00:05So we'll make our own program that does the same, you can use any editor you want, whether
00:11it's Visual Studio Code, PyCharm, whether you want to use mousepad as editor or maybe
00:17some command line editor, it doesn't matter as long as it's a .py file.
00:21So I will use my editor, I'll call it .py, and from here I'll import the request module.
00:31The request module allows you to do web requests, then the request module has a function called
00:41get, and which checks which is the website URL, so for example, https wordpress.com, and this
00:56returns the result.
00:57Now the result can be either 200 or something else, because the web has result codes, the
01:06status codes, so if I show you that http status code, so you'll see there's different things
01:21the web can respond, but maybe it responds no content, or it responds move permanently, or
01:29something else.
01:30What we want it to return is 200 ok.
01:32If it returns 200 ok, we know that the website exists, you'll see the standard response for
01:38web requests.
01:41So I'm going to return that, or I'm going to fetch the result code, if the response is 200,
01:54then we know that it exists.
02:01And if it's anything else, then it doesn't exist, and we could just ignore that then.
02:07So let's try to run it, and you'll see it tells us the URL exists.
02:14Now, to be more explicit, we can say URL is with the URL we defined, so then we can output
02:25it.
02:28We can do it like this, and instead of saying URL exists, we can say URL with the actual variable
02:36URL.
02:38So I will output it like this.
02:43So now it will tell you which URL exists, and you'll see we have a typo here.
02:55So now it tells you the exact URL that exists.
02:58And of course what we want to do is slash, and then all of those words in the word list.
03:03So we're going to, we can turn this into a function, and call it does exist with your
03:12URL.
03:13Now every function needs four spaces.
03:20Okay, so now we're going to open that file with open user share word lists, there be slash
03:29common dot txt.
03:30So we're going to open that file as F. So this file is included in Kali Linux.
03:36You can also download this file online, or use any of your own files.
03:41And of course, the directories that you always want to check are like administrator ones,
03:46like slash admin, slash WP admin, and all those kind of things.
03:51So common dot txt is like quite a large list of words that will help you find hidden directory.
03:57So now we'll say F dot, let's try read, and see if we, if it outputs the contents.
04:09So you'll see, okay, a lot of words.
04:12So we're trying to find hidden directories using those words.
04:19And we are going to split that for line in contents, comment it.
04:29So it's outputs line by line.
04:32Okay, so that, it's already in line format, so we might need to split it.
04:44So we split it on a new line character like this.
04:47Let's try that.
04:52And you'll see now we have slash all the, all the directories that we want.
04:58So it will be in slash, so let me run it again.
05:06And you'll see slash with all the directories that we want.
05:09So now what we want to do is to add that to a URL.
05:13So we'll define URL, URL is the website you want to scan, plus the slash character plus
05:25line.
05:29So now this variable might be a bit confusing to understand with this variable.
05:33So I'll just name it you, just to be more explicit, that's another variable.
05:39So now if you run it, you'll see all the directories that we want to check.
05:43And for every directory, we want to know does it exist, right?
05:48So we made a function for that.
05:51This function does exist.
05:52So we'll just call that function does exist with your, with the URL.
05:57And then just run it and let me remove this print function.
06:01So now the only thing it will output is URLs that exist.
06:06Let's run it.
06:08And you'll see it starts scanning.
06:09And it will tell which directories exist.
06:14So it goes one by one.
06:16And if you let it run, it should say all the files and directories it finds that actually
06:24exist.
06:24Now, because there is a lot of, a lot of words here, it can take quite some time to scan
06:34all
06:34of them.
06:38So if you let it run, it will eventually discover directories that exist.
06:43For example, in the wordpress.com, it has the wp-admin.
06:48And of course, you can do that for any URL, so any domain that you want.
06:53And you can try to find that way hidden directories on the website, for example, login panels or
06:58maybe some other applications that are running.
07:02And then the next step would be to try to gain access either to login or to use an exploit
07:06on that to gain access into the system.
07:08So let's start with something.
07:09So, what you want?
07:09And now, as the user says, I know not exactly what they can do.
07:10So let's start with a few of the things that you can install.
07:10And then the different groups would be to add, then the operating value will be there.
07:10So let's try things on with the system that you'll use if you are looking at.
07:10So let's try to get the latest and the standard of this system.
Comments