7657
04:58:56,600 --> 04:58:58,050
of our college
would come to know
7658
04:58:58,050 --> 04:59:00,000
that that Mac address
is doing some sort
7659
04:59:00,000 --> 04:59:01,275
of malicious activity and
7660
04:59:01,275 --> 04:59:03,576
that Mac address
would get permanently banned
7661
04:59:03,576 --> 04:59:05,035
for that session on the call.
7662
04:59:05,035 --> 04:59:06,304
Dish Network so basically
7663
04:59:06,304 --> 04:59:09,300
our professor would not be able
to use a wireless projectors
7664
04:59:09,300 --> 04:59:12,200
that he would use to actually
show us as presentations
7665
04:59:12,200 --> 04:59:14,257
and we end up
getting a free class.
7666
04:59:14,257 --> 04:59:14,500
Now.
7667
04:59:14,500 --> 04:59:16,437
I am not actually
promoting any sort
7668
04:59:16,437 --> 04:59:17,830
of bad activity like this.
7669
04:59:17,830 --> 04:59:20,930
I have just experienced this
in my own college life.
7670
04:59:20,930 --> 04:59:23,700
So that was something
but there are many other reasons
7671
04:59:23,700 --> 04:59:26,600
that you might want to spoof
your Mac now Mac changer
7672
04:59:26,600 --> 04:59:29,403
is an amazing tool
for actually spoofing your back.
7673
04:59:29,403 --> 04:59:30,300
So first of all,
7674
04:59:30,300 --> 04:59:32,200
how do you come to know
your Mac address?
7675
04:59:32,200 --> 04:59:34,700
So let's see you go ifconfig.
7676
04:59:35,100 --> 04:59:37,557
This will give us
our Mac address.
7677
04:59:37,557 --> 04:59:38,600
Now this dress
7678
04:59:38,600 --> 04:59:42,586
that you see out here is
the MAC address of this machine.
7679
04:59:42,586 --> 04:59:45,304
So you can also check
out the MAC address
7680
04:59:45,304 --> 04:59:46,800
by going Mark changer,
7681
04:59:46,800 --> 04:59:48,858
then let's type
in the help options.
7682
04:59:48,858 --> 04:59:51,800
And this will show us
how to get the MAC address.
7683
04:59:51,800 --> 04:59:54,300
So if you see
there's a show flag
7684
04:59:54,600 --> 04:59:56,700
so we can go Mac changer
7685
04:59:56,800 --> 05:00:00,600
and you can put the S and then
you put the interface now
7686
05:00:00,600 --> 05:00:02,900
the interface is
where it's working.
7687
05:00:02,900 --> 05:00:04,800
So at 0 is where we are.
7688
05:00:04,800 --> 05:00:07,400
Actually getting we
don't want the loopback one.
7689
05:00:07,400 --> 05:00:10,700
So at 0 and this will give
us the MAC address.
7690
05:00:10,700 --> 05:00:14,500
So I can't Mac address is
zero eight zero zero two seven.
7691
05:00:14,500 --> 05:00:16,584
Let's see if that was
the same one shown.
7692
05:00:16,584 --> 05:00:17,819
Where is that matter?
7693
05:00:17,819 --> 05:00:18,400
It's okay.
7694
05:00:18,400 --> 05:00:20,600
So if a 0 a 0 0 to 7,
so, I'm sorry.
7695
05:00:20,600 --> 05:00:21,850
This was the MAC address.
7696
05:00:21,850 --> 05:00:23,400
I selected the wrong thing.
7697
05:00:23,400 --> 05:00:26,863
What I was showing you is
the IPv6 address and you can see
7698
05:00:26,863 --> 05:00:28,199
that's very very long.
7699
05:00:28,199 --> 05:00:29,900
So, this is our Mac address.
7700
05:00:29,900 --> 05:00:33,372
Now what you might want to do
to change your Mac address.
7701
05:00:33,372 --> 05:00:36,100
Well, let's see with V
we can get the version
7702
05:00:36,100 --> 05:00:38,600
with s you can show
we can do the E.
7703
05:00:38,600 --> 05:00:39,900
And as I said,
7704
05:00:39,900 --> 05:00:44,000
if you remember that the first
three bits is about the vendors
7705
05:00:44,000 --> 05:00:47,700
so you can also get
the vendor list by going - L.
7706
05:00:47,700 --> 05:00:48,800
So you go -
7707
05:00:48,800 --> 05:00:52,500
L and this will give you
a list of Mac addresses
7708
05:00:52,500 --> 05:00:55,500
and which rendered
the belong to so sometimes
7709
05:00:55,500 --> 05:00:57,300
if you don't know the vendors
7710
05:00:57,300 --> 05:00:59,694
that are actually
being used on the network
7711
05:00:59,694 --> 05:01:01,400
of your college, for example,
7712
05:01:01,400 --> 05:01:03,502
and you want to
just stay Anonymous
7713
05:01:03,502 --> 05:01:04,986
and not raise any Flags.
7714
05:01:04,986 --> 05:01:06,100
Lakhs of Suspicion
7715
05:01:06,100 --> 05:01:08,900
so you could hide yourself
as a Cisco router.
7716
05:01:08,900 --> 05:01:11,100
So suppose your college
was using all sorts
7717
05:01:11,100 --> 05:01:14,200
of Cisco routers
and you decided that today.
7718
05:01:14,200 --> 05:01:15,900
I'm going to put myself
as a Cisco router
7719
05:01:15,900 --> 05:01:18,200
and I'm going to screw
around with the network.
7720
05:01:18,200 --> 05:01:19,964
So it would not raise any Flags
7721
05:01:19,964 --> 05:01:23,200
before you actually decide
to do some malicious activity
7722
05:01:23,200 --> 05:01:24,500
in some deeper inspection
7723
05:01:24,500 --> 05:01:26,900
of your Mac address people
would actually realize
7724
05:01:26,900 --> 05:01:28,959
that you are actually
spoofing the dress
7725
05:01:28,959 --> 05:01:31,971
and after some investigation
they put Andy take some time
7726
05:01:31,971 --> 05:01:34,500
to actually reach to you
and how you spoofed it,
7727
05:01:34,500 --> 05:01:37,731
but the And of Ginger Mac
is not raising any flags
7728
05:01:37,731 --> 05:01:40,700
and that is exactly
what you should try to do.
7729
05:01:40,800 --> 05:01:45,500
So Mac changer is also
very useful for getting the list
7730
05:01:45,500 --> 05:01:49,000
of all the Mac addresses
and the vendor IDs.
7731
05:01:49,000 --> 05:01:51,700
Now, let me just clear
the screen out quickly.
7732
05:01:51,700 --> 05:01:55,100
So we go clear and let's
bring back the help.
7733
05:01:56,100 --> 05:01:58,900
So we go matching
injure and - help.
7734
05:01:58,900 --> 05:02:02,600
Now, what we want to do is give
ourself a random Mac address
7735
05:02:02,600 --> 05:02:04,200
now Mac changer,
7736
05:02:04,400 --> 05:02:06,000
so that is Done
with the our flag
7737
05:02:06,000 --> 05:02:07,758
and we want to do it on F 0.
7738
05:02:07,758 --> 05:02:08,751
So once you run
7739
05:02:08,751 --> 05:02:11,400
that you will be given
a new Mac address.
7740
05:02:11,400 --> 05:02:14,200
So our new Mac
address is f6c 649
7741
05:02:14,300 --> 05:02:17,500
now you can verify
that by running ifconfig.
7742
05:02:17,500 --> 05:02:19,901
Now we could just do ifconfig
7743
05:02:20,100 --> 05:02:23,844
and you see our new
maxi dress is an ether
7744
05:02:23,844 --> 05:02:27,460
so we could also do something
like this ifconfig
7745
05:02:27,680 --> 05:02:30,000
and you could grab eater.
7746
05:02:30,200 --> 05:02:32,800
So that's just telling
you the MAC address
7747
05:02:32,800 --> 05:02:35,200
and this is completely new also.
7748
05:02:35,200 --> 05:02:38,900
You can show it to
the Mac changer tool itself.
7749
05:02:39,000 --> 05:02:41,615
Okay, so we need
to give it the e0.
7750
05:02:41,615 --> 05:02:43,000
I've got that now.
7751
05:02:43,000 --> 05:02:45,300
You see that this is
our current MAC address
7752
05:02:45,300 --> 05:02:47,930
and this is a permanent
Mac address and their two
7753
05:02:47,930 --> 05:02:49,300
are completely different.
7754
05:02:49,300 --> 05:02:52,673
Sometimes you also might want
to actually change your Mac
7755
05:02:52,673 --> 05:02:55,500
when your laptop is
or your system is booting up
7756
05:02:55,500 --> 05:02:58,617
because you might want
to stay Anonymous all the time.
7757
05:02:58,617 --> 05:03:00,715
Who knows and sometimes
you might think
7758
05:03:00,715 --> 05:03:03,200
I'll actually change it
when I want change it,
7759
05:03:03,200 --> 05:03:04,800
but let's face it we
7760
05:03:04,800 --> 05:03:08,329
We are forgetful as human beings
and we tend to forget things
7761
05:03:08,329 --> 05:03:09,900
that we are supposed to do.
7762
05:03:09,900 --> 05:03:11,500
So what else is better
7763
05:03:11,500 --> 05:03:13,699
than to actually automate
the whole process yourself
7764
05:03:13,699 --> 05:03:16,900
and forget about remembering all
these stupid nitty-gritty stuff.
7765
05:03:16,900 --> 05:03:18,800
So you can tell Linux
7766
05:03:18,800 --> 05:03:21,000
or cardigan enough
to actually change.
7767
05:03:21,000 --> 05:03:24,500
Your Mac address on boot-up
is use this tool called crontab
7768
05:03:24,500 --> 05:03:28,300
now crontab is actually used
for scheduling tasks on Linux.
7769
05:03:28,300 --> 05:03:30,700
So let me show you
how to do that firstly.
7770
05:03:30,700 --> 05:03:33,200
Let's clear our screen
and go crontab
7771
05:03:33,200 --> 05:03:34,800
and go Health now.
7772
05:03:34,800 --> 05:03:36,790
You see it's
a pretty small and menu.
7773
05:03:36,790 --> 05:03:39,320
So first we start
with it you flag that user
7774
05:03:39,320 --> 05:03:42,190
this file is going to work
for then we got the E flag,
7775
05:03:42,190 --> 05:03:45,484
which is for editing crontab
users the users crontab list
7776
05:03:45,484 --> 05:03:48,400
and you can see the list
of users crontab and let's see.
7777
05:03:48,400 --> 05:03:50,200
So do we have
any crunch all this?
7778
05:03:50,200 --> 05:03:53,141
So there is no crontab
at this moment so we can set
7779
05:03:53,141 --> 05:03:55,316
up one for ourselves
by going to the E.
7780
05:03:55,316 --> 05:03:56,300
Then there's the r
7781
05:03:56,300 --> 05:03:59,338
which is delete users crontab
and I want to tell you all be
7782
05:03:59,338 --> 05:04:01,800
very careful when treating
anything of that sort
7783
05:04:01,800 --> 05:04:03,788
because once you delete
something from The Knocks
7784
05:04:03,788 --> 05:04:04,700
that I've already said
7785
05:04:04,700 --> 05:04:05,590
that it It is very
7786
05:04:05,590 --> 05:04:07,808
very difficult to actually
retrieve it back.
7787
05:04:07,808 --> 05:04:11,100
You might get fragmented pieces
of what you had actually deleted
7788
05:04:11,100 --> 05:04:14,100
and that will only leave you
with sadness and Devastation.
7789
05:04:14,100 --> 05:04:18,000
Now, what you want to do is go
through crontab and press e
7790
05:04:18,000 --> 05:04:21,700
and this will bring us to select
an Editor to change later
7791
05:04:21,700 --> 05:04:22,700
on select editor.
7792
05:04:22,760 --> 05:04:24,298
So we'll do it Nano.
7793
05:04:24,300 --> 05:04:26,599
So what do you have out
here is the readme file
7794
05:04:26,599 --> 05:04:29,400
of crontab and if you read
this entire thing you will get
7795
05:04:29,400 --> 05:04:31,066
how to use crontab completely.
7796
05:04:31,066 --> 05:04:32,400
But if you have any sort
7797
05:04:32,400 --> 05:04:35,150
of doubts even after reading
it you can leave them down.
7798
05:04:35,150 --> 05:04:36,600
The comment section below now.
7799
05:04:36,600 --> 05:04:39,655
What do you want to do
is actually set up a crontab
7800
05:04:39,655 --> 05:04:41,000
so that you can change
7801
05:04:41,000 --> 05:04:44,089
your Mac address whenever
you reboot your computer.
7802
05:04:44,089 --> 05:04:46,375
So all you have to do
is say at reboot
7803
05:04:46,375 --> 05:04:48,600
what you want to
done is Mac changer,
7804
05:04:48,600 --> 05:04:51,200
and if you remember we want
to run the MAC address
7805
05:04:51,200 --> 05:04:53,019
and we want it on eat zero.
7806
05:04:53,019 --> 05:04:53,900
So that's done.
7807
05:04:53,900 --> 05:04:54,103
Now.
7808
05:04:54,103 --> 05:04:56,041
All you have to do
is save this thing.
7809
05:04:56,041 --> 05:04:57,100
So you go control.
7810
05:04:57,100 --> 05:04:59,725
Oh and that will write
it out you crontab
7811
05:04:59,725 --> 05:05:00,817
and you press enter
7812
05:05:00,817 --> 05:05:02,796
and you have ridden on one line.
7813
05:05:02,796 --> 05:05:05,800
Now you go control X
you have X is it out?
7814
05:05:05,800 --> 05:05:08,900
So now let us clear the screen
by pressing Ctrl L
7815
05:05:08,900 --> 05:05:12,900
and enter and let's go
ahead and get our Mac address.
7816
05:05:13,000 --> 05:05:14,900
So if we go ahead and run
7817
05:05:14,900 --> 05:05:18,100
that are Mac address
is set to f6c 649.
7818
05:05:18,200 --> 05:05:22,600
So just remember the first few
letters have 66 and 49 now.
7819
05:05:22,600 --> 05:05:25,700
Let me just reboot my computer
and you will see
7820
05:05:25,700 --> 05:05:29,415
after I reboot and run ifconfig
again with gravity table.
7821
05:05:29,415 --> 05:05:32,600
We will see a different
Mac address now rebooting
7822
05:05:32,600 --> 05:05:33,472
my take some time
7823
05:05:33,472 --> 05:05:35,732
because I'm actually
using Of washing machine
7824
05:05:35,732 --> 05:05:38,300
but still now it's given
problems with the Firefox.
7825
05:05:38,300 --> 05:05:40,300
But let's hope this
won't take much time.
7826
05:05:40,700 --> 05:05:41,000
Okay.
7827
05:05:41,000 --> 05:05:43,200
So now that our computer
has booted up
7828
05:05:43,200 --> 05:05:46,200
and we have actually opened
up a terminal let's go
7829
05:05:46,200 --> 05:05:49,700
in and type ifconfig and
let's get in our ether
7830
05:05:49,700 --> 05:05:51,200
that is the MAC address.
7831
05:05:51,200 --> 05:05:52,924
So if you remember
the MAC address now,
7832
05:05:52,924 --> 05:05:55,150
you see that it has
completely changed and that's
7833
05:05:55,150 --> 05:05:56,800
how you can spoof
your Mac address
7834
05:05:56,800 --> 05:05:58,100
on our local network.
7835
05:05:58,100 --> 05:06:00,273
And this will basically help you
7836
05:06:00,273 --> 05:06:03,600
in staying Anonymous
on our protocols and anything
7837
05:06:03,600 --> 05:06:06,705
that actually laughs your IP
address to the MAC address.
7838
05:06:06,705 --> 05:06:07,000
Okay.
7839
05:06:07,000 --> 05:06:09,388
So that was all
about math Changers meet you
7840
05:06:09,388 --> 05:06:10,500
in the next section.
7841
05:06:10,700 --> 05:06:12,600
So in this section,
we will be talking
7842
05:06:12,600 --> 05:06:15,700
about wireless encryption
protocol cracking.
7843
05:06:15,700 --> 05:06:19,200
So that is basically
Wi-Fi cracking now Wi-Fi
7844
05:06:19,200 --> 05:06:22,184
in today's day and age uses pins
7845
05:06:22,184 --> 05:06:25,800
or passwords to normally
encrypt the data usage.
7846
05:06:25,800 --> 05:06:29,900
Basically, if you want to access
the wireless access point,
7847
05:06:29,900 --> 05:06:31,187
you need a password
7848
05:06:31,187 --> 05:06:34,077
or a PIN to actually
gain authorization now
7849
05:06:34,077 --> 05:06:38,100
this authorization Chicken
is done using a for a handshake
7850
05:06:38,100 --> 05:06:42,300
which we will try to capture
using a tool called aircrack-ng
7851
05:06:42,400 --> 05:06:45,000
and then we will try
to crack into the password
7852
05:06:45,000 --> 05:06:47,500
using a wordless
generator called crunch.
7853
05:06:47,500 --> 05:06:51,700
Now, you can use aircrack-ng
to crack WPA and WPA2.
7854
05:06:51,700 --> 05:06:54,800
There's also another protocol
called WEP or WEP
7855
05:06:54,800 --> 05:06:57,400
and that is not normally
used these days.
7856
05:06:57,400 --> 05:06:58,958
If you find anybody using
7857
05:06:58,958 --> 05:07:02,700
that you should always advise
them to actually upgrade to WPA
7858
05:07:02,700 --> 05:07:04,700
or WPA2 because Wei.
7859
05:07:04,700 --> 05:07:07,846
EP is actually very
easily cracking these days
7860
05:07:07,846 --> 05:07:11,062
and people are generally
punished for using WEP
7861
05:07:11,062 --> 05:07:13,300
by hackers all around the world.
7862
05:07:13,300 --> 05:07:13,660
Okay.
7863
05:07:13,660 --> 05:07:17,454
So now you can actually go ahead
and go into a terminal
7864
05:07:17,454 --> 05:07:21,600
and type ifconfig to actually
look at your network card name
7865
05:07:21,600 --> 05:07:23,200
as you guys can see out here.
7866
05:07:23,200 --> 05:07:24,659
It's called wlo one.
7867
05:07:24,659 --> 05:07:25,900
So the first step
7868
05:07:25,900 --> 05:07:28,900
that we need to do to actually
go into the process
7869
05:07:28,900 --> 05:07:32,800
of Wi-Fi cracking is set
up our network access card
7870
05:07:32,800 --> 05:07:34,700
or our access point.
7871
05:07:34,946 --> 05:07:36,100
Monitor mode so
7872
05:07:36,100 --> 05:07:38,600
as you guys can see out here
after typing ifconfig.
7873
05:07:38,600 --> 05:07:39,700
It shows me
7874
05:07:39,700 --> 05:07:43,300
that my Wi-Fi access
God is wl1 interface.
7875
05:07:43,400 --> 05:07:47,200
Now our process of cracking
passwords is pretty simple.
7876
05:07:47,200 --> 05:07:49,700
What we want to do
is actually monitor
7877
05:07:49,700 --> 05:07:52,670
for all sorts of access points
that are nearby to us.
7878
05:07:52,670 --> 05:07:55,200
Once we have chosen
the access point that we
7879
05:07:55,200 --> 05:07:58,801
want to actually penetrate
into and find the password.
7880
05:07:58,801 --> 05:08:02,200
What you want to do is run
a narrow dumps can on it
7881
05:08:02,200 --> 05:08:05,082
and then we will try
and D authenticate any device
7882
05:08:05,082 --> 05:08:07,500
that is connected
to the access point now
7883
05:08:07,500 --> 05:08:08,963
one assumption out here
7884
05:08:08,963 --> 05:08:11,700
is that the password
is saved in that device
7885
05:08:11,700 --> 05:08:14,200
and it will automatically
try to re-authenticate
7886
05:08:14,300 --> 05:08:16,100
itself with the access point
7887
05:08:16,100 --> 05:08:19,796
and we want to catch and log
this re-authentication process
7888
05:08:19,796 --> 05:08:22,600
which will actually have
a four-way handshake
7889
05:08:22,600 --> 05:08:25,319
between your device
and the access point.
7890
05:08:25,319 --> 05:08:26,600
So this is basically
7891
05:08:26,600 --> 05:08:30,054
the procedure we are going
to follow now another thing
7892
05:08:30,054 --> 05:08:32,689
that you need to know
before actually using
7893
05:08:32,689 --> 05:08:35,228
this process to gain
any access to any Is
7894
05:08:35,228 --> 05:08:39,100
that you need to know a little
bit about what the password is?
7895
05:08:39,100 --> 05:08:43,000
Maybe it could be length
or it could be something
7896
05:08:43,000 --> 05:08:46,000
like a specific character
at a specific place.
7897
05:08:46,000 --> 05:08:48,200
Maybe you know
a series of characters.
7898
05:08:48,200 --> 05:08:51,887
So you just can't really guess
the password out of thin air.
7899
05:08:51,887 --> 05:08:53,849
That is not how cracking Works
7900
05:08:53,849 --> 05:08:56,384
unless you have
some unlimited potential
7901
05:08:56,384 --> 05:08:58,809
of processing power
in that case.
7902
05:08:58,809 --> 05:09:02,741
You can very well brute force it
and just find the password,
7903
05:09:02,741 --> 05:09:06,700
but if you are not somebody who
Has unlimited processing power
7904
05:09:06,700 --> 05:09:08,500
and you're trying
to use aircrack-ng.
7905
05:09:08,500 --> 05:09:11,000
You need to know a little bit
about the password.
7906
05:09:11,000 --> 05:09:12,400
Also before we proceed
7907
05:09:12,400 --> 05:09:15,400
with this wireless
encryption protocol cracking.
7908
05:09:15,400 --> 05:09:17,700
What I want to say is
if you want to get
7909
05:09:17,700 --> 05:09:20,800
into somebody's Wi-Fi network,
7910
05:09:20,800 --> 05:09:23,800
or you want to actually
test for vulnerabilities.
7911
05:09:23,800 --> 05:09:26,900
It's better that you test
for router vulnerabilities.
7912
05:09:26,900 --> 05:09:29,135
Then actually cracking
a Wi-Fi password
7913
05:09:29,135 --> 05:09:30,655
because you're more likely
7914
05:09:30,655 --> 05:09:33,078
than not to find
more router vulnerabilities
7915
05:09:33,078 --> 05:09:35,900
than actually successfully
Like a Wi-Fi password
7916
05:09:35,900 --> 05:09:37,700
if you don't know
anything about it,
7917
05:09:37,700 --> 05:09:39,800
if you don't know anything
about the password
7918
05:09:39,800 --> 05:09:42,226
just go ahead and run
some vulnerability tests
7919
05:09:42,226 --> 05:09:45,300
on the router itself and more
often than not you will just
7920
05:09:45,300 --> 05:09:47,161
find something you can abuse.
7921
05:09:47,161 --> 05:09:47,479
Okay.
7922
05:09:47,479 --> 05:09:49,580
Now let's talk
about the two tools
7923
05:09:49,580 --> 05:09:51,300
that I'm going to be using.
7924
05:09:51,300 --> 05:09:52,663
Now these two tools.
7925
05:09:52,663 --> 05:09:55,800
One of them is already
installed on Kali Linux,
7926
05:09:55,800 --> 05:09:58,472
but if you are not using
this on Carly,
7927
05:09:58,472 --> 05:10:01,800
you can also use this
on any Linux based system.
7928
05:10:01,800 --> 05:10:04,228
So what you have
to do is download
7929
05:10:04,228 --> 05:10:05,700
and All aircrack-ng,
7930
05:10:05,700 --> 05:10:07,318
which is easily installed
7931
05:10:07,318 --> 05:10:10,116
with the command
apt-get install aircrack-ng
7932
05:10:10,116 --> 05:10:13,500
and you also have to install
this word list generator
7933
05:10:13,500 --> 05:10:16,804
called crunch now crunch
is easily downloadable
7934
05:10:16,804 --> 05:10:18,600
by just Googling the name
7935
05:10:18,600 --> 05:10:21,197
and the first link
will be a sourceforge link
7936
05:10:21,197 --> 05:10:23,500
and all you have to do
is go inside that
7937
05:10:23,500 --> 05:10:25,911
and install it and
once you've figured out
7938
05:10:25,911 --> 05:10:28,300
how to install crunch
you can make sure
7939
05:10:28,300 --> 05:10:29,500
that its installed.
7940
05:10:39,700 --> 05:10:44,200
Now once you have installed both
the software's you can check out
7941
05:10:44,200 --> 05:10:46,500
if the manual pages
are opening up.
7942
05:10:46,500 --> 05:10:50,014
Let me just open the manual page
of aircrack-ng and show you
7943
05:10:50,014 --> 05:10:52,100
that it has been
properly installed.
7944
05:10:55,400 --> 05:10:57,300
Now as you guys can
see the manual page
7945
05:10:57,300 --> 05:10:58,832
of aircrack-ng opened up
7946
05:10:58,832 --> 05:11:01,900
and the manual page
of crunch is also opening up.
7947
05:11:01,900 --> 05:11:04,406
So that means both
of our software's
7948
05:11:04,406 --> 05:11:07,700
have been successfully
installed on our system.
7949
05:11:07,700 --> 05:11:09,086
Now before we go ahead.
7950
05:11:09,086 --> 05:11:11,800
Let me just show you
how crunch actually works
7951
05:11:11,800 --> 05:11:14,800
so crunch is basically
a wordless generator.
7952
05:11:14,800 --> 05:11:16,800
What you would do is you try
7953
05:11:16,800 --> 05:11:19,857
and generate a word list
with given characters.
7954
05:11:19,857 --> 05:11:23,578
So what you can see out here
is I've typed in crunch 3/5,
7955
05:11:23,578 --> 05:11:27,500
so Means the minimum length is 3
and the maximum length is 5
7956
05:11:27,500 --> 05:11:29,980
and I've given it
a series of numbers.
7957
05:11:29,980 --> 05:11:33,498
So it will use these numbers
and generate all the words
7958
05:11:33,498 --> 05:11:36,300
that are possible
from length 3 to length 5.
7959
05:11:36,300 --> 05:11:39,420
So the way we are going
to use crunch in conjunction
7960
05:11:39,420 --> 05:11:40,400
with aircrack is
7961
05:11:40,400 --> 05:11:43,400
that we are going to use crunch
to generate the word list.
7962
05:11:43,400 --> 05:11:45,500
And then we are going
to pipe the word list
7963
05:11:45,500 --> 05:11:46,941
through aircrack-ng
7964
05:11:46,941 --> 05:11:50,407
when we are actually
trying to capture and crack
7965
05:11:50,407 --> 05:11:53,800
what we will capture
in a certain log file now.
7966
05:11:53,800 --> 05:11:56,426
What you want to do
first is actually put
7967
05:11:56,426 --> 05:11:59,500
your network interface card
on a monitor mode.
7968
05:11:59,500 --> 05:12:00,500
Now you can do
7969
05:12:00,500 --> 05:12:04,500
that by typing in ifconfig
and then the interface name
7970
05:12:04,500 --> 05:12:08,400
which happens to be wl1 and
first you have to put it down.
7971
05:12:08,400 --> 05:12:13,015
So I've config wl1 down now
to put your interface card
7972
05:12:13,015 --> 05:12:14,400
into monitor mode.
7973
05:12:14,400 --> 05:12:17,100
You have to type in IW config
7974
05:12:17,300 --> 05:12:19,358
and you go the name
of the interface
7975
05:12:19,358 --> 05:12:20,900
and then you go mode monitor.
7976
05:12:20,900 --> 05:12:22,700
Okay, it seems
I've spelled it wrong.
7977
05:12:22,700 --> 05:12:24,200
So let me just do it once again.
7978
05:12:24,200 --> 05:12:27,298
So that has put
our network interface card
7979
05:12:27,298 --> 05:12:28,500
into monitor mode
7980
05:12:28,500 --> 05:12:31,809
and what we need to do
after that is we need to start
7981
05:12:31,809 --> 05:12:33,400
up our network interface.
7982
05:12:33,400 --> 05:12:38,500
So all we have to do is type
in ifconfig wl1 up now.
7983
05:12:38,500 --> 05:12:42,423
Once it is up and running you
can check by typing in ifconfig
7984
05:12:42,423 --> 05:12:45,300
that indeed your network
interface card is up
7985
05:12:45,300 --> 05:12:47,802
and running don't worry
is running in monitor mode
7986
05:12:47,802 --> 05:12:49,300
if it's up and running
7987
05:12:49,500 --> 05:12:51,600
what we want to do next
is pretty important
7988
05:12:51,600 --> 05:12:52,716
to the whole process.
7989
05:12:52,716 --> 05:12:53,959
So what we want to do now.
7990
05:12:53,959 --> 05:12:55,556
Now is check for some services
7991
05:12:55,556 --> 05:12:57,900
that might still be running
in the background
7992
05:12:57,900 --> 05:13:00,800
that might hamper
with our whole scanning process.
7993
05:13:00,800 --> 05:13:05,100
So we do this by actually typing
in the command Area 1 and G
7994
05:13:05,100 --> 05:13:07,489
check and then the name
of the interface.
7995
05:13:07,489 --> 05:13:11,117
So as you guys can see nothing
is exactly running right now.
7996
05:13:11,117 --> 05:13:14,500
But if there were any process
running you would only add
7997
05:13:14,500 --> 05:13:16,072
a command airmon-ng check
7998
05:13:16,072 --> 05:13:18,650
and instead of writing
the interface name.
7999
05:13:18,650 --> 05:13:20,600
All you have to do is say kill.
8000
05:13:20,700 --> 05:13:23,100
It will kill any processes now
8001
05:13:23,100 --> 05:13:26,217
if you see Any process named
the network administrator
8002
05:13:26,217 --> 05:13:28,900
you want to kill
that process first separately
8003
05:13:28,900 --> 05:13:31,266
and then kill
any other child processes.
8004
05:13:31,266 --> 05:13:34,300
You may need to actually
run this command few times
8005
05:13:34,300 --> 05:13:35,623
before all the processes
8006
05:13:35,623 --> 05:13:37,730
are killed and then
you're good to go.
8007
05:13:37,730 --> 05:13:38,042
Okay.
8008
05:13:38,042 --> 05:13:41,600
So now that we have finished
killing all the subprocesses.
8009
05:13:41,600 --> 05:13:43,500
What we want to do is run
8010
05:13:43,500 --> 05:13:46,800
and error dumps can on
the network card.
8011
05:13:46,800 --> 05:13:48,100
So that is WL 1.
8012
05:13:48,100 --> 05:13:50,500
So for this we go Aero dump -
8013
05:13:50,500 --> 05:13:53,700
Angie and then we put in
the name of the interface.
8014
05:13:53,700 --> 05:13:55,400
And this will start the scan
8015
05:13:55,400 --> 05:13:57,300
that will look
something like this.
8016
05:13:59,100 --> 05:14:01,584
So after you run
the aerodrome scan
8017
05:14:01,584 --> 05:14:02,900
on your interface,
8018
05:14:02,900 --> 05:14:06,400
what do you see out here is
a result of all the access point
8019
05:14:06,400 --> 05:14:08,700
that is found out
to the monitoring mode.
8020
05:14:08,700 --> 05:14:11,700
Now if you see we have a bunch
of columns out your first
8021
05:14:11,700 --> 05:14:13,833
of all we have the bssid column.
8022
05:14:13,833 --> 05:14:17,100
Now, the bssid column is
basically the MAC address
8023
05:14:17,100 --> 05:14:19,300
of all the routers
that are found.
8024
05:14:19,300 --> 05:14:21,900
No, every router obviously
has a MAC address.
8025
05:14:21,900 --> 05:14:23,440
So those are the MAC address
8026
05:14:23,440 --> 05:14:25,200
that is tied
to the router names,
8027
05:14:25,200 --> 05:14:28,909
which is shown by the SSID then
we How the pwr column we have
8028
05:14:28,909 --> 05:14:31,800
the beacons column we have
the data packets column.
8029
05:14:31,800 --> 05:14:34,000
Another important column
is a channel column.
8030
05:14:34,000 --> 05:14:35,000
It's important know
8031
05:14:35,000 --> 05:14:37,383
which channel your router
is working on.
8032
05:14:37,383 --> 05:14:40,500
Then we can see the cipher
column the authentication
8033
05:14:40,500 --> 05:14:43,000
so out here we can see
the encryption that is used.
8034
05:14:43,000 --> 05:14:45,300
So most of it is using WPA2.
8035
05:14:45,300 --> 05:14:49,400
So what we will be cracking is
basically WPA2 so from this is
8036
05:14:49,400 --> 05:14:53,000
what you need to recognize
is basically the Wi-Fi router
8037
05:14:53,000 --> 05:14:55,100
that you want to crack into now,
8038
05:14:55,100 --> 05:14:57,700
I'm performing this particular
test at my office.
8039
05:14:57,700 --> 05:15:00,652
Is and I don't really have
the permission to actually
8040
05:15:00,652 --> 05:15:03,300
go in and test them
for these vulnerabilities.
8041
05:15:03,300 --> 05:15:05,400
I'm not a security
analyst off here.
8042
05:15:05,400 --> 05:15:06,278
So I don't really
8043
05:15:06,278 --> 05:15:08,500
have the permissions
to penetrate into them.
8044
05:15:08,500 --> 05:15:11,500
So what I have done is I
have run a similar test
8045
05:15:11,500 --> 05:15:13,400
at home using my own Wi-Fi
8046
05:15:13,400 --> 05:15:15,752
and I will show you
the results for that.
8047
05:15:15,752 --> 05:15:17,306
But for this working example,
8048
05:15:17,306 --> 05:15:20,200
you will see the scans
that I'm running in this office.
8049
05:15:20,200 --> 05:15:22,300
So as we intend to stay ethical
8050
05:15:22,300 --> 05:15:25,600
what we are going to do out
here is we are going to capture
8051
05:15:25,600 --> 05:15:27,500
whatever we find in our office.
8052
05:15:27,500 --> 05:15:29,100
For on the educational purposes,
8053
05:15:29,100 --> 05:15:31,900
but when we are doing
the actual cracking step
8054
05:15:31,900 --> 05:15:34,300
that is the last step
of this whole procedure.
8055
05:15:34,300 --> 05:15:37,100
I'll be running it on a file
that I had generated at home
8056
05:15:37,100 --> 05:15:37,800
as I just said
8057
05:15:37,800 --> 05:15:40,762
because I have four missions
to do whatever I want
8058
05:15:40,762 --> 05:15:42,692
with my own Wi-Fi and passwords.
8059
05:15:42,692 --> 05:15:42,989
Okay.
8060
05:15:42,989 --> 05:15:44,029
So for this example,
8061
05:15:44,029 --> 05:15:47,600
I'm going to pick this wi-fi
that is called attract of Wi-Fi
8062
05:15:47,600 --> 05:15:49,700
and it's running
on channel number 6.
8063
05:15:49,700 --> 05:15:52,700
So what do you want to pick
from here is the bssid
8064
05:15:52,700 --> 05:15:53,800
and the channel number
8065
05:15:53,800 --> 05:15:57,100
we need to remember
these two things first the bssid
8066
05:15:57,100 --> 05:15:58,600
and Channel number now.
8067
05:15:58,600 --> 05:16:01,600
What do you want to do after
that is open up a new window
8068
05:16:01,600 --> 05:16:04,300
on your terminal
and login as root.
8069
05:16:05,300 --> 05:16:09,000
Now what we want to do here is
run a separate Arrow dumps can
8070
05:16:09,000 --> 05:16:13,300
on this specific bssid
and check for all the devices
8071
05:16:13,300 --> 05:16:16,300
that are actually connected
to this access point.
8072
05:16:16,300 --> 05:16:18,000
Now we do this by running
8073
05:16:18,000 --> 05:16:20,968
the command airodump-ng
and while we're doing this,
8074
05:16:20,968 --> 05:16:23,627
we also want to capture
all the scan outputs
8075
05:16:23,627 --> 05:16:26,100
that we actually get
into a certain file.
8076
05:16:26,100 --> 05:16:29,900
So we will be actually storing
it in a file called capture
8077
05:16:30,073 --> 05:16:33,226
and then we just have
to pass in the bssid
8078
05:16:33,300 --> 05:16:40,700
and the interface We also
have to specify the channel.
8079
05:16:40,700 --> 05:16:44,351
So let's see what the channel is
1 so the channel is Channel 6.
8080
05:16:44,351 --> 05:16:46,000
So that's what we want to do
8081
05:16:46,000 --> 05:16:49,500
and we specify the Channel
with the - see Flags.
8082
05:16:55,100 --> 05:16:57,900
So after you have identified
the MAC address,
8083
05:16:57,900 --> 05:17:00,800
all you need to do is copy
it down and place it
8084
05:17:00,800 --> 05:17:02,800
with after the bssid flag.
8085
05:17:02,900 --> 05:17:06,500
Okay, so we're going
to run our Command out here
8086
05:17:06,500 --> 05:17:08,800
and we just want to say
our file is going to be
8087
05:17:08,800 --> 05:17:09,900
well test out capture.
8088
05:17:09,900 --> 05:17:11,958
Now that our scan is
up and running.
8089
05:17:11,958 --> 05:17:13,416
All you want to do is wait
8090
05:17:13,416 --> 05:17:16,411
till someone is actually
connected to this access point.
8091
05:17:16,411 --> 05:17:18,000
So I forgot to mention this
8092
05:17:18,000 --> 05:17:20,200
for this process
to actually work properly.
8093
05:17:20,200 --> 05:17:22,449
Somebody needs to be connected
to that access point
8094
05:17:22,449 --> 05:17:25,200
because what we are going to try
and do is disconnect.
8095
05:17:25,200 --> 05:17:27,992
That certain device
and let them reconnect
8096
05:17:27,992 --> 05:17:29,700
and capture that log file.
8097
05:17:29,799 --> 05:17:30,800
Okay, so it seems
8098
05:17:30,800 --> 05:17:32,800
like nobody is actually
connecting to it.
8099
05:17:32,800 --> 05:17:36,900
So at this time I'm going to do
is go back to our Aerodrome scan
8100
05:17:36,900 --> 05:17:37,850
that we had run
8101
05:17:37,850 --> 05:17:41,400
on a network interface and look
at some other Mac address
8102
05:17:41,400 --> 05:17:43,500
or other access point
to actually penetrate
8103
05:17:43,500 --> 05:17:44,900
into and let's see
8104
05:17:44,900 --> 05:17:47,600
if something has actually
connected to that.
8105
05:17:48,300 --> 05:17:49,200
Okay, so
8106
05:17:49,300 --> 05:17:51,900
oh la la now
what do you see out here is
8107
05:17:51,900 --> 05:17:54,700
that somebody has actually
connected to this access point
8108
05:17:54,700 --> 05:17:57,800
and his Mac address can be seen
under the station stab.
8109
05:17:57,800 --> 05:17:58,400
Now.
8110
05:17:58,400 --> 05:17:59,978
What we want to do is run
8111
05:17:59,978 --> 05:18:03,200
the authentication broadcast
message on that station
8112
05:18:03,200 --> 05:18:04,700
and the authenticate that guy.
8113
05:18:05,700 --> 05:18:08,400
No to actually run
the the authentication process.
8114
05:18:08,400 --> 05:18:10,000
All you have to do is go ahead
8115
05:18:10,000 --> 05:18:12,327
and open up a new terminal
window again and let
8116
05:18:12,327 --> 05:18:14,200
this can be running
in the background.
8117
05:18:14,200 --> 05:18:16,300
Don't use any
scanner this moment.
8118
05:18:16,400 --> 05:18:16,727
Okay.
8119
05:18:16,727 --> 05:18:17,897
So the information
8120
05:18:17,897 --> 05:18:20,267
that they need to
remember is the bssid
8121
05:18:20,267 --> 05:18:22,700
or rather the Mac ID
of the station now,
8122
05:18:22,700 --> 05:18:25,900
you also want your monitoring to
be running on the same channel
8123
05:18:25,900 --> 05:18:29,173
so that your the authentication
message is being already
8124
05:18:29,173 --> 05:18:30,900
broadcast on the same channel
8125
05:18:30,900 --> 05:18:34,000
so we can do that easily
by going airmon-ng
8126
05:18:34,000 --> 05:18:37,100
and saying WL One
and you can say start
8127
05:18:37,200 --> 05:18:38,900
on specify channel.
8128
05:18:38,946 --> 05:18:43,253
So what we want to be doing
is running this on Channel 6,
8129
05:18:44,300 --> 05:18:48,000
then we want to go and use
the third suit of tools
8130
05:18:48,000 --> 05:18:52,100
that is are replay now are
replay is used for broadcasting
8131
05:18:52,100 --> 05:18:54,600
the authentication messages
and all sorts of stuff.
8132
05:18:54,600 --> 05:18:57,700
Now you can see all this
in The Help menu also
8133
05:18:57,700 --> 05:19:00,014
and you can do
that by typing in - -
8134
05:19:00,014 --> 05:19:01,800
help if you go down you see
8135
05:19:01,800 --> 05:19:04,100
that you can send
the authentication message
8136
05:19:04,100 --> 05:19:05,400
using the - 0 Flag
8137
05:19:05,400 --> 05:19:07,400
and that's exactly
what you're going to do.
8138
05:19:08,100 --> 05:19:09,507
Then we stay zero again
8139
05:19:09,507 --> 05:19:12,336
because we wanted
constantly send a broadcast
8140
05:19:12,336 --> 05:19:13,700
of the authentication.
8141
05:19:13,700 --> 05:19:15,801
So it's looping
basically and until
8142
05:19:15,801 --> 05:19:17,476
and unless we stop the scan.
8143
05:19:17,476 --> 05:19:20,347
Nobody will actually
be able to access the Wi-Fi.
8144
05:19:20,347 --> 05:19:22,800
So it's basically
like a small toss attack
8145
05:19:23,376 --> 05:19:26,223
and then we want
to specify the bssid.
8146
05:19:27,400 --> 05:19:29,700
Okay, so it seems
like I forgot the whole a tag
8147
05:19:29,700 --> 05:19:32,700
before the bssid and
that should get it working.
8148
05:19:34,300 --> 05:19:35,603
Okay, so it seems
8149
05:19:35,603 --> 05:19:38,900
like I have copied
some wrong bssid I guess.
8150
05:19:39,500 --> 05:19:42,400
So, let me just go ahead
and copy that once properly.
8151
05:19:45,200 --> 05:19:45,900
Okay.
8152
05:19:45,900 --> 05:19:48,300
So now that we have
the proper bssid
8153
05:19:48,300 --> 05:19:49,560
as you guys can see
8154
05:19:49,560 --> 05:19:52,935
we are running the
authentication broadcast message
8155
05:19:52,935 --> 05:19:55,500
on that particular
network access card,
8156
05:19:55,500 --> 05:19:59,700
and now you want to run this
for around a couple of minutes
8157
05:19:59,700 --> 05:20:01,137
so that you become sure
8158
05:20:01,137 --> 05:20:03,500
that all the devices
have disconnected.
8159
05:20:03,500 --> 05:20:05,000
Now while this is happening
8160
05:20:05,000 --> 05:20:07,400
what you're doing is basically
sending a Dos attack
8161
05:20:07,400 --> 05:20:11,100
to that small little Wi-Fi and
you want to catch the handshake
8162
05:20:11,100 --> 05:20:13,612
that occurs between devices
and the router
8163
05:20:13,612 --> 05:20:16,800
that it is connected to
while reconnecting themselves
8164
05:20:19,500 --> 05:20:19,800
Okay.
8165
05:20:19,800 --> 05:20:22,700
So now that we've let's can run
for a couple of minutes.
8166
05:20:22,700 --> 05:20:24,000
Let us just stop it.
8167
05:20:26,000 --> 05:20:28,800
Let's stop this
others can too now.
8168
05:20:28,800 --> 05:20:32,200
If I go and list out
the files on my desktop,
8169
05:20:32,200 --> 05:20:32,900
you should see
8170
05:20:32,900 --> 05:20:35,300
that there's something
called the test capture.
8171
05:20:35,300 --> 05:20:39,303
Now, the test capsule is given
to us in various formats.
8172
05:20:39,303 --> 05:20:43,390
We have the capture format,
which is just capture - 0 1.
8173
05:20:43,390 --> 05:20:46,012
Cap and then we
have test capture CSV.
8174
05:20:46,012 --> 05:20:47,500
We have a Kismet CSV.
8175
05:20:47,500 --> 05:20:48,900
So it gives you a bunch
8176
05:20:48,900 --> 05:20:51,700
of formats to actually
run your cracking on now
8177
05:20:51,700 --> 05:20:53,500
if you remember I
had told you all
8178
05:20:53,500 --> 05:20:55,900
that I have already
generated a similar.
8179
05:20:56,600 --> 05:20:58,000
At home, basically
8180
05:20:58,200 --> 05:21:00,800
when I was trying to crack
into my own home password,
8181
05:21:00,900 --> 05:21:03,366
so I will be running
the tests on that file
8182
05:21:03,366 --> 05:21:05,617
or the cracking procedure
on that file.
8183
05:21:05,617 --> 05:21:08,500
And that is the last step
of this whole procedure.
8184
05:21:08,500 --> 05:21:11,000
So, let me just go ahead
and move into that folder.
8185
05:21:11,000 --> 05:21:14,235
So I go see these can now
as you guys can see out here
8186
05:21:14,235 --> 05:21:15,700
if I list down the files
8187
05:21:15,700 --> 05:21:18,854
if you can see a Capture
One Dot Capture One Dot CSV.
8188
05:21:18,854 --> 05:21:21,207
This is Kismet CSV
and this and that XML.
8189
05:21:21,207 --> 05:21:22,900
So I was not lying when I said
8190
05:21:22,900 --> 05:21:24,549
that I have already
done this at home.
8191
05:21:24,549 --> 05:21:25,900
So we are going to run out.
8192
05:21:25,900 --> 05:21:28,000
Cracking process on
capture with 0 1.
8193
05:21:28,000 --> 05:21:28,800
Cap now.
8194
05:21:28,800 --> 05:21:31,300
Let me just tell you guys
the password for my home.
8195
05:21:31,300 --> 05:21:34,200
Wi-Fi is sweet ship
346 so you can say
8196
05:21:34,200 --> 05:21:35,824
that I know the entire password,
8197
05:21:35,824 --> 05:21:37,500
but I'm going
to act like somebody
8198
05:21:37,500 --> 05:21:41,400
who only has a general idea
of what my password look like.
8199
05:21:41,400 --> 05:21:42,800
So let's say I know
8200
05:21:42,800 --> 05:21:44,686
that my password
contains tweet ship
8201
05:21:44,686 --> 05:21:47,706
but I don't really know the last
three numbers or letters
8202
05:21:47,706 --> 05:21:49,000
or whatever they may be.
8203
05:21:49,000 --> 05:21:52,187
Okay, so we are going
to use crunch once again
8204
05:21:52,187 --> 05:21:54,100
to generate a list of words
8205
05:21:54,100 --> 05:21:58,300
that might include Egypt
346 and let me just open
8206
05:21:58,300 --> 05:22:00,400
the crunch manual for once now
8207
05:22:00,400 --> 05:22:02,500
if you go down
in the crunch manual
8208
05:22:02,500 --> 05:22:04,400
what you'll see is the -
8209
05:22:04,400 --> 05:22:07,700
t so as you guys can see
there is a pattern
8210
05:22:07,700 --> 05:22:10,405
that is pit specified
like after it at the red God
8211
05:22:10,405 --> 05:22:12,700
and Then followed by
four other ad rates
8212
05:22:12,700 --> 05:22:13,963
and all the ad rates
8213
05:22:13,963 --> 05:22:16,600
will be replaced by
a lowercase character.
8214
05:22:16,600 --> 05:22:19,600
Now you can remove
other eight and use a comma
8215
05:22:19,600 --> 05:22:22,500
and be replaced
with an uppercase character
8216
05:22:22,500 --> 05:22:23,800
or you can use percentages
8217
05:22:23,800 --> 05:22:25,533
which in case it
would be numbers.
8218
05:22:25,533 --> 05:22:27,161
Or you could use the caret sign
8219
05:22:27,161 --> 05:22:29,000
in which case it
will insert symbol.
8220
05:22:29,000 --> 05:22:31,100
So when you know the length
of the password
8221
05:22:31,100 --> 05:22:33,800
and also a certain degree
of few letters,
8222
05:22:33,800 --> 05:22:35,362
you can use the hyphen T flag.
8223
05:22:35,362 --> 05:22:36,300
So that is exactly
8224
05:22:36,300 --> 05:22:38,400
what we are going to use
with crunch out here
8225
05:22:38,400 --> 05:22:39,500
for this example.
8226
05:22:39,500 --> 05:22:42,400
So, let me just remind
you guys that the password
8227
05:22:42,400 --> 05:22:45,400
for my home Wi-Fi
is we chipped 346.
8228
05:22:46,100 --> 05:22:48,518
Now what we can do
is we can ask crunch
8229
05:22:48,518 --> 05:22:52,400
to actually generate something
that looks like sweet ship 346.
8230
05:22:52,998 --> 05:22:58,269
So what I could do is say crunch
So the minimum length is 12.
8231
05:22:58,269 --> 05:22:59,000
I already know
8232
05:22:59,000 --> 05:23:01,800
that and the maximum
length is also 12 now.
8233
05:23:01,800 --> 05:23:03,900
Let me just input
in the pattern.
8234
05:23:04,015 --> 05:23:06,784
So we put in the pattern
after - tea.
8235
05:23:07,800 --> 05:23:10,700
So now I'm going to show you
how long it can take.
8236
05:23:10,700 --> 05:23:12,300
So we are just
going to say sweet
8237
05:23:12,300 --> 05:23:14,530
and then put in some ad rates
8238
05:23:14,600 --> 05:23:17,600
and then also get a try
and guess in the numbers.
8239
05:23:17,700 --> 05:23:19,021
So after you've put
8240
05:23:19,021 --> 05:23:22,500
in the pattern you want
to also input which letters
8241
05:23:22,500 --> 05:23:23,885
and numbers it could be
8242
05:23:23,885 --> 05:23:27,200
and I'm just going to input
my entire keyboard out here.
8243
05:23:27,200 --> 05:23:31,516
Now, what you want to do is pipe
this command through aircrack-ng
8244
05:23:31,516 --> 05:23:33,000
is cracking procedure.
8245
05:23:34,800 --> 05:23:35,146
Okay.
8246
05:23:35,146 --> 05:23:39,300
So now what we want to do is
type this command to aircrack-ng
8247
05:23:39,900 --> 05:23:41,507
and we want to write
8248
05:23:41,507 --> 05:23:44,584
from a rather read
from the capture file.
8249
05:23:45,300 --> 05:23:48,100
So what we go is -
W and then -
8250
05:23:48,100 --> 05:23:50,200
and then the capture file name.
8251
05:23:50,200 --> 05:23:51,500
So capture 0 1.
8252
05:23:51,500 --> 05:23:55,246
Cap and then we also
have to specify the essid
8253
05:23:55,246 --> 05:23:59,500
which is given to the E flag
and the essid for my home.
8254
05:23:59,500 --> 05:24:03,200
Wi-Fi is Nest away
underscore cc105.
8255
05:24:03,200 --> 05:24:05,900
So that's actly
what I'm going to type in
8256
05:24:05,900 --> 05:24:10,900
and this will start
the cracking process on my Wi-Fi
8257
05:24:10,915 --> 05:24:12,684
from the captured file.
8258
05:24:12,800 --> 05:24:15,541
So as you guys can see
this is going to take
8259
05:24:15,541 --> 05:24:17,200
a long long long long time
8260
05:24:17,200 --> 05:24:19,600
and I'm not really actually
going to complete it.
8261
05:24:19,600 --> 05:24:20,550
So in this time,
8262
05:24:20,550 --> 05:24:23,700
I'm actually just going to try
and explain why this is
8263
05:24:23,700 --> 05:24:27,100
not very feasible
on a virtual Network.
8264
05:24:27,100 --> 05:24:28,700
So basically this
is not feasible
8265
05:24:28,700 --> 05:24:31,100
because at this moment
why computer is using
8266
05:24:31,100 --> 05:24:33,300
all four of its course
and all the memory
8267
05:24:33,300 --> 05:24:34,300
that is possible.
8268
05:24:34,400 --> 05:24:37,400
So what this means is
on a virtual box.
8269
05:24:37,400 --> 05:24:40,600
This is not really possible
your virtualbox don't really
8270
05:24:40,600 --> 05:24:41,900
have that much power.
8271
05:24:41,900 --> 05:24:45,400
If you are using a 4 core
processor computer only two
8272
05:24:45,400 --> 05:24:47,864
of its maximum course
can be actually allotted
8273
05:24:47,864 --> 05:24:50,100
to your virtual box
machine above that.
8274
05:24:50,100 --> 05:24:52,329
You can't really give
it the entire memory
8275
05:24:52,329 --> 05:24:54,800
because that will make
your computer crash.
8276
05:24:54,800 --> 05:24:57,600
So if you want to do
something like this,
8277
05:24:57,600 --> 05:25:01,646
it's better that you install
Kali Linux as a dual boot or as
8278
05:25:01,646 --> 05:25:05,200
your own daily driver
and then you can do this.
8279
05:25:05,200 --> 05:25:08,800
So this is why I have not done
this on a virtual machine
8280
05:25:08,800 --> 05:25:11,184
and instead downest
on deep in Linux,
8281
05:25:11,184 --> 05:25:13,900
which is my daily
driver operating system.
8282
05:25:13,900 --> 05:25:16,300
Now as you guys can see
this constantly trying
8283
05:25:16,300 --> 05:25:17,900
to actually guess the password
8284
05:25:17,900 --> 05:25:20,300
by actually going
through all the permutations
8285
05:25:20,300 --> 05:25:21,351
and combinations.
8286
05:25:21,351 --> 05:25:24,700
That is basically it's taking
in all the words generated
8287
05:25:24,700 --> 05:25:27,400
from crunch piping it
into the current command.
8288
05:25:27,400 --> 05:25:30,600
That is the aircrack-ng command
and is comparing everything.
8289
05:25:31,200 --> 05:25:33,700
So what I'm going to do is
I'm actually going to end this
8290
05:25:33,700 --> 05:25:36,500
because this will take
a very very very long time.
8291
05:25:36,500 --> 05:25:39,100
And what we're going to do is
we're going to actually try
8292
05:25:39,100 --> 05:25:42,000
and shorten the command
of the or the amount of guessing
8293
05:25:42,000 --> 05:25:43,199
that you're trying to do.
8294
05:25:43,199 --> 05:25:44,800
So, let me just try and do that.
8295
05:25:44,800 --> 05:25:46,836
So as you guys can see out here,
8296
05:25:46,836 --> 05:25:49,080
I have reduced
the number of alphabets
8297
05:25:49,080 --> 05:25:50,900
that might be actually tested.
8298
05:25:50,900 --> 05:25:52,081
But even in this case,
8299
05:25:52,081 --> 05:25:53,900
this will take
a humongous amount
8300
05:25:53,900 --> 05:25:56,000
of time and let me
just show that to you.
8301
05:25:56,100 --> 05:25:59,045
So as you guys can see
the test is running running
8302
05:25:59,045 --> 05:26:00,162
running and running
8303
05:26:00,162 --> 05:26:03,200
and and there's not really
much you can do you can just
8304
05:26:03,200 --> 05:26:05,100
let this run go out
for a cup of coffee
8305
05:26:05,100 --> 05:26:06,200
and then come back
8306
05:26:06,200 --> 05:26:08,047
and you might still
see that drawing.
8307
05:26:08,047 --> 05:26:10,100
It really depends
on what the password is
8308
05:26:10,100 --> 05:26:12,500
and how much time
it takes to crack it
8309
05:26:12,500 --> 05:26:15,600
and how much processing power
you have directly affects
8310
05:26:15,600 --> 05:26:19,838
how much time this will take
so let me just show you guys
8311
05:26:19,838 --> 05:26:22,300
that this is taking
a bunch of time.
8312
05:26:27,100 --> 05:26:27,800
Okay.
8313
05:26:27,800 --> 05:26:30,574
So now that I have
fast-forwarded a lot
8314
05:26:30,574 --> 05:26:32,400
into the scan you can see
8315
05:26:32,400 --> 05:26:34,687
that I have tried
almost two one two,
8316
05:26:34,687 --> 05:26:36,253
seven six zero eight keys.
8317
05:26:36,253 --> 05:26:38,322
So that's more
than a million Keys.
8318
05:26:38,322 --> 05:26:39,600
That's 2 million keys
8319
05:26:39,600 --> 05:26:43,200
that have tried so and it
still hasn't reached at 3:46.
8320
05:26:43,200 --> 05:26:46,100
So what we're going
to do is just to show you
8321
05:26:46,100 --> 05:26:49,300
for demonstration purposes that
this procedure actually works.
8322
05:26:49,300 --> 05:26:52,300
Let me just shorten
guessing even more.
8323
05:26:52,300 --> 05:26:54,900
So what we want to do
is this time we want
8324
05:26:54,900 --> 05:26:56,500
to just guess the numbers
8325
05:26:56,500 --> 05:26:59,700
so We'll modify
our Command accordingly.
8326
05:26:59,900 --> 05:27:01,800
So we just put in
8327
05:27:01,800 --> 05:27:06,200
sweet chip and let the algorithm
just guess at 3:46 part.
8328
05:27:06,200 --> 05:27:08,376
So we're going to
remove the alphabets
8329
05:27:08,376 --> 05:27:10,087
from the guessing scope also
8330
05:27:10,087 --> 05:27:11,565
and as you guys can see
8331
05:27:11,565 --> 05:27:14,200
the password is almost
immediately guessed
8332
05:27:14,200 --> 05:27:16,700
because only 456
keys were tested.
8333
05:27:16,700 --> 05:27:19,895
And as you guys can see it shows
that the key was found
8334
05:27:19,895 --> 05:27:22,733
and it's sweet ship 346 now
let me also show you
8335
05:27:22,733 --> 05:27:25,438
that it works with the guessing
of letters just
8336
05:27:25,438 --> 05:27:27,000
because I don't think of did
8337
05:27:27,000 --> 05:27:29,600
that letters are also guest
and not just numbers.
8338
05:27:29,600 --> 05:27:32,800
So let me make it just gets
the P part that is sweet.
8339
05:27:32,800 --> 05:27:36,000
She and then it should
guess B and then 346.
8340
05:27:36,000 --> 05:27:38,004
So let me just show you that and
8341
05:27:38,004 --> 05:27:41,200
as you guys can see it guesses
it almost immediately
8342
05:27:41,200 --> 05:27:43,900
after just going
through 15,000 Keys.
8343
05:27:43,900 --> 05:27:46,100
Okay, so that brings
us to the end
8344
05:27:46,100 --> 05:27:48,215
of this wi-fi cracking tutorial
8345
05:27:48,215 --> 05:27:50,400
and also to the end
of this video
8346
05:27:50,400 --> 05:27:53,000
which was regarding ethical
hacking using Kali Linux.
8347
05:27:53,000 --> 05:27:55,100
I hope you guys had
a bunch of fun learning
8348
05:27:55,100 --> 05:27:57,000
about Mac changes proxy chain.
8349
05:27:57,000 --> 05:28:00,700
And a bunch of stuff that we did
like Wi-Fi password cracking.
8350
05:28:00,700 --> 05:28:03,429
I hope you practice these
procedures and methodologies
8351
05:28:03,429 --> 05:28:06,900
that have thought you only for
your own educational purposes
8352
05:28:06,900 --> 05:28:10,629
and not use it to harm anybody
or do anything harmful with it
8353
05:28:10,629 --> 05:28:13,100
because let me just tell
you very seriously
8354
05:28:13,100 --> 05:28:15,302
that you can be prosecuted
by the law.
8355
05:28:15,302 --> 05:28:18,100
So let's end this video
on a good note by saying
8356
05:28:18,100 --> 05:28:20,758
please practice this
for only educational purposes.
8357
05:28:20,758 --> 05:28:22,300
Let me just show you that and
8358
05:28:22,300 --> 05:28:25,500
as you guys can see it guesses
it almost immediately
8359
05:28:25,500 --> 05:28:28,100
after just going
through 18,000 Keys.
8360
05:28:28,100 --> 05:28:30,368
Okay, so that brings
us to the end
8361
05:28:30,368 --> 05:28:32,500
of this wi-fi cracking tutorial
8362
05:28:32,500 --> 05:28:34,700
and also to the end
of this video
8363
05:28:34,700 --> 05:28:37,300
which was regarding ethical
hacking using Kali Linux.
8364
05:28:37,300 --> 05:28:39,400
I hope you guys had
a bunch of fun learning
8365
05:28:39,400 --> 05:28:42,455
about Mac changes proxy chains
and a bunch of stuff
8366
05:28:42,455 --> 05:28:44,900
that we did like
Wi-Fi password cracking.
8367
05:28:44,900 --> 05:28:47,688
I hope you practice these
procedures and methodologies
8368
05:28:47,688 --> 05:28:51,179
that have taught you only for
your own educational purposes
8369
05:28:51,179 --> 05:28:54,800
and not use it to harm anybody
or do anything harmful with it
8370
05:28:54,800 --> 05:28:57,100
because let me just tell you
when he sees this.
8371
05:28:57,100 --> 05:28:59,596
You that you can be
prosecuted by the law.
8372
05:28:59,596 --> 05:29:02,456
So let's end this video
on a good note by saying
8373
05:29:02,456 --> 05:29:05,500
please practice this
for only educational purposes.
8374
05:29:10,107 --> 05:29:13,900
If you are a hacker
pentester security researcher
8375
05:29:13,900 --> 05:29:15,000
or just another person
8376
05:29:15,000 --> 05:29:17,600
who picks Google in front
of friends to look cool,
8377
05:29:17,700 --> 05:29:18,500
then it's likely
8378
05:29:18,500 --> 05:29:21,687
that you must have already known
about some Linux distros,
8379
05:29:21,687 --> 05:29:23,700
which are particularly
made for them.
8380
05:29:23,700 --> 05:29:24,068
Today.
8381
05:29:24,068 --> 05:29:27,200
We're going to explore
one such Linux distro parrot.
8382
05:29:27,200 --> 05:29:30,600
Security OS one of
the leading Linux distribution
8383
05:29:30,600 --> 05:29:33,600
and penetration testing
and ethical hacking.
8384
05:29:33,600 --> 05:29:36,608
So let's quickly go
through today's agenda first.
8385
05:29:36,608 --> 05:29:38,300
We will Begin by discussing
8386
05:29:38,300 --> 05:29:41,587
how Linux distributions are
suitable for ethical hacking
8387
05:29:41,587 --> 05:29:43,631
and different type
of Linux distros
8388
05:29:43,631 --> 05:29:45,854
that are available
for ethical hacking
8389
05:29:45,854 --> 05:29:47,371
and penetration testing.
8390
05:29:47,371 --> 05:29:49,900
Then we will begin
with our today's topic
8391
05:29:49,900 --> 05:29:51,613
which is parrot security OS
8392
05:29:51,613 --> 05:29:54,153
we will discuss
its features its history.
8393
05:29:54,153 --> 05:29:57,200
If or not parrot security OS
is suitable for you.
8394
05:29:57,200 --> 05:29:58,815
Moving on we will see
8395
05:29:58,815 --> 05:30:02,584
how particular day
OS is different from Kali Linux
8396
05:30:02,600 --> 05:30:04,134
and then I'll show you
8397
05:30:04,134 --> 05:30:07,900
how to install parrot security
OS using VMware software
8398
05:30:07,900 --> 05:30:10,572
and finally we'll end
the session by taking
8399
05:30:10,572 --> 05:30:13,543
a look at few popular
parrot security OS tools.
8400
05:30:13,543 --> 05:30:15,944
So I hope agenda
was cleared you guys.
8401
05:30:15,944 --> 05:30:17,941
Let's get started
then a security
8402
05:30:17,941 --> 05:30:21,080
focused operating system is
a hacker's best friend
8403
05:30:21,080 --> 05:30:24,000
as it helps a hacker
to detect the weaknesses
8404
05:30:24,000 --> 05:30:26,800
in computer systems
or computer networks.
8405
05:30:26,800 --> 05:30:30,211
whether you want to pursue
a career in information security
8406
05:30:30,211 --> 05:30:33,270
or you are already working
as a security professional
8407
05:30:33,270 --> 05:30:36,200
or if you are just interested
in this specific field
8408
05:30:36,200 --> 05:30:38,500
for fun or decent Linux distro,
8409
05:30:38,500 --> 05:30:41,700
that suits your purpose
is always a must now
8410
05:30:41,700 --> 05:30:42,900
if you're wondering
8411
05:30:42,900 --> 05:30:46,329
what a line X destroys
it is a Linux distribution
8412
05:30:46,329 --> 05:30:50,500
that has been curated to perform
security related tasks on most
8413
05:30:50,500 --> 05:30:54,459
of the time a lonex distro will
have a line X base of the Ubuntu
8414
05:30:54,459 --> 05:30:58,500
or Debian flavor and the usually
Some custom tools pre-installed
8415
05:30:58,500 --> 05:30:59,314
in it as well.
8416
05:30:59,314 --> 05:31:01,700
As you guys know
line X is the best choice
8417
05:31:01,700 --> 05:31:04,478
for Security Professionals
for obvious reasons.
8418
05:31:04,478 --> 05:31:05,083
And hence.
8419
05:31:05,083 --> 05:31:07,885
Most of the Destroyers
are usually built on it
8420
05:31:07,885 --> 05:31:09,662
a line X distro can help you
8421
05:31:09,662 --> 05:31:11,027
in performing analysis
8422
05:31:11,027 --> 05:31:14,600
ethical hacking then iteration
testing digital forensic task
8423
05:31:14,600 --> 05:31:16,600
and various other
auditing purpose,
8424
05:31:16,600 --> 05:31:18,443
but guys apart
from these destroys.
8425
05:31:18,443 --> 05:31:21,100
There are other open
source tools as well that you
8426
05:31:21,100 --> 05:31:23,949
can bundle and use as
per customer requirements,
8427
05:31:23,949 --> 05:31:26,800
but using these destroys
have lot of advantages.
8428
05:31:26,800 --> 05:31:27,750
Like first default,
8429
05:31:27,750 --> 05:31:30,550
they save a lot of time and
effort that you need to spend
8430
05:31:30,550 --> 05:31:32,800
when you are dealing
with customer requirements.
8431
05:31:32,800 --> 05:31:35,333
Secondly the help
beginners to easily start
8432
05:31:35,333 --> 05:31:36,600
with security testing
8433
05:31:36,600 --> 05:31:38,900
without having to get
into the nitty gritties
8434
05:31:38,900 --> 05:31:40,100
of operating system.
8435
05:31:40,100 --> 05:31:41,400
And lastly the most
8436
05:31:41,400 --> 05:31:44,205
popular reason is you have
great pool of distros
8437
05:31:44,205 --> 05:31:45,817
that you can choose from most
8438
05:31:45,817 --> 05:31:48,725
of the time Kali Linux is
the obvious first choice
8439
05:31:48,725 --> 05:31:51,200
of operating system
for every new hacker.
8440
05:31:51,200 --> 05:31:53,700
If you ask me why
the obvious answer would be
8441
05:31:53,700 --> 05:31:57,200
because Kali Linux is lot
of cool things it comes bundled.
8442
05:31:57,200 --> 05:32:00,020
With the curated collection
of tools moreover.
8443
05:32:00,020 --> 05:32:03,135
These tools are organized
into easy-to-navigate menu
8444
05:32:03,135 --> 05:32:04,492
and a Lifeboat option.
8445
05:32:04,492 --> 05:32:08,200
That's very new be user-friendly
as an it's very friendly
8446
05:32:08,200 --> 05:32:09,594
to new ethical hacker,
8447
05:32:09,594 --> 05:32:12,455
but guys cullinane X is
in the only distribution
8448
05:32:12,455 --> 05:32:14,465
which is targeted at pentesters.
8449
05:32:14,465 --> 05:32:17,522
There are many exciting
Alternatives that may better
8450
05:32:17,522 --> 05:32:18,635
fit your use case.
8451
05:32:18,635 --> 05:32:21,800
Anyway, let's begin
our discussion with Kali Linux.
8452
05:32:21,800 --> 05:32:24,900
It was developed by
a fancy security as a rewrite
8453
05:32:24,900 --> 05:32:27,100
of backtrack Kali Linux distro.
8454
05:32:27,100 --> 05:32:29,294
Those tops the list
of best operating system
8455
05:32:29,294 --> 05:32:31,000
for ethical hacking purposes.
8456
05:32:31,000 --> 05:32:32,906
And then there is
parrot security OS
8457
05:32:32,906 --> 05:32:34,651
which is our today's discussion.
8458
05:32:34,651 --> 05:32:37,298
It is a mixture
of Frozen box operating system
8459
05:32:37,298 --> 05:32:38,100
and Kali Linux.
8460
05:32:38,100 --> 05:32:41,200
It's the second most popular
operating system vertical acting
8461
05:32:41,200 --> 05:32:42,800
and penetration testing is well,
8462
05:32:42,900 --> 05:32:44,841
and then you have
back box Linux.
8463
05:32:44,841 --> 05:32:48,300
It's a win to based operating
system with its focus mainly
8464
05:32:48,300 --> 05:32:51,232
on security assessment
and penetration testing.
8465
05:32:51,232 --> 05:32:53,400
Then you have been
to and excellent
8466
05:32:53,400 --> 05:32:55,900
hacking operating system
with wide variety of tools
8467
05:32:55,900 --> 05:32:57,900
that you can choose from Apart
8468
05:32:57,900 --> 05:33:02,400
from this you have deaf clinics
blackout lining cyborg backtrack
8469
05:33:02,400 --> 05:33:03,449
and many others.
8470
05:33:03,449 --> 05:33:05,220
But as for today's session,
8471
05:33:05,220 --> 05:33:08,500
we will be discussing
about parrot operating system
8472
05:33:08,500 --> 05:33:10,561
that it OS is the second most
8473
05:33:10,561 --> 05:33:14,400
popular Linux distro vertical
hacking after Kali Linux.
8474
05:33:14,400 --> 05:33:17,400
It is a comprehensive
portable security lab
8475
05:33:17,400 --> 05:33:20,900
that you can use for cloud
penetration testing computer
8476
05:33:20,900 --> 05:33:24,639
for insects reverse engineering
hacking cryptography
8477
05:33:24,639 --> 05:33:26,900
and many other
security purposes.
8478
05:33:26,900 --> 05:33:30,600
Now a little bit about
his history the first release
8479
05:33:30,600 --> 05:33:34,000
of parrot OS appeared
in April 10 2013.
8480
05:33:34,200 --> 05:33:37,500
Originally it was developed
as part of Frozen box.
8481
05:33:37,500 --> 05:33:39,894
Now it has grown
to include a community
8482
05:33:39,894 --> 05:33:41,532
of Open Source developers
8483
05:33:41,532 --> 05:33:45,400
Professional Security Experts
Advocates of digital rights
8484
05:33:45,400 --> 05:33:48,700
and Linux enthusiasts
from all over the world.
8485
05:33:48,700 --> 05:33:51,556
Well compared to others
para sacar TOS promises
8486
05:33:51,556 --> 05:33:53,496
a lightweight operating system
8487
05:33:53,496 --> 05:33:56,600
and it's highly efficient along
with its plethora
8488
05:33:56,600 --> 05:34:00,700
of Recognize tools you also
get the opportunity to work
8489
05:34:00,700 --> 05:34:02,391
and surf anonymously
8490
05:34:02,400 --> 05:34:05,210
which is like a granted wish
to an ethical hacker
8491
05:34:05,210 --> 05:34:08,617
or any penetration tester
will learn about other features
8492
05:34:08,617 --> 05:34:10,500
in the later part
of the session.
8493
05:34:10,500 --> 05:34:15,400
So moving on since its release
in 2013 parrot has grown rapidly
8494
05:34:15,400 --> 05:34:16,630
and currently offers
8495
05:34:16,630 --> 05:34:20,265
many different flavors targeted
towards different use cases.
8496
05:34:20,265 --> 05:34:20,994
For example,
8497
05:34:20,994 --> 05:34:22,909
like I said,
we have para security.
8498
05:34:22,909 --> 05:34:24,547
It's the original parrot OS
8499
05:34:24,547 --> 05:34:26,899
and is designed
with penetration testing.
8500
05:34:26,900 --> 05:34:28,684
Forensics hacking development
8501
05:34:28,684 --> 05:34:31,644
and privacy in mind then
you also have parrot home
8502
05:34:31,644 --> 05:34:34,000
which is targeted
towards desktop users.
8503
05:34:34,000 --> 05:34:36,482
It strips out
the penetration testing packages
8504
05:34:36,482 --> 05:34:39,600
and presents are nicely
configured Debian environment.
8505
05:34:39,600 --> 05:34:41,942
Then you have parrot
are it's focused
8506
05:34:41,942 --> 05:34:45,000
on wireless penetration
testing borrowed Studio.
8507
05:34:45,000 --> 05:34:47,509
It's designed with
multimedia Creation in mind.
8508
05:34:47,509 --> 05:34:49,800
Then you have parrot
Cloud the most popular
8509
05:34:49,800 --> 05:34:53,010
it Target server applications
giving the user access
8510
05:34:53,010 --> 05:34:56,000
to full suit of penetration
testing tools included
8511
05:34:56,000 --> 05:34:57,100
in part security.
8512
05:34:57,200 --> 05:34:59,600
But it doesn't have
a graphical front end
8513
05:34:59,600 --> 05:35:02,100
like we do in Paris
security moving on.
8514
05:35:02,100 --> 05:35:03,700
We also have parrot iot.
8515
05:35:03,700 --> 05:35:06,600
It's designed for low
resources devices such as
8516
05:35:06,600 --> 05:35:08,231
orange Pi Raspberry Pi
8517
05:35:08,231 --> 05:35:10,900
and you have pine
64 and many others.
8518
05:35:10,900 --> 05:35:11,700
So it's true
8519
05:35:11,700 --> 05:35:14,300
that pallet security was
doesn't have large community
8520
05:35:14,300 --> 05:35:16,900
of users behind it
as Kali Linux dust,
8521
05:35:16,900 --> 05:35:19,094
but the distribution
has been gaining a lot
8522
05:35:19,094 --> 05:35:20,400
of momentum recent years.
8523
05:35:20,400 --> 05:35:22,700
So things could be
very different just a year
8524
05:35:22,700 --> 05:35:23,500
or two from now.
8525
05:35:23,700 --> 05:35:25,700
So let me convince you more.
8526
05:35:25,700 --> 05:35:28,815
Let's just discuss A features
of parasitic rtos.
8527
05:35:28,815 --> 05:35:31,400
Let's start with
the system requirement.
8528
05:35:31,400 --> 05:35:33,042
It's based on Debian 9.
8529
05:35:33,042 --> 05:35:34,400
It runs on a custom
8530
05:35:34,400 --> 05:35:38,389
hardened line X 4.5 kernel
uses a mate desktop
8531
05:35:38,389 --> 05:35:40,620
and light DM display manager.
8532
05:35:40,900 --> 05:35:44,100
It requires a minimum
of 256 MB RAM
8533
05:35:44,100 --> 05:35:48,100
and works with both 32
and 64-bit systems as well as
8534
05:35:48,100 --> 05:35:50,500
a are incompatible version apart
8535
05:35:50,500 --> 05:35:53,894
on this parrot OS can also
be installed on cloud
8536
05:35:53,894 --> 05:35:57,100
and updated to perform
cloud-based security.
8537
05:35:57,400 --> 05:35:59,861
So basically it
runs on Debian 9.
8538
05:36:00,015 --> 05:36:03,784
It is compatible with 32
as well as 64-bit systems
8539
05:36:04,000 --> 05:36:05,900
and a RM systems as well
8540
05:36:06,100 --> 05:36:09,100
and it requires a minimum
of 256 MB RAM.
8541
05:36:09,100 --> 05:36:12,324
So those are the system
requirements moving on it
8542
05:36:12,324 --> 05:36:13,956
also supports anonymity.
8543
05:36:13,956 --> 05:36:17,964
It offers a tool called and non
surf including anonymization
8544
05:36:17,964 --> 05:36:19,800
of entire operating system.
8545
05:36:19,800 --> 05:36:21,100
It comes with custom-built
8546
05:36:21,100 --> 05:36:24,625
anti-foreign sick tools
interfaces for gpg and crisp
8547
05:36:24,625 --> 05:36:26,400
that up originally it also
8548
05:36:26,400 --> 05:36:30,488
supports Bose encryption tools
such as Elle UK has truecrypt
8549
05:36:30,488 --> 05:36:34,700
and veracrypt and many others
moving on it also supports
8550
05:36:34,700 --> 05:36:37,762
forensic boot option
to shut put Ottomans
8551
05:36:37,762 --> 05:36:39,600
plus many more it braces
8552
05:36:39,600 --> 05:36:43,500
Falcon programming language
multiple compilers debuggers
8553
05:36:43,500 --> 05:36:46,115
and Beyond it also
provides full support
8554
05:36:46,115 --> 05:36:49,200
for developing Frameworks
for embedding systems
8555
05:36:49,200 --> 05:36:50,800
and many other amazing features.
8556
05:36:51,000 --> 05:36:53,855
So Guys, these are
few features of para todos.
8557
05:36:53,855 --> 05:36:56,664
So basically parrot
operating system supports
8558
05:36:56,664 --> 05:37:00,145
and Amity it offers different
kind of cryptography tools.
8559
05:37:00,145 --> 05:37:04,228
It also supports forensic mode
and it also provides opportunity
8560
05:37:04,228 --> 05:37:06,694
to develop Frameworks
for embedded systems
8561
05:37:06,694 --> 05:37:09,100
and many other amazing
features moving on
8562
05:37:09,100 --> 05:37:11,805
before you go ahead and use
parrot OS there are
8563
05:37:11,805 --> 05:37:13,351
some important considerations
8564
05:37:13,351 --> 05:37:15,262
that you need to take
a look at first
8565
05:37:15,262 --> 05:37:18,182
of all parrot towards provides
general purpose features,
8566
05:37:18,182 --> 05:37:20,177
like any other normal
operating system,
8567
05:37:20,177 --> 05:37:23,259
but guys before you go ahead
and use para Todo es there are
8568
05:37:23,259 --> 05:37:24,800
some important considerations
8569
05:37:24,800 --> 05:37:26,834
that you need to take
a look at first.
8570
05:37:26,834 --> 05:37:29,200
Of all it provides
general purpose features,
8571
05:37:29,200 --> 05:37:31,300
like any other normal
operating system does
8572
05:37:31,400 --> 05:37:34,424
but at its core it
is still tuned for security
8573
05:37:34,424 --> 05:37:35,500
and foreign six.
8574
05:37:35,500 --> 05:37:37,852
Now, let's see
how different parrot OS is
8575
05:37:37,852 --> 05:37:39,260
from other distributions.
8576
05:37:39,260 --> 05:37:42,300
Bharat is different from
a general-purpose distribution
8577
05:37:42,300 --> 05:37:45,200
because it does not try
to hide its features.
8578
05:37:45,200 --> 05:37:48,552
For example, there is a tool
called parrot update reminder.
8579
05:37:48,552 --> 05:37:51,600
It's simple yet powerful program
using this program.
8580
05:37:51,600 --> 05:37:54,129
You can check for system
upgrades once a week,
8581
05:37:54,129 --> 05:37:56,996
but instead of hiding
the upgrade process behind it.
8582
05:37:56,996 --> 05:37:59,473
This part like any
other operating system.
8583
05:37:59,473 --> 05:38:01,826
It shows the user
the full update process
8584
05:38:01,826 --> 05:38:03,056
from the APT output.
8585
05:38:03,056 --> 05:38:05,700
So you can see the upgrade
process going on.
8586
05:38:05,700 --> 05:38:07,600
Secondly parrot was designed
8587
05:38:07,600 --> 05:38:11,000
to be a very comfortable
environment for Security Experts
8588
05:38:11,000 --> 05:38:11,960
and researchers.
8589
05:38:11,960 --> 05:38:14,600
It includes many basic
programs for daily use
8590
05:38:14,600 --> 05:38:17,500
which other penetration
testing distributions usually
8591
05:38:17,500 --> 05:38:21,200
exclude part security includes
its own sandbox system.
8592
05:38:21,200 --> 05:38:25,066
I mean, it provides a secure
distribution user applications
8593
05:38:25,066 --> 05:38:28,600
and parrot are protected
to Emmett the damages in case
8594
05:38:28,600 --> 05:38:31,000
if the system
is compromised anytime.
8595
05:38:31,000 --> 05:38:33,000
So this way no harm is caused.
8596
05:38:33,000 --> 05:38:36,263
So like we discussed earlier
it also supports Digital
8597
05:38:36,263 --> 05:38:39,840
four and six digital forensics
experts need an environment
8598
05:38:39,840 --> 05:38:42,100
that does not
compromise their proof.
8599
05:38:42,100 --> 05:38:44,525
So pirate comes
with Autumn and functions
8600
05:38:44,525 --> 05:38:46,240
which are disabled by default
8601
05:38:46,240 --> 05:38:48,900
to all of four and six
Acquisitions to perform
8602
05:38:48,900 --> 05:38:50,200
in a very safe way.
8603
05:38:50,400 --> 05:38:52,200
So before you go ahead
8604
05:38:52,200 --> 05:38:54,600
and choose any
of these operating system,
8605
05:38:54,600 --> 05:38:56,700
make sure you check
out their features.
8606
05:38:56,700 --> 05:38:58,950
The services they offer
and make sure that
8607
05:38:58,950 --> 05:39:00,600
if they are suitable
for the task,
8608
05:39:00,600 --> 05:39:03,220
which you want to perform
but as for Peridot s
8609
05:39:03,220 --> 05:39:05,465
these are its features
we discussed earlier
8610
05:39:05,465 --> 05:39:07,126
and these are the certain points
8611
05:39:07,126 --> 05:39:09,100
that you should take
into consideration
8612
05:39:09,100 --> 05:39:10,771
before you go ahead and use it.
8613
05:39:10,771 --> 05:39:12,359
Now if you're wondering who
8614
05:39:12,359 --> 05:39:14,435
the parrot security
is made for well,
8615
05:39:14,435 --> 05:39:17,200
it's made for Security
Experts digital forensics
8616
05:39:17,200 --> 05:39:20,300
experts engineering
and IIT students researchers,
8617
05:39:20,300 --> 05:39:23,016
you have journalists and
activists as well in the list
8618
05:39:23,016 --> 05:39:25,751
and you have the new be
hackers police officers
8619
05:39:25,751 --> 05:39:26,986
and special security.
8620
05:39:26,986 --> 05:39:27,668
Institutions.
8621
05:39:27,668 --> 05:39:30,422
So basically if you ask me
it's suitable for a student
8622
05:39:30,422 --> 05:39:32,614
or the entry level
Security Experts as well.
8623
05:39:32,614 --> 05:39:33,800
So first, I'll show you
8624
05:39:33,800 --> 05:39:36,600
how to install para
sacar TOS on VMware.
8625
05:39:36,600 --> 05:39:38,700
So basically when it
comes to installation,
8626
05:39:38,700 --> 05:39:39,700
you have two options,
8627
05:39:39,700 --> 05:39:41,641
you can install
parrot security OS
8628
05:39:41,641 --> 05:39:44,829
alongside your operating system
using dual boot option
8629
05:39:44,829 --> 05:39:48,500
or you can install it using any
of these virtualization software
8630
05:39:48,500 --> 05:39:50,290
like virtual box or VMware.
8631
05:39:50,290 --> 05:39:51,847
Ask for today's session.
8632
05:39:51,847 --> 05:39:54,700
I'll show you
how to install it using VMware.
8633
05:39:54,700 --> 05:39:57,000
So let's get started
with our installation.
8634
05:39:57,900 --> 05:40:00,499
So, where is this search
for the pirate security West
8635
05:40:00,499 --> 05:40:03,500
and it most probably the first
link that you find on the net.
8636
05:40:03,500 --> 05:40:06,100
This is particle
TOS official website
8637
05:40:06,100 --> 05:40:06,895
as you can see,
8638
05:40:06,895 --> 05:40:09,000
there's a little bit
about its history.
8639
05:40:09,000 --> 05:40:09,764
Its features.
8640
05:40:09,764 --> 05:40:11,470
It says it's based on Debian.
8641
05:40:11,470 --> 05:40:14,600
It's designed for security
development and privacy in mind.
8642
05:40:14,600 --> 05:40:16,737
It also includes
a laboratory for security
8643
05:40:16,737 --> 05:40:20,287
and digital forensics experts
along with that it also focuses
8644
05:40:20,287 --> 05:40:22,400
if you want to develop
your own software
8645
05:40:22,400 --> 05:40:23,671
and all that and it's
8646
05:40:23,671 --> 05:40:27,000
project goals mostly a security
privacy and development.
8647
05:40:27,000 --> 05:40:30,270
This is the Which you should
consider important development
8648
05:40:30,270 --> 05:40:32,799
unlike other operating
systems its features.
8649
05:40:32,799 --> 05:40:34,089
It secure lightweight
8650
05:40:34,089 --> 05:40:37,588
when compared to Kali Linux
or any other operating systems
8651
05:40:37,588 --> 05:40:39,000
and it's a free source.
8652
05:40:39,000 --> 05:40:40,722
So go ahead and explore it.
8653
05:40:40,722 --> 05:40:42,700
So as for the download options,
8654
05:40:42,700 --> 05:40:44,800
you can go for
security addition here
8655
05:40:44,800 --> 05:40:47,800
and the download menu here you
can see other options as well.
8656
05:40:47,800 --> 05:40:50,000
It says home edition security
8657
05:40:50,000 --> 05:40:53,352
and other bills we discussed few
of the flavors of pirate.
8658
05:40:53,352 --> 05:40:54,100
Orsolya.
8659
05:40:54,100 --> 05:40:56,700
We discussed pirate home
part are part student
8660
05:40:56,700 --> 05:40:57,783
when you lose any weight
8661
05:40:57,783 --> 05:41:00,091
If you're concerned
with parrot security four point
8662
05:41:00,091 --> 05:41:02,400
five point one is a current
version that's running.
8663
05:41:02,400 --> 05:41:04,663
So you have two options
here to download.
8664
05:41:04,663 --> 05:41:06,700
First of all take
a look at the size.
8665
05:41:06,700 --> 05:41:08,800
It's 3.7 GB and 5.9 GB.
8666
05:41:08,800 --> 05:41:11,150
So make sure whichever
you want you downloading it
8667
05:41:11,150 --> 05:41:13,500
depending on your operating
system requirements.
8668
05:41:13,500 --> 05:41:16,500
And as you can see,
this is a lifeblood installer.
8669
05:41:16,500 --> 05:41:18,600
I so this is
a virtual Appliance.
8670
05:41:18,600 --> 05:41:20,200
You can choose any of these
8671
05:41:20,200 --> 05:41:22,000
if download is taking
a little longer
8672
05:41:22,000 --> 05:41:23,058
than you expected.
8673
05:41:23,058 --> 05:41:25,200
Maybe you can go
for mirrors or a torrent.
8674
05:41:25,200 --> 05:41:26,600
So I've already installed it.
8675
05:41:26,600 --> 05:41:28,408
I'm not doing it I have What is
8676
05:41:28,408 --> 05:41:31,500
a file as well as the Soviet
format installed as well?
8677
05:41:31,500 --> 05:41:34,200
Next thing we need
to do is install VMware.
8678
05:41:34,200 --> 05:41:37,500
So VMware VMware
Workstation Pro.
8679
05:41:38,300 --> 05:41:40,300
So you have
a download option here.
8680
05:41:40,300 --> 05:41:42,900
You can go ahead
and download it you have
8681
05:41:42,900 --> 05:41:46,100
for the free option yard
also have VMware Player.
8682
05:41:46,100 --> 05:41:47,600
I guess fate here.
8683
05:41:47,600 --> 05:41:51,400
I go the Ling sorry
about that here in the downloads
8684
05:41:51,400 --> 05:41:53,000
so you can go
for a workstation Pro
8685
05:41:53,000 --> 05:41:54,900
or you can also go
for workstation play
8686
05:41:54,900 --> 05:41:55,896
or hear any of this
8687
05:41:55,896 --> 05:41:58,400
with civil suits you have
he downloaded it.
8688
05:41:58,400 --> 05:41:59,782
It's going to take for a while.
8689
05:41:59,782 --> 05:42:01,700
And then all you have
to do is install click
8690
05:42:01,700 --> 05:42:04,000
on next and finish
the installation process.
8691
05:42:04,000 --> 05:42:06,000
So before you start
your virtual machine,
8692
05:42:06,000 --> 05:42:09,200
make sure you have
your parrot OS image ISO file
8693
05:42:09,200 --> 05:42:11,900
or Ruby a format
which ever is of your choice.
8694
05:42:11,900 --> 05:42:14,800
And then here we go
VMware Workstation homepage.
8695
05:42:14,800 --> 05:42:15,744
Yeah, as you can see
8696
05:42:15,744 --> 05:42:18,200
I already have a pirate
OS operating system installed
8697
05:42:18,200 --> 05:42:21,241
your or washing machine install
your this is I have install
8698
05:42:21,241 --> 05:42:22,145
it using ISO file.
8699
05:42:22,145 --> 05:42:22,918
It's very easy.
8700
05:42:22,918 --> 05:42:24,268
I'll show you how to do it.
8701
05:42:24,268 --> 05:42:25,600
But if you have ovf format,
8702
05:42:25,600 --> 05:42:28,000
all you have to do is click
on this file menu.
8703
05:42:28,000 --> 05:42:29,359
Open and as you can see,
8704
05:42:29,359 --> 05:42:32,332
I have a particle T over here
and click and import it.
8705
05:42:32,332 --> 05:42:34,800
That's all click select it
and click on open.
8706
05:42:34,800 --> 05:42:37,100
So I'm not going to show you
how to do that.
8707
05:42:37,300 --> 05:42:39,100
So it's very
straightforward process.
8708
05:42:39,100 --> 05:42:39,700
That's it.
8709
05:42:39,700 --> 05:42:40,700
This is my ISO file.
8710
05:42:40,700 --> 05:42:42,900
Let me show it to you again
how to install it.
8711
05:42:42,900 --> 05:42:44,100
Anyway current file
8712
05:42:44,100 --> 05:42:46,700
or you can just go for create
a new virtual machine.
8713
05:42:46,700 --> 05:42:51,000
Yah, click on next
and attached ISO file browse.
8714
05:42:51,000 --> 05:42:53,400
I have it in my
local this T here.
8715
05:42:53,400 --> 05:42:57,638
I have a pair of security
and open next it selinux it did.
8716
05:42:57,638 --> 05:43:00,999
Bian latest version
which is 64 bit and click
8717
05:43:00,999 --> 05:43:05,200
on next give any suitable name
for your virtual machine.
8718
05:43:05,200 --> 05:43:09,300
Let's say parrot
secured t Okay,
8719
05:43:09,700 --> 05:43:12,300
Wes and click on next.
8720
05:43:12,500 --> 05:43:15,400
Let's assign about
40 GB it again.
8721
05:43:15,400 --> 05:43:16,766
Depends on what you want to do.
8722
05:43:16,766 --> 05:43:18,000
If you're doing heavy tasks.
8723
05:43:18,000 --> 05:43:19,900
Maybe you can assign more disk.
8724
05:43:19,900 --> 05:43:22,900
So as it a store-bought
shall discuss a single file
8725
05:43:22,900 --> 05:43:24,495
or split into multiple files.
8726
05:43:24,495 --> 05:43:27,655
I'm going to choose single file
click on next and you
8727
05:43:27,655 --> 05:43:28,700
And always go ahead
8728
05:43:28,700 --> 05:43:31,600
and make this customize Hardware
settings earlier or later,
8729
05:43:31,900 --> 05:43:33,749
but you can do it now as well.
8730
05:43:33,749 --> 05:43:35,000
Customize Hardware.
8731
05:43:35,000 --> 05:43:36,600
I have not connection as
8732
05:43:36,600 --> 05:43:39,100
for network adapter
memory 5 to well,
8733
05:43:39,200 --> 05:43:43,200
let's just say 2 GB and not
8734
05:43:43,200 --> 05:43:45,046
yeah, we set processors.
8735
05:43:45,046 --> 05:43:48,507
I'm just designing one
for now cool and clues.
8736
05:43:48,700 --> 05:43:49,850
You can see the changes
8737
05:43:49,850 --> 05:43:51,600
which are made
are displayed here.
8738
05:43:51,600 --> 05:43:52,735
Once you're satisfied
8739
05:43:52,735 --> 05:43:55,600
with your settings with that
you made click on finish.
8740
05:43:55,600 --> 05:43:57,500
You're good to go your cigars.
8741
05:43:57,500 --> 05:44:00,147
System is been displaying
your so like I said,
8742
05:44:00,147 --> 05:44:02,300
you can always make
settings later on.
8743
05:44:02,300 --> 05:44:04,900
You have the set it question
machine setting options here.
8744
05:44:04,900 --> 05:44:06,100
Just click on this.
8745
05:44:07,500 --> 05:44:10,200
Let me maximize
the screen for you guys.
8746
05:44:10,200 --> 05:44:13,611
So as you can see the parrot
security ISO is very flexible.
8747
05:44:13,611 --> 05:44:16,850
There are quite a few options
you have live mode.
8748
05:44:16,850 --> 05:44:19,300
You have terminal mode
you have Ram mode.
8749
05:44:19,300 --> 05:44:22,895
So basically live mode is just
a standard live USB boot option
8750
05:44:22,895 --> 05:44:24,130
just like you can see
8751
05:44:24,130 --> 05:44:26,300
while you're installing
Kali Linux suppose.
8752
05:44:26,300 --> 05:44:28,400
If you don't know
how to install Kali Linux,
8753
05:44:28,400 --> 05:44:30,800
there's a video on how to
install it as well by durocher.
8754
05:44:30,800 --> 05:44:33,300
You can refer to that
in the the clacking playlist.
8755
05:44:33,300 --> 05:44:34,587
Okay, so coming back.
8756
05:44:34,587 --> 05:44:37,121
Sorry about that you
have Have a persistence
8757
05:44:37,121 --> 05:44:39,600
more encrypted persistence
foreign six mode
8758
05:44:39,600 --> 05:44:40,987
and all that terminal mode.
8759
05:44:40,987 --> 05:44:43,300
As you can see is
out of the live boot option.
8760
05:44:43,300 --> 05:44:46,304
But without graphical user
interface the most popular one
8761
05:44:46,304 --> 05:44:47,285
among new hackers,
8762
05:44:47,285 --> 05:44:49,956
or if you're the first time
user is install option
8763
05:44:49,956 --> 05:44:51,700
with a graphical user interface.
8764
05:44:51,700 --> 05:44:54,900
So it's almost familiar
with Kali Linux users.
8765
05:44:54,900 --> 05:44:56,900
If you want to get a feel
of parrot security
8766
05:44:56,900 --> 05:44:57,800
if analyst features,
8767
05:44:57,800 --> 05:44:59,188
maybe you can give
for live mode,
8768
05:44:59,188 --> 05:45:00,538
but if you want to get just
8769
05:45:00,538 --> 05:45:02,600
started then you can always
go for install mode.
8770
05:45:02,600 --> 05:45:06,400
I'm going to click on that
and click on standard install.
8771
05:45:08,000 --> 05:45:11,700
So it's mounting all
the installation tools
8772
05:45:11,700 --> 05:45:12,900
and all that.
8773
05:45:13,000 --> 05:45:16,800
So once the machine is booted
up you'll be asked to select
8774
05:45:16,800 --> 05:45:19,488
your preferred language
the broad menu select
8775
05:45:19,488 --> 05:45:21,400
the graphical installer options
8776
05:45:21,400 --> 05:45:23,300
and click on let's say English
8777
05:45:23,300 --> 05:45:26,500
and United States
American English.
8778
05:45:27,400 --> 05:45:28,300
So then the loader
8779
05:45:28,300 --> 05:45:30,900
will automatically install
some additional components
8780
05:45:30,900 --> 05:45:33,200
and configure your network
related settings.
8781
05:45:33,603 --> 05:45:35,296
It might take a while.
8782
05:45:36,100 --> 05:45:38,400
So basically then
the installer should prompt
8783
05:45:38,400 --> 05:45:40,700
you for a host name
and the root password.
8784
05:45:40,800 --> 05:45:43,700
Let's give some root
password give the password
8785
05:45:43,700 --> 05:45:48,800
of your choice reenter
the password for verification.
8786
05:45:49,600 --> 05:45:51,462
And now it's gonna ask you
8787
05:45:51,462 --> 05:45:54,400
to set up a user apart
from the root user.
8788
05:45:54,500 --> 05:45:57,700
So let's just say
test user continue.
8789
05:45:58,000 --> 05:46:00,449
I'm going to keep it
as tests continue
8790
05:46:00,449 --> 05:46:02,700
and choose a password
for the new user
8791
05:46:02,700 --> 05:46:03,600
which is different
8792
05:46:03,600 --> 05:46:06,300
from the root user password
that you'll have to remember.
8793
05:46:06,300 --> 05:46:08,400
What so just give this new user
8794
05:46:08,400 --> 05:46:12,300
a passport continue
re-enter the password?
8795
05:46:13,300 --> 05:46:13,800
Okay.
8796
05:46:13,800 --> 05:46:17,098
Let me just go back
and my mistake.
8797
05:46:17,100 --> 05:46:18,400
Let me try it again.
8798
05:46:19,500 --> 05:46:21,100
Select your time zone.
8799
05:46:21,100 --> 05:46:23,872
So basically after
you've set your password,
8800
05:46:23,872 --> 05:46:26,000
it's asking you
for the time zone.
8801
05:46:26,000 --> 05:46:28,000
Let's say central eastern.
8802
05:46:29,300 --> 05:46:32,182
So now the installer
will provide you four choices
8803
05:46:32,182 --> 05:46:34,000
about the partition of the disk.
8804
05:46:34,000 --> 05:46:35,091
The easiest option
8805
05:46:35,091 --> 05:46:37,788
for you is to use guided use
entire disk option
8806
05:46:37,788 --> 05:46:41,223
which the first option here
experienced users can always go
8807
05:46:41,223 --> 05:46:43,000
for manual partitioning method
8808
05:46:43,000 --> 05:46:45,600
for more granular
configuration options.
8809
05:46:47,110 --> 05:46:48,800
So yeah Gaiden partitioning
8810
05:46:48,800 --> 05:46:51,548
I'm going to select
that guide use entire disk.
8811
05:46:51,548 --> 05:46:53,576
This is the disc
we're going to store
8812
05:46:53,576 --> 05:46:54,400
so it's asking
8813
05:46:54,400 --> 05:46:57,700
if you want to store all files
in one partition or different.
8814
05:46:57,700 --> 05:46:59,500
Let's just say all files in one.
8815
05:46:59,500 --> 05:47:01,653
Mission and hit on continue.
8816
05:47:01,700 --> 05:47:03,900
So now we will have
to confirm all the changes
8817
05:47:03,900 --> 05:47:06,635
to be made to the disk
on the host machine be aware
8818
05:47:06,635 --> 05:47:09,323
that continuing will erase
the data on the disk.
8819
05:47:09,323 --> 05:47:12,499
So after that you can just click
on finish partitioning
8820
05:47:12,499 --> 05:47:13,800
and writing disk thing.
8821
05:47:13,800 --> 05:47:15,953
It's asking if you want
to write the changes
8822
05:47:15,953 --> 05:47:17,100
to the disk, obviously.
8823
05:47:17,100 --> 05:47:17,300
Yes.
8824
05:47:17,300 --> 05:47:17,800
So click.
8825
05:47:17,800 --> 05:47:18,200
Yes.
8826
05:47:18,500 --> 05:47:21,400
So once aren't confirming
the partition changes
8827
05:47:21,400 --> 05:47:23,500
the installer will run
through the process
8828
05:47:23,500 --> 05:47:27,338
of installing the files let it
install the system automatically
8829
05:47:27,338 --> 05:47:28,700
this may take a while.
8830
05:47:28,700 --> 05:47:31,800
So I'm we'll meet you guys
once installation is done.
8831
05:47:38,800 --> 05:47:40,700
So once installation
is done It'll ask you
8832
05:47:40,700 --> 05:47:42,800
if you want to install
the GRUB boot loader
8833
05:47:42,800 --> 05:47:44,400
on your hardest just say yes
8834
05:47:44,400 --> 05:47:46,000
and click on enter device
8835
05:47:46,000 --> 05:47:48,700
manually or sorry
just click the device,
8836
05:47:48,700 --> 05:47:51,000
which is already there go back.
8837
05:47:51,542 --> 05:47:55,157
The installation process
is now almost complete.
8838
05:47:57,700 --> 05:47:59,600
So guys the
installation is done.
8839
05:47:59,600 --> 05:48:01,194
Once the installation is done.
8840
05:48:01,194 --> 05:48:02,900
You can see the machine boots
8841
05:48:02,900 --> 05:48:05,471
you intimated desktop
environment as an if you
8842
05:48:05,471 --> 05:48:08,100
have chosen to install
option will be presented
8843
05:48:08,100 --> 05:48:10,200
with a light DM login screen.
8844
05:48:10,200 --> 05:48:12,508
So basically you'll have
to enter the password
8845
05:48:12,508 --> 05:48:15,057
and the which is set up
for the test use earlier.
8846
05:48:15,057 --> 05:48:16,184
Not the root password.
8847
05:48:16,184 --> 05:48:17,300
Please do remember that.
8848
05:48:17,300 --> 05:48:19,400
I'm sure you remember
setting up a password
8849
05:48:19,400 --> 05:48:22,700
for the user right
that password and login.
8850
05:48:25,011 --> 05:48:26,088
So here we go.
8851
05:48:26,700 --> 05:48:29,026
So guys here we are
as you can see
8852
05:48:29,026 --> 05:48:32,708
the machine boots you into
the mate desktop environment.
8853
05:48:32,708 --> 05:48:35,209
Let me pronounce it
M80 you can call it
8854
05:48:35,209 --> 05:48:38,500
whatever you want mate
or mate desktop environment.
8855
05:48:38,500 --> 05:48:39,587
So as you can see,
8856
05:48:39,587 --> 05:48:41,279
it's very good looking apart
8857
05:48:41,279 --> 05:48:44,300
from that parrot Security
will automatically detect
8858
05:48:44,300 --> 05:48:45,600
when updates are available
8859
05:48:45,600 --> 05:48:48,600
and prompt you to update
the system as soon as you
8860
05:48:48,600 --> 05:48:49,600
install it here.
8861
05:48:49,600 --> 05:48:52,500
It's not showing it to me
because I've already updated it,
8862
05:48:52,500 --> 05:48:55,500
but Otherwise, all you can do
is just go to the terminal here.
8863
05:48:55,500 --> 05:48:58,100
You can see terminal option
here right go to terminal there
8864
05:48:58,100 --> 05:49:03,400
and just say sudo apt-get update
last me for the password.
8865
05:49:06,600 --> 05:49:07,900
How'd it go?
8866
05:49:10,000 --> 05:49:13,300
Might be a matter of updated
in another virtual machine.
8867
05:49:13,300 --> 05:49:15,500
Anyway, I installed
the other one as well.
8868
05:49:15,500 --> 05:49:18,000
Maybe it's in that anyway,
I'll update for you.
8869
05:49:18,000 --> 05:49:20,800
So let me just minimize this
while it's updating.
8870
05:49:20,800 --> 05:49:22,800
Let's go ahead
and do other things.
8871
05:49:22,800 --> 05:49:24,400
So it's almost done I guess.
8872
05:49:24,400 --> 05:49:26,700
Yeah, as you can see
it's almost updated
8873
05:49:26,700 --> 05:49:28,500
and it says 116 packages
8874
05:49:28,500 --> 05:49:32,200
more can be upgraded and if I
want to have to run update list,
8875
05:49:32,200 --> 05:49:34,249
if you want to see
which of those packets
8876
05:49:34,249 --> 05:49:36,760
are have to just list out
those using app command.
8877
05:49:36,760 --> 05:49:38,400
Yo, I'm not showing
you two guys.
8878
05:49:38,400 --> 05:49:41,300
So anyway when you're making
you First make sure you system
8879
05:49:41,300 --> 05:49:42,900
always stays updated.
8880
05:49:42,900 --> 05:49:46,100
Okay, let's go back
to exploring parrot towards so
8881
05:49:46,100 --> 05:49:47,900
as you can see
system is laid out
8882
05:49:47,900 --> 05:49:49,500
in a very straightforward manner
8883
05:49:49,500 --> 05:49:52,400
with a collection of tools that
you might be familiar with.
8884
05:49:52,400 --> 05:49:53,770
If you're using Kali Linux
8885
05:49:53,770 --> 05:49:56,667
before the menu system is
almost similar to Kali Linux
8886
05:49:56,667 --> 05:49:59,400
and it's very easy to navigate
the real differences
8887
05:49:59,400 --> 05:50:03,100
that parrot security is meant
to be used as a daily driver as
8888
05:50:03,100 --> 05:50:04,633
in your regular operating system
8889
05:50:04,633 --> 05:50:06,680
through the other things
as well to prove
8890
05:50:06,680 --> 05:50:09,700
that you can see you have sound
and video options here a lot
8891
05:50:09,700 --> 05:50:13,000
of Grabbing languages options
as well you have system tools
8892
05:50:13,000 --> 05:50:17,103
and you have Graphics included
you have office applications
8893
05:50:17,103 --> 05:50:18,978
of software's you have base.
8894
05:50:18,978 --> 05:50:20,300
You have math writer
8895
05:50:20,300 --> 05:50:23,800
and planner just like any other
normal operating system.
8896
05:50:23,800 --> 05:50:26,971
So while you can use color index
as a desktop workstation,
8897
05:50:26,971 --> 05:50:30,006
it is really is a penetration
testing distribution first.
8898
05:50:30,006 --> 05:50:31,596
I'm talking about Kali Linux.
8899
05:50:31,596 --> 05:50:33,875
So with curly you need
to build the system
8900
05:50:33,875 --> 05:50:35,581
towards being a daily use system
8901
05:50:35,581 --> 05:50:38,283
as in you start using
Kali Linux you need to modify
8902
05:50:38,283 --> 05:50:39,959
or you need to customize it in.
8903
05:50:39,959 --> 05:50:42,555
Your way that you make
it more plausible or easy
8904
05:50:42,555 --> 05:50:44,600
for you to use
for the daily purposes,
8905
05:50:44,600 --> 05:50:48,000
but that's not the case with
parrot security OS its interface
8906
05:50:48,000 --> 05:50:49,249
and everything is so good.
8907
05:50:49,249 --> 05:50:51,600
It almost appears
like a normal operating system
8908
05:50:51,600 --> 05:50:54,100
and it is like a very
normal operating system.
8909
05:50:54,100 --> 05:50:56,000
So you have
your penetrating distance
8910
05:50:56,000 --> 05:50:58,200
which are there and along
with that you have
8911
05:50:58,200 --> 05:51:01,900
your day-to-day applications are
also there in this now talking
8912
05:51:01,900 --> 05:51:03,791
about the system requirements
8913
05:51:03,791 --> 05:51:06,400
the default palette
Security install uses
8914
05:51:06,400 --> 05:51:08,300
about 300 13 MB of ram.
8915
05:51:08,300 --> 05:51:11,300
So as you can see here you
can see The squad little bar.
8916
05:51:11,300 --> 05:51:12,800
It's like a task manager,
8917
05:51:12,800 --> 05:51:15,800
which you can find it in
your windows can click on that.
8918
05:51:15,800 --> 05:51:18,200
It will show you all
the progress that's going on.
8919
05:51:18,350 --> 05:51:19,350
First of all,
8920
05:51:19,400 --> 05:51:23,400
it says the pirate gnu
Linux system in the release
8921
05:51:23,446 --> 05:51:24,600
and the colonel
8922
05:51:24,600 --> 05:51:27,100
all the information
about your ISO file
8923
05:51:27,100 --> 05:51:29,511
and you have made
desktop environment here
8924
05:51:29,511 --> 05:51:30,323
in the hardware,
8925
05:51:30,323 --> 05:51:33,234
which is this and the presser
it's based on available space
8926
05:51:33,234 --> 05:51:35,472
and all that when you
click on the processes,
8927
05:51:35,472 --> 05:51:37,761
it shows all the processor
which are currently
8928
05:51:37,761 --> 05:51:40,000
running sleeping just
like your task manager.
8929
05:51:40,000 --> 05:51:41,900
And your Windows
operating system.
8930
05:51:41,900 --> 05:51:43,396
So yeah, like I said,
8931
05:51:43,396 --> 05:51:47,600
it requires about 200 13 MB
of ram approximately around that
8932
05:51:47,600 --> 05:51:48,500
but of course,
8933
05:51:48,500 --> 05:51:51,000
this is only system
related process running
8934
05:51:51,000 --> 05:51:52,400
when compared to Kali Linux.
8935
05:51:52,400 --> 05:51:55,100
It's very lightweight
callanetics install requires
8936
05:51:55,100 --> 05:51:56,500
about 600 4 MB of RAM
8937
05:51:56,500 --> 05:51:59,256
and that too only with system
related process running.
8938
05:51:59,256 --> 05:52:01,700
So, like I said,
it's a very lightweight system.
8939
05:52:01,700 --> 05:52:02,800
So yeah, the bar is
8940
05:52:02,800 --> 05:52:04,800
a task manager it
lists all the processes
8941
05:52:04,800 --> 05:52:07,800
that are running and all that
you obviously have a terminal
8942
05:52:07,800 --> 05:52:10,900
which I showed earlier
the Cool thing with terminal is
8943
05:52:10,900 --> 05:52:12,800
that it goes
with their interface.
8944
05:52:12,800 --> 05:52:13,600
Other than that.
8945
05:52:13,600 --> 05:52:15,800
It's pretty much
like any other normal dominant.
8946
05:52:15,800 --> 05:52:18,300
And then there is a pure ends
of the interface.
8947
05:52:18,300 --> 05:52:21,779
I mean my first reaction
when I saw it was wow, amazing,
8948
05:52:21,779 --> 05:52:24,500
right when compared
to the plain Kali Linux.
8949
05:52:24,500 --> 05:52:26,906
So yeah, you get
to use cool collection
8950
05:52:26,906 --> 05:52:28,300
of wallpapers as well.
8951
05:52:28,300 --> 05:52:31,200
You have change
desktop background here you
8952
05:52:31,200 --> 05:52:34,900
have fonts interface and see
you have quite a lot
8953
05:52:34,900 --> 05:52:36,900
of collection of wallpapers
8954
05:52:36,900 --> 05:52:40,000
and you can go ahead and add
your Customs as well.
8955
05:52:40,200 --> 05:52:42,400
That's all about the interface.
8956
05:52:42,400 --> 05:52:43,600
And like I said,
8957
05:52:43,600 --> 05:52:45,500
it's like any other
normal operating system.
8958
05:52:45,500 --> 05:52:48,100
So it comes with a lot
of programming languages
8959
05:52:48,100 --> 05:52:50,400
and a bunch of text editors.
8960
05:52:50,700 --> 05:52:52,900
You also have IDs as well.
8961
05:52:52,923 --> 05:52:56,076
It uses plume as
your default text editor.
8962
05:52:56,500 --> 05:52:58,000
So that's it
8963
05:52:58,000 --> 05:53:01,400
when talking about the normal
operating system not talk
8964
05:53:01,400 --> 05:53:03,782
about the performance
almost all of his know
8965
05:53:03,782 --> 05:53:05,500
that color index is a bit laggy
8966
05:53:05,500 --> 05:53:07,505
and when you run it
on a low-end system,
8967
05:53:07,505 --> 05:53:09,100
sometimes it's like a nightmare
8968
05:53:09,100 --> 05:53:11,398
when you have Have
Brute Force attack going on
8969
05:53:11,398 --> 05:53:12,457
in the background.
8970
05:53:12,457 --> 05:53:14,000
Are you doing something else?
8971
05:53:14,000 --> 05:53:17,824
It's gonna be worried say stock
or it's very slow but imperative
8972
05:53:17,824 --> 05:53:18,900
it's very lightweight
8973
05:53:18,900 --> 05:53:20,700
and doesn't like much
as you can see,
8974
05:53:20,700 --> 05:53:23,963
it's smooth now talk
about Hardware requirements.
8975
05:53:23,963 --> 05:53:25,800
Pretty much both Kali Linux
8976
05:53:25,800 --> 05:53:28,270
and your parrot required
high end Hardware,
8977
05:53:28,270 --> 05:53:31,000
but Pat, it needs
low specification Hardware
8978
05:53:31,000 --> 05:53:32,300
as compared to Kali.
8979
05:53:32,300 --> 05:53:33,878
So if I have to conclude
8980
05:53:33,878 --> 05:53:36,734
and one board parrot is
a good-looking distro.
8981
05:53:36,734 --> 05:53:39,400
It's very lightweight
its resource friendly
8982
05:53:39,400 --> 05:53:40,232
and Want to know
8983
05:53:40,232 --> 05:53:42,000
how much resources
consuming and all
8984
05:53:42,000 --> 05:53:44,450
that you can always go
at click on the little bar,
8985
05:53:44,450 --> 05:53:45,700
which is available there.
8986
05:53:45,700 --> 05:53:46,896
Click on the resources.
8987
05:53:46,896 --> 05:53:48,041
You can see the CPU is
8988
05:53:48,041 --> 05:53:50,800
tree memory Network history
file systems and all that.
8989
05:53:50,900 --> 05:53:52,800
So basically it's
a good-looking distro
8990
05:53:52,800 --> 05:53:54,600
lightweight resource friendly.
8991
05:53:54,600 --> 05:53:56,430
All this features apart tight.
8992
05:53:56,430 --> 05:54:00,152
Security Os Os has pretty good
collection of features as well,
8993
05:54:00,152 --> 05:54:01,800
which we discussed earlier.
8994
05:54:01,800 --> 05:54:04,500
It comes like what hell
lot of tools,
8995
05:54:04,500 --> 05:54:05,900
but if you see the sections,
8996
05:54:05,900 --> 05:54:08,900
there are a lot of other things
which are not in Kali Linux.
8997
05:54:08,900 --> 05:54:11,000
So the most A pointed
tool here is
8998
05:54:11,000 --> 05:54:14,100
that in Kali Linux is supposed
want to say private
8999
05:54:14,100 --> 05:54:16,878
when you're doing hacking
or any other stuff.
9000
05:54:16,878 --> 05:54:19,089
You have to install
a non serve tour
9001
05:54:19,089 --> 05:54:21,100
and then enable them
or proxy chain.
9002
05:54:21,100 --> 05:54:23,900
You also have the option
of proxy chains to stay yourself
9003
05:54:23,900 --> 05:54:26,050
Anonymous on the system
by you doing hacking
9004
05:54:26,050 --> 05:54:27,400
or pen testing or anything,
9005
05:54:27,400 --> 05:54:30,983
but with parrot OS you already
have an answer of pre-installed.
9006
05:54:30,983 --> 05:54:33,700
All you have to do is click
on the start button.
9007
05:54:33,700 --> 05:54:35,700
So let me show you
how to stay Anonymous.
9008
05:54:35,900 --> 05:54:37,600
So this is one
of the best feature
9009
05:54:37,600 --> 05:54:39,936
and Palette security OS
it has proxy change.
9010
05:54:39,936 --> 05:54:42,600
As well as an unsafe to make
yourself an anonymous
9011
05:54:42,700 --> 05:54:44,600
so you can go for this announcer
9012
05:54:44,600 --> 05:54:47,240
of and click on and on
Star talk before that.
9013
05:54:47,240 --> 05:54:49,400
You can check your IP
of your system.
9014
05:54:49,600 --> 05:54:53,100
So it says 1.65 1.73
doesn't just remember
9015
05:54:53,100 --> 05:54:55,400
it don't have to note
it down anywhere.
9016
05:54:55,400 --> 05:54:57,800
Well, not 651 76 now now
9017
05:54:57,800 --> 05:55:01,600
if I go and enable
this first of all L ask you
9018
05:55:01,600 --> 05:55:07,400
for the administration
passport give that Okay.
9019
05:55:07,800 --> 05:55:09,800
So basically once you
enter the password,
9020
05:55:09,900 --> 05:55:10,500
I'll ask you
9021
05:55:10,500 --> 05:55:13,500
if you want an answer
to kill the dangerous process
9022
05:55:13,500 --> 05:55:16,762
which that can be D anonymize
you are clear cache files
9023
05:55:16,762 --> 05:55:19,300
or modify your IP table rules
and all that.
9024
05:55:19,300 --> 05:55:20,031
It'll ask you
9025
05:55:20,031 --> 05:55:22,000
if you want to do
that just say yes.
9026
05:55:22,000 --> 05:55:24,235
So basically as
soon as you click on S,
9027
05:55:24,235 --> 05:55:27,380
as you can see the notifications
here the tool will attempt
9028
05:55:27,380 --> 05:55:30,200
to kill dangerous processes
that can be anonymous you
9029
05:55:30,200 --> 05:55:32,700
anytime it will clear
your cache files.
9030
05:55:32,700 --> 05:55:35,600
It will modify
your iptables modify your
9031
05:55:35,600 --> 05:55:38,500
Of config file disable your IPv6
9032
05:55:38,800 --> 05:55:41,900
and only allow you
the outbound traffic through top
9033
05:55:41,900 --> 05:55:44,800
as you can see it's a store
is running started for you.
9034
05:55:44,800 --> 05:55:47,100
Imagine doing all
this stuff by yourself.
9035
05:55:47,100 --> 05:55:49,500
If you don't have
an answer fly can call it an X.
9036
05:55:49,500 --> 05:55:51,752
This would be quite a bit
of effort manually,
9037
05:55:51,752 --> 05:55:53,800
but with the script
already present here,
9038
05:55:53,800 --> 05:55:55,257
it's just a click away.
9039
05:55:55,257 --> 05:55:58,199
So parrot security
also includes a seminal script
9040
05:55:58,199 --> 05:56:00,114
for i2p as well apart from that
9041
05:56:00,114 --> 05:56:02,500
once you've enabled
you can also check
9042
05:56:02,500 --> 05:56:04,500
like I said your IP address now.
9043
05:56:14,100 --> 05:56:18,500
So as you can see it says Global
Anonymous proxy activated dance,
9044
05:56:18,500 --> 05:56:21,000
like no one's watching encrypt
like everyone is so
9045
05:56:21,000 --> 05:56:23,800
basically it's saying
the surf is started out.
9046
05:56:26,100 --> 05:56:28,612
As you can see my IP address
has been changed it
9047
05:56:28,612 --> 05:56:30,311
for something of 160 something.
9048
05:56:30,311 --> 05:56:31,570
But right now it's 182.
9049
05:56:31,570 --> 05:56:34,259
So on and on surf has made
me Anonymous now,
9050
05:56:34,259 --> 05:56:37,200
I can do whatever you want
in an anonymous mode.
9051
05:56:37,207 --> 05:56:42,600
So that's all I wanted to show
you here now back to Firefox.
9052
05:56:42,700 --> 05:56:45,400
It has quite
a documentation part.
9053
05:56:45,400 --> 05:56:46,414
Well, it's still
9054
05:56:46,414 --> 05:56:49,900
in the creation stage here
is you can see documentation.
9055
05:56:49,900 --> 05:56:53,000
It's not all that well prepared
or created yet.
9056
05:56:53,000 --> 05:56:55,800
So if you have any minor dot
you can go ahead and refer
9057
05:56:55,800 --> 05:56:57,600
to the Documentation party.
9058
05:56:57,600 --> 05:56:59,231
Oh, so here you go.
9059
05:56:59,800 --> 05:57:03,400
Okay, then let's go
back to the Destro.
9060
05:57:03,700 --> 05:57:06,400
One thing that you can point out
about parity with is
9061
05:57:06,400 --> 05:57:10,000
that it has a lot
of cryptography tools such as
9062
05:57:10,000 --> 05:57:13,800
it has Zulu script Zulu mount
a graphical utility
9063
05:57:13,800 --> 05:57:16,400
that will help you mount
your encrypted volumes.
9064
05:57:16,400 --> 05:57:18,756
Then there is something
called Crypt Keeper.
9065
05:57:18,756 --> 05:57:20,400
It's another graphical utility
9066
05:57:20,400 --> 05:57:23,906
that allows you to manage
encrypted folders and much more.
9067
05:57:23,906 --> 05:57:25,906
These agilities
makes confidential.
9068
05:57:25,906 --> 05:57:29,000
LT easily accessible anyone
with the minimal experience.
9069
05:57:29,000 --> 05:57:31,800
I mean if you do not have
any idea about cryptography you
9070
05:57:31,800 --> 05:57:34,000
can easily start learning your
that's what I meant.
9071
05:57:34,000 --> 05:57:35,352
So it just doesn't stop
9072
05:57:35,352 --> 05:57:38,729
with cryptography or a non surf
you have lot of other tools
9073
05:57:38,729 --> 05:57:41,000
which you might not find
and color next.
9074
05:57:41,000 --> 05:57:42,931
So let me show
you guys that part
9075
05:57:42,931 --> 05:57:46,700
as you can see you have lot of
tools you have most used tools,
9076
05:57:46,700 --> 05:57:47,900
which is Armitage.
9077
05:57:47,900 --> 05:57:51,100
You have Wireshark Zen map
over a span all
9078
05:57:51,100 --> 05:57:54,200
that then you have
wireless testing tools.
9079
05:57:54,396 --> 05:57:55,703
Give me a second.
9080
05:57:56,100 --> 05:57:57,800
Yeah, post exploitation this set
9081
05:57:57,800 --> 05:58:00,300
of tools mostly you can't find
them in the Kali Linux.
9082
05:58:00,300 --> 05:58:03,000
You have OS back door
towards webpack dough tools.
9083
05:58:03,000 --> 05:58:05,900
You have web Covey
bleep and all that
9084
05:58:06,400 --> 05:58:10,400
and you have something called
social engineering kit.
9085
05:58:10,400 --> 05:58:11,164
If I'm right.
9086
05:58:11,164 --> 05:58:13,116
It should be
in the exploitation tools.
9087
05:58:13,116 --> 05:58:14,454
Whereas exploitation here
9088
05:58:14,454 --> 05:58:17,400
how you can see a social
engineering tool kit just click
9089
05:58:17,400 --> 05:58:18,854
on that password.
9090
05:58:19,100 --> 05:58:20,805
So it is started up all that.
9091
05:58:20,805 --> 05:58:22,100
So if I just click one,
9092
05:58:22,100 --> 05:58:24,950
you have a lot of options
the update set configuration you
9093
05:58:24,950 --> 05:58:25,877
have Social Links.
9094
05:58:25,877 --> 05:58:28,300
Attacks you have different type
of attacks here.
9095
05:58:28,300 --> 05:58:30,200
You have power
shell attack vectors.
9096
05:58:30,200 --> 05:58:32,000
You have mass mailer attack
9097
05:58:32,000 --> 05:58:34,500
you have phishing
attack vectors and all that.
9098
05:58:34,500 --> 05:58:36,800
So basically you can click
on that and enable all
9099
05:58:36,800 --> 05:58:39,650
that acts not going to show you
in this demo how to do it.
9100
05:58:39,650 --> 05:58:41,784
This is just the basic
introductory video
9101
05:58:41,784 --> 05:58:42,638
about Peridot s.
9102
05:58:42,638 --> 05:58:44,400
So, let me just
close the terminal
9103
05:58:44,600 --> 05:58:47,400
while there are common tools
like you have nmap.
9104
05:58:47,400 --> 05:58:49,341
I'm sure you know
how to use nmap.
9105
05:58:49,341 --> 05:58:50,900
Let me just show you anyway
9106
05:58:51,000 --> 05:58:53,200
and then map is one
of the scanning tools.
9107
05:58:53,200 --> 05:58:55,900
You can find it
in information guy.
9108
05:58:55,900 --> 05:58:58,500
Drink, I'm short and map
is you're here to one
9109
05:58:58,500 --> 05:58:59,573
of the basic tools.
9110
05:58:59,573 --> 05:59:02,400
Okay, let's just explore and map
and Demetria here.
9111
05:59:02,400 --> 05:59:03,500
Let me just show you
9112
05:59:03,500 --> 05:59:05,144
how to use nmap first just
9113
05:59:05,144 --> 05:59:08,100
click and map you have
all the help or then
9114
05:59:08,100 --> 05:59:10,800
map configuration options
are displayed in front of you.
9115
05:59:10,800 --> 05:59:12,992
If you don't have to use
just go through them.
9116
05:59:12,992 --> 05:59:14,900
It's pretty easy
a simple example.
9117
05:59:14,900 --> 05:59:17,200
I'm already using the one
which is already there.
9118
05:59:17,200 --> 05:59:22,100
Just say scan me
dot nmap dot orgy.
9119
05:59:22,500 --> 05:59:25,100
Okay your aegyo making
spelling mistake again.
9120
05:59:27,700 --> 05:59:29,000
Sorry about that.
9121
05:59:29,000 --> 05:59:30,700
It's gonna take a little while.
9122
05:59:30,700 --> 05:59:32,400
That's all while it's scanning.
9123
05:59:32,400 --> 05:59:34,700
Let me just show
you another tool,
9124
05:59:34,700 --> 05:59:36,400
which is Dimitri.
9125
05:59:36,400 --> 05:59:39,000
It's a deep magic
information gathering tool.
9126
05:59:39,000 --> 05:59:40,034
It has ability.
9127
05:59:40,034 --> 05:59:41,000
So here it is.
9128
05:59:41,000 --> 05:59:43,156
It should be in the information
9129
05:59:43,156 --> 05:59:45,800
gathering only you
have your here goes.
9130
05:59:45,800 --> 05:59:47,116
So basically, like I said,
9131
05:59:47,116 --> 05:59:49,900
it has ability to gather as
much information as possible
9132
05:59:49,900 --> 05:59:51,500
about a hose subdomains.
9133
05:59:51,500 --> 05:59:54,275
It's email and
formation TCP port scan
9134
05:59:54,275 --> 05:59:56,300
who's look up and all that.
9135
05:59:56,300 --> 05:59:57,700
Let's just check out.
9136
05:59:57,700 --> 05:59:59,700
Then map scanning is done.
9137
05:59:59,900 --> 06:00:01,500
Here is the terminal.
9138
06:00:01,900 --> 06:00:03,500
Yeah, it's gonna take
a little while.
9139
06:00:03,500 --> 06:00:04,700
So once the scanning is done,
9140
06:00:04,700 --> 06:00:06,626
it's going to show you
how many seconds it took
9141
06:00:06,626 --> 06:00:07,500
what are the pores
9142
06:00:07,500 --> 06:00:09,700
which are open
and the close personal
9143
06:00:09,700 --> 06:00:12,600
that now about the material
you can enable it
9144
06:00:12,600 --> 06:00:13,800
from your dominant,
9145
06:00:13,800 --> 06:00:17,000
but you can also do it
from here information gathering
9146
06:00:17,000 --> 06:00:18,300
and click on the me.
9147
06:00:18,300 --> 06:00:19,700
Try password.
9148
06:00:20,000 --> 06:00:23,800
So let's say Huh?
9149
06:00:24,200 --> 06:00:25,300
Here we go.
9150
06:00:25,300 --> 06:00:26,319
So let me maximize.
9151
06:00:26,319 --> 06:00:29,010
All you have to do is
you have lot of options here.
9152
06:00:29,010 --> 06:00:31,124
You have W,
which performs a who's look up
9153
06:00:31,124 --> 06:00:33,600
you can do it online as
an using Firefox as well.
9154
06:00:33,600 --> 06:00:34,900
You have a lot of websites
9155
06:00:34,900 --> 06:00:36,792
where you can gather
all the information
9156
06:00:36,792 --> 06:00:38,200
once you have your IP address
9157
06:00:38,200 --> 06:00:40,550
or and all that
and you have retrieved
9158
06:00:40,550 --> 06:00:42,700
and crafts outcome information
on host perform search
9159
06:00:42,700 --> 06:00:45,100
for possible subdomains
email address and all that.
9160
06:00:45,100 --> 06:00:47,700
So basically you can give
all this options in one go.
9161
06:00:47,800 --> 06:00:52,900
Let's say TR y - -
9162
06:00:52,900 --> 06:00:56,000
option taste output
your host or text or to
9163
06:00:56,000 --> 06:00:58,407
the file specified by -
9164
06:00:58,407 --> 06:01:02,984
oh, so I just press click 0,
let me just gives pseudo.
9165
06:01:04,000 --> 06:01:06,600
Let me just check
if I've given any file here.
9166
06:01:07,200 --> 06:01:09,900
I do have a file
called test dot txt.
9167
06:01:09,900 --> 06:01:10,800
Okay.
9168
06:01:11,500 --> 06:01:13,700
So like I said
in the iPhone option,
9169
06:01:13,700 --> 06:01:16,500
it will save your output to
the dot txt file out of the file
9170
06:01:16,500 --> 06:01:18,100
specified by - no option.
9171
06:01:18,100 --> 06:01:19,814
So basically just
specify the filename
9172
06:01:19,814 --> 06:01:21,900
where you want to store
the all the scan info.
9173
06:01:21,900 --> 06:01:24,504
Whoa, and the website
where you want to website
9174
06:01:24,504 --> 06:01:26,600
of whose information
you want to scan.
9175
06:01:26,600 --> 06:01:29,300
So let's say the blue
dot pinterest.com.
9176
06:01:31,800 --> 06:01:32,600
Here you go.
9177
06:01:32,600 --> 06:01:33,980
It started scanning.
9178
06:01:33,980 --> 06:01:35,500
Let me just scroll up.
9179
06:01:37,200 --> 06:01:40,500
The host name and the host
IP addresses showing
9180
06:01:40,500 --> 06:01:41,979
once you have IP addresses,
9181
06:01:41,979 --> 06:01:44,500
you know can gather almost
all the information.
9182
06:01:44,500 --> 06:01:48,100
It's also showing the places
where it's coordinated.
9183
06:01:48,100 --> 06:01:50,600
It's created lost modified.
9184
06:01:50,800 --> 06:01:53,483
You have sources you
have address here
9185
06:01:53,483 --> 06:01:57,200
and then yeah last modified
created sores and all that.
9186
06:01:57,200 --> 06:02:00,200
So basically it's showing a lot
of information here.
9187
06:02:00,200 --> 06:02:00,800
Similarly.
9188
06:02:00,800 --> 06:02:02,200
You can using Dmitry
9189
06:02:02,200 --> 06:02:05,100
or a deep magic information
gathering tool you can actually
9190
06:02:05,100 --> 06:02:07,400
gather information about any
other website you want to know.
9191
06:02:07,400 --> 06:02:10,500
Let's just check out
if in map is done scanning.
9192
06:02:10,500 --> 06:02:12,961
So see as you can see it's done.
9193
06:02:13,000 --> 06:02:15,900
So I've given a website name
here instead of that.
9194
06:02:15,900 --> 06:02:17,700
You can go ahead
and give the IP address
9195
06:02:17,700 --> 06:02:18,600
which is this one
9196
06:02:18,600 --> 06:02:20,997
and it will show you
the same results as you can see.
9197
06:02:20,997 --> 06:02:23,249
There are a lot of ports
usually nmap scan is
9198
06:02:23,249 --> 06:02:25,600
about more than thousand votes
as you can see.
9199
06:02:25,600 --> 06:02:28,900
It says 992 of the clothes pose
and these are the open ports
9200
06:02:28,900 --> 06:02:31,610
and suppose you want to know
more information about each Port
9201
06:02:31,610 --> 06:02:34,508
because basically if your hacker
if you try to hack something you
9202
06:02:34,508 --> 06:02:36,341
don't need information
about all the ports.
9203
06:02:36,341 --> 06:02:38,859
It's basically the One port
which you want to so to know
9204
06:02:38,859 --> 06:02:40,600
that you can there are
a lot of options
9205
06:02:40,600 --> 06:02:42,200
which are provided by a map.
9206
06:02:42,200 --> 06:02:44,100
If you want to know more
about by and Map There's
9207
06:02:44,100 --> 06:02:46,700
and video and I'd wake up
playlist all about in map.
9208
06:02:46,700 --> 06:02:48,292
It's under network security.
9209
06:02:48,292 --> 06:02:50,599
So you make sure
to take a look at that.
9210
06:02:50,599 --> 06:02:53,400
So while you are taking a look
at particular device,
9211
06:02:53,400 --> 06:02:54,600
make sure you go ahead
9212
06:02:54,600 --> 06:02:56,700
and watch a video
on Kali Linux as well.
9213
06:02:56,700 --> 06:02:58,994
So you will know
how different Heroes
9214
06:02:58,994 --> 06:03:00,205
and color index are
9215
06:03:00,205 --> 06:03:02,500
though they are similar
in few parts.
9216
06:03:02,500 --> 06:03:05,800
So that's it about system
as in parrot OS so
9217
06:03:05,800 --> 06:03:07,000
like I said, it's
9218
06:03:07,000 --> 06:03:08,248
On good-looking distro,
9219
06:03:08,248 --> 06:03:10,800
which is lightweight
when compared to Kali Linux
9220
06:03:10,800 --> 06:03:13,400
and lot of tools lot
of unique tools as well.
9221
06:03:13,400 --> 06:03:16,700
When compared to Kali Linux and
it's very smooth away smooth.
9222
06:03:16,700 --> 06:03:18,600
Oh apart from all
these good things.
9223
06:03:18,600 --> 06:03:19,731
There are a few things
9224
06:03:19,731 --> 06:03:21,531
that are problematic
with part ways.
9225
06:03:21,531 --> 06:03:22,201
First of all,
9226
06:03:22,201 --> 06:03:24,029
like you don't find
our search body.
9227
06:03:24,029 --> 06:03:25,543
Oh, that's not a problem.
9228
06:03:25,543 --> 06:03:26,875
But that's one demerit
9229
06:03:26,875 --> 06:03:29,522
you can say and it's
also a little problematic
9230
06:03:29,522 --> 06:03:32,700
when it comes to launching your
application the process LL slow
9231
06:03:32,700 --> 06:03:33,900
and like Carla lineage.
9232
06:03:33,900 --> 06:03:37,305
So guys, this is your
parrot OS so basically Lee
9233
06:03:37,305 --> 06:03:38,900
this was a crisp video
9234
06:03:38,900 --> 06:03:42,000
on what parrot devices
it's review its features
9235
06:03:42,000 --> 06:03:45,783
and all that and make sure
to watch a video on pero no es
9236
06:03:45,783 --> 06:03:47,000
versus Kali Linux.
9237
06:03:51,800 --> 06:03:55,415
So Linux has been known
for its various distributions
9238
06:03:55,415 --> 06:03:57,500
that cater to various needs one
9239
06:03:57,500 --> 06:04:00,500
of the most famous
distributions is Kali Linux
9240
06:04:00,500 --> 06:04:03,400
that is a penetration
testing oriented distribution,
9241
06:04:03,400 --> 06:04:04,600
which was built to bring
9242
06:04:04,600 --> 06:04:07,300
about much-needed Corrections
in its previous.
9243
06:04:07,300 --> 06:04:10,000
Duration known as
backtrack OS now
9244
06:04:10,000 --> 06:04:12,121
since the release of Kali Linux.
9245
06:04:12,121 --> 06:04:12,812
It has gone
9246
06:04:12,812 --> 06:04:15,820
under various iterations
in the form of updates
9247
06:04:15,820 --> 06:04:17,787
while other penetration testing
9248
06:04:17,787 --> 06:04:20,407
and security related
distributions were also
9249
06:04:20,407 --> 06:04:22,600
being developed all
around the world.
9250
06:04:22,600 --> 06:04:23,717
So in this session,
9251
06:04:23,717 --> 06:04:24,894
we will compare Kali
9252
06:04:24,894 --> 06:04:28,300
to One Source distribution that
has come under the spotlight
9253
06:04:28,300 --> 06:04:32,100
and that is parrot OS
so today in this video.
9254
06:04:32,100 --> 06:04:35,200
I will first be giving you
guys a brief introduction
9255
06:04:35,200 --> 06:04:37,000
to what exactly is Kali Linux.
9256
06:04:37,000 --> 06:04:39,700
And then I will also give
a brief introduction to
9257
06:04:39,700 --> 06:04:43,300
what parrot OS is then
we will be comparing Kali
9258
06:04:43,300 --> 06:04:46,500
versus parrot according
to various parameters.
9259
06:04:46,900 --> 06:04:49,200
So let's move ahead now.
9260
06:04:49,200 --> 06:04:51,200
Let me give you guys
a brief introduction
9261
06:04:51,200 --> 06:04:52,700
to what Kali Linux is.
9262
06:04:52,700 --> 06:04:56,348
So Kali Linux is a penetration
testing and security
9263
06:04:56,348 --> 06:04:58,100
focused operating system
9264
06:04:58,100 --> 06:05:02,800
as the name suggests Carly has
a Linux kernel at its core above
9265
06:05:02,800 --> 06:05:05,725
that the creators
of Carly Marty are Oni
9266
06:05:05,725 --> 06:05:07,000
and Devon Kearns.
9267
06:05:07,000 --> 06:05:10,626
Added the latest injection
packages to help pentesters.
9268
06:05:10,626 --> 06:05:14,521
Save some time Kali Linux has
developed according to the DB
9269
06:05:14,521 --> 06:05:16,200
and development standards
9270
06:05:16,300 --> 06:05:19,000
and it was developed as
a refined penetration test
9271
06:05:19,000 --> 06:05:20,000
during distribution.
9272
06:05:20,000 --> 06:05:21,385
That would be served as
9273
06:05:21,385 --> 06:05:25,234
a replacement for backtrack OS
currently the development
9274
06:05:25,234 --> 06:05:28,084
of Carly is being handled
by offensive security,
9275
06:05:28,084 --> 06:05:29,600
which is the organization
9276
06:05:29,600 --> 06:05:34,100
that provides prestigious
certifications, like oscp osce
9277
06:05:34,100 --> 06:05:36,900
and Os WP over the years.
9278
06:05:36,900 --> 06:05:40,664
Carly has developed its own cult
following with people
9279
06:05:40,664 --> 06:05:44,500
who swear by the word and by
the power provided by Kali
9280
06:05:44,900 --> 06:05:47,583
while I may not be
such a staunch believer
9281
06:05:47,583 --> 06:05:48,533
in Kali Linux.
9282
06:05:48,533 --> 06:05:52,400
There are plenty of reasons
for want to use curly for one.
9283
06:05:52,400 --> 06:05:53,900
It's absolutely free.
9284
06:05:54,000 --> 06:05:54,600
Secondly.
9285
06:05:54,600 --> 06:05:55,894
It comes pre-installed
9286
06:05:55,894 --> 06:05:58,600
with tons and tons
of penetration testing tools
9287
06:05:58,600 --> 06:06:00,800
and security related
tools above that.
9288
06:06:00,800 --> 06:06:04,000
It can be completely customized
according to your needs
9289
06:06:04,000 --> 06:06:06,431
as the code is
an open-source get tree
9290
06:06:06,431 --> 06:06:09,100
and The whole code
is basically available
9291
06:06:09,100 --> 06:06:10,858
to the public to be tweaked.
9292
06:06:10,858 --> 06:06:11,800
Also the kernel
9293
06:06:11,800 --> 06:06:15,600
that runs Kali Linux comes with
the latest injection packages.
9294
06:06:15,600 --> 06:06:18,200
And it also comes
with gpg signed packages
9295
06:06:18,200 --> 06:06:19,958
and repositories above that.
9296
06:06:19,958 --> 06:06:22,877
Kali Linux has
some true multi-language support
9297
06:06:22,877 --> 06:06:26,495
and it was developed in
an extremely secure environment.
9298
06:06:26,495 --> 06:06:28,600
Also Carly supports a wide range
9299
06:06:28,600 --> 06:06:31,600
of wireless devices now
at this moment Callie
9300
06:06:31,600 --> 06:06:34,500
may seem like a very
useful operating system.
9301
06:06:34,800 --> 06:06:37,100
But as you guys might
remember the great quote,
9302
06:06:37,100 --> 06:06:38,646
From Spider-Man create
9303
06:06:38,646 --> 06:06:41,600
power comes with
heavy resource utilization
9304
06:06:41,700 --> 06:06:44,685
according to the official
documentation of Carly
9305
06:06:44,685 --> 06:06:47,100
the system requirements
are quite heavy
9306
06:06:47,276 --> 06:06:49,200
on the low-end Kali Linux
9307
06:06:49,200 --> 06:06:52,700
needs a basic of at
least 128 MB of RAM
9308
06:06:52,900 --> 06:06:56,750
and a 2 GB hard disk space
to set up a simple SSH server
9309
06:06:56,750 --> 06:06:59,900
that will not even have
the GUI of the desktop
9310
06:07:00,000 --> 06:07:01,163
on the higher end.
9311
06:07:01,163 --> 06:07:04,128
If you opt to install
the default genome desktop
9312
06:07:04,128 --> 06:07:06,400
and the Kali Linux
full meta package.
9313
06:07:06,400 --> 06:07:09,500
You should really Aim
for at least round 2 gigs of RAM
9314
06:07:09,500 --> 06:07:10,429
and around 20 GB
9315
06:07:10,429 --> 06:07:13,100
of free hard disk space
now besides the RAM
9316
06:07:13,100 --> 06:07:14,300
and hardest requirement.
9317
06:07:14,300 --> 06:07:17,100
Your computer needs to have
CPU supported by at least one
9318
06:07:17,100 --> 06:07:21,800
of the following architectures
them being amd64 i386
9319
06:07:22,083 --> 06:07:27,200
and Armel and AR M HF
and also arm 64 now,
9320
06:07:27,200 --> 06:07:29,969
even though the official
documentation says 2GB
9321
06:07:29,969 --> 06:07:31,021
of RAM is enough.
9322
06:07:31,021 --> 06:07:33,090
I have personally
faced numerous lag
9323
06:07:33,090 --> 06:07:34,218
and stutter issues
9324
06:07:34,218 --> 06:07:36,600
when running Carly
on a virtual machine
9325
06:07:36,600 --> 06:07:38,500
with 6G EB of allocated Ram
9326
06:07:38,500 --> 06:07:41,100
which in my opinion
is a definite bummer.
9327
06:07:41,500 --> 06:07:43,500
Now, let's take
a moment to discuss
9328
06:07:43,500 --> 06:07:46,200
about parrot OS so parrot much
9329
06:07:46,200 --> 06:07:50,200
like Carly is also a deviant
based distribution of Linux.
9330
06:07:50,200 --> 06:07:51,739
When I see Debian based,
9331
06:07:51,739 --> 06:07:54,342
it means that the
code repositories adhere
9332
06:07:54,342 --> 06:07:57,890
to the Debian development
standards para Todo es 2 comes
9333
06:07:57,890 --> 06:08:00,600
with its own arsenal
of penetration testing
9334
06:08:00,600 --> 06:08:02,400
and security related tools.
9335
06:08:02,500 --> 06:08:05,900
Most of these tools are
also available on Carly.
9336
06:08:06,315 --> 06:08:09,084
No, but it was first
released in 2013
9337
06:08:09,400 --> 06:08:11,300
and was developed by
a team of Security
9338
06:08:11,300 --> 06:08:14,700
Experts Linux enthusiasts
open source developers
9339
06:08:14,700 --> 06:08:17,000
and Advocates of digital rights.
9340
06:08:17,000 --> 06:08:19,665
The team was headed
by Lorenz of Elektra
9341
06:08:19,665 --> 06:08:22,400
and part is designed
in a very unique way
9342
06:08:22,600 --> 06:08:25,885
while the operating system
has everything that is needed
9343
06:08:25,885 --> 06:08:27,200
for a security expert.
9344
06:08:27,200 --> 06:08:28,558
It doesn't present itself
9345
06:08:28,558 --> 06:08:31,268
to be a daunting learning
experience for beginners
9346
06:08:31,268 --> 06:08:34,200
who want to set foot into
the world of ethical hacking
9347
06:08:34,200 --> 06:08:36,100
and vulnerability analysis.
9348
06:08:36,200 --> 06:08:39,300
But it OS can be very well
used as a daily driver
9349
06:08:39,300 --> 06:08:40,369
as it provides all
9350
06:08:40,369 --> 06:08:43,400
of the necessary tools
to complete day to day tasks.
9351
06:08:43,500 --> 06:08:46,800
So who exactly is peridot
s made for well,
9352
06:08:46,800 --> 06:08:47,601
first of all,
9353
06:08:47,601 --> 06:08:51,400
it is made for Security Experts
and digital forensic experts.
9354
06:08:51,400 --> 06:08:54,689
It can be also used by
engineers and IIT students
9355
06:08:54,689 --> 06:08:57,500
who are enthusiastic
about ethical hacking
9356
06:08:58,100 --> 06:09:01,759
then parrot OS can be also used
by researchers journalists
9357
06:09:01,759 --> 06:09:03,300
and hacktivists and last
9358
06:09:03,300 --> 06:09:05,800
but not the least
but it OS is also meant
9359
06:09:05,800 --> 06:09:09,000
for these officers and
special security institution.
9360
06:09:09,500 --> 06:09:09,900
Okay.
9361
06:09:10,000 --> 06:09:11,900
So now let's take a moment
9362
06:09:11,900 --> 06:09:14,300
to actually discuss
the system requirements
9363
06:09:14,300 --> 06:09:17,000
that one might need
to run parrot OS
9364
06:09:17,300 --> 06:09:18,900
so the system requirements
9365
06:09:18,900 --> 06:09:22,200
for Bharat is much
more forgiving than Kali Linux
9366
06:09:22,200 --> 06:09:23,400
on the CPU side.
9367
06:09:23,400 --> 06:09:28,100
You need an x86 architecture
with at least 700 megahertz
9368
06:09:28,100 --> 06:09:30,500
of frequency and architecture.
9369
06:09:30,500 --> 06:09:33,600
Why is you need i386 amd64
9370
06:09:33,600 --> 06:09:37,900
or AMD 486 which is basically
the X86 architecture
9371
06:09:38,000 --> 06:09:39,846
or are male and Armature
9372
06:09:39,846 --> 06:09:44,461
which are basically iot devices
like Raspberry Pi on the side
9373
06:09:44,461 --> 06:09:46,800
of ram you need at least 256 MB
9374
06:09:46,800 --> 06:09:50,300
on a nine three eight six
architecture three a 20mb
9375
06:09:50,300 --> 06:09:52,146
on an amd64 architecture
9376
06:09:52,300 --> 06:09:55,500
and as a general
documentation 512mb
9377
06:09:55,500 --> 06:09:59,700
of RAM is generally recommended
by the parrot zik OS people.
9378
06:10:00,100 --> 06:10:02,930
On the GPU side parrot
OS is very surprising
9379
06:10:02,930 --> 06:10:03,700
as it needs.
9380
06:10:03,700 --> 06:10:05,158
No graphic acceleration.
9381
06:10:05,158 --> 06:10:06,800
That means you can run this
9382
06:10:06,800 --> 06:10:09,100
without a graphic
card on the side
9383
06:10:09,100 --> 06:10:12,300
of hard disk space pirate
OS needs at least 16 GB
9384
06:10:12,300 --> 06:10:15,400
of free hard disk space
for its full installation.
9385
06:10:15,400 --> 06:10:19,200
That is for G 4 gigabytes
Left 4 gigabytes
9386
06:10:19,500 --> 06:10:24,300
lesser than Kali Linux and for
booting options both Kali Linux
9387
06:10:24,300 --> 06:10:27,200
and parrot OS have
the Legacy BIOS preferred.
9388
06:10:28,000 --> 06:10:30,944
Now comparing two operating
systems when it comes
9389
06:10:30,944 --> 06:10:32,600
to Parrot OS and Kali Linux
9390
06:10:32,600 --> 06:10:35,600
that are both operating systems
meant for similar purposes
9391
06:10:35,600 --> 06:10:36,600
that is penetration.
9392
06:10:36,600 --> 06:10:37,010
Testing.
9393
06:10:37,010 --> 06:10:37,700
In this case.
9394
06:10:37,700 --> 06:10:38,900
It becomes really tough.
9395
06:10:39,000 --> 06:10:42,684
Most of the factors in such
cases boil down to a matter
9396
06:10:42,684 --> 06:10:46,300
of personal taste rather
than an objective comparison.
9397
06:10:46,600 --> 06:10:49,311
Now before we move ahead
with the comparison,
9398
06:10:49,311 --> 06:10:51,700
let me list out
a few similarities that you
9399
06:10:51,700 --> 06:10:54,300
might have noticed between
the two operating systems.
9400
06:10:54,600 --> 06:10:55,300
So first of all,
9401
06:10:55,500 --> 06:10:56,600
both operating systems
9402
06:10:56,600 --> 06:11:00,046
are tuned for Operating
penetration testing
9403
06:11:00,046 --> 06:11:01,800
and network related tools
9404
06:11:02,000 --> 06:11:03,900
and both operating
systems are based
9405
06:11:03,900 --> 06:11:07,700
on Debian development standards
both of the operating system
9406
06:11:07,700 --> 06:11:09,981
Support 32 and
64-bit architecture
9407
06:11:09,981 --> 06:11:13,239
and both operating systems
also support Cloud VPS
9408
06:11:13,239 --> 06:11:14,800
along with iot devices.
9409
06:11:14,800 --> 06:11:15,510
And of course,
9410
06:11:15,510 --> 06:11:18,400
both of them come pre-installed
with their own arsenal
9411
06:11:18,400 --> 06:11:19,500
of hacking tools.
9412
06:11:19,700 --> 06:11:22,100
Now, let's get down
with the differences.
9413
06:11:22,500 --> 06:11:24,200
The first criteria
9414
06:11:24,200 --> 06:11:27,337
of differences that we are going
to discuss is Hardware.
9415
06:11:27,337 --> 06:11:29,866
Points now as you guys
can see on the slide.
9416
06:11:29,866 --> 06:11:32,866
I have put down the system
requirements of parrot OS
9417
06:11:32,866 --> 06:11:34,100
on the left hand side
9418
06:11:34,100 --> 06:11:37,573
and I have put down the system
requirements of Kali Linux
9419
06:11:37,573 --> 06:11:39,000
on the right hand side.
9420
06:11:39,400 --> 06:11:41,730
So as you guys can see parrot OS
9421
06:11:41,730 --> 06:11:45,300
and Kali Linux both need
1 gigahertz dual-core CPU
9422
06:11:45,400 --> 06:11:49,067
when it comes to Ram parrot
OS needs much lesser arm
9423
06:11:49,067 --> 06:11:50,239
than Kali Linux,
9424
06:11:50,239 --> 06:11:54,200
but it needs 384 MB of RAM
for its minimal running time
9425
06:11:54,200 --> 06:11:57,553
and Kali Linux needs
a 1 gigahertz of RAM.
9426
06:11:57,553 --> 06:12:00,200
The other hand in terms of GPU,
9427
06:12:00,200 --> 06:12:03,281
but it OS doesn't really
need a graphic card
9428
06:12:03,281 --> 06:12:04,500
as it has no need
9429
06:12:04,500 --> 06:12:07,800
for graphical acceleration Kali
Linux on the other hand.
9430
06:12:07,800 --> 06:12:10,673
If you're trying to run
the genome desktop version,
9431
06:12:10,673 --> 06:12:12,800
you will certainly
need a graphic card
9432
06:12:13,200 --> 06:12:17,100
on the other hand pirate OS need
16 GB of free hard disk space
9433
06:12:17,100 --> 06:12:19,023
for its full installation
9434
06:12:19,500 --> 06:12:22,800
and Kali Linux needs
20 GB of free space.
9435
06:12:22,800 --> 06:12:26,900
So basically parrot OS is
a much more lightweight version.
9436
06:12:27,200 --> 06:12:29,321
So we see that parrot
OS definitely wins
9437
06:12:29,321 --> 06:12:30,323
against Kali Linux
9438
06:12:30,323 --> 06:12:31,034
when it comes
9439
06:12:31,034 --> 06:12:34,427
to Hardware requirements due to
its lightweight nature not only
9440
06:12:34,427 --> 06:12:36,800
does it require lesser Ram
to function properly,
9441
06:12:36,800 --> 06:12:39,700
but the full installation is
also pretty lightweight thanks
9442
06:12:39,700 --> 06:12:43,100
to the use of the mate desktop
environment by the developers.
9443
06:12:43,100 --> 06:12:46,862
So basically if you're having
an older Hardware configuration
9444
06:12:46,862 --> 06:12:49,559
on your computer pirate
OS should definitely
9445
06:12:49,559 --> 06:12:50,500
be your choice.
9446
06:12:51,100 --> 06:12:53,500
Now the next parameter
that we are going to compare.
9447
06:12:53,500 --> 06:12:57,292
The two OS is in is look
and feel now this section.
9448
06:12:57,292 --> 06:13:00,600
Be boils down
to personal choice personally.
9449
06:13:00,600 --> 06:13:02,648
I prefer the minimalistic look
9450
06:13:02,648 --> 06:13:06,692
that is given by parrot OS
the interface of parrot OS
9451
06:13:06,692 --> 06:13:10,162
is built using the Ubuntu
mate desktop environment.
9452
06:13:10,162 --> 06:13:12,800
There are two clear
sections on top you
9453
06:13:12,800 --> 06:13:16,800
see a pain which contains
applications places systems,
9454
06:13:16,800 --> 06:13:19,000
which is much like Kali itself,
9455
06:13:19,100 --> 06:13:21,442
but it also gives
some cool information
9456
06:13:21,442 --> 06:13:24,400
about CPU temperatures
along with the usage graph
9457
06:13:24,400 --> 06:13:26,800
and the bottom pane
contains the menu manager
9458
06:13:26,800 --> 06:13:28,399
and the work station manager,
9459
06:13:28,399 --> 06:13:30,000
which is a brilliant addition
9460
06:13:30,000 --> 06:13:33,975
to the Linux system Kali Linux
on the other hand follows
9461
06:13:33,975 --> 06:13:36,000
the genome desktop interface
9462
06:13:36,000 --> 06:13:38,246
while it still
has the functionality
9463
06:13:38,246 --> 06:13:40,300
that is offered by para Todo es.
9464
06:13:40,400 --> 06:13:42,600
It doesn't provide
the same clean and refined
9465
06:13:42,600 --> 06:13:43,900
look in my opinion.
9466
06:13:44,200 --> 06:13:47,100
If you don't know your way
around a collie interface,
9467
06:13:47,100 --> 06:13:49,800
it is pretty easy
to actually get lost.
9468
06:13:50,300 --> 06:13:51,900
Now, the next parameter
9469
06:13:51,900 --> 06:13:55,000
that we're going to compare
them is hacking tools now
9470
06:13:55,000 --> 06:13:57,312
since both these
operating systems are
9471
06:13:57,312 --> 06:14:00,000
For penetration testers
and ethical hackers.
9472
06:14:00,000 --> 06:14:03,278
I think hacking tools is
the most important criteria
9473
06:14:03,278 --> 06:14:07,000
that both the operating systems
are going to be compared in so
9474
06:14:07,000 --> 06:14:08,500
when it comes to General tools
9475
06:14:08,500 --> 06:14:11,423
and functional features para
Todo es takes the price
9476
06:14:11,423 --> 06:14:15,200
when compared to Kali Linux
pirate OS has all the tools
9477
06:14:15,200 --> 06:14:19,800
that are available in Kali Linux
and also it adds his own tools.
9478
06:14:19,800 --> 06:14:22,700
There are several tools
that you will find on parrot
9479
06:14:22,700 --> 06:14:24,582
that is not found on Kali Linux.
9480
06:14:24,582 --> 06:14:26,682
Let's take a look
at a few of them.
9481
06:14:26,682 --> 06:14:29,500
So the first on that you
see is called Wi-Fi Fisher
9482
06:14:29,600 --> 06:14:33,320
now Wi-Fi fish oil is
a rogue access point framework
9483
06:14:33,320 --> 06:14:35,732
for conducting
red team engagements
9484
06:14:35,732 --> 06:14:40,200
or Wi-Fi security testing using
Wi-Fi Fisher penetration testers
9485
06:14:40,200 --> 06:14:41,700
can easily achieve a man
9486
06:14:41,700 --> 06:14:44,700
in the middle position
against the wireless clients
9487
06:14:44,700 --> 06:14:47,400
by performing targeted
Wi-Fi Association attacks.
9488
06:14:47,600 --> 06:14:49,400
Wi-Fi Fisher can be further
9489
06:14:49,400 --> 06:14:52,400
used to mount victim
customized web phishing attacks
9490
06:14:52,400 --> 06:14:55,900
against the connected clients
in order to capture credentials
9491
06:14:55,900 --> 06:14:57,500
or in fact the victim
9492
06:14:57,500 --> 06:15:01,000
With some sort of
malware another tool
9493
06:15:01,000 --> 06:15:03,950
that is seen on parrot
and is much appreciated
9494
06:15:03,950 --> 06:15:04,993
that is not seen
9495
06:15:04,993 --> 06:15:08,644
on the Kali sign is called
a non surf now being anonymous
9496
06:15:08,644 --> 06:15:12,100
for a hacker is the first step
before hacking a system
9497
06:15:12,300 --> 06:15:14,008
and anonymizing a system
9498
06:15:14,008 --> 06:15:16,500
in an ideal way is
not an easy task.
9499
06:15:16,500 --> 06:15:19,323
No one can perfectly
anonymize a system and there
9500
06:15:19,323 --> 06:15:22,100
are many tools available
on the internet that see
9501
06:15:22,100 --> 06:15:25,400
that they are no no my system
one such tool is
9502
06:15:25,400 --> 06:15:27,100
a non surf now, announce.
9503
06:15:27,100 --> 06:15:28,433
So of is pretty good
9504
06:15:28,433 --> 06:15:32,300
as it uses the tour iptables
to anonymize the whole system.
9505
06:15:32,600 --> 06:15:35,417
Also, if you guys
have not already realizes
9506
06:15:35,417 --> 06:15:38,700
tour also also comes
pre-installed on parrot
9507
06:15:38,700 --> 06:15:41,900
while it has to be externally
installed on Carly.
9508
06:15:42,100 --> 06:15:43,993
Now these things that you see
9509
06:15:43,993 --> 06:15:45,803
that Wi-Fi Fisher Tor Browser
9510
06:15:45,803 --> 06:15:48,300
and announcer surely
they can be imported
9511
06:15:48,300 --> 06:15:51,683
and download it on curly
but they don't really come
9512
06:15:51,683 --> 06:15:54,300
pre-installed and that is
what counts right now.
9513
06:15:54,900 --> 06:15:57,800
So since pirate OS
also Is designed
9514
06:15:57,800 --> 06:16:00,987
with development in mind
it also comes pre-installed
9515
06:16:00,987 --> 06:16:04,300
with a bunch of useful compilers
for various languages
9516
06:16:04,300 --> 06:16:07,369
and ideas for their
respective development,
9517
06:16:07,369 --> 06:16:10,600
which is completely absent
on the Kali Linux side.
9518
06:16:10,600 --> 06:16:12,442
So for this part of hacking
9519
06:16:12,442 --> 06:16:16,400
tools parrot OS definitely takes
a price now the next thing
9520
06:16:16,400 --> 06:16:17,484
that we are going
9521
06:16:17,484 --> 06:16:20,800
to compare both y'all both
these operating systems is
9522
06:16:20,800 --> 06:16:24,300
release variations now
both operating systems come
9523
06:16:24,300 --> 06:16:26,100
with a variety of variations,
9524
06:16:26,100 --> 06:16:28,700
but part OS has
much more diversity
9525
06:16:28,700 --> 06:16:30,100
in terms of variety.
9526
06:16:30,100 --> 06:16:32,000
So let me just explain
what I mean.
9527
06:16:32,000 --> 06:16:34,200
So as you guys can see
on the left-hand side,
9528
06:16:34,200 --> 06:16:36,916
I have listed down
the release variations
9529
06:16:36,916 --> 06:16:39,700
that are available
for parrot OS now aside
9530
06:16:39,700 --> 06:16:41,101
from the full editions,
9531
06:16:41,101 --> 06:16:43,600
which is both provided
by parrot and Kali.
9532
06:16:43,600 --> 06:16:47,700
They also both provide the light
additions on parrot side
9533
06:16:47,700 --> 06:16:49,900
and the light Edition
on Carly side.
9534
06:16:49,900 --> 06:16:52,200
They are both basically
the same thing.
9535
06:16:52,200 --> 06:16:56,100
We're in minimalistic tools
are actually pre-installed
9536
06:16:56,100 --> 06:16:59,371
and you can Install and
customize the operating system
9537
06:16:59,371 --> 06:17:01,100
according to your own needs.
9538
06:17:01,100 --> 06:17:04,217
If you don't choose to customize
the operating system,
9539
06:17:04,217 --> 06:17:06,864
you can very well use
it as a very lightweight
9540
06:17:06,864 --> 06:17:08,600
and portable operating system.
9541
06:17:08,600 --> 06:17:10,247
So Peridot a slight addition
9542
06:17:10,247 --> 06:17:12,400
and Carly light additions
are two flavors
9543
06:17:12,400 --> 06:17:13,600
of the operating system.
9544
06:17:14,000 --> 06:17:14,800
Now, this is
9545
06:17:14,800 --> 06:17:17,400
where the difference is
such differences start.
9546
06:17:17,400 --> 06:17:19,610
So parrot os are
Edition also exist.
9547
06:17:19,610 --> 06:17:21,000
So this is an addition
9548
06:17:21,000 --> 06:17:23,262
that is used
for wireless penetration,
9549
06:17:23,262 --> 06:17:25,900
testing and wireless
vulnerability testing.
9550
06:17:25,900 --> 06:17:28,700
So basically anything
Thing Wireless parrot
9551
06:17:28,700 --> 06:17:32,300
OS erudition does it faster
and does it better then?
9552
06:17:32,300 --> 06:17:34,709
There's also parrot
OS Studio Edition,
9553
06:17:34,709 --> 06:17:37,900
which is used for multimedia
content creation Yes.
9554
06:17:37,900 --> 06:17:41,275
You heard that right part
it OS can also make content
9555
06:17:41,275 --> 06:17:42,774
for your social media.
9556
06:17:42,774 --> 06:17:45,500
So if you're thinking
about using part OS
9557
06:17:45,500 --> 06:17:49,086
for marketing as well as
security deposit OSU has
9558
06:17:49,086 --> 06:17:52,300
definitely your go-to
operating system Carly
9559
06:17:52,300 --> 06:17:55,400
on the other hand aside
from its light version
9560
06:17:55,400 --> 06:17:57,187
and full edition offers.
9561
06:17:57,187 --> 06:17:58,900
Some desktop interfaces
9562
06:17:58,900 --> 06:18:04,700
like the E17 KDE and xfce
the Ubuntu mate and the lxde.
9563
06:18:05,000 --> 06:18:07,471
So these are
basically just skins
9564
06:18:07,471 --> 06:18:08,856
that run over Cali
9565
06:18:09,100 --> 06:18:11,657
and basically make
Ali look a little different
9566
06:18:11,657 --> 06:18:13,760
from one another you
can check out all
9567
06:18:13,760 --> 06:18:17,000
these different customizations
on the khari documentation.
9568
06:18:17,300 --> 06:18:20,300
Other than that Callie
has also support for cloud
9569
06:18:20,300 --> 06:18:24,300
and iot devices in the form of
the Armel and arm HF releases.
9570
06:18:24,300 --> 06:18:27,307
These releases are
also available in parrot over.
9571
06:18:27,307 --> 06:18:29,500
ESO para Todo es
doesn't stand down.
9572
06:18:29,500 --> 06:18:31,417
So as you guys see Peridot s
9573
06:18:31,417 --> 06:18:34,500
provides you a lot
of diversity in the variety
9574
06:18:34,500 --> 06:18:35,900
that it is offering.
9575
06:18:35,900 --> 06:18:39,164
So in my opinion parrot
OS also takes the price
9576
06:18:39,164 --> 06:18:40,300
in this section.
9577
06:18:41,200 --> 06:18:42,972
Now the main question remains
9578
06:18:42,972 --> 06:18:46,718
which of these two distributions
is better for beginners Well,
9579
06:18:46,718 --> 06:18:49,850
it is to be duly noted
that both these distributions
9580
06:18:49,850 --> 06:18:52,000
are not exactly
meant for beginners.
9581
06:18:52,000 --> 06:18:55,600
If you want to learn about Linux
as an operating system,
9582
06:18:55,600 --> 06:18:57,900
you're better off using
something like Go bond
9583
06:18:57,900 --> 06:18:58,900
to or deepen.
9584
06:18:59,000 --> 06:19:00,431
This also doesn't mean
9585
06:19:00,431 --> 06:19:03,100
that you cannot learn
the basics on parrot
9586
06:19:03,100 --> 06:19:05,100
or Kali on the other hand.
9587
06:19:05,100 --> 06:19:08,000
If you are already knowing
the basics of Linux
9588
06:19:08,000 --> 06:19:09,300
and want to get your hands
9589
06:19:09,300 --> 06:19:12,000
on an operating system
to learn ethical hacking.
9590
06:19:12,500 --> 06:19:16,013
I would personally recommend
using the parrot SEC OS light
9591
06:19:16,013 --> 06:19:17,000
addition this is
9592
06:19:17,000 --> 06:19:19,500
because the light version comes
with the bare minimum
9593
06:19:19,500 --> 06:19:20,706
of networking tools.
9594
06:19:20,706 --> 06:19:21,941
This means as you learn
9595
06:19:21,941 --> 06:19:25,200
your ethical hacking concept
slowly you could develop
9596
06:19:25,200 --> 06:19:27,000
or install tools one by one.
9597
06:19:27,000 --> 06:19:30,100
Instead of being overwhelmed
with a whole bunch of them
9598
06:19:30,100 --> 06:19:33,300
from the beginning not only
does this allow yourself
9599
06:19:33,300 --> 06:19:35,167
to evolve as an ethical hacker
9600
06:19:35,167 --> 06:19:36,600
and penetration tester,
9601
06:19:36,600 --> 06:19:39,594
but it also makes sure
your fundamentals are built
9602
06:19:39,594 --> 06:19:41,000
in a methodical manner.
9603
06:19:41,300 --> 06:19:43,453
Now, I recommend parrot OS /
9604
06:19:43,453 --> 06:19:46,174
Carly for one other
reason to that is
9605
06:19:46,174 --> 06:19:49,500
because the default user
for Callie is Route.
9606
06:19:49,500 --> 06:19:52,900
This makes the environment
a whole lot more aggressive
9607
06:19:52,900 --> 06:19:55,045
and mistakes tend to be punished
9608
06:19:55,045 --> 06:19:58,800
and a whole lot more difficult
to deal with So this means
9609
06:19:58,800 --> 06:20:02,400
that parted OS is generally
the winner in my opinion.
9610
06:20:07,400 --> 06:20:10,000
When you get hired as
a penetration tester
9611
06:20:10,000 --> 06:20:11,600
or a security analyst one
9612
06:20:11,600 --> 06:20:14,800
of the main rules
is vulnerability assessment.
9613
06:20:15,000 --> 06:20:18,100
So what exactly is
vulnerability assessment?
9614
06:20:18,100 --> 06:20:21,537
Well, I've already possessed
man is the process of defining
9615
06:20:21,537 --> 06:20:22,900
identifying classifying
9616
06:20:22,900 --> 06:20:26,511
and prioritizing vulnerabilities
in a computer system application
9617
06:20:26,511 --> 06:20:28,100
and network infrastructures
9618
06:20:28,100 --> 06:20:30,563
and providing organization
doing the assessment
9619
06:20:30,563 --> 06:20:32,522
with the necessary
knowledge awareness
9620
06:20:32,522 --> 06:20:34,952
and risk background
to understand the threats
9621
06:20:34,952 --> 06:20:37,600
to its environment
and react appropriately to them.
9622
06:20:37,600 --> 06:20:39,459
So vulnerability is a situation
9623
06:20:39,459 --> 06:20:41,997
that can be taken
advantage of by a hacker
9624
06:20:41,997 --> 06:20:43,404
or a penetration tester
9625
06:20:43,404 --> 06:20:46,647
for their own misuse or actually
for fixing the issue.
9626
06:20:46,647 --> 06:20:49,400
So while I'm ready assessment
has three steps.
9627
06:20:49,400 --> 06:20:52,700
So the first step is actually
identifying the assets
9628
06:20:52,700 --> 06:20:54,796
and the vulnerabilities
of the system.
9629
06:20:54,796 --> 06:20:57,764
The second step is actually
quantifying the assessment
9630
06:20:57,764 --> 06:21:01,000
and the third is reporting
the results now vulnerability
9631
06:21:01,000 --> 06:21:02,901
assessment is only a small part
9632
06:21:02,901 --> 06:21:05,008
and Pen testing is
an extended process
9633
06:21:05,008 --> 06:21:06,510
of vulnerability assessment
9634
06:21:06,510 --> 06:21:08,774
when testing NG
or penetration testing
9635
06:21:08,774 --> 06:21:12,400
includes processes like scanning
vulnerability assessment
9636
06:21:12,400 --> 06:21:14,411
and itself exploitation research
9637
06:21:14,411 --> 06:21:16,800
and Reporting whatever
the results are.
9638
06:21:16,800 --> 06:21:19,442
So in the industry
was the most widely
9639
06:21:19,442 --> 06:21:23,300
used Frameworks when penetration
testing is Metasploit.
9640
06:21:23,300 --> 06:21:26,425
So Metasploit is widely used
in penetration testing
9641
06:21:26,425 --> 06:21:29,938
as I just said and also used
for exploitation research.
9642
06:21:29,938 --> 06:21:31,447
So some of you might ask
9643
06:21:31,447 --> 06:21:33,900
what exactly is
an exploit research well
9644
06:21:33,900 --> 06:21:36,093
in this world there
are tons of exploits
9645
06:21:36,093 --> 06:21:39,500
and the way to approach each
Of them is ever so different.
9646
06:21:39,500 --> 06:21:42,700
So what we have to do
is exploit all the research
9647
06:21:42,700 --> 06:21:43,945
that is available to us
9648
06:21:43,945 --> 06:21:46,584
and we have to find
the best way to approach them.
9649
06:21:46,584 --> 06:21:49,479
So suppose, for example,
you have a secure shell login.
9650
06:21:49,479 --> 06:21:52,382
So the best way to actually
approach secure shell login
9651
06:21:52,382 --> 06:21:53,521
until my knowledge is
9652
06:21:53,521 --> 06:21:55,697
that you have to get
a backdoor access
9653
06:21:55,697 --> 06:21:57,438
to this from the port numbers
9654
06:21:57,438 --> 06:21:59,556
that you can scan
via nmap or eczema.
9655
06:21:59,556 --> 06:21:59,852
Okay.
9656
06:21:59,852 --> 06:22:02,087
So without wasting
much time at looking
9657
06:22:02,087 --> 06:22:03,577
at prop and presentations,
9658
06:22:03,577 --> 06:22:06,900
let's actually get started as
to how we can use Metasploit.
9659
06:22:06,900 --> 06:22:10,200
So So Metasploit is a freely
available open source framework
9660
06:22:10,200 --> 06:22:12,000
that is widely
used by pentesters
9661
06:22:12,000 --> 06:22:13,200
as we just discussed.
9662
06:22:13,200 --> 06:22:15,703
So to actually
install Metasploit,
9663
06:22:15,703 --> 06:22:18,800
which is easily available
on Linux and windows.
9664
06:22:18,800 --> 06:22:19,600
I guess.
9665
06:22:19,600 --> 06:22:21,100
Let me just check it out.
9666
06:22:21,100 --> 06:22:22,882
So you go on your browser
9667
06:22:22,882 --> 06:22:26,000
and you time Metasploit
downloads now you just
9668
06:22:26,000 --> 06:22:27,600
visit the first link and
9669
06:22:27,600 --> 06:22:30,056
as you guys can see it says
it's the world's most
9670
06:22:30,056 --> 06:22:31,491
used penetration testing tool
9671
06:22:31,491 --> 06:22:33,996
and then you just download
the Metasploit framework
9672
06:22:33,996 --> 06:22:35,800
by clicking the
download button here.
9673
06:22:35,800 --> 06:22:37,949
So y'all might also
find Pro version
9674
06:22:37,949 --> 06:22:39,300
which is a paid thing.
9675
06:22:39,300 --> 06:22:41,500
And this has a little bit
of extra features
9676
06:22:41,500 --> 06:22:42,558
like group support
9677
06:22:42,558 --> 06:22:45,600
and actually helping a company
work as an organization,
9678
06:22:45,600 --> 06:22:47,000
but we don't actually need
9679
06:22:47,000 --> 06:22:49,500
that and practicing
our pentesting abilities.
9680
06:22:49,500 --> 06:22:50,950
So for that you just go ahead
9681
06:22:50,950 --> 06:22:53,300
and download Metasploit
framework and install it
9682
06:22:53,300 --> 06:22:54,149
on your system above
9683
06:22:54,149 --> 06:22:56,700
that there is another thing I
want to get make you guys aware
9684
06:22:56,700 --> 06:22:58,400
of and that is Metasploit table.
9685
06:22:58,400 --> 06:23:01,400
So when actually
been testing we need a server
9686
06:23:01,400 --> 06:23:04,000
or a website to actually
pen testing zone.
9687
06:23:04,000 --> 06:23:05,200
So normally this is
9688
06:23:05,200 --> 06:23:07,500
a very illegal thing to do
with our permission.
9689
06:23:07,500 --> 06:23:10,100
Ian so Met exploitable
has actually created
9690
06:23:10,100 --> 06:23:12,700
a server with a lot
of vulnerabilities on it
9691
06:23:12,700 --> 06:23:15,600
and it's called Metasploit
able to somet exploitable
9692
06:23:15,600 --> 06:23:18,300
to is easily downloadable
from this link
9693
06:23:18,300 --> 06:23:19,916
and it's a virtual box file.
9694
06:23:19,916 --> 06:23:22,681
So you guys must have
a virtual machine software
9695
06:23:22,681 --> 06:23:25,100
on your system to actually
set this thing up.
9696
06:23:25,100 --> 06:23:26,163
I'll also go through
9697
06:23:26,163 --> 06:23:28,334
how to actually set
up Metasploit herbal
9698
06:23:28,334 --> 06:23:29,428
because it has a lot
9699
06:23:29,428 --> 06:23:32,311
of configuration and network
management to go with it.
9700
06:23:32,311 --> 06:23:33,900
So we'll get to that later.
9701
06:23:33,900 --> 06:23:34,500
But for now,
9702
06:23:34,500 --> 06:23:37,200
let's get started
with Metasploit table.
9703
06:23:37,200 --> 06:23:40,800
So before that Metasploit herbal
is written in Ruby
9704
06:23:40,800 --> 06:23:43,535
and if you all know
Ruby coding and y'all know
9705
06:23:43,535 --> 06:23:44,751
how to make exploits
9706
06:23:44,751 --> 06:23:48,400
y'all can also always contribute
to the Metasploit community.
9707
06:23:48,400 --> 06:23:52,361
So Metasploit is one of the most
widely used pen testing tools
9708
06:23:52,361 --> 06:23:53,400
in the industry.
9709
06:23:53,400 --> 06:23:55,452
So what exactly is Metasploit?
9710
06:23:55,452 --> 06:23:56,905
Well, it's a framework
9711
06:23:56,905 --> 06:24:01,000
and what a framework is is it's
actually a collection of tools.
9712
06:24:01,000 --> 06:24:04,300
So these tools are majorly used
for penetration testing
9713
06:24:04,300 --> 06:24:07,110
and exploitation research
now one might ask
9714
06:24:07,110 --> 06:24:09,100
what Exactly is
exploit research.
9715
06:24:09,100 --> 06:24:11,307
Well, there are tons
of exploits out there
9716
06:24:11,307 --> 06:24:14,013
and there are tons of ways
to actually approach them
9717
06:24:14,013 --> 06:24:15,372
and this only comes to us
9718
06:24:15,372 --> 06:24:18,198
from thorough research as
to how we can approach each
9719
06:24:18,198 --> 06:24:20,100
and every exploit
in their best way.
9720
06:24:20,200 --> 06:24:21,600
So talking about Metasploit.
9721
06:24:21,600 --> 06:24:25,155
Well, it's open source and free
and it's also written in Ruby.
9722
06:24:25,155 --> 06:24:27,300
So if you guys know
Ruby coding and know
9723
06:24:27,300 --> 06:24:29,743
how to make exploits
y'all can always contribute
9724
06:24:29,743 --> 06:24:33,021
to the Metasploit framework now
talking about the download part.
9725
06:24:33,021 --> 06:24:35,147
Well y'all can easily
download Metasploit
9726
06:24:35,147 --> 06:24:36,500
from its download page,
9727
06:24:36,500 --> 06:24:37,822
which is -
9728
06:24:37,822 --> 06:24:41,600
Floyd.com download I'll
be leaving the download link
9729
06:24:41,600 --> 06:24:43,000
in the description.
9730
06:24:43,000 --> 06:24:45,117
And once you're
on the download page,
9731
06:24:45,117 --> 06:24:47,629
you'll see two versions
one is the free version
9732
06:24:47,629 --> 06:24:49,800
which is the original
Metasploit framework
9733
06:24:49,800 --> 06:24:52,449
and it's the core framework
that everybody works on
9734
06:24:52,449 --> 06:24:54,184
and then there's Metasploit Pro
9735
06:24:54,184 --> 06:24:56,200
which comes with
a 14 day free trial.
9736
06:24:56,200 --> 06:24:59,200
So Metasploit Pro actually
has a few extra features,
9737
06:24:59,200 --> 06:25:01,200
which is great
for an organization.
9738
06:25:01,200 --> 06:25:02,800
Like it helps
you work as a team,
9739
06:25:02,800 --> 06:25:03,858
but if you're a guy
9740
06:25:03,858 --> 06:25:07,447
who's just practicing pentesting
like me Metasploit framework,
9741
06:25:07,447 --> 06:25:10,300
Work the free version is
the absolute way to go now.
9742
06:25:10,300 --> 06:25:11,611
Also when pentesting
9743
06:25:11,611 --> 06:25:14,727
you all will also need
Metasploit table now met
9744
06:25:14,727 --> 06:25:18,200
exploitable is an intentionally
vulnerable Target machine
9745
06:25:18,200 --> 06:25:20,900
for actually practicing
your medicine flight skills
9746
06:25:20,900 --> 06:25:21,900
on so we will go
9747
06:25:21,900 --> 06:25:24,458
over the installation
of Metasploit table later.
9748
06:25:24,458 --> 06:25:26,863
But for now, let's go
over Metasploit table.
9749
06:25:26,863 --> 06:25:29,100
So once you guys
have actually downloaded
9750
06:25:29,100 --> 06:25:32,200
the link y'all can actually
install it on your systems
9751
06:25:32,200 --> 06:25:34,900
and Metasploit actually
has three interfaces.
9752
06:25:34,900 --> 06:25:37,500
So we are going to be using
the command line interface.
9753
06:25:37,500 --> 06:25:40,038
Or the msf console
in other words,
9754
06:25:40,038 --> 06:25:44,500
but you all can also use the GUI
interface which is called
9755
06:25:44,500 --> 06:25:46,325
Armitage if I'm not wrong.
9756
06:25:46,325 --> 06:25:47,800
So let's get started.
9757
06:25:47,800 --> 06:25:48,756
So first of all,
9758
06:25:48,756 --> 06:25:51,226
I've already actually
downloaded Metasploit
9759
06:25:51,226 --> 06:25:52,911
and install it on my computer
9760
06:25:52,911 --> 06:25:56,500
and y'all can just do the same
by pressing the download button
9761
06:25:56,500 --> 06:25:59,700
as you guys can see so
just start up Metasploit.
9762
06:25:59,700 --> 06:26:02,300
All you have to do
is go on your terminal
9763
06:26:02,500 --> 06:26:07,061
and so to start a Metasploit
all you have to do.
9764
06:26:07,061 --> 06:26:09,676
Do is go on your
terminal on Linux?
9765
06:26:10,400 --> 06:26:12,900
Well, we're starting
upholstery SQL Server
9766
06:26:12,900 --> 06:26:15,800
because first of all
the postgresql server
9767
06:26:15,800 --> 06:26:18,681
is the basis of all
the Metasploit exploits
9768
06:26:18,681 --> 06:26:22,800
that are stored and starting it
will just make it run faster.
9769
06:26:22,800 --> 06:26:29,600
So we go service post
gray SQL and start
9770
06:26:29,700 --> 06:26:31,900
so that's the start of a service
9771
06:26:31,900 --> 06:26:37,200
and indeed it has so next thing
you want to do is go in
9772
06:26:37,200 --> 06:26:39,400
and type msf console.
9773
06:26:39,900 --> 06:26:42,100
And that's going to take
a little bit of time
9774
06:26:42,100 --> 06:26:43,700
because I was very slow computer
9775
06:26:43,700 --> 06:26:46,000
and it's going to start
up our Metasploit free.
9776
06:26:47,100 --> 06:26:50,796
So as you guys can see you got
a big banner out here.
9777
06:26:50,796 --> 06:26:53,000
It says Metasploit cyber mesial
9778
06:26:53,200 --> 06:26:56,494
and it's the banner changes
every time don't get worried.
9779
06:26:56,494 --> 06:26:59,717
If you have a different banner
and the main thing is
9780
06:26:59,717 --> 06:27:02,044
that you should see
this msf thing out here.
9781
06:27:02,044 --> 06:27:04,589
So this means we are
in the msf Shell right now,
9782
06:27:04,589 --> 06:27:06,700
which is the
Metasploit framework shell.
9783
06:27:06,700 --> 06:27:09,500
So let's get started by
actually curing our screen.
9784
06:27:09,700 --> 06:27:13,000
So first things first
the first command that you
9785
06:27:13,000 --> 06:27:16,200
might want to run on a deployed
is the help command.
9786
06:27:16,200 --> 06:27:17,916
So help will tell us everything
9787
06:27:17,916 --> 06:27:19,800
that we can do
with this framework.
9788
06:27:19,800 --> 06:27:22,434
So as you guys can see
there are a bunch of commands
9789
06:27:22,434 --> 06:27:24,500
and the descriptions
to go along with it.
9790
06:27:24,500 --> 06:27:27,050
Y'all can give it a quick read
and find the things
9791
06:27:27,050 --> 06:27:28,400
that are interesting to you.
9792
06:27:28,400 --> 06:27:30,464
So as you guys can see
Banner is display
9793
06:27:30,464 --> 06:27:33,700
an awesome Metasploit Banner
y'all can change the banner
9794
06:27:33,700 --> 06:27:35,900
as you guys can see there are
a lot of Juicy commands
9795
06:27:35,900 --> 06:27:37,400
like there's a banner command,
9796
06:27:37,400 --> 06:27:38,600
which I just had used.
9797
06:27:38,600 --> 06:27:41,813
So if you go and die panel
will give you a nice cool Banner
9798
06:27:41,813 --> 06:27:44,100
about Metasploit and there
are other commands
9799
06:27:44,100 --> 06:27:46,300
which work very similar
to Linux like CD.
9800
06:27:46,300 --> 06:27:49,300
Changes the current directory
you can change the color
9801
06:27:49,300 --> 06:27:50,684
by toggling colors
9802
06:27:50,800 --> 06:27:54,100
and then you can connect to
the host and all sorts of stuff.
9803
06:27:54,200 --> 06:27:56,900
So Metasploit has
a bunch of exploits.
9804
06:27:56,900 --> 06:27:58,400
So before we go further,
9805
06:27:58,400 --> 06:28:01,300
I want to make you guys aware
of three important terms
9806
06:28:01,300 --> 06:28:02,500
regarding Metasploit.
9807
06:28:02,500 --> 06:28:05,700
The first is a vulnerability and
we had already discussed this
9808
06:28:05,700 --> 06:28:07,700
that a vulnerability
is a situation
9809
06:28:07,700 --> 06:28:11,451
which can be taken advantage
of by a system or a person
9810
06:28:11,451 --> 06:28:14,300
who axis so the second
part is an exploit.
9811
06:28:14,300 --> 06:28:16,447
So what exactly is
an exploit Yeah,
9812
06:28:16,447 --> 06:28:18,100
well an exploit is a module
9813
06:28:18,100 --> 06:28:21,300
which is a bunch of code written
in Ruby on Metasploit
9814
06:28:21,300 --> 06:28:24,000
that is used to Target
different vulnerabilities.
9815
06:28:24,000 --> 06:28:26,100
And the third thing
is a payload.
9816
06:28:26,100 --> 06:28:29,400
So a payload is
the action that you do
9817
06:28:29,400 --> 06:28:32,386
once you actually have access
to somebody system.
9818
06:28:32,386 --> 06:28:35,000
So basically suppose
you have hack somebody
9819
06:28:35,000 --> 06:28:37,300
and you've gained access
to their system.
9820
06:28:37,300 --> 06:28:40,151
Now the activities you do
after gaining access
9821
06:28:40,151 --> 06:28:43,700
is defined as the payload so
we just spoke about exploits
9822
06:28:43,700 --> 06:28:44,751
and I told you guys
9823
06:28:44,751 --> 06:28:46,743
that Metasploit has
a bunch of Right.
9824
06:28:46,743 --> 06:28:49,400
So how do we see all
the exploits that are there?
9825
06:28:49,400 --> 06:28:52,000
So you go show exploits.
9826
06:28:57,500 --> 06:28:58,900
Well, as you guys
9827
06:28:58,900 --> 06:29:01,600
can see we've loaded
up a bunch of exploits
9828
06:29:01,600 --> 06:29:03,600
which is basically
all the exploits
9829
06:29:03,600 --> 06:29:06,000
that Metasploit has
to offer at this moment.
9830
06:29:06,000 --> 06:29:10,214
So let me just increase
the screen a bit and let's cruel
9831
06:29:10,214 --> 06:29:11,900
completely to the top.
9832
06:29:16,100 --> 06:29:16,900
Yep.
9833
06:29:17,100 --> 06:29:18,792
So as you guys can see
9834
06:29:19,300 --> 06:29:22,201
show exploits give us
a bunch of exploits
9835
06:29:22,201 --> 06:29:27,000
and shows the name a description
a disclosure did and the rank.
9836
06:29:27,000 --> 06:29:28,700
So the name and description is
9837
06:29:28,700 --> 06:29:31,297
as it says it's the name
of the exploit and it's
9838
06:29:31,297 --> 06:29:32,900
a short description about it.
9839
06:29:32,900 --> 06:29:34,226
The disclosure date is
9840
06:29:34,226 --> 06:29:37,300
when the extract was actually
released by Metasploit
9841
06:29:37,300 --> 06:29:38,113
and the rank is
9842
06:29:38,113 --> 06:29:40,489
how it has fared
against the vulnerability.
9843
06:29:40,489 --> 06:29:43,600
It was released for
since it was actually released.
9844
06:29:43,600 --> 06:29:47,139
So as you guys can see
ranks range from Great good
9845
06:29:47,139 --> 06:29:50,100
and stuff and we have
a bunch of exploits.
9846
06:29:50,100 --> 06:29:53,200
So as you guys can see
there's an Android exploit.
9847
06:29:53,200 --> 06:29:56,300
There's a Samsung Galaxy
knocks Android exploit.
9848
06:29:56,300 --> 06:29:58,800
There are bunch
of Windows exploit
9849
06:29:58,800 --> 06:30:04,400
Adobe Flash exploit FTP exploits
MySQL exploit asp.net exploits
9850
06:30:04,400 --> 06:30:05,956
and a bunch of other stuff.
9851
06:30:05,956 --> 06:30:09,300
So as you guys can see there are
a bunch of exploits to use
9852
06:30:09,300 --> 06:30:10,900
and it can get confusing
9853
06:30:10,900 --> 06:30:14,100
and rather Troublesome
to search for the exploit.
9854
06:30:14,100 --> 06:30:15,900
You actually want to use so
9855
06:30:15,900 --> 06:30:20,300
as A pen tester you can always
go for the search keyword,
9856
06:30:20,300 --> 06:30:21,784
which is basically suppose,
9857
06:30:21,784 --> 06:30:23,740
you know that you
have a MySQL server
9858
06:30:23,740 --> 06:30:24,550
which has a bunch
9859
06:30:24,550 --> 06:30:27,000
of vulnerabilities and you
want to test those out.
9860
06:30:27,200 --> 06:30:30,500
So you simply go
search my SQL now,
9861
06:30:30,500 --> 06:30:32,912
I'll search the database
for all the exploits
9862
06:30:32,912 --> 06:30:35,600
that are related to mySQL
and present them to you.
9863
06:30:42,100 --> 06:30:44,200
Okay, so we have our results.
9864
06:30:44,200 --> 06:30:47,266
So as you guys can see
we have a bunch
9865
06:30:47,266 --> 06:30:49,500
of MySQL related module system.
9866
06:30:49,600 --> 06:30:53,205
Now at this makes it very easier
if you are a pen tester
9867
06:30:53,205 --> 06:30:55,500
and you're looking
for MySQL exploits
9868
06:30:55,500 --> 06:30:59,600
now suppose you choose
your exploit and let's see,
9869
06:30:59,800 --> 06:31:01,300
let's choose.
9870
06:31:01,300 --> 06:31:03,500
Which one do we
want to use today?
9871
06:31:03,500 --> 06:31:06,188
We're going to just use
this MySQL hash dump.
9872
06:31:06,188 --> 06:31:08,587
So to actually use
this we have to copy
9873
06:31:08,587 --> 06:31:12,500
the knee so double click on it
and it'll just select it and New
9874
06:31:12,500 --> 06:31:14,600
go Ctrl shift C
in your terminal
9875
06:31:15,000 --> 06:31:17,800
so that copies it and so
9876
06:31:17,800 --> 06:31:20,000
if you want some more
information about it,
9877
06:31:20,000 --> 06:31:21,900
you can always go info
9878
06:31:22,300 --> 06:31:26,200
and then just paste
in the name of the exploit.
9879
06:31:26,400 --> 06:31:29,500
So this gives us a bunch
of information actually
9880
06:31:29,500 --> 06:31:32,599
gives us all the information
you need about the exploits.
9881
06:31:32,599 --> 06:31:35,600
So it gives you the name
that it's a MySQL password.
9882
06:31:35,600 --> 06:31:38,994
Hash dump its module name
is Ox Terry scanner
9883
06:31:39,027 --> 06:31:40,423
and all this stuff.
9884
06:31:40,500 --> 06:31:42,147
It's licensed by Metasploit.
9885
06:31:42,147 --> 06:31:44,400
Framework in itself
and it has a normal rang
9886
06:31:44,600 --> 06:31:48,200
and these are all the options
that you might need to set
9887
06:31:48,200 --> 06:31:50,200
when actually using the exploit
9888
06:31:50,200 --> 06:31:52,761
and this also gives you
a small description.
9889
06:31:52,761 --> 06:31:55,408
So it says this module
extracts the user names
9890
06:31:55,408 --> 06:31:58,297
and encrypted password hashes
from a MySQL server
9891
06:31:58,297 --> 06:31:59,200
and stores them
9892
06:31:59,200 --> 06:32:02,348
for later cracking so seems
like really cool stuff.
9893
06:32:02,348 --> 06:32:06,000
You can do with ice cubes server
and its password database.
9894
06:32:06,000 --> 06:32:08,300
So if you actually
want to use this
9895
06:32:08,300 --> 06:32:10,800
so you have to use
the use keyword.
9896
06:32:10,800 --> 06:32:15,000
So we go you Who's
and control shift V?
9897
06:32:16,000 --> 06:32:19,600
So as you guys can see
it's denoted in red out here
9898
06:32:19,600 --> 06:32:23,498
that we are indeed and exploit
that we want to use.
9899
06:32:24,000 --> 06:32:24,800
Now.
9900
06:32:24,800 --> 06:32:26,700
The first thing you want to do
9901
06:32:26,700 --> 06:32:29,300
when you're using
an exploit is you want
9902
06:32:29,300 --> 06:32:31,800
to go and say show options.
9903
06:32:32,900 --> 06:32:36,182
Now as you guys can see
these are the options
9904
06:32:36,182 --> 06:32:39,300
that we actually need to set
before using the exploit.
9905
06:32:39,300 --> 06:32:43,296
Now the options can be necessary
or they can be optional
9906
06:32:43,296 --> 06:32:46,000
like so there's
a password field out here,
9907
06:32:46,000 --> 06:32:47,571
which is not really necessary,
9908
06:32:47,571 --> 06:32:49,002
but will help your exploit
9909
06:32:49,002 --> 06:32:52,100
if you actually provide it
but you need to provide
9910
06:32:52,100 --> 06:32:52,901
the our hosts
9911
06:32:52,901 --> 06:32:55,808
which is the targeting
host machine and the port
9912
06:32:55,808 --> 06:32:58,900
and the threads is already
set now suppose you want
9913
06:32:58,900 --> 06:33:00,843
to set the our hosts
9914
06:33:00,843 --> 06:33:02,612
so you can just go set.
9915
06:33:02,838 --> 06:33:06,300
Host and you can set it
to whatever IP address
9916
06:33:06,300 --> 06:33:13,569
you want like suppose you want
to address 192.168.1.1 56 some
9917
06:33:13,569 --> 06:33:14,876
of that sandwich.
9918
06:33:14,876 --> 06:33:16,722
I will set the our hosts.
9919
06:33:16,722 --> 06:33:21,300
You can also set the number of
threads now threads are actually
9920
06:33:21,300 --> 06:33:23,669
what the threads mean
and parallel processing
9921
06:33:23,669 --> 06:33:26,841
that mean how many parallel
threads you're gonna run
9922
06:33:26,841 --> 06:33:28,900
so that you have
faster computation.
9923
06:33:28,900 --> 06:33:30,980
So this means new need GPU power
9924
06:33:30,980 --> 06:33:34,100
if you have multiple threads
running So let's set
9925
06:33:34,100 --> 06:33:35,404
threads 234 now
9926
06:33:35,800 --> 06:33:38,000
so we've set the threads 30
9927
06:33:38,200 --> 06:33:41,600
and then you can go
show options again and see
9928
06:33:41,600 --> 06:33:44,900
that you have indeed
actually set your options.
9929
06:33:44,900 --> 06:33:49,400
So we've set the threats to 30
and our host has also been set.
9930
06:33:49,500 --> 06:33:53,545
So that was all about how you
can get into a module know
9931
06:33:53,545 --> 06:33:56,225
get some information
about a module and
9932
06:33:56,225 --> 06:33:58,200
how can also use them or you
9933
06:33:58,200 --> 06:34:00,381
so once you're done
using the module
9934
06:34:00,381 --> 06:34:03,000
or once you're done
setting up the options,
9935
06:34:03,300 --> 06:34:08,300
You can go ahead and run
the command run or even exploit
9936
06:34:08,500 --> 06:34:12,000
and this will start actually
running exploit on the system
9937
06:34:12,000 --> 06:34:16,199
that we want to now of put
in a very arbitrary IP address.
9938
06:34:16,199 --> 06:34:19,100
So and that not have
MySQL Port running
9939
06:34:19,100 --> 06:34:20,900
so our exploit feel now
9940
06:34:20,900 --> 06:34:23,100
once you have desiderio exploit
9941
06:34:23,100 --> 06:34:26,000
and you want to go
back to the main msf.
9942
06:34:26,000 --> 06:34:28,800
Unix shell just go
ahead and type back.
9943
06:34:28,800 --> 06:34:30,400
It's as simple as that so
9944
06:34:30,400 --> 06:34:32,800
that brings us back
to the msf command line.
9945
06:34:32,800 --> 06:34:35,100
I'm so let's go ahead
and clear our screen now.
9946
06:34:36,200 --> 06:34:39,738
Okay, so it's time
to do something interesting.
9947
06:34:40,300 --> 06:34:41,500
So to do that.
9948
06:34:41,500 --> 06:34:42,431
First of all,
9949
06:34:42,431 --> 06:34:43,729
we need to go ahead
9950
06:34:43,729 --> 06:34:46,600
and actually download
Metasploit able to so
9951
06:34:46,600 --> 06:34:50,164
download Metasploit able to do
you have to go on this link.
9952
06:34:50,164 --> 06:34:52,500
I'll leave the link
in the description.
9953
06:34:52,800 --> 06:34:55,900
So or rather you can just
go on your browser
9954
06:34:55,900 --> 06:35:00,100
and type in Metasploit able
to download so met exploitable
9955
06:35:00,100 --> 06:35:04,800
as we had earlier discussed
is a Linux based distribution
9956
06:35:04,800 --> 06:35:06,500
and It's mostly meant
9957
06:35:06,500 --> 06:35:09,100
for actually practicing
your pen testing skills.
9958
06:35:09,100 --> 06:35:11,700
So basically it has a bunch
of ports open on it.
9959
06:35:11,700 --> 06:35:13,570
So it's basically
just for your he's
9960
06:35:13,570 --> 06:35:15,082
so that you don't go ahead
9961
06:35:15,082 --> 06:35:17,300
and test it out
on some valid website
9962
06:35:17,300 --> 06:35:18,791
and then get thrown into jail
9963
06:35:18,791 --> 06:35:20,900
because that's a very
illegal thing to do.
9964
06:35:20,900 --> 06:35:24,600
So go ahead and download
Metasploit able to and then
9965
06:35:24,600 --> 06:35:30,100
also download Oracle virtualbox
machine Oracle virtualbox.
9966
06:35:30,300 --> 06:35:32,600
So you all can
also easily download
9967
06:35:32,600 --> 06:35:35,580
that from www.virtualbox.org.
9968
06:35:35,610 --> 06:35:36,500
And this is
9969
06:35:36,500 --> 06:35:39,400
because you should never run mad
exploitable to on a system
9970
06:35:39,400 --> 06:35:40,933
that is connected to a network.
9971
06:35:40,933 --> 06:35:43,179
You should always use it
on a virtual machine
9972
06:35:43,179 --> 06:35:45,071
because it's Protected
Their Faith so
9973
06:35:45,071 --> 06:35:46,700
that nobody else can access it.
9974
06:35:46,700 --> 06:35:49,100
So to actually set
up Metasploit table.
9975
06:35:49,100 --> 06:35:51,790
Once you've downloaded
it you go ahead
9976
06:35:51,790 --> 06:35:53,900
and open up your virtual box.
9977
06:35:54,200 --> 06:35:57,700
So out here you have
to go into Global tools
9978
06:35:57,800 --> 06:36:01,700
and you create a host only
network manager now already
9979
06:36:01,700 --> 06:36:05,200
created a host only network
manager and then you go ahead
9980
06:36:05,200 --> 06:36:08,600
and enable the DHCP server
by pressing this out here
9981
06:36:08,600 --> 06:36:10,800
like enable then you go back
9982
06:36:10,800 --> 06:36:13,500
and you just go new you give it
9983
06:36:13,500 --> 06:36:15,500
a name like whatever
you want to name it.
9984
06:36:15,500 --> 06:36:17,600
I have already named
mine Metasploit with to
9985
06:36:17,600 --> 06:36:18,776
as you guys can see.
9986
06:36:18,776 --> 06:36:20,400
So we're going to call this demo
9987
06:36:20,400 --> 06:36:24,400
for just demonstration purposes
choose a type to be Linux
9988
06:36:24,400 --> 06:36:28,800
and it someone to 64-bit click
next give it a gig of RAM
9989
06:36:28,800 --> 06:36:32,400
and you are going to use
an existing virtual hard disk
9990
06:36:32,400 --> 06:36:35,000
so out here you just click
on this button out here
9991
06:36:35,000 --> 06:36:36,150
and Browse to the place
9992
06:36:36,150 --> 06:36:37,619
where you actually downloaded
9993
06:36:37,619 --> 06:36:40,000
and unzipped your Metasploit
will download file.
9994
06:36:40,000 --> 06:36:42,824
Then you get this virtual
machine disk file,
9995
06:36:42,824 --> 06:36:44,257
which is with vmdk file
9996
06:36:44,257 --> 06:36:46,500
and you just go ahead
and load it up.
9997
06:36:46,500 --> 06:36:47,600
So I'm not going to do
9998
06:36:47,600 --> 06:36:49,800
that again because that's just
going to eat up my Ram
9999
06:36:49,800 --> 06:36:51,750
and I've already
installed it up to you.
10000
06:36:51,750 --> 06:36:53,474
So that was all
about the installation
10001
06:36:53,474 --> 06:36:54,500
and the configuration.
10002
06:36:54,500 --> 06:36:57,300
So now let's get started
and let's start playing
10003
06:36:57,300 --> 06:36:58,652
around with Metasploit.
10004
06:36:58,652 --> 06:37:00,500
So once you're done downloading
10005
06:37:00,500 --> 06:37:03,711
and installing Metasploit table
on your computer,
10006
06:37:03,711 --> 06:37:06,817
all you have to do is
Is go ahead and start it up
10007
06:37:06,817 --> 06:37:10,000
in your virtual box machine
and the login ID
10008
06:37:10,000 --> 06:37:11,800
and the password both are msf.
10009
06:37:11,800 --> 06:37:12,300
Admin.
10010
06:37:12,700 --> 06:37:13,500
So first of all,
10011
06:37:13,500 --> 06:37:17,510
we need the IP address
of our Metasploit double server.
10012
06:37:17,510 --> 06:37:21,800
So we go ifconfig
and this gives us the address.
10013
06:37:21,802 --> 06:37:26,500
So as you can see out here
are addresses 192.168.1.2 6.
10014
06:37:26,500 --> 06:37:27,500
101.
10015
06:37:27,700 --> 06:37:30,600
So once you've go ahead
and started a Metasploit herbal,
10016
06:37:30,600 --> 06:37:33,879
it's time that we go ahead and
exploit all the vulnerabilities
10017
06:37:33,879 --> 06:37:35,600
that is presented to us by meds.
10018
06:37:35,600 --> 06:37:37,100
Able to so do that.
10019
06:37:37,100 --> 06:37:40,100
Let's head back
to our Linux terminal again.
10020
06:37:40,700 --> 06:37:46,280
So once we have the IP address
that was 192.168.0 6.11
10021
06:37:46,300 --> 06:37:47,600
if I am correct,
10022
06:37:47,900 --> 06:37:49,115
so let's go
10023
06:37:49,115 --> 06:37:53,269
and quickly get a little bit
of information about that.
10024
06:37:53,300 --> 06:38:00,600
So who is 192.168.1.1
6.1 o 1 so this will give us
10025
06:38:00,700 --> 06:38:03,974
who is on Metasploit able to
and will give us a bunch
10026
06:38:03,974 --> 06:38:06,903
of information as to To
how the server is set up
10027
06:38:06,903 --> 06:38:07,900
where is set up?
10028
06:38:07,900 --> 06:38:10,700
The ports are open
and various other things.
10029
06:38:10,900 --> 06:38:13,800
So as you guys can see
this gave us a complete
10030
06:38:13,800 --> 06:38:16,301
who is so to get
some more information
10031
06:38:16,301 --> 06:38:17,600
about our Metasploit.
10032
06:38:17,600 --> 06:38:18,400
Double Servo.
10033
06:38:18,400 --> 06:38:20,136
We're going to be using nmap.
10034
06:38:20,136 --> 06:38:20,372
Now.
10035
06:38:20,372 --> 06:38:23,425
If you guys don't know about
how to use nmap you can go out
10036
06:38:23,425 --> 06:38:25,900
and check my other video
on the playlist of made
10037
06:38:25,900 --> 06:38:27,700
a pretty good and map tutorial.
10038
06:38:28,000 --> 06:38:30,400
So we go and map -
10039
06:38:30,400 --> 06:38:35,300
F - s and V which is
steel version and we give it.
10040
06:38:35,600 --> 06:38:41,400
the name or the domain name
server and 2.16 856 R11
10041
06:38:42,500 --> 06:38:46,000
So we've got a juicy result
out here and we can see
10042
06:38:46,000 --> 06:38:48,400
that there's a bunch
of stuff open.
10043
06:38:48,500 --> 06:38:52,192
So as you guys can see
there's the FTP poor open,
10044
06:38:52,192 --> 06:38:55,800
which has a version
of vsf tpd 2.3.4.
10045
06:38:55,900 --> 06:39:00,200
There's also openssh,
which is for .7 P1 DPN.
10046
06:39:00,300 --> 06:39:03,429
There's also tell languages
almost miserable to have talent
10047
06:39:03,429 --> 06:39:04,900
running on your computer.
10048
06:39:05,000 --> 06:39:06,400
Then there's SMTP.
10049
06:39:06,500 --> 06:39:09,200
There's HTTP and there's
a bunch of ports open
10050
06:39:09,200 --> 06:39:11,400
as you guys can just
see on your screen.
10051
06:39:11,600 --> 06:39:14,836
So it's We actually used
Metasploit like a pen tester
10052
06:39:14,836 --> 06:39:17,700
to go ahead and test
out these vulnerabilities.
10053
06:39:17,800 --> 06:39:20,400
So let's choose
these FTP things.
10054
06:39:20,600 --> 06:39:23,300
So we have this fdp out here.
10055
06:39:23,700 --> 06:39:25,800
So from the version number,
10056
06:39:25,800 --> 06:39:28,700
which is given to us by
the steel version flag
10057
06:39:28,700 --> 06:39:33,100
on and map we know
that it's using vsf tpd 2.3.4.
10058
06:39:33,300 --> 06:39:37,500
So we can easily search for
an exploit of the same version.
10059
06:39:37,500 --> 06:39:44,500
So as a pen tester you
would go search V SFTP D 2.3.4.
10060
06:39:45,200 --> 06:39:47,100
So this should give
us all the exploits
10061
06:39:47,100 --> 06:39:50,400
that are available for
this particular vulnerability.
10062
06:39:51,800 --> 06:39:54,400
So as you guys can see
after a long search
10063
06:39:54,400 --> 06:39:56,500
from the search vsf tpd,
10064
06:39:56,500 --> 06:39:58,000
we found a vulnerability
10065
06:39:58,000 --> 06:40:01,095
or an exploit that can take
advantage of the binary.
10066
06:40:01,095 --> 06:40:03,100
So it's time we
actually use this.
10067
06:40:03,100 --> 06:40:04,200
So first of all,
10068
06:40:04,200 --> 06:40:06,856
let's get some info
about this so info.
10069
06:40:06,856 --> 06:40:08,593
Let's copy down this thing
10070
06:40:08,593 --> 06:40:11,200
and then let's get
some info about this.
10071
06:40:11,200 --> 06:40:13,200
So as a small module description
10072
06:40:13,200 --> 06:40:15,500
says this module exploits
a malicious back door
10073
06:40:15,500 --> 06:40:18,600
that was added to be
SFTP D download archive.
10074
06:40:18,600 --> 06:40:20,600
This backdoor was introduced.
10075
06:40:20,602 --> 06:40:22,700
In the vsf tpd, 2.3.4,
10076
06:40:22,700 --> 06:40:26,400
tar.gz archive between June 30th
and voila voila.
10077
06:40:26,700 --> 06:40:30,200
So we have the options
of setting in our host.
10078
06:40:30,200 --> 06:40:34,200
It has an available targets
provided by these guys,
10079
06:40:34,200 --> 06:40:37,000
and it's a pretty good
exploit in my opinion.
10080
06:40:37,700 --> 06:40:39,600
So let's go ahead and use it.
10081
06:40:39,600 --> 06:40:43,200
So we go use
and love the exploit.
10082
06:40:43,684 --> 06:40:45,300
So it's visible to us
10083
06:40:45,300 --> 06:40:49,300
that again entered
exploit module which is eunuch /
10084
06:40:49,300 --> 06:40:52,400
FTP SFTP D 234 back door.
10085
06:40:52,500 --> 06:40:55,100
So what we're going to do is
we are going to actually
10086
06:40:55,100 --> 06:40:58,400
gain a backdoor access
to our met exploitable system.
10087
06:40:58,800 --> 06:41:00,800
So to actually make
this more believable.
10088
06:41:01,200 --> 06:41:05,700
So if you guys go into
your Metasploit herbal system,
10089
06:41:05,700 --> 06:41:06,817
so you guys can see
10090
06:41:06,817 --> 06:41:09,100
that That you are
in the root directory
10091
06:41:09,100 --> 06:41:11,100
so you can gain some root access
10092
06:41:11,100 --> 06:41:16,200
by going sudo Su
and going msf admin.
10093
06:41:16,600 --> 06:41:18,814
So we're now
root user in the msf.
10094
06:41:18,814 --> 06:41:21,700
Admin or rather
the Metasploit will console.
10095
06:41:21,700 --> 06:41:26,000
So if we go LS we can see
the various files and
10096
06:41:26,000 --> 06:41:28,500
if you go sleepy / home
10097
06:41:28,500 --> 06:41:32,400
when the home directory now and
if you do LS out here we can see
10098
06:41:32,400 --> 06:41:34,600
that there are a bunch of stuff.
10099
06:41:34,600 --> 06:41:36,300
So there's an FTP folder.
10100
06:41:36,300 --> 06:41:39,358
There's a hack Folder there's
a times of admin folder
10101
06:41:39,358 --> 06:41:41,024
and the service in this user.
10102
06:41:41,102 --> 06:41:42,396
So that's five folders
10103
06:41:42,396 --> 06:41:43,861
if you guys remember so now
10104
06:41:43,861 --> 06:41:46,137
what we're going to do is
we're going to gain
10105
06:41:46,137 --> 06:41:48,000
some back door access
into the system
10106
06:41:48,000 --> 06:41:50,050
and we're going to create
a bunch of folders
10107
06:41:50,050 --> 06:41:51,100
in the home directory.
10108
06:41:51,100 --> 06:41:52,900
So let's get on doing that.
10109
06:41:52,900 --> 06:41:56,900
So to do that we head back
to our marriage like terminal
10110
06:41:57,300 --> 06:41:59,200
and we go show options
10111
06:41:59,200 --> 06:42:02,200
as we had already
entered are exploited.
10112
06:42:02,200 --> 06:42:03,788
So go show options.
10113
06:42:04,200 --> 06:42:05,611
So as we see the options
10114
06:42:05,611 --> 06:42:08,542
that we have to provide is
the ER host and port number
10115
06:42:08,542 --> 06:42:10,700
now the port number
has already been set
10116
06:42:10,700 --> 06:42:11,700
because it's 21.
10117
06:42:11,700 --> 06:42:12,960
That's where FTB runs
10118
06:42:12,960 --> 06:42:16,200
or other TCP runs and we now
just have to set the host.
10119
06:42:16,200 --> 06:42:19,500
So to set the host we have
to just put it in the IP address
10120
06:42:19,500 --> 06:42:21,100
of our Metasploit herbal server.
10121
06:42:21,800 --> 06:42:24,700
So if I remember
correctly it set our hosts
10122
06:42:24,900 --> 06:42:28,800
to 192.168 / 56 Art 101.
10123
06:42:29,500 --> 06:42:32,700
So that has said are our hosts
so we can again check
10124
06:42:32,700 --> 06:42:36,100
that if we've done it correctly
by going show options.
10125
06:42:36,600 --> 06:42:39,200
And we indeed
have set our hosts.
10126
06:42:39,300 --> 06:42:39,579
Now.
10127
06:42:39,579 --> 06:42:42,100
All we have to do
is run the exploit.
10128
06:42:42,100 --> 06:42:44,000
So we go and hit run.
10129
06:42:44,800 --> 06:42:47,830
So as you guys can see
we have actually gained
10130
06:42:47,830 --> 06:42:50,500
a back door service
has found and handling
10131
06:42:50,500 --> 06:42:53,300
and the command shell session
has started now you
10132
06:42:53,300 --> 06:42:56,500
might be confused as to why
do I have this blinking line?
10133
06:42:56,500 --> 06:42:59,200
Well, this blinking
line actually means
10134
06:42:59,200 --> 06:43:02,700
that you are inside
the Metasploit herbal server.
10135
06:43:02,700 --> 06:43:05,470
That means we have already
gained the backdoor access
10136
06:43:05,470 --> 06:43:06,847
and is taking line denotes
10137
06:43:06,847 --> 06:43:09,600
that we are on the terminal
of Metasploit able to now
10138
06:43:09,600 --> 06:43:11,300
if you don't guys
don't believe me,
10139
06:43:11,300 --> 06:43:13,100
let's do some experimenting.
10140
06:43:13,200 --> 06:43:14,200
So as I had said,
10141
06:43:14,200 --> 06:43:17,785
I'll create a bunch of folders
in the home directory.
10142
06:43:17,785 --> 06:43:20,300
So let's change
the home directory first
10143
06:43:20,300 --> 06:43:21,310
or rather first.
10144
06:43:21,310 --> 06:43:23,900
You can also do a
who am I and instead you
10145
06:43:23,900 --> 06:43:28,500
that you're the root user
next you go and do CD / home
10146
06:43:28,800 --> 06:43:30,900
and I'll change
the home directory.
10147
06:43:30,900 --> 06:43:33,300
Now, let's make
a bunch of folders
10148
06:43:33,300 --> 06:43:35,300
like make directory.
10149
06:43:36,200 --> 06:43:39,400
This is a test.
10150
06:43:39,600 --> 06:43:41,700
So that should have
made a directory.
10151
06:43:42,292 --> 06:43:44,907
So let's go into
that directory CD.
10152
06:43:45,000 --> 06:43:47,900
This is a test.
10153
06:43:48,400 --> 06:43:51,092
So we're already
into the directory.
10154
06:43:51,092 --> 06:43:52,246
This is a test.
10155
06:43:52,255 --> 06:43:52,563
Now.
10156
06:43:52,563 --> 06:43:57,100
Let's make a file
called targets Dot txt.
10157
06:43:58,400 --> 06:44:00,100
So that creates 12.
10158
06:44:00,700 --> 06:44:01,951
So just to see
10159
06:44:01,951 --> 06:44:04,797
if you have actually
done it properly.
10160
06:44:04,800 --> 06:44:06,700
Let's go back
to our Metasploit herbal.
10161
06:44:06,700 --> 06:44:11,500
So Now in the home directory
you go and type in LS again.
10162
06:44:12,500 --> 06:44:13,200
Okay.
10163
06:44:13,200 --> 06:44:15,100
So let's type in LS and see so
10164
06:44:15,100 --> 06:44:17,725
as you guys can see
we have created.
10165
06:44:17,725 --> 06:44:19,000
This is a test folder
10166
06:44:19,000 --> 06:44:21,270
and it's already available
then so let's go
10167
06:44:21,270 --> 06:44:22,800
and move into that folder.
10168
06:44:22,800 --> 06:44:26,200
So this is a test and we
are already in that folder.
10169
06:44:26,200 --> 06:44:28,600
So I'm we are also
created a text file
10170
06:44:28,600 --> 06:44:30,200
which was called targets.
10171
06:44:30,300 --> 06:44:31,800
So that was LS
10172
06:44:31,900 --> 06:44:33,900
and it should give us
a Target start txt.
10173
06:44:34,000 --> 06:44:37,381
So as you guys just saw
we gained a backdoor access
10174
06:44:37,381 --> 06:44:40,358
into a remote system
through a vulnerability
10175
06:44:40,358 --> 06:44:42,682
that was available
to us on the FTP.
10176
06:44:42,682 --> 06:44:44,000
Port so we first did
10177
06:44:44,000 --> 06:44:46,812
that by scanning
the entire domain name server
10178
06:44:46,812 --> 06:44:48,500
of Metasploit table by nmap
10179
06:44:48,500 --> 06:44:51,617
and gaining some intelligence as
to what ports are running
10180
06:44:51,617 --> 06:44:53,530
and watch boats
are actually open
10181
06:44:53,530 --> 06:44:56,100
then we found out
that the FTP port is open.
10182
06:44:56,100 --> 06:44:59,400
Then we went on to Metasploit
and we found out exploit
10183
06:44:59,400 --> 06:45:02,265
that vulnerability very
successfully we found out
10184
06:45:02,265 --> 06:45:03,458
how to use the exploit
10185
06:45:03,458 --> 06:45:06,400
some information about
that exploit and in the end,
10186
06:45:06,400 --> 06:45:08,700
we actually executed at months
10187
06:45:08,700 --> 06:45:10,714
and we are already
in that folder.
10188
06:45:10,714 --> 06:45:12,973
So and we are also
created a Text file
10189
06:45:12,973 --> 06:45:14,500
which was called targets.
10190
06:45:14,500 --> 06:45:16,100
So that was LS
10191
06:45:16,100 --> 06:45:18,100
and it should give us
a Target start txt.
10192
06:45:18,300 --> 06:45:21,687
So as you guys just saw
we gained a backdoor access
10193
06:45:21,687 --> 06:45:24,600
into a remote system
through a vulnerability
10194
06:45:24,600 --> 06:45:27,500
that was available
to us on the FTP Port.
10195
06:45:27,500 --> 06:45:31,173
So we first did that by scanning
the entire domain name server
10196
06:45:31,173 --> 06:45:32,800
of Metasploit table by nmap
10197
06:45:32,800 --> 06:45:35,858
and gaining some intelligence as
to what ports are running
10198
06:45:35,858 --> 06:45:37,800
and what sports
are actually open.
10199
06:45:37,800 --> 06:45:40,300
Then we found out
that the FTP port is open.
10200
06:45:40,300 --> 06:45:43,658
Then we went on to Metasploit
and He found out exploit
10201
06:45:43,658 --> 06:45:46,700
that vulnerability very
successfully we found out
10202
06:45:46,700 --> 06:45:47,800
how to use the exploit
10203
06:45:47,800 --> 06:45:50,400
some information about
that exploit and in the end,
10204
06:45:50,400 --> 06:45:52,800
we actually executed at months.
10205
06:45:58,000 --> 06:45:59,500
Now you guys must be wondering
10206
06:45:59,500 --> 06:46:02,000
what exactly is and map
and why should I learn it?
10207
06:46:02,000 --> 06:46:03,883
Well and map is
a network scanner
10208
06:46:03,883 --> 06:46:07,059
that is widely used by
ethical hackers to scan networks
10209
06:46:07,059 --> 06:46:08,295
as the name suggests.
10210
06:46:08,295 --> 06:46:11,500
Now, you might wonder why
do I need a network scallop?
10211
06:46:11,500 --> 06:46:13,900
Well, Let me give
you an example.
10212
06:46:13,900 --> 06:46:15,714
So suppose you have a Wi-Fi
10213
06:46:15,714 --> 06:46:18,194
that has been set up
in your new house
10214
06:46:18,194 --> 06:46:19,237
and you realize
10215
06:46:19,237 --> 06:46:23,200
that your data is being actually
consumed at a faster rate
10216
06:46:23,200 --> 06:46:25,100
than you are using it.
10217
06:46:25,200 --> 06:46:25,700
Now.
10218
06:46:25,800 --> 06:46:26,900
You have suspected
10219
06:46:26,900 --> 06:46:29,500
that it's your pesky neighbor
who keeps on connecting
10220
06:46:29,500 --> 06:46:31,700
to your Wi-Fi and eating
up all your data.
10221
06:46:31,700 --> 06:46:34,000
So to actually confirm
all your doubts.
10222
06:46:34,000 --> 06:46:36,200
What you want to do
is a network scan
10223
06:46:36,200 --> 06:46:39,100
and nmap is a pretty
wonderful tool to do
10224
06:46:39,100 --> 06:46:42,300
that now nmap runs on Linux.
10225
06:46:42,500 --> 06:46:43,900
Mac OS and windows
10226
06:46:43,900 --> 06:46:47,071
and I'm mostly going
to be running this on Linux
10227
06:46:47,071 --> 06:46:50,715
because that's what I do most
of my penetration testing
10228
06:46:50,715 --> 06:46:52,200
and network testing on
10229
06:46:52,269 --> 06:46:54,461
so let's go ahead and get on
10230
06:46:54,461 --> 06:46:58,000
with the installation
of nmap on your computer.
10231
06:46:58,000 --> 06:47:02,000
So what you do is go
apt-get install and map now
10232
06:47:02,000 --> 06:47:05,100
for this you have
to be logged in as root.
10233
06:47:05,100 --> 06:47:07,400
If you're not logged in
as root just add pseudo
10234
06:47:07,400 --> 06:47:10,200
before this whole command
and it will install it now.
10235
06:47:10,200 --> 06:47:12,400
I already have nmap
installed so Um,
10236
06:47:12,400 --> 06:47:14,800
not really going to install
it again and again,
10237
06:47:14,900 --> 06:47:20,700
so let's just go ahead and just
do a few scans on our website
10238
06:47:20,700 --> 06:47:22,623
that is www.eddecosta.com
10239
06:47:22,623 --> 06:47:26,800
and we are going to see
what we get back as results.
10240
06:47:26,800 --> 06:47:28,900
So first of all,
let me just show you
10241
06:47:28,900 --> 06:47:32,100
how you can scan a certain
domain name servers or DNS.
10242
06:47:32,100 --> 06:47:35,200
So at map we are going to use
a flag all the time now,
10243
06:47:35,200 --> 06:47:37,200
let me just tell
you what our flag.
10244
06:47:37,200 --> 06:47:39,246
So if you just go
to nmap and type - -
10245
06:47:39,246 --> 06:47:41,900
help this will give you
all the flags and options
10246
06:47:41,900 --> 06:47:45,100
that are available
to Actually use on any map.
10247
06:47:45,100 --> 06:47:48,647
So if you are actually stuck
and you can't remember stuff,
10248
06:47:48,647 --> 06:47:50,444
let's go in and type and Mom -
10249
06:47:50,444 --> 06:47:53,800
help and it will give you all
the stuff now Network scans
10250
06:47:53,800 --> 06:47:55,314
generally take a long time.
10251
06:47:55,314 --> 06:47:58,400
So I'm going to be using
the fast mode most of the time.
10252
06:47:58,400 --> 06:47:59,400
So for fast mode,
10253
06:47:59,400 --> 06:48:02,731
all you have to do is type
in any record dot go and sit
10254
06:48:02,731 --> 06:48:05,021
and wait for this
can't get over now
10255
06:48:05,021 --> 06:48:06,200
when the scan gets
10256
06:48:06,200 --> 06:48:10,600
over you will see a bunch of
information and let me just wait
10257
06:48:10,600 --> 06:48:12,083
till that information pops up
10258
06:48:12,083 --> 06:48:14,800
and then we will talk
about the information together.
10259
06:48:14,800 --> 06:48:15,124
Okay.
10260
06:48:15,124 --> 06:48:18,500
So as you guys can see
our scan has been completed
10261
06:48:18,500 --> 06:48:21,700
it took 13 .71 seconds
to actually do the scan.
10262
06:48:21,700 --> 06:48:25,200
Now as you guys can see it shows
us the port's the states
10263
06:48:25,200 --> 06:48:28,800
and the services now the porch
is basically the port number
10264
06:48:28,800 --> 06:48:29,867
which are service
10265
06:48:29,867 --> 06:48:33,135
that is also bind it
to is working on so we can see
10266
06:48:33,135 --> 06:48:34,900
that SSH service is working
10267
06:48:34,900 --> 06:48:38,200
on port number
22 SMTP on 25 actually
10268
06:48:38,200 --> 06:48:42,300
Beyond 80 our PC by 911 and Sgt.
10269
06:48:42,500 --> 06:48:44,900
BS on 443 so that is
10270
06:48:44,900 --> 06:48:48,255
how you can use nmap
to scan a certain website.
10271
06:48:48,255 --> 06:48:51,100
Now if you see and map
has also given us
10272
06:48:51,100 --> 06:48:53,000
the public IP of the DNS
10273
06:48:53,000 --> 06:48:56,100
because what nmap does
is it looks at the DNS
10274
06:48:56,100 --> 06:48:58,204
and then translate it to an IP
10275
06:48:58,204 --> 06:49:00,800
that is recognized
to that DNS server.
10276
06:49:00,800 --> 06:49:01,600
So nmap.
10277
06:49:01,600 --> 06:49:03,500
Also Returns the public IP.
10278
06:49:03,500 --> 06:49:06,600
So what we can do
also is and map -
10279
06:49:06,600 --> 06:49:12,300
F and 34.2 10.2 30 and Dot.
10280
06:49:12,400 --> 06:49:13,400
35.
10281
06:49:13,900 --> 06:49:14,219
Okay.
10282
06:49:14,219 --> 06:49:15,615
So as you guys can see
10283
06:49:15,615 --> 06:49:19,200
that our command also works
when we put in the IP address
10284
06:49:19,200 --> 06:49:21,400
and it produces
the same results.
10285
06:49:21,400 --> 06:49:24,700
Now we can also scan
10286
06:49:24,700 --> 06:49:28,800
for multiple hosts now
suppose you are on a network
10287
06:49:28,800 --> 06:49:30,754
and you want to scan
for multiple hosts now.
10288
06:49:30,754 --> 06:49:33,300
You don't really want to run
different commands for that.
10289
06:49:33,300 --> 06:49:36,700
Now what you can do is just go
in and type and map and a bunch
10290
06:49:36,700 --> 06:49:48,290
of IP addresses like 192.168.1.1
and Or 1.2 and 192.168.1.3
10291
06:49:48,320 --> 06:49:51,800
and what this will do is it
will draw the net Maps scan
10292
06:49:51,800 --> 06:49:53,600
on these three
different IP addresses
10293
06:49:53,600 --> 06:49:57,100
and you did this
in just one command.
10294
06:49:57,100 --> 06:49:59,700
So that's a way
that you can do this.
10295
06:49:59,700 --> 06:50:00,500
Now.
10296
06:50:00,500 --> 06:50:01,852
You can also know about
10297
06:50:01,852 --> 06:50:05,000
how much of your scan is left
by just pressing the up button
10298
06:50:05,000 --> 06:50:06,290
so that will tell you
10299
06:50:06,290 --> 06:50:10,100
and give you a constant update
on how your scan is going like -
10300
06:50:10,100 --> 06:50:13,300
32.4% Dot and 4.7 now
10301
06:50:13,300 --> 06:50:16,000
and also show you kind
of the time remaining.
10302
06:50:16,200 --> 06:50:16,559
Okay.
10303
06:50:16,559 --> 06:50:19,000
So till this port
scan is going on.
10304
06:50:19,000 --> 06:50:21,300
Let me just tell you
about the states now States
10305
06:50:21,300 --> 06:50:24,300
can be of two types
open closed and unavailable.
10306
06:50:24,300 --> 06:50:27,050
Sometimes you will see that
it is unavailable and that's
10307
06:50:27,050 --> 06:50:29,700
because some sort of 5
all or something is running out
10308
06:50:29,700 --> 06:50:32,700
there states can also be closed
in that case mostly
10309
06:50:32,700 --> 06:50:34,600
and math will not return
you any result
10310
06:50:34,600 --> 06:50:38,627
unless you're explicitly finding
something of the closed state.
10311
06:50:38,627 --> 06:50:42,200
So that was a little trivia
on States and how they work.
10312
06:50:42,219 --> 06:50:44,312
How much are Scott has done
10313
06:50:44,312 --> 06:50:48,389
so a scout is dot 81% takes
around another 20 seconds.
10314
06:50:48,400 --> 06:50:49,800
It should be done soon.
10315
06:50:49,800 --> 06:50:50,400
Now.
10316
06:50:50,400 --> 06:50:54,815
This scan could be significantly
made faster with just EF tag,
10317
06:50:54,815 --> 06:50:58,000
but I really want to give
you all a good look
10318
06:50:58,000 --> 06:50:59,538
into how this works.
10319
06:50:59,538 --> 06:51:02,000
97 98 99.
10320
06:51:02,515 --> 06:51:02,900
Okay.
10321
06:51:02,900 --> 06:51:05,794
So as you guys can see
this is our result.
10322
06:51:05,794 --> 06:51:08,900
It gives us a bunch
of ports and services now
10323
06:51:08,900 --> 06:51:11,517
as I just said this thing
can be also closed
10324
06:51:11,517 --> 06:51:13,100
and also unable Available.
10325
06:51:13,100 --> 06:51:16,200
So open and closed
we see both the examples.
10326
06:51:16,200 --> 06:51:19,700
Okay, so that was about
how you can scan multiple ports.
10327
06:51:19,700 --> 06:51:23,159
So you can also scan multiple
boards with this command
10328
06:51:23,159 --> 06:51:24,400
as I will show you.
10329
06:51:24,400 --> 06:51:29,500
So what I do not one six eight
dot one dot one to Thirty.
10330
06:51:29,500 --> 06:51:32,800
Now what this will do
is basically scan everything
10331
06:51:32,800 --> 06:51:39,100
from 192.168.1.1 to 192.168.1.2
up to 30 like that.
10332
06:51:39,100 --> 06:51:42,600
So this is a very useful way
of actually scanning.
10333
06:51:42,600 --> 06:51:44,197
Tubal IP addresses.
10334
06:51:44,600 --> 06:51:47,000
Let me just show you
how that works.
10335
06:51:47,600 --> 06:51:49,600
Since we have used the a flag,
10336
06:51:49,600 --> 06:51:52,500
this is going to work
considerably faster now
10337
06:51:52,500 --> 06:51:54,400
as you guys can see out here.
10338
06:51:54,400 --> 06:51:57,880
This had taken around
a hundred nineteen seconds.
10339
06:51:57,880 --> 06:52:00,200
So that's round two minutes now.
10340
06:52:00,200 --> 06:52:02,900
This will take
a considerably less a time.
10341
06:52:02,900 --> 06:52:06,078
So, let's see this was done
in 29.91 seconds,
10342
06:52:06,078 --> 06:52:08,100
and we'd it 30 IP addresses.
10343
06:52:08,100 --> 06:52:09,900
So we see that -
10344
06:52:09,900 --> 06:52:13,900
F surely speed ins
the whole scanning process now,
10345
06:52:14,000 --> 06:52:17,100
you can also give nmap
a Target list now,
10346
06:52:17,100 --> 06:52:20,400
let me Could Target list
so targets D XD.
10347
06:52:20,400 --> 06:52:22,200
We just got it out for you.
10348
06:52:22,600 --> 06:52:24,160
So that's starting it now.
10349
06:52:24,160 --> 06:52:26,200
All I want to do
is edit this file.
10350
06:52:26,200 --> 06:52:28,600
So, let me just edit
that file and put
10351
06:52:28,600 --> 06:52:41,850
a 192.168.1.1 192.168.1.2
192.168.1.3 192.168.1.5
10352
06:52:41,900 --> 06:52:46,600
for 192.168.1.5 or 15.
10353
06:52:46,600 --> 06:52:47,300
Boom Rose.
10354
06:52:47,300 --> 06:52:49,753
Sit now, all we have
to do is save it.
10355
06:52:49,753 --> 06:52:53,200
So that saves it and control
X to actually access it.
10356
06:52:53,200 --> 06:52:56,900
Now, you can go ahead and view
what is a target set txt.
10357
06:52:56,900 --> 06:53:00,600
So as you guys can see this is
what isn't Target such cxt.
10358
06:53:00,600 --> 06:53:04,411
And now you can just pass it
to end map with the IL flag
10359
06:53:04,411 --> 06:53:07,798
and you could say that nmap
is going to actually
10360
06:53:07,798 --> 06:53:09,600
scan all the IP addresses
10361
06:53:09,600 --> 06:53:11,288
that are in this file.
10362
06:53:11,288 --> 06:53:12,900
So let that just run.
10363
06:53:12,900 --> 06:53:15,000
So this will take
a little bit of time
10364
06:53:15,000 --> 06:53:17,300
because it's five IP addresses
10365
06:53:17,300 --> 06:53:22,200
and it's really radical
the fast boat 83%
10366
06:53:22,200 --> 06:53:24,100
of our work is done.
10367
06:53:24,300 --> 06:53:25,000
Okay.
10368
06:53:25,000 --> 06:53:28,127
So as we see our scan
has been completed now,
10369
06:53:28,127 --> 06:53:30,900
what do you see out
here is scan results
10370
06:53:30,900 --> 06:53:36,300
for whatever we had provided
and targets dot txt list.
10371
06:53:36,600 --> 06:53:40,200
So that's how you can also
provide and map input file
10372
06:53:40,200 --> 06:53:43,400
and it will give you the results
for all the targets
10373
06:53:43,400 --> 06:53:45,400
that were specified in the file.
10374
06:53:45,400 --> 06:53:46,636
Now, let's go ahead
10375
06:53:46,636 --> 06:53:49,500
and talk about a little bit
on Port scanning.
10376
06:53:49,500 --> 06:53:53,300
So nmap is also A brilliant tool
for scouting boards.
10377
06:53:53,300 --> 06:53:55,100
And if you have
a server or web site,
10378
06:53:55,100 --> 06:53:58,600
you know that there are
65535 ports out there
10379
06:53:58,600 --> 06:54:04,661
or every silver and almost 99%
are unused so sometimes kind
10380
06:54:04,661 --> 06:54:07,200
of ports is really
at the society.
10381
06:54:07,200 --> 06:54:10,100
Now you can scan boards
by just using the pflag
10382
06:54:10,100 --> 06:54:14,198
and specifying the port number
and this is how you would do it.
10383
06:54:14,198 --> 06:54:17,200
And if you just specify
the IP address after that,
10384
06:54:17,200 --> 06:54:20,600
so I'm going to use
w-w-w dot Ed u-- record.
10385
06:54:20,900 --> 06:54:23,700
Go and what you can also do is
10386
06:54:23,700 --> 06:54:26,273
this will scan only
the port number 20,
10387
06:54:26,273 --> 06:54:29,349
but you can also scan
from port number 20 to 25.
10388
06:54:29,349 --> 06:54:32,100
You can also put in comas
and tell and lap.
10389
06:54:32,100 --> 06:54:34,000
You also want to scan all these
10390
06:54:34,000 --> 06:54:37,900
are the port 80 is HTTP
and 443 is HTTP,
10391
06:54:38,200 --> 06:54:40,003
so you can surely do that.
10392
06:54:40,003 --> 06:54:42,508
So let me just go
ahead and run this.
10393
06:54:42,508 --> 06:54:46,000
Okay, so that gives us
an information on the boards
10394
06:54:46,000 --> 06:54:48,730
that is there now
something about ports.
10395
06:54:48,730 --> 06:54:50,708
Also you suppose, you know.
10396
06:54:50,708 --> 06:54:53,200
You want to scan
for some HTTP Port
10397
06:54:53,200 --> 06:54:56,312
so you can just say and map
and with the -
10398
06:54:56,312 --> 06:54:57,698
be you can just say
10399
06:54:57,698 --> 06:55:01,200
that I want to scan
the HTTP board www dot Ed u--
10400
06:55:01,200 --> 06:55:04,678
red card dot go so that will
just go ahead and do that.
10401
06:55:04,678 --> 06:55:06,200
And as you guys can see
10402
06:55:06,200 --> 06:55:09,000
that give us a result
and you can also add
10403
06:55:09,000 --> 06:55:13,100
in stuff like MySQL FTP
and stuff like that.
10404
06:55:13,100 --> 06:55:15,900
So let me just see show you
10405
06:55:15,900 --> 06:55:18,900
how that rods okhttp
is done poor Sgt.
10406
06:55:18,900 --> 06:55:22,700
Okay, so as you can You
guys can see these artboards
10407
06:55:22,700 --> 06:55:26,414
that are running and it gave us
according to the day.
10408
06:55:26,414 --> 06:55:26,700
Now.
10409
06:55:26,700 --> 06:55:28,600
If you want to scan
all the ports,
10410
06:55:28,600 --> 06:55:30,482
you can use - P -
10411
06:55:30,482 --> 06:55:33,635
and the IP address
at www.deeptrekker.com.
10412
06:55:35,000 --> 06:55:36,800
Now this generate
takes a lot of time
10413
06:55:36,800 --> 06:55:38,900
because you're basically
doing 65,000 scan.
10414
06:55:38,900 --> 06:55:40,416
So I'm not really
going to do that.
10415
06:55:40,416 --> 06:55:41,709
I'm going to quit this out.
10416
06:55:41,709 --> 06:55:42,350
Another thing
10417
06:55:42,350 --> 06:55:45,000
that I want to show you all
that generally takes a lot
10418
06:55:45,000 --> 06:55:48,022
of time to actually
execute is called something
10419
06:55:48,022 --> 06:55:49,600
like an aggressive scam.
10420
06:55:49,600 --> 06:55:51,690
So as you guys can See out here.
10421
06:55:51,690 --> 06:55:54,500
I have done an aggressive
scan on Ed Eureka.
10422
06:55:54,600 --> 06:55:55,500
So do that.
10423
06:55:55,500 --> 06:55:58,800
All you have to do
is and map - A
10424
06:55:58,800 --> 06:56:01,100
and then you go
Eddie record dot go.
10425
06:56:01,100 --> 06:56:03,093
So let us see how much time
10426
06:56:03,093 --> 06:56:07,147
did this take to actually
execute this deck 459 seconds
10427
06:56:07,147 --> 06:56:09,098
that's long time for scan,
10428
06:56:09,098 --> 06:56:12,400
but it gives us a bunch
of other information.
10429
06:56:12,400 --> 06:56:14,991
For example, it gives
us the traceroute.
10430
06:56:14,991 --> 06:56:18,445
So what is the traceroute first
of all so traceroute
10431
06:56:18,445 --> 06:56:22,645
is the route taken by a packet
to to actually reach the clients
10432
06:56:22,645 --> 06:56:24,000
and the target cell.
10433
06:56:24,100 --> 06:56:28,300
So as you guys can see our back
it had 22 hops first went
10434
06:56:28,300 --> 06:56:30,400
to the first stop was
to the Gateway router
10435
06:56:30,400 --> 06:56:32,590
that is 192.168.1.1.
10436
06:56:32,900 --> 06:56:37,700
Then when to the Airtel lease
line then rent this IP address
10437
06:56:37,700 --> 06:56:40,400
that went to the pslv SNL dotnet
10438
06:56:40,446 --> 06:56:43,600
and it went to London
New York the Chicago
10439
06:56:43,600 --> 06:56:47,700
and the went all the way up to
wherever this thing has hosted
10440
06:56:47,700 --> 06:56:49,301
that was some information
10441
06:56:49,301 --> 06:56:51,800
and then there is
some other Information
10442
06:56:51,800 --> 06:56:54,100
given to us like the TCB open
10443
06:56:54,100 --> 06:56:58,100
TCB rap program version
sport type sport States
10444
06:56:58,100 --> 06:57:01,328
and all sorts of other
information is given about
10445
06:57:01,328 --> 06:57:02,786
in an aggressive scan
10446
06:57:02,786 --> 06:57:05,706
another scan that I
have previously also done
10447
06:57:05,706 --> 06:57:07,100
and kept for y'all is
10448
06:57:07,100 --> 06:57:10,900
because it takes a lot of time
and I have done something
10449
06:57:10,900 --> 06:57:13,825
called this service
version so and map -
10450
06:57:13,825 --> 06:57:18,100
s and V where V Capital will
give you the service version.
10451
06:57:18,100 --> 06:57:20,600
So it tries to actually
guess the word.
10452
06:57:20,600 --> 06:57:22,400
Asian of the service
that is running.
10453
06:57:22,400 --> 06:57:27,500
So for example on TCP Port it
tells us it is postfix SMTP D
10454
06:57:27,600 --> 06:57:28,700
or the Apache.
10455
06:57:28,700 --> 06:57:30,700
It's Apache HTTP D.
10456
06:57:30,900 --> 06:57:33,832
You can see all sorts
of versions that are here.
10457
06:57:33,832 --> 06:57:36,562
Another thing and map
is generally brilliant
10458
06:57:36,562 --> 06:57:38,797
is for guessing
the operating system
10459
06:57:38,797 --> 06:57:39,763
that is running.
10460
06:57:39,763 --> 06:57:42,300
Oh, I have already done
this can previously
10461
06:57:42,300 --> 06:57:44,700
because this takes
a humongous amount of time
10462
06:57:44,700 --> 06:57:47,700
that I don't really have and
that is three eighty six point
10463
06:57:47,700 --> 06:57:48,650
three four seconds
10464
06:57:48,650 --> 06:57:50,708
and this can together
basically took me.
10465
06:57:50,708 --> 06:57:51,500
In ten minutes,
10466
06:57:51,500 --> 06:57:53,500
and I don't really
have that kind of time
10467
06:57:53,500 --> 06:57:55,100
for explaining all this stuff.
10468
06:57:55,100 --> 06:57:58,428
So as you guys could see
out here the OS get is
10469
06:57:58,428 --> 06:58:00,600
kind of os detail is fortunate
10470
06:58:00,600 --> 06:58:03,781
for the gate it kind of
tries to guess the OS
10471
06:58:03,781 --> 06:58:05,300
upon the time to live
10472
06:58:05,300 --> 06:58:08,000
that is in the response
from the packets
10473
06:58:08,000 --> 06:58:09,000
that it sends.
10474
06:58:09,000 --> 06:58:11,600
So - SVP - oh and -
10475
06:58:11,600 --> 06:58:13,700
A are some really
cool stuff stuff
10476
06:58:13,700 --> 06:58:15,347
that you might want to know.
10477
06:58:15,347 --> 06:58:17,930
Another thing that you
can do is trace route
10478
06:58:17,930 --> 06:58:20,800
as I had just told y'all
and y'all can do Trace.
10479
06:58:20,800 --> 06:58:21,800
Trout separately.
10480
06:58:21,800 --> 06:58:22,900
So you go - -
10481
06:58:22,900 --> 06:58:26,700
traceroute and then you say
the name of any sort of website.
10482
06:58:26,700 --> 06:58:27,500
So suppose.
10483
06:58:27,500 --> 06:58:30,000
I want to know
how I reach netflix.com.
10484
06:58:30,000 --> 06:58:34,700
So I go netflix.com and this
will give me a trace route
10485
06:58:34,700 --> 06:58:39,400
that shows me how my packet
actually reaches the flicks.com.
10486
06:58:40,000 --> 06:58:40,400
Okay.
10487
06:58:40,400 --> 06:58:44,100
So this is basically
it was a direct one hop.
10488
06:58:44,200 --> 06:58:47,289
Okay, so that was surprising
all the other hand.
10489
06:58:47,289 --> 06:58:49,700
If I were to do this
on Eddie record dot
10490
06:58:49,700 --> 06:58:52,900
go it would take A bunch
of hops to actually reach
10491
06:58:52,900 --> 06:58:55,700
that it is by just
take some time to run.
10492
06:58:55,900 --> 06:58:58,100
Okay, so it's 94 percent down.
10493
06:58:58,100 --> 06:59:00,500
I'm just waiting
for it to get completed.
10494
06:59:00,600 --> 06:59:00,900
Okay.
10495
06:59:00,900 --> 06:59:03,958
So this gave us a hop and
as you guys can see we took
10496
06:59:03,958 --> 06:59:06,800
twenty two hops to actually
reach a direct cannot go
10497
06:59:06,800 --> 06:59:10,900
and it's the same process you go
through a bunch of IP addresses
10498
06:59:10,900 --> 06:59:13,000
and then you reach
this thing called you
10499
06:59:13,000 --> 06:59:15,900
as West do compute
that Amazon AWS.
10500
06:59:15,900 --> 06:59:17,200
Okay, so that was
10501
06:59:17,200 --> 06:59:20,500
about traceroute now just
to end this tutorial.
10502
06:59:20,500 --> 06:59:22,100
Let me just tell you guys
10503
06:59:22,100 --> 06:59:25,000
that you all can also save
a file to add map.
10504
06:59:25,000 --> 06:59:28,100
And that is basically save
all whatever you found
10505
06:59:28,100 --> 06:59:30,719
from a search into a file
and let me just show you
10506
06:59:30,719 --> 06:59:31,619
how to do that.
10507
06:59:31,619 --> 06:59:31,841
Now.
10508
06:59:31,841 --> 06:59:34,900
Sometimes when you are working
as a security analyst you
10509
06:59:34,900 --> 06:59:38,957
will have to perform Network
scans on a wide area network
10510
06:59:38,957 --> 06:59:39,900
that is huge.
10511
06:59:39,900 --> 06:59:43,362
It's basically huge
these cards take a lot of time
10512
06:59:43,362 --> 06:59:46,628
and you don't really have
the space or your command line
10513
06:59:46,628 --> 06:59:47,694
to actually store
10514
06:59:47,694 --> 06:59:49,700
that and see that in the parade.
10515
06:59:49,700 --> 06:59:50,800
That is feasible.
10516
06:59:50,800 --> 06:59:51,800
Little for analysis.
10517
06:59:51,800 --> 06:59:55,300
So what do you want to do
is actually save it in a file.
10518
06:59:55,300 --> 06:59:57,400
So what you can do
is say Ed map.
10519
06:59:57,400 --> 06:59:59,100
Oh n and then you
10520
06:59:59,100 --> 07:00:04,000
can see the other file we
could say results Dot txt,
10521
07:00:04,200 --> 07:00:07,400
and we could save this in file.
10522
07:00:07,400 --> 07:00:11,000
So w-w-w dot Ed u--
Rekha dot go.
10523
07:00:11,200 --> 07:00:13,400
So whatever search result
10524
07:00:13,400 --> 07:00:16,700
is going to be generated
is going to be stored
10525
07:00:16,700 --> 07:00:18,943
in this file called
results dot txt.
10526
07:00:18,943 --> 07:00:19,209
Now.
10527
07:00:19,209 --> 07:00:20,874
This file need not exist.
10528
07:00:20,874 --> 07:00:24,332
List from before it will just
be created by and map
10529
07:00:24,332 --> 07:00:26,200
and now you see if I do LS.
10530
07:00:26,200 --> 07:00:28,800
We have a Target
or a results dot txt.
10531
07:00:28,800 --> 07:00:30,700
Now if I just cut out that file,
10532
07:00:30,700 --> 07:00:33,400
let me just less it
actually results Dot txt.
10533
07:00:33,400 --> 07:00:36,204
And what you see out here
is an nmap scan result
10534
07:00:36,204 --> 07:00:37,100
that is stored.
10535
07:00:37,400 --> 07:00:40,800
Another thing that I would like
to show you all before I end
10536
07:00:40,800 --> 07:00:43,188
this at map tutorial
is a verbose mode.
10537
07:00:43,188 --> 07:00:45,200
So for verbose mode is basically
10538
07:00:45,200 --> 07:00:47,173
when we were pressing
up arrows to see
10539
07:00:47,173 --> 07:00:48,762
how much of our scan is done.
10540
07:00:48,762 --> 07:00:50,900
You can basically do
that for postponed.
10541
07:00:50,900 --> 07:00:52,238
Take all - F + -
10542
07:00:52,238 --> 07:00:55,700
V for verbose and you
could say www dot Ed u--
10543
07:00:55,700 --> 07:00:59,100
record Dot and this
will basically give
10544
07:00:59,100 --> 07:01:02,700
you a verbose mode of
what is actually going on.
10545
07:01:02,700 --> 07:01:06,160
I'll tell you everything
and boom roasted there it's done
10546
07:01:06,160 --> 07:01:08,691
and we have finished
our and map tutorial
10547
07:01:08,691 --> 07:01:10,400
and now you see if I do LS.
10548
07:01:10,405 --> 07:01:13,200
We have a Target
or a results dot txt
10549
07:01:13,200 --> 07:01:14,950
if I just cut out that file.
10550
07:01:14,950 --> 07:01:17,700
Let me just less it
actually results Dot txt.
10551
07:01:17,700 --> 07:01:20,600
And what do you see out
here is an nmap scan result.
10552
07:01:20,600 --> 07:01:22,258
That is Stored a lot of thing
10553
07:01:22,258 --> 07:01:25,200
that I would like to show
you all before I end this
10554
07:01:25,200 --> 07:01:27,383
at map tutorial
is a verbose mode.
10555
07:01:27,383 --> 07:01:29,500
So for verbose mode is basically
10556
07:01:29,500 --> 07:01:31,473
when we were pressing
up arrows to see
10557
07:01:31,473 --> 07:01:33,062
how much of our scan is done.
10558
07:01:33,062 --> 07:01:35,200
You can basically do
that for postponed.
10559
07:01:35,200 --> 07:01:36,538
So you go - F + -
10560
07:01:36,538 --> 07:01:40,000
V for verbose and you
could say www dot Ed u--
10561
07:01:40,000 --> 07:01:43,300
record Dot and this
will basically give
10562
07:01:43,300 --> 07:01:46,900
you a verbose mode of
what is actually going on.
10563
07:01:46,900 --> 07:01:50,500
I'll tell you everything
and boom roasted there it's done
10564
07:01:50,500 --> 07:01:53,200
and We have finished
our and map tutorial.
10565
07:01:58,100 --> 07:01:59,000
So first of all,
10566
07:01:59,000 --> 07:02:00,800
what exactly is
cross-site scripting?
10567
07:02:01,300 --> 07:02:03,028
Well cross-site scripting
10568
07:02:03,028 --> 07:02:05,943
refers to client-side
code injection attacks
10569
07:02:05,943 --> 07:02:07,300
where in an attacker
10570
07:02:07,300 --> 07:02:10,700
can execute a malicious script
also commonly referred
10571
07:02:10,700 --> 07:02:14,000
to as a malicious payload
into a legitimate website
10572
07:02:14,000 --> 07:02:17,700
or web application now xss is
amongst the most rampant
10573
07:02:17,700 --> 07:02:20,288
of web application
vulnerabilities and occurs
10574
07:02:20,288 --> 07:02:23,000
when of Web application
makes use of something
10575
07:02:23,000 --> 07:02:24,300
like a nun validated
10576
07:02:24,300 --> 07:02:26,900
or unencoded user input
within the output
10577
07:02:26,900 --> 07:02:30,100
that it generates Now
by leveraging xss
10578
07:02:30,100 --> 07:02:34,000
and attacker does not Target
a victim directly instead
10579
07:02:34,000 --> 07:02:37,700
an attacker would be exploiting
a vulnerability within a website
10580
07:02:37,700 --> 07:02:39,611
or something like
a web application
10581
07:02:39,611 --> 07:02:41,200
that the victim would visit
10582
07:02:41,200 --> 07:02:43,566
and essentially using
the vulnerable website
10583
07:02:43,566 --> 07:02:46,043
or the web application
as a vehicle to deliver
10584
07:02:46,043 --> 07:02:48,300
a malicious script
to the victims browser.
10585
07:02:49,100 --> 07:02:52,000
Now while exercise
can be taken advantage
10586
07:02:52,000 --> 07:02:56,000
of within a virtual box script
ActiveX and Flash
10587
07:02:56,100 --> 07:02:59,473
unquestionably the most
widely abused is Javascript.
10588
07:02:59,473 --> 07:03:00,400
This is mostly
10589
07:03:00,400 --> 07:03:02,581
because JavaScript
is the fundamental
10590
07:03:02,581 --> 07:03:04,400
to any browsing experience all
10591
07:03:04,400 --> 07:03:07,600
the modern sides today have some
JavaScript framework running
10592
07:03:07,600 --> 07:03:11,600
in the background
now xss can be used
10593
07:03:11,600 --> 07:03:13,900
in a range of ways
to cause serious problems.
10594
07:03:14,100 --> 07:03:17,335
Well, the traditional is uses
of exercise is the ability
10595
07:03:17,335 --> 07:03:18,727
for an attacker to steal.
10596
07:03:18,727 --> 07:03:20,135
Session cookies allowing
10597
07:03:20,135 --> 07:03:22,900
an attacker to probably
impersonate a victim and
10598
07:03:22,900 --> 07:03:25,200
that Justin's and that
just doesn't stop there.
10599
07:03:25,600 --> 07:03:28,220
So exercise has been
used to wreak havoc
10600
07:03:28,220 --> 07:03:29,900
on social websites spread
10601
07:03:29,900 --> 07:03:32,800
malware website defa commence
and fish for credentials
10602
07:03:32,800 --> 07:03:34,334
and even used in conjunction
10603
07:03:34,334 --> 07:03:36,800
with some clever social
engineering techniques
10604
07:03:36,800 --> 07:03:39,200
to escalate to even
more damaging attacks.
10605
07:03:40,300 --> 07:03:42,854
Now cross site scripting
can be classified
10606
07:03:42,854 --> 07:03:44,600
into three major categories.
10607
07:03:44,600 --> 07:03:47,223
So the first is reflected
cross-site scripting.
10608
07:03:47,223 --> 07:03:50,400
The second is stored or
persistent cross-site scripting
10609
07:03:50,400 --> 07:03:52,889
and the third is dom-based
cross-site scripting so
10610
07:03:52,889 --> 07:03:55,654
out here Dom refers
to the document object model
10611
07:03:55,654 --> 07:03:58,000
that is used file
web application building.
10612
07:03:58,600 --> 07:04:01,400
So let's take a moment
to discuss the three types
10613
07:04:01,400 --> 07:04:02,900
of cross-site scripting.
10614
07:04:02,900 --> 07:04:05,815
So the first one we're going
to be discussing is reflected
10615
07:04:05,815 --> 07:04:07,015
cross-site scripting Now
10616
07:04:07,015 --> 07:04:09,450
by far the most common type
of cross-site scripting
10617
07:04:09,450 --> 07:04:10,400
that you'll become.
10618
07:04:10,400 --> 07:04:13,700
Because is probably reflected
cross-site scripting here.
10619
07:04:13,700 --> 07:04:14,900
The attackers payload
10620
07:04:14,900 --> 07:04:17,100
is a script and has
to be part of a request
10621
07:04:17,100 --> 07:04:20,500
which is sent to the web server
and reflected back in such a way
10622
07:04:20,500 --> 07:04:23,300
that the HTTP response
includes the payload
10623
07:04:23,300 --> 07:04:27,300
from the HTTP request Now
using a phishing email
10624
07:04:27,300 --> 07:04:30,488
and other social engineering
techniques the attacker layers
10625
07:04:30,488 --> 07:04:33,900
in the victim to inadvertently
make a request to the server
10626
07:04:33,900 --> 07:04:36,468
which contains the cross
site scripting payload,
10627
07:04:36,468 --> 07:04:38,600
and then he ends up
executing the script
10628
07:04:38,600 --> 07:04:41,800
that gets reflected and cute it
inside his own browser.
10629
07:04:42,300 --> 07:04:44,900
Now since reflected cross-site
scripting isn't really
10630
07:04:44,900 --> 07:04:45,900
a persistent kind
10631
07:04:45,900 --> 07:04:47,929
of attack the attacker
needs to deliver
10632
07:04:47,929 --> 07:04:49,363
this payload to each victim
10633
07:04:49,363 --> 07:04:50,600
that he wants to serve.
10634
07:04:50,600 --> 07:04:53,600
So a medium like a social
network is very conveniently
10635
07:04:53,600 --> 07:04:55,700
used for destination
of these attacks.
10636
07:04:55,800 --> 07:04:57,744
So now let's take
a step by step.
10637
07:04:57,744 --> 07:05:00,600
Look at how cross-site
scripting actually works.
10638
07:05:00,900 --> 07:05:03,800
So firstly the attacker
crafts a URL containing
10639
07:05:03,800 --> 07:05:06,500
a malicious string
and sends it to the victim.
10640
07:05:07,000 --> 07:05:09,300
Now the poor victim
is tricked by the attacker
10641
07:05:09,300 --> 07:05:11,500
into requesting the URL
from the website,
10642
07:05:11,500 --> 07:05:13,500
which is running
a I respond script
10643
07:05:13,600 --> 07:05:16,197
and then the website
includes the militia string
10644
07:05:16,197 --> 07:05:17,800
from the URL in the response.
10645
07:05:17,800 --> 07:05:20,287
And then in the end
the victims browser executes,
10646
07:05:20,287 --> 07:05:22,723
the malicious script
inside the response sending
10647
07:05:22,723 --> 07:05:24,900
the victims cookies to
the attacker silver.
10648
07:05:25,400 --> 07:05:26,200
Okay.
10649
07:05:26,200 --> 07:05:29,500
So at first reflected xss
might seem very harmless
10650
07:05:29,500 --> 07:05:32,600
because it requires a victim
himself to actually send
10651
07:05:32,600 --> 07:05:35,100
a request containing
a militia string now
10652
07:05:35,100 --> 07:05:37,900
since nobody would be
willingly attacking himself.
10653
07:05:37,900 --> 07:05:38,900
So there seems to be
10654
07:05:38,900 --> 07:05:41,700
no way of actually
performing the attack but
10655
07:05:41,700 --> 07:05:44,222
as it turns out there are
at least two common ways
10656
07:05:44,222 --> 07:05:45,200
of causing a victim
10657
07:05:45,200 --> 07:05:47,700
to launcher reflected
cross-eyed attack on himself.
10658
07:05:48,000 --> 07:05:49,197
So the first way is
10659
07:05:49,197 --> 07:05:51,907
if the user or targets
a specific individual
10660
07:05:51,907 --> 07:05:55,500
and the attacker can send
the malicious URL to the victim.
10661
07:05:55,500 --> 07:05:59,500
For example using email
or for example instant messaging
10662
07:05:59,500 --> 07:06:01,700
and then trick him
into visiting the site.
10663
07:06:02,000 --> 07:06:04,505
Secondly if the user
targets a large group
10664
07:06:04,505 --> 07:06:07,388
of people the attacker
then can publish the link
10665
07:06:07,388 --> 07:06:08,597
or the malicious URL
10666
07:06:08,597 --> 07:06:10,654
or his own website
or social media,
10667
07:06:10,654 --> 07:06:13,800
and then he'll just wait
for visitors to click on it.
10668
07:06:14,500 --> 07:06:16,493
So these two methods are similar
10669
07:06:16,493 --> 07:06:19,129
and both can be very
successful with the use
10670
07:06:19,129 --> 07:06:22,500
of a URL shortening service
like one provided by Google.
10671
07:06:22,500 --> 07:06:24,974
So this masks the militia
string from users
10672
07:06:24,974 --> 07:06:26,800
who might otherwise identifier.
10673
07:06:27,000 --> 07:06:27,263
Okay.
10674
07:06:27,263 --> 07:06:30,000
So that was all about
reflected cross-site scripting.
10675
07:06:30,000 --> 07:06:32,300
Let's move on to store
cross-site scripting now.
10676
07:06:33,400 --> 07:06:36,029
So the most damaging type
of cross-site scripting
10677
07:06:36,029 --> 07:06:38,553
that is there today
is persistent or stored
10678
07:06:38,553 --> 07:06:42,100
cross-site scripting installed
cross-site scripting attacks.
10679
07:06:42,100 --> 07:06:43,200
It attacks.
10680
07:06:43,200 --> 07:06:46,000
I'm sorry installed
cross-site scripting attacks.
10681
07:06:46,100 --> 07:06:49,100
The attacker is injecting
a script into the database
10682
07:06:49,100 --> 07:06:51,900
that is permanently stored
on the target application.
10683
07:06:52,000 --> 07:06:53,500
So a classic example
10684
07:06:53,500 --> 07:06:56,000
is a malicious script
inserted by an attacker
10685
07:06:56,000 --> 07:06:59,100
in the comment field or on
a blog or a forum post.
10686
07:06:59,200 --> 07:07:00,759
So when a victim navigates
10687
07:07:00,759 --> 07:07:03,100
to the affected webpage
now in a browser
10688
07:07:03,100 --> 07:07:05,590
The cross site scripting
payload will be served.
10689
07:07:05,590 --> 07:07:07,105
As a part of the web page just
10690
07:07:07,105 --> 07:07:09,162
like any legitimate
comment would be now.
10691
07:07:09,162 --> 07:07:11,906
This means that the victim
will be inadvertently ended
10692
07:07:11,906 --> 07:07:14,132
up ending up executing
the malicious script.
10693
07:07:14,132 --> 07:07:16,100
Once the page is viewed
in the browser.
10694
07:07:16,500 --> 07:07:18,200
Now, let's also take
a step by step.
10695
07:07:18,200 --> 07:07:21,300
Look at how cross-site scripting
in the stored version works.
10696
07:07:21,500 --> 07:07:24,500
So the attacker uses one
of the websites form to insert
10697
07:07:24,500 --> 07:07:27,500
a malicious string into
the websites database first.
10698
07:07:27,500 --> 07:07:30,468
Now the victim unknowingly
request the page
10699
07:07:30,468 --> 07:07:31,600
from the website
10700
07:07:31,600 --> 07:07:34,013
and then the website Glued
some malicious string
10701
07:07:34,013 --> 07:07:35,656
from the database
in the response
10702
07:07:35,656 --> 07:07:37,300
and then sends it to the victim.
10703
07:07:37,700 --> 07:07:40,300
Now the poor victim
will be actually executing
10704
07:07:40,300 --> 07:07:42,293
the malicious script
inside the response
10705
07:07:42,293 --> 07:07:44,900
and sending all the cookies
to the attackers server.
10706
07:07:45,100 --> 07:07:46,600
So that's basically
10707
07:07:46,600 --> 07:07:50,300
how stored or persistent
cross-site scripting works.
10708
07:07:50,300 --> 07:07:54,000
Now it's time for the last type
of cross-site scripting
10709
07:07:54,000 --> 07:07:57,500
which is document object model
based cross-site scripting.
10710
07:07:57,500 --> 07:08:00,632
So dom-based cross-site
scripting is an advanced type
10711
07:08:00,632 --> 07:08:02,500
of cross-site scripting attack.
10712
07:08:02,800 --> 07:08:04,500
So which is made possible
10713
07:08:04,500 --> 07:08:08,100
when the web applications
client-side script writer uses
10714
07:08:08,100 --> 07:08:10,600
provided data to
the document object model.
10715
07:08:11,200 --> 07:08:12,400
So basically it means
10716
07:08:12,400 --> 07:08:15,455
that data is subsequently read
from the document object model
10717
07:08:15,455 --> 07:08:18,256
by the web application
and output it to the browser.
10718
07:08:18,256 --> 07:08:20,756
So if the data is incorrectly
handled in this place
10719
07:08:20,756 --> 07:08:22,813
and attacker can very
well inject a payload,
10720
07:08:22,813 --> 07:08:25,700
which will be stored as a part
of the document object model
10721
07:08:25,700 --> 07:08:26,564
and then executed
10722
07:08:26,564 --> 07:08:28,600
when the data is read
back from the Dome.
10723
07:08:29,400 --> 07:08:31,800
No, let's see how
that actually happens.
10724
07:08:31,800 --> 07:08:34,152
So first attacker craft
the URL containing
10725
07:08:34,152 --> 07:08:36,900
a malicious string
and sends it to the victim.
10726
07:08:37,000 --> 07:08:39,368
Now this victim is again
tricked by the attacker
10727
07:08:39,368 --> 07:08:41,888
into actually requesting
the URL from the website.
10728
07:08:41,888 --> 07:08:43,302
This is like the primary step
10729
07:08:43,302 --> 07:08:45,400
in actually performing
cross-site scripting.
10730
07:08:45,600 --> 07:08:46,659
Now the third step is
10731
07:08:46,659 --> 07:08:49,509
that the website receives
the request but does not include
10732
07:08:49,509 --> 07:08:51,100
the militia string
in the response.
10733
07:08:51,100 --> 07:08:54,200
Here's the catch of
dom-based cross-site scripting.
10734
07:08:54,700 --> 07:08:57,500
So now the victims browser
executes the legitimate script
10735
07:08:57,500 --> 07:08:58,500
inside the response.
10736
07:08:58,600 --> 07:09:01,400
Causing the malicious script
to be inserted into the page
10737
07:09:01,400 --> 07:09:04,100
that is basically
into the inner HTML attributes
10738
07:09:04,300 --> 07:09:06,826
and the final step is then
the victims browser then
10739
07:09:06,826 --> 07:09:09,376
executes the malicious script
inserted into the page
10740
07:09:09,376 --> 07:09:10,493
and then just sends
10741
07:09:10,493 --> 07:09:12,900
the victim the cookies
to the attacker silver.
10742
07:09:13,700 --> 07:09:15,641
Now if you guys
must have realized
10743
07:09:15,641 --> 07:09:17,571
in the previous
examples of persistent
10744
07:09:17,571 --> 07:09:20,452
and reflected cross-site
scripting those server inserts,
10745
07:09:20,452 --> 07:09:22,249
the malicious script
into the page,
10746
07:09:22,249 --> 07:09:24,839
which is then sent as
a response to the victim now
10747
07:09:24,839 --> 07:09:27,800
when the victims browser
receives the response it assumes
10748
07:09:27,800 --> 07:09:29,800
that the malicious Ripped
is to be a part
10749
07:09:29,800 --> 07:09:31,428
of the pages legitimate content
10750
07:09:31,428 --> 07:09:34,211
and then automatically
executes it during page load as
10751
07:09:34,211 --> 07:09:38,100
with any other script would be
but in a Dom base attack,
10752
07:09:38,100 --> 07:09:41,200
there is no malicious script
insert it as a part of the page.
10753
07:09:41,200 --> 07:09:42,048
The only scripts
10754
07:09:42,048 --> 07:09:44,700
that are being actually
automatically automatically
10755
07:09:44,700 --> 07:09:48,000
executed during the page load is
legitimate part of the page.
10756
07:09:48,000 --> 07:09:49,600
So that's the scary part.
10757
07:09:49,600 --> 07:09:50,600
So the problem is
10758
07:09:50,600 --> 07:09:53,818
that this legitimate script
directly makes user input
10759
07:09:53,818 --> 07:09:55,800
in order to add
HTML to the page.
10760
07:09:55,800 --> 07:09:57,100
So the militia string
10761
07:09:57,100 --> 07:09:59,700
is inserted into the page
using Nice chairman,
10762
07:09:59,700 --> 07:10:01,084
so it's pastas sgml.
10763
07:10:01,084 --> 07:10:04,200
So mostly people
who are actually in servicing
10764
07:10:04,200 --> 07:10:07,700
or surveying any server for
cross-site scripting attacks.
10765
07:10:07,700 --> 07:10:10,200
They will not be actually
checking the client side.
10766
07:10:10,200 --> 07:10:13,000
So it's a very subtle difference
but it's very important.
10767
07:10:13,200 --> 07:10:15,700
So in traditional cross site
scripting the militias
10768
07:10:15,700 --> 07:10:17,400
JavaScript is actually executed
10769
07:10:17,400 --> 07:10:20,700
when the page is loaded as
a part of the HTML server
10770
07:10:20,700 --> 07:10:23,100
and in dom-based
cross-site scripting
10771
07:10:23,100 --> 07:10:26,400
the militias JavaScript
is executed at some point
10772
07:10:26,400 --> 07:10:28,300
after the page has
already been loaded.
10773
07:10:28,500 --> 07:10:31,100
Because the page is
legitimate JavaScript treating
10774
07:10:31,100 --> 07:10:33,800
user input is using it
in an unsafe way.
10775
07:10:34,000 --> 07:10:38,000
So now that we have actually
discussed all the three types
10776
07:10:38,000 --> 07:10:39,555
of cross-site scripting
10777
07:10:39,555 --> 07:10:42,600
that is varied that is
widely available today.
10778
07:10:42,700 --> 07:10:45,060
Now, let's see
what can actually happen
10779
07:10:45,060 --> 07:10:46,800
if cross-site scripting will
10780
07:10:46,800 --> 07:10:49,300
if you were actually a victim
of cross-site scripting,
10781
07:10:49,300 --> 07:10:49,800
I'm sorry.
10782
07:10:50,100 --> 07:10:51,337
So, let's see what can happen
10783
07:10:51,337 --> 07:10:53,600
if you actually were a victim
of cross-site scripting.
10784
07:10:54,100 --> 07:10:56,754
So the consequences of
what an attacker can do
10785
07:10:56,754 --> 07:10:58,931
with the ability
to execute JavaScript
10786
07:10:58,931 --> 07:11:01,800
on a webpage may not immediately
stand out to you guys,
10787
07:11:01,900 --> 07:11:03,100
but especially
10788
07:11:03,100 --> 07:11:05,900
since browsers like Java
like Chrome run JavaScript
10789
07:11:05,900 --> 07:11:08,400
in a very tightly controlled
environment these days
10790
07:11:08,400 --> 07:11:10,300
and JavaScript has
very limited access
10791
07:11:10,300 --> 07:11:12,500
to users operating systems
and user files.
10792
07:11:12,500 --> 07:11:14,100
But when considering
10793
07:11:14,100 --> 07:11:16,800
the JavaScript has the access
to the following
10794
07:11:16,800 --> 07:11:18,900
that we're going
to discuss we can only see
10795
07:11:18,900 --> 07:11:21,900
how creative JavaScript
attackers can get.
10796
07:11:22,300 --> 07:11:25,800
So firstly with malicious
JavaScript has access
10797
07:11:25,800 --> 07:11:27,300
to all the same objects
10798
07:11:27,300 --> 07:11:30,747
that the rest of the web page
has so this includes a thing
10799
07:11:30,747 --> 07:11:31,805
called cookies now
10800
07:11:31,805 --> 07:11:34,300
cookies are often used
to store session tokens.
10801
07:11:34,300 --> 07:11:36,994
And if an attacker can obtain
a user session cookie,
10802
07:11:36,994 --> 07:11:39,900
they can impersonate that user
anywhere on the internet.
10803
07:11:40,500 --> 07:11:44,400
Secondly JavaScript can read
and make arbitrary modifications
10804
07:11:44,400 --> 07:11:46,300
to the browser's
document object model.
10805
07:11:46,700 --> 07:11:49,600
So your page will
just be incorporated
10806
07:11:49,600 --> 07:11:51,247
with all sorts of scripts
10807
07:11:51,247 --> 07:11:55,200
and viruses without You even
knowing from the server side now
10808
07:11:55,200 --> 07:11:56,743
JavaScript can be used
10809
07:11:56,743 --> 07:11:59,900
with the XML HTTP request
to send HTTP request
10810
07:11:59,900 --> 07:12:02,900
with arbitrary content
to arbitrary destinations.
10811
07:12:03,000 --> 07:12:04,600
And the most scary part is
10812
07:12:04,600 --> 07:12:08,500
that JavaScript and modern
browsers can leverage HTML5 apis
10813
07:12:08,500 --> 07:12:12,400
such as accessing a user's
geolocation webcam microphone
10814
07:12:12,400 --> 07:12:13,600
and whatnot and even
10815
07:12:13,600 --> 07:12:16,000
specific files from
the users file system.
10816
07:12:16,100 --> 07:12:19,682
Now while most of these apis
require the users to opt
10817
07:12:19,682 --> 07:12:22,300
in cross-site scripting
with in actions
10818
07:12:22,300 --> 07:12:23,023
with some very
10819
07:12:23,023 --> 07:12:25,400
clever social engineering
can bring an attacker
10820
07:12:25,400 --> 07:12:28,200
of very long way now
the above in combination
10821
07:12:28,200 --> 07:12:29,651
with social engineering
10822
07:12:29,651 --> 07:12:31,044
as I just said allows
10823
07:12:31,044 --> 07:12:33,700
an attacker to pull
off Advanced attacks,
10824
07:12:33,700 --> 07:12:36,500
including cookie theft
keylogging fishing
10825
07:12:36,500 --> 07:12:38,900
and identity theft to now
10826
07:12:38,900 --> 07:12:41,650
critically cross-site scripting
vulnerabilities provide.
10827
07:12:41,650 --> 07:12:42,637
The perfect ground
10828
07:12:42,637 --> 07:12:45,600
for attackers to escalate
attacks to more serious ones.
10829
07:12:45,600 --> 07:12:48,900
So now that we understand what
cross-site scripting attacks are
10830
07:12:48,900 --> 07:12:51,300
and how damaging they can be
to your application.
10831
07:12:51,300 --> 07:12:53,200
Let's dive To the
best known practices
10832
07:12:53,200 --> 07:12:56,200
that are actually followed to
prevent them in the first place.
10833
07:12:56,700 --> 07:13:00,191
So the first mechanism
that is used is called escaping.
10834
07:13:00,191 --> 07:13:01,614
So escaping data means
10835
07:13:01,614 --> 07:13:05,100
that taking data and application
has received and ensuring
10836
07:13:05,100 --> 07:13:08,200
that it's secure before actually
rendering it for the end user.
10837
07:13:08,800 --> 07:13:11,300
Now by escaping
user input key characters
10838
07:13:11,300 --> 07:13:14,000
in the data received by
a web page will be prevented
10839
07:13:14,000 --> 07:13:15,294
from being interpreted
10840
07:13:15,294 --> 07:13:17,705
in any malicious sort
of way now innocence
10841
07:13:17,705 --> 07:13:20,323
your censoring the data
or webpage receives in a way
10842
07:13:20,323 --> 07:13:23,800
that will disallow characters
especially those brackets
10843
07:13:23,800 --> 07:13:27,800
that begin the HTML attributes
like in HTML and I'm G
10844
07:13:27,800 --> 07:13:29,950
so these will be stopped
from being rendered
10845
07:13:29,950 --> 07:13:32,300
which would otherwise cause harm
to your application
10846
07:13:32,300 --> 07:13:33,800
and users and database,
10847
07:13:33,900 --> 07:13:37,100
but if your page doesn't allow
users to add their own code
10848
07:13:37,100 --> 07:13:40,000
to the page A good rule of thumb
is We need to escape any
10849
07:13:40,000 --> 07:13:42,700
and all HTML URL
and JavaScript entities.
10850
07:13:43,400 --> 07:13:45,800
However, if you
are running a forum
10851
07:13:45,800 --> 07:13:49,800
and you do allow users
to as Rich text to your content,
10852
07:13:49,800 --> 07:13:51,400
you have a few choices.
10853
07:13:51,400 --> 07:13:53,800
So firstly you will need
to carefully choose
10854
07:13:53,800 --> 07:13:55,935
which HTML entities
you will escape
10855
07:13:55,935 --> 07:13:58,726
and which you won't
or buy replacement format
10856
07:13:58,726 --> 07:14:00,500
for raw HTML such as markdown
10857
07:14:00,500 --> 07:14:03,135
which will in turn allow
you to continue escaping all
10858
07:14:03,135 --> 07:14:06,520
the sorts of HTML characters
now the second method
10859
07:14:06,520 --> 07:14:09,000
that is normally used
is called validating input
10860
07:14:09,000 --> 07:14:11,200
And so validating
input is the process
10861
07:14:11,200 --> 07:14:14,500
of ensuring an application
is rendering the correct data
10862
07:14:14,500 --> 07:14:16,282
and preventing malicious data
10863
07:14:16,282 --> 07:14:19,600
from doing harm to the site
the database and the users.
10864
07:14:19,700 --> 07:14:23,454
So while whitelisting and input
validation are more commonly
10865
07:14:23,454 --> 07:14:26,000
associated with stuff
like SQL injection,
10866
07:14:26,000 --> 07:14:28,395
they can also be used as
an additional method
10867
07:14:28,395 --> 07:14:30,900
of prevention for
cross-site scripting attacks.
10868
07:14:31,100 --> 07:14:33,492
So input validation
is especially helpful
10869
07:14:33,492 --> 07:14:36,400
and good at preventing
cross-site scripting in forms
10870
07:14:36,400 --> 07:14:38,700
as it prevents a user
from adding special.
10871
07:14:38,700 --> 07:14:41,300
Characters into the fields
instead of refusing
10872
07:14:41,300 --> 07:14:42,535
the quest completely.
10873
07:14:42,535 --> 07:14:44,521
But in fact valid
input validation is
10874
07:14:44,521 --> 07:14:47,541
not the primary method of
prevention for vulnerabilities
10875
07:14:47,541 --> 07:14:49,188
such as cross-site scripting
10876
07:14:49,188 --> 07:14:51,259
and even SQL injection
for that example,
10877
07:14:51,259 --> 07:14:54,500
but instead they help to reduce
the effects should an attacker
10878
07:14:54,500 --> 07:14:57,100
actually discover such
a vulnerability in your system.
10879
07:14:57,500 --> 07:15:00,300
Now the third way to prevent
cross-site scripting attack
10880
07:15:00,300 --> 07:15:01,829
is to sanitize user input.
10881
07:15:01,829 --> 07:15:03,900
So sanitizing data
is a strong defense
10882
07:15:03,900 --> 07:15:05,384
but should not be used alone
10883
07:15:05,384 --> 07:15:07,400
to battle cross-site
scripting attacks.
10884
07:15:07,400 --> 07:15:08,605
It's totally possible.
10885
07:15:08,605 --> 07:15:11,400
Will that you find the need
to use all three methods
10886
07:15:11,400 --> 07:15:14,900
of prevention in working towards
a more secure application.
10887
07:15:15,200 --> 07:15:16,900
Now as you guys might notice
10888
07:15:16,900 --> 07:15:20,300
that sanitizing user inputs is
especially helpful on sites
10889
07:15:20,300 --> 07:15:23,886
that allow HTML markup to ensure
data received Can Do no harm
10890
07:15:23,886 --> 07:15:25,800
to users as well
as your database
10891
07:15:25,800 --> 07:15:29,000
by scrubbing the data clean
of potentially harmful markup
10892
07:15:29,000 --> 07:15:31,520
and changing the
unacceptable user input
10893
07:15:31,520 --> 07:15:33,200
into an acceptable format.
10894
07:15:33,800 --> 07:15:34,376
OK guys.
10895
07:15:34,376 --> 07:15:38,918
So that was all the theory about
cross-site scripting it's time.
10896
07:15:38,918 --> 07:15:40,000
Demo right now.
10897
07:15:40,684 --> 07:15:42,915
So for the demonstration now,
10898
07:15:43,600 --> 07:15:45,679
I'm going to be showing
you guys the three types
10899
07:15:45,679 --> 07:15:46,767
of cross-site scripting
10900
07:15:46,767 --> 07:15:48,800
that we have discussed
throughout the course
10901
07:15:48,800 --> 07:15:49,600
of the session.
10902
07:15:50,300 --> 07:15:53,007
So not only will this be
a rather interesting to see
10903
07:15:53,007 --> 07:15:56,214
how cross-site scripting works
on a vulnerable web application,
10904
07:15:56,214 --> 07:15:57,300
but it will also give
10905
07:15:57,300 --> 07:15:59,700
us a better understanding
of cross-site scripting
10906
07:15:59,700 --> 07:16:02,900
in itself now to perform
cross-site scripting is
10907
07:16:02,900 --> 07:16:03,900
a very big crime.
10908
07:16:03,900 --> 07:16:06,900
So we really can Target
any random web platform website
10909
07:16:06,900 --> 07:16:08,600
or web application
for that matter.
10910
07:16:09,700 --> 07:16:11,511
So keeping that thing in mind I
10911
07:16:11,511 --> 07:16:14,200
have chosen the broken
web application project.
10912
07:16:14,200 --> 07:16:16,306
So this is brought
To Us by a wasp
10913
07:16:16,306 --> 07:16:20,200
which stands for open source web
application security project.
10914
07:16:20,300 --> 07:16:23,600
The broken web application
project or Bebop is
10915
07:16:23,600 --> 07:16:25,185
a broken web application
10916
07:16:25,185 --> 07:16:27,300
that is intentionally vulnerable
10917
07:16:27,300 --> 07:16:30,204
and it incorporates
a majority of the known bugs
10918
07:16:30,204 --> 07:16:33,600
that are out there
and it is widely used by
10919
07:16:33,600 --> 07:16:35,484
security enthusiastic students
10920
07:16:35,484 --> 07:16:38,500
and practicing ethical hackers
to mostly practice
10921
07:16:38,500 --> 07:16:40,800
and nurture their skills
in the right direction.
10922
07:16:41,400 --> 07:16:43,895
Okay, so to get started
first of all,
10923
07:16:43,895 --> 07:16:47,500
we need to download a few
files and get things ready.
10924
07:16:47,600 --> 07:16:50,039
So first of all,
we will download the broken web.
10925
07:16:50,039 --> 07:16:50,700
Ation project
10926
07:16:50,700 --> 07:16:52,400
and I'll be leaving
the download link
10927
07:16:52,400 --> 07:16:55,405
in the description just in case
you guys want to practice
10928
07:16:55,405 --> 07:16:56,700
in your own free time.
10929
07:16:56,800 --> 07:16:57,442
Secondly.
10930
07:16:57,442 --> 07:16:59,800
We need to download
a virtual box.
10931
07:16:59,800 --> 07:17:02,400
Now after we have
both the files ready
10932
07:17:02,400 --> 07:17:04,200
and we have it installed
10933
07:17:04,200 --> 07:17:07,400
and we have our broken
web application installed
10934
07:17:07,400 --> 07:17:08,800
in the virtual machine.
10935
07:17:08,800 --> 07:17:09,900
We are good to go.
10936
07:17:10,492 --> 07:17:10,800
Now.
10937
07:17:10,800 --> 07:17:12,814
I've already done
all that boring job
10938
07:17:12,814 --> 07:17:15,500
and actually installed
the broken web application
10939
07:17:15,500 --> 07:17:16,576
as you guys can see.
10940
07:17:16,576 --> 07:17:17,600
I'm already running
10941
07:17:17,600 --> 07:17:20,200
the owasp broken web application
on my virtual.
10942
07:17:21,100 --> 07:17:24,400
And this is the Oval
Office virtual machine.
10943
07:17:26,200 --> 07:17:29,530
So as you guys can see
it's based off Linux
10944
07:17:29,530 --> 07:17:31,500
and if we go ifconfig,
10945
07:17:31,700 --> 07:17:34,400
it'll give us the IP address
that it's running on.
10946
07:17:34,400 --> 07:17:36,100
So as you guys can see,
10947
07:17:36,100 --> 07:17:44,800
it's running on 192.168.1 46.4
so If we just head over there,
10948
07:17:44,800 --> 07:17:46,800
yeah, I've already open that up.
10949
07:17:46,800 --> 07:17:47,800
We get a portal.
10950
07:17:47,800 --> 07:17:49,600
So for this
particular demonstration,
10951
07:17:49,600 --> 07:17:52,300
I'm going to be using the broken
web application project
10952
07:17:52,300 --> 07:17:53,644
and also webgoat.
10953
07:17:53,900 --> 07:17:54,804
So first of all,
10954
07:17:54,804 --> 07:17:57,800
let's head over to the broken
web application project.
10955
07:18:00,100 --> 07:18:02,700
So we'll be greeted
with a login screen out here
10956
07:18:02,700 --> 07:18:05,052
and the credentials
for this is B and Bug
10957
07:18:05,052 --> 07:18:06,200
as you guys can see,
10958
07:18:06,200 --> 07:18:09,400
so just go and enter login
after you enter the credentials.
10959
07:18:12,500 --> 07:18:17,000
Okay, so y'all will be
welcomed with a place
10960
07:18:17,000 --> 07:18:18,491
where you can choose your bug
10961
07:18:18,491 --> 07:18:20,782
and you can also choose
the amount of security
10962
07:18:20,782 --> 07:18:22,400
that you want to practice with.
10963
07:18:22,400 --> 07:18:24,735
So since this is
a very simple demonstration,
10964
07:18:24,735 --> 07:18:26,700
I'm going to set
the security too low.
10965
07:18:26,700 --> 07:18:27,907
And the first thing
10966
07:18:27,907 --> 07:18:30,130
that we're going
to test is actually
10967
07:18:30,130 --> 07:18:32,100
reflected cross-site scripting.
10968
07:18:32,300 --> 07:18:35,400
So reflected cross-site
scripting mostly has things
10969
07:18:35,400 --> 07:18:37,200
to do with the get request
10970
07:18:37,300 --> 07:18:39,789
when we are actually
coding on the back end.
10971
07:18:39,789 --> 07:18:40,600
So, let's see.
10972
07:18:41,500 --> 07:18:43,003
First of all we go ahead
10973
07:18:43,003 --> 07:18:46,700
and choose reflected cross-site
scripting for the get method
10974
07:18:46,700 --> 07:18:48,400
and we go and press hack.
10975
07:18:49,600 --> 07:18:51,541
Now will be presented
with a form.
10976
07:18:51,541 --> 07:18:53,100
Now form is a very good way
10977
07:18:53,100 --> 07:18:56,000
of actually showing
reflected cross-site scripting
10978
07:18:56,000 --> 07:18:58,926
because normally when
an attacker will be trying
10979
07:18:58,926 --> 07:19:02,600
to attack you he'll be trying
to send you a form or any way.
10980
07:19:02,600 --> 07:19:04,100
You can actually input
10981
07:19:04,100 --> 07:19:07,800
something into the his
soul so interestingly
10982
07:19:07,800 --> 07:19:11,442
if we go and just in put nothing
into these two fields
10983
07:19:11,442 --> 07:19:14,304
and just go will see
the URL change out here.
10984
07:19:14,304 --> 07:19:15,800
So firstly you guys see
10985
07:19:15,800 --> 07:19:19,023
that it's the fields are
very clearly visible
10986
07:19:19,023 --> 07:19:22,100
and These are the two fields
and that means
10987
07:19:22,100 --> 07:19:24,200
that it's an uncoded input.
10988
07:19:24,200 --> 07:19:26,240
So this is a very rich place
10989
07:19:26,240 --> 07:19:29,300
to actually practice
your web vulnerability
10990
07:19:29,300 --> 07:19:31,400
and penetration testing skills.
10991
07:19:31,900 --> 07:19:33,700
So if I were to hackl,
10992
07:19:33,700 --> 07:19:36,200
I would try and run
a script out here.
10993
07:19:36,500 --> 07:19:38,423
So if I were to go script
10994
07:19:38,700 --> 07:19:40,800
and I've already
practiced a few out here
10995
07:19:40,800 --> 07:19:42,100
as you guys can see,
10996
07:19:42,600 --> 07:19:44,600
so if you go script alert,
10997
07:19:44,700 --> 07:19:47,600
this is an example
of reflected xss.
10998
07:19:50,600 --> 07:19:53,600
Yeah, and if we go and just
end the script out here.
10999
07:19:55,300 --> 07:19:57,404
This is going to actually render
11000
07:19:57,404 --> 07:20:00,200
the JavaScript input
as a part of the page
11001
07:20:00,200 --> 07:20:02,500
and we are going to get
an output because of this.
11002
07:20:02,700 --> 07:20:05,700
So that's how reflected
cross-site script
11003
07:20:05,700 --> 07:20:06,700
is actually working.
11004
07:20:09,000 --> 07:20:13,000
So as you guys can see
we the what am I saying?
11005
07:20:13,000 --> 07:20:16,500
As you guys can see
the web application has actually
11006
07:20:16,500 --> 07:20:19,200
rendered our JavaScript
and now we can see
11007
07:20:19,200 --> 07:20:20,500
that reflected cross-site
11008
07:20:20,500 --> 07:20:22,400
scripting is actually
working out here.
11009
07:20:22,600 --> 07:20:24,478
So now you guys
must have realized
11010
07:20:24,478 --> 07:20:26,103
that in a practical scenario.
11011
07:20:26,103 --> 07:20:28,162
This form must be
sent to the victim
11012
07:20:28,162 --> 07:20:30,400
and must be tricked
into filling the form
11013
07:20:30,400 --> 07:20:32,000
for the attack to be successful.
11014
07:20:32,400 --> 07:20:34,467
Also in more practical scenarios
11015
07:20:34,467 --> 07:20:36,600
where sites are
also having forms.
11016
07:20:36,600 --> 07:20:38,966
They're going to be putting
filters to the Of
11017
07:20:38,966 --> 07:20:40,310
the input parameters such
11018
07:20:40,310 --> 07:20:42,300
that you cannot run
JavaScript in them
11019
07:20:42,500 --> 07:20:47,000
and you cannot also input
any unencoded inputs into them.
11020
07:20:47,500 --> 07:20:50,000
So that was all
about reflective JavaScript.
11021
07:20:50,000 --> 07:20:51,900
I mean reflected
cross-site scripting.
11022
07:20:52,300 --> 07:20:55,600
So now let's move
on to store cross-site scripting
11023
07:20:55,600 --> 07:20:58,700
which is the most dangerous form
of cross-site scripting.
11024
07:21:01,600 --> 07:21:04,400
Okay, so as I had discussed
11025
07:21:04,400 --> 07:21:07,895
the comment sections are
normally the best place
11026
07:21:07,895 --> 07:21:10,700
for actually stored
cross-site scripting.
11027
07:21:13,800 --> 07:21:19,400
so as you guys can see out here
11028
07:21:19,800 --> 07:21:22,200
if we already have
a few comments
11029
07:21:22,200 --> 07:21:26,500
that had added for practicing
now in store cross-site
11030
07:21:26,500 --> 07:21:29,600
scripting the attacker
is normally attacking the data
11031
07:21:29,600 --> 07:21:30,438
that is stored.
11032
07:21:30,438 --> 07:21:32,950
So basically we are going
to inject the script
11033
07:21:32,950 --> 07:21:35,056
into the database
into the server.
11034
07:21:35,056 --> 07:21:37,300
So if the script has
some malicious intent
11035
07:21:37,300 --> 07:21:38,989
and it can do
a multitude of thing
11036
07:21:38,989 --> 07:21:41,600
if it has a malicious intent
will not get into that.
11037
07:21:41,600 --> 07:21:42,866
So for that reason,
11038
07:21:42,866 --> 07:21:45,600
let's first add
a normal comment out here.
11039
07:21:45,600 --> 07:21:46,600
So let's say
11040
07:21:46,600 --> 07:21:49,900
if this was blog
I'd say good job there.
11041
07:21:49,900 --> 07:21:52,600
Like I said
or something like hey,
11042
07:21:52,600 --> 07:21:54,000
man, nice work.
11043
07:21:57,500 --> 07:22:00,000
If you go and
press submit, okay,
11044
07:22:00,000 --> 07:22:01,900
it's showing this is
an example of persistent
11045
07:22:01,900 --> 07:22:02,900
cross-site scripting
11046
07:22:02,900 --> 07:22:06,522
because I had already
inserted malicious script.
11047
07:22:06,522 --> 07:22:11,200
So this is that script out
here the second input but just
11048
07:22:11,200 --> 07:22:12,900
for demonstration purposes.
11049
07:22:12,900 --> 07:22:16,800
Let's go in and put it again
so we can also input raw data
11050
07:22:16,800 --> 07:22:19,600
that is unencoded input
in the form of script.
11051
07:22:19,900 --> 07:22:21,500
So let's go alerts.
11052
07:22:23,500 --> 07:22:25,700
Unless his print hello world.
11053
07:22:38,100 --> 07:22:41,600
So if we go and press submit
so at first ones
11054
07:22:41,600 --> 07:22:44,522
that other cross-site script
and then it will say
11055
07:22:44,522 --> 07:22:45,982
that this page isn't working.
11056
07:22:45,982 --> 07:22:48,064
So this is also a very
good example now we
11057
07:22:48,064 --> 07:22:50,400
have two scripts actually
running on this page.
11058
07:22:50,400 --> 07:22:51,455
So the first one is
11059
07:22:51,455 --> 07:22:54,900
actually this is an example of
cross-site scripting persistent.
11060
07:22:54,900 --> 07:22:58,900
So that was the second one
and then comes the hello world.
11061
07:22:58,900 --> 07:23:02,800
So that's actually two scripts
running back to back.
11062
07:23:03,200 --> 07:23:05,500
So anybody if I were
to actually come back
11063
07:23:05,500 --> 07:23:06,800
to this side any other day
11064
07:23:06,800 --> 07:23:08,797
and these comments
existed It would just
11065
07:23:08,797 --> 07:23:11,000
get automatically executed
from the database
11066
07:23:11,000 --> 07:23:13,200
because just because we
are referring to it.
11067
07:23:13,500 --> 07:23:17,000
Okay, so time for
dom-based cross-site scripting
11068
07:23:17,000 --> 07:23:20,709
and I was using this application
for the first time yesterday
11069
07:23:20,709 --> 07:23:21,533
and I realized
11070
07:23:21,533 --> 07:23:23,600
that there is actually
no way that we
11071
07:23:23,600 --> 07:23:26,300
can actually test dom-based
cross-site scripting you.
11072
07:23:26,300 --> 07:23:28,800
So to actually test
on base cross site scripting
11073
07:23:28,800 --> 07:23:31,300
we are going to be using
this thing called webgoat.
11074
07:23:32,000 --> 07:23:33,598
Now the login credentials
11075
07:23:33,598 --> 07:23:35,900
to webgoat is guests
for the username
11076
07:23:35,900 --> 07:23:37,442
and guests for the password.
11077
07:23:37,442 --> 07:23:39,700
I'd already logged in
so it didn't ask me.
11078
07:23:39,700 --> 07:23:41,300
So now if we go out here
11079
07:23:41,300 --> 07:23:44,100
and go on the cross
site scripting in xs/s,
11080
07:23:44,100 --> 07:23:46,940
you will also see
that there is no options
11081
07:23:46,940 --> 07:23:50,841
available for actually donbass
cross-site scripting this is
11082
07:23:50,841 --> 07:23:53,600
because it's under
a acts security or Ajax
11083
07:23:53,600 --> 07:23:55,300
if you might pronounce
it that way.
11084
07:23:56,200 --> 07:23:59,000
So in this is
under a acts security
11085
07:23:59,000 --> 07:24:01,579
because if you guys remember
we had just discussed
11086
07:24:01,579 --> 07:24:04,264
that don't be cross site
scripting is a client-side
11087
07:24:04,264 --> 07:24:05,500
cross-site scripting.
11088
07:24:05,500 --> 07:24:09,141
So things like a normal script
would normally be checked
11089
07:24:09,141 --> 07:24:10,400
on the server side.
11090
07:24:10,400 --> 07:24:12,769
But when we are talking
on client side,
11091
07:24:12,769 --> 07:24:16,200
we are talking about languages
like HTML a acts etcetera
11092
07:24:16,200 --> 07:24:19,008
so you can put your scripts
in HTML form.
11093
07:24:19,008 --> 07:24:23,100
So suppose we were to go
so let's input a script first.
11094
07:24:23,100 --> 07:24:24,800
So suppose you have
to go script.
11095
07:24:24,800 --> 07:24:25,800
Hello world now.
11096
07:24:25,800 --> 07:24:29,531
If we go and submit the solution
nothing actually happens
11097
07:24:29,531 --> 07:24:33,100
because we are actually putting
in encoded in puts out there.
11098
07:24:33,100 --> 07:24:35,100
It's the Dom that is unencoded.
11099
07:24:36,000 --> 07:24:40,000
Now if we were to actually go in
and input in a language
11100
07:24:40,000 --> 07:24:44,200
that the client-side actually
understands for example HTML,
11101
07:24:44,200 --> 07:24:46,584
so we immediately get a result.
11102
07:24:46,800 --> 07:24:48,400
So first of all,
11103
07:24:48,400 --> 07:24:51,570
it's going to actually
manipulate the inner
11104
07:24:51,570 --> 07:24:53,100
HTML attributes of this site.
11105
07:24:53,100 --> 07:24:56,361
So if we go image
and we put a source now,
11106
07:24:56,361 --> 07:24:59,900
let's not give the source
anything and on alert
11107
07:25:00,800 --> 07:25:02,800
on are urado on an error.
11108
07:25:03,200 --> 07:25:06,200
We're going to run
some simple JavaScript so alert
11109
07:25:07,600 --> 07:25:17,900
And we can say this is
an example of dom-based xss.
11110
07:25:19,500 --> 07:25:22,800
Now as soon as I end
end the image tag,
11111
07:25:22,800 --> 07:25:25,636
this is going to get done
because the client side
11112
07:25:25,636 --> 07:25:28,000
is always rendering
the client-side page.
11113
07:25:28,000 --> 07:25:29,900
So watch this.
11114
07:25:34,100 --> 07:25:36,869
Sorry, I think
I miss type somewhere.
11115
07:25:37,900 --> 07:25:40,600
Let's go again so image.
11116
07:25:44,100 --> 07:25:47,700
Unless you something I've
already used and you can see
11117
07:25:47,700 --> 07:25:49,600
that it says hacked and out.
11118
07:25:49,600 --> 07:25:52,500
He'll we've not even
press submit solution.
11119
07:25:53,300 --> 07:25:54,726
So out here you can see
11120
07:25:54,726 --> 07:25:58,000
that as soon as we completed
it is again saying hacked so
11121
07:25:58,000 --> 07:26:00,300
that means as soon as you
complete the query or
11122
07:26:00,300 --> 07:26:02,600
the client-side HTML language,
11123
07:26:02,600 --> 07:26:04,206
so that will completely
11124
07:26:04,206 --> 07:26:07,000
trigger the cross-eyed
payload image tag.
11125
07:26:07,000 --> 07:26:08,431
This is going to get run
11126
07:26:08,431 --> 07:26:10,902
because the client side
is always rendering
11127
07:26:10,902 --> 07:26:12,300
the client-side page.
11128
07:26:12,300 --> 07:26:14,100
So watch this.
11129
07:26:18,200 --> 07:26:19,000
I'm sorry.
11130
07:26:19,000 --> 07:26:21,100
I think I miss type somewhere.
11131
07:26:22,100 --> 07:26:24,900
Let's go again so image.
11132
07:26:28,300 --> 07:26:32,166
Okay, let's use something I've
already used and you can see
11133
07:26:32,166 --> 07:26:34,300
that it says hacked
and out here.
11134
07:26:34,300 --> 07:26:36,800
We've not even
press submit solution.
11135
07:26:37,600 --> 07:26:39,066
So out here you can see
11136
07:26:39,066 --> 07:26:41,800
that as soon as we
completed it is again saying
11137
07:26:41,800 --> 07:26:44,500
that so that means as soon
as you complete the query or
11138
07:26:44,500 --> 07:26:46,807
the client-side HTML language,
11139
07:26:46,911 --> 07:26:50,988
so that will completely
trigger the cross-eyed payload
11140
07:26:55,600 --> 07:26:56,815
firstly let's go
11141
07:26:56,815 --> 07:27:01,300
or what does and DDOS means now
to understand a DDOS attack.
11142
07:27:01,300 --> 07:27:05,000
It is essential to understand
the fundamentals of a Dos attack
11143
07:27:05,000 --> 07:27:07,600
does simply stands
for denial of service?
11144
07:27:07,600 --> 07:27:10,400
The service could be
of any kind for example,
11145
07:27:10,400 --> 07:27:12,700
imagine your mother
confiscate your cellphone
11146
07:27:12,700 --> 07:27:15,400
when you are preparing
for your exams to help you study
11147
07:27:15,400 --> 07:27:16,968
without any sort of distraction
11148
07:27:16,968 --> 07:27:19,700
while the intentions of
your model is truly out of care
11149
07:27:19,700 --> 07:27:22,528
and concern you are being denied
the service of calling
11150
07:27:22,528 --> 07:27:25,244
and any other service offered
by your cell phone now
11151
07:27:25,244 --> 07:27:27,800
with respect to a computer
and computer networks.
11152
07:27:27,800 --> 07:27:29,800
A denial of service
could be in the form
11153
07:27:29,800 --> 07:27:32,500
of hijacking web servers
overloading ports,
11154
07:27:32,500 --> 07:27:33,893
which request rendering
11155
07:27:33,893 --> 07:27:36,659
them unusable the dying
Wireless authentication
11156
07:27:36,659 --> 07:27:38,423
and eyeing any sort of service
11157
07:27:38,423 --> 07:27:40,500
that is provided
on the internet attacks
11158
07:27:40,500 --> 07:27:43,100
of such intent can be performed
from a single machine
11159
07:27:43,100 --> 07:27:45,909
while single machine attacks
are much easier to execute
11160
07:27:45,909 --> 07:27:47,497
and monitor their also easy
11161
07:27:47,497 --> 07:27:49,900
to detect and mitigate
to solve this issue.
11162
07:27:49,900 --> 07:27:52,900
The attack could be executed
from multiple devices spread
11163
07:27:52,900 --> 07:27:54,017
across a wide area.
11164
07:27:54,017 --> 07:27:57,000
Not only does this make
it difficult to stop the attack
11165
07:27:57,000 --> 07:27:59,671
but it also becomes
near impossible to point out.
11166
07:27:59,671 --> 07:28:02,900
The main culprit such attacks
are called distributed denial
11167
07:28:02,900 --> 07:28:04,900
of service or DDOS attacks.
11168
07:28:04,900 --> 07:28:08,200
Now, let us see how they work
the main idea of a U.s.
11169
07:28:08,200 --> 07:28:09,304
Attack as explained
11170
07:28:09,304 --> 07:28:12,700
is making a certain service
unavailable since everything
11171
07:28:12,700 --> 07:28:15,700
that is attacked is
in reality running on a machine.
11172
07:28:15,700 --> 07:28:17,600
The service can
be made available.
11173
07:28:17,600 --> 07:28:20,400
If the performance of
the machine can be brought down.
11174
07:28:20,400 --> 07:28:23,800
This is the fundamental
behind dose and DDOS attacks.
11175
07:28:23,800 --> 07:28:26,656
Now some dos attacks
are executed by flooding servers
11176
07:28:26,656 --> 07:28:28,068
with connection requests
11177
07:28:28,068 --> 07:28:29,787
until the server is overloaded
11178
07:28:29,787 --> 07:28:32,787
and is deemed useless others
are executed by sending
11179
07:28:32,787 --> 07:28:34,511
unfragmented packets to a server
11180
07:28:34,511 --> 07:28:37,100
which they are unable
to handle these methods
11181
07:28:37,100 --> 07:28:38,500
when Muted by a botnet
11182
07:28:38,500 --> 07:28:40,600
exponentially increase
the amount of damage
11183
07:28:40,600 --> 07:28:41,644
that they are doing
11184
07:28:41,644 --> 07:28:44,288
and their difficulty
to mitigate increases in Leaps
11185
07:28:44,288 --> 07:28:47,700
and Bounds to understand more
about how these attacks work.
11186
07:28:47,700 --> 07:28:50,166
Let us look at the different
types of attacks.
11187
07:28:50,166 --> 07:28:53,372
Now while there are plenty of
ways to perform a DDOS attack.
11188
07:28:53,372 --> 07:28:55,700
I'll be listing down
the more famous ones.
11189
07:28:55,700 --> 07:28:58,891
These methodologies have become
famous due to their success rate
11190
07:28:58,891 --> 07:29:00,984
and the Damage they
have caused over time.
11191
07:29:00,984 --> 07:29:03,434
It is important to note
that with the advancement
11192
07:29:03,434 --> 07:29:04,200
and Technology.
11193
07:29:04,200 --> 07:29:06,200
The more creative minds
have devised more
11194
07:29:06,200 --> 07:29:07,700
devious ways to perform.
11195
07:29:07,700 --> 07:29:08,500
Dos attacks.
11196
07:29:08,500 --> 07:29:10,382
Now the first
type of methodology
11197
07:29:10,382 --> 07:29:13,400
that we are going to discuss
is called ping of death now
11198
07:29:13,400 --> 07:29:16,100
according to the TCP IP protocol
the maximum size
11199
07:29:16,100 --> 07:29:19,600
of the packet can be
65,535 bytes the Ping
11200
07:29:19,600 --> 07:29:22,029
of death attack exploits
this particular fact
11201
07:29:22,029 --> 07:29:23,300
in this type of attack.
11202
07:29:23,300 --> 07:29:24,600
The attacker sends packets
11203
07:29:24,600 --> 07:29:26,502
that are more than
the max packet size
11204
07:29:26,502 --> 07:29:28,912
when the packet fragments
are added up computers
11205
07:29:28,912 --> 07:29:30,050
generally do not know
11206
07:29:30,050 --> 07:29:32,558
what to do with such
packets and end up freezing
11207
07:29:32,558 --> 07:29:34,814
or sometimes crashing
entirely then we come
11208
07:29:34,814 --> 07:29:37,533
to reflect on the docks
this particular attack.
11209
07:29:37,533 --> 07:29:40,605
Iraq is more often than not used
with the help of a botnet.
11210
07:29:40,605 --> 07:29:42,075
The attacker sends a host
11211
07:29:42,075 --> 07:29:44,400
of innocent computers
a connection request
11212
07:29:44,400 --> 07:29:47,200
using a botnet which are
also called reflectors.
11213
07:29:47,200 --> 07:29:49,750
Now this connection
that comes from the botnet looks
11214
07:29:49,750 --> 07:29:52,100
like it comes from the victim
and this is done
11215
07:29:52,100 --> 07:29:54,693
by spoofing The Source part
in the packet header.
11216
07:29:54,693 --> 07:29:56,600
This makes the host
of computers send
11217
07:29:56,600 --> 07:29:58,600
an acknowledgement to
the victim computer
11218
07:29:58,600 --> 07:30:00,352
since there are
multiple such requests
11219
07:30:00,352 --> 07:30:01,794
from the different computers
11220
07:30:01,794 --> 07:30:04,163
to the same machine this
overloads the computer
11221
07:30:04,163 --> 07:30:05,400
and crashes it this type
11222
07:30:05,400 --> 07:30:07,300
of attack is also known
as a Smurfette.
11223
07:30:08,000 --> 07:30:11,400
Another type of attack is called
mail bomb now mail bomb attacks
11224
07:30:11,400 --> 07:30:13,504
generally attack email
servers in this type
11225
07:30:13,504 --> 07:30:16,800
of attack instead of packets
oversized emails filled with
11226
07:30:16,800 --> 07:30:19,900
random garbage values are sent
to the targeted email server.
11227
07:30:19,900 --> 07:30:21,820
This generally crashes
the email server
11228
07:30:21,820 --> 07:30:24,500
due to a sudden spike in load
and renders them useless
11229
07:30:24,500 --> 07:30:25,391
until fixed last
11230
07:30:25,391 --> 07:30:27,900
but not the least we
have the teardrop attack.
11231
07:30:27,900 --> 07:30:29,310
So in this type of attack,
11232
07:30:29,310 --> 07:30:30,956
the fragmentation offset field
11233
07:30:30,956 --> 07:30:33,391
of a packet is abused
one of the fields
11234
07:30:33,391 --> 07:30:36,261
in an IP header is a fragment
offset field indicating
11235
07:30:36,261 --> 07:30:38,048
the starting position or offset.
11236
07:30:38,048 --> 07:30:40,577
Of the data contained
in a fragmented packet
11237
07:30:40,577 --> 07:30:42,819
relative to the data
in the original packet
11238
07:30:42,819 --> 07:30:44,230
if the sum of the offset
11239
07:30:44,230 --> 07:30:46,992
and the size of one fragmented
packet differs from that
11240
07:30:46,992 --> 07:30:49,817
of the next fragmented packet
the packet overlap now
11241
07:30:49,817 --> 07:30:52,700
when this happens a server
vulnerable to teardrop attacks
11242
07:30:52,700 --> 07:30:55,189
is unable to reassemble
the packets resulting
11243
07:30:55,189 --> 07:30:57,000
in a denial
of service condition.
11244
07:30:57,000 --> 07:30:57,314
Okay.
11245
07:30:57,314 --> 07:31:00,900
So that was all the theoretical
portion of this video now,
11246
07:31:00,900 --> 07:31:04,600
it's time to actually perform
our very own DDOS attack.
11247
07:31:04,800 --> 07:31:05,147
Okay.
11248
07:31:05,147 --> 07:31:07,871
So now that we finish
the theoretical part
11249
07:31:07,871 --> 07:31:09,600
of how DDOS actually works
11250
07:31:09,600 --> 07:31:12,322
and what it actually is
but it's different types.
11251
07:31:12,322 --> 07:31:15,000
Let me just give you guys
a quick demonstration on
11252
07:31:15,000 --> 07:31:16,866
how you could apply a denial
11253
07:31:16,866 --> 07:31:17,999
of service attack
11254
07:31:17,999 --> 07:31:20,100
on a wireless network
anywhere around you
11255
07:31:20,100 --> 07:31:22,150
like this could be
somewhere like Starbucks
11256
07:31:22,150 --> 07:31:25,035
where you're sitting
or this could be a library also
11257
07:31:25,035 --> 07:31:26,930
or your college
institution no matter
11258
07:31:26,930 --> 07:31:29,400
where you're sitting
this procedure will work.
11259
07:31:29,400 --> 07:31:33,200
So the first thing we want to do
is actually open up a terminal
11260
07:31:33,200 --> 07:31:36,216
as because we were Be doing
most of our work
11261
07:31:36,216 --> 07:31:37,901
on a command line basis.
11262
07:31:37,901 --> 07:31:40,447
Now for this
particular demonstration.
11263
07:31:40,447 --> 07:31:44,309
We will be actually using
two tools first is aircrack-ng,
11264
07:31:44,309 --> 07:31:45,986
which is a suit of tools
11265
07:31:45,986 --> 07:31:49,128
which contains aircrack-ng
airmon-ng a replay
11266
07:31:49,128 --> 07:31:50,600
and G and airodump-ng.
11267
07:31:50,600 --> 07:31:53,258
So these are the four tools
that come along with it.
11268
07:31:53,258 --> 07:31:54,199
And the second one
11269
07:31:54,199 --> 07:31:56,900
that we'll be using
is called Mac change of okay.
11270
07:31:56,900 --> 07:31:59,500
So let me just put
my terminal on maximum.
11271
07:31:59,500 --> 07:32:02,798
So you guys can see
what I'm actually writing out.
11272
07:32:02,798 --> 07:32:06,500
So first thing we want to do
is Actually log in as root.
11273
07:32:06,500 --> 07:32:08,200
So let me just do that quickly
11274
07:32:08,200 --> 07:32:11,100
because we need to login as
root because most of the stuff
11275
07:32:11,100 --> 07:32:14,500
that we're going to do right now
will need administrator access.
11276
07:32:14,500 --> 07:32:14,766
Now.
11277
07:32:14,766 --> 07:32:17,699
If the first thing we
want to do is check out
11278
07:32:17,699 --> 07:32:19,700
our wireless network cards name
11279
07:32:19,700 --> 07:32:22,559
and we can do that easily
by typing ifconfig.
11280
07:32:22,559 --> 07:32:23,600
Now, you can see
11281
07:32:23,600 --> 07:32:28,900
that my wireless card is called
WL 1 and we get the MAC address
11282
07:32:28,900 --> 07:32:31,300
and we also get the IPv6 dress.
11283
07:32:31,300 --> 07:32:35,553
So that's my wireless network
card and we'll Actually setting
11284
07:32:35,553 --> 07:32:37,468
that up in monitor mode now
11285
07:32:37,468 --> 07:32:40,600
before we actually go in
to start up our Network
11286
07:32:40,600 --> 07:32:41,885
are in monitor mode.
11287
07:32:41,885 --> 07:32:43,905
Let me just show you
how you can install
11288
07:32:43,905 --> 07:32:47,200
the two tools that I just spoke
about that is aircrack-ng
11289
07:32:47,200 --> 07:32:48,300
at Mac changer.
11290
07:32:48,300 --> 07:32:50,250
So do install aircrack-ng.
11291
07:32:50,250 --> 07:32:51,919
You can just go app get
11292
07:32:51,919 --> 07:32:56,700
install aircrack-ng hit enter
and this should do it for you.
11293
07:32:56,700 --> 07:32:58,578
I already have it installed.
11294
07:32:58,578 --> 07:33:02,000
So it's not going to do
much to install mac changer.
11295
07:33:02,000 --> 07:33:04,317
You could just go
the same command
11296
07:33:04,317 --> 07:33:06,500
that is zap get
install mac changer
11297
07:33:06,700 --> 07:33:08,000
and you can check
11298
07:33:08,000 --> 07:33:11,061
if both the tools
have been installed properly
11299
07:33:11,061 --> 07:33:14,700
by opening the manual pages
by typing man aircrack-ng
11300
07:33:14,700 --> 07:33:17,200
and this will open up
the manual page for you.
11301
07:33:17,200 --> 07:33:20,000
And let's also do
the same format to ensure.
11302
07:33:20,000 --> 07:33:22,500
So what we're going
to do first is set up
11303
07:33:22,500 --> 07:33:25,300
our network interface card
into monitor mode.
11304
07:33:25,400 --> 07:33:26,600
So to do that,
11305
07:33:26,600 --> 07:33:29,300
all we have to do
is type ifconfig,
11306
07:33:29,300 --> 07:33:31,399
and we need to put
a network interface card down.
11307
07:33:31,399 --> 07:33:31,900
So we go.
11308
07:33:31,900 --> 07:33:35,900
Wlo one down and with
the command IW Go mode monitor.
11309
07:33:35,900 --> 07:33:37,100
Don't forget to specify
11310
07:33:37,100 --> 07:33:38,700
the interface that
you're working on.
11311
07:33:38,700 --> 07:33:40,848
So IW config WL 1 mode Monitor
11312
07:33:40,848 --> 07:33:44,000
and all you have to do
now is put it back up.
11313
07:33:44,000 --> 07:33:47,100
So what we are going
to type is ifconfig.
11314
07:33:47,100 --> 07:33:48,100
Wl1 up.
11315
07:33:48,200 --> 07:33:50,971
You can check the mode
it will see managed
11316
07:33:50,971 --> 07:33:52,537
if it's monitoring mode.
11317
07:33:52,537 --> 07:33:55,300
So as you guys can see
it says mode managed,
11318
07:33:55,300 --> 07:33:58,600
so that's how we're going
to go ahead so you can check
11319
07:33:58,600 --> 07:34:00,423
that just for your own purposes
11320
07:34:00,423 --> 07:34:02,200
so we can also check for only.
11321
07:34:02,200 --> 07:34:04,600
Wlo one by
specifying the interface.
11322
07:34:04,600 --> 07:34:08,500
Or you could also check
the mode only by passing it
11323
07:34:08,500 --> 07:34:11,900
through a pipe function
and that is using grep mode.
11324
07:34:12,000 --> 07:34:16,000
So IW config wl1 crap and mold.
11325
07:34:16,400 --> 07:34:18,302
Well mode begin
to the capital M.
11326
07:34:18,302 --> 07:34:20,800
So that's how you
would probably return it.
11327
07:34:20,900 --> 07:34:22,100
So as you guys can see
11328
07:34:22,100 --> 07:34:24,026
that has returned
the mode for us icon
11329
07:34:24,026 --> 07:34:26,468
along with the access point
and the frequency.
11330
07:34:26,468 --> 07:34:28,600
Okay, so that was
a little fun trivia on
11331
07:34:28,600 --> 07:34:31,500
how you could fetch the mode
from a certain command
11332
07:34:31,500 --> 07:34:34,300
that like iwconfig
by passing it through a pipe
11333
07:34:34,300 --> 07:34:37,215
and Open your list mode crap
basically means grab.
11334
07:34:37,215 --> 07:34:39,862
Okay, so now moving on we
will get to the more
11335
07:34:39,862 --> 07:34:42,295
important stuff now so
firstly we need to check
11336
07:34:42,295 --> 07:34:43,475
for some sub processes
11337
07:34:43,475 --> 07:34:45,298
that might still be running and
11338
07:34:45,298 --> 07:34:48,600
that right actually interfere
with the scanning process.
11339
07:34:48,600 --> 07:34:49,500
So to do that,
11340
07:34:49,500 --> 07:34:51,800
what we do is airmon-ng check
11341
07:34:51,800 --> 07:34:54,700
and then the name
of the interface now
11342
07:34:54,700 --> 07:34:57,012
as you guys can see I have
the network manager
11343
07:34:57,012 --> 07:34:59,600
that is running out here
and we need to kill that first
11344
07:34:59,600 --> 07:35:01,600
and that can be easily
done by going kill
11345
07:35:01,600 --> 07:35:02,920
with the PID after that.
11346
07:35:02,920 --> 07:35:04,900
You can run
a general command called.
11347
07:35:04,900 --> 07:35:06,700
Old airmon-ng check
11348
07:35:06,700 --> 07:35:10,700
and kill so whatever it finds
it will kill it accordingly
11349
07:35:10,700 --> 07:35:13,000
and when it produces
no results like this,
11350
07:35:13,000 --> 07:35:14,300
that means you're ready to go
11351
07:35:14,300 --> 07:35:15,900
as there are
no sub processes running
11352
07:35:15,900 --> 07:35:17,700
that might actually
interfere with us
11353
07:35:17,700 --> 07:35:21,400
can now what we want to do
is we want to run a dump scan
11354
07:35:21,400 --> 07:35:23,630
on the network interface card
11355
07:35:23,700 --> 07:35:26,900
and check out all
the possible access points
11356
07:35:26,900 --> 07:35:28,500
that are available to us.
11357
07:35:28,500 --> 07:35:31,171
So as you guys can see
this produces a bunch
11358
07:35:31,171 --> 07:35:34,600
of access points and they come
with their be ssids there.
11359
07:35:34,600 --> 07:35:36,645
So have the power
which is the pwr
11360
07:35:36,645 --> 07:35:40,834
that is the power of the signal
and let me go down back again.
11361
07:35:40,834 --> 07:35:44,400
So yeah, you can see the beacons
you can see the data you can see
11362
07:35:44,400 --> 07:35:48,055
the channels available
and what the bssid is.
11363
07:35:48,055 --> 07:35:49,200
It's the Mac ID
11364
07:35:49,200 --> 07:35:52,039
that is actually tied
in with the essid
11365
07:35:52,039 --> 07:35:55,700
which basically represents
the name of the router.
11366
07:35:55,700 --> 07:35:58,300
Now, what we want to do
from here is we want
11367
07:35:58,300 --> 07:36:01,700
to choose which router
we want to actually dose.
11368
07:36:01,700 --> 07:36:03,850
Now, the whole process
of dosing is actually
11369
07:36:03,850 --> 07:36:06,400
we will continue Sleety
authenticate all the devices
11370
07:36:06,400 --> 07:36:07,700
that are connected to it.
11371
07:36:07,700 --> 07:36:10,600
So for now I have chosen
Eddie Rekha Wi-Fi to actually
11372
07:36:10,600 --> 07:36:13,638
toss out and once I send it
the authentication broadcast,
11373
07:36:13,638 --> 07:36:14,508
it will actually
11374
07:36:14,508 --> 07:36:17,411
the authenticate all the devices
that are connected to it.
11375
07:36:17,411 --> 07:36:19,121
Now this the authentication
11376
07:36:19,121 --> 07:36:21,400
is done with a tool
called are replay
11377
07:36:21,400 --> 07:36:24,454
which is a part of
the aircrack-ng suit of tools.
11378
07:36:24,454 --> 07:36:24,687
Now.
11379
07:36:24,687 --> 07:36:25,505
Let's just see
11380
07:36:25,505 --> 07:36:28,800
how we can use are a play
by opening up the help command.
11381
07:36:28,800 --> 07:36:29,600
So we go - -
11382
07:36:29,600 --> 07:36:31,731
help and this opens up
the help command for us.
11383
07:36:31,731 --> 07:36:33,497
Now as you guys
can see it shows us
11384
07:36:33,497 --> 07:36:34,900
that we can send a D'Orsay.
11385
07:36:34,900 --> 07:36:36,928
Gation message by tapping into -
11386
07:36:36,928 --> 07:36:39,400
0 and then we need
to type in the count.
11387
07:36:39,400 --> 07:36:41,464
So what we are going
to do is type in -
11388
07:36:41,464 --> 07:36:43,800
0 which will send
the DL syndication message
11389
07:36:43,800 --> 07:36:45,700
and now we can dive 1 or 0.
11390
07:36:45,700 --> 07:36:48,738
So 1 will send only
one the authentication message
11391
07:36:48,738 --> 07:36:51,716
while 0 will continuously
Loop it and send a bunch
11392
07:36:51,716 --> 07:36:53,600
of the authentication messages.
11393
07:36:53,600 --> 07:36:56,100
We are going to say zero
because we want to be sure
11394
07:36:56,100 --> 07:36:59,100
that we are the authenticating
everybody and we can also
11395
07:36:59,100 --> 07:37:00,636
generally specify the person.
11396
07:37:00,636 --> 07:37:03,246
We also want to specifically
the authenticate but for
11397
07:37:03,246 --> 07:37:04,200
this demonstration,
11398
07:37:04,200 --> 07:37:06,900
I'm just Just going to try
and the authenticate everybody
11399
07:37:06,900 --> 07:37:07,600
that is there.
11400
07:37:07,600 --> 07:37:09,334
So what we are going to do is
11401
07:37:09,334 --> 07:37:12,500
we are going to copy down
the MAC address or the bssid
11402
07:37:12,500 --> 07:37:13,556
as you would know it
11403
07:37:13,556 --> 07:37:16,770
and then we are going to run
the authentication message.
11404
07:37:16,770 --> 07:37:19,700
Now as you guys can see
Rd authentication message
11405
07:37:19,700 --> 07:37:22,100
is beginning to hunt
on Channel Nine.
11406
07:37:22,146 --> 07:37:25,300
Now as you guys know
and as I already know
11407
07:37:25,300 --> 07:37:30,800
that our bssid or Mac address
is working on Channel 6 now,
11408
07:37:30,800 --> 07:37:34,600
we can easily change the channel
that are interface.
11409
07:37:34,600 --> 07:37:38,700
Working on by just going
IW config WL 1 and then Channel
11410
07:37:38,700 --> 07:37:40,400
and then specifying the channel
11411
07:37:40,400 --> 07:37:44,200
as you guys can see our chosen
router is working on Channel 6.
11412
07:37:44,200 --> 07:37:46,000
So that's exactly
what we're going to do.
11413
07:37:46,000 --> 07:37:49,000
Now as you guys can see it
immediately starts sending
11414
07:37:49,000 --> 07:37:52,357
the authentication codes
to the specified router
11415
07:37:52,357 --> 07:37:55,000
and this will actually
make any device
11416
07:37:55,000 --> 07:37:57,732
that is connected
to that router almost unusable.
11417
07:37:57,732 --> 07:38:00,968
You might see that you are
still connected to the Wi-Fi,
11418
07:38:00,968 --> 07:38:02,553
but try browsing the internet
11419
07:38:02,553 --> 07:38:05,619
with them you will never be able
to actually Each any site
11420
07:38:05,619 --> 07:38:06,484
as I'm constantly
11421
07:38:06,484 --> 07:38:08,719
the authenticating
your service you will need
11422
07:38:08,719 --> 07:38:10,379
that for a handshake
all the time.
11423
07:38:10,379 --> 07:38:13,600
And even if it completes you are
suddenly the authenticated again
11424
07:38:13,600 --> 07:38:15,800
because I'm running
this thing on a loop.
11425
07:38:15,800 --> 07:38:19,000
Now, you can let this command
run for a few moments
11426
07:38:19,000 --> 07:38:22,000
or how much of a time you want
to DDOS at guy for well,
11427
07:38:22,000 --> 07:38:23,200
this is not exactly a DDOS
11428
07:38:23,200 --> 07:38:25,200
because you're doing it
from one single machine,
11429
07:38:25,200 --> 07:38:28,060
but you can also optimize
this code to actually looks
11430
07:38:28,060 --> 07:38:30,700
like it's running
from several different machine.
11431
07:38:30,700 --> 07:38:32,397
So let me just show you
how to do that.
11432
07:38:32,397 --> 07:38:34,899
We are going to write a script
file to actually optimize.
11433
07:38:34,899 --> 07:38:37,299
Is our code lat
so this script file
11434
07:38:37,299 --> 07:38:39,400
will actually automate
most of the things
11435
07:38:39,400 --> 07:38:41,500
that we just did
and also optimize a little
11436
07:38:41,500 --> 07:38:43,800
by changing our Mac address
every single time.
11437
07:38:43,800 --> 07:38:46,400
So we become hard
to actually point out.
11438
07:38:46,400 --> 07:38:49,000
So the first thing
that we want to do is
11439
07:38:49,000 --> 07:38:53,000
we want to put our wireless
network card down and maybe
11440
07:38:53,000 --> 07:38:55,300
that's not the first thing
that I want to do.
11441
07:38:55,300 --> 07:38:57,200
Just give me a moment
to think about this.
11442
07:38:57,200 --> 07:38:59,400
I haven't actually thought
this true I'm doing
11443
07:38:59,400 --> 07:39:00,314
this on the Fly.
11444
07:39:00,314 --> 07:39:00,600
Okay.
11445
07:39:00,600 --> 07:39:01,457
So the first thing
11446
07:39:01,457 --> 07:39:03,600
that we're going to do
is we're going to start
11447
07:39:03,600 --> 07:39:05,953
a while loop that Is going
to continuously run
11448
07:39:05,953 --> 07:39:07,757
until we actually
externally stop it.
11449
07:39:07,757 --> 07:39:10,431
So we go while true
and then we're going to say do
11450
07:39:10,431 --> 07:39:12,300
and the first thing
that we want to do
11451
07:39:12,300 --> 07:39:16,600
is send out the authentication
message and we are going
11452
07:39:16,600 --> 07:39:20,900
to send a it around 10
the authentication messages
11453
07:39:21,400 --> 07:39:24,488
and we want to run it
on a specific bssid.
11454
07:39:24,488 --> 07:39:27,200
So that is the bssid
that had copied.
11455
07:39:27,200 --> 07:39:28,500
So let me just put in that
11456
07:39:28,600 --> 07:39:30,739
and then we just put
in the interface
11457
07:39:30,739 --> 07:39:32,504
is it supposed to work on now?
11458
07:39:32,504 --> 07:39:34,857
What we want to do
after that is You want
11459
07:39:34,857 --> 07:39:36,300
to change the MAC address
11460
07:39:36,300 --> 07:39:39,420
after we have sent
all these 10 packets.
11461
07:39:39,420 --> 07:39:43,676
So what we will need to do
is put down our wireless network
11462
07:39:43,676 --> 07:39:46,098
and as already
discussed we can do
11463
07:39:46,098 --> 07:39:48,300
that with ifconfig wlan0 down.
11464
07:39:48,300 --> 07:39:52,223
And now what we want to do
is change our Mac address
11465
07:39:52,223 --> 07:39:53,023
so we can do
11466
07:39:53,023 --> 07:39:55,800
that with the simple tool
that we had installed
11467
07:39:55,800 --> 07:39:58,200
and saying Mac changer -
11468
07:39:58,200 --> 07:40:02,300
are so let me just open up
a Quick Tab and show you guys
11469
07:40:02,300 --> 07:40:04,400
how much Ginger actually works.
11470
07:40:04,500 --> 07:40:05,970
Now you can already check
11471
07:40:05,970 --> 07:40:08,900
out my other video called
the ethical hacking course,
11472
07:40:08,900 --> 07:40:11,231
which actually covers
a lot of topics
11473
07:40:11,231 --> 07:40:14,521
and Mac changer is just one
of them and you can check
11474
07:40:14,521 --> 07:40:16,800
how to use it in depth
in that video.
11475
07:40:16,800 --> 07:40:19,100
But for now, let me just give
you a brief introduction
11476
07:40:19,100 --> 07:40:22,000
how much change it works the Mac
changer will basically give you
11477
07:40:22,000 --> 07:40:22,800
a new Mac address
11478
07:40:22,800 --> 07:40:25,650
every time let me just open
up the help menu for you guys.
11479
07:40:25,650 --> 07:40:27,515
So as you guys can see
these are the options
11480
07:40:27,515 --> 07:40:28,600
that are available to us.
11481
07:40:28,600 --> 07:40:30,600
We can get a random Mac address.
11482
07:40:30,600 --> 07:40:33,700
We can also tell to show
our Mac address and we also
11483
07:40:33,700 --> 07:40:35,800
have to specify Interface
11484
07:40:35,800 --> 07:40:38,358
when we want to show
us the MAC address now,
11485
07:40:38,358 --> 07:40:40,500
let me just generate
new Mac address.
11486
07:40:40,500 --> 07:40:42,800
So you see our chair
that interface up
11487
07:40:42,800 --> 07:40:45,270
or insufficient permissions
is being shown.
11488
07:40:45,270 --> 07:40:48,800
So this means we always have
to put down our interface first.
11489
07:40:48,800 --> 07:40:51,600
So let me just do that
quickly ifconfig wlan0 down.
11490
07:40:51,600 --> 07:40:54,800
And now what we want to do is
give ourselves a new Mac address
11491
07:40:54,800 --> 07:40:55,700
and boom roasted.
11492
07:40:55,700 --> 07:40:57,250
We already have
a new Mac address
11493
07:40:57,250 --> 07:40:59,300
as you guys can see
from the new Mac part.
11494
07:40:59,300 --> 07:41:01,900
Now if you put back are
in network interface card,
11495
07:41:01,900 --> 07:41:04,424
and then try and show up
Mac address again weeks.
11496
07:41:04,424 --> 07:41:06,600
See that our current
MAC and are from red.
11497
07:41:06,600 --> 07:41:09,100
Mack are two completely
different Mac addresses
11498
07:41:09,100 --> 07:41:12,400
and of current MAC
and the new Mac I identical.
11499
07:41:12,400 --> 07:41:14,945
So this is how you
can actually generate
11500
07:41:14,945 --> 07:41:18,600
new Mac addresses to spoof
your own identity on the while
11501
07:41:18,600 --> 07:41:20,466
and that is very
useful in this case
11502
07:41:20,466 --> 07:41:21,400
because the person
11503
07:41:21,400 --> 07:41:24,000
you're attacking will be
so confused as to what to do
11504
07:41:24,000 --> 07:41:26,300
because your Mac address
is changing every time
11505
07:41:26,300 --> 07:41:27,581
and there's no real solution
11506
07:41:27,581 --> 07:41:29,881
to the situation
that you're creating for them.
11507
07:41:29,881 --> 07:41:30,300
At least.
11508
07:41:30,300 --> 07:41:31,752
I don't know of any solution.
11509
07:41:31,752 --> 07:41:33,952
If you do know
how to stop this for yourself.
11510
07:41:33,952 --> 07:41:34,682
Please leave it.
11511
07:41:34,682 --> 07:41:36,550
Down in the comment
section below and help
11512
07:41:36,550 --> 07:41:37,600
the world a little bit.
11513
07:41:37,600 --> 07:41:37,900
Now.
11514
07:41:37,900 --> 07:41:42,400
We wanted also get to know what
our Mac address is every time.
11515
07:41:42,400 --> 07:41:44,800
So let me just type my function
11516
07:41:44,800 --> 07:41:47,300
through the whole thing
and let me just try
11517
07:41:47,300 --> 07:41:49,000
and grab the new Mac address.
11518
07:41:49,000 --> 07:41:51,200
So my changer are wl1
11519
07:41:51,200 --> 07:41:54,586
and grab Mark and then we
want to put our Rental Car
11520
07:41:54,586 --> 07:41:55,848
in the monitor mode
11521
07:41:55,848 --> 07:41:59,500
and then we also want to put
up our network interface card.
11522
07:41:59,500 --> 07:42:01,800
Now, what we want to do
out here is optimize it
11523
07:42:01,800 --> 07:42:03,779
so we can be
attacking constantly.
11524
07:42:03,779 --> 07:42:05,426
So let us Put a sleep timer.
11525
07:42:05,426 --> 07:42:07,300
So this will make
our program sleep
11526
07:42:07,300 --> 07:42:08,967
for a particular amount of time.
11527
07:42:08,967 --> 07:42:11,000
I'm going to make
a sleep for 5 seconds.
11528
07:42:11,000 --> 07:42:13,000
So after every 5 seconds,
11529
07:42:13,000 --> 07:42:15,900
it's gonna send
that particular bssid.
11530
07:42:15,900 --> 07:42:17,900
Then the authentication messages
11531
07:42:17,900 --> 07:42:20,400
then just going to bring
down my interface card.
11532
07:42:20,400 --> 07:42:22,500
It's gonna change
my Mac address.
11533
07:42:22,500 --> 07:42:24,668
It's going to put back
the interface card
11534
07:42:24,668 --> 07:42:27,300
in the monitor mode
and sleep for 5 seconds.
11535
07:42:27,300 --> 07:42:29,400
And then repeat
the entire process
11536
07:42:29,600 --> 07:42:31,500
and to end the script.
11537
07:42:31,500 --> 07:42:33,038
Let's just say done.
11538
07:42:33,038 --> 07:42:36,192
So that will denote
when Loop is done now.
11539
07:42:36,192 --> 07:42:39,500
Let me just save it
Ctrl o control X to exit
11540
07:42:39,500 --> 07:42:40,600
and there we go.
11541
07:42:40,600 --> 07:42:41,300
Okay.
11542
07:42:41,300 --> 07:42:43,800
So first of all to actually run
11543
07:42:43,800 --> 07:42:47,600
this need to give it
some more permission.
11544
07:42:47,600 --> 07:42:50,146
So as you guys can see
we already have it.
11545
07:42:50,146 --> 07:42:53,139
Let me just put it
in a much more readable format.
11546
07:42:53,139 --> 07:42:53,472
Okay.
11547
07:42:53,472 --> 07:42:55,600
So as you guys can see our doors
11548
07:42:55,600 --> 07:42:58,723
does sh doesn't really
have execute ability
11549
07:42:58,723 --> 07:43:01,400
so we can do
that with command chmod.
11550
07:43:01,400 --> 07:43:03,925
So I'm going to give it
some executable permission.
11551
07:43:03,925 --> 07:43:06,400
So chmod One plus X
and then the name of the file.
11552
07:43:06,400 --> 07:43:09,542
So this will actually
change our dos dos SSH
11553
07:43:09,542 --> 07:43:11,600
into a executable bash script.
11554
07:43:11,600 --> 07:43:11,913
Okay.
11555
07:43:11,913 --> 07:43:14,524
So it seems that we
have done some error.
11556
07:43:14,524 --> 07:43:17,200
So let's just go back
into our bash script
11557
07:43:17,200 --> 07:43:20,800
and check for the error
that we have probably done.
11558
07:43:20,800 --> 07:43:24,400
So now -
does a jet d'eau start sh.
11559
07:43:24,900 --> 07:43:25,600
Okay.
11560
07:43:25,600 --> 07:43:27,600
So the thing
that I am missing is
11561
07:43:27,600 --> 07:43:29,400
that I forgot -
11562
07:43:29,400 --> 07:43:33,000
A that I'm supposed to put
before putting the bssid
11563
07:43:33,000 --> 07:43:36,100
and the are replay
Angie part of the code.
11564
07:43:36,100 --> 07:43:38,700
So let me just go ahead
and quickly do that.
11565
07:43:38,700 --> 07:43:39,028
Okay.
11566
07:43:39,028 --> 07:43:40,661
So now that that is done.
11567
07:43:40,661 --> 07:43:43,468
Let me just save it
and quickly exit and see
11568
07:43:43,468 --> 07:43:45,100
if this thing is working.
11569
07:43:45,900 --> 07:43:46,200
Ok.
11570
07:43:46,200 --> 07:43:50,413
So now we are trying
to work out our script
11571
07:43:50,413 --> 07:43:52,400
now you guys should know
11572
07:43:52,400 --> 07:43:55,000
that this Erica Wi-Fi
is my company's Wi-Fi
11573
07:43:55,000 --> 07:43:58,300
and I have complete permission
to go ahead and do this to them.
11574
07:43:58,300 --> 07:43:58,900
Also.
11575
07:43:58,900 --> 07:44:00,913
My company's Wi-Fi
is kind of secure.
11576
07:44:00,913 --> 07:44:02,200
So every time it senses
11577
07:44:02,200 --> 07:44:04,400
that ADI authentication
message is being sent.
11578
07:44:04,400 --> 07:44:05,300
I ain't like that.
11579
07:44:05,300 --> 07:44:07,800
It kind of changes the channel
that it is working on.
11580
07:44:07,800 --> 07:44:09,862
So these guys are
really smart smarter
11581
07:44:09,862 --> 07:44:11,200
than me most of the time
11582
07:44:11,200 --> 07:44:12,759
and this time I'm just going
11583
07:44:12,759 --> 07:44:15,100
to try and force them
to work on Channel 6.
11584
07:44:15,100 --> 07:44:17,500
So let me just go
ahead and run my script once.
11585
07:44:17,500 --> 07:44:19,100
Okay, so let me just check that.
11586
07:44:19,100 --> 07:44:21,422
They're still working
on Channel 6 Yep.
11587
07:44:21,422 --> 07:44:23,500
They're still working
on Channel 6.
11588
07:44:23,700 --> 07:44:27,100
Let me just check my script
once if it's correctly done
11589
07:44:27,100 --> 07:44:29,200
if I have the perfect Mark ID.
11590
07:44:29,200 --> 07:44:33,200
Let me just copy in the Mac ID
just to be sure once again,
11591
07:44:33,200 --> 07:44:34,400
so they go.
11592
07:44:34,400 --> 07:44:35,200
Copied it.
11593
07:44:35,200 --> 07:44:39,066
Let's go into the script
and let's face it out.
11594
07:44:39,066 --> 07:44:39,391
Okay.
11595
07:44:39,391 --> 07:44:40,886
So now that that is done
11596
07:44:40,886 --> 07:44:44,000
and we have mac IDs
and everything set up properly.
11597
07:44:44,000 --> 07:44:46,700
Let me just show you
how to run the script so you go
11598
07:44:46,700 --> 07:44:49,304
Dot and backward slash
and then you said -
11599
07:44:49,304 --> 07:44:50,104
does SH now.
11600
07:44:50,104 --> 07:44:52,858
I see that our thing
is working on Channel 8.
11601
07:44:52,858 --> 07:44:55,300
So this will definitely
not book and say
11602
07:44:55,300 --> 07:44:59,400
that the SSID is not so
what we need to do
11603
07:44:59,400 --> 07:45:01,035
as I have showed you guys
11604
07:45:01,035 --> 07:45:04,700
earlier we can go aw config wl1
and change the channel 2.
11605
07:45:04,700 --> 07:45:05,500
Channel 6.
11606
07:45:05,500 --> 07:45:07,800
Oops, I channel
to channel it again.
11607
07:45:08,000 --> 07:45:09,266
This will not work.
11608
07:45:09,266 --> 07:45:09,858
I'm sorry.
11609
07:45:09,858 --> 07:45:10,800
That was my bad.
11610
07:45:10,800 --> 07:45:12,900
So now that we have changed
it to channel 6,
11611
07:45:12,900 --> 07:45:16,200
you can see that it is sending
everything immediately.
11612
07:45:16,200 --> 07:45:16,900
Okay.
11613
07:45:16,900 --> 07:45:20,500
So that is actually running
our script very well.
11614
07:45:20,500 --> 07:45:22,700
And as you guys can see
the security measures
11615
07:45:22,700 --> 07:45:24,100
are taken by my company.
11616
07:45:24,100 --> 07:45:26,299
It will not always
work on Channel 6.
11617
07:45:26,300 --> 07:45:29,757
It will keep rotating now
until it finds the safe channel.
11618
07:45:29,757 --> 07:45:32,000
So it really can't find
a safe Channel.
11619
07:45:32,000 --> 07:45:35,600
I was always be dosing
on Channel 6 and It will run.
11620
07:45:35,600 --> 07:45:39,194
Sometimes it won't run sometimes
but mostly with unsecured Wi-Fi
11621
07:45:39,194 --> 07:45:40,900
that is running at your home.
11622
07:45:40,900 --> 07:45:43,900
Mostly this will work
a hundred percent times.
11623
07:45:43,900 --> 07:45:45,100
So let me just stop this
11624
07:45:45,100 --> 07:45:46,976
because my company
will go mad on me
11625
07:45:46,976 --> 07:45:48,800
if I just keep on dancing them.
11626
07:45:48,800 --> 07:45:51,916
So this brings us to the end
of a demonstration.
11627
07:45:51,916 --> 07:45:55,100
This is how you can
always toss your neighbors
11628
07:45:55,100 --> 07:45:56,452
if they're annoying you
11629
07:45:56,452 --> 07:45:59,300
but remember if you're caught
you could be prosecuted.
11630
07:45:59,300 --> 07:46:01,516
So this was about
how the device works
11631
07:46:01,516 --> 07:46:04,141
with DDOS actually is
and the different types
11632
07:46:04,141 --> 07:46:07,509
and how you can do one
on your own with your own system
11633
07:46:07,509 --> 07:46:08,400
by my company.
11634
07:46:08,400 --> 07:46:12,009
It will not always work on
Channel 6 will keep rotating now
11635
07:46:12,009 --> 07:46:14,000
until it finds the safe channel.
11636
07:46:14,000 --> 07:46:16,300
So it really can't find
a safe Channel.
11637
07:46:16,300 --> 07:46:17,668
I was always be dosing
11638
07:46:17,668 --> 07:46:21,500
on Channel 6 and it will run
sometimes it won't run sometimes
11639
07:46:21,500 --> 07:46:23,411
but mostly with unsecured Wi-Fi
11640
07:46:23,411 --> 07:46:25,200
that is running at your home.
11641
07:46:25,200 --> 07:46:28,200
Mostly this will work
a hundred percent times.
11642
07:46:28,200 --> 07:46:29,400
So let me just stop this
11643
07:46:29,400 --> 07:46:31,315
because my company
will go mad on me
11644
07:46:31,315 --> 07:46:33,064
if I just keep on dancing them.
11645
07:46:33,064 --> 07:46:34,700
So this brings us to the end.
11646
07:46:34,700 --> 07:46:36,188
To off a demonstration.
11647
07:46:36,188 --> 07:46:39,300
This is how you can
always dose your neighbors
11648
07:46:39,300 --> 07:46:40,596
if they're annoying you
11649
07:46:40,596 --> 07:46:43,600
but remember if you're caught
you could be prosecuted.
11650
07:46:43,600 --> 07:46:45,867
So this was about
how the device Works
11651
07:46:45,867 --> 07:46:47,400
would beat us actually is
11652
07:46:47,400 --> 07:46:50,800
and the different types and
how you can do one on your own
11653
07:46:50,800 --> 07:46:52,100
with your own system.
11654
07:46:56,700 --> 07:46:57,484
In early days
11655
07:46:57,484 --> 07:47:00,602
of Internet building websites
were straightforward.
11656
07:47:00,602 --> 07:47:02,100
There was no JavaScript.
11657
07:47:02,100 --> 07:47:05,012
No back-end know CSS
and very few images
11658
07:47:05,012 --> 07:47:07,700
but as web gained
popularity the need
11659
07:47:07,700 --> 07:47:09,645
for more advanced technology
11660
07:47:09,645 --> 07:47:11,800
and dynamic websites group this
11661
07:47:11,800 --> 07:47:15,284
led to development of common
Gateway interface or CGI
11662
07:47:15,284 --> 07:47:18,500
as we call it and
server-side scripting languages
11663
07:47:18,500 --> 07:47:20,700
like ASP JavaScript PHP
11664
07:47:20,700 --> 07:47:25,508
and many others websites changed
and started storing user input
11665
07:47:25,508 --> 07:47:26,800
and site content.
11666
07:47:26,811 --> 07:47:30,700
Databases each and
every data field of a website is
11667
07:47:30,700 --> 07:47:34,400
like a gate to database
for example in login form.
11668
07:47:34,400 --> 07:47:36,413
The user enters the login data
11669
07:47:36,413 --> 07:47:39,500
and search failed
the user enters a search text
11670
07:47:39,500 --> 07:47:43,700
and in data saving form the user
enters the data to be saved.
11671
07:47:43,800 --> 07:47:46,800
All this indicate
data goes to database.
11672
07:47:46,800 --> 07:47:48,500
So instead of correct data,
11673
07:47:48,500 --> 07:47:52,264
if any malicious code is entered
then there are possibilities
11674
07:47:52,264 --> 07:47:55,181
for some serious damage
to happen to the database
11675
07:47:55,181 --> 07:47:56,700
and sometimes to the end.
11676
07:47:56,700 --> 07:48:00,467
Fire system and this is what
SQL injection is all about.
11677
07:48:00,467 --> 07:48:03,718
I'm sure you've heard
of SQL SQL query language
11678
07:48:03,718 --> 07:48:06,900
or SQL is a language
which is designed to man,
11679
07:48:06,900 --> 07:48:09,590
you plate and manage
data in a database
11680
07:48:09,590 --> 07:48:13,315
SQL injection attack is a type
of cybersecurity attack
11681
07:48:13,315 --> 07:48:16,600
that targets these databases
using specifically
11682
07:48:16,600 --> 07:48:19,600
crafted SQL statements
to trick the systems
11683
07:48:19,600 --> 07:48:22,500
into doing unexpected
and undesired things.
11684
07:48:22,500 --> 07:48:23,522
So by leveraging
11685
07:48:23,522 --> 07:48:26,400
an SQL injection vulnerability
present in web.
11686
07:48:26,911 --> 07:48:27,800
Or the website
11687
07:48:27,800 --> 07:48:31,000
given the right circumstances
an attacker can use it
11688
07:48:31,000 --> 07:48:34,304
to bypass web applications
authentication details as
11689
07:48:34,304 --> 07:48:35,600
in if you have login
11690
07:48:35,600 --> 07:48:37,040
and password user can
11691
07:48:37,040 --> 07:48:39,555
or attacker can enter
just the user ID.
11692
07:48:39,555 --> 07:48:42,600
Skip the password entry
and get into the system
11693
07:48:42,600 --> 07:48:44,900
or it can sometimes
retrieve the content
11694
07:48:44,900 --> 07:48:46,338
of an entire database.
11695
07:48:46,338 --> 07:48:50,090
He can also use SQL injection
vulnerability to add modify
11696
07:48:50,090 --> 07:48:51,900
and sometime delete records
11697
07:48:51,900 --> 07:48:54,611
in a database
affecting data Integrity
11698
07:48:54,611 --> 07:48:56,800
while using this vulnerability.
11699
07:48:56,800 --> 07:49:00,800
Attacker can do unimaginable
things this exactly shows
11700
07:49:00,800 --> 07:49:03,300
how dangerous and SQL
injection can be now.
11701
07:49:03,300 --> 07:49:06,711
Let's check out how a typical
SQL injection is carried out.
11702
07:49:06,711 --> 07:49:09,700
Well, let's start with
non-technical explanation guys.
11703
07:49:09,700 --> 07:49:11,288
Have a simple analogy here.
11704
07:49:11,288 --> 07:49:13,000
So first let's go through this.
11705
07:49:13,000 --> 07:49:15,100
Once you understand
this you are easily able
11706
07:49:15,100 --> 07:49:18,100
to relate this with what
SQL injection attack is.
11707
07:49:18,100 --> 07:49:19,700
So anyway first imagine
11708
07:49:19,700 --> 07:49:21,700
that you have
a fully automated bus
11709
07:49:21,700 --> 07:49:22,998
that functions based
11710
07:49:22,998 --> 07:49:26,700
on the instructions given by
human through a standard web.
11711
07:49:26,800 --> 07:49:29,500
Well that for might look
something like this.
11712
07:49:29,500 --> 07:49:33,459
For example the for might say
drive through the route
11713
07:49:33,459 --> 07:49:35,500
and where should the bus stop
11714
07:49:35,500 --> 07:49:38,500
if when should the bus
stop this route and
11715
07:49:38,500 --> 07:49:40,887
where should the bus stop
and this condition?
11716
07:49:40,887 --> 07:49:43,600
That's when should the bus stop
or the user inputs.
11717
07:49:43,600 --> 07:49:46,000
This is where you will have
to enter the input
11718
07:49:46,000 --> 07:49:49,000
into the form now after putting
some data into the field.
11719
07:49:49,000 --> 07:49:51,700
It looks something
like this drive through Route
11720
07:49:51,700 --> 07:49:54,400
77 and stop at the bus stop
11721
07:49:54,400 --> 07:49:56,700
if there are people
at the bus stop.
11722
07:49:56,700 --> 07:49:58,700
Well, that looks
simple enough, right?
11723
07:49:58,700 --> 07:50:00,500
So basically you're the human
11724
07:50:00,500 --> 07:50:03,200
or the person is trying
to give 3 instruction
11725
07:50:03,200 --> 07:50:05,900
that is per should
stop at Route 77.
11726
07:50:06,200 --> 07:50:07,700
It should stop at the bus stop
11727
07:50:07,700 --> 07:50:09,880
if there are people
at the bus stop.
11728
07:50:09,880 --> 07:50:13,270
Well, that sounds harmless
now imagine a scenario
11729
07:50:13,270 --> 07:50:16,193
where someone manages
to send these instructions
11730
07:50:16,193 --> 07:50:17,500
which looks something
11731
07:50:17,500 --> 07:50:22,236
like this drive through Route 77
and do not stop at the bus stop
11732
07:50:22,236 --> 07:50:24,158
and ignore rest of the firm
11733
07:50:24,158 --> 07:50:26,651
if there are people
at the bus stop.
11734
07:50:26,651 --> 07:50:29,500
And now since the bus
is fully automated.
11735
07:50:29,500 --> 07:50:31,807
It does exactly as instructed.
11736
07:50:31,807 --> 07:50:35,000
It drives up Route
77 and does not stop
11737
07:50:35,000 --> 07:50:38,600
at any bus stop even
when there are people waited
11738
07:50:38,600 --> 07:50:42,693
because the instruction says
do not stop at the bus stop
11739
07:50:42,693 --> 07:50:44,900
and ignore the rest of the form.
11740
07:50:44,900 --> 07:50:46,244
So this part which is
11741
07:50:46,244 --> 07:50:49,200
if there are people
at the bus stop is ignored
11742
07:50:49,200 --> 07:50:50,788
we were able to do this
11743
07:50:50,788 --> 07:50:52,617
because the query structure
11744
07:50:52,617 --> 07:50:55,900
and the supplied data
are not separated properly
11745
07:50:55,900 --> 07:50:58,388
so that Automated bus
does not differentiate
11746
07:50:58,388 --> 07:50:59,800
between the instructions
11747
07:50:59,800 --> 07:51:03,243
and the data it simply does
anything that it is fed
11748
07:51:03,243 --> 07:51:07,100
with are asked to do well
SQL injection attacks are based
11749
07:51:07,100 --> 07:51:09,033
on the same concept attackers
11750
07:51:09,033 --> 07:51:11,700
are able to inject
malicious instructions
11751
07:51:11,700 --> 07:51:15,441
into good ones all of which
are then sent to database server
11752
07:51:15,441 --> 07:51:16,900
through web application
11753
07:51:16,900 --> 07:51:20,105
and now the technical
explanation and SQL injection
11754
07:51:20,105 --> 07:51:21,900
needs to conditions to exist
11755
07:51:21,900 --> 07:51:26,200
which is a relational database
that uses SQL and a user.
11756
07:51:26,400 --> 07:51:29,660
And put which is directly
used in an SQL query.
11757
07:51:29,660 --> 07:51:32,000
Let's say we have
an SQL statement
11758
07:51:32,000 --> 07:51:33,733
a simple SQL statement.
11759
07:51:33,733 --> 07:51:36,900
This statement says
select from table users
11760
07:51:36,900 --> 07:51:39,600
where username is so-and-so
and password is so
11761
07:51:39,600 --> 07:51:42,300
and so basically you
can think of it as a code
11762
07:51:42,300 --> 07:51:43,300
for a login form.
11763
07:51:43,300 --> 07:51:45,045
It's asking for the username
11764
07:51:45,045 --> 07:51:47,280
and the password
this SQL statement
11765
07:51:47,280 --> 07:51:48,697
is passed to a function
11766
07:51:48,697 --> 07:51:51,630
that sends the entire string
to Connected database
11767
07:51:51,630 --> 07:51:55,400
where it will be passed executed
and returns a result at the end
11768
07:51:55,400 --> 07:51:57,867
if you have noticed First
the statement contains
11769
07:51:57,867 --> 07:51:59,579
some special characters, right?
11770
07:51:59,579 --> 07:52:01,900
We have asked her
to return all the columns
11771
07:52:01,900 --> 07:52:03,549
for selected database row
11772
07:52:03,549 --> 07:52:06,651
and then there is equals
to only riddance values
11773
07:52:06,651 --> 07:52:08,500
that match the search string
11774
07:52:08,500 --> 07:52:11,038
and then we have
single quote here
11775
07:52:11,038 --> 07:52:13,261
and here to tell
the SQL database
11776
07:52:13,261 --> 07:52:15,900
where the search string
starts or ends.
11777
07:52:15,900 --> 07:52:16,862
So for user you
11778
07:52:16,862 --> 07:52:20,248
have starting here and in
here and for password here,
11779
07:52:20,248 --> 07:52:23,700
so basically a pair now
consider the following example
11780
07:52:23,700 --> 07:52:28,100
in which a website user is able
to change the Use of this user
11781
07:52:28,200 --> 07:52:31,000
and password such as
n log in form.
11782
07:52:31,200 --> 07:52:34,365
So if the values are put
into user and password,
11783
07:52:34,365 --> 07:52:36,587
it looks something
like this select
11784
07:52:36,587 --> 07:52:37,672
from users table.
11785
07:52:37,672 --> 07:52:40,800
The user name is Dean
and password as Winchester's
11786
07:52:40,800 --> 07:52:43,133
and the SQL statement
is simple enough.
11787
07:52:43,133 --> 07:52:44,190
It's very direct.
11788
07:52:44,190 --> 07:52:47,900
So if there is a user called
Dean with password Winchester's
11789
07:52:47,900 --> 07:52:49,221
then all the columns
11790
07:52:49,221 --> 07:52:51,800
of table users are
extracted now suppose
11791
07:52:51,800 --> 07:52:55,700
if the input is not properly
sanitized by the web application
11792
07:52:55,700 --> 07:52:59,900
the attacker Can easily insert
some malicious SQL statement
11793
07:52:59,900 --> 07:53:02,715
like this the username
might be Dean
11794
07:53:02,715 --> 07:53:04,100
or 1 is equal to 1
11795
07:53:04,100 --> 07:53:08,100
and then you have double hyphen
followed by password is equal
11796
07:53:08,100 --> 07:53:12,094
to Winchester's so basically
along with the data the user
11797
07:53:12,094 --> 07:53:14,372
or the attacker
has tried to enter
11798
07:53:14,372 --> 07:53:18,100
a malicious SQL statement
disguising it as a data here.
11799
07:53:18,100 --> 07:53:20,600
So guys, you need
to notice two things here.
11800
07:53:20,600 --> 07:53:24,400
First one we have or 1 is equal
to 1 it's a condition
11801
07:53:24,400 --> 07:53:26,518
that will always
be true therefore.
11802
07:53:26,518 --> 07:53:29,279
It is accepted as
a valid input by application.
11803
07:53:29,279 --> 07:53:31,800
For example, if Dean
is not a valid user or
11804
07:53:31,800 --> 07:53:33,441
if there is no user called Dean
11805
07:53:33,441 --> 07:53:36,600
in the database application
would consider the next value
11806
07:53:36,600 --> 07:53:37,900
because there is or in
11807
07:53:37,900 --> 07:53:40,400
between our next value
is 1 is equal to 1
11808
07:53:40,400 --> 07:53:42,084
which always returns true.
11809
07:53:42,084 --> 07:53:46,100
So basically our input will be
something like this Dean or true
11810
07:53:46,100 --> 07:53:49,600
and if there is no user called
Dean the next input will be true
11811
07:53:49,600 --> 07:53:51,898
and it will be taken
as an input value
11812
07:53:51,898 --> 07:53:53,700
and values will be displayed.
11813
07:53:53,700 --> 07:53:56,300
So the next part
which has double -
11814
07:53:56,300 --> 07:53:58,400
I'm sure you know
what double -
11815
07:53:58,400 --> 07:53:59,457
represents Droid.
11816
07:53:59,457 --> 07:54:02,932
Basically, it's commenting
the next part of the SQL query.
11817
07:54:02,932 --> 07:54:04,700
So it instruct the SQL passer
11818
07:54:04,700 --> 07:54:06,900
that the rest
of the line is a comment
11819
07:54:06,900 --> 07:54:08,600
and should not be executed.
11820
07:54:08,600 --> 07:54:11,800
So the part that's
password part will be ignored.
11821
07:54:11,800 --> 07:54:14,600
So basically what we're trying
to do is we're trying
11822
07:54:14,600 --> 07:54:17,070
to bypass the password
authentication here.
11823
07:54:17,070 --> 07:54:19,964
So once the query executes
the SQL injection effectively
11824
07:54:19,964 --> 07:54:22,100
removes the password
verification resulting
11825
07:54:22,100 --> 07:54:24,700
in an authentication bypass
by using double life,
11826
07:54:24,700 --> 07:54:26,600
and we're commenting
rest of the comment.
11827
07:54:26,600 --> 07:54:28,600
And before that using
one is equal to one
11828
07:54:28,600 --> 07:54:30,500
which is translated to true.
11829
07:54:30,500 --> 07:54:33,000
We are trying to enter
the database without even
11830
07:54:33,000 --> 07:54:34,400
giving an invalid value.
11831
07:54:34,400 --> 07:54:37,100
So the application will most
likely log the attacker in
11832
07:54:37,100 --> 07:54:39,300
with the first account
from the query result.
11833
07:54:39,300 --> 07:54:41,800
And as you guys know most
of the time the first account
11834
07:54:41,800 --> 07:54:42,667
in a database is
11835
07:54:42,667 --> 07:54:45,973
that if an administrative user
so basically by doing nothing
11836
07:54:45,973 --> 07:54:48,258
or basically by giving
some random data here
11837
07:54:48,258 --> 07:54:51,199
the attacker was able
to extract the admin details,
11838
07:54:51,200 --> 07:54:52,938
it sounds very dangerous, right?
11839
07:54:52,938 --> 07:54:55,600
So that's all an SQL
injection attack is all about
900782