1
00:00:01,450 --> 00:00:07,570
So the scan is over now and you can see on the left here we have our Web site clicking on it will show

2
00:00:07,570 --> 00:00:10,020
you some results of the spider web.

3
00:00:10,020 --> 00:00:16,620
It was looking for the files the very interesting part is the alerts here.

4
00:00:16,620 --> 00:00:22,870
Right here you can see all the vulnerabilities that have been discovered on the left here.

5
00:00:22,930 --> 00:00:25,450
You can see that we have seven red flags.

6
00:00:25,480 --> 00:00:28,710
So these are the high priority alerts.

7
00:00:28,770 --> 00:00:34,910
We have three orange flags and five yellow flags and zero blue.

8
00:00:34,950 --> 00:00:39,120
So these are organized in the order of their severity

9
00:00:41,720 --> 00:00:48,140
clicking on any of these categories will expand it and show the threats that have been found related

10
00:00:48,140 --> 00:00:49,380
to that threat.

11
00:00:49,550 --> 00:00:58,520
For example clicking on the path traversal you'll see all the or else that can be exploited to read

12
00:00:58,520 --> 00:01:06,560
files from the server clicking on any of these you'll see the hash CTP request that was sent in order

13
00:01:06,560 --> 00:01:08,150
to discover this.

14
00:01:08,570 --> 00:01:14,360
You'll see the response that why the tool thinks that this is vulnerable and we can see that and the

15
00:01:14,360 --> 00:01:22,280
response the tool was able to get the contents of ATC password right here you can see the URL that the

16
00:01:22,280 --> 00:01:26,390
tool used to exploit this vulnerability.

17
00:01:26,820 --> 00:01:37,030
And in here you can see a description of what the current vulnerability is and how it has been exploited.

18
00:01:37,330 --> 00:01:38,890
And here you can see the risk of it.

19
00:01:38,890 --> 00:01:40,720
So this is very high.

20
00:01:40,750 --> 00:01:41,860
You can see the confidence.

21
00:01:41,890 --> 00:01:48,730
So how confident the tool about the existence of this vulnerability you can see that it's been injected

22
00:01:48,730 --> 00:01:58,290
into a page and the attack is trying to get it easy password so let's try and right click on this and

23
00:01:58,290 --> 00:02:06,630
open it in browser and as you can see now it exploited it for us and it showed us the output for this

24
00:02:06,630 --> 00:02:12,300
vulnerability and we can read the contents of ATC password and you can see that the exploit is being

25
00:02:12,300 --> 00:02:21,400
exploited in this you are all right here let's have a look at another example.

26
00:02:21,610 --> 00:02:28,480
For example across site scripting and again the tool also checks for post and get parameters.

27
00:02:28,510 --> 00:02:34,420
So sometimes when the parameter when the injection is sent into text boxes or even sent without text

28
00:02:34,420 --> 00:02:38,390
boxes if it's sent in a post parameter you won't see it in the URL.

29
00:02:38,530 --> 00:02:45,040
So it actually checks for post and get and you can see here it found a vulnerability in a post request

30
00:02:45,210 --> 00:02:51,320
in the register page and it also found one in a gate page.

31
00:02:51,320 --> 00:02:59,230
Again right click and open in browser will execute it for us and we can see the code has been executed.

32
00:02:59,230 --> 00:03:04,450
Again we can have the URL of the execution right here if you want to use it with beef or any other tools

33
00:03:05,050 --> 00:03:07,480
and we can see it in here as well.

34
00:03:07,550 --> 00:03:14,070
Your ad that's being used to exploit this vulnerability let's just have one more example of an Eskil

35
00:03:14,130 --> 00:03:14,730
injection

36
00:03:18,560 --> 00:03:23,930
again click on it it will show you why it believes that there is an as fuel injection here

37
00:03:28,450 --> 00:03:34,360
it will show you the URL and it will show you the attack that are used it used and one equals one

38
00:03:38,100 --> 00:03:40,590
and it's in the parameter password.

39
00:03:40,590 --> 00:03:47,370
And if you remember we actually did exploit this parameter often in this in the browser will show us

40
00:03:47,370 --> 00:03:53,040
that the injection has been is working and it's using their user name and password codes up

41
00:03:56,560 --> 00:04:01,130
so the tool is very simple very powerful and very useful.

42
00:04:01,240 --> 00:04:02,340
You can play around with it.

43
00:04:02,350 --> 00:04:09,340
You can play around with the proxy and with the options and see how you can enhance the results and

44
00:04:09,340 --> 00:04:10,990
achieve even better results.