1
00:00:00,180 --> 00:00:06,760
So in this, we will be doing the check the box machine poison and it's resistant and 84.

2
00:00:07,680 --> 00:00:10,140
So I have already done that and my skin.

3
00:00:10,710 --> 00:00:15,180
So you can see the normal version scanning our reports.

4
00:00:15,840 --> 00:00:18,690
And we have only two spots, open port.

5
00:00:18,690 --> 00:00:25,940
And the report, you can see is set to open in situations and point to an Apache to 429.

6
00:00:26,220 --> 00:00:32,530
And also it tells us that the operating system is free and production is 562.

7
00:00:33,540 --> 00:00:38,190
So there is there are no airports open and one is filtered.

8
00:00:39,300 --> 00:00:41,130
So this is the information we have got.

9
00:00:45,210 --> 00:00:49,860
I heard on the Globalstar, can it not give me any examples that are useful?

10
00:00:50,160 --> 00:00:51,630
OK, let's visit the website.

11
00:00:56,630 --> 00:01:07,310
So it is time to test the pitch postscripts, OK, sites we tested, so, uh, I invite BHP in for BHP,

12
00:01:08,160 --> 00:01:10,040
which defines BHP for.

13
00:01:10,280 --> 00:01:12,500
So let's try one scoop.

14
00:01:16,360 --> 00:01:19,240
OK, let's try one script, another BHP.

15
00:01:22,020 --> 00:01:25,400
And it's having some arrests.

16
00:01:27,200 --> 00:01:27,640
OK?

17
00:01:27,660 --> 00:01:32,240
And you can see in the middle, it says fight is equally spoo are in need of BHB.

18
00:01:32,400 --> 00:01:40,760
So that means the contents of a unit that are being included in this such and such.

19
00:01:40,800 --> 00:01:42,830
But you can see Brossette, BHP.

20
00:01:43,110 --> 00:01:47,420
So the contents of I know that HP are being written in this page.

21
00:01:48,270 --> 00:01:53,330
So that means we they include function in the HP background.

22
00:01:53,730 --> 00:01:55,890
So what you can see is you can say it, see

23
00:01:58,860 --> 00:02:04,230
if we can improve the resiliency, know we got that part of the information.

24
00:02:05,640 --> 00:02:08,230
So now let's look for the users.

25
00:02:10,680 --> 00:02:17,950
So you can see the user Cherrix, an encrypted password, one zero zero one zero one zero one group.

26
00:02:18,870 --> 00:02:26,730
And this information on Belltrees home, Torex and the default is see surge that is concerned.

27
00:02:28,140 --> 00:02:29,790
You can see the root user here.

28
00:02:30,750 --> 00:02:33,180
And Jesus name is Charlie.

29
00:02:33,690 --> 00:02:35,610
And he also had the concert.

30
00:02:37,780 --> 00:02:46,660
OK, there is nothing much information here, so let's go ahead and let's see what are the polls open.

31
00:02:46,880 --> 00:02:52,460
So as the search parties open and of course, it is open.

32
00:02:52,470 --> 00:02:59,900
So instead of a tip, let's say that the dog or the dog.

33
00:03:00,200 --> 00:03:07,280
So if we can retrieve the contents of this, we can present the order log and it could be a special.

34
00:03:09,600 --> 00:03:10,710
So permission denied.

35
00:03:10,740 --> 00:03:20,760
So there is order, but, uh, we are I think we are that are so that's why the permission is denied.

36
00:03:21,700 --> 00:03:22,710
OK, that's fine.

37
00:03:22,830 --> 00:03:25,830
So let's see for that BHP.

38
00:03:28,940 --> 00:03:37,070
So this is about the system information like, you know, here and the terrorist files, so you are

39
00:03:37,070 --> 00:03:44,210
the first in the current territory rose index for a full speech before and people will be back up.

40
00:03:44,900 --> 00:03:46,700
So this one is interesting.

41
00:03:48,650 --> 00:03:50,870
So its contents.

42
00:03:55,720 --> 00:04:04,660
So why is the press so the pursuit of security included at least 13 times what could go wrong really

43
00:04:05,080 --> 00:04:05,820
like this?

44
00:04:05,830 --> 00:04:13,710
You can see that then is easy to sign so you can, uh, transfer base64 and.

45
00:04:17,780 --> 00:04:18,920
So this is the thing.

46
00:04:19,590 --> 00:04:24,320
So there are some spaces I don't know why they got the spaces, so you can.

47
00:04:27,300 --> 00:04:28,380
Copy this.

48
00:04:30,240 --> 00:04:37,080
And let's fight on three novelettes, and that is equal to.

49
00:04:38,880 --> 00:04:39,390
This one.

50
00:04:57,110 --> 00:05:03,100
All we can say is wrong, and no one is getting the little.

51
00:05:10,030 --> 00:05:10,410
Mm.

52
00:05:13,520 --> 00:05:18,200
So let's go to, uh, Sabor, Jeff.

53
00:05:31,100 --> 00:05:40,220
Based on input and search for base64 and from base64, so sort of this and you got this sort of scoppetta

54
00:05:40,280 --> 00:05:46,700
so you can do at combining Purdum's, but that's syndicalist to this.

55
00:05:59,390 --> 00:06:00,710
OK, that's fine.

56
00:06:01,050 --> 00:06:07,670
I see the calls to reconsider brackets.

57
00:06:12,490 --> 00:06:13,630
We are getting there.

58
00:06:56,160 --> 00:06:58,030
OK, that should do it.

59
00:06:58,380 --> 00:07:03,030
So we got single thing, so import base64.

60
00:07:05,980 --> 00:07:07,660
With 64 and

61
00:07:10,340 --> 00:07:18,340
64, not be 64 because they got off, yes.

62
00:07:26,720 --> 00:07:39,320
OK, that should be so far in range of one 12 on comma 13, and it's term is equal to.

63
00:07:42,080 --> 00:07:42,530
Miss.

64
00:07:43,930 --> 00:07:53,020
Base64, not base64, because this is so critical.

65
00:07:53,470 --> 00:07:59,820
We need to come as equals to this dealer of Kim.

66
00:08:02,580 --> 00:08:05,520
OK, and then we can just print.

67
00:08:07,180 --> 00:08:08,080
I yes.

68
00:08:12,780 --> 00:08:13,820
Got parody.

69
00:08:33,360 --> 00:08:37,570
That's why this is giving me wrong.

70
00:08:40,410 --> 00:08:42,340
So it's turning into that skirt.

71
00:08:42,420 --> 00:08:47,070
So anyway, let's use this, let's go good four times.

72
00:08:48,810 --> 00:08:49,800
And file.

73
00:08:55,550 --> 00:08:56,420
Six.

74
00:08:58,090 --> 00:09:04,560
Seven, eight, nine, 10, 11, who are.

75
00:09:07,580 --> 00:09:15,300
So you can see on the that Ed, we got the puzzle Cherrix, so this should be the password for the user.

76
00:09:15,320 --> 00:09:23,330
Cherrix Since we have the S's which are for open, it's Torex and ready for.

77
00:09:27,010 --> 00:09:35,530
So you guys you guys can try to be caught in this in a loop, so this is getting the roasting so we

78
00:09:35,720 --> 00:09:36,880
can return to this thing.

79
00:09:38,800 --> 00:09:40,960
So you can also use conservative.

80
00:09:47,980 --> 00:09:49,510
So the pastor here.

81
00:09:50,800 --> 00:09:55,630
And what about the social and other matter that is put on the rocks?

82
00:09:56,520 --> 00:09:58,780
First, I did not find these logs.

83
00:09:59,150 --> 00:10:02,440
Uh, I was scheduled to go to this.

84
00:10:04,790 --> 00:10:06,360
Log and.

85
00:10:08,690 --> 00:10:10,370
Access, Dr. Robert.

86
00:10:11,600 --> 00:10:13,520
So there is no such thing as a tree.

87
00:10:14,540 --> 00:10:20,800
No, you can still locate that rock so you can see all the rock face and you can see one in there.

88
00:10:20,840 --> 00:10:22,530
It should be access rock.

89
00:10:23,300 --> 00:10:24,560
So let's go to that.

90
00:10:28,750 --> 00:10:29,440
So there you go.

91
00:10:29,680 --> 00:10:38,260
So what you can do is you can intercept on and off this page.

92
00:10:40,670 --> 00:10:44,780
Peter, and now and should have this huge again.

93
00:10:49,590 --> 00:10:50,310
BHP.

94
00:10:53,630 --> 00:10:54,560
System.

95
00:11:09,730 --> 00:11:18,370
So we are not in this system called the cops year, and that should be roped into this.

96
00:11:19,870 --> 00:11:27,310
OK, let's send this and we got the response, so let's bring this.

97
00:11:29,980 --> 00:11:34,600
But this one and now that sort of fresh.

98
00:11:36,680 --> 00:11:38,430
Cannot execute a blank plan.

99
00:11:38,460 --> 00:11:43,550
So that means our group has been successfully locked down.

100
00:11:45,530 --> 00:11:53,450
We did not do a nickel and that's why it's saying we cannot continue, uh, this bill, not impeachment.

101
00:11:54,410 --> 00:11:57,080
OK, now we are going to pass this.

102
00:11:58,460 --> 00:12:03,320
You can say ampersand is equal to and right are my.

103
00:12:06,360 --> 00:12:09,150
We should see some more than you know.

104
00:12:15,870 --> 00:12:16,770
On.

105
00:12:24,950 --> 00:12:29,450
Well, it's, you know, my necip.

106
00:12:33,070 --> 00:12:34,090
Back to Quest.

107
00:12:36,200 --> 00:12:37,130
It's, you know.

108
00:12:39,930 --> 00:12:41,370
Alby Schultz.

109
00:12:47,070 --> 00:12:48,780
So they the seized the.

110
00:12:51,240 --> 00:12:52,110
So I don't know.

111
00:12:52,320 --> 00:12:53,070
That's.

112
00:12:55,380 --> 00:13:06,170
Let's look for who might should be some of the better you can see here, so that's being protected.

113
00:13:10,180 --> 00:13:19,790
OK, but you can push the reversal here like a Netcare pressure with Russia and you can get the other

114
00:13:20,230 --> 00:13:23,990
shirt so you can try that one.

115
00:13:24,040 --> 00:13:26,290
So this one is somewhat easier.

116
00:13:28,060 --> 00:13:31,090
So we know into the Cherrix.

117
00:13:32,440 --> 00:13:38,640
So this is going to be you can submit the flag and now there is a secret object.

118
00:13:38,830 --> 00:13:40,540
So that's Gauna and this.

119
00:13:42,820 --> 00:13:51,070
So it's requoting passphrase, and we cannot do this because it's a control order, it's, uh, we need

120
00:13:51,070 --> 00:13:53,140
to get it on our machine.

121
00:14:02,090 --> 00:14:05,060
I think I already have this sort of mother.

122
00:14:07,250 --> 00:14:08,420
That's in a third.

123
00:14:12,440 --> 00:14:17,660
So whatever coming at the end of the report, it should be sealed, as he calls it.

124
00:14:18,350 --> 00:14:21,740
So I think we can see so the resiliency.

125
00:14:25,530 --> 00:14:31,920
My coronets IP address, one, two, three, four, and send this secret that the.

126
00:14:36,550 --> 00:14:38,160
No, wait a few seconds.

127
00:14:40,230 --> 00:14:41,400
And this one.

128
00:14:43,700 --> 00:14:45,500
So 166 bite's.

129
00:14:49,720 --> 00:14:59,460
And once every six months or transfer successfully knowledge on this suit, the password, use the tray,

130
00:14:59,470 --> 00:15:03,160
the password of this user, this one Cherrix.

131
00:15:05,220 --> 00:15:08,030
So that means the Passover workers successfully.

132
00:15:08,070 --> 00:15:09,430
That's right.

133
00:15:10,200 --> 00:15:17,640
So you can see Passover reuse always remember are the passwords you gained starting from the starting

134
00:15:17,640 --> 00:15:20,440
point over the TICAD secret.

135
00:15:20,440 --> 00:15:21,710
Top secret.

136
00:15:21,750 --> 00:15:30,230
So it's somewhere in order to file a secret and it's not as good.

137
00:15:31,380 --> 00:15:38,400
So at this point, I do not get any, uh, any way from this either.

138
00:15:38,560 --> 00:15:42,560
So then see the root process.

139
00:15:52,800 --> 00:15:58,890
So this is it, she's running as root and economies running.

140
00:16:01,080 --> 00:16:09,780
I took the there, but it's not very useful and you can see the reserve of BNC session running and it

141
00:16:09,780 --> 00:16:11,460
is authenticated as a group.

142
00:16:12,680 --> 00:16:15,240
OK, so let's get some more details.

143
00:16:27,970 --> 00:16:35,650
Group B and C positively so, B and C, possibly the

144
00:16:38,320 --> 00:16:39,760
B and C, possibly.

145
00:16:44,900 --> 00:16:48,990
Your passport is possible in your directory.

146
00:16:49,310 --> 00:16:53,090
You can dig through it or they can replace it.

147
00:16:53,640 --> 00:17:03,320
OK, so you can see this secret file so that maybe our passport, because it's encrypted, so you can

148
00:17:04,310 --> 00:17:05,170
keep it right there.

149
00:17:05,600 --> 00:17:08,830
And also it's running on the finance 014.

150
00:17:10,690 --> 00:17:20,230
I so running on, financeable on board, but we did not get, uh, that final zero point in our KPIs

151
00:17:20,260 --> 00:17:21,370
can actually be scanned.

152
00:17:21,580 --> 00:17:24,250
So that means this is a local service.

153
00:17:24,460 --> 00:17:26,490
So I can go to the local services.

154
00:17:26,500 --> 00:17:31,410
We need to put forward, uh, our any of the port.

155
00:17:31,930 --> 00:17:36,370
So, as I said, uh, that's three thousand.

156
00:17:36,550 --> 00:17:41,380
So I'm forwarding my 3000 port police.

157
00:17:42,560 --> 00:17:42,950
Local.

158
00:17:44,240 --> 00:17:46,120
So this one is the destination.

159
00:17:49,330 --> 00:17:56,970
So we have or whatever I send the to 3000 boats will be redirected to this destination of this machine.

160
00:17:57,340 --> 00:18:04,180
So this machine, that means localhost final 01 in order to organize CHERRIX.

161
00:18:05,800 --> 00:18:11,020
So we can also use the chisel in case if you do not have any Secich credentials.

162
00:18:11,480 --> 00:18:12,760
Oh, no return to.

163
00:18:21,570 --> 00:18:29,940
So with the chisel, you can also do the proxy change if you want and you can scan all the local services.

164
00:18:30,420 --> 00:18:34,200
So at one point you will see the final report has the BNC.

165
00:18:36,130 --> 00:18:40,030
OK, now what we can do is we can use the B and C, V or.

166
00:18:46,120 --> 00:18:47,710
And now that's, uh.

167
00:18:51,140 --> 00:18:59,860
So it's asking for a password, so we do not have any password sent or something, so I don't ID so.

168
00:19:00,230 --> 00:19:05,180
So what we can do is we can specify the possibility file as the secret.

169
00:19:05,570 --> 00:19:05,950
OK.

170
00:19:08,580 --> 00:19:15,780
How does it use that encrypted, possibly as an ID instead of plain text passport?

171
00:19:16,140 --> 00:19:18,210
So now you can see who might.

172
00:19:31,760 --> 00:19:34,940
It's somewhat slow, let's wait for a few seconds.

173
00:19:43,880 --> 00:19:51,320
So this is similar to the previous books which, uh, runs the autumn session, and we are connected

174
00:19:51,350 --> 00:19:51,680
to.

175
00:19:55,080 --> 00:20:04,560
So we are my roots, so we got the Rucha, let's close this now search for VMC, possibly the keeper

176
00:20:05,160 --> 00:20:06,270
of the Gopalan.

177
00:20:13,380 --> 00:20:16,530
OK, or else we can use a to.

178
00:20:20,330 --> 00:20:28,380
So this is, uh, you can go on this room and you can see you can compare this, uh, Siefer and you

179
00:20:28,380 --> 00:20:29,780
will get the benefit, OK?

180
00:20:30,200 --> 00:20:32,240
I have already clone the repository.

181
00:20:38,720 --> 00:20:47,290
OK, I have already compiled this and we can see secret now if you on this one, you get the password

182
00:20:48,020 --> 00:20:54,140
so that you can see past all that, copied this password and can see your.

183
00:20:57,410 --> 00:21:00,410
I think they did ask for the password.

184
00:21:02,440 --> 00:21:05,850
And now you can see we have successfully logged.

185
00:21:10,880 --> 00:21:18,030
So let's talk about this, uh, box, about the poison, so there are multiple ways to get to the initial

186
00:21:18,230 --> 00:21:21,350
potential and then you're going to produce.