Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,740 --> 00:00:08,190
As usual the first thing that we do before we start trying to exploit or find any vulnerability is we
2
00:00:08,190 --> 00:00:14,010
do information gathering so we try to gather as much information as possible about the target and what
3
00:00:14,010 --> 00:00:15,860
applications are no different.
4
00:00:15,870 --> 00:00:23,670
So we're going to start by trying to get as much information as we can about the target IP address the
5
00:00:23,670 --> 00:00:25,040
domain name info.
6
00:00:25,060 --> 00:00:28,880
The technology is used on the Web sites of what programming languages use.
7
00:00:28,950 --> 00:00:31,640
What kind of server is installed on it.
8
00:00:31,800 --> 00:00:37,170
What kind of database is being used and where we're going to gather information about the company the
9
00:00:37,170 --> 00:00:38,550
DNS records.
10
00:00:38,550 --> 00:00:44,850
And we'll also see if we can find any files that are not being listed or any subdomains that are not
11
00:00:44,850 --> 00:00:46,950
visible to other to other people.
12
00:00:48,710 --> 00:00:55,500
So the first thing that we're going to have a look on is who is look up who's the Co.
13
00:00:55,550 --> 00:01:05,570
Is a protocol that's used to find owners of Internet resources for example server an IP address or domain.
14
00:01:05,570 --> 00:01:07,820
So we're actually not hacking or doing anything.
15
00:01:07,820 --> 00:01:13,490
We're literally just retrieving info from a database that contains information about owners of stuff
16
00:01:13,490 --> 00:01:15,180
on the Internet.
17
00:01:15,200 --> 00:01:21,830
So for example when you sign up when you sign up for a domain name if you wanted to register a domain
18
00:01:21,830 --> 00:01:24,480
name for yourself for example Zayd dot com.
19
00:01:24,560 --> 00:01:30,830
When I do that I have to supply information about myself my address and then the name will be stored
20
00:01:30,830 --> 00:01:35,180
in my own name and people can see that Zayde owns this domain name.
21
00:01:35,180 --> 00:01:37,100
So this is all we're going to do.
22
00:01:37,310 --> 00:01:41,180
If you Google who is look up you'll see a lot of websites providing the service.
23
00:01:41,180 --> 00:01:48,860
So I'm using the domain tools dot com and are just going to put my target domain name and I'm just going
24
00:01:48,860 --> 00:01:50,990
to use security dot org.
25
00:01:56,390 --> 00:02:02,160
So as you can see very simple and we get a lot of information about our target web site.
26
00:02:02,230 --> 00:02:07,080
You'll see the e-mail that you can use to contact the domain name info.
27
00:02:07,510 --> 00:02:13,900
Usually he'll be able to see the address of the company that has registered this domain name but we
28
00:02:13,900 --> 00:02:17,620
can see that this company is using privacy on their domain.
29
00:02:17,620 --> 00:02:19,380
So you can't really see the address.
30
00:02:19,520 --> 00:02:25,360
But if they have if they're not using privity you'll be able to see their address and more information
31
00:02:25,360 --> 00:02:26,970
about the actual company.
32
00:02:27,340 --> 00:02:29,560
So you want the domain name was created.
33
00:02:30,670 --> 00:02:34,150
You can see the IP address of security.
34
00:02:34,270 --> 00:02:42,110
So if you're doing this you should get this IP address and I'll show you how I do it.
35
00:02:43,190 --> 00:02:52,180
A security org you'll see it's the same domain name here same as same IP address your site.
36
00:02:52,610 --> 00:02:56,130
You can see the IP location which unseen status.
37
00:02:56,150 --> 00:03:04,860
Obviously it's active can also access the history but you need to register for that and obviously you
38
00:03:04,860 --> 00:03:10,140
can see the title here and something that's very useful here we can see that it's use an Apache web
39
00:03:10,140 --> 00:03:10,530
server.
40
00:03:10,530 --> 00:03:17,310
So this is software that can be used as a web server and we can see that I secured uses this web server
41
00:03:17,550 --> 00:03:20,450
and this version to point to point 3 1.
42
00:03:20,610 --> 00:03:23,610
So again we can use this to find exploits.
43
00:03:23,790 --> 00:03:29,920
We can see that it's using Unix the operating system of the web website of the server and it's using
44
00:03:29,920 --> 00:03:36,020
in the following items as well as use modern SSL and open SSL that right here.
45
00:03:36,240 --> 00:03:40,440
You can find more information about the company who registered this domain.
46
00:03:40,440 --> 00:03:46,700
So again security is using privacy so you want be able to see the address you can see that it's saying
47
00:03:47,000 --> 00:03:54,930
that the target person is used in the privacy protection but usually you'll be able to see phone numbers
48
00:03:55,170 --> 00:03:58,530
and addresses of that company.
49
00:03:58,540 --> 00:04:03,410
So as you can see very simple stuff but it's very helpful in the long run.
50
00:04:03,460 --> 00:04:08,770
Just to know what your target was their IP what services are they use and we can also hear actually
51
00:04:08,800 --> 00:04:13,340
didn't show you can see the name servers that are being used.
52
00:04:13,360 --> 00:04:18,160
And you can see that they are provided by a company called them dot net.
53
00:04:18,160 --> 00:04:25,590
Now if you go on them now you'll see that this is a hosting company.
54
00:04:25,640 --> 00:04:31,420
So if we go on the English version that you'll see that this is a hosting company and again you can
55
00:04:31,420 --> 00:04:37,990
even use this hosting company and try to social engineer your way maybe into hacking into your target
56
00:04:37,990 --> 00:04:39,140
into security.
6042
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.