1
00:00:00,390 --> 00:00:07,950
‫May I ask you, well, is one of the most used databases and it's almost in every network either for

2
00:00:07,950 --> 00:00:17,130
‫production or for development purposes, out-of-date or poorly configured MySQL installations may allow

3
00:00:17,130 --> 00:00:19,370
‫you to get in the system.

4
00:00:20,340 --> 00:00:23,970
‫So your first step is to discover the version.

5
00:00:25,330 --> 00:00:33,010
‫MSF has a couple of modules for my rescue well, so let's have a look at them and gather information

6
00:00:33,010 --> 00:00:35,590
‫from I ask you all server in order.

7
00:00:36,490 --> 00:00:43,500
‫So do you remember as I do that there are, I ask you all databases in the result of the DEBE and Map

8
00:00:43,510 --> 00:00:43,930
‫Command.

9
00:00:45,130 --> 00:00:46,660
‫So then how do you view it?

10
00:00:47,320 --> 00:00:57,010
‫I can view it by going to Services P three, three or six entering that command and sure enough, there

11
00:00:57,010 --> 00:00:57,400
‫they are.

12
00:00:58,740 --> 00:01:02,850
‫So there are some useful auxiliaries and Meadows Boyd for my ask you out.

13
00:01:03,870 --> 00:01:05,330
‫And you can search it like that.

14
00:01:09,170 --> 00:01:13,040
‫So here they are and like always, I will start with.

15
00:01:13,960 --> 00:01:18,040
‫Version enumeration, although and MAP already did it.

16
00:01:20,300 --> 00:01:21,470
‫So the options.

17
00:01:23,230 --> 00:01:26,320
‫Just going to set our hosts as my variable.

18
00:01:28,800 --> 00:01:29,670
‫So options.

19
00:01:32,710 --> 00:01:39,050
‫And run, yeah, it's executed quickly and the result is the same as the Divi inmate command.

20
00:01:39,970 --> 00:01:41,590
‫So check this out now.

21
00:01:41,590 --> 00:01:45,310
‫I'm going to use the my school login module.

22
00:01:47,100 --> 00:01:48,210
‫So the options.

23
00:01:49,640 --> 00:01:52,700
‫And they are hosts of value comes up globally.

24
00:01:54,170 --> 00:01:57,260
‫And there are some final variables, as you can see.

25
00:01:59,030 --> 00:02:02,690
‫And I'll set blank passwords to true.

26
00:02:04,130 --> 00:02:07,340
‫So the module will try blank passwords also.

27
00:02:08,810 --> 00:02:14,150
‫So I'm going to start a brute force and just a little bit, but I first need to create a dictionary

28
00:02:14,150 --> 00:02:17,690
‫file specialized for my you out.

29
00:02:18,830 --> 00:02:26,210
‫And to accomplish this, I'll search on the Internet for a reasonable dictionary file, or you can also

30
00:02:26,210 --> 00:02:28,280
‫create one by yourself like we did earlier.

31
00:02:29,650 --> 00:02:32,710
‫But I just want to use the related words like this.

32
00:02:34,240 --> 00:02:37,900
‫So here in the second row, there's a GitHub page.

33
00:02:39,390 --> 00:02:44,790
‫And under default credentials, you will see a minuscule default password file.

34
00:02:46,410 --> 00:02:51,180
‫I'm going to copy that and say thank you to the owner of the page.

35
00:02:52,740 --> 00:02:56,910
‫OK, so I'll save it in a file in Colly.

36
00:02:58,010 --> 00:03:00,410
‫And I will say that here in the desktop.

37
00:03:02,140 --> 00:03:03,460
‫I think I did that before.

38
00:03:05,230 --> 00:03:07,930
‫So let's go back to the MSF council.

39
00:03:09,690 --> 00:03:15,160
‫Said the user pass final variable to the file that you've just created.

40
00:03:15,940 --> 00:03:18,060
‫OK, then run.

41
00:03:21,010 --> 00:03:28,930
‫And I think you can catch some user password pairs, so you should make a note of this finding because

42
00:03:29,080 --> 00:03:30,630
‫you will need to use this one later.

43
00:03:31,610 --> 00:03:37,640
‫OK, so so this means that you're really starting to discover and understand your target system.

44
00:03:38,790 --> 00:03:39,950
‫Let's get into the next one.