- 6 months ago
Category
🦄
CreativityTranscript
00:00:00hello everybody welcome back this is ethical hacking training and we are actually going over
00:00:22labs and this is the third lab and in this lab i just want to go over something quickly with
00:00:29you guys which you should know about i would i would say like a tool and this is uh well i've
00:00:35opened up firefox so uh basically this is uh gathering information about a target website
00:00:42using a tool which firefox or a puller add-on which firefox has and that is basically your
00:00:51firebug add-on right so how to get to that so we're talking about fire bug all right
00:00:58so if you just uh go on this in this case i've just downloaded firefox and i uh it comes with yahoo
00:01:07as a search engine and i did firebug as a search so first is how to get firebug right so you click
00:01:12on firebugs do a search on firebug click on firebug and it says install firebug another way to do it
00:01:20here is that if you go to your uh menu on firefox the three lines on the left hand side and basically
00:01:28you click on add-ons right when you go to the add-on screen uh for search just just put firebug
00:01:37all right and then hit enter so this basically gets you firebug as a tool uh you click on install
00:01:43and what it does is if you look on top right here it it has uh given you uh uh an install uh for the
00:01:55firebug and it is basically like a bug uh it's not turned on right now uh but once you click on it
00:02:01it'll it'll turn on right so let's uh let's try to do something interesting here uh oh got it
00:02:08it so let's go to let's visit you know some website and see if we can uh if we can uh kind of
00:02:16use firebug and i can show you how how it is uh basically uh what are the strengths of this tool
00:02:23right so as a security analyst ethical hacker you need to know this tool again tool is called firebug
00:02:29and i've installed the add-on the latest version 2.0.16 and basically this tool is pretty neat it
00:02:40lets you do a lot of cool stuff in terms of you know what you want to do when knowing about a
00:02:47particular website or when you want to see the details which are not uh which are which you you
00:02:53need more details than the view source how about that and you can manipulate those details also so that
00:02:58you uh you can change certain things and see expected outputs and and so forth right so uh the tool
00:03:06again is firebug and then uh it's basically an add-on uh this a little bit history on the tool is that
00:03:13uh it was uh written in january 2006 it's a free open source tool and of course it's uh it's for uh
00:03:22monitoring your custom style sheets the css html your document object model
00:03:28your javascript files and calls and also your xhr that is your xml http requests which go over the
00:03:39wire and it can be used for http and https also all right enough talk so let's uh let's open up a website
00:03:48here uh let's go to i would say what website you want to go to uh let's open microsoft or
00:04:01how about uh i want something with the amazon yeah amazon.com let's go to amazon.com
00:04:11so amazon has got lots of information you can uh you can you know see like different products you can
00:04:18do all of that right so i'm not going to do anything i'm just going to show you how firebug is used and
00:04:25you know what are the main things about firebug so if you're on the home page of a website it could be
00:04:30any website for that matter so here i just click through and this gives me enough information if i do
00:04:37search let's do search on um let's do search on what books let's do hacking and hacking tools
00:04:50in books right so this gives us a good uh list of you know books which are out there and uh you can
00:04:58basically uh look at uh clothes like let's do like something interesting uh uh just do uh styles
00:05:13and uh let's do moving
00:05:19all right so this gives us like you know we had books and i just want to change all all departments
00:05:26and then this will give us you know some something more interesting uh to look at yeah so these are
00:05:32some bags and so forth right so any search i'm just trying to like you know get a search which has got
00:05:37more more values to it and which is more interesting i would say so now again back to firebug so suppose
00:05:44this is the first search now you want to know a little bit about this particular and you want to
00:05:48change it around so you just right click on it and you can say inspect element with firebug right also
00:05:54you can launch firebug by clicking on this right here but best way is like whatever you want to
00:05:59look at you can do that so this relevance thing so if i right click on it and say inspect element in
00:06:05firebug what it does is it on the bottom if you notice it launched firebug for me and if you if i move my
00:06:12mouse on any of these you see on top how it is uh highlighting the element so basically now you have
00:06:20you are not only into the view source but it also gives you more than that the styles used uh out
00:06:28out here and of course you can you can go in and uh and change some stuff around also right so out here
00:06:36if i say oh you know what uh there is uh i'll just if i wanted like to say right click and uh i can
00:06:45copy these styles uh i can you know uh i can uh paste them as html i can also add stuff to it like add
00:06:55add children to it i can inspect them in dome panel use command line and this adding i'm not changing their
00:07:02website just to let you know it's all local right you're just adding it locally you're just playing
00:07:06with it and just seeing what would be the uh uh what would be the result of this right and here i'm
00:07:13trying to like just change some stuff around and you can like deface on your own i mean this is just
00:07:19i'm not changing anything on the amazon side this is the you're just playing around with all the different
00:07:24you know uh different priorities uh like say price low to high i'll just say uh min uh sort of edit this
00:07:35hold on uh right click edit html and uh and i can just say price uh min to high right and once this is done
00:07:50uh i can i can go in here and it says min to high right so whatever added changes so it's basically
00:07:57and high to low so basically i can i can just say price equals to uh
00:08:08high and then end up here it just says hi so you could you could make this kind of these kind of
00:08:15changes they're pretty interesting you can do more crafty thing also if you say suppose uh if you want
00:08:21to like you know change and see if there's extra values which are there and you could if there's
00:08:26some numbers down here you could change those numbers and you know and try to see if that works
00:08:32uh these are all techniques when you're looking at uh from ethical hacking perspective all right so
00:08:39let's let's quickly go over some of the things which this tool gives you one is of course now you know
00:08:43uh then you can right click and uh and say inspect the element another thing which you can do is
00:08:48suppose you are any page right let's click into uh this first thing that is a fashion bag so now here
00:08:56you can uh i'm trying to scroll down uh i'm not trying to click but scroll down uh so let's scroll
00:09:03down here uh i'm trying to like you know get out of the firebug mode because firebug literally wants to
00:09:11like you know capture everything what i'm doing so here i'll say oh you know what i like this bag
00:09:16better uh let me go here uh now i want to know i want to see some elements so i want to just look at
00:09:22say this part you know let's look at html how this is made and so forth so i could just click on this
00:09:29arrow with the box which says click an element in the page to inspect just click on it uh go on the page
00:09:35see how it starts highlighting the elements and it also tells you like which this element is wrapped
00:09:40under the master element so if you look at the html it's div id center column so the whole column
00:09:47has one single div and everything else is wrapped under that div these all small divs labels so you
00:09:52can basically go and see oh okay this is where it comes in so now you see this all thing is wrapped
00:09:58under one div called variant color name right and class so if i click on this lets me go go up here
00:10:05and it lets me see like you know what all information is there and you can see the styles
00:10:10uh you can you know go and you know even actually you can even go and change colors down here if you
00:10:16want uh i mean you can trade much more but easy thing to do uh for this particular demo would be like
00:10:23we just change colors or or you know any other information which you want for for this particular
00:10:30element right so this kind of gives you a good idea that uh how you can you know play with this
00:10:36how you can install firebug uh as an add-on you know basically it shows up here uh oh another thing
00:10:44is you can also do uh let me just go through this menu and you will come to know so now you know that
00:10:50you can change stuff around you can you know change the fonts you can change you know any kind of
00:10:57information you want just right click on it and uh and basically change it right so like here there's
00:11:03a color uh body color and i if i say red here uh hold on sorry uh just gotta right click on it and edit
00:11:12color so now it can i can basically give a hex value right so let's do uh fg fg fg and let's see what it
00:11:23does uh so basically you you're i don't know if it did anything or not but you get the idea
00:11:30right so i think so i uh what i changed was not what was it kind of filtered it out uh but you do get
00:11:39get an idea of you know you can basically go and manipulate and colors color is something which you
00:11:43would not change usually i did the body color change and i think the body has a lot of wrappers on it
00:11:49so that's why you cannot just see the color effect right away but if i would have done something
00:11:55like just gone into this particular section and uh and it has some classes down here it has some
00:12:03font family um there and here you can you can you can actually change some fonts like turn them off
00:12:14and in this particular case it says oh it's using class a a dash uh uh list item class that's what
00:12:21it's using you can go into styles and then you can use colors as hex you can also change like how
00:12:27you want to see the colors right or you want to do rgb colors it'll just start changing those uh
00:12:33very neat very cool uh especially when you want to drill down into certain uh the html part of the
00:12:39tool okay now actual part you know css part as i said you can you can see the css part and you can
00:12:45you know do a lot of things you can uh you can edit uh height here and i can make a height of like you
00:12:52know say 400 pixels 400 px remember to put px it'll start giving errors and stuff so i don't know which
00:13:01one did i change to but this was the hidden navigation so you did not see where it got changed but
00:13:06uh when you could do some nifty stuff like that you know so here i went down here and you can then
00:13:14edit sources you can do live edits also so like you know like basically it'll it'll turn on live
00:13:20editing for you where you could just simply go click and edit click and edit you know which is pretty
00:13:26easy and nifty i would say for uh for people who are trying to simply see uh certain result sets you
00:13:32know another cool thing which it does is it exposes you to the uh to the different uh javascript uh
00:13:38of the particular page also right so let's now click on one of these bags down here let's change the
00:13:45search to something else i would say let's do clothing women uh and let's see what are the what's
00:13:51happening down whenever you change it the document object model the dorm you know it also rebuilds and
00:13:58you know it gives all the information the net this shows you how the network traffic has been uh is
00:14:04being uh working and basically it tells you like how much time it's been taking for each of the each
00:14:11of the parts to load uh what is the html it breaks it down into the html time like you know how many
00:14:17milliseconds if you want to see like you know what is loading faster what is loading uh later uh again the
00:14:24it's the css part of it like how what is what is the load time on different css elements and these
00:14:30different css files javascript uh they're using multiple javascript files which everybody uses these
00:14:36days xhr that those are basically your uh exabelle http requests which have been made so each time
00:14:43sometimes you know page has some hidden requests where the page does not even refresh uh so it'll you
00:14:49know try to do uh all those things also so if i say add to cart let's see what happens
00:14:54well it just changed the page i was hoping that it'll just uh not change the page but anyhow so
00:14:59you get the idea with the desert tells you see it's building up it tells you like okay
00:15:06what all different pages are there how they are being built uh see the call just came in and there's
00:15:12some countries stuff going on too i don't know what that is but uh that's more proprietary so we can see
00:15:17okay what happened here uh it's redirecting and uh it's getting some information and you can then see
00:15:24the packet information also you can see what all uh information it got and uh for that matter you can
00:15:30see the post information uh what it what it did for the particular bag the sources uh what was the source
00:15:37for it then also you can see the response which which came back a lot of the times when it is wrapped uh
00:15:44responses are not there in this case html cache and cookies part so if there are any cookies received
00:15:51will give you basically all the cooking information the value uh and then you can you know dig a little
00:15:57bit deeper into the cookie and get some other information about the cookie like session id hit
00:16:02all that stuff so basically this is a tool that when you want to drill down into as much information
00:16:08you want uh about a particular web page and it will give you like you know the details
00:16:15where which will help you to uh get to the bottom of like hey uh what is going on like you know what
00:16:21are the different uh types of uh uh requests which is making if you want to change something on the fly
00:16:28uh and uh and use this tool in your uh in your basically your ethical hacking practices all right i hope
00:16:35you uh you enjoyed uh watching this video and uh going through firebug and using it for uh for your
00:16:42inspect and also for debugging purposes uh i will i would recommend that you go on the website there's
00:16:49introduction to firewall video down here which should also give you some little bit more deeper uh you
00:16:55know kind of uh insight about the tool and then of course i recommend to read the document section which
00:17:01basically uh walks you through all the different uh parts of firebug and uh what is firebug it also
00:17:07tells you like how you can use it for different elements if you're doing network monitoring versus
00:17:11uh uh javascript debugging and so forth all right all right great uh thanks for joining and i will uh
00:17:19see you in the next lab all right bye
00:17:49hello everybody welcome back this is uh ethical hacking labs labs and uh today's lab is going to be
00:17:59around web data extractor so those of you who don't know web data extractor is a tool which will
00:18:07basically let you extract information about about a company and basically it is a software tool that is
00:18:17it's not web based you have to download the tool and then work with it and it'll let you search uh
00:18:25search in different things on on a particular company so let's start with google and let's type
00:18:30in web data extractor and uh first thing what you do down here is the first link we always uh want to
00:18:37make sure that you understand the importance of downloading a tool from the original website and
00:18:45this is the the pro version of web data extractor so this particular tool basically lets you uh do uh
00:18:52uh run a spider on um on a website and it also lets you uh lets you do other things and i'll show you
00:19:00what all cool stuff you can download about a particular website too so uh we already have downloaded this
00:19:07tool just to save some time during the lab but i would go uh prompt you to go in and download this tool
00:19:13yourself so let's fire it up double click start and um to next let's keep uh let's say accept to the
00:19:21license agreements uh next let's keep everything default settings as they are so now the tool is
00:19:28installing itself uh let it install let it go by it'll take some time uh though this is a pretty small uh
00:19:36uh tool uh it should not take that long but while it is doing so uh let me get you familiar with you
00:19:44know why do we need uh to do this spider engine to go in and uh and kind of you run through our site
00:19:50right well i'll explain to you later on looks like the tool is installed okay let's let's click finish
00:19:55i'll i'll uh explain to you let me show you the tool first right so so it creates an automatically
00:20:02creates a shortcut like any other uh application out there the first thing you do is you uh basically
00:20:08start the tool and this is the ui of the tool uh it's a gui based and it's the version is 8.3 which
00:20:14i'm using in for this particular lab and first thing you've got to do is click on new and you uh it'll
00:20:22start a session and you're to do a session setting to start with you have to put in a url of a of a
00:20:28website and so you do www dot in this case we are going to use a uh a website to carainfo.com
00:20:37and this particular website uh what and then also another thing to do is like save data so what
00:20:43are the data you want to save you want to extract email phone numbers faxes urls and in this case the
00:20:49default is base urls and you want to extract meta tags also right and we'll keep it unchecked the
00:20:56extract site body click ok so now the spider has started crawling and this is kind of a similar
00:21:03crawler spider which a lot of website search engines uh use also uh but then this is basically known as
00:21:11rippers spider crawler so there are different names for it so basically it's it's getting all the
00:21:17information about a site and it is basically crawling all the information of the site all the different
00:21:22pages the hierarchy um the different information which you can get you know about our site so it's
00:21:27basically going through it it creates multiple sessions while doing so so you can see like you
00:21:32know it's all this url that's going through right and this looks like this is a dot net based site so it
00:21:38is basically going through all that information also and and you can see like on the top right is the
00:21:45active session graph which basically tells you uh all the other information too so okay that was pretty
00:21:50quick so it basically has finished the session and you can check extracted data by using uh correspondent
00:21:56pages so now correspondent pages are basically these uh these tabs down here so let's do a full screen
00:22:03here um so now you can see like you know it tells you the base url uh that what what the uh website is
00:22:11it tells you uh the the title of the each page the keywords which have been used and which are actually
00:22:18keywords descriptions these are some key things that you want to know when it comes down to search
00:22:22engine optimization and if this website is working properly when it comes down to uh seo
00:22:29and also it basically tells you all the pages the internal pages of the particular website uh different
00:22:36attributes associated with it host name the page size that which is a bigger page versus a smaller page
00:22:42you can kind of filter those out now next thing is email addresses it basically tells you all this
00:22:48all these email addresses hr info and there's the third one more cooler and then you can also see
00:22:55the urls you know the titles uh which are associated with those with those particular uh uh emails right
00:23:02so next is phone uh so phone basically is uh it basically tells you like all the different phone numbers
00:23:09which you have listed on the website it could be your uh support it could be you know your sales
00:23:13department and it'll give you all the information around which you have posted down there similar is
00:23:18with faxes and then you have urls uh the different urls these are these external urls actually which uh
00:23:26which your site has been linked to or you have done any kind of linking on and uh that way it is pretty neat
00:23:34because it basically lets you get all that information out and it shows you all these different urls
00:23:40which which you are associated with and in a lot of cases it's basically it could be like some
00:23:47qualified urls it could be some urls which are not um active or something you know from picked up from
00:23:55your page names and built up right so but these are these are something which you need to like look at
00:23:59other tabs merge lists and active sites it is also there faxes you already went through phones you
00:24:05already went through so this basically you get a good idea about you know how this works right so you
00:24:10can now you can change the session let's do another one and this time let's uh run it on another domain
00:24:19right so so let's let's uh let's uh run another search and uh this uh let's do it on social27.com
00:24:29and again we'll select the meta tags url email phones and faxes right and let let it begin so when
00:24:38you hit okay the crawl will start right um you say okay and uh boom there it starts and uh yep sorry
00:24:50you click the start and then it starts and now you have uh you're going through it and you're basically
00:24:58it'll again it'll start getting all the page sizes the this is recorded
00:25:04the urls the how many processes on top the traffic received in terms of kilobytes
00:25:13and then all the tabs which we went through for the earlier example it'll start filling those with
00:25:17numbers right and uh and you can go in and then uh tap through each one of these tabs and get more
00:25:25information about that particular website right so this is best basically the best way to get quick
00:25:31information when you're doing any kind of reconnaissance or you're trying to like you know do
00:25:36some kind of information gathering for a particular website so you can see like you know what are the
00:25:41different pages and this will bring out your hidden pages also if they're not even linked from the browser
00:25:46it'll try to get those pages out also for you so and then you can basically go in and see the meta tags
00:25:53the keywords descriptions um the the different uh hosts
00:26:02and page size and all those are like some standard ones that you can see down here right
00:26:07so again uh same way you can check emails phones faxes urls and see like you know what all other
00:26:14information you can gather and uh this tool is extremely fast search and it has a lot of accuracy built
00:26:22into it and especially uh it's it supports the working on with the proxy server lists also
00:26:29and uh and and has a unicode support uh built built in which is basically a pretty powerful uh feature
00:26:38or list of features when it comes down to similar tools right and you you are here you can also see
00:26:45that you know you can go through different uh phone numbers uh which are which are published out there
00:26:52you can um you can look at you know the details for a particular website like this you know so web
00:26:59extractor basically again it automatically extracts uh your specific information from web pages and this
00:27:07form of information is used for information gathering phase it used for reconnaissance and
00:27:14and even penetration testing when it comes down to a particular company or their website right
00:27:20and if you're doing this for multiple uh companies it'll be very tough for you to get this information
00:27:26out but using this tool you can create a extractor payload and analyze it and then you can do multiple
00:27:34payloads like this and basically use this to your benefit right also the urls you see like you know it'll give
00:27:40you where all partner websites it's linking to other important information websites which it is part of
00:27:47or linking it from from their website all that information is on your fingertips and you can get to
00:27:54it by using the our this and this tool which i'm just getting you familiar with that is the web data extractor
00:28:018.3 right of course you can save each session also so save session basically you can use the session
00:28:08under that domain name for a later time which will which is basically what you want to do and that's
00:28:14the feature which i was mentioning a second ago so so now you now you have a good idea about this tool
00:28:21so what this tool does a few other things which you should know uh is uh it's basically it's uh
00:28:28and basically install uh initiates multiple sessions uh when getting information and you can basically get to each
00:28:37session uh through the open session part of course when this tool is running right now nothing is uh
00:28:44open uh you can also uh get uh you can also delete a session you can uh restart uh or start a session
00:28:54and uh you can edit some uh some data down there too uh there are some presets and review that what
00:29:02folder you want to save information under uh how you want to show the session info as so all those
00:29:08things all are different options this is pretty simple pretty straightforward tool it doesn't have
00:29:14like millions of options in there uh it is uh also then again this tool is is not free and it comes
00:29:22wrapped in with some other supportive tools like the list motor and the bulk verifier tool and the list motor is
00:29:30your email list manager and bulk verifier is email and domain verifier so it does come back with these
00:29:36two extra tools which i think so are great when when you're trying to extract a company company data
00:29:42information right so uh well uh these are some of the things that you should know you should know about
00:29:48this tool get us a familiar with it play with a little bit more i recommend you uh to uh to use it
00:29:55effectively when when you're gathering uh gathering any kind of information about a particular company
00:30:02and this could be restricted unrestricted data data which is hidden emails phone numbers uh body text urls
00:30:10faxes so all that can be easily uh taken out from using a web data extract or a similar tool i would say
00:30:19right you can see like you know partners you can see like you know and this is this program is highly
00:30:25uh highly i would say like uh uh very nicely built very fast and it is basically uh uh uh keyword search
00:30:34is also part of it and it has uh urls and files you can save capabilities also part of it and it allows
00:30:42external links uh from the original pages right all right so uh well actually uh this this will this
00:30:49will give you a good understanding of the tool i hope you understood and uh and would practice the
00:30:55practice downloading and playing with the tool also all right that brings us to end of lab this lab that's
00:31:01lab four and i'll see you in the next lab thank you for joining
00:31:19um
00:31:35hello everybody welcome back uh this is uh ethical hacking labs and uh today's lab is around hd hd
00:31:43track and hd track is basically a way to mirror your website and uh it is basically it is a website
00:31:51copier tool and uh it is uh it is used for uh penetration testing and other uh other ethical
00:31:59hacking uh strategies when you're trying to basically target the website and use it remotely or without
00:32:06without you know actively connecting to it uh and you're basically uh you have a copy of it locally
00:32:14so the main purpose down here is that you want to analyze a website which is non-dynamic or not a
00:32:22dynamic website and it's static in nature so you can basically download that particular website uh using a
00:32:31tool um and this uh this tool which you want to use is called ht track um uh sorry uh yeah htt so ht and
00:32:41then track hdt r a ck and uh so basically when you're using ht track it's uh you want to make sure that you
00:32:50understand some of the benefits of this tool too right so now the first key benefit i would say is that
00:32:55you are not going to put any load on on the on the main production site which you are trying to make
00:33:02a copy of while you're running any kind of testing on penetration testing performance testing vulnerability
00:33:07testing any kind of testing you're trying to do second key benefit down here is that it basically lets
00:33:14you uh work on on a site in a non-connected mode which is basically locally on your on your computer and
00:33:22you don't need to be on the internet for that and third benefit down here is you can uh you can
00:33:28get it you can uh you can work you can share it and you know an intranet or in a internet environment
00:33:35too okay so let's get started first thing uh i'm on google i search for ht track website copier uh
00:33:43we'll open up the link and uh let's download the tool itself and uh make sure to always download from
00:33:51the official site right so a few things to remember with this tool this is a free uh tool and it is
00:34:00as i said it is an offline browser utility which basically lets you browse a website but in offline
00:34:06mode and it allows you to download your www site that is the worldwide website from the internet to a
00:34:14local directory it does a building of the whole thing recursively and all its directory
00:34:21structure images and other files and and basically serves it back to you so you can you can use it
00:34:28right uh in terms of you can you can run any kind of testing on that you can do check it you can you
00:34:36know do any ethical hacking techniques you want to use like cross-site scripting and so forth here you can
00:34:44see like you know let's look at the versions which you can download it's actually uh robust pretty robust
00:34:49like it's got like it's cross-platform it's got android version is there linux versions are there unix
00:34:56versions are there so it's available on most of the new operating systems and uh and you can basically
00:35:03download it for 64 32 bit and uh and let's uh let's look at it i've actually done a download not sure if i
00:35:12did the right one uh well looks like um i have a 64-bit version i'm just going to try it but it's not
00:35:20going to work because uh i'm running a 32-bit os uh on windows 7 so let me just go in and grab uh the
00:35:27proper version when it comes down to uh to this tool itself so it's very important that you know you get
00:35:35the right version for the right operating system otherwise it's not open guys you just saw it right
00:35:38another key thing about this tool is that it basically is very useful when you when it comes
00:35:45down to crawling right and uh and while it's doing its download uh it'll be pretty fast you know the
00:35:51way it is happening and also uh it should be track and also update an existing mirrored site and you can
00:35:58resume interrupted downloads also when it comes down to the http track um itself and it's and it's pretty
00:36:05pretty pretty pretty nifty pretty nifty when it comes down to what it what it's built to to do and how
00:36:11it kind of works and gets all that information out so all right so you're done with the download pretty
00:36:16fast uh let me just open up the download itself and uh and then run it so next is next uh just accept the
00:36:27agreement next okay let's keep going through it next and uh next we just uh stick to the defaults just
00:36:39keep on going through it next and then hit install so now this uh tool the win htt uh ht track is
00:36:47getting installed well it got installed finished just click on finish and uh say yes so first time when
00:36:54the tool opens up it'll tell you it'll ask you for a language preference like what language you want
00:36:58to store down so you basically go in and select that down there you're going to change from english if
00:37:03you're in a different location or your preferred language is not english so you can just say okay
00:37:11now this is what the tool looks like when you get in there for the first time right so it's on the
00:37:16left hand side it'll up automatically it has pulled out all the different drives which are available on
00:37:20the computer on the system that you're working on and uh our first goal is to create a project right so
00:37:27you click next create a project let's do uh yeah let's do cyber security and uh as a project name and
00:37:37this will create a project in in on your drive and um you have to specify a base path of course where you
00:37:44want the project project to be but let's give a category also let's call it cyber security um cyber
00:37:52security and uh um well uh you keep it keep it consistent so so let's do uh okay let's do website
00:38:05copy or something okay all right so this kind of gives us a good idea that you know this is a website copy
00:38:10for for a cyber security class right and let's just also let's save it on the desktop so it's easy to
00:38:17get to so uh you can change that path with the three dots which is a which is a like a browse
00:38:24folder option on the right hand side so let's click on that and this is point to desktop and it's going
00:38:30to automatically build the structure on desktop so it should work pretty pretty efficiently so let's click
00:38:35on next next is is the site actually which you want to download this is the very important path
00:38:43part i would say and a very important step so here we want to actually download we're going to put in
00:38:48the url of a website which you want to download and this website of course doesn't uh you need to make
00:38:54sure that if there are any restricted authentication passwords or username associated then you then you
00:39:00uh provide that information and login and password i'm just going to use social27.com as a website down
00:39:07here so now so you uh you you we can get a consistent experience from the last lab also right so now let's
00:39:15say okay here and uh so now because you just you just need one url so you can add multiple urls also here so
00:39:22it lets you do multiple urls you can keep on adding and it'll basically go in and mirror those sites so let's
00:39:28click on next and let's move forward to the next step here um so next will basically give us some more
00:39:38options uh like if you're doing any remote connections you can specify those if you're doing a shutdown pc when
00:39:46finished disconnect when finished some other switches that you can turn on also on hold uh what is the
00:39:54transfer schedule if you want to hold something up and the last one is uh save settings only do not
00:40:00launch download but we do we do want to launch the download so we're not going to check any of these
00:40:05and just click on finish so when you click finish uh basically yeah we don't want to launch anything so
00:40:12let's just click finish okay now here it gets fired up it begins here so now it's basically getting you
00:40:20all the different files right just parsing all the files transferring all the data so if you keep
00:40:31look at this closely right let's just observe it for a second
00:40:42so look at the connections which are happening which i'm just pointing out to
00:40:46also look at the kind of first scanning uh and receiving data which is what it's trying to do
00:40:51it's basically going traversing through the whole website and it's trying to like you know get
00:40:58everything down and you can you can see like you know it's it's getting files down it's getting like
00:41:03files from the cdn it's getting png files look at that the byte saved it's already gone to like three
00:41:10megabytes it's already like you know one minute into the into the scan and this is how you know
00:41:16you can literally build out you know your website um locally you know or any website for that matter
00:41:24which has got a static or a dynamic nature with dynamic websites only one drawback is there that you
00:41:31will uh that the site with itself will get downloaded but the data will not be fresh because the site is
00:41:38dynamic and it changes right so with dynamic websites you need to make sure that you uh that
00:41:43you bookmark everything in such a way uh that whatever properties at that given point of time you
00:41:49want to see you only download those those properties and those will be downloaded and at a later time you
00:41:54know if it's a shopping cart or something space suppose you to choose a category you say women and say
00:42:02apparel or jeans or something so you're only getting that particular set of data when you're downloading
00:42:08this using the similar tool rest all you have not gone through the different uh different aspects of
00:42:15which it won't uh save or download everything else right so that is one thing the key thing i would say
00:42:21which you need to remember another thing is um with this particular tool uh there is a skip button
00:42:28right so what happens is a lot of resources on your server uh if you think that you know something is
00:42:33taking too much time something is it's like a red uh you know alarm or you know a red flag for you
00:42:39that why is this taking so time or this file does not even belong to me why is it even there so you
00:42:46you need to then the skip and then uh then i'll show you later on how to see a log and how to see all
00:42:51the activities which happened right but you can basically do that and then skip it and then once
00:42:56you skip it then it basically it will not go in and map it or download it right um so those things
00:43:04are very important when it comes down to looking for and and getting the right information for a
00:43:11particular uh website also a lot of this information actually uh is very helpful for your uh admins you
00:43:22know for your sys admins for that matter because they can now download all this and then they can
00:43:29check it uh for authenticity they can check for the malicious activities bugs also like if something
00:43:35is failing again and again they can basically go in and and rectify that thing also right so so you need
00:43:43to understand that you know it's basically getting all this information what it's going to use it for and
00:43:49how uh can a system administrator be benefited from it so that they can now uh and they can now basically
00:43:56use these for their benefit right so that is those one of the key things also another thing is uh when
00:44:04it comes to ht track um you need to uh you need to understand that uh when the mirroring of the site
00:44:10sorry happens you understand that you know it is uh it is these tools like h ht track which which can
00:44:19basically help you understand you know different actionable items which uh which you are uh which
00:44:24you are which you are which you are going to focus on so so you can also like do one thing while running
00:44:33the website on ht track which you have downloaded you can also uh what hackers usually do is they they
00:44:40perform different techniques you know like you know they uh they fake a website uh by changing the domain
00:44:47a url and then running a copy of of a popular uh shopping cart in there so people can go in and
00:44:54just put in their username and password they put in some valuable information which they capture
00:44:59as a as a hacker and they then basically say oh this didn't work and they redirect you to the original
00:45:05site so you never actually notice like what your site is playing from right so that is a common
00:45:11technique which people just make copies of a website and change certain things around where where the form is
00:45:16being posted submitted uh just work with the with the with the back with the js files the javascript
00:45:23files and then manipulate the outputs to their benefit so that's how bad guys use it the good guys that is
00:45:30you the ethical hackers you guys should basically use it to your benefit that how exactly can you use it to
00:45:36your benefit is basically getting all that information which which is missing or which is needed and
00:45:41uh and uh and uh and uh basically recording it you know and uh trying to uh trying to uh trying to use
00:45:47these techniques to get into or crack into uh websites which you have been hired to do penetration testing
00:45:54for right so that and also use these techniques to uh to kind of trick the the staff or the people uh so
00:46:03that they can enter in wrong credentials or they can enter the right credentials the wrong website and now you have
00:46:09their information and now you can uh get into the network pretty smoothly pretty easily right all
00:46:16right so this uh this this download is uh this uh crawler is still going on looks like we are we're at
00:46:22nine megabytes so let's uh this is a good time that we can go in and start checking out all the information
00:46:27which is which we have been uh which we have been uh shared or which we have been trying to download
00:46:33and then uh then we can also see like you know other other parts of information which uh which we
00:46:40could be missing right so uh and i mean the whole complete website will once it's a when this tool is
00:46:47done that's when it'll be done but we can always go in and have a look at uh at what what's going on
00:46:54right and what's going on under the hood like you know and if it's already taken up so much of space
00:47:01in this case nine megabytes and it's it continues to downloading so you can see uh what are what
00:47:08are the data data points is it storing and how does that work right so that is also pretty crucial uh
00:47:15crucial and important right so okay so now another thing about web tracker is that well it was it's not
00:47:23that old and it is uh as i said it's free tool um you can uh you can basically download it and uh and use
00:47:31it on wweb uh site or your local uh local host
00:47:41so now uh we're just waiting around uh just seeing it seeing that it it goes and finishes its job
00:47:48and uh once and this is like a patience game you know you gotta make sure that everything is covered
00:47:54uh everything is uh to a point where where everybody's comfortable with it and you've got all the
00:48:00information for your security team for other penetration testing team or whatever information
00:48:05they need right so so let's do that uh let's go over these tools and uh and understand like you know
00:48:14how you can use them um here i think we got close to like 11 megabytes now so which is this is pretty cool
00:48:22cool in the meantime let's let me show you another website copier tool let's just do a google search
00:48:29on website copier tool
00:48:38so see there's a good thing this first one is actually track that's a good site
00:48:42very popular tool as i mentioned to you before that's why i'm giving you demo on this
00:48:47then there's a win http track i'm sure this has some modifications and changes in it and there's
00:48:55whistleblower or website copier sorry and website ripper so all these are
00:49:05yeah so the main goal here is to
00:49:08download a site yeah so download a site that is the main purpose main goal of this tool and the
00:49:18faster you can download the faster your connection is the faster internet is is some of the key benefits
00:49:22of this particular tool right uh there's another cool one black widow i like this tool personally black
00:49:30video is a very uh a very uh a very smooth and cool tool which has a complete uh solution built in right
00:49:41we'll also have a lab later on about black widow so you you get uh familiar with that tool also
00:49:47and uh and you'll be glad that that you were introduced to that tool right all right so now let's
00:49:53go back to let's see what's happening with http track uh looks like it's uh still going on it's recorded
00:50:00some information down here it's gone up to like uh 13.5 megabytes
00:50:11so again i've mentioned that to you before also if a size is huge then the website is going to take
00:50:17more time to download right and that is that is the fact of it you cannot go around it there is the
00:50:23beauty of it basically so uh if you have uh during this course of installation or any other uh part of
00:50:31the lab you have any problems do reach out to uh the community uh for uh cyber training 365 and you
00:50:39should get an answer if not from the committee then from instructors right we should be able to answer
00:50:43you and help you and guide you through any uh any uh any information which you have you want more detail
00:50:50upon or any other kind of information when it comes down to your cyber training uh and the labs
00:50:56and in your cyber training uh in the cyber training modules all right so let's look at this observe like
00:51:03you know by it saved is increasing now we have a transfer rate which is a little better i know the
00:51:10net network is pretty slow on this particular computer which i'm demonstrating on
00:51:14but uh but uh but it's it's good that slow so that you can see those processes and you can
00:51:20understand them and then of course eventually you will go in and bridge that gap all right
00:51:30while this is happening let's go and uh look at the site also because it's already got such a lot
00:51:36of data uh and uh let's go first look at the site itself like you know on that social 27
00:51:44dot com right and uh it should get uh it should get you uh all the different uh parts that is uh like
00:51:55what exactly is there um there it is
00:52:02so this is the different pages it's a multi-page site it's got lots of uh different sections in it
00:52:16it's got like sub pages so it's huge right it's got a lot of images
00:52:22so now you understand why it was taking that long because it's trying to build all that right locally
00:52:27it'll download each and every asset as i said associated with that website get a local version
00:52:33of it now let's see how the local version of the site looks like right so we saved it on the desktop
00:52:38it's called the cyber security folder let's look in that so under this folder there is a social27.com
00:52:46site and that's where the site is located it's a social27.com www.social27.com and when you click on it
00:52:55so the key thing to know is that we're going to go and look at the index or the home page for that
00:53:01matter so index page is the starting point when it comes down to any iis uh based website and uh yeah
00:53:10boom so that is exactly the site which was which was the basically we've been copying from and uh using
00:53:18this url and using the urls which is local nobody can make out uh like what is the difference right so
00:53:26if you if somebody never checks a url you can easily fool them by uh by running a copy in a different url
00:53:34and getting some information out of them and then also as a tester as a penetration tester and as ethical
00:53:41hacker you can run tests locally now on the website you can change things around you can test for how
00:53:47uh how data is submitted like how you how you want to like you know do some kind of a local uh pinging
00:53:54performance so all that can be done now locally and and you can uh you can basically you you cannot
00:54:02even make out the difference all the all the pages if you just skim through all the pages they are also the
00:54:07same and uh this this utility basically is is is pretty nice and robust i would say and uh of course you
00:54:17know we are still uh going through the process it's still trying to uh mirror other pages it's still
00:54:23trying to download the pages but uh it's a it's a basic version it's been actually around since uh 1998
00:54:31and a pretty cool tool since then and in the earlier times it was like a fantastic tool because there's
00:54:36nothing like this out there in the market right but but i want you to get familiar with this tool
00:54:42since you will be uh working with this tool or at least have some knowledge with it and so here look
00:54:49at all the pages which are there there it's a dot net site so it basically goes in and renames them to
00:54:54html so that they're all uh accessible linkable and you can basically click on all these pages directly
00:55:01you can go to like you know uh those pages you can go and see um the different you know uh information on
00:55:08each of this page you can go and also look at you know uh the different aspects when it comes down to
00:55:14how to uh look at uh look at you know uh look at all the pages and manipulate them to your benefit as
00:55:21a ethical hacker right um this is uh this is something which uh which as i mentioned before also uh you as
00:55:29as a hacker is gonna are you gonna get more and more familiar with web crawlers
00:55:33and offline browsers you know so often browsing and web crawling is basically a key uh i would say
00:55:41area which you which you will get more expertise on while you learn new technologies new tools and how
00:55:50to deal with and how to record these new tools and technologies to help you copy a website to run a
00:55:57crawl on a website and even to do offline browsing right so all the all these like you see like there's all
00:56:03these folders i'm clicking around and so that you guys are getting a good idea of you know there is
00:56:08some other information which is being stored down here what are the what kinds of information is being
00:56:12stored and how it's been structured you can see js is coming down css is coming down you get like you
00:56:19know you can kind of edit the javascript code because it's like all local now right and then you can uh you
00:56:25can add in your own functions in here and change them and then those functions will start firing because
00:56:31it's your local code uh so that is one thing which is pretty good and which you should know um while
00:56:38and scripting languages is something that has a as ethical hacker you should be familiar with
00:56:44and you should have a good idea about you know how and what to use when to use
00:56:49that way uh whenever you are trying to uh change edit you should have basic html knowledge programming
00:56:56knowledge uh and uh javascript knowledge and of course i would say like server-side scripting
00:57:02knowledge also a client server so you can create you can run create tools and so forth right oh another
00:57:09important thing i want to show you is the log files just pay attention right now so the log file is your
00:57:15is very key to know it basically tells you what all information is there in terms of when it started
00:57:23what are the failures warnings errors and errors basically as an admin also of a site you should
00:57:30run this tool so you know what all 404s are happening on your website and 404s are basically
00:57:35performance hoggers so your performance of the website kind of you know basically goes for a six
00:57:40when there is a 404 and if the files are missing if some images are broken so you want to you want to
00:57:47clean that up too and this is the place you will do it another thing to notice is the cookies
00:57:52so all the different cookies which your website has is also listed down here in this case there's not
00:57:57much but like you will come to know there's a analyzing tracking cookie and there is a
00:58:01session cookie out here but in another websites you could have tons of cookie information you can
00:58:07basically use this information to uh to uh to plan or to uh craft some kind of attacks right so
00:58:16yeah this is the index page which basically is the main index page which basically gets you to the home
00:58:20page of that particular website so everything is so amazing when it comes down to how uh all these
00:58:28tools are matched mapped in a way so that you can craft a website uh on the side on a localhost
00:58:37and it just seems like as if you're online right awesome so guys i hope you uh you enjoyed this demo uh
00:58:47this lab itself and uh and i would uh highly encourage you to practice this locally also
00:58:52uh go around and play with it play with all the tools which i showed you play with all the http track
00:59:00features and functionalities um and and then how things you can how you can you know kind of create
00:59:07a local copy and and and and why do you want to create a copy explain that to you also and how to run
00:59:16and basically it's a it's a it's a it's a nice technique for penetration testing all right so this
00:59:24concludes the lab this lab and and thanks for joining i will actually see you in the next lab
00:59:30and i do want you to provide some feedback and collaborate with your students who who are on
00:59:38on who are taking the same similar training okay thanks again
01:00:08hi everybody this is bali kahil i'm your instructor in these labs uh today's lab actually is uh very
01:00:17interesting and it is around a very important topic which is basically uh collecting information
01:00:25of a target uh using your email and email tools and this is basically tracing your emails i mean this is
01:00:33the era where you know you have to be really careful about spams and uh and you have to understand that
01:00:40you know spams uh kind of you know uh can be you know can introduce you to some or introduce you to
01:00:46some malicious software even uh uh get some sensitive information out of you as a user right so so uh
01:00:56the major part of uh doing reconnaissance uh when it comes down to an ethical hacker and uh since you
01:01:03guys are taking this training that is where you are heading towards right it is basically getting uh
01:01:09getting to understand what you need to do when you see a email address which is a little fishy you know
01:01:15so then you can basically um apply i'll teach you in this lab that how what tools you can use uh to use uh
01:01:25tracing of emails and uh there's a tool which is uh email tracker pro uh we'll be using that tool
01:01:32this will basically give you a lot of information right so let's first go to google and uh since i
01:01:37said like you know you need a tool for this that is the email tracker pro and if you if you enter it
01:01:44will basically get you to a point where you can download it and always i was uh tell you that
01:01:51whenever you're downloading anything make sure you're downloading it on from your from authentic website
01:01:56right or from uh the original website or from the makers you know website i would say you know so
01:02:04uh so that is the first thing that you need to do let's download it uh and uh once you have
01:02:14all right so so now a few things you need to understand also by for email tracker pro is uh
01:02:21uh since we i talked to you about spam right so a lot of spam is down there uh these days we get
01:02:28our mailboxes flooded with spam if our spam filters are not working properly or not doing your job
01:02:34and the spammers are very crafty so they basically make sure that they keep on changing keep on keep on
01:02:40evolving um their their strategies and we have the nigerian scams we have the everything is out there
01:02:47right so we have to be basically very very careful when it comes down to uh to making sure that you
01:02:53not use spam not be part of a part of a spam you know so email tracker pro right uh is a tool which
01:03:03helps you uh read the headers of an email and uh headers i will show you how important they are and
01:03:10how you can use them basically so email tracker pro is your tool uh it will give you as you can see it
01:03:17will give you the the trace information it will also give you the spam filter information and it also
01:03:24gives you the geographical location of where the email was originated from and what are different uh but
01:03:32touch points which it made uh reaching to you and in your inbox where you're opening and reading it
01:03:38right so that is uh that is the first thing uh so you need to understand uh this tool and uh you need
01:03:45to uh you need to see like you know that how it will it has like an important information there spam filters
01:03:51and also it helps you like you know uh check against uh reporting abuses it's been built into as part of
01:03:59it also right uh so now first thing is downloading it i have already downloaded it initially so i don't want to
01:04:06like put uh extra time of the lab and just downloading it the the only thing about email track pro is it
01:04:13takes a long time to to uh uh to install it so let's uh let's start with the installation and uh
01:04:25let's go through next next degree let's go let's go through the default settings here
01:04:29and uh and let's click install all right so now it started installing and that's the email tracker pro
01:04:37and uh it will basically go in uh and it'll take some time as i said before too uh so in the meantime let
01:04:44me get you introduced to uh some uh some of the key things which are happening out there where it comes
01:04:50down to um to spam right and how spam is affecting um everybody these days and and you know that uh that
01:05:01there are there are different ways you can protect yourself right so how does email tracker pro literally
01:05:07help us right so the main things about this uh about this tool is that uh it has uh uh basically analyzes
01:05:16your routes of your email to uh pinpoint where the center or where the originator was the second thing
01:05:23which you need to know about this tool is that it is easily integrated integrated to your uh email
01:05:30uh systems which are out there your um your outlook or any other uh email client which you're using
01:05:38and basically and it's easy for you to have full access to it and also you can send spam compilations
01:05:47to the spammers or the isp and it's very comfortable and easy to do to do that using this tool itself right
01:05:55and some of the negatives i would say is that it is very rigid in its header analysis and i'll once i'm
01:06:02kind of showing the tool to you will come to know the other tool which are more smoother too but it does a
01:06:07good job in identifying it and also uh another thing is that uh uh it basically has uh it can be a bit
01:06:16cumbersome sometimes you know when it comes down to what you're trying to do with it how you're trying
01:06:20to do with it also right um so so as you see the tool is still uh downloading uh we are uh we're trying
01:06:27to get down to up to a point where uh where it's going to take a little bit more time i would say
01:06:33um but uh yeah so also like another good thing about this tool is that uh um uh it can send us spam
01:06:45reports and also it supports all the it's on it's a windows based tool just to let you know it supports
01:06:51you know all the different versions uh for windows and then uh on the internet the things you can uh you
01:06:57can do anonymously uh these days is a is uh it's not even funny and uh spammers they actually use
01:07:05all these different tactics techniques that hey you won a lottery um send me a bank account and you
01:07:11know i will transfer you a million dollars just just because and there's like 50 fee or 100 fee for it
01:07:17and there's there's all these spams out there there's nigerian spams and different kinds of spams you
01:07:22know which uh these days people get and it could be like you know if you're in sales or marketing
01:07:28you could get the hackers uh you know email saying that hey open up this invoice and pay and uh or open
01:07:35up this check in a pdf or in a document format and then open it up and then there's a malicious uh
01:07:41virus or software like you know a malware which basically overtakes uh and could uh takes control of
01:07:48of your system and or uh silently sits there and opens a back door to your computer for that matter
01:07:56so uh you can also do a lot of analysis with this and i'll show you how email tracker pro is helpful
01:08:02in doing that um you can uh you can set up email accounts in email tracker pro both uh toward uh you know
01:08:10you don't need to like do pasting of headers uh and uh to have uh suspect messages uh so basically
01:08:17you can uh you can basically integrate your accounts inside email tracker pro i'm not going to
01:08:22integrate an account here but i'm just going to show you how you can easily analyze a header
01:08:28and how you can uh share that information very naturally and clearly and and understand uh
01:08:37just the power of the tool itself right and basically to analyze an email header there is a few
01:08:42things that you need to know about a header that is uh your uh your ip addresses and based on these
01:08:49ip addresses it will uh create a network topology all right well looks like uh it is uh the we have a
01:08:56good progress going on in the install um in the meantime let me also uh get you a little bit more
01:09:03familiar with uh with with the different things that you should know about this tool
01:09:08uh there there are these uh editions uh there's advanced edition of this tool the pro and it is
01:09:15uh it is basically a paid one we're going to use a free edition um um and uh and basically uh this tool
01:09:25is liked by everybody uh in the ethical hacking uh industry in the ethical hacking world because uh uh the
01:09:33advanced edition actually it is an uh it is pretty innovative right so well it just finished so let's
01:09:39let's let me let me show you the tool i know you guys are eager um i've kind of given you a little
01:09:44background about the tool so you understand uh what the tool is all about and now now let's uh let's look
01:09:50at the tool right so here you go that's the first look at the tool um it is it is pretty nifty as i said
01:09:57you can um you can actually set up account which i was mentioning to you you can you can basically
01:10:02connect to your pop account on here and uh and the menus uh it's basically pretty intuitive uh you
01:10:10can you know you're going to check most you're going to work on my trace reports you can do clean
01:10:16filters uh clean uh clean mail uh another good thing is it does a whitelist address and a blacklist
01:10:22address which is pretty handy and once you are dealing with multiple email accounts you'll come to know
01:10:27um and uh it's got a pretty nice intuitive ui and of course you can have it in multiple languages also
01:10:35right so so let's just first do one thing let's get the header and how to get a header from a google
01:10:42email is what i'm going to show you right now go to gmail.com um i'm going to pick up an account which
01:10:48is basically my test account and i'm going to sign in into that account and basically what the first
01:10:56thing you're going to do is pick pick an email uh which you want to analyze and click on it and we're
01:11:01going to use this avg team email this looks like a survey a customer care survey um when you have your
01:11:09from uh who is coming then it's to me and there's a small drop down down there i want you to click on
01:11:15that drop down and see what the basic information is right so let's do that let's click on it it
01:11:21give basically gives you a detail it gives you from to date subject uh mailed by uh signed by
01:11:31encryption type is basically it's using tls for ssl okay it's a sanity of this encryption so now let's
01:11:39see like how you can get more information about an email right so the right inside there's a drop down
01:11:44on every email when you're looking at a single email view click on that and then basically check
01:11:51click on show original so this particular option what it does is it gives you the original uh part
01:11:58of the original text of the email which basically is hidden when it comes down to any email clients
01:12:04if you're seeing it in and this is this has the header information in it and header information you can
01:12:10see that this is basically they have used salesforce to send this survey out the avg.com team
01:12:16uh so and also tells you that you know what mx uh they're using uh they're using google and uh and so
01:12:23forth and there's an there's enough information which uh which our email tracker pro uh will uh will
01:12:29sniff from here okay so now let's let's put the tool to work uh let's go to email tracker pro
01:12:37and uh first thing is we want to copy uh that email which i just showed you the original part of the
01:12:42email and uh uh we will uh let's see like we have to trace the report so let me uh let me just find
01:12:53the right right spot here um okay in my inbox no i don't want to set up an inbox i don't want to do
01:13:00that so let's uh let's actually click on my trace reports so let's copy this email out first as step one
01:13:09and uh then uh let's jump to um um my uh receive emails okay set up on you know i don't set up a new
01:13:19account um file yeah okay i was in my inbox and i don't have inbox so but i want to trace headers so
01:13:27this you have to make sure that you are you're set up in the file uh option the top you know so that
01:13:33you don't get confused as i did right now you just saw it so but anyhow so if you click on uh uh trace
01:13:40here like trace header and it'll basically give you this option your uh your uh content will be
01:13:47copied and now next thing just you just need to do is my trace report so basically now it's analyzing it
01:13:53as it goes and analyzes it um it will uh yeah so just click on my trace report so it's basically
01:14:00validating your routes to sender it's 10 29 it's basically going in and uh and backfilling all the
01:14:07data for you like you know what routes were taken and this all information it get it is basically
01:14:12building on what it's read from the header of that email which you have pasted in along with the full
01:14:17uh original text of the email right so you can see like it's doing a global visualization of the map and
01:14:24uh and it's basically uh on the right hand side uh you see that there are some reports which start
01:14:30coming out is a table which starts telling you the hops different hops the ip addresses the my
01:14:36current ip address and then also the ip address of other locations you know and in this you know we
01:14:43are using a server which is in india so in india and then the originator is basically in san francisco
01:14:51california right so so you can you can easily see that you know what all the route it's taking on the
01:14:58the right hand side if you look at the email summary it basically tells you a similar kind of
01:15:02summary which your email uh clients will show you and but in here if you see it adds in a location
01:15:09right and also it has some extra parameters that the misdirected no abuse address puts an abuse
01:15:15address for salesforce abuse reporting um ip address is also there uh and that there is another
01:15:22other information which you would which you would use right that there is no http server running on
01:15:27the system and there is no ftp server running so all that information is built up so now let's look at
01:15:33the network who is report so network who is report is basically giving us details around the network
01:15:39itself so what is this network like you know what is the net range for this what are the different uh
01:15:45uh different uh types of you know uh parent net type and also uh other network related information
01:15:52which is basically which becomes really handy when it comes down to uh looking at uh who is for the
01:15:58network itself right so all right so now let's look at another thing
01:16:07okay uh all right so network network has a lot of information in there
01:16:14you can use whatever you want but even it has phone numbers listed and this is the who is for
01:16:19the network itself right and as i told you it's like you know salesforce we're going to get all
01:16:23salesforce information right so the next is uh the domain who is and again uh it's a salesforce
01:16:30based tool so you're gonna you're gonna get salesforce information here um tons of you know uh who is
01:16:36data comes up you know even their servers their phone numbers extensions addresses everything and
01:16:44then there's basically the email header is the last uh on the right
01:16:51this is basically what you had copied uh all the different uh email headers are basically taken out
01:16:57from there right so all the delivered to received the code was who was sent to and then you can also now
01:17:05based on this email header you can see like in the map which is drew and this is the correct
01:17:09geographical map you know and uh i picked up you know the farthest uh destination for order to go
01:17:16just because then you can see like you know the how it builds out you know how it hopped to like
01:17:20australia also in between and um germany and uh and then uk and then canada so so the whole route by
01:17:30itself you know so it's the destination where it is going and from where it where it is originating you
01:17:35know and eventually it basically went to bangalore in india and that's where the isp main servers are
01:17:43and that's where it's serving it from right so that's and then it comes to your ip address local ip
01:17:48address so another thing is there is a there's a report so this report you can click on the tool and
01:17:55you can see the view report so and this is like report you can share also if you need to with your
01:18:00admin or with somebody else in your team and this has your again your network contact information
01:18:06domain contact information um in-depth introduction to this email um the ip addresses which it's using
01:18:16because basically first thing it goes in and it tries to find that ip address right
01:18:23because when and you and you need to have exact match for that and they have a database which
01:18:28basically does that for you and and then it basically maps out you know hey it's san francisco
01:18:35the originator was from san francisco company is based in san francisco which has been used to send
01:18:40this email out to you so so now and when you're doing reconnaissance you know and doing information
01:18:46gathering this is a pretty important uh piece of the puzzle which you need to know and you need to
01:18:51understand uh that uh it helps you um uh when when you're talking about you know tracking like say in this
01:18:57case avg right so again like let's let's kind of go over what we did uh we we kind of went through
01:19:07our google got the message original message we took the google message we basically uh went to the file
01:19:15option and then we went to the the trace header option and uh in that you know you have basically your
01:19:23details were copied in there and once the details are copied uh then you can uh run a report on it
01:19:32right and once you run a matrix report it basically gives you a full network topology uh you can get
01:19:39email summary network who is domain who is email headers ip addresses and this is like you know the
01:19:45trace route kind of a scenario where it basically goes through all the hops which all the different
01:19:50networks right and you can also do a few other things here you can trace addresses and you can you
01:19:56know put up an email address and you can trace that address um and go back and forth in that tracing uh
01:20:04area too uh also uh this tool um i mean we can uh we can put an address down here and trace it but i would
01:20:12want you to also play with it download this tool and uh and uh and use its power you know so any email
01:20:20address you can put down here um i'm going to just use gmail addresses just because the gmail addresses
01:20:25are freely available and anybody can use them right so first i showed you was how to trace an email using
01:20:33its uh original email uh information and now i'm showing you how to basically plug in an email address and
01:20:40then trace it where where does it originate from and some information around it so in this case of
01:20:48course google is based in mountview california so it's basically gone in done a map for us and then
01:20:55basically it's giving us uh because i mean this is uh it's showing you uh what this uh where this company
01:21:06is located and getting some system information around it network whose information domain whose
01:21:12information all that information has been gathered right so this this can be used for any email id
01:21:23usually it works really good when you're searching for any company's email id right other things that
01:21:28you need to do is there is this dns blacklist servers option which is there under settings uh you can use
01:21:34that uh there is a mail account you can add uh you can do you can do column uh column choices if you
01:21:41want like an ad or remove more columns um it's it's it's pretty configurable i would say for uh for uh for
01:21:48uh for how it is you know built uh you can uh you can if you click on help you know there's a basic in
01:21:55a help you know options are there your faq is there which is pretty good you know when you're starting with
01:22:00the tool you need that um so uh yeah let's let's switch to file and then uh let's go to home so home
01:22:07basically is our uh this is the email which we uh which we kind of you know um the trace that we did
01:22:13on uh on the one upon a particular uh uh particular email right so i would want you to like you know
01:22:23understand each and every part of this tool because uh when you're using this tool
01:22:28you need to be 100 certain that uh uh that you know what it what what you're trying to get what
01:22:35information you're trying to fish for right and uh and again understanding all the network information
01:22:41and making sense of it is also something as ethical hacker you should know uh so that's what you know
01:22:46we go over in the class and and teach you all right so so now i think so uh this tool is uh we've covered
01:22:56like two scenarios again uh also like these reports you need to go through these reports the html reports
01:23:03and these are like shareable uh you can you know uh save them locally and share them also and uh and
01:23:09use them uh to share with your security and network teams right so understand the reports i mean the view
01:23:17reports the new trace uh how the report looks like you know the different aspects of the report
01:23:23uh i mean this report is basically pretty pretty uh detailed i would say and uh if you need some extra
01:23:32information or uh if you if you think that's something that you didn't understand correctly just reach out
01:23:37to us uh use the community uh of uh developers uh and of other uh ethical hackers or uh people who are
01:23:46searching uh or are getting trained right and uh and uh i wish you all the best in uh in using this tool
01:23:53and again uh we are here to help you all right thanks for joining this uh this particular lab i'll see
01:23:58you in the next next time thank you bye
Comments