1
00:00:12,430 --> 00:00:15,140
Hey, guys, welcome back to another episode on How to Hack.

2
00:00:15,610 --> 00:00:20,850
So over here I have D.V. W8 running, which is a vulnerable Web application system.

3
00:00:21,370 --> 00:00:25,340
And of course, over here we have one particular vulnerability, which is follow up.

4
00:00:25,960 --> 00:00:31,790
So as you can see here, we have vulnerability for upload and it says choose an image to upload.

5
00:00:32,050 --> 00:00:37,780
So what happens is that a lot of sites may have the option for us to select, say, photos, videos,

6
00:00:37,780 --> 00:00:45,100
to upload text messages and certain business applications that allow us to upload Excel sheets and so

7
00:00:45,100 --> 00:00:45,210
on.

8
00:00:45,220 --> 00:00:46,170
So the list goes on.

9
00:00:46,330 --> 00:00:53,230
And of course, in this case, what we are doing here is to upload a payload that gives us a connection

10
00:00:53,620 --> 00:01:01,120
to the Web application system and be able to do all sorts of post exploitation following from this particular

11
00:01:01,120 --> 00:01:01,460
upload.

12
00:01:02,260 --> 00:01:06,790
So as we can see here, all we got to do is to go ahead and open up a terminal.

13
00:01:06,910 --> 00:01:07,240
All right.

14
00:01:07,250 --> 00:01:11,360
So over here, I got to Tumblr running and you have to be able to install Wi-Fi.

15
00:01:11,650 --> 00:01:11,920
All right.

16
00:01:11,920 --> 00:01:13,720
So I can go ahead and share with you if we.

17
00:01:19,390 --> 00:01:27,490
So if Lee is actually a weaponize web show, so it gives us a lot to way excess and creation of a payload

18
00:01:27,490 --> 00:01:32,830
that we can upload to a Web application system, or as you can see over here, and all you got to do

19
00:01:32,830 --> 00:01:38,170
is just download it from the code so you can download a zip or you can do a get clone.

20
00:01:38,170 --> 00:01:40,760
And once you have it, you can navigate into the folder.

21
00:01:40,810 --> 00:01:42,760
So in case I can navigate into the folder.

22
00:01:43,690 --> 00:01:44,020
All right.

23
00:01:44,030 --> 00:01:47,620
So once you're in, we can actually look at all the files has been downloaded.

24
00:01:47,620 --> 00:01:51,210
And of course, the primary one for us will be Wolfley Dot P..

25
00:01:51,550 --> 00:01:51,760
All right.

26
00:01:51,760 --> 00:01:58,480
So it's a python fall that could help us then create the payload in which we will upload into the vulnerable

27
00:01:58,480 --> 00:01:59,680
Web application system.

28
00:01:59,710 --> 00:01:59,900
All right.

29
00:01:59,920 --> 00:02:02,270
So all you got to do is enter briefly.

30
00:02:02,500 --> 00:02:02,850
All right.

31
00:02:02,860 --> 00:02:07,210
So what we need to do now is to firstly create default.

32
00:02:07,420 --> 00:02:07,650
All right.

33
00:02:07,660 --> 00:02:12,370
We have to firstly create a file on the payload that we upload into the Web application system.

34
00:02:12,940 --> 00:02:19,670
So all you gotta do is enter WiFi, generate Willowby password and follow by default name.

35
00:02:19,690 --> 00:02:27,160
So in my case, I'm going to put payload FB hit enter on debt and has created a fall, or in this case

36
00:02:27,160 --> 00:02:29,250
we have seven hundred and fifty one bite size.

37
00:02:29,800 --> 00:02:31,540
And of course we have over here payload.

38
00:02:32,680 --> 00:02:39,790
OK, so what we can do next is that we can now go back into the vulnerable application system and we

39
00:02:39,790 --> 00:02:40,730
can click on upload.

40
00:02:41,530 --> 00:02:41,860
All right.

41
00:02:41,890 --> 00:02:46,960
We can clearly browse and we can go and select payload and want to select it.

42
00:02:47,230 --> 00:02:53,830
Click upload indices over here to fall has been successfully uploaded and it's uploaded to this particular

43
00:02:53,860 --> 00:02:54,640
location.

44
00:02:55,210 --> 00:03:02,350
So once it's been uploaded, all we got to do is to go back into WiFi and we can actually connect into

45
00:03:02,350 --> 00:03:04,190
the Web application system using this.

46
00:03:04,610 --> 00:03:04,880
All right.

47
00:03:04,880 --> 00:03:07,570
So again, using WiFi briefly.

48
00:03:08,170 --> 00:03:15,640
And now what we need to do is to basically enter the IP address or the URL one or two, one six eight.

49
00:03:15,850 --> 00:03:18,770
Not zero, not two.

50
00:03:18,770 --> 00:03:19,210
One, two.

51
00:03:20,080 --> 00:03:20,460
All right.

52
00:03:20,520 --> 00:03:23,250
In this case, would have to slash.

53
00:03:23,440 --> 00:03:23,830
All right.

54
00:03:24,160 --> 00:03:29,760
Vulnerabilities all hackable, sorry, hackable slash.

55
00:03:29,980 --> 00:03:30,280
All right.

56
00:03:30,280 --> 00:03:32,290
And as you can see over here, uploads.

57
00:03:34,850 --> 00:03:40,130
Payload hit, enter on that, all right, followed by password.

58
00:03:42,210 --> 00:03:49,230
And now we are in so we now have access to the father uploaded, it gives us a weaponized web shell

59
00:03:49,380 --> 00:03:53,370
that we can do all sorts of commands and instructions inside the system.

60
00:03:53,410 --> 00:03:53,560
All right.

61
00:03:53,610 --> 00:03:54,490
So what can we do?

62
00:03:54,510 --> 00:03:57,560
All you got to do is enter help and it will listo.

63
00:03:57,630 --> 00:03:57,920
All right.

64
00:03:57,960 --> 00:04:02,390
All the commands that you can actually issue into the system.

65
00:04:02,400 --> 00:04:04,260
So in our case, we can look at.

66
00:04:04,620 --> 00:04:08,250
But for a sequel net scan net, I have config.

67
00:04:08,490 --> 00:04:10,410
So all these are the different things that we can look at.

68
00:04:10,420 --> 00:04:17,460
So I can go in Internet, underscore I have config hit, enter on that and will be able to see the IP

69
00:04:17,460 --> 00:04:17,730
address.

70
00:04:17,730 --> 00:04:21,330
So we are in so we have zero and we have the IP address over here.

71
00:04:21,580 --> 00:04:22,910
OK, so what else can we do.

72
00:04:23,370 --> 00:04:24,980
We can also look at for example.

73
00:04:25,020 --> 00:04:31,410
All right, over here we can upload files, we can look at Back-Door TCP reverse TCP sys extension system

74
00:04:31,410 --> 00:04:32,220
information.

75
00:04:33,000 --> 00:04:37,470
So let's go ahead and enter system on Infl and we can see all this information.

76
00:04:37,620 --> 00:04:37,900
All right.

77
00:04:37,940 --> 00:04:41,470
The version decline IP to server name.

78
00:04:41,880 --> 00:04:42,240
All right.

79
00:04:42,240 --> 00:04:49,650
We can look at the document route to sell all these different details and data can be easily accessible

80
00:04:49,980 --> 00:04:50,970
from briefly.

81
00:04:51,150 --> 00:04:51,360
All right.

82
00:04:51,390 --> 00:04:53,580
With a weaponized shell over here.

83
00:04:53,780 --> 00:04:54,110
All right.

84
00:04:54,300 --> 00:04:55,950
So thank you so much once again for watching.

85
00:04:55,950 --> 00:04:59,130
And I hope they will learn something valuable in today's tutorial.

86
00:04:59,280 --> 00:05:02,130
And if you've any questions, feel free to leave a comment below.

87
00:05:02,160 --> 00:05:06,510
I'll try my best to answer any of your queries like share and subscribe the channel so that you can

88
00:05:06,510 --> 00:05:09,300
be kept abreast of the latest cybersecurity tutorial.

89
00:05:09,330 --> 00:05:10,800
Thank you so much once again for watching.