1
00:00:00,300 --> 00:00:02,400
Minimum information principal.

2
00:00:03,830 --> 00:00:08,870
So let me tell you, there's an interesting belief out there in the development community that they

3
00:00:08,870 --> 00:00:13,490
explain everything about the application in detail.

4
00:00:15,210 --> 00:00:23,520
Now, it's not necessarily bad, but sometimes this really good behavior goes beyond its good intention.

5
00:00:24,760 --> 00:00:30,160
And that means that it provides some important information for a pen tester.

6
00:00:31,290 --> 00:00:38,910
So this kind of information sometimes can help us and, well, particularly vital situations, there

7
00:00:38,910 --> 00:00:41,730
may be different ways to get this kind of information.

8
00:00:42,510 --> 00:00:43,950
But I want to give you a few tips.

9
00:00:45,840 --> 00:00:52,530
So the first thing is to read just about all the HTML source files or at least write your own script

10
00:00:52,530 --> 00:01:00,420
to investigate the sources for certain special tags and words you can find in the email comment that

11
00:01:00,420 --> 00:01:06,180
contains any information about the back end of the applications, such as passwords, usernames.

12
00:01:06,300 --> 00:01:07,230
That's golden.

13
00:01:08,600 --> 00:01:10,340
Also, look through the help pages.

14
00:01:11,460 --> 00:01:15,210
Use the demo users if the application has one.

15
00:01:16,750 --> 00:01:24,370
Now, once I test an application, I can see an unauthenticated help document which contains an administrative

16
00:01:24,370 --> 00:01:25,180
demo user.

17
00:01:25,930 --> 00:01:32,590
So it's these types of errors that are, well, decreasing constantly because companies are moving faster

18
00:01:32,590 --> 00:01:36,520
and faster to better deployment and better development environments.

19
00:01:37,460 --> 00:01:39,020
But that doesn't mean they're not out there.

20
00:01:40,320 --> 00:01:46,470
Also, there may be some error and warning directives that are helpful to the general users, such as

21
00:01:46,740 --> 00:01:48,540
your password is wrong.

22
00:01:49,650 --> 00:01:56,130
Save it for a pen, testor, this means brute force the password, because you've already got some usernames,

23
00:01:56,130 --> 00:01:56,370
right?

24
00:01:57,660 --> 00:02:03,450
And sometimes errors are caused in the back end and those can be directly reflected to the user.

25
00:02:05,240 --> 00:02:08,830
And again, for general user, it doesn't have any meaning.

26
00:02:10,030 --> 00:02:16,150
But the hacker or a pin tester is not the same as a general user.

27
00:02:17,720 --> 00:02:24,680
And then one last thing that I want to mention to you, sometimes we can observe all the information

28
00:02:24,680 --> 00:02:32,960
about all the employees on the Web site of the company seriously, all board members, employees, their

29
00:02:32,960 --> 00:02:38,780
phone numbers, names, emails, even way more info than that and.

30
00:02:40,020 --> 00:02:47,400
I'm not telling you that that's a vulnerability or you've got to hide this information, but I really

31
00:02:47,400 --> 00:02:50,710
think that it shouldn't be that easy to find anywhere.

32
00:02:50,790 --> 00:02:54,990
It really does help for the social engineering purposes.