Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,270 --> 00:00:02,700
Hello everybody and welcome back.
2
00:00:02,700 --> 00:00:09,550
And right now we are slowly entering our foot printing section which will be the last part of the big
3
00:00:09,570 --> 00:00:15,900
intersection including the scanning section that we will do right after we cover the foot printing.
4
00:00:16,830 --> 00:00:18,420
Well before we begin.
5
00:00:18,450 --> 00:00:25,470
While our machine is starting up let us just explain a little bit more what the printing is.
6
00:00:25,560 --> 00:00:29,010
So first of all there are two types of foot printing.
7
00:00:29,010 --> 00:00:31,290
One is active and one is passive.
8
00:00:31,980 --> 00:00:39,080
Now the active foot printing basically requires some in some interaction with the target that you're
9
00:00:39,090 --> 00:00:45,570
trying to attack while the passive foot printing is basically just gathering all of the public available
10
00:00:45,570 --> 00:00:48,480
information for your target.
11
00:00:48,480 --> 00:00:55,740
So for example if your target has a Facebook account Twitter or basically any other account or any other
12
00:00:55,830 --> 00:01:02,220
source of information from which you can gather some of the valuable stuff you might need.
13
00:01:02,220 --> 00:01:10,650
Now let's say for example your target is a company and as a public information online you have the debt
14
00:01:10,650 --> 00:01:15,360
company for example uses Windows XP on their machines.
15
00:01:15,360 --> 00:01:22,380
You can already cut out the Linux exploits and Windows 10 or 7 exploits and you can basically just focus
16
00:01:22,410 --> 00:01:26,740
on writing up Windows XP exploit.
17
00:01:26,990 --> 00:01:32,490
Now we all know that nobody really uses XP anymore because it is vulnerable and it can.
18
00:01:32,490 --> 00:01:34,360
It is basically an open box.
19
00:01:34,680 --> 00:01:37,620
But that was just an example.
20
00:01:37,620 --> 00:01:44,790
There are lots of public information which you can find.
21
00:01:45,030 --> 00:01:45,320
Sorry.
22
00:01:45,330 --> 00:01:46,910
There was a cut in my recording.
23
00:01:47,100 --> 00:01:55,180
So basically what I was going to say is let's go to the some of the practical methods we Google hacking.
24
00:01:55,270 --> 00:01:57,440
We were comfortable with hacking in this material.
25
00:01:57,450 --> 00:01:59,260
So let me just log in.
26
00:01:59,280 --> 00:02:00,540
That's one two three four
27
00:02:03,310 --> 00:02:06,420
and as soon as this machine pulls up.
28
00:02:06,880 --> 00:02:13,120
Well I mean as soon as my desktop puts up we will open our folks and we will run some of the specific
29
00:02:13,120 --> 00:02:20,040
commands in the Google search bar in order to find some of the stuff we might need.
30
00:02:20,050 --> 00:02:23,430
Now this is just one of the tools for printing that we will cover.
31
00:02:23,710 --> 00:02:33,070
And basically the other ones which will be for example harvester Nikko Sheldon and who is we will cover
32
00:02:33,130 --> 00:02:35,270
in the next lectures but for now on.
33
00:02:35,600 --> 00:02:38,600
Let us just open our Firefox.
34
00:02:38,710 --> 00:02:47,530
So just click on your Firefox icon and basically since it will lead you to your Linux website you want
35
00:02:47,530 --> 00:02:50,150
to navigate to Google so just type here.
36
00:02:50,410 --> 00:02:54,490
The Google dot com I'm just waiting for my Firefox to open
37
00:02:59,940 --> 00:03:02,040
it is taking a little bit of time.
38
00:03:02,040 --> 00:03:02,730
Here we go.
39
00:03:02,730 --> 00:03:07,550
It is basically opening right now so you can just leave here.
40
00:03:07,560 --> 00:03:10,710
We can add another tab and go onto Google that com
41
00:03:25,770 --> 00:03:26,260
OK.
42
00:03:26,320 --> 00:03:33,400
Finally open now let's say for example that's Europe that you want to find all the Web sites that have
43
00:03:33,720 --> 00:03:40,510
a user input that could possibly be vulnerable to the SSL injection for example.
44
00:03:40,510 --> 00:03:50,740
So you just on Google search bar you just type here in your URL and then the two dots space and the
45
00:03:52,180 --> 00:04:05,110
apostrophe then index dot BHP question mark and then Heidi equals just find equals on my keyboard.
46
00:04:05,140 --> 00:04:05,930
Here we go.
47
00:04:05,950 --> 00:04:08,330
And then apostrophe once again.
48
00:04:08,380 --> 00:04:15,400
Now what this will do is it will find all the Web sites that end in the index the BHP question mark
49
00:04:15,430 --> 00:04:18,700
IDR equals and then some number.
50
00:04:18,700 --> 00:04:20,290
Now what does that mean.
51
00:04:20,290 --> 00:04:30,700
Well basically if we click on any of these pages check right here your connection is not secure.
52
00:04:30,860 --> 00:04:32,010
There you go.
53
00:04:32,290 --> 00:04:35,290
Let's go check the number one.
54
00:04:35,320 --> 00:04:38,790
I'm not sure why it says that.
55
00:04:38,870 --> 00:04:39,910
Well I have an idea.
56
00:04:39,950 --> 00:04:41,580
But here we go.
57
00:04:41,590 --> 00:04:48,770
So basically as you can see right here this Web site could possibly be vulnerable to these as your injection.
58
00:04:48,790 --> 00:04:57,140
We can check that easily with the apostrophe and if we tried to log in looking for the two incorrect
59
00:04:57,150 --> 00:04:58,770
e-mail address on passphrase.
60
00:04:58,780 --> 00:05:05,140
So basically this site is imponderable at least at the first try but we won't try it anymore since we
61
00:05:05,140 --> 00:05:06,880
shouldn't really do that.
62
00:05:06,940 --> 00:05:12,430
Basically I just want to show you how to feel throughout all of the Web sites that actually have a user
63
00:05:12,520 --> 00:05:17,140
input which could be vulnerable to the rescue all injection.
64
00:05:17,140 --> 00:05:23,200
So basically anywhere where you can type something and then the Web site page can process it could be
65
00:05:23,200 --> 00:05:30,100
vulnerable to the user input which could be a piece of code that you would tweak the server to run for
66
00:05:30,100 --> 00:05:31,940
you so.
67
00:05:31,950 --> 00:05:34,980
But more about that in the Web site hacking section.
68
00:05:34,980 --> 00:05:39,930
Now that was just one of the comments that we just got on Google.
69
00:05:39,930 --> 00:05:45,360
Once again I don't know why I call it in order to find the comments you might need.
70
00:05:45,360 --> 00:05:51,750
There is Google hacking database which basically you just type here can Google will hacking database
71
00:05:52,740 --> 00:05:59,490
and you click here on the first link and it will lead us to a Web site with bunch of the comments be
72
00:05:59,490 --> 00:06:02,820
used in order to find out the things we might need.
73
00:06:02,820 --> 00:06:07,650
For example passports or visa files or Excel files or anything.
74
00:06:07,650 --> 00:06:10,870
So let's just wait for this to open.
75
00:06:10,920 --> 00:06:12,680
Here it is.
76
00:06:12,810 --> 00:06:16,940
And as you can see it says right here it is the database Web site.
77
00:06:17,310 --> 00:06:23,610
The Google hacking database these are just a bunch of documents which you just copy and paste into Google
78
00:06:23,610 --> 00:06:28,350
search bar and it will list you all the files you are searching.
79
00:06:28,350 --> 00:06:30,260
I'm not really sure what these comments are.
80
00:06:30,270 --> 00:06:36,980
It says right here if we click on the one it will lead us to the command which is this one
81
00:06:39,670 --> 00:06:41,560
now I can only guess what this does.
82
00:06:41,560 --> 00:06:47,140
But we can read it in description doc or finding log in porters were well-known company websites hosted
83
00:06:47,590 --> 00:06:50,880
on famous hosting providers such as all of these.
84
00:06:51,070 --> 00:06:56,620
Basically so these commanders that we can try it out if we want to.
85
00:06:56,680 --> 00:07:00,750
It's not really that useful for us but why not.
86
00:07:00,760 --> 00:07:02,880
So you just copy command.
87
00:07:03,040 --> 00:07:06,100
You can do it from here or you can just copy it from here.
88
00:07:06,160 --> 00:07:11,020
It was the first one so we will just copy and paste it and we will see how it works.
89
00:07:11,650 --> 00:07:12,530
So here we are.
90
00:07:12,540 --> 00:07:18,250
They are all basically account log in as we can see account log in my account log in my account log
91
00:07:18,250 --> 00:07:26,260
in so it all throughout all of the websites which have a directory which is slash my account log in.
92
00:07:26,260 --> 00:07:30,760
Now let's see for example another one.
93
00:07:31,420 --> 00:07:34,060
These are as you can see listed with a date.
94
00:07:34,090 --> 00:07:39,300
So this one of them was yesterday we can go.
95
00:07:39,330 --> 00:07:43,550
Let's go off on this one entitled index of SS age.
96
00:07:43,560 --> 00:07:48,190
Now you can read right here that data you find web servers.
97
00:07:48,330 --> 00:07:54,420
A sage version has such keys as such log ins and SSA to dot EMC files as it says right here.
98
00:07:54,420 --> 00:07:57,800
I found a lot of servers using SSA to one point four.
99
00:07:57,810 --> 00:08:00,900
There are usually plus five years old and full of security holes.
100
00:08:00,930 --> 00:08:04,160
Search and exploit database for as each one turns up.
101
00:08:04,170 --> 00:08:06,760
Plus forty thousand exploits for these.
102
00:08:06,810 --> 00:08:11,660
Some may work so this could be a useful command for us.
103
00:08:11,760 --> 00:08:17,150
We can copy it and see what we find with it.
104
00:08:17,370 --> 00:08:25,800
We won't be attacking any of these since we don't have permission but it sure could be useful later
105
00:08:25,800 --> 00:08:26,000
on
106
00:08:30,940 --> 00:08:33,540
as you can see.
107
00:08:34,170 --> 00:08:37,040
We will not mess with this right now.
108
00:08:37,450 --> 00:08:44,110
What we want to do is only use these commands and we will cover hacking of websites later on but not
109
00:08:44,170 --> 00:08:44,970
on these Web.
110
00:08:44,980 --> 00:08:53,630
But on the Web sites that we do own which we will make in our own virtual environment so you'll need
111
00:08:53,630 --> 00:08:59,060
to use these commands only you can basically if you want to search for the example PDA files you can
112
00:08:59,060 --> 00:09:06,190
type here a quick search the and it will show you the EDF I believe too.
113
00:09:06,220 --> 00:09:08,780
Let's see how to find a PDA.
114
00:09:08,780 --> 00:09:15,040
File a man deliberately do not want that in text please find attached log in packs for it.
115
00:09:15,460 --> 00:09:21,850
Well let's see this could be a PDA file that could contain a password.
116
00:09:22,080 --> 00:09:24,260
I'm not sure if I can do it like this I.
117
00:09:24,260 --> 00:09:29,930
So you as you can see right here these all files are PDA files.
118
00:09:29,930 --> 00:09:33,820
You can see right here all of this is a PDA.
119
00:09:33,860 --> 00:09:35,910
Let's see if we open one.
120
00:09:35,930 --> 00:09:37,850
It will ask us to save these files.
121
00:09:37,850 --> 00:09:39,790
We do not want to save it.
122
00:09:39,820 --> 00:09:44,450
Basically this is just all of the PDA files available on the Internet.
123
00:09:44,480 --> 00:09:50,930
Let's just see the more accurate explanation of these command passwords and information on Target's
124
00:09:51,470 --> 00:09:57,970
employees customers also for spear phishing replace PDA extension with any other document essentially.
125
00:09:57,980 --> 00:09:59,520
Doc doc thanks Steve.
126
00:09:59,570 --> 00:09:59,930
Steve.
127
00:10:00,050 --> 00:10:04,020
Okay so that was PDA.
128
00:10:04,020 --> 00:10:08,570
If you can use any of these commands if you want to know what it does you just click on the command
129
00:10:10,430 --> 00:10:13,780
and this one really doesn't have any explanation.
130
00:10:13,780 --> 00:10:20,540
Let's just check out another one as you can see this command which is pretty huge.
131
00:10:21,510 --> 00:10:25,950
Well basically we'll help you to find out.
132
00:10:25,960 --> 00:10:29,020
Videos published in Google drives.
133
00:10:29,180 --> 00:10:30,440
So example.
134
00:10:30,470 --> 00:10:30,700
Yeah.
135
00:10:30,730 --> 00:10:31,160
OK.
136
00:10:31,370 --> 00:10:32,040
So PDA.
137
00:10:32,120 --> 00:10:32,790
And before.
138
00:10:33,560 --> 00:10:33,890
OK.
139
00:10:33,920 --> 00:10:38,230
So bunch of file extensions for videos.
140
00:10:38,370 --> 00:10:44,390
I'm not really sure why PPF is there but there is possibly a reason for that.
141
00:10:44,820 --> 00:10:56,700
So let's say now for example we do not want a PDA if I want excel file we just type here.
142
00:10:56,960 --> 00:10:59,340
They probably take Excel I'm not really sure.
143
00:11:01,670 --> 00:11:06,080
Is there a nature in their let's just check out real fast
144
00:11:12,050 --> 00:11:15,030
they just excel so let's see.
145
00:11:15,090 --> 00:11:22,600
Once again no matching records found show 50 to OK.
146
00:11:22,630 --> 00:11:24,890
So let me just try it like this.
147
00:11:24,940 --> 00:11:31,830
Now we set here on 120 comments so let me just check this out.
148
00:11:32,230 --> 00:11:38,440
Dot Excel s so finding in order to find an Excel file
149
00:11:41,340 --> 00:11:42,440
that doesn't really matter.
150
00:11:42,440 --> 00:11:43,160
So here we are.
151
00:11:43,160 --> 00:11:51,830
There is no doubt that there is an Excel file which is an excel file and basically if you click there
152
00:11:51,860 --> 00:11:57,500
we can see what else it could find a mix of log in portals and passwords.
153
00:11:59,180 --> 00:12:00,820
But this is a huge command.
154
00:12:00,920 --> 00:12:02,240
We will not use it right now.
155
00:12:03,170 --> 00:12:07,450
So that's all I want to show you.
156
00:12:07,470 --> 00:12:14,100
As you can see they basically explain for every command what it does such as for example this one or
157
00:12:14,100 --> 00:12:21,090
this one admin dashboard if we click on it you can see the explanation which is basically just a lot
158
00:12:21,090 --> 00:12:27,030
of logging portals and could be useful if you for example wanted to find some of the horrible sites
159
00:12:27,030 --> 00:12:34,080
to the specific attacks like we showed in the first in the first command or in the first string that
160
00:12:34,080 --> 00:12:41,520
we type into the Google which was that index not BHP question mark I.D. equals which would lead us to
161
00:12:41,520 --> 00:12:48,000
all of the Web sites with user input it could be possibly vulnerable to as injection.
162
00:12:48,000 --> 00:12:50,230
So that's about it for the Google hacking.
163
00:12:50,250 --> 00:12:55,730
Now if you want to you can scroll down and check out all of these other comments.
164
00:12:55,940 --> 00:12:59,100
It could be useful for you but we won't be doing that soon.
165
00:12:59,100 --> 00:13:05,820
There are lots of them and we will continue printing in the next lecture.
166
00:13:05,820 --> 00:13:08,070
So I hope I see you there and take care.
167
00:13:08,160 --> 00:13:08,430
Bye.
16088
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.