1
00:00:00,420 --> 00:00:01,040
Hello everybody.

2
00:00:01,110 --> 00:00:06,370
And welcome back to our broad forcing basic authentication part right now.

3
00:00:06,420 --> 00:00:11,930
We coded a simple banner we imported the functions and the libraries that we will need.

4
00:00:11,940 --> 00:00:17,580
And we also made a simple name equals main part of the program that will run our first function.

5
00:00:17,580 --> 00:00:22,760
Now what we want to do is we want to make this start function actually run all the other functions.

6
00:00:22,890 --> 00:00:28,140
So we will code everything important in this Start function.

7
00:00:28,140 --> 00:00:34,990
Then after that we need to also make a function that will actually launch our threads.

8
00:00:35,220 --> 00:00:39,780
Basically since we'll will be using threads to perform this and then we will need to make a function

9
00:00:39,780 --> 00:00:48,060
which will actually check if our if our actual authentication was successful or not.

10
00:00:48,060 --> 00:00:52,500
Basically what that means is if we actually got the password right or we didn't.

11
00:00:52,530 --> 00:00:55,690
So let us see how we can do that.

12
00:00:55,800 --> 00:01:00,540
Now the first thing that we actually want to do in our staff function is a simple banner printing.

13
00:01:00,540 --> 00:01:07,020
So we want to print the banner first that every running of this and what we want to do is basically

14
00:01:07,020 --> 00:01:11,220
first of all count how many arguments we actually want to have.

15
00:01:11,220 --> 00:01:17,220
So what do we want to have we want to have the argument where we will specify the user name who want

16
00:01:17,220 --> 00:01:20,310
to argue to have the argument for specify the password.

17
00:01:20,310 --> 00:01:23,160
We want to have the argument where we will specify the.

18
00:01:23,370 --> 00:01:29,310
You are out to the website that we are trying to brute force in our case we will test on my router.

19
00:01:29,310 --> 00:01:33,090
Make sure to test on the website that you have permission to test on.

20
00:01:33,090 --> 00:01:38,820
And also we want to specify the basically the threats option.

21
00:01:38,820 --> 00:01:46,340
How many threats we actually want to run so let us see how we can do that.

22
00:01:46,630 --> 00:01:49,830
Basically let us try something like this.

23
00:01:49,840 --> 00:01:53,050
So we will run the try and acceptable right here.

24
00:01:53,050 --> 00:02:00,790
So try and we will use the get up the library that we imported so we will use two variables to store

25
00:02:00,820 --> 00:02:01,030
this.

26
00:02:01,030 --> 00:02:13,320
So ops and arguments equal get opt out get opt and then are we might come up and then between the double

27
00:02:13,320 --> 00:02:18,810
quotes what we want to specify is basically the letters that we will use for our arguments.

28
00:02:19,170 --> 00:02:28,290
So for example let's for the user use you we for the euro let's load W for The File which we need to

29
00:02:28,290 --> 00:02:33,840
store our passports so we need to make an option where we will actually pick a file for our password

30
00:02:33,840 --> 00:02:34,550
list.

31
00:02:34,680 --> 00:02:39,960
Let's use the F option so f for file and the four threads.

32
00:02:40,170 --> 00:02:47,460
So what our program will need to do will specify the URL will W will specify the user name for the brute

33
00:02:47,460 --> 00:02:54,360
forcing we the file that has passwords that we want to use for brute forcing will be f and then the

34
00:02:54,360 --> 00:02:59,340
number of threads will be deep but before we actually finish this command we need to separate them with

35
00:02:59,340 --> 00:03:04,200
two dots so separate each one of them with two dots and close the brackets.

36
00:03:04,200 --> 00:03:10,920
So right now this should be finished but since around the tri command we need to accept.

37
00:03:10,920 --> 00:03:19,410
So we want to use the any get up error which we can do with this command so except get opt not and get

38
00:03:19,710 --> 00:03:30,420
opt out or we are just basically can print for example error on arguments and then we close this and

39
00:03:30,420 --> 00:03:37,220
then we can use this dot exit in order to close our program so let's see what we need for now.

40
00:03:37,220 --> 00:03:41,360
Basically what we tried we actually gave to these two variables.

41
00:03:41,360 --> 00:03:47,270
We actually get to opt to use to get up library and we set the number of things that we want to specify

42
00:03:47,270 --> 00:03:48,500
with our options.

43
00:03:48,500 --> 00:03:51,640
We said the user name file your URL and threats.

44
00:03:51,770 --> 00:03:56,660
And we also printed the try and accept a statement which will actually print etcetera on our comments

45
00:03:56,660 --> 00:04:00,720
if we forget to specify some argument or something like that.

46
00:04:00,740 --> 00:04:05,190
Now what we want to do right now is actually specify what you to each of these options.

47
00:04:05,300 --> 00:04:10,490
Each of these options are since our code doesn't really know that we want to specify have to be a file

48
00:04:11,000 --> 00:04:14,360
with passwords we need to tell that to our program.

49
00:04:14,450 --> 00:04:18,470
So how we can do that we can do that simply with this.

50
00:04:18,500 --> 00:04:20,410
So let me just.

51
00:04:20,810 --> 00:04:24,160
Just PRESENTER And we'll do that all in these start functions.

52
00:04:24,170 --> 00:04:30,020
So make sure to be still in start function and we want to use what we gave to these two variables.

53
00:04:30,020 --> 00:04:39,620
So for ops we use the for loop for ops comma ARG in options or basically not.

54
00:04:39,650 --> 00:04:46,100
So basically what we used for opt and the arc of which is basically are variables that we do not really

55
00:04:46,100 --> 00:04:47,180
have.

56
00:04:47,210 --> 00:04:53,680
This is just variables named that I picked and in op so I could have just type here I.

57
00:04:54,020 --> 00:05:00,590
But it would make any sense so let's just leave this in orbit which is this that we said to this variable

58
00:05:00,590 --> 00:05:06,210
to be variable to be we want to actually select what each of that will be.

59
00:05:06,200 --> 00:05:13,790
So for example if opt equals equals minus you let's do it like this.

60
00:05:13,850 --> 00:05:21,220
So minus you which is for the user then let's say user equals arc.

61
00:05:21,240 --> 00:05:24,860
Now let's do that for all of these other options as well

62
00:05:29,810 --> 00:05:40,270
so the next thing would be else if OP equal equals w or minus W is that is how we both specify the commands.

63
00:05:40,270 --> 00:05:45,520
There w is for the EU or so your l will be equal to mark then.

64
00:05:45,590 --> 00:05:56,820
Else if option equals equals to minus f or let me use the single quote since I started everything else

65
00:05:56,820 --> 00:06:03,340
with the single quotes the let's call it Dick Show or however we want to call it equals arc.

66
00:06:03,480 --> 00:06:06,390
You can just use dictionary dictionary or file name.

67
00:06:06,390 --> 00:06:10,830
So for example let's use the pass list.

68
00:06:10,830 --> 00:06:18,150
Maybe that is easier for you to actually understand than dictionary and we want to set that to also

69
00:06:18,150 --> 00:06:21,920
be equal to the arguments so and else if for the last one.

70
00:06:22,710 --> 00:06:26,940
Opt equals equals and then codes minus Steve.

71
00:06:28,500 --> 00:06:31,860
We want to set threads to be equal to arg.

72
00:06:32,160 --> 00:06:38,670
So what we did right here is we specified what will which the letter means so user it will be minus

73
00:06:38,670 --> 00:06:39,100
your.

74
00:06:39,180 --> 00:06:45,870
You are a minus W D past list will be minus F for the file and then minus t will be threads

75
00:06:49,110 --> 00:06:55,160
so what we want to actually do right now is we want to actually first of all open the file for readings

76
00:06:55,160 --> 00:07:01,620
since we can't really brute force the passwords if we do not open default to read it.

77
00:07:01,940 --> 00:07:08,810
Now we will open the model just make a simple password that links and password file the triple use for

78
00:07:08,810 --> 00:07:10,620
this doesn't really matter.

79
00:07:10,790 --> 00:07:19,650
We'll have to open it and then we will have to code a function that will actually take an input of our

80
00:07:19,650 --> 00:07:21,860
passwords threads user names and you are out.

81
00:07:22,530 --> 00:07:30,060
So let us see how we can actually do this so all we have to do right now in this function is actually

82
00:07:30,240 --> 00:07:34,920
open the file so we will do that with try and accept rule.

83
00:07:34,980 --> 00:07:40,990
So we actually can prompt users with the narrower if the file for example doesn't exists even the specified

84
00:07:41,000 --> 00:07:43,180
the wrong name for a file.

85
00:07:43,260 --> 00:07:44,280
Our program will crash.

86
00:07:44,280 --> 00:07:51,120
So we want to run the try and acceptable so we'll just type your F equals open and then we need to specify

87
00:07:51,150 --> 00:07:56,950
the name of the file to be passed lists since we specified minus f option to be equal to past lists.

88
00:07:56,970 --> 00:08:03,990
So make sure to name it the same right here and all we want to do is open the file loops for reading

89
00:08:04,020 --> 00:08:07,770
since we will be reading from that file for our passwords.

90
00:08:07,770 --> 00:08:11,990
Now there is an option to read each line by line.

91
00:08:12,120 --> 00:08:15,050
So in Python that is called read lines.

92
00:08:15,060 --> 00:08:20,420
So we want the passwords variable so passwords will be equal to f dot read lines.

93
00:08:21,680 --> 00:08:29,000
So for example if we have a program or file with password that is basically five passwords long the

94
00:08:29,000 --> 00:08:36,680
passwords variables will be each line of that we need to specify that in order for our program to know

95
00:08:36,750 --> 00:08:41,210
or to you that it has to use only one password while both forcing.

96
00:08:41,210 --> 00:08:43,670
So let us now call the.

97
00:08:43,730 --> 00:08:45,780
Or code the accept function.

98
00:08:45,920 --> 00:08:57,380
So basically we want to print can't open that file or let the sexually ad this read here to be as an

99
00:08:57,500 --> 00:08:58,010
error.

100
00:09:00,180 --> 00:09:04,450
Let's also do it right here so it doesn't look like this.

101
00:09:05,160 --> 00:09:07,070
We will print all of the errors.

102
00:09:07,070 --> 00:09:13,730
We did double exclamation marks and we'll print one did find the password with the plus mark so we can

103
00:09:13,730 --> 00:09:19,880
actually differentiated and all we want to do right now is actually call this is not exit in order to

104
00:09:19,880 --> 00:09:26,320
close our program since we since the user didn't specify the correct command or pardon me.

105
00:09:26,320 --> 00:09:27,490
The correct program.

106
00:09:28,360 --> 00:09:34,260
And right now what we have to do after this we set our options to be good.

107
00:09:34,290 --> 00:09:38,480
So we set all of this we open the file we read passwords.

108
00:09:38,640 --> 00:09:40,050
Line by line.

109
00:09:40,050 --> 00:09:45,140
And what we want to do now is actually a lunch hour threads that we use in order to brute force.

110
00:09:45,150 --> 00:09:51,810
So we will call a function lunch or threads or threads which doesn't exist.

111
00:09:51,810 --> 00:09:56,910
We will have to code it in the next video but for now on let us just see what we have to pass to that

112
00:09:56,910 --> 00:09:57,480
function.

113
00:09:57,480 --> 00:10:05,040
And basically what we do have to pass is the things it will use in our program which is passwords and

114
00:10:05,040 --> 00:10:11,460
what we want to pass to this launch address is basically passwords which is basically the password that

115
00:10:11,460 --> 00:10:17,650
we read from this program right here for the We the option f dot read lines.

116
00:10:17,760 --> 00:10:22,110
We also want to pass the threads number of threads that we will use.

117
00:10:22,110 --> 00:10:29,950
We said that right here we need to pass the user name or we call it user.

118
00:10:30,050 --> 00:10:30,360
OK.

119
00:10:30,370 --> 00:10:31,990
So we called it on the user.

120
00:10:32,020 --> 00:10:34,480
So we will need to specify user here as well.

121
00:10:34,480 --> 00:10:39,790
And the last thing we need to specify is these you are out now where the code as I said this function

122
00:10:39,790 --> 00:10:40,960
in the next video.

123
00:10:41,440 --> 00:10:44,920
Right now we successfully coded all of these options right here.

124
00:10:44,920 --> 00:10:50,200
We need to code the launcher that function in the next video which will launch our threats which will

125
00:10:50,200 --> 00:10:53,180
help us brute force our target faster.

126
00:10:53,320 --> 00:11:01,230
We will use the threat of start to function in that uh from the uh threat library in order to do that.

127
00:11:01,270 --> 00:11:07,640
And then we will have to code a class that we will use in order to actually perform the attack itself.

128
00:11:07,660 --> 00:11:12,040
So I hope you enjoyed this video and I hope I see you in the next one.

129
00:11:12,260 --> 00:11:12,700
Bye by.