All language subtitles for 5. Brute Force Attacks

af Afrikaans
sq Albanian
am Amharic
ar Arabic Download
hy Armenian
az Azerbaijani
eu Basque
be Belarusian
bn Bengali
bs Bosnian
bg Bulgarian
ca Catalan
ceb Cebuano
ny Chichewa
zh-CN Chinese (Simplified)
zh-TW Chinese (Traditional)
co Corsican
hr Croatian Download
cs Czech
da Danish
nl Dutch
en English
eo Esperanto
et Estonian
tl Filipino
fi Finnish
fr French
fy Frisian
gl Galician
ka Georgian
de German
el Greek
gu Gujarati
ht Haitian Creole
ha Hausa
haw Hawaiian
iw Hebrew
hi Hindi
hmn Hmong
hu Hungarian
is Icelandic
ig Igbo
id Indonesian
ga Irish
it Italian
ja Japanese
jw Javanese
kn Kannada
kk Kazakh
km Khmer
ko Korean
ku Kurdish (Kurmanji)
ky Kyrgyz
lo Lao
la Latin
lv Latvian
lt Lithuanian
lb Luxembourgish
mk Macedonian
mg Malagasy
ms Malay
ml Malayalam
mt Maltese
mi Maori
mr Marathi
mn Mongolian
my Myanmar (Burmese)
ne Nepali
no Norwegian
ps Pashto
fa Persian
pl Polish
pt Portuguese
pa Punjabi
ro Romanian
ru Russian
sm Samoan
gd Scots Gaelic
sr Serbian
st Sesotho
sn Shona
sd Sindhi
si Sinhala
sk Slovak
sl Slovenian
so Somali
es Spanish
su Sundanese
sw Swahili
sv Swedish
tg Tajik
ta Tamil
te Telugu
th Thai
tr Turkish
uk Ukrainian
ur Urdu
uz Uzbek
vi Vietnamese
cy Welsh
xh Xhosa
yi Yiddish
yo Yoruba
zu Zulu
or Odia (Oriya)
rw Kinyarwanda
tk Turkmen
tt Tatar
ug Uyghur
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,090 --> 00:00:07,930 In a previous video we discussed SS H and that it's really not always that much of a low hanging fruit. 2 00:00:08,100 --> 00:00:13,250 So we've got SS h here and say we want to attack it. 3 00:00:13,260 --> 00:00:19,220 Now there are three reasons we're going to do this and this is from a realistic perspective. 4 00:00:20,090 --> 00:00:26,930 If we see SS H on an assessment we're going to try to brute force against it or use weak or default 5 00:00:26,930 --> 00:00:34,450 credentials and we're going to do that because one we're going to test password strength too we're going 6 00:00:34,450 --> 00:00:39,960 to see if we can get in with a weak password or default password. 7 00:00:40,150 --> 00:00:49,780 And if we can also attest to password strength correct and 3 we're going to see how well the blue team 8 00:00:49,780 --> 00:00:51,160 performs. 9 00:00:51,370 --> 00:00:52,480 Do they catch us. 10 00:00:52,480 --> 00:00:59,570 Do they see us brute forcing this should be something that should alert when is being performed. 11 00:00:59,740 --> 00:01:02,380 But you would be surprised how often it does not. 12 00:01:02,740 --> 00:01:05,830 So during a pen test I am as loud as possible. 13 00:01:05,830 --> 00:01:09,130 This is not a red team assessment where we're trying to be quiet. 14 00:01:09,160 --> 00:01:15,730 This is a pen test where we are as loud as possible and we are hoping to be caught. 15 00:01:15,730 --> 00:01:20,410 Sometimes just it or just told to tone it down a little bit you know hey we're seeing you. 16 00:01:20,410 --> 00:01:22,090 Can you be more quiet. 17 00:01:22,300 --> 00:01:27,790 And we just want to be caught some time so we can give kudos in a report and say Hey you saw scanning 18 00:01:27,790 --> 00:01:32,620 here and here and kudos to you but you didn't see a scanning here in here. 19 00:01:32,680 --> 00:01:38,290 So this is how we really help fine tune a blue team and help fine tune a client as well is being loud 20 00:01:38,290 --> 00:01:39,290 sometimes. 21 00:01:39,310 --> 00:01:44,200 So we're going to practice being loud today and we're also going to practice brute force attacks and 22 00:01:44,200 --> 00:01:48,960 we have the perfect opportunity to do that with an essay sage port being open on this machine. 23 00:01:49,600 --> 00:01:54,180 So what we're gonna do is we're going to use a tool called the Hydra and then I'll show you the Midas 24 00:01:54,180 --> 00:01:55,270 plate way as well. 25 00:01:55,570 --> 00:01:57,840 So Hydra is a brute force tool. 26 00:01:58,330 --> 00:02:00,970 So the syntax for Hydra is going to be this. 27 00:02:00,990 --> 00:02:06,910 We're gonna say a Hydra and then we're going to give a dash L for the user that we're going to be utilizing 28 00:02:07,270 --> 00:02:07,980 in this case. 29 00:02:07,990 --> 00:02:13,600 I want to attack root and then we're going to give a capital P for the password list. 30 00:02:13,630 --> 00:02:18,820 So if we want to use a password list with L we can just say capital L but here we're going to say capital 31 00:02:18,820 --> 00:02:30,580 P for the password list and then we're just gonna say user share wordless Metis ploy. 32 00:02:31,630 --> 00:02:37,370 And I'm just going to double tab in this folder so you can see how many words are actually in here. 33 00:02:38,490 --> 00:02:44,670 There's quite a bit of wordless and you can space space and it has wordless for all different kinds 34 00:02:44,670 --> 00:02:46,990 of things built in and these are all over Cally. 35 00:02:47,010 --> 00:02:53,430 So it's good to know your folder locations but user shareware list is one that will use quite a bit. 36 00:02:53,430 --> 00:03:01,080 And what we're going to do is we're going to utilize an attack with these Unix passwords here. 37 00:03:01,110 --> 00:03:03,510 We have a Unix users in Unix passwords. 38 00:03:03,630 --> 00:03:07,830 We're going to utilize the Unix password list and just try to brute force with that. 39 00:03:08,520 --> 00:03:15,170 So we'll say Unix passwords something like that and then we're going to need to specify what we're attacking. 40 00:03:15,170 --> 00:03:28,250 So we are attacking SS h like this and our IP address of our machine or attacking port 22 and then we 41 00:03:28,250 --> 00:03:35,210 need to have a certain amount of attempts or threads at once and we're going to limit that to four and 42 00:03:35,210 --> 00:03:41,390 then I'm going to do a capital V for verbosity just because I want to see the user attempts flow through 43 00:03:41,390 --> 00:03:44,000 so that we can actually see what's going on here. 44 00:03:44,000 --> 00:03:51,690 So once you got the syntax ready to go go ahead and hit enter and you're going to see that it's starting 45 00:03:51,690 --> 00:04:00,120 to attempt root log in password with all these weak passwords here and hopefully it might find something. 46 00:04:00,330 --> 00:04:04,950 But let's go ahead and open up a a new terminal here. 47 00:04:05,160 --> 00:04:12,330 And we're going to use make this a little bigger and I'm going to load up Mets played as well. 48 00:04:13,040 --> 00:04:18,720 Yeah we're gonna run the same exact thing in Mets point but I think it's good to know multiple frameworks 49 00:04:18,720 --> 00:04:21,620 and multiple tools to perform the same task. 50 00:04:21,660 --> 00:04:28,320 So here we're going to search for something like SSD age and this is going to be an auxiliary module 51 00:04:28,320 --> 00:04:35,910 so we'll just scroll up and we're going to look for something like SSA to log in perfect log in and 52 00:04:35,910 --> 00:04:40,420 check scanner and make sure we don't have anything else. 53 00:04:40,440 --> 00:04:41,620 And it looks good to me. 54 00:04:41,680 --> 00:04:51,630 Let's go ahead and take this SSA log in and we're gonna go ahead and say use options 55 00:04:54,180 --> 00:04:56,970 and now we have kind of our brute force options here. 56 00:04:57,000 --> 00:05:02,220 Let me make this a little bigger sense prettier so we've got a brute force speed from zero to five five 57 00:05:02,220 --> 00:05:05,370 being the fastest dribbling passwords. 58 00:05:05,370 --> 00:05:06,420 No no no. 59 00:05:06,450 --> 00:05:10,080 We can set a hard password and we could set a hard user name. 60 00:05:10,110 --> 00:05:18,350 We could set a user and password file a user pass user as password file again. 61 00:05:18,360 --> 00:05:21,090 We can have a password file as well. 62 00:05:21,090 --> 00:05:27,520 So we have a lot of different options here that we can utilize but we're gonna go ahead and do the same 63 00:05:27,520 --> 00:05:35,820 kind of thing we're going to say set user name and we're just gonna say room and then we're going to 64 00:05:35,820 --> 00:05:41,010 say set pass file and similar to what we just use. 65 00:05:41,010 --> 00:05:51,870 We're gonna say user share wordless Meadows flight and then we're going to say lyrics 66 00:05:54,220 --> 00:06:02,100 unique sorry Unix passwords and that should set the pass file and then we just seen our host as well 67 00:06:02,100 --> 00:06:13,950 set our host and we'll say 1 9 2 1 6 8 5 7 1 3 4 say options one more time and you can see that we've 68 00:06:13,950 --> 00:06:21,480 got our password file set we've got our our host set we've got our our port on twenty two threads is 69 00:06:21,480 --> 00:06:27,870 one username route and we should be good to go now we can set multiple threads here we could set threads 70 00:06:27,870 --> 00:06:33,180 to like 10 this is really going to amp it up I mean this should be detected in a second but we're gonna 71 00:06:33,180 --> 00:06:39,240 try to run it and we could set actually let me control see let's set verbose to true as well just so 72 00:06:39,240 --> 00:06:47,830 you could see that it's actually working set verbose to true and then we're gonna run this and then 73 00:06:48,460 --> 00:06:56,260 it's going to attempt different credentials here and it'll say Hey I found it in the light up green 74 00:06:56,320 --> 00:06:57,880 and then we'll know it's good. 75 00:06:58,210 --> 00:07:04,030 So this is actually going kind of slow surprisingly and you can see here that we are at attempt 112 76 00:07:04,060 --> 00:07:05,190 116. 77 00:07:05,380 --> 00:07:12,760 So this is out also going slow and we do not have a successful attempt or a log in I actually don't 78 00:07:12,760 --> 00:07:18,040 believe there's going to be one but you never know. 79 00:07:18,040 --> 00:07:22,240 I believe I remember taking this off line and trying to crack the password and wasn't any kind of weak 80 00:07:22,240 --> 00:07:22,830 password. 81 00:07:22,860 --> 00:07:28,000 So you can let your brute brute force run if you want to go with it but I'm going to go ahead and kill 82 00:07:28,000 --> 00:07:32,430 mine and that's it for this video. 83 00:07:32,440 --> 00:07:38,560 So from here we're going to talk about a similar methodology called credential stuffing which we've 84 00:07:38,650 --> 00:07:45,910 already talked about before except we're not brute forcing but we're using common knowledge to our advantage. 85 00:07:45,910 --> 00:07:48,400 So we'll talk about a little bit of Chris stuffing in the next video. 9692

Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.