1 00:00:00,570 --> 00:00:07,050 Gathering some domains is a great way to find new targets, and we can use the search engine subdomains 2 00:00:07,050 --> 00:00:07,900 collected, actually. 3 00:00:08,760 --> 00:00:15,390 So in order to do that, we have to use, we have to get started with it, starting with Metasploit 4 00:00:15,390 --> 00:00:17,400 Framework console and. 5 00:00:18,800 --> 00:00:26,900 We will use the actually model together subdomains about the domain from Yahoo and being so together 6 00:00:26,900 --> 00:00:28,410 subdomains for a MORTALIDAD domain. 7 00:00:28,430 --> 00:00:30,350 We just need to set the target domain. 8 00:00:30,350 --> 00:00:39,170 So let's quickly perform on a test, which means that I'm so versatile we will use we have to use oxygen 9 00:00:39,170 --> 00:00:50,300 models or use of ciliary gather a search engine, search engine, subdomains collector. 10 00:00:50,540 --> 00:00:57,500 And here let's see what options we have we have in Bing, Yahoo and IP search we have. 11 00:00:58,010 --> 00:01:02,780 Uh, as you can see, the required no targets, so we have to give the targets. 12 00:01:02,780 --> 00:01:14,660 So, uh, set targets, take bins that contact bins, dot com and uh, let's run axillary exploit here. 13 00:01:16,740 --> 00:01:20,820 A year searching being for subdomains from técnicas domain that. 14 00:01:35,330 --> 00:01:42,020 And now searching a Yahoo for subdomains from tech means that this is our web site. 15 00:01:44,200 --> 00:01:48,760 Unless you can see here, actually the London execution completed. 16 00:01:50,080 --> 00:01:50,560 So. 17 00:01:58,800 --> 00:02:01,440 And, you know, it's got to be this. 18 00:02:03,550 --> 00:02:06,580 You're one my exclusion completed. 19 00:02:07,060 --> 00:02:08,320 And what we have here. 20 00:02:10,790 --> 00:02:13,940 For example, so are these tech. 21 00:02:14,590 --> 00:02:23,210 Website is our most popular in Bing or Yahoo, and as you can see, we have not any output here, so 22 00:02:23,210 --> 00:02:28,070 we will use, for example, Microsoft, Microsoft, that Chrome here, for example. 23 00:02:30,160 --> 00:02:31,090 And let's run. 24 00:02:44,040 --> 00:02:49,290 Actually, indistinct pins that come to me, we have looked domains, actual subdomains as well. 25 00:02:49,710 --> 00:02:53,610 We have just an email subdomain indicating that. 26 00:02:54,910 --> 00:02:58,000 And it is not popular is being or Yahoo. 27 00:02:58,420 --> 00:03:04,240 And because of that, we can not couldn't seen any outputs here. 28 00:03:04,600 --> 00:03:13,750 So as you can see here we can we can see Microsoft's sub domain search, searching for being subdomains 29 00:03:13,750 --> 00:03:15,250 for this IP. 30 00:03:15,260 --> 00:03:23,590 This is, I think he found a Metasploit plant, this IP address from these match of the com. 31 00:03:24,190 --> 00:03:25,870 And here we can see. 32 00:03:26,380 --> 00:03:26,790 Um. 33 00:03:32,290 --> 00:03:33,340 The results here. 34 00:03:37,710 --> 00:03:42,000 And as you can see in my soul and like that, so. 35 00:03:48,210 --> 00:03:48,500 OK. 36 00:03:49,920 --> 00:03:55,930 So, uh, we interrupted because of that, we don't fund, as you can see, by using this, uh, actually 37 00:03:55,950 --> 00:03:57,810 model, you can, uh, fund. 38 00:03:58,980 --> 00:04:02,040 You can find the supplements of your Typekit domain. 39 00:04:02,040 --> 00:04:04,350 So the minimum, actually, it's not a target, of course. 40 00:04:04,360 --> 00:04:10,170 Uh, this is just impressive of, uh, technically and it's not illegal, as you know. 41 00:04:10,800 --> 00:04:17,790 So the search engine sub domains collector actually model helped us, uh, to find the new subdomains. 42 00:04:18,090 --> 00:04:24,270 And uh, so now that we have a good idea about the capabilities of some of the basic models, so let's 43 00:04:24,270 --> 00:04:27,180 try the big guns here in the next next year.