1
00:00:01,260 --> 00:00:03,520
So another we have all the machines installed.

2
00:00:03,570 --> 00:00:07,710
I just want to show you final configurations of the lab and I want to show you how that is going to

3
00:00:07,710 --> 00:00:12,110
look like and how we're going to use the computers and the future videos.

4
00:00:12,120 --> 00:00:18,470
So the first thing I want you to make sure that all the devices are connected to the same not network.

5
00:00:18,510 --> 00:00:22,740
This is very important so that we can access one device from another.

6
00:00:22,740 --> 00:00:30,000
So I'm going to click on the card in the next and if you go on the settings and go to network you'll

7
00:00:30,000 --> 00:00:34,760
see that it's connected to a network called non-network.

8
00:00:34,780 --> 00:00:38,320
Also if you go here you can see that the network name is 10:24.

9
00:00:38,340 --> 00:00:40,330
If not now you might have a different name.

10
00:00:40,360 --> 00:00:41,050
It doesn't matter.

11
00:00:41,050 --> 00:00:44,610
Just make sure that you could you select the name that you have there.

12
00:00:44,740 --> 00:00:49,570
If you don't see any names in there have a look on the link in the resources you'll see how you could

13
00:00:49,570 --> 00:00:50,860
fix this issue.

14
00:00:50,860 --> 00:00:56,830
But by default virtual box should create should automatically create that network for you and you can

15
00:00:56,830 --> 00:00:58,000
just select it from here.

16
00:00:58,000 --> 00:00:59,970
Now you probably won't see this advanced.

17
00:01:00,130 --> 00:01:01,990
So just not network.

18
00:01:01,990 --> 00:01:05,530
Make sure that the name is selected here for press OK.

19
00:01:06,450 --> 00:01:13,590
Then go to the meet us floatable machine and make sure it's connected to the same network so make sure

20
00:01:13,590 --> 00:01:17,330
you're actually connected to this you might have more than one Nat network.

21
00:01:17,430 --> 00:01:21,250
So make sure it uses like the exact same night network.

22
00:01:21,480 --> 00:01:27,360
So what I come here you can see that it's connected to not I'm going to change that to not network and

23
00:01:27,390 --> 00:01:31,410
I'm going to make sure that you can see that the name is called on the network here.

24
00:01:31,500 --> 00:01:36,320
But the candy machine's network was called Network 10 2014.

25
00:01:36,330 --> 00:01:44,420
So I'm going to make sure that I select the same network that is selected in the Callimachi I'm going

26
00:01:44,420 --> 00:01:45,830
to press OK.

27
00:01:46,610 --> 00:01:49,780
Now my settings are good now.

28
00:01:49,780 --> 00:01:54,580
Like I said before we're going to be using the Callimachi to launch our attack so this is going to be

29
00:01:54,610 --> 00:02:01,570
our attacker machine and we're going to use the meters loiterer well as our victim or as our target.

30
00:02:01,600 --> 00:02:04,860
Now the Meta's floatable comes in with a number of Web sites.

31
00:02:04,860 --> 00:02:08,650
So it's a computer but it has a number of websites installed on it.

32
00:02:08,650 --> 00:02:11,300
And this is usually the way web servers work.

33
00:02:11,320 --> 00:02:15,230
Usually you'd have more than one Web site installed on the same web server.

34
00:02:15,400 --> 00:02:16,750
And this is very useful to us.

35
00:02:16,750 --> 00:02:19,600
We'll talk about that later we'll see why it's very useful.

36
00:02:19,600 --> 00:02:24,360
For now let's see how we can access the web sites on matters floatable.

37
00:02:24,460 --> 00:02:29,020
So I'm just going to log in like I said username is MSF admin and the password is MSF admin

38
00:02:34,510 --> 00:02:38,020
and to see the IP address of this computer.

39
00:02:38,020 --> 00:02:40,770
All you have to do is just type in ifconfig.

40
00:02:40,810 --> 00:02:42,430
So I f Conficker

41
00:02:45,950 --> 00:02:51,770
and the IP address here is 10 20 14 to 14.

42
00:02:51,830 --> 00:02:56,060
So if I go to the candy machine here and if I open my browser

43
00:03:00,230 --> 00:03:03,720
and if I navigate to 10 2014 to 14

44
00:03:10,120 --> 00:03:15,330
you can see that I can access my US floatable machine and it says meet us floatable too.

45
00:03:15,330 --> 00:03:20,400
So this is the web server installed on dimittis floatable machine.

46
00:03:20,410 --> 00:03:24,970
Now throughout the course of this IP might be changing so I might be going to a different IP because

47
00:03:24,970 --> 00:03:30,790
sometimes the IP of the network changes every time you run it for you if you access that IP and nothing

48
00:03:30,790 --> 00:03:31,580
works for you.

49
00:03:31,600 --> 00:03:36,880
All you have to do is just go back to the Mutazz floatable machine and run ifconfig and see what you

50
00:03:36,880 --> 00:03:37,480
get.

51
00:03:37,480 --> 00:03:42,090
Then if you navigate to it here you'll see that you can access the web server.

52
00:03:42,280 --> 00:03:47,260
Now as you can see there is a number of Web sites installed in meters floatable So if you click on Matile

53
00:03:47,260 --> 00:03:49,350
day you'll have a site.

54
00:03:49,380 --> 00:03:55,050
If we go back if you click on DVD or when you have another website and we'll talk about these Web sites

55
00:03:55,060 --> 00:03:57,850
and we'll talk about how to hack them in future videos.

56
00:04:00,880 --> 00:04:07,690
One more thing that I want to point is the configuration of one of the Web sites is mis configured with

57
00:04:07,690 --> 00:04:08,670
me to exploit.

58
00:04:08,860 --> 00:04:13,440
So I'm just going to show you how to fix it now so that in the future you won't have any errors.

59
00:04:13,480 --> 00:04:18,760
Once we start to turning in the attacks the website that's mis configured is Matile a day.

60
00:04:18,980 --> 00:04:23,440
So we're just going to modify its configuration using nano which is a text editor.

61
00:04:23,840 --> 00:04:28,700
So we're going to type in nano and then we're going to type in the path for the config file which is

62
00:04:28,700 --> 00:04:36,720
stored in var w w w Matile today config that AInc.

63
00:04:36,720 --> 00:04:43,460
So Nano is the program that we're going to use to modify the configuration and var W.W. Matilda confidant

64
00:04:43,530 --> 00:04:44,100
Inc.

65
00:04:44,310 --> 00:04:49,560
Is where the config file is stored and to run this as admin as root.

66
00:04:49,590 --> 00:04:54,940
You have to type in sudo in front of it so I'm going to do sudo.

67
00:04:55,080 --> 00:05:02,100
I'm going to put the admin password which is MSF admin and now what you need to modify is the last line.

68
00:05:02,100 --> 00:05:08,370
So if you can navigate down using the arrows in the keyboard and you can see that the D.V. name is set

69
00:05:08,370 --> 00:05:13,840
to meet us Floyd here you want to modify that you want to remove that and type in wise.

70
00:05:13,890 --> 00:05:19,150
So O W A S P 10.

71
00:05:19,180 --> 00:05:20,530
Now this is all done.

72
00:05:20,530 --> 00:05:21,070
It's perfect.

73
00:05:21,070 --> 00:05:26,240
Now all you have to do is just press control X to exit press y to save it.

74
00:05:27,380 --> 00:05:30,740
And hit enter and that's it.

75
00:05:30,750 --> 00:05:36,600
Now it's saved and we're ready to start penetration testing and learn how to hack into websites.