1
00:00:00,150 --> 00:00:03,460
Hello everybody and welcome back to the man in the middle section.

2
00:00:03,510 --> 00:00:11,250
Now what I want to show you before the eco cap is how you can clone any web page on the Internet and

3
00:00:11,340 --> 00:00:15,950
use it as a fake log in page or fake page on your Apache web server.

4
00:00:16,020 --> 00:00:21,090
Then you can combine the attacks we did previously in order to redirect users to that page.

5
00:00:21,120 --> 00:00:24,590
Now I will show you that it is very simple.

6
00:00:24,660 --> 00:00:27,780
Now basically let us first open our terminal.

7
00:00:27,780 --> 00:00:29,370
Let me enlarge this.

8
00:00:29,610 --> 00:00:33,670
And what you want to do before anything is check out your Apache too.

9
00:00:33,690 --> 00:00:40,230
If it is running so service Apache to status which will give you if the service is running or not.

10
00:00:40,230 --> 00:00:42,930
So as we can see my Apache too is running.

11
00:00:42,930 --> 00:00:44,610
It is active and running.

12
00:00:44,670 --> 00:00:47,100
And let me just close this.

13
00:00:48,720 --> 00:00:49,290
OK.

14
00:00:49,340 --> 00:00:52,160
In if your isn't running you just type your service.

15
00:00:52,170 --> 00:00:52,950
Apache tool.

16
00:00:53,260 --> 00:00:54,600
And then start.

17
00:00:54,660 --> 00:00:56,760
And this will start your Apache tool.

18
00:00:57,240 --> 00:01:03,900
So now that you did that how you can see that in the files that are located in that page you can basically

19
00:01:05,190 --> 00:01:13,090
first go to the this director right here which is slash var slash w w w slash h the amount.

20
00:01:13,290 --> 00:01:19,140
And here when you type your l s are all the files that you have in this current directory and all of

21
00:01:19,140 --> 00:01:24,780
the files in this current directory are also the files that will be displayed in the page.

22
00:01:24,780 --> 00:01:31,440
So let us create a simple text file so nano text not the extreme and type here.

23
00:01:31,440 --> 00:01:32,330
Hello.

24
00:01:32,370 --> 00:01:33,380
It doesn't even matter.

25
00:01:33,390 --> 00:01:38,350
So now if you type your alas we have a simple text file right here.

26
00:01:38,670 --> 00:01:44,490
So let's go to our Firefox and what you want to do is basically just type your own IP address and you

27
00:01:44,490 --> 00:01:51,690
will be redirected to your Apache to web server or web browser page which is my IP address is my 92

28
00:01:51,690 --> 00:01:53,970
dot 168 dot 1 7.

29
00:01:54,480 --> 00:02:02,600
So if we type that 180 to that 168 that one that's seven loops you will see that here we will have a

30
00:02:02,600 --> 00:02:09,690
patch two point four port 38 server running at this IP address which is my IP address on port 80 and

31
00:02:09,720 --> 00:02:18,060
we have the text of the file that we created in the slash bar slash w w w slash HDMI I'll follow but

32
00:02:18,270 --> 00:02:22,670
right now let us see how we can actually host an entire page there.

33
00:02:22,680 --> 00:02:30,030
Now in order for you to actually call on the page what you want to do is for example let's go on Facebook

34
00:02:30,030 --> 00:02:32,980
dot com if we go to the Facebook

35
00:02:35,940 --> 00:02:44,180
as soon as it loads what you want to do is right click on it and then we want to crown the page so.

36
00:02:44,350 --> 00:02:46,720
But first we need to wait for this to load.

37
00:02:46,720 --> 00:02:51,090
Not sure why it is taking so much time.

38
00:02:51,610 --> 00:02:59,780
I don't think I have a purpose it turned on so it should load successfully looking up.

39
00:02:59,790 --> 00:03:06,500
So exploit DP Let's try other trades for all that is not working.

40
00:03:06,510 --> 00:03:06,880
OK.

41
00:03:06,900 --> 00:03:09,300
So I ran out of the Internet

42
00:03:12,680 --> 00:03:14,710
server not found.

43
00:03:14,900 --> 00:03:20,620
Looks like I don't have internet at the moment so let me just restarted real quick.

44
00:03:21,140 --> 00:03:23,110
So here I am now.

45
00:03:23,210 --> 00:03:26,930
I restarted my roster and now I should be able to have Internet.

46
00:03:26,930 --> 00:03:34,570
So let me just start off where I cut the tutorial so we wanted to clone the Facebook page for example

47
00:03:34,580 --> 00:03:38,330
so you just go to the page itself or any other page one.

48
00:03:38,330 --> 00:03:40,470
Basically the principle is the same.

49
00:03:40,730 --> 00:03:46,030
So what you want to do is right click on the page and go to the Save pages.

50
00:03:46,130 --> 00:03:51,380
Now you will do this only on the Firefox browser I believe there is this plug in that you can save pages

51
00:03:51,920 --> 00:03:56,030
so you're using any other browser browser or search engine.

52
00:03:56,030 --> 00:03:59,060
I don't think there that they have this.

53
00:03:59,060 --> 00:04:00,210
They possibly could.

54
00:04:00,210 --> 00:04:02,050
They're not really sure you can try it.

55
00:04:02,240 --> 00:04:09,050
But from now on just click on the Save pages and what this will do basically equal as we can see it

56
00:04:09,050 --> 00:04:12,400
has Facebook minus log in or sign up that each team out.

57
00:04:12,440 --> 00:04:13,960
It will save it in the download.

58
00:04:13,960 --> 00:04:19,250
So just click save and we can see right here it successfully saved everything.

59
00:04:19,250 --> 00:04:25,710
So this is the entire page.

60
00:04:25,800 --> 00:04:26,820
Here it is.

61
00:04:26,820 --> 00:04:30,750
And here are the files that they are referring to for this page.

62
00:04:30,750 --> 00:04:37,320
Now by that I mean basically these pictures or anything else that there is right here.

63
00:04:37,440 --> 00:04:42,690
Basically if we go right here we can have some of the Java Script files.

64
00:04:43,290 --> 00:04:45,550
Well mostly our script files some CSF.

65
00:04:45,570 --> 00:04:49,880
So basically from this age the email page in this code right here.

66
00:04:49,890 --> 00:04:52,020
It will refer to the files in here.

67
00:04:52,020 --> 00:04:57,000
So when you want to count the page now that we downloaded everything we need we just need to copy these

68
00:04:57,000 --> 00:05:03,920
two files in our slash was large W WW slash HDMI folder which is our Apache do folder.

69
00:05:04,500 --> 00:05:07,970
So let me just close the Facebook right here.

70
00:05:07,980 --> 00:05:10,300
This is the current Apache folder.

71
00:05:10,320 --> 00:05:14,790
So we only have text on the extreme and right now.

72
00:05:14,790 --> 00:05:21,160
First we want to navigate to the downloads or root and then downloads.

73
00:05:21,510 --> 00:05:26,760
If you type here unless you will see here our two files that we need to copy.

74
00:05:26,820 --> 00:05:32,310
So one of them is safety e-mail and one of them is directory containing JavaScript files and other files

75
00:05:32,310 --> 00:05:33,090
it needs.

76
00:05:33,090 --> 00:05:39,030
So let's copy or let's actually more.

77
00:05:39,090 --> 00:05:45,970
This is the HDMI all we want to move it into r w double w h the amount.

78
00:05:46,640 --> 00:05:47,000
OK.

79
00:05:47,010 --> 00:05:52,670
So we moved one of them and now we want to move the other one into law.

80
00:05:52,670 --> 00:05:55,870
W w w h timeout and we most both of them.

81
00:05:56,530 --> 00:05:59,760
So let us just close this we do not need it anymore.

82
00:05:59,960 --> 00:06:06,700
And right now if you go to divide w w w h t amount he will see we have these files right here which

83
00:06:06,700 --> 00:06:15,990
is the directory with files needed and the H the email file now we can remove now this text or the extreme

84
00:06:16,080 --> 00:06:17,610
we do not need it anymore.

85
00:06:17,700 --> 00:06:23,460
And now if you go to the Firefox and refresh the page you will notice that it doesn't really load the

86
00:06:23,460 --> 00:06:24,300
page.

87
00:06:24,300 --> 00:06:27,810
It only loads these two files so you can download them.

88
00:06:28,060 --> 00:06:33,960
Now that is because of the thing that I was talking about in the previous videos the Apache to want

89
00:06:33,960 --> 00:06:41,160
to render out the page or the HDMI code unless the main HDMI file is called index dot HDMI well.

90
00:06:41,220 --> 00:06:49,660
So what you want to do is rename the index the file dot h the e-mail so this one into index of each

91
00:06:49,660 --> 00:06:50,030
came.

92
00:06:50,040 --> 00:06:57,030
So how we do that more Facebook outage the and we rename it to index not HDMI out.

93
00:06:57,330 --> 00:06:58,440
So right I type here.

94
00:06:58,510 --> 00:07:03,570
Alas once again we have the folder containing files and we have the index top page the amount which

95
00:07:03,570 --> 00:07:05,220
is the main page.

96
00:07:05,220 --> 00:07:09,360
So let us render the page out again so we refresh it.

97
00:07:09,680 --> 00:07:15,390
And right now you can see that we successfully cloned the Facebook page.

98
00:07:15,390 --> 00:07:22,050
So this is on our attached to web server as you can see the address is one two that one said at 1 7

99
00:07:22,500 --> 00:07:25,950
and everything else looks exactly like Facebook.

100
00:07:26,010 --> 00:07:31,190
Now what you can do is basically use the attacks we did before for example that man in the middle of

101
00:07:31,200 --> 00:07:32,680
DNS spoofing attack.

102
00:07:32,910 --> 00:07:38,170
You can just redirect or try to redirect the real Facebook page to this IP address right here.

103
00:07:38,280 --> 00:07:44,550
And any time now or basically any website that you can you can just if someone typed Facebook dot com

104
00:07:44,550 --> 00:07:49,770
in their browser while you're performing they are spoofing and DNS attack they will be redirected to

105
00:07:49,770 --> 00:07:52,500
this Facebook page which looks identical.

106
00:07:52,500 --> 00:07:58,740
The only thing they can actually notice which would be different than the real Facebook page is the

107
00:07:58,920 --> 00:07:59,710
link right here.

108
00:07:59,790 --> 00:08:07,910
So in the real Facebook page if we go to it you can see that it has a legitimate G.P.S. link with the

109
00:08:07,910 --> 00:08:09,340
green thing right here.

110
00:08:09,410 --> 00:08:15,290
Green Block and here it is basically just the IP address of our calisthenics machine.

111
00:08:15,290 --> 00:08:16,850
So that is the only difference.

112
00:08:16,850 --> 00:08:22,730
And right here we also see that it didn't really render the Facebook sign for some reason possibly it's

113
00:08:22,730 --> 00:08:25,210
not in the file but it doesn't really matter.

114
00:08:25,460 --> 00:08:32,120
And this type of attack or this type of cloning you can do for any page you want you're just right click

115
00:08:32,120 --> 00:08:38,630
on it save pages and then you rename the main file manage the email file into indexed updates the amount

116
00:08:38,690 --> 00:08:44,460
and then you paste all the files in the slash fasteners w w w slash page the amount.

117
00:08:44,510 --> 00:08:48,630
So I just wanted to show you that and that would be it for this trio.

118
00:08:48,680 --> 00:08:53,600
And now we will finally go to the ether cap in the next one and I hope I see you there by.