1
00:00:01,210 --> 00:00:03,880
Hello, everyone, and welcome to this video.

2
00:00:04,150 --> 00:00:10,690
So in this video, we are going to see some of the very useful resources that can be used for broken

3
00:00:10,690 --> 00:00:14,890
link hijacking, how expired links can be exploited.

4
00:00:15,670 --> 00:00:16,050
All right.

5
00:00:16,060 --> 00:00:19,590
So first, let's quickly see stored broken link a hijacking.

6
00:00:20,050 --> 00:00:26,870
So this way the attacker can do impersonation of the company's account.

7
00:00:26,890 --> 00:00:34,330
It can be social media accounts or any other account that are pointing to different platforms like Instagram,

8
00:00:34,330 --> 00:00:37,740
Twitter, LinkedIn, Pinterest, etc..

9
00:00:38,650 --> 00:00:41,590
Secondary is external G.S. file hacking.

10
00:00:41,870 --> 00:00:43,850
Now, this is very, very simple.

11
00:00:44,230 --> 00:00:52,510
So let's assume the target of Web application has this particular code in which they are loading a script

12
00:00:52,510 --> 00:00:58,300
for from example, dot com script, not just now for some reasons.

13
00:00:58,510 --> 00:01:05,080
That example, dot com is a cloud service and allows us to put our gas code over there.

14
00:01:05,500 --> 00:01:08,320
So this link is not working anymore.

15
00:01:08,410 --> 00:01:12,670
Let's assume that so we are able to put our code over there.

16
00:01:12,940 --> 00:01:21,820
And when the target overapplication load this year, which is the JavaScript from the example dot com

17
00:01:21,820 --> 00:01:27,490
at that time, it is going to load the attacker control malicious Geass file.

18
00:01:27,700 --> 00:01:36,310
So this way we can take the example dot com or we can decode the name of the same file which has been

19
00:01:36,310 --> 00:01:42,050
uploaded and control the JS file, an example that EDI, which is the target of an application.

20
00:01:42,940 --> 00:01:45,220
This can also lead to information leakage.

21
00:01:45,400 --> 00:01:55,540
In many cases, all the links which are supplied into the order or these types of parameters can easily

22
00:01:55,540 --> 00:01:56,380
be taken over.

23
00:01:57,070 --> 00:02:03,610
There are many instances when companies still link to expired analytics speech, and this way, if we

24
00:02:03,610 --> 00:02:10,930
take over the analytics page, the attacker can monitor traffic and possibly get a lot of a valuable

25
00:02:10,930 --> 00:02:19,150
information contained hijacking and also within wherein we can hijack the malicious content and serve

26
00:02:19,150 --> 00:02:21,350
our own malicious content.

27
00:02:22,450 --> 00:02:30,250
Similarly reflected a broken link hijacking in which all the parameters like traffic and source attribute

28
00:02:30,250 --> 00:02:34,460
contains the links which are that can easily be taken over.

29
00:02:35,050 --> 00:02:43,240
For example, if you see examples in radio over here, the CDR example dot com serves cryptologist and

30
00:02:43,240 --> 00:02:51,020
if you are able to take over that, we are able to serve our malicious content or malicious file.

31
00:02:51,020 --> 00:02:54,870
While it is kind of the same example that we have seen previously.

32
00:02:55,990 --> 00:03:02,680
So some of the tools to do this, obviously it will get very, very difficult to identify each link

33
00:03:02,680 --> 00:03:08,700
on to the target web application one by one to see which one of is working on which one is broken.

34
00:03:08,710 --> 00:03:14,240
We cannot do it manually by clicking on each link for the identification purposes.

35
00:03:14,590 --> 00:03:20,530
So for this, there's a very awesome tool called Broken Link Checker, which we are going to use right

36
00:03:20,530 --> 00:03:25,440
now to identify the broken links on any target application.

37
00:03:25,450 --> 00:03:27,040
So let's quickly go on to that link.

38
00:03:28,210 --> 00:03:36,310
And you can see this is the tool now to install this tool, you should have NPM and start your required

39
00:03:36,310 --> 00:03:43,370
Narges so you can install Narges and you can just copy paste this command into your terminal.

40
00:03:44,490 --> 00:03:51,440
Now, once you do this, you are ready to run a broken link or in short, be.

41
00:03:52,350 --> 00:03:53,580
So let's copy this.

42
00:03:53,580 --> 00:03:58,920
Come on and let's it into our terminal and let's see what happens.

43
00:03:59,100 --> 00:04:04,470
So you can read more about the tool and the documentation from here, and you will be able to know a

44
00:04:04,470 --> 00:04:07,740
lot of more options that you can use.

45
00:04:07,920 --> 00:04:08,310
All right.

46
00:04:08,640 --> 00:04:12,330
So let's quickly copy this and paste it onto our terminal.

47
00:04:12,540 --> 00:04:12,930
So.

48
00:04:14,600 --> 00:04:21,710
Now, you can see over here the filter level is sorry about that filter level is three actually broken?

49
00:04:21,710 --> 00:04:23,900
Not as articulate what X, Y, Z.

50
00:04:23,960 --> 00:04:28,790
So I will hit enter and it will start identifying each.

51
00:04:29,940 --> 00:04:38,190
Link one by one, it will start identifying each link, one by one onto the target web application and

52
00:04:38,190 --> 00:04:42,340
really audio if it is OK or if it is broken, as you can see over here.

53
00:04:42,930 --> 00:04:48,570
Now, one thing to notice over here is let's say if this link is broken, as you can see over here,

54
00:04:49,110 --> 00:04:59,340
because there is no G Carousal dot file into the server, but we cannot take over this because this

55
00:04:59,340 --> 00:05:06,420
file is actually uploaded onto the main target subdomain or that main target server in case you are

56
00:05:06,420 --> 00:05:13,340
able to take over broken X, Y, Z using subdomain Tekoa, then you can solve the malicious content.

57
00:05:13,350 --> 00:05:18,570
But for now, if there is no subdominant or vulnerability, you cannot serve the malicious content which

58
00:05:18,570 --> 00:05:20,560
is hosted on the server itself.

59
00:05:21,150 --> 00:05:25,050
So let's try to identify some links which are not posted on the same server.

60
00:05:25,050 --> 00:05:32,910
But somewhere else here we can see that we have identified a broken link which is on Lingnan.

61
00:05:33,510 --> 00:05:41,920
Now we can decode this now because this is pointing to a LinkedIn profile which says Take me over please.

62
00:05:42,360 --> 00:05:50,430
So yeah, we have made this wonderful link onto the target server and it has successfully pointed out

63
00:05:50,430 --> 00:05:53,400
that this is a broken link which can be taken over.

64
00:05:53,940 --> 00:06:00,480
So I hope you guys understand how you can utilize this and it will tell you all the broken links into

65
00:06:00,480 --> 00:06:01,430
any target.

66
00:06:02,190 --> 00:06:05,420
As you can see, this is the final finished version.

67
00:06:05,430 --> 00:06:07,500
And you can see these are all the broken links.

68
00:06:07,770 --> 00:06:13,930
We cannot good with this, but we can take away the Lingnan one and we can report it to the Target website.

69
00:06:15,090 --> 00:06:15,990
So thank you.