1
00:00:00,600 --> 00:00:06,200
Here's what's going on in this shouldn't we be doing the Brocky box from the box so that who you in

2
00:00:06,380 --> 00:00:14,780
the desert and already done that and Mexican and Fereshteh on the spot are open and then I got to third

3
00:00:15,150 --> 00:00:16,400
when I'm running the difference.

4
00:00:17,130 --> 00:00:24,600
So if you get these protests to try to reset the box so people are gross.

5
00:00:25,830 --> 00:00:31,950
Now you can see that from day one, FTB server is open.

6
00:00:33,000 --> 00:00:36,590
I tried using the anonymous credentials but did not work.

7
00:00:36,600 --> 00:00:41,930
And you can see what is open and it is open.

8
00:00:41,940 --> 00:00:47,310
So it's the best four point eight antagonises block graphic.

9
00:00:51,010 --> 00:00:57,620
So let's go over to scan on the standard and the design, and we'll be.

10
00:01:01,230 --> 00:01:08,160
So it's running that I is going on, so what, uh, you can go to the admin.

11
00:01:10,220 --> 00:01:13,910
And you can search for our P.S. down page.

12
00:01:15,830 --> 00:01:20,780
So it seems to be an absolute surprise.

13
00:01:23,090 --> 00:01:25,730
So at this point, it's just in my DNA.

14
00:01:25,760 --> 00:01:28,040
So that means you are not a loser.

15
00:01:28,520 --> 00:01:33,950
We need to search for another names and we can use the Web.

16
00:01:33,950 --> 00:01:34,460
You can.

17
00:01:39,950 --> 00:01:49,410
Thirty seven and E for innumerate option, I want another team's users, so I want to triple against

18
00:01:49,550 --> 00:01:50,960
teams, end users.

19
00:01:52,610 --> 00:01:54,350
So this is going to take a while.

20
00:01:54,690 --> 00:01:56,790
I want to stop this already.

21
00:01:58,710 --> 00:02:03,370
I ran the scan and you can see there is a page put my.

22
00:02:05,250 --> 00:02:13,700
And plug wiki, etc., So the better tricks which I have use plugins and BHP might be.

23
00:02:13,830 --> 00:02:14,640
So let's go.

24
00:02:18,360 --> 00:02:20,970
BHP Mirman and.

25
00:02:25,310 --> 00:02:26,000
Regens.

26
00:02:28,090 --> 00:02:35,940
So it is good for Fairbrother and we have put dollface and people like you can try group pool.

27
00:02:38,260 --> 00:02:42,220
So it did not work or the download is this first.

28
00:02:42,300 --> 00:02:43,690
I have already done this one.

29
00:02:50,110 --> 00:03:00,040
So these two other face are recruited to run the streets so the strings will not reveal any information

30
00:03:00,670 --> 00:03:04,090
we need to work on this draft.

31
00:03:05,290 --> 00:03:09,070
So to extract all the files and so of this.

32
00:03:16,010 --> 00:03:18,890
So let's go to this Florida.

33
00:03:22,300 --> 00:03:30,610
And let's find out and we have a class for so let me I'll play the strings on this.

34
00:03:33,140 --> 00:03:41,360
A school user, passwords, trying to identify with the school username and password localhost is the

35
00:03:41,360 --> 00:03:46,980
same computer and this one, so you have the credentials.

36
00:03:47,270 --> 00:03:48,830
So these may be credentials.

37
00:03:49,520 --> 00:03:50,000
Copy.

38
00:03:50,000 --> 00:03:51,110
Exactly.

39
00:03:51,440 --> 00:03:56,170
And go to the speech with my admin and post on Go.

40
00:03:58,560 --> 00:04:07,110
So let's see what we can and so these teams, you can expect these teams and bergin's only when you

41
00:04:07,110 --> 00:04:07,890
have the access.

42
00:04:08,190 --> 00:04:14,940
Other is what you want to do is you need to search for the number twenty 2016 and you need to see what

43
00:04:14,940 --> 00:04:16,250
are the vulnerabilities for that.

44
00:04:16,860 --> 00:04:20,670
So, OK, uh, for now, that is not user.

45
00:04:21,030 --> 00:04:22,080
OK, that's good.

46
00:04:22,770 --> 00:04:24,780
And the consumer database.

47
00:04:25,380 --> 00:04:26,940
And see what those.

48
00:04:29,020 --> 00:04:31,180
So not and this is the past.

49
00:04:31,510 --> 00:04:34,990
So what you can do is you can edit this password precognitive.

50
00:04:44,700 --> 00:04:56,010
So you gonna drop down and search for him before and before and change the password to not so your name

51
00:04:56,010 --> 00:04:56,610
is not.

52
00:04:56,610 --> 00:04:58,950
Password is not and you can go.

53
00:05:00,140 --> 00:05:06,440
So put up know, no, you can go to not and not remember.

54
00:05:10,550 --> 00:05:11,790
So, uh.

55
00:05:15,600 --> 00:05:22,790
You can also enumerate all these databases once you can not find any juicy information.

56
00:05:33,900 --> 00:05:38,070
So we have these teams, so let's go to Team Ed.

57
00:05:40,610 --> 00:05:48,650
And what we can do is click on this format for that BHP and read this BHP system of.

58
00:05:53,950 --> 00:05:55,350
Underscored the tough.

59
00:05:56,550 --> 00:05:57,390
See, the.

60
00:06:01,170 --> 00:06:02,150
And a big.

61
00:06:04,440 --> 00:06:07,790
So finally they successfully so we can go to that.

62
00:06:11,090 --> 00:06:16,430
Ten, ten, thirty, seven, and not a medication that will be content.

63
00:06:18,050 --> 00:06:19,150
This is the teams, right?

64
00:06:19,150 --> 00:06:27,590
Teams are going to continue until 2017 for not four, but BHP.

65
00:06:30,220 --> 00:06:35,850
So to this point, I think because we need to send the current system decisions to who am I?

66
00:06:37,210 --> 00:06:39,430
So you can see we got the RC.

67
00:06:40,680 --> 00:06:41,790
And you guys with the.

68
00:06:47,660 --> 00:06:50,840
So let's go for which Britain?

69
00:06:52,340 --> 00:06:58,630
So there is no on let's go for my country, and that is my country.

70
00:07:02,350 --> 00:07:03,850
Now, grab a shirt.

71
00:07:12,240 --> 00:07:15,930
OK, I have diabetes this already, and.

72
00:07:20,690 --> 00:07:21,790
Compare this.

73
00:07:27,720 --> 00:07:28,830
And post here.

74
00:07:30,830 --> 00:07:31,590
Now, the.

75
00:07:33,190 --> 00:07:39,630
Control third and starting gun for growth, so we got some nice shirt.

76
00:07:45,280 --> 00:07:55,480
They're using any juicy information here and let's go to the country, even though we have access to

77
00:07:55,480 --> 00:08:02,220
the oh my yes, let's see whether we have the credentials of any other user or not.

78
00:08:04,140 --> 00:08:08,330
Database and WordPress and user name is WordPress and Password.

79
00:08:08,820 --> 00:08:13,220
So if you want login with the word placenames, everything has these credentials.

80
00:08:13,920 --> 00:08:18,780
So you have got to to the right for the principal, Mike.

81
00:08:22,660 --> 00:08:23,980
Let's go to city hall.

82
00:08:25,680 --> 00:08:29,710
You not a minister, Minister Deora hits.

83
00:08:32,300 --> 00:08:36,710
So there is a Minecraft folder, so let's go into that.

84
00:08:44,630 --> 00:08:49,130
So when I wrote this piece for not.

85
00:08:51,350 --> 00:08:57,680
So there is a job running in the background, you should respond to that.

86
00:08:57,950 --> 00:09:05,360
So we will see in the papers so we can see this is the job and this startup script is running this one.

87
00:09:06,280 --> 00:09:17,820
Cats are as its so this is a rabbit hole and this does not do anything, so I literally stuck here and

88
00:09:18,250 --> 00:09:19,390
did not do anything.

89
00:09:20,520 --> 00:09:20,950
Hmm.

90
00:09:21,770 --> 00:09:28,330
When I see when I saw the writer, it's very funny because where is the password.

91
00:09:28,340 --> 00:09:29,020
We got this.

92
00:09:39,510 --> 00:09:42,130
So this is the answer for but not use.

93
00:09:43,710 --> 00:09:52,500
So I just completely fell like a stupid because we have one kodansha and nothing to use on this, not

94
00:09:52,500 --> 00:09:52,700
yours.

95
00:09:53,310 --> 00:09:58,650
So that's definitely my word is it's not either localhost.

96
00:10:00,610 --> 00:10:02,720
Yes, and password.

97
00:10:03,940 --> 00:10:11,170
So one lesson we learned is whenever you get one password, even that is starting for the user, you

98
00:10:11,170 --> 00:10:15,390
keep it aside and try for logging in to other users.

99
00:10:16,240 --> 00:10:18,490
So that prescription, very simple.

100
00:10:18,490 --> 00:10:28,090
SoloHealth, take the page, the password, and you can see all the comments as to the sort of been

101
00:10:28,090 --> 00:10:29,080
Basche minus.

102
00:10:30,190 --> 00:10:31,750
So we the root to the.

103
00:10:33,940 --> 00:10:43,340
So this is a very easy box about the important thing is you need to make sure that you apply the credentials

104
00:10:43,360 --> 00:10:45,250
for all the possible.

105
00:10:46,610 --> 00:10:47,480
Situations.