1
00:00:00,240 --> 00:00:02,140
Hello everybody and welcome back.

2
00:00:02,740 --> 00:00:08,970
And in the previous editorial we covered some of the basic networking terms which you will need to know

3
00:00:08,970 --> 00:00:15,570
in order to follow up with this course now these are just some of the basic terms not really widely

4
00:00:15,750 --> 00:00:16,530
explained.

5
00:00:16,710 --> 00:00:21,200
If you want to know more about some of those terms that I covered in the previous video you can always

6
00:00:21,210 --> 00:00:24,450
google any of them and just learn more about them.

7
00:00:25,440 --> 00:00:32,610
But in this video we will cover some of the hacking terms that you need to know in order to better understand

8
00:00:32,660 --> 00:00:35,940
what we will be doing in the next lectures.

9
00:00:35,940 --> 00:00:38,450
So I will just write to you.

10
00:00:38,930 --> 00:00:44,460
I will open leaf bed which is basically something like no pet just in minutes in here.

11
00:00:44,550 --> 00:00:47,760
I will write one by one the terms that we cover.

12
00:00:48,120 --> 00:00:54,530
So now the first hacking term which is also beginning process in ethical hacking is called foot printing.

13
00:00:56,550 --> 00:00:59,020
Now you might be asking now what is foot printing.

14
00:00:59,020 --> 00:01:02,250
Well basically it is just the same as it says it is.

15
00:01:02,310 --> 00:01:11,160
It's just um getting as many information about for example a company as you can before you attack them.

16
00:01:11,160 --> 00:01:15,240
Now let's say a client asks you to test his company or his.

17
00:01:15,360 --> 00:01:17,110
Yes his company website.

18
00:01:17,460 --> 00:01:22,570
And you want to you want to get as much information as you can.

19
00:01:22,680 --> 00:01:30,470
Now one of the most common methods for doing that would probably be Google hacking which is basically

20
00:01:30,470 --> 00:01:36,710
just opening Google and searching for files or anything that is uploaded on the Internet which may help

21
00:01:36,710 --> 00:01:39,330
you in further attacks.

22
00:01:39,350 --> 00:01:46,550
There is also a Web site called showdown and the it is basically used to discover vulnerable devices

23
00:01:46,670 --> 00:01:47,950
on the Internet.

24
00:01:48,200 --> 00:01:53,060
You can use that in order to check if any of those devices that belong to the companies vulnerable to

25
00:01:53,150 --> 00:01:56,150
any of the known attacks.

26
00:01:56,150 --> 00:01:58,770
Now we will cover all of those tools.

27
00:01:58,920 --> 00:02:00,200
Uh don't worry.

28
00:02:00,200 --> 00:02:06,150
We will cover that one by one in detail and you will know better what am I talking about.

29
00:02:06,440 --> 00:02:12,200
But also there is one more tool which is I don't I don't think it is that known but it is called harvester.

30
00:02:12,220 --> 00:02:18,410
I'm not sure we haven't installed in the clinics we might have if we don't we will install it.

31
00:02:18,500 --> 00:02:25,700
Uh harvester is basically used for uh gathering the emails for a certain domain.

32
00:02:25,700 --> 00:02:32,940
For example you want together all of the emails that belong to Apple company for example.

33
00:02:33,200 --> 00:02:41,120
You just type the domain name and the harvester will basically automatically go over to Google and there

34
00:02:41,120 --> 00:02:46,580
are a bunch of other options that I will show you but um plainly it will go over to Google and search

35
00:02:46,580 --> 00:02:50,460
for all the e-mails available that that belong to that domain.

36
00:02:51,010 --> 00:02:59,070
So you basically get a list of all the e-mails that belong to a certain company that you're attacking.

37
00:02:59,290 --> 00:03:07,540
Now that is basically foot printing so we will cover that firstly in the one of the next lectures.

38
00:03:07,640 --> 00:03:14,270
Once you finish foot printing then comes the next thing the next process in the process of ethical hacking

39
00:03:14,270 --> 00:03:17,050
which is scanning an enumeration.

40
00:03:17,120 --> 00:03:24,080
So I will just write that out right here scanning and enumeration now for printing basically it gets

41
00:03:24,080 --> 00:03:31,070
you the information without actually testing or without actually attacking the company itself or the

42
00:03:31,090 --> 00:03:33,890
website or whatever it is you are testing.

43
00:03:35,230 --> 00:03:42,890
No scanning basically does is it says it is just scanning the company network for example in order to

44
00:03:42,890 --> 00:03:49,610
discover what versions of software they are running what ports they have open what operating system

45
00:03:49,610 --> 00:03:52,600
are they running on their machines and more and more.

46
00:03:52,670 --> 00:03:57,680
Now you might have heard for this program you probably have if you have any ethical hacking knowledge

47
00:03:57,680 --> 00:04:00,390
from before it is called and map.

48
00:04:00,660 --> 00:04:06,380
Let me just type here and map this is the program that you will cover in details.

49
00:04:06,380 --> 00:04:09,090
It is basically use to scan a network.

50
00:04:09,170 --> 00:04:14,600
You can use it to scan the Web site or an hour range of IP addresses if you want to.

51
00:04:14,990 --> 00:04:21,560
You can discover with it what ports are open on the certain Web site or on a certain machine or on more

52
00:04:21,560 --> 00:04:22,460
machines.

53
00:04:22,460 --> 00:04:26,380
You can also discover what operating system it has.

54
00:04:26,380 --> 00:04:32,810
And it basically just prints you out with bunch of operating systems and it shows the possibility of

55
00:04:32,810 --> 00:04:40,620
having that operating system in percentage it is most likely accurate but there are times when it just

56
00:04:40,620 --> 00:04:46,800
gives you are wrong operating system but knows I didn't have that much.

57
00:04:46,800 --> 00:04:53,030
Now also what an app can do is discover the version of software running on an open port.

58
00:04:53,050 --> 00:04:58,060
So for example you have an edgy DP port open and you're running a website.

59
00:04:58,180 --> 00:05:05,260
The End Method the end up has the ability to discover for example what web server are you running on

60
00:05:05,260 --> 00:05:06,090
that port.

61
00:05:06,250 --> 00:05:12,520
So it might print out a patch it to or anything else that you're running there which basically just

62
00:05:12,520 --> 00:05:18,220
keeps out the banner in order for us to grab it and find out what version you're running.

63
00:05:18,220 --> 00:05:24,280
Now as I said we will cover all of that in the details from now on you just need to know theoretically

64
00:05:24,400 --> 00:05:25,560
what it basically does.

65
00:05:26,320 --> 00:05:29,470
And we will cover it practically later on.

66
00:05:29,470 --> 00:05:34,800
Now the next thing you also need to know is system hacking.

67
00:05:37,090 --> 00:05:43,570
This is a very important part because this is actually the part where we discover a way to enter the

68
00:05:44,140 --> 00:05:50,230
machine for example no system hacking is usually done with back doors backdoor is our program that you

69
00:05:50,230 --> 00:05:56,620
run on our victim P.C. and it basically gives you full access to that P.C. without the victim knowing

70
00:05:56,620 --> 00:06:05,090
that now back doors usually have some of the options such as being able to execute commands on the victim's

71
00:06:05,090 --> 00:06:12,260
P.C. being able to access a microphone the web camera being able to screenshot the screen being able

72
00:06:12,260 --> 00:06:18,800
to upload download files change files and for example upload a key logger which will give us back our

73
00:06:18,800 --> 00:06:28,190
keystrokes that the victim is type again in there on their keyboard basically back doors are detectable.

74
00:06:28,200 --> 00:06:34,560
The ones we will cover in the Intermediate section can be detected because they are mostly widely used

75
00:06:34,710 --> 00:06:37,070
by every ethical hacker ever.

76
00:06:37,380 --> 00:06:44,430
So in the event section will code our own back doors that will be fully undetectable by any antivirus

77
00:06:44,880 --> 00:06:45,420
available

78
00:06:48,260 --> 00:06:49,100
now.

79
00:06:49,120 --> 00:06:53,860
Note the current system hacking we can go on until the malware.

80
00:06:53,950 --> 00:07:02,330
Now you most likely know what varies but basically malware is malicious program now by malicious I mean

81
00:07:02,450 --> 00:07:05,060
it can be any program that does damage to your P.C..

82
00:07:05,060 --> 00:07:14,160
For example let's say you make a program a simple program that just creates files in an infinite loop.

83
00:07:14,240 --> 00:07:17,240
So basically it creates infinite files.

84
00:07:17,300 --> 00:07:22,760
Now that program will most likely make your P.C. crash before you get too close it.

85
00:07:22,880 --> 00:07:31,540
So it is basically our version of a malware since it makes your P.C. crash and it doesn't do any good.

86
00:07:31,690 --> 00:07:32,350
Now.

87
00:07:32,650 --> 00:07:41,040
Most known terms for malware are worms Trojans and viruses will be also coding some of the malware.

88
00:07:41,050 --> 00:07:44,510
But we are not really interested in that for now.

89
00:07:44,620 --> 00:07:52,240
Since those programs really don't have any use except to destroy someone's machine so we wont be covering

90
00:07:52,240 --> 00:07:57,060
that much of malware that will surely go over it.

91
00:07:57,640 --> 00:08:02,900
Now the next thing you want to know is what is sniffing mobs.

92
00:08:02,960 --> 00:08:08,090
Sniff sniff saying Sorry I can type at the moment.

93
00:08:08,510 --> 00:08:16,390
Well basically sniffing is an action where you as it says sniff someone elses packets.

94
00:08:16,390 --> 00:08:22,450
Now you shouldn't be doing that but in some cases in some ethical hacking projects you might need to

95
00:08:22,450 --> 00:08:25,020
do that in order to gather some of the information.

96
00:08:25,060 --> 00:08:31,360
For example a password can be hacked to sniffing for example on a local network.

97
00:08:31,360 --> 00:08:35,390
If you run a man in the middle attack and you sniff others packets.

98
00:08:35,590 --> 00:08:42,450
If someone logs into a to a website that is in G.P.S. you will see their password in plaintext from

99
00:08:43,030 --> 00:08:49,180
the tool that you most likely we will use for sniffing is called Wild shark.

100
00:08:49,180 --> 00:08:55,900
It is a widely known tool and it is used to just basically go over the packets that are going through

101
00:08:55,900 --> 00:09:04,450
your network interface card so now that we covered but sniffing is we can go to social engineering.

102
00:09:06,400 --> 00:09:12,870
No this is something very important as it is most likely to get you into a company or any other machine

103
00:09:12,900 --> 00:09:19,380
or basically to hack anything you want to since in the social engineering attacks you don't really attack

104
00:09:19,470 --> 00:09:23,230
the machine itself as much as you attack the person.

105
00:09:24,160 --> 00:09:31,180
So for example I always say why would you hack a Wi-Fi from a restaurant for example if you can just

106
00:09:31,300 --> 00:09:34,240
ask someone what is the Wi-Fi password.

107
00:09:34,390 --> 00:09:38,960
Now it is a simple simple use of social engineering for example.

108
00:09:39,070 --> 00:09:41,740
Not really that good one but is an example.

109
00:09:41,740 --> 00:09:45,220
So social engineering basically means attacking people.

110
00:09:45,250 --> 00:09:47,600
Now what I mean by attacking people.

111
00:09:47,800 --> 00:09:53,160
Well let's say for example I make a backdoor I called a backdoor.

112
00:09:53,280 --> 00:10:00,000
Now what are the chances of someone opening an executable file that looks suspicious.

113
00:10:00,000 --> 00:10:06,660
Well not big chances but if you for example change the icon of that file to be a picture and you change

114
00:10:06,660 --> 00:10:17,220
the name of that file to be a dot JP JP G or BMG there the chances of someone opening the file increased

115
00:10:17,220 --> 00:10:17,780
drastically

116
00:10:21,540 --> 00:10:26,790
so let's say for example you know something about the person that you want to hack and you just send

117
00:10:26,790 --> 00:10:29,930
them a fake email from someone they know.

118
00:10:29,930 --> 00:10:37,050
And in that email you send basically that picture which is a hidden backdoor and they open the picture

119
00:10:37,380 --> 00:10:45,300
and the backdoor just installs itself deeply in the system without them even knowing that that is basically

120
00:10:45,300 --> 00:10:47,220
what social engineering is.

121
00:10:47,370 --> 00:10:52,860
It is a method of attacking people and not the machine.

122
00:10:52,860 --> 00:10:57,260
Now now that we cover that we can go on to the next step which is denial of service

123
00:11:00,360 --> 00:11:02,990
now denial of service is basically what it says.

124
00:11:03,000 --> 00:11:04,020
It's just you.

125
00:11:04,050 --> 00:11:07,630
It is used to crash someone's Web site or machine.

126
00:11:07,680 --> 00:11:14,310
So basically you send a lot of packets which the website cannot handle and basically just crashes and

127
00:11:14,310 --> 00:11:16,930
nobody else is able to connect to it anymore

128
00:11:20,120 --> 00:11:21,320
in order to perform.

129
00:11:21,350 --> 00:11:24,080
And now it's denial of service attacks.

130
00:11:24,110 --> 00:11:31,040
You will need a bunch of pieces in order to be able to crash anything so you can perform a denial of

131
00:11:31,040 --> 00:11:36,760
service attack with one P.C. you won't be crashing anything because there are not enough packages that

132
00:11:36,770 --> 00:11:41,510
can be sent in order to crash a website for example.

133
00:11:41,510 --> 00:11:46,520
But if you make a command and control center for example and send a bunch of back doors to bunch of

134
00:11:46,520 --> 00:11:52,370
pieces and they all run the same command at the same time which is sending packets to the website they

135
00:11:52,370 --> 00:11:53,900
will be able to crash it.

136
00:11:53,930 --> 00:12:00,080
Now depending on the website some of them are easier to crash and some of them are harder to crash but

137
00:12:00,140 --> 00:12:04,830
you get the basic idea now.

138
00:12:05,790 --> 00:12:11,070
We will cover ask you all and accesses cross-eyed scripting.

139
00:12:11,070 --> 00:12:12,690
Let me just find this exercise.

140
00:12:12,760 --> 00:12:14,790
I'll just type it like here.

141
00:12:14,790 --> 00:12:21,180
Well basically here we exploit the user name input not the user name but any input.

142
00:12:21,210 --> 00:12:30,840
For example the basic example of a Eskil injection would be let's say you have an online shop and someone

143
00:12:30,900 --> 00:12:35,930
didn't filter out the requests that you put in the search bar well enough.

144
00:12:35,940 --> 00:12:43,600
So if you type here a code for example it will be you read website as part of their website code.

145
00:12:44,040 --> 00:12:48,450
So you'll be running code on their Web site and you should not be able to do that.

146
00:12:48,510 --> 00:12:55,890
Now these attacks are only available because of the poor programming of your Web site.

147
00:12:55,890 --> 00:13:03,430
They didn't program it well enough they didn't filter out the user input so that is a skill.

148
00:13:03,550 --> 00:13:08,660
Now we will cover also Wi-Fi hacking in detail.

149
00:13:08,680 --> 00:13:14,830
Now there are a bunch of methods to attack Wi-Fi with the CPE Eugene you whatever you want.

150
00:13:14,920 --> 00:13:21,290
Now most of the courses that I saw did not even cover the attacking of Wi-Fi with cheap you.

151
00:13:21,520 --> 00:13:22,450
I didn't know why.

152
00:13:22,450 --> 00:13:29,170
Because well basically the most common method is would air crack program which hacks or not hacks which

153
00:13:29,560 --> 00:13:31,960
tries to break the password of Wi-Fi.

154
00:13:32,050 --> 00:13:42,980
We see you now the power of the CPO is fast but the power of the your graphics card will be much much

155
00:13:42,980 --> 00:13:52,840
better for hacking Wi-Fi because when you have Wi-Fi you basically get the hashed password and you don't

156
00:13:52,850 --> 00:13:58,100
know you don't see it in plain text and you need the power of our CPO or power of your graphics card

157
00:13:58,160 --> 00:14:06,020
in order to crack that password hash and much faster method is to crack with your graphics card.

158
00:14:06,020 --> 00:14:14,150
We will also cover the attacking of Wi-Fi on an enterprise bar less which will basically use to make

159
00:14:14,630 --> 00:14:20,930
a fake log in page where someone will enter their password for wireless.

160
00:14:20,930 --> 00:14:30,320
We can also make an evil twin which is basically a method where you reproduce the exact the exact same

161
00:14:30,710 --> 00:14:38,180
wireless hotspot and with enough signal available to the victims you can make them connect to your wireless

162
00:14:38,210 --> 00:14:41,510
instead of their wireless their real virus.

163
00:14:41,510 --> 00:14:46,160
So basically just to authenticate everyone from the real wireless and they will automatically connect

164
00:14:46,160 --> 00:14:52,210
back to your wireless and therefore you can watch all of the data that is going through.

165
00:14:52,240 --> 00:14:58,630
And also if they need to log in in order to use the bar less you will catch your day password now we

166
00:14:58,630 --> 00:15:04,370
will also cover mobile hacking in the mostly mobile hacking.

167
00:15:04,400 --> 00:15:12,290
We will cover the android attacks because their mind than and eyes but we will also cover some of the

168
00:15:12,290 --> 00:15:14,960
apple attacks.

169
00:15:15,200 --> 00:15:21,740
For example let's say you make an application which looks like a widget application and you install

170
00:15:21,740 --> 00:15:24,510
it on someone's mobile phone.

171
00:15:24,560 --> 00:15:29,010
You will be able to access all of their messages calls send messages.

172
00:15:29,090 --> 00:15:35,410
You can watch files pictures download upload and all of that without them knowing it.

173
00:15:35,600 --> 00:15:36,620
Now how we do that.

174
00:15:36,680 --> 00:15:42,440
Well basically we need to create something like a backdoor just for the android device for example.

175
00:15:42,470 --> 00:15:50,810
The problem with this method is that they need to click on a certain part which can be suspicious.

176
00:15:50,810 --> 00:15:56,750
I will show you when we get to that but we will try to make that as less suspicious as we can.

177
00:15:56,750 --> 00:16:00,350
Now there is also one more thing we need to cover which is cryptography

178
00:16:02,810 --> 00:16:08,740
well you probably know what cryptography is but that is basically a method of protecting your information

179
00:16:10,040 --> 00:16:10,510
now.

180
00:16:10,520 --> 00:16:14,240
For example you have a passport password hashes.

181
00:16:14,290 --> 00:16:18,080
Now they're hashed for a reason.

182
00:16:18,110 --> 00:16:24,660
So some of the attacks such as sniffing can be used to seed the password and steal it.

183
00:16:24,860 --> 00:16:30,170
You can steal the password but it won't be in the plain text it will be encrypted and you will need

184
00:16:30,170 --> 00:16:31,550
to decrypt it.

185
00:16:31,790 --> 00:16:39,590
And if the password this big and uses numbers letters symbols and all of that it will be very hard for

186
00:16:39,590 --> 00:16:43,660
the attacker to decrypt your password now.

187
00:16:43,680 --> 00:16:49,280
Cryptography is used so that only the use of codes it basically uses coding.

188
00:16:49,320 --> 00:16:56,810
So Tony those for whom the information is intended can read and process it and nobody else can.

189
00:16:56,940 --> 00:17:04,050
We will cover some of the basic cryptography methods but we will only touch it a little bit since cryptography

190
00:17:04,110 --> 00:17:05,820
is of course itself.

191
00:17:05,820 --> 00:17:12,900
It has a lot of stuff to it and we won't be able to cover all of that but we will just barely touch

192
00:17:12,900 --> 00:17:15,860
it in order for you to understand what that is.

193
00:17:17,410 --> 00:17:24,040
So that's about it for these basic terms now as well as the networking terms you can if you want to

194
00:17:24,040 --> 00:17:31,450
search these more search more about these online and read about them to cover all of them theoretically

195
00:17:31,450 --> 00:17:37,350
and practically later on in the intermediate in the Intermediate section.

196
00:17:37,540 --> 00:17:43,870
And basically we will code some of our own tools in the advance section the footprint in part we will

197
00:17:43,870 --> 00:17:44,210
cover.

198
00:17:44,210 --> 00:17:49,630
Now in the beginning section I will show you Google hacking these showdowns website and the harvester

199
00:17:49,640 --> 00:17:50,970
in order to get e-mails.

200
00:17:51,850 --> 00:17:56,100
And until then I hope I hope you have a great day.

201
00:17:56,110 --> 00:17:58,380
And I will see you later.

202
00:17:58,480 --> 00:17:58,720
Bye.