1 00:00:01,400 --> 00:00:04,040 Hello, everyone, and welcome to this video. 2 00:00:04,790 --> 00:00:11,870 So in this video, we are going to use one of the tool which is written in gold and is used for identification 3 00:00:11,870 --> 00:00:14,720 of subdomain teakwood vulnerabilities. 4 00:00:15,530 --> 00:00:19,280 Now, as this tool is written in gold, it is faster. 5 00:00:19,610 --> 00:00:27,140 And because of its concurrency, it makes our process much more fast to identify multiple subdomains 6 00:00:27,890 --> 00:00:31,530 that are vulnerable to subdomain or what vulnerabilities. 7 00:00:32,420 --> 00:00:39,950 So let's quickly jump into and see how can you do the installation of the tool and how you can identify 8 00:00:39,950 --> 00:00:44,240 targets to be vulnerable to subdomain teakwood when liabilities. 9 00:00:45,470 --> 00:00:49,900 For that, you just need to come to this GitHub repository, which is a subject. 10 00:00:50,330 --> 00:00:55,010 And you can see over here the installation commands are being given. 11 00:00:55,700 --> 00:01:00,980 Now, for this, you need to have go install into your computer as a prerequisite. 12 00:01:01,430 --> 00:01:06,810 So, again, if you do not have go installed, please install go Lanco. 13 00:01:07,340 --> 00:01:13,730 So after you have installed it, you can simply type the command, which is go get GitHub dot com slash 14 00:01:14,030 --> 00:01:20,400 hacker slash subject as given over here to install the latest version of subject. 15 00:01:21,320 --> 00:01:21,770 Perfect. 16 00:01:22,130 --> 00:01:28,590 So I have done the installation of Sobchak into my computer as I have go preinstalled. 17 00:01:29,090 --> 00:01:33,340 So now let's just type subject to see if it is running or not. 18 00:01:33,830 --> 00:01:40,820 And you can see you will be able to see Helfman and a usage menu which confirms that it has successfully 19 00:01:40,820 --> 00:01:41,440 installed. 20 00:01:42,470 --> 00:01:43,040 All right. 21 00:01:43,100 --> 00:01:51,100 So now we want to give a list of subdomains to subject for identification of subdomain teakwood one. 22 00:01:52,430 --> 00:01:57,460 So now we are going to supply a list of subdomains using the fine domain tool. 23 00:01:58,160 --> 00:02:02,360 So the command is fine domain hyphen D, which stands for the target. 24 00:02:02,900 --> 00:02:09,470 And we are going to give the target, which is S.R. Secure Dot, X, Y, Z, and we are going to add 25 00:02:09,470 --> 00:02:11,990 a flag which is hyphen, hyphen quite. 26 00:02:12,530 --> 00:02:20,690 Remember guys, this flag is used when we do not want to see the verbose message or we do not want to 27 00:02:20,690 --> 00:02:23,540 see the banner of a fine domain tool. 28 00:02:24,260 --> 00:02:31,790 Now whatever will be the output of the fine domain tool, we are going to take that output into a file. 29 00:02:31,820 --> 00:02:38,660 We are going to use a command, which is B, and I'm going to open the output into a file with this 30 00:02:38,660 --> 00:02:39,110 site. 31 00:02:39,110 --> 00:02:40,310 Start the 60. 32 00:02:41,190 --> 00:02:48,810 All right, as you can see, we have successfully enumerated all the subdomains for the target into 33 00:02:48,810 --> 00:02:51,080 a file called Site Start. 34 00:02:52,530 --> 00:03:02,040 Let's count how many subdomains are there and in total of 107 subdomains are there, which we have identified. 35 00:03:02,430 --> 00:03:02,910 Perfect. 36 00:03:03,930 --> 00:03:10,460 So now we have the list of subdomains to be checked for subdomain, take over one of the abilities. 37 00:03:11,040 --> 00:03:16,640 Let's quickly jump on to how to use a subject and its command, as you can see. 38 00:03:16,860 --> 00:03:23,640 First, you have to right subject, then followed by Hyphen DeBlois, which stands for the WORDLIST 39 00:03:23,640 --> 00:03:28,470 which contains the subdomains and the file is Saitoti. 40 00:03:29,610 --> 00:03:37,440 We are going to give that number of threat to be 100 to increase the speed so that we get faster results 41 00:03:37,680 --> 00:03:40,350 and then our process gets completed quickly. 42 00:03:41,700 --> 00:03:44,050 We are going to give a timeout of 30 seconds. 43 00:03:44,100 --> 00:03:51,960 So this timeout is basically when subject is not able to connect to any of the subdomain, it will automatically 44 00:03:51,960 --> 00:03:55,080 give up onto that subdomain after 30 seconds. 45 00:03:55,590 --> 00:04:01,770 And we are going to see if the output into a file called this result dot text, which is denoted by 46 00:04:01,770 --> 00:04:09,240 a flag which is hyphen or and at the end we are given hyphen SSL hyphen. 47 00:04:09,240 --> 00:04:14,620 SSL means that also test the website with SSL as well. 48 00:04:15,510 --> 00:04:24,810 Now running this command directly on the terminal will start the subdomain decoder scan onto the list 49 00:04:24,810 --> 00:04:32,580 of targets into the site started and it was really very quick to identify and you can see it has completed 50 00:04:32,580 --> 00:04:41,100 the scan as well for 107 domains in just four to five seconds and has identified that this subdomain 51 00:04:41,100 --> 00:04:45,930 is vulnerable, which is Red Mekki 20 dot as articulate X, Y, Z. 52 00:04:46,260 --> 00:04:54,480 And we have already seen that this subdomain is vulnerable to Shopify take because we have pointed it 53 00:04:54,480 --> 00:04:58,460 to Shopify, but we have not taken over the account. 54 00:04:59,520 --> 00:05:08,340 So I hope you guys understood how you can use subject to my skill or identify subdomains for any target 55 00:05:08,340 --> 00:05:08,970 program. 56 00:05:09,180 --> 00:05:09,720 Thank you.