Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,150 --> 00:00:07,820 Another additional tool that we're going to explain during this section is called either cap now is 2 00:00:07,820 --> 00:00:16,440 or Issaka it's just different to H-1 or amazing tool that sniffer kept traffic so it captures traffic 3 00:00:17,010 --> 00:00:21,240 going out and in from the device. 4 00:00:21,420 --> 00:00:28,230 Now before explaining Issaka you should understand that we need when we plan to compromise a system 5 00:00:29,490 --> 00:00:34,070 there is different way for doing that we can try to compromise the device itself. 6 00:00:34,080 --> 00:00:40,890 And this what will be explained in the Android tracking section or we can compromise the traffic. 7 00:00:40,950 --> 00:00:44,000 So sometimes the device is hard to compromise. 8 00:00:44,460 --> 00:00:51,030 And my objective is to capture the username and password so I don't have to spend time and effort trying 9 00:00:51,030 --> 00:00:55,530 to compromise device because it has a lot of security for instance. 10 00:00:55,530 --> 00:00:59,710 So what I can do I can wait until the user log into Lipsyte. 11 00:01:00,240 --> 00:01:05,990 So when he tried to log into a website like Facebook or Twitter or any Web site he's definitely going 12 00:01:05,990 --> 00:01:07,420 to send a username and password. 13 00:01:08,840 --> 00:01:16,630 And I can now try to capture them if they are sent over wired or if they are sent wireless. 14 00:01:16,850 --> 00:01:18,290 Same concept apply. 15 00:01:18,590 --> 00:01:26,450 So my point is you can try to to to to compromise a device or you can try to compromise the traffic 16 00:01:26,480 --> 00:01:30,540 or you can try to gain access to information from the traffic. 17 00:01:30,560 --> 00:01:33,950 So let me show you it's a cap and let me tell you how it works. 18 00:01:33,970 --> 00:01:38,190 And then actually it's a big program it need a course by itself. 19 00:01:38,540 --> 00:01:44,420 But I'm going to go through the basics and I'm going to show you a proof of concept and I'm going to 20 00:01:44,420 --> 00:01:50,540 let you try to surf around and check this application. 21 00:01:50,540 --> 00:01:55,570 It's one of the best Sniffen application actually it's a free open source and free. 22 00:01:55,610 --> 00:02:10,530 And one of the tools in this area now to two runs is are cap from Kennedy-Nixon it to go to sniffing 23 00:02:10,530 --> 00:02:17,890 tool and in sniffing you're going to find it's a cap minus sheet or you can type these are kept minus 24 00:02:17,890 --> 00:02:22,130 Captain Z and it will get you the same program. 25 00:02:23,010 --> 00:02:29,710 So once you start there is some steps to do it first. 26 00:02:29,730 --> 00:02:33,960 Actually I'm going to close it and I'm going to open it one more time from the command line so you'll 27 00:02:33,960 --> 00:02:38,310 be aware of the different way of running Issaka. 28 00:02:38,560 --> 00:02:40,700 So you can open a terminal in 29 00:02:48,720 --> 00:02:56,730 and you can type easier care minus capital G runs a graphical interface. 30 00:02:56,730 --> 00:03:01,950 Because if you didn't put the switch it runs the command line and it runs a circuit. 31 00:03:02,520 --> 00:03:05,420 Now this one or is this application. 32 00:03:05,430 --> 00:03:13,620 It can be used for capturing the traffic between different devices so I can capture the traffic between 33 00:03:13,800 --> 00:03:20,190 one device and the router is trying to connect to the Internet through the router and try to logon using 34 00:03:20,200 --> 00:03:22,670 username and password and the traffic is going through the router. 35 00:03:22,680 --> 00:03:28,230 I'm interested to go the traffic going from this machine to this route or I can intercept all the machine 36 00:03:28,260 --> 00:03:31,910 all the traffic in the network going to the router or going anywhere. 37 00:03:32,280 --> 00:03:38,490 But the main advantage of this tool is not just the Sniffen part because you'll find a lot of programs 38 00:03:38,490 --> 00:03:40,560 that do that. 39 00:03:40,620 --> 00:03:45,450 The main advantage of this too is that it can change so it cannot just intercept. 40 00:03:45,450 --> 00:03:46,660 It can change. 41 00:03:46,680 --> 00:03:53,160 So for instance I'm sending an email to someone so the program can intercept this email and he can change 42 00:03:53,310 --> 00:03:54,750 the content of that email. 43 00:03:55,200 --> 00:03:58,940 Someone is going to a specific Web site and intercepting this traffic. 44 00:03:58,950 --> 00:04:01,760 And I'm really directing to another website. 45 00:04:01,980 --> 00:04:07,560 So the main advantage of this program is not just just that is intercepting traffic and by the way we 46 00:04:07,560 --> 00:04:15,270 are calling this attack man in the middle attack because it's actually a man in that you are staying 47 00:04:15,270 --> 00:04:20,570 between two different device seeing the traffic going in between those two device. 48 00:04:20,580 --> 00:04:26,490 So as I was saying zoom in Adventureland of this program is that you are not just intercepting and seeing 49 00:04:26,550 --> 00:04:30,720 and capturing information but you also can can change of them. 50 00:04:30,810 --> 00:04:33,090 So we're going to go through the basic In this letter. 51 00:04:33,090 --> 00:04:38,170 But on the next election I'm going to show you how it can intercept and it can change as well. 52 00:04:38,190 --> 00:04:40,860 So once you open the program 53 00:04:43,820 --> 00:04:46,400 you can see you know it is a different option here. 54 00:04:46,420 --> 00:04:53,660 The first thing you need to do is to go to sniffer and to choose the first one which is choosing from 55 00:04:53,690 --> 00:04:55,900 which traffic you need to sniff for. 56 00:04:55,910 --> 00:05:03,410 So if you click here you're going to see that he can sniff from the network traffic from the Internet 57 00:05:03,440 --> 00:05:05,420 which is why our network traffic. 58 00:05:05,420 --> 00:05:11,690 So if this computer is connected to a wired network he will only sniff for the traffic and says well 59 00:05:12,110 --> 00:05:14,900 why what if I'm using a wireless network. 60 00:05:15,200 --> 00:05:19,900 So you need to click here and you're going to find the name of the wireless is a double zero. 61 00:05:20,090 --> 00:05:23,740 So because my machine doesn't have a wireless right now the colonics. 62 00:05:23,930 --> 00:05:28,340 But if your have a wireless connection you should find the tablet zero and you have to click on this 63 00:05:28,340 --> 00:05:29,770 one that Rylands zero. 64 00:05:29,780 --> 00:05:34,970 So you'd be sniffing and intercepting wireless network wireless traffic. 65 00:05:35,060 --> 00:05:39,500 And by the way how do I know the name of because you may find this thing different than your machine. 66 00:05:39,530 --> 00:05:43,040 How do you know the name of the interfaces or the name of the network adapter. 67 00:05:43,040 --> 00:05:44,940 It's easy. 68 00:05:45,310 --> 00:05:51,220 You can just right click here to the terminal and type I ifconfig. 69 00:05:51,670 --> 00:05:58,830 And when you type I f config you'll see the name of the interface so the interface that I'm using right 70 00:05:58,830 --> 00:06:00,700 now is zero. 71 00:06:00,750 --> 00:06:06,200 If I had a wireless interface you will find it 0 0 and IP for each one of those. 72 00:06:06,210 --> 00:06:08,660 But right now I only have wildmen. 73 00:06:09,570 --> 00:06:13,380 Again what I'm doing right now I'm just going through the basics of the program and next letter I'm 74 00:06:13,380 --> 00:06:17,770 going to show you a demonstration how it can intercept and change traffic. 75 00:06:18,240 --> 00:06:24,730 And I'm going to let you navigate and explore these tools because it's an amazing tool. 76 00:06:24,930 --> 00:06:28,520 Once I specify from which interface I need to capture traffic. 77 00:06:28,530 --> 00:06:34,950 The second part would be to go to host and Troost can host. 78 00:06:34,950 --> 00:06:35,840 So I'm asking him. 79 00:06:35,850 --> 00:06:36,360 OK. 80 00:06:36,570 --> 00:06:43,890 We decided to sniff for the network inside as well to sniff out the traffic inside your wired network. 81 00:06:44,010 --> 00:06:44,500 OK. 82 00:06:44,700 --> 00:06:49,450 So I want to see how many machines we have in this little ten machine 20 machine five machine. 83 00:06:49,740 --> 00:06:56,190 And as you can see down here he starts scanning and he finds five machine inside the letter. 84 00:06:56,550 --> 00:06:58,980 So I specified the interface. 85 00:06:58,980 --> 00:07:04,110 I ask him to scan how many machines do we have then going back to the house and ask him show me how 86 00:07:04,180 --> 00:07:07,650 machine host this and he can show us all the IP mission. 9277