1
00:00:01,360 --> 00:00:06,970
This lecture we're going to have a look on a tool called multi-gigabyte multimode is a program that

2
00:00:06,970 --> 00:00:12,790
allows us to gather information about pretty much everything you can gather information about people

3
00:00:12,970 --> 00:00:19,270
using their names their phone their email you can gather information about Web sites servers anything

4
00:00:19,270 --> 00:00:23,080
really we're going to focus on gathering information about Web sites.

5
00:00:23,080 --> 00:00:26,990
But as I said you can use it to gather information about anything.

6
00:00:27,490 --> 00:00:34,470
So we're going to go to Candy and we're going to go to all programs here and I'm going to type in multi

7
00:00:34,470 --> 00:00:34,800
you go

8
00:00:38,570 --> 00:00:43,700
and that's right here.

9
00:00:43,760 --> 00:00:48,140
Now the first time you're on the program it's actually going to ask you to create a new username and

10
00:00:48,140 --> 00:00:49,810
password for the program.

11
00:00:49,820 --> 00:00:54,980
I've already done that so you can just do it click NEXT NEXT NEXT create a new username and password

12
00:00:55,340 --> 00:00:57,820
and then just log in.

13
00:00:57,830 --> 00:01:02,150
So once you do that you'll see this and this is the main screen of the program.

14
00:01:02,450 --> 00:01:11,430
Now right here on the right you'll see some plug ins or additions that you can add to the these additions

15
00:01:11,460 --> 00:01:14,930
allow you to gather different types of information.

16
00:01:14,970 --> 00:01:20,370
So if you want to install any of these additions for example let's say you wanted to install the passive

17
00:01:20,370 --> 00:01:30,310
total to then all you have to do is just click on the install click yes and that'll install it for you.

18
00:01:30,340 --> 00:01:32,290
Now I'm just doing this just to show you.

19
00:01:32,290 --> 00:01:38,430
But let's go ahead and create a new blank page and we'll see how we can use it.

20
00:01:38,530 --> 00:01:40,240
Use this to gather information.

21
00:01:41,460 --> 00:01:47,850
So this is the main view of Malte you go in here in the middle you have your graph where you can put

22
00:01:47,850 --> 00:01:53,340
your entities and track how you gather the information on the left.

23
00:01:53,370 --> 00:01:59,250
We have the pilot where you can add entities and gather information about them and you can see that

24
00:01:59,250 --> 00:02:05,910
we can add any type of entity for example we can other person using their name their email address or

25
00:02:05,910 --> 00:02:07,730
their phone number.

26
00:02:07,740 --> 00:02:13,080
You can also add people based on social networks for example you can either Facebook account or Twitter

27
00:02:13,080 --> 00:02:16,650
account and start gathering information from there.

28
00:02:16,650 --> 00:02:19,930
But what we are interested into is our Web site.

29
00:02:19,980 --> 00:02:23,400
So we're going to start by adding a domain name from here.

30
00:02:23,550 --> 00:02:27,040
So I'm going to click and drag that to my main view right here.

31
00:02:28,880 --> 00:02:35,180
And when you have that in here you can see that on the rise right here you can modify the attributes

32
00:02:35,300 --> 00:02:36,420
of this entity.

33
00:02:37,340 --> 00:02:40,900
And on the left you can run transformer's.

34
00:02:40,960 --> 00:02:44,440
So I'll get back to transfer transformers in a second.

35
00:02:44,440 --> 00:02:50,440
For now let's first modify the domain name and I'm going to use a domain that I actually have permission

36
00:02:50,440 --> 00:02:53,810
to test it's security and it's security dot org.

37
00:02:56,680 --> 00:03:04,540
So now I can run transformers that allow me to gather information about this domain from the left from

38
00:03:04,540 --> 00:03:10,000
here by clicking on the play button or I can right click it and run a transformer.

39
00:03:11,210 --> 00:03:13,340
So I'm just going to go to the home screen right here.

40
00:03:14,620 --> 00:03:20,710
And what I'm going to do is right here you can see that we have the Transformers categorized into different

41
00:03:20,710 --> 00:03:24,930
categories and you can click the play button right here.

42
00:03:24,950 --> 00:03:30,160
You can see that there is actually a double play button here and that will run all the transformers

43
00:03:30,190 --> 00:03:32,450
inside this specific category.

44
00:03:32,620 --> 00:03:38,900
If you click on the category itself you'll see the specific transformers that you can run.

45
00:03:38,900 --> 00:03:45,140
So for example I have a DNS or a domain right here and I want to see the websites associated with that

46
00:03:45,140 --> 00:03:45,780
domain.

47
00:03:46,100 --> 00:03:52,720
So I'm going to run the transformer to a website based on search engine and that'll show me the website

48
00:03:52,850 --> 00:04:00,800
associated with this domain name and rice you can see that we have three websites we have the WW dot

49
00:04:00,810 --> 00:04:03,070
wife either Security dot org.

50
00:04:03,310 --> 00:04:05,310
And we have high security dot org.

51
00:04:05,530 --> 00:04:07,460
Now these two websites are the same.

52
00:04:07,750 --> 00:04:09,230
So I'm going to delete one of them.

53
00:04:09,250 --> 00:04:15,640
I'm just going to click it and delete it so that our graph looks better.

54
00:04:17,240 --> 00:04:21,520
Now let's see what other information we can get from this song and right Right-Click it again.

55
00:04:22,360 --> 00:04:28,230
And let's see and try to get all the subdomains that exist within this domain.

56
00:04:28,540 --> 00:04:31,090
So we're going to try to get to name schema.

57
00:04:31,330 --> 00:04:37,730
And again I'm going to click on the play button right here and now we have more Web sites we have news

58
00:04:37,730 --> 00:04:39,280
that security dot org.

59
00:04:39,400 --> 00:04:43,150
We have security alerts which is essentially the same as this.

60
00:04:43,330 --> 00:04:52,290
So I'm going to delete this one and we have the FGP that security dot org and mail that security dot

61
00:04:52,290 --> 00:04:53,770
org.

62
00:04:53,770 --> 00:05:02,210
So now if we have FTB information we know we can connect with based or through this web subdomain.

63
00:05:02,220 --> 00:05:06,520
Now again all of these Web sites are associated or stored on the same server.

64
00:05:06,660 --> 00:05:12,990
So you can go ahead and try to hack into one of these and get access to our main web site or you can

65
00:05:12,990 --> 00:05:15,380
use them to gain access to your main server.

66
00:05:15,390 --> 00:05:22,800
Basically all of these transformers you can run them the same way so I'm not going to go over all of

67
00:05:22,800 --> 00:05:23,320
them.

68
00:05:23,370 --> 00:05:29,220
Let's just have a look on one more which is the MX record and what this will do it will see the mail

69
00:05:29,220 --> 00:05:32,250
servers that the target website uses.

70
00:05:32,760 --> 00:05:37,770
And we can see that they're using Google to handle their mail.

71
00:05:37,770 --> 00:05:45,120
So again this is very important because for example if there was a certain vulnerability in Google or

72
00:05:45,260 --> 00:05:50,910
the mail server that they're using then we can exploit that to gain access to their e-mails and maybe

73
00:05:50,910 --> 00:05:53,770
use that to gain access to the website.

74
00:05:53,850 --> 00:05:58,080
So I'm going to delete the Google servers that we got because they're no use because I just want to

75
00:05:58,080 --> 00:06:01,390
keep the useful stuff in here.

76
00:06:02,550 --> 00:06:06,590
We can use each of these entities now together even more information about it.

77
00:06:06,590 --> 00:06:11,990
Again you have to do is click it right click and then run transformer's what.

78
00:06:12,000 --> 00:06:17,130
We're still not finished with the domain so I'm going to go back to the domain and I'm going to go back

79
00:06:17,130 --> 00:06:23,700
to the main menu and right here we can see that we can get the domain all in our details so we can get

80
00:06:23,700 --> 00:06:25,820
stuff like the e-mail addresses.

81
00:06:25,980 --> 00:06:31,590
We can check for anti-theists from the WHO is information and we can also check for phone numbers.

82
00:06:31,680 --> 00:06:34,680
So I'm going to go back and run on the double play.

83
00:06:34,680 --> 00:06:35,020
Right.

84
00:06:35,040 --> 00:06:39,460
And click on the double play to run all the transformations within this category.

85
00:06:40,380 --> 00:06:47,880
Now security is using privacy so we won't really get much but if the target website wasn't using privacy

86
00:06:48,390 --> 00:06:54,150
then you'll be able to get their phone numbers their address and very important information.

87
00:06:55,190 --> 00:06:57,800
So again I'm going to need to use the stuff right here.

88
00:06:58,770 --> 00:07:01,870
And we're going to have a look on one more transformation.

89
00:07:01,890 --> 00:07:08,070
So again we're going to go back to the main menu and we're going to look for files and documents from

90
00:07:08,070 --> 00:07:08,860
this domain.

91
00:07:09,000 --> 00:07:12,300
And again I'm going to run all transformations within that category.

92
00:07:12,870 --> 00:07:18,520
And this will show me any files or maybe any interesting files stored on that domain.

93
00:07:21,100 --> 00:07:21,760
OK.

94
00:07:22,100 --> 00:07:23,770
So this finished running.

95
00:07:23,770 --> 00:07:26,040
And as you can see we got a lot of files.

96
00:07:26,240 --> 00:07:29,360
Now a lot of these are just PTF speedier books.

97
00:07:29,360 --> 00:07:36,530
But again and in a lot of upside sometimes you get files like the password file or files with sensitive

98
00:07:36,530 --> 00:07:37,670
information.

99
00:07:37,670 --> 00:07:41,540
So again this could be really really useful and your information gathering that.