1
00:00:00,630 --> 00:00:07,140
Web application penetration testing before we can start talking about that we need to understand what

2
00:00:07,140 --> 00:00:15,000
is a website and just like I said before a website is just an application installed on a computer the

3
00:00:15,060 --> 00:00:18,650
computer probably just has better specs than your computer.

4
00:00:18,750 --> 00:00:21,040
But it fundamentally works.

5
00:00:21,060 --> 00:00:21,870
Exactly.

6
00:00:21,870 --> 00:00:28,710
Just like another computer so it has an operating system and it also has a number of applications to

7
00:00:28,710 --> 00:00:31,190
allow it to act as a web server.

8
00:00:31,440 --> 00:00:39,390
So the main two applications that it probably has is a web server and a database a web server is like

9
00:00:39,390 --> 00:00:43,010
Apache and the database is like my.

10
00:00:43,530 --> 00:00:48,860
And these are the web server basically understands and executes the web application.

11
00:00:48,870 --> 00:00:54,540
So your web application will be written in BHB or Python and you program language really the only thing

12
00:00:54,540 --> 00:01:00,360
is that the web server needs to be able to understand and execute this application.

13
00:01:00,390 --> 00:01:05,340
The database contains the data used by the web application.

14
00:01:05,340 --> 00:01:08,540
So all of this is stored on a computer called the server.

15
00:01:08,730 --> 00:01:12,870
The computer is connected to the Internet and it has a real IP address.

16
00:01:12,900 --> 00:01:16,730
So anybody can access that computer and can get.

17
00:01:16,930 --> 00:01:25,830
So the Web the web application is executed by the web server which is installed by what is installed

18
00:01:25,860 --> 00:01:27,770
on your server on your target.

19
00:01:27,790 --> 00:01:35,310
Therefore any time you request the page or you run the web application it's actually executed on the

20
00:01:35,310 --> 00:01:38,990
web server and it's not executed at the client's computer.

21
00:01:39,180 --> 00:01:46,380
It gets executed on the web server and that it sends a hash DMO page which is ready to read for the

22
00:01:46,590 --> 00:01:54,240
target person or for for the client so let's have a look on an example and let's say you're on the phone

23
00:01:54,240 --> 00:01:59,450
or on your computer and you want it to go to Facebook dot com So you type in Facebook dot com into your

24
00:01:59,450 --> 00:02:01,140
your app.

25
00:02:01,230 --> 00:02:07,510
This will be translated using a DNS server to an IP address.

26
00:02:07,740 --> 00:02:15,540
So there is a server that translates every name dot com dot you or any web site with a name with a domain

27
00:02:15,540 --> 00:02:15,770
name.

28
00:02:15,770 --> 00:02:20,180
So this is the domain name to its relevant IP address.

29
00:02:20,220 --> 00:02:23,850
So your request Facebook dot com their quest goes to a DNS server.

30
00:02:24,030 --> 00:02:28,790
It translates Facebook to the IP where Facebook is stored.

31
00:02:28,980 --> 00:02:36,880
And then you go to go to Facebook to the IP address of Facebook it will execute the page that you wanted.

32
00:02:37,020 --> 00:02:42,160
Using all of the applications that we spoke about and then just give you radiation out.

33
00:02:42,390 --> 00:02:47,670
So what you get back is just a markup routine in hastier mail which is a markup language all of the

34
00:02:47,670 --> 00:02:53,790
result of executing the program so the program gets executed on the server and then you just only get

35
00:02:53,790 --> 00:02:55,050
the result.

36
00:02:55,050 --> 00:03:00,420
This is very important because in the future if we wanted to get anything executed on the web server

37
00:03:00,420 --> 00:03:06,660
if we wanted to get a shell or a virtual or a virus execute on the target computer then we need to send

38
00:03:06,660 --> 00:03:09,420
it into a language that the web server understands.

39
00:03:09,420 --> 00:03:11,000
So for example we.

40
00:03:11,280 --> 00:03:17,240
And once you executed there it will be executed on that computer not on your computer.

41
00:03:17,430 --> 00:03:23,670
So regardless of the person the artist is the page the this the web show that you're going to send if

42
00:03:23,670 --> 00:03:29,040
it's written in ph be in a language that the server understands it's going to be executed on the server

43
00:03:29,160 --> 00:03:34,740
and not on your computer therefore it will give you access to the server and not access to the person

44
00:03:34,890 --> 00:03:36,570
who accessed that server

45
00:03:39,820 --> 00:03:40,420
javascript.

46
00:03:40,420 --> 00:03:46,490
On the other hand there is some websites use javascript and Javascript is a client side language.

47
00:03:46,600 --> 00:03:54,010
So if you managed to find a web site that allow you to run javascript code then the code will be executed

48
00:03:54,220 --> 00:03:55,290
by the clients.

49
00:03:55,300 --> 00:04:00,580
So even though the code might be injected into the web server it will be executed on the client side

50
00:04:00,760 --> 00:04:07,420
and it'll give you it'll allow you to do things to the client computer and not to the server.

51
00:04:07,750 --> 00:04:13,020
So it's very important to separate it between a client side and server side language.