1 00:00:01,260 --> 00:00:04,310 Hello, everyone, welcome to this video. 2 00:00:05,250 --> 00:00:16,470 So I assume till now you have learned about XHTML and you know how the basics of HTML work, so it's 3 00:00:16,470 --> 00:00:25,500 time to jump into HDMI injection attacks and understand how you can find a general election in any target 4 00:00:25,500 --> 00:00:26,090 website. 5 00:00:27,000 --> 00:00:31,530 Before that, let's understand what exactly is a Tmall election. 6 00:00:32,190 --> 00:00:40,980 So it is a type of vulnerability which occurs in Web application that allows users to insert HDMI cord 7 00:00:41,340 --> 00:00:48,000 via specific parameters, which we also call this entry points or injection points. 8 00:00:48,830 --> 00:00:57,900 Always remember, XHTML election can only be exploited with the help of social engineering attacks. 9 00:00:58,320 --> 00:01:08,250 That basically means we are going to trick valid users of the application to fall for our XHTML injected 10 00:01:08,250 --> 00:01:18,210 web page so that they give their credentials into our fake login forms or a malicious website so that 11 00:01:18,210 --> 00:01:20,570 we capture their cookies and credentials. 12 00:01:21,270 --> 00:01:21,770 All right. 13 00:01:21,780 --> 00:01:30,540 So now we understand how an HDMI connection attack works and how are we going to benefit from this type 14 00:01:30,540 --> 00:01:31,320 of attacks. 15 00:01:32,060 --> 00:01:40,620 Remember, again, this attack only works with the help of social engineering in which you have to make 16 00:01:40,620 --> 00:01:48,590 the victim come and click on your specific links and you assume that he's going to fall for your attack. 17 00:01:49,920 --> 00:01:53,200 So let's see a normal search template over here. 18 00:01:53,850 --> 00:01:57,660 So this is a very, very simple code from a Target website. 19 00:01:58,020 --> 00:02:01,790 Within a year, you can see e-mail starts at e-mail. 20 00:02:01,810 --> 00:02:09,240 Close your other results that match your query for anything that you search on to any target website. 21 00:02:09,250 --> 00:02:13,620 So let's say you search for a product that is computer on Amazon. 22 00:02:13,890 --> 00:02:18,510 This is how the output is going to look like, which will give you some results. 23 00:02:18,660 --> 00:02:21,150 Let the result end result be. 24 00:02:22,660 --> 00:02:31,420 Now the attacker is going to put a query into that search box and you can see this is the query, which 25 00:02:31,420 --> 00:02:40,600 looks like it's to tag special offer and there is a giraffe in the background, which basically means 26 00:02:40,810 --> 00:02:48,350 that it is going to redirect on the attacker dart site, which is a malicious link. 27 00:02:48,760 --> 00:02:57,850 So when the attacker is going to put this link into the search pattern and it interprets this and gets 28 00:02:57,850 --> 00:03:05,470 executed, and if the victim clicks onto that special offer, he will get redirected to the attacker 29 00:03:05,470 --> 00:03:06,940 control domain. 30 00:03:08,170 --> 00:03:16,570 Now, when the attacker will actually input his query, then how this will look like you can see the 31 00:03:16,570 --> 00:03:23,920 code over here, the attacker input query, which redirects to the malicious site, as you can see here, 32 00:03:23,920 --> 00:03:26,020 your other search results that match your query. 33 00:03:26,530 --> 00:03:31,510 There's a special offer and the atrophies to the attackers, a website. 34 00:03:31,960 --> 00:03:39,850 And when the poor victim will click onto this special offer, he may get redirected to the clone of 35 00:03:39,850 --> 00:03:40,380 Amazon. 36 00:03:40,390 --> 00:03:48,190 Let's see if it is vulnerable and will end up logging in or doing some sensitive actions which can compromise 37 00:03:48,430 --> 00:03:51,100 his integrity or confidentiality. 38 00:03:53,020 --> 00:03:58,390 So it is the practical time and let's see how you can demonstrate this type of attack.