1
00:00:00,060 --> 00:00:04,620
Because in this room, we're going to try to root for this as a search for our way out.

2
00:00:05,640 --> 00:00:08,190
So first we will do with a map script.

3
00:00:08,940 --> 00:00:11,850
Look at Tennessee and for a.

4
00:00:14,990 --> 00:00:20,970
I know we got this, as I said, but the Tennessee let's copy this and let me get this one.

5
00:00:22,850 --> 00:00:34,760
So let me say less so the usage is different here than a script and script arguments are.

6
00:00:34,970 --> 00:00:39,390
We need to pass the user DBI, uh, users, uh, whorish.

7
00:00:39,680 --> 00:00:44,420
And the positive, which contains the passwords were reached for and against us at the time.

8
00:00:44,570 --> 00:00:45,820
But we're not going to do this.

9
00:00:45,830 --> 00:00:46,890
And the target finally.

10
00:00:48,350 --> 00:00:50,270
So let me keep it like this.

11
00:00:51,380 --> 00:00:55,920
So I have created, uh, two audio files.

12
00:01:00,620 --> 00:01:07,710
Which contains some user names, always keep the admin user and also the name of this Roter user.

13
00:01:08,270 --> 00:01:17,110
So it will be a somewhat gives some advantageous in the password that we have this parcel to password.

14
00:01:17,210 --> 00:01:21,880
And so now we are going to check are these values.

15
00:01:23,300 --> 00:01:26,320
So let's do it in my A.V. MINOCIN.

16
00:01:29,300 --> 00:01:30,260
Be unfair.

17
00:01:30,740 --> 00:01:41,630
Stop taking Lohaus and then that's the script, oh, sorry, behind the podium, which is 22 and now

18
00:01:41,720 --> 00:01:43,280
I'm going to defend the script.

19
00:01:46,380 --> 00:01:48,270
That is, as I said, Brooke.

20
00:01:53,610 --> 00:01:55,890
And I'm going to give this group arguments

21
00:01:57,930 --> 00:02:02,520
users babies equals to.

22
00:02:20,270 --> 00:02:22,220
And I'm going to go this past.

23
00:02:31,600 --> 00:02:33,640
Now, this is where the IP address.

24
00:03:02,630 --> 00:03:07,550
OK, it's praying for the default all that it has.

25
00:03:10,690 --> 00:03:13,280
Maybe we did something wrong.

26
00:03:13,300 --> 00:03:15,490
We need to specifically address the extension.

27
00:03:16,780 --> 00:03:17,580
I don't know.

28
00:03:20,900 --> 00:03:22,070
The niblets.

29
00:03:27,130 --> 00:03:32,800
I think we need to put this the alert to action, otherwise it's not going to recognize.

30
00:03:47,110 --> 00:03:50,460
So let me read them this extension to Rusty.

31
00:04:30,080 --> 00:04:36,770
OK, I know how weird wrong it used to be, Nazi used to be.

32
00:04:43,400 --> 00:04:45,920
OK, now let's bring our poll.

33
00:04:47,930 --> 00:04:51,710
Now you can see Wiretapper sort the very, very current shows.

34
00:04:52,490 --> 00:04:54,820
So sorry for the mistake user.

35
00:04:55,700 --> 00:05:02,090
So it's trying all the combinations and we got this wiretapper as workers just now.

36
00:05:02,100 --> 00:05:06,410
We will see the but, uh, models that is system.

37
00:05:08,690 --> 00:05:15,590
So say use zero and let me say show up.

38
00:05:18,330 --> 00:05:23,610
And already said, gee, are you close to the bilateral ties IP address?

39
00:05:30,670 --> 00:05:38,320
So now we need to set the user, OK, username

40
00:05:41,560 --> 00:05:41,990
user.

41
00:05:42,190 --> 00:05:47,890
OK, we need to set the user file for the only user names and the password for all your passwords.

42
00:05:48,010 --> 00:05:50,680
So let's go ahead and check the said that.

43
00:06:18,700 --> 00:06:23,860
So these are actual options, we have said they are using the in the past.

44
00:06:23,910 --> 00:06:28,390
Right now, let's run this.

45
00:06:47,440 --> 00:06:54,950
OK, does that help without being also so Vyatta password has been successful?

46
00:06:55,270 --> 00:06:58,490
I think it has opened the session desprez.

47
00:07:01,720 --> 00:07:07,860
OK, it has already opened this connection, so clear this we do not want to.

48
00:07:08,290 --> 00:07:08,640
No.

49
00:07:14,110 --> 00:07:21,490
So this is how you use that as a login module for this as a switch, and there is another module, which

50
00:07:21,490 --> 00:07:24,480
is I to underscore publicly.

51
00:07:25,090 --> 00:07:34,240
So if you have the key of the machine, you can just try to brute force it and get the organization.

52
00:07:35,770 --> 00:07:36,940
So I hope you understood.

53
00:07:36,960 --> 00:07:40,510
Now, let's go and try our Hydra and Medusa.

54
00:07:41,920 --> 00:07:53,470
That's a Hydra Hydra minus capital for the user, namely, let's say users not.

55
00:07:56,920 --> 00:07:59,260
Minus capital for passports, not the.

56
00:08:05,260 --> 00:08:07,990
And this is Itakura IP address.

57
00:08:12,920 --> 00:08:20,710
So it has successfully cracked the password, wiarton the password, so you can see the target successfully

58
00:08:20,720 --> 00:08:22,290
completed one very password for.

59
00:08:24,470 --> 00:08:28,670
So let's also see with Medusa disharmonious, which.

60
00:08:35,170 --> 00:08:36,240
Issued for Musafir.

61
00:08:53,700 --> 00:09:01,500
So it's going for each and every user it is seeking are the passwords to each one is to an honest to

62
00:09:01,530 --> 00:09:07,230
everything, as you can see, not regardless of username and password.

63
00:09:07,230 --> 00:09:13,500
Is password seeking also grep for the success like this?

64
00:09:17,750 --> 00:09:18,250
So.

65
00:09:31,830 --> 00:09:40,050
Now, after completion of this, uh, praying, you will get only this right nasal, so which is very

66
00:09:40,050 --> 00:09:40,470
neat.

67
00:09:45,720 --> 00:09:46,920
So it will take some time.

68
00:09:51,400 --> 00:09:59,530
So as you can see, we got only those accessories, we did not get the full values, so like this,

69
00:09:59,890 --> 00:10:05,020
we can brute force using this model are in my script hydrocarbon.

70
00:10:05,530 --> 00:10:06,470
That's up to you.

71
00:10:06,520 --> 00:10:10,530
You use the two girls to get accurate results.

72
00:10:11,110 --> 00:10:12,340
So I hope you have understood.