1
00:00:00,180 --> 00:00:07,900
So in this video, we're going to talk about this and witness, so let's see what we know.

2
00:00:08,130 --> 00:00:09,060
What are these?

3
00:00:09,090 --> 00:00:11,030
We have the Dena's for name resolution.

4
00:00:11,580 --> 00:00:13,290
So these are minor.

5
00:00:13,290 --> 00:00:20,030
And entertainers are also used for demonstration when DNS fails to resolve a particular name, specifically

6
00:00:20,040 --> 00:00:21,770
larcombe, that does not exist.

7
00:00:22,110 --> 00:00:32,100
So the first then when those systems use a little minor and DNS services, uh, transfer link, local

8
00:00:32,100 --> 00:00:33,440
multicast, no resolution.

9
00:00:33,900 --> 00:00:41,290
So you will understand at the end of the video why this is called multicast and system for other Nakash.

10
00:00:41,310 --> 00:00:44,790
So they have that Nakash and the name was not found.

11
00:00:45,060 --> 00:00:49,140
Then it was broadcast to our computers asking for that name in the subnet.

12
00:00:49,350 --> 00:00:54,050
So what they want to LexisNexis dot com are they want to access the file share sir.

13
00:00:54,300 --> 00:00:57,030
That is uh temporary.

14
00:00:57,780 --> 00:00:59,570
So let's say some sample of it.

15
00:00:59,970 --> 00:01:07,830
So that sample share is not present and then it will ask for all the computers in the subnet, whether

16
00:01:08,130 --> 00:01:10,680
each computer, how to share or not.

17
00:01:12,030 --> 00:01:16,370
Now since that username and then Talum hash, even though it is Pretoria's once.

18
00:01:16,560 --> 00:01:22,530
So if anyone says that I have this share, then the client will send the user and then hash.

19
00:01:23,280 --> 00:01:28,500
So then the computer can tell whether it has to share or not.

20
00:01:28,830 --> 00:01:31,460
But the request contains this username.

21
00:01:31,470 --> 00:01:40,350
And so even if they use a password has been very weak, then you can crack this hash with John Ashcroft.

22
00:01:41,490 --> 00:01:47,510
So if you think the hash password will be strong, then there is no point in cracking.

23
00:01:47,970 --> 00:01:50,830
So you can try, uh, with the tools.

24
00:01:52,290 --> 00:01:58,050
So now let's come into this and Buthayna stands for net worth names, although this is also seem like

25
00:01:58,050 --> 00:02:00,390
business and I am not.

26
00:02:00,780 --> 00:02:05,340
But there is some there are some changes between that and DNS.

27
00:02:05,790 --> 00:02:09,140
It is similar to the NSA and there but it's only IP.

28
00:02:10,200 --> 00:02:17,140
So if you want to, uh, access the business that he's using IP, then you need to use this because,

29
00:02:17,160 --> 00:02:20,280
I mean, I support abortion and be watching for as well.

30
00:02:20,940 --> 00:02:24,480
And you need to remember the order in which there were no systems.

31
00:02:24,480 --> 00:02:27,130
Uh, use these protocols first.

32
00:02:27,180 --> 00:02:30,960
DNS will be checked and then I I'm not an entertainer.

33
00:02:31,040 --> 00:02:40,980
So Beaners had a higher priority and then I ended and muteness so but it is how we can pois in this

34
00:02:41,460 --> 00:02:45,840
manner and how do we get the user and that parum hash.

35
00:02:46,410 --> 00:02:53,540
So you can see the diagram Major have got from the Internet, uh, see the stuff funded commission.

36
00:02:53,550 --> 00:02:58,090
And is there being a server stepdown user since incorrupt as ambushers.

37
00:02:58,380 --> 00:03:08,970
So was if user types mis misspelled the to personnel then it was for the DNA however and Denisova response

38
00:03:08,970 --> 00:03:19,520
with this shit has not been for then uh because of the NSA for you, it will broadcast to all the uh,

39
00:03:19,650 --> 00:03:20,640
computers in the software.

40
00:03:20,790 --> 00:03:27,540
Farshid with a Nakash of course it will be not formed because it's not Cartwright so that this will

41
00:03:27,540 --> 00:03:30,160
perform, not be broadcast.

42
00:03:31,290 --> 00:03:37,560
Now we have this attack commission on what we going to do is we will say that we will use this responder

43
00:03:37,560 --> 00:03:45,870
responder is a Python script, uh, responder's the that I have this, this is zero one and it will

44
00:03:45,870 --> 00:03:52,110
accept that until two years after accepting the hash it will say that I do not have and there is an

45
00:03:52,110 --> 00:03:53,310
error in finding this.

46
00:03:53,670 --> 00:04:00,270
So this we think, uh, will not raise anything because it will think that it's a legitimate response,

47
00:04:00,570 --> 00:04:02,640
legitimate request and a different response.

48
00:04:03,180 --> 00:04:05,400
So this is the overall view of this.

49
00:04:05,790 --> 00:04:10,400
Uh, I I'm not poisoning or we need to do this.

50
00:04:10,410 --> 00:04:12,870
We need to go on this with the responder.

51
00:04:13,110 --> 00:04:20,730
And whenever the victim types the incorrect assumption trust, then our responder, uh, will capture

52
00:04:20,730 --> 00:04:25,830
the NPRM to have action to Hirsch and his partner sends the error back to the grid.

53
00:04:25,830 --> 00:04:26,640
So whatever.

54
00:04:26,640 --> 00:04:28,500
We don't care about this response.

55
00:04:28,680 --> 00:04:31,290
All we care about this is a. war watching to.

56
00:04:32,430 --> 00:04:35,430
So I think that's all for this video.

57
00:04:35,520 --> 00:04:39,220
Even you can Google search for and witness or no tapes.

58
00:04:39,300 --> 00:04:40,470
There are some tapes.

59
00:04:40,710 --> 00:04:48,300
However, even though we do not tape has been set up, uh, this broadcast will occur and we will get

60
00:04:48,300 --> 00:04:49,620
the entire motion to hash.