[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.96,0:00:03.54,Default,,0000,0000,0000,,hello and welcome back to red blue Labs
Dialogue: 0,0:00:03.54,0:00:04.98,Default,,0000,0000,0000,,today's video is gonna be a little bit
Dialogue: 0,0:00:04.98,0:00:06.24,Default,,0000,0000,0000,,different than the ones I've done in the
Dialogue: 0,0:00:06.24,0:00:08.16,Default,,0000,0000,0000,,past where I'm actually am going to be
Dialogue: 0,0:00:08.16,0:00:10.86,Default,,0000,0000,0000,,doing a walk through on a try hack me
Dialogue: 0,0:00:10.86,0:00:13.98,Default,,0000,0000,0000,,room the room of choice for me today is
Dialogue: 0,0:00:13.98,0:00:17.82,Default,,0000,0000,0000,,actually introduction to owasp zap and I
Dialogue: 0,0:00:17.82,0:00:20.10,Default,,0000,0000,0000,,chose this room because I personally
Dialogue: 0,0:00:20.10,0:00:24.18,Default,,0000,0000,0000,,really enjoy zap I like
Dialogue: 0,0:00:24.18,0:00:26.64,Default,,0000,0000,0000,,the the features that it has and when I
Dialogue: 0,0:00:26.64,0:00:29.52,Default,,0000,0000,0000,,read this paragraph here
Dialogue: 0,0:00:29.52,0:00:30.78,Default,,0000,0000,0000,,um apparently the person who made this
Dialogue: 0,0:00:30.78,0:00:33.42,Default,,0000,0000,0000,,room prefers it over burp and honestly
Dialogue: 0,0:00:33.42,0:00:35.22,Default,,0000,0000,0000,,it's a it's a personal preference kind
Dialogue: 0,0:00:35.22,0:00:37.74,Default,,0000,0000,0000,,of thing many many people use burp some
Dialogue: 0,0:00:37.74,0:00:40.02,Default,,0000,0000,0000,,people use zap I'm one of those people
Dialogue: 0,0:00:40.02,0:00:43.08,Default,,0000,0000,0000,,that use zap regularly
Dialogue: 0,0:00:43.08,0:00:45.84,Default,,0000,0000,0000,,just a heads up I do plan on editing
Dialogue: 0,0:00:45.84,0:00:48.12,Default,,0000,0000,0000,,this video so it's gonna be
Dialogue: 0,0:00:48.12,0:00:50.70,Default,,0000,0000,0000,,fairly fluid and as I walk through
Dialogue: 0,0:00:50.70,0:00:54.24,Default,,0000,0000,0000,,things so there you go now you know
Dialogue: 0,0:00:54.24,0:00:55.98,Default,,0000,0000,0000,,if you're if you're not familiar with
Dialogue: 0,0:00:55.98,0:01:00.66,Default,,0000,0000,0000,,what zap is it's a proxy where you have
Dialogue: 0,0:01:00.66,0:01:04.44,Default,,0000,0000,0000,,your browser pointing to a proxy server
Dialogue: 0,0:01:04.44,0:01:06.18,Default,,0000,0000,0000,,that's running locally so maybe on your
Dialogue: 0,0:01:06.18,0:01:08.76,Default,,0000,0000,0000,,Cali machine and then you will
Dialogue: 0,0:01:08.76,0:01:11.10,Default,,0000,0000,0000,,go on to the website so you're sending
Dialogue: 0,0:01:11.10,0:01:13.20,Default,,0000,0000,0000,,traffic through the proxy over the
Dialogue: 0,0:01:13.20,0:01:15.66,Default,,0000,0000,0000,,website and in the website is going to
Dialogue: 0,0:01:15.66,0:01:17.28,Default,,0000,0000,0000,,go through the proxy back to you so
Dialogue: 0,0:01:17.28,0:01:19.08,Default,,0000,0000,0000,,you've got like a a person in the middle
Dialogue: 0,0:01:19.08,0:01:21.72,Default,,0000,0000,0000,,that's handling that traffic and then
Dialogue: 0,0:01:21.72,0:01:23.94,Default,,0000,0000,0000,,while that traffic's being handled you
Dialogue: 0,0:01:23.94,0:01:26.04,Default,,0000,0000,0000,,can actually manipulate the data
Dialogue: 0,0:01:26.04,0:01:28.62,Default,,0000,0000,0000,,so let's go ahead and start arm remove I
Dialogue: 0,0:01:28.62,0:01:30.60,Default,,0000,0000,0000,,gotta join the room and start that
Dialogue: 0,0:01:30.60,0:01:32.78,Default,,0000,0000,0000,,machine
Dialogue: 0,0:01:35.16,0:01:36.30,Default,,0000,0000,0000,,and we're going to start off with the
Dialogue: 0,0:01:36.30,0:01:39.54,Default,,0000,0000,0000,,first one so zap stands for
Dialogue: 0,0:01:39.54,0:01:43.38,Default,,0000,0000,0000,,Zed attack proxy
Dialogue: 0,0:01:43.38,0:01:44.64,Default,,0000,0000,0000,,whoo
Dialogue: 0,0:01:44.64,0:01:46.86,Default,,0000,0000,0000,,day 148.
Dialogue: 0,0:01:46.86,0:01:49.74,Default,,0000,0000,0000,,so let's see if I can do that right now
Dialogue: 0,0:01:49.74,0:01:51.72,Default,,0000,0000,0000,,still waiting 18 seconds
Dialogue: 0,0:01:51.72,0:01:54.18,Default,,0000,0000,0000,,task one is done
Dialogue: 0,0:01:54.18,0:01:55.98,Default,,0000,0000,0000,,go to task two
Dialogue: 0,0:01:55.98,0:01:58.08,Default,,0000,0000,0000,,zap is a great tool that's totally slept
Dialogue: 0,0:01:58.08,0:02:00.66,Default,,0000,0000,0000,,on you know that is
Dialogue: 0,0:02:00.66,0:02:02.16,Default,,0000,0000,0000,,totally true
Dialogue: 0,0:02:02.16,0:02:05.40,Default,,0000,0000,0000,,go ahead and give this section A read
Dialogue: 0,0:02:05.40,0:02:09.20,Default,,0000,0000,0000,,I've read the task
Dialogue: 0,0:02:11.94,0:02:14.40,Default,,0000,0000,0000,,installation
Dialogue: 0,0:02:14.40,0:02:16.98,Default,,0000,0000,0000,,okay so I've actually already gone ahead
Dialogue: 0,0:02:16.98,0:02:19.26,Default,,0000,0000,0000,,and done that
Dialogue: 0,0:02:19.26,0:02:21.12,Default,,0000,0000,0000,,there's uh there's a couple ways you can
Dialogue: 0,0:02:21.12,0:02:24.06,Default,,0000,0000,0000,,do it uh they've got the the tool right
Dialogue: 0,0:02:24.06,0:02:25.14,Default,,0000,0000,0000,,here so
Dialogue: 0,0:02:25.14,0:02:26.40,Default,,0000,0000,0000,,pretty straightforward just go to the
Dialogue: 0,0:02:26.40,0:02:28.80,Default,,0000,0000,0000,,website and connect it into your Cali
Dialogue: 0,0:02:28.80,0:02:31.14,Default,,0000,0000,0000,,and go ahead and just download it I
Dialogue: 0,0:02:31.14,0:02:32.94,Default,,0000,0000,0000,,already have it installed so and that's
Dialogue: 0,0:02:32.94,0:02:34.26,Default,,0000,0000,0000,,that was an easy
Dialogue: 0,0:02:34.26,0:02:36.18,Default,,0000,0000,0000,,completed
Dialogue: 0,0:02:36.18,0:02:38.70,Default,,0000,0000,0000,,and then open it up
Dialogue: 0,0:02:38.70,0:02:42.02,Default,,0000,0000,0000,,let's go over my machine
Dialogue: 0,0:02:44.34,0:02:45.72,Default,,0000,0000,0000,,and I
Dialogue: 0,0:02:45.72,0:02:48.44,Default,,0000,0000,0000,,open it up
Dialogue: 0,0:02:50.88,0:02:53.16,Default,,0000,0000,0000,,hit the Windows button or the command
Dialogue: 0,0:02:53.16,0:02:56.24,Default,,0000,0000,0000,,button zap
Dialogue: 0,0:02:57.78,0:03:00.44,Default,,0000,0000,0000,,powered on
Dialogue: 0,0:03:04.32,0:03:07.14,Default,,0000,0000,0000,,eventually your zap will turn on and you
Dialogue: 0,0:03:07.14,0:03:08.58,Default,,0000,0000,0000,,are ready to proceed with the rest of
Dialogue: 0,0:03:08.58,0:03:10.26,Default,,0000,0000,0000,,the room
Dialogue: 0,0:03:10.26,0:03:13.70,Default,,0000,0000,0000,,let's go check out task four
Dialogue: 0,0:03:15.24,0:03:17.28,Default,,0000,0000,0000,,and on this task looks like we're doing
Dialogue: 0,0:03:17.28,0:03:21.66,Default,,0000,0000,0000,,a automate automated scan let's let's go
Dialogue: 0,0:03:21.66,0:03:23.46,Default,,0000,0000,0000,,ahead and run the command that it's
Dialogue: 0,0:03:23.46,0:03:26.00,Default,,0000,0000,0000,,asking for
Dialogue: 0,0:03:29.40,0:03:32.52,Default,,0000,0000,0000,,set up the Ajax spider looks like in
Dialogue: 0,0:03:32.52,0:03:34.20,Default,,0000,0000,0000,,Task 5 we are actually going to be doing
Dialogue: 0,0:03:34.20,0:03:36.66,Default,,0000,0000,0000,,some manual scanning and we need to have
Dialogue: 0,0:03:36.66,0:03:39.84,Default,,0000,0000,0000,,our browser pointing to our Zapped proxy
Dialogue: 0,0:03:39.84,0:03:42.24,Default,,0000,0000,0000,,so there's a there's a number of steps
Dialogue: 0,0:03:42.24,0:03:43.98,Default,,0000,0000,0000,,to do this and actually
Dialogue: 0,0:03:43.98,0:03:46.86,Default,,0000,0000,0000,,what will make this easier is in the
Dialogue: 0,0:03:46.86,0:03:48.66,Default,,0000,0000,0000,,drop down that you see right now I
Dialogue: 0,0:03:48.66,0:03:50.28,Default,,0000,0000,0000,,actually have a video that I've made
Dialogue: 0,0:03:50.28,0:03:51.90,Default,,0000,0000,0000,,where
Dialogue: 0,0:03:51.90,0:03:53.94,Default,,0000,0000,0000,,I actually go through this entire
Dialogue: 0,0:03:53.94,0:03:57.54,Default,,0000,0000,0000,,process so I'm gonna skip ahead and if
Dialogue: 0,0:03:57.54,0:03:58.62,Default,,0000,0000,0000,,you already have this set up and that's
Dialogue: 0,0:03:58.62,0:04:00.60,Default,,0000,0000,0000,,great or if you want to watch that video
Dialogue: 0,0:04:00.60,0:04:04.86,Default,,0000,0000,0000,,that I've made go ahead and do that
Dialogue: 0,0:04:04.86,0:04:09.48,Default,,0000,0000,0000,,what IP do we use for the proxy well we
Dialogue: 0,0:04:09.48,0:04:11.70,Default,,0000,0000,0000,,would be pointing it to ourselves so
Dialogue: 0,0:04:11.70,0:04:17.00,Default,,0000,0000,0000,,that could be localhost or I bet it's
Dialogue: 0,0:04:18.00,0:04:22.56,Default,,0000,0000,0000,,this one right over here finger Bango
Dialogue: 0,0:04:22.56,0:04:25.22,Default,,0000,0000,0000,,with task six it looks like we are doing
Dialogue: 0,0:04:25.22,0:04:27.18,Default,,0000,0000,0000,,scanning an authenticated web
Dialogue: 0,0:04:27.18,0:04:29.04,Default,,0000,0000,0000,,application so
Dialogue: 0,0:04:29.04,0:04:32.04,Default,,0000,0000,0000,,in THM here they give us some some
Dialogue: 0,0:04:32.04,0:04:35.10,Default,,0000,0000,0000,,credentials that we need to use on the
Dialogue: 0,0:04:35.10,0:04:36.54,Default,,0000,0000,0000,,machine that they've got for us so let's
Dialogue: 0,0:04:36.54,0:04:41.34,Default,,0000,0000,0000,,go down and give the page here a read
Dialogue: 0,0:04:41.34,0:04:44.40,Default,,0000,0000,0000,,and we are going to
Dialogue: 0,0:04:44.40,0:04:46.98,Default,,0000,0000,0000,,open up our browser on our Cali machine
Dialogue: 0,0:04:46.98,0:04:48.12,Default,,0000,0000,0000,,here
Dialogue: 0,0:04:48.12,0:04:50.22,Default,,0000,0000,0000,,and here we go we've got our
Dialogue: 0,0:04:50.22,0:04:51.84,Default,,0000,0000,0000,,spot here
Dialogue: 0,0:04:51.84,0:04:54.66,Default,,0000,0000,0000,,to authenticate
Dialogue: 0,0:04:54.66,0:04:56.10,Default,,0000,0000,0000,,they're going to put in the credentials
Dialogue: 0,0:04:56.10,0:04:59.90,Default,,0000,0000,0000,,that try Hackney has given me
Dialogue: 0,0:05:00.48,0:05:02.82,Default,,0000,0000,0000,,and authenticate let's go back and take
Dialogue: 0,0:05:02.82,0:05:04.92,Default,,0000,0000,0000,,a peek at the instructions here
Dialogue: 0,0:05:04.92,0:05:07.50,Default,,0000,0000,0000,,looks like we have or on the page that
Dialogue: 0,0:05:07.50,0:05:10.82,Default,,0000,0000,0000,,we need to be and we need to go down to
Dialogue: 0,0:05:10.82,0:05:13.50,Default,,0000,0000,0000,,dvwa security
Dialogue: 0,0:05:13.50,0:05:16.08,Default,,0000,0000,0000,,as instructed
Dialogue: 0,0:05:16.08,0:05:19.44,Default,,0000,0000,0000,,and just want to do a double check here
Dialogue: 0,0:05:19.44,0:05:22.26,Default,,0000,0000,0000,,navigate to that Tab and set the
Dialogue: 0,0:05:22.26,0:05:24.54,Default,,0000,0000,0000,,security level to low and then hit
Dialogue: 0,0:05:24.54,0:05:26.28,Default,,0000,0000,0000,,submit
Dialogue: 0,0:05:26.28,0:05:28.92,Default,,0000,0000,0000,,and after that we're going to pass our
Dialogue: 0,0:05:28.92,0:05:31.98,Default,,0000,0000,0000,,authentication token into zap so that we
Dialogue: 0,0:05:31.98,0:05:34.20,Default,,0000,0000,0000,,can use the tool to scan authenticated
Dialogue: 0,0:05:34.20,0:05:36.12,Default,,0000,0000,0000,,Pages great
Dialogue: 0,0:05:36.12,0:05:39.92,Default,,0000,0000,0000,,let's do that
Dialogue: 0,0:05:41.64,0:05:43.62,Default,,0000,0000,0000,,low
Dialogue: 0,0:05:43.62,0:05:46.88,Default,,0000,0000,0000,,and submit
Dialogue: 0,0:05:47.28,0:05:49.52,Default,,0000,0000,0000,,okay
Dialogue: 0,0:05:51.66,0:05:53.76,Default,,0000,0000,0000,,so we are going to open up the inspector
Dialogue: 0,0:05:53.76,0:05:56.06,Default,,0000,0000,0000,,here
Dialogue: 0,0:06:07.80,0:06:10.50,Default,,0000,0000,0000,,for storage
Dialogue: 0,0:06:10.50,0:06:14.28,Default,,0000,0000,0000,,and I'm going to grab the session key
Dialogue: 0,0:06:14.28,0:06:16.56,Default,,0000,0000,0000,,here
Dialogue: 0,0:06:16.56,0:06:19.56,Default,,0000,0000,0000,,foreign
Dialogue: 0,0:06:29.72,0:06:33.12,Default,,0000,0000,0000,,open the HTTP sessions tab with the new
Dialogue: 0,0:06:33.12,0:06:35.70,Default,,0000,0000,0000,,tab button which is that one there and
Dialogue: 0,0:06:35.70,0:06:37.74,Default,,0000,0000,0000,,set and set the authenticated session to
Dialogue: 0,0:06:37.74,0:06:39.96,Default,,0000,0000,0000,,active you might actually notice a
Dialogue: 0,0:06:39.96,0:06:41.94,Default,,0000,0000,0000,,slight disconnect between what you're
Dialogue: 0,0:06:41.94,0:06:44.10,Default,,0000,0000,0000,,seeing in the PHP session right now and
Dialogue: 0,0:06:44.10,0:06:45.66,Default,,0000,0000,0000,,what you saw about 10 seconds earlier
Dialogue: 0,0:06:45.66,0:06:48.72,Default,,0000,0000,0000,,they do look different and the reason
Dialogue: 0,0:06:48.72,0:06:49.86,Default,,0000,0000,0000,,for that is because I actually
Dialogue: 0,0:06:49.86,0:06:52.80,Default,,0000,0000,0000,,re-recorded doing this particular task
Dialogue: 0,0:06:52.80,0:06:54.84,Default,,0000,0000,0000,,and I wanted to make it pretty
Dialogue: 0,0:06:54.84,0:06:57.84,Default,,0000,0000,0000,,straightforward to see how we can see in
Dialogue: 0,0:06:57.84,0:07:01.62,Default,,0000,0000,0000,,zap the the exact same session compared
Dialogue: 0,0:07:01.62,0:07:03.66,Default,,0000,0000,0000,,to the session that we can see in the
Dialogue: 0,0:07:03.66,0:07:06.66,Default,,0000,0000,0000,,inspector of the browser so that's what
Dialogue: 0,0:07:06.66,0:07:09.86,Default,,0000,0000,0000,,you're seeing on the screen right now
Dialogue: 0,0:07:12.60,0:07:15.02,Default,,0000,0000,0000,,because we have an authenticated session
Dialogue: 0,0:07:15.02,0:07:17.46,Default,,0000,0000,0000,,in our
Dialogue: 0,0:07:17.46,0:07:20.22,Default,,0000,0000,0000,,zap here we're able to actually do a
Dialogue: 0,0:07:20.22,0:07:22.68,Default,,0000,0000,0000,,scan against our Target and receive a
Dialogue: 0,0:07:22.68,0:07:25.74,Default,,0000,0000,0000,,lot more information because we are now
Dialogue: 0,0:07:25.74,0:07:29.52,Default,,0000,0000,0000,,at this point have an Authentication
Dialogue: 0,0:07:29.52,0:07:32.54,Default,,0000,0000,0000,,on the target
Dialogue: 0,0:07:39.90,0:07:42.78,Default,,0000,0000,0000,,all right so that was task six and now
Dialogue: 0,0:07:42.78,0:07:44.58,Default,,0000,0000,0000,,we're moving on to task seven which is
Dialogue: 0,0:07:44.58,0:07:47.16,Default,,0000,0000,0000,,Brute Force directories Let's Open up
Dialogue: 0,0:07:47.16,0:07:49.20,Default,,0000,0000,0000,,The Challenge and take a look at what
Dialogue: 0,0:07:49.20,0:07:50.88,Default,,0000,0000,0000,,are the requirements here
Dialogue: 0,0:07:50.88,0:07:53.10,Default,,0000,0000,0000,,and so essentially we can actually use
Dialogue: 0,0:07:53.10,0:07:55.08,Default,,0000,0000,0000,,word lists
Dialogue: 0,0:07:55.08,0:07:59.04,Default,,0000,0000,0000,,and zap to do some brute forcing to
Dialogue: 0,0:07:59.04,0:08:00.90,Default,,0000,0000,0000,,figure out what kind of directories so
Dialogue: 0,0:08:00.90,0:08:03.66,Default,,0000,0000,0000,,some directory enumeration that are on
Dialogue: 0,0:08:03.66,0:08:08.34,Default,,0000,0000,0000,,the web server let's go down and when we
Dialogue: 0,0:08:08.34,0:08:10.50,Default,,0000,0000,0000,,have our our sites here when we do a
Dialogue: 0,0:08:10.50,0:08:12.90,Default,,0000,0000,0000,,right click and we do a forced browse
Dialogue: 0,0:08:12.90,0:08:16.08,Default,,0000,0000,0000,,site we can actually do this do
Dialogue: 0,0:08:16.08,0:08:18.00,Default,,0000,0000,0000,,directory enumeration I actually have
Dialogue: 0,0:08:18.00,0:08:19.38,Default,,0000,0000,0000,,another video where I do the exact same
Dialogue: 0,0:08:19.38,0:08:20.94,Default,,0000,0000,0000,,thing so you can see that in the drop
Dialogue: 0,0:08:20.94,0:08:22.98,Default,,0000,0000,0000,,down as well if you want to have a
Dialogue: 0,0:08:22.98,0:08:24.84,Default,,0000,0000,0000,,specifically on that uh but we're going
Dialogue: 0,0:08:24.84,0:08:26.22,Default,,0000,0000,0000,,to do the exact same thing here and it's
Dialogue: 0,0:08:26.22,0:08:28.62,Default,,0000,0000,0000,,it's pretty straightforward let's go
Dialogue: 0,0:08:28.62,0:08:30.26,Default,,0000,0000,0000,,ahead and
Dialogue: 0,0:08:30.26,0:08:32.22,Default,,0000,0000,0000,,do a
Dialogue: 0,0:08:32.22,0:08:37.88,Default,,0000,0000,0000,,forced browse on our Target system here
Dialogue: 0,0:08:50.90,0:08:53.52,Default,,0000,0000,0000,,and then we just have to pick the the
Dialogue: 0,0:08:53.52,0:08:56.28,Default,,0000,0000,0000,,list that we want so I'll use I'll use
Dialogue: 0,0:08:56.28,0:08:57.36,Default,,0000,0000,0000,,this one
Dialogue: 0,0:08:57.36,0:09:00.66,Default,,0000,0000,0000,,but really word lists are all over the
Dialogue: 0,0:09:00.66,0:09:02.34,Default,,0000,0000,0000,,place you can use whatever word list
Dialogue: 0,0:09:02.34,0:09:05.42,Default,,0000,0000,0000,,works best for you
Dialogue: 0,0:09:07.14,0:09:09.80,Default,,0000,0000,0000,,and hit play
Dialogue: 0,0:09:12.54,0:09:17.70,Default,,0000,0000,0000,,task six or task seven complete
Dialogue: 0,0:09:19.20,0:09:22.62,Default,,0000,0000,0000,,okay task number eight let's check out
Dialogue: 0,0:09:22.62,0:09:25.32,Default,,0000,0000,0000,,what we've got here for Brute Force web
Dialogue: 0,0:09:25.32,0:09:27.24,Default,,0000,0000,0000,,login
Dialogue: 0,0:09:27.24,0:09:30.06,Default,,0000,0000,0000,,so just like with the Brute Force
Dialogue: 0,0:09:30.06,0:09:32.64,Default,,0000,0000,0000,,directories we can actually use Hydra
Dialogue: 0,0:09:32.64,0:09:35.04,Default,,0000,0000,0000,,for this as well but what we're doing in
Dialogue: 0,0:09:35.04,0:09:36.48,Default,,0000,0000,0000,,this room is demonstrating that we can
Dialogue: 0,0:09:36.48,0:09:38.70,Default,,0000,0000,0000,,use zap to do some of the similar tasks
Dialogue: 0,0:09:38.70,0:09:39.98,Default,,0000,0000,0000,,as well
Dialogue: 0,0:09:39.98,0:09:42.74,Default,,0000,0000,0000,,the what we're going to be doing also is
Dialogue: 0,0:09:42.74,0:09:45.72,Default,,0000,0000,0000,,using fuzzing again so let's take a peek
Dialogue: 0,0:09:45.72,0:09:47.40,Default,,0000,0000,0000,,at some of the instructions that they
Dialogue: 0,0:09:47.40,0:09:51.06,Default,,0000,0000,0000,,give us here so we have a a login so
Dialogue: 0,0:09:51.06,0:09:52.50,Default,,0000,0000,0000,,we're going to be demonstrating on The
Dialogue: 0,0:09:52.50,0:09:55.38,Default,,0000,0000,0000,,Brute Force part of things and we're
Dialogue: 0,0:09:55.38,0:09:58.92,Default,,0000,0000,0000,,going to be doing an attack and fuzz on
Dialogue: 0,0:09:58.92,0:10:01.62,Default,,0000,0000,0000,,the spot the moment in time when we are
Dialogue: 0,0:10:01.62,0:10:05.10,Default,,0000,0000,0000,,actually inputting the credentials so in
Dialogue: 0,0:10:05.10,0:10:06.42,Default,,0000,0000,0000,,here they do
Dialogue: 0,0:10:06.42,0:10:10.20,Default,,0000,0000,0000,,find a test one two three and
Dialogue: 0,0:10:10.20,0:10:12.06,Default,,0000,0000,0000,,we'll we'll do something similar to that
Dialogue: 0,0:10:12.06,0:10:15.00,Default,,0000,0000,0000,,I have my own technique or word that I
Dialogue: 0,0:10:15.00,0:10:16.62,Default,,0000,0000,0000,,like to look for and that's fine you'll
Dialogue: 0,0:10:16.62,0:10:17.76,Default,,0000,0000,0000,,have you'll have your own that you like
Dialogue: 0,0:10:17.76,0:10:18.78,Default,,0000,0000,0000,,as well
Dialogue: 0,0:10:18.78,0:10:20.34,Default,,0000,0000,0000,,so we're gonna find the get and we're
Dialogue: 0,0:10:20.34,0:10:21.72,Default,,0000,0000,0000,,gonna do a fuzz
Dialogue: 0,0:10:21.72,0:10:24.42,Default,,0000,0000,0000,,or at them I actually did all this in a
Dialogue: 0,0:10:24.42,0:10:26.58,Default,,0000,0000,0000,,another video so you'll see it in the in
Dialogue: 0,0:10:26.58,0:10:28.50,Default,,0000,0000,0000,,this pop down on the screen here
Dialogue: 0,0:10:28.50,0:10:30.90,Default,,0000,0000,0000,,now what's unique is that actually Cali
Dialogue: 0,0:10:30.90,0:10:33.90,Default,,0000,0000,0000,,comes with its own uh it comes with tons
Dialogue: 0,0:10:33.90,0:10:35.70,Default,,0000,0000,0000,,of word lists but it comes with a one
Dialogue: 0,0:10:35.70,0:10:37.68,Default,,0000,0000,0000,,called Fast Track I've actually never
Dialogue: 0,0:10:37.68,0:10:41.28,Default,,0000,0000,0000,,used Fast Track I use my own word lists
Dialogue: 0,0:10:41.28,0:10:43.80,Default,,0000,0000,0000,,um and that's fine too so but for this
Dialogue: 0,0:10:43.80,0:10:45.48,Default,,0000,0000,0000,,particular challenge we will be using
Dialogue: 0,0:10:45.48,0:10:49.86,Default,,0000,0000,0000,,the Fast Track Dot txt
Dialogue: 0,0:10:49.86,0:10:52.68,Default,,0000,0000,0000,,all right let's open up our zap machines
Dialogue: 0,0:10:52.68,0:10:55.32,Default,,0000,0000,0000,,and
Dialogue: 0,0:10:55.32,0:10:59.58,Default,,0000,0000,0000,,navigate to the HTTP for this so I'm
Dialogue: 0,0:10:59.58,0:11:01.02,Default,,0000,0000,0000,,going to do
Dialogue: 0,0:11:01.02,0:11:04.34,Default,,0000,0000,0000,,open up my browser here
Dialogue: 0,0:11:15.24,0:11:17.40,Default,,0000,0000,0000,,and because my browser is pointing to my
Dialogue: 0,0:11:17.40,0:11:20.82,Default,,0000,0000,0000,,proxy server I'm going to see
Dialogue: 0,0:11:20.82,0:11:24.36,Default,,0000,0000,0000,,the websites actually populate inside of
Dialogue: 0,0:11:24.36,0:11:25.92,Default,,0000,0000,0000,,my sites here and you can see them
Dialogue: 0,0:11:25.92,0:11:28.76,Default,,0000,0000,0000,,popping up there right now
Dialogue: 0,0:11:29.04,0:11:31.44,Default,,0000,0000,0000,,and according to the instructions on try
Dialogue: 0,0:11:31.44,0:11:33.72,Default,,0000,0000,0000,,Hackney we will need to go to Brute
Dialogue: 0,0:11:33.72,0:11:36.08,Default,,0000,0000,0000,,Force
Dialogue: 0,0:11:36.60,0:11:38.82,Default,,0000,0000,0000,,and at this point that we're going to
Dialogue: 0,0:11:38.82,0:11:40.92,Default,,0000,0000,0000,,actually input
Dialogue: 0,0:11:40.92,0:11:42.60,Default,,0000,0000,0000,,some data that we're going to catch so
Dialogue: 0,0:11:42.60,0:11:45.06,Default,,0000,0000,0000,,we can see it populating here which is
Dialogue: 0,0:11:45.06,0:11:47.30,Default,,0000,0000,0000,,great
Dialogue: 0,0:11:49.50,0:11:53.36,Default,,0000,0000,0000,,I'm going to actually expand this
Dialogue: 0,0:11:55.32,0:11:58.68,Default,,0000,0000,0000,,and we're going to send something to it
Dialogue: 0,0:11:58.68,0:12:01.52,Default,,0000,0000,0000,,red blue
Dialogue: 0,0:12:05.58,0:12:09.26,Default,,0000,0000,0000,,and then I'm going to hit enter
Dialogue: 0,0:12:15.24,0:12:17.22,Default,,0000,0000,0000,,so it says incorrect
Dialogue: 0,0:12:17.22,0:12:20.30,Default,,0000,0000,0000,,and that is fine
Dialogue: 0,0:12:22.32,0:12:24.90,Default,,0000,0000,0000,,what I like to do actually is knowing
Dialogue: 0,0:12:24.90,0:12:28.14,Default,,0000,0000,0000,,because I know that I put red blue in
Dialogue: 0,0:12:28.14,0:12:32.30,Default,,0000,0000,0000,,there I actually like to search on that
Dialogue: 0,0:12:32.30,0:12:37.74,Default,,0000,0000,0000,,and search for all and then hit enter
Dialogue: 0,0:12:37.74,0:12:40.92,Default,,0000,0000,0000,,and I've got a post here we've found the
Dialogue: 0,0:12:40.92,0:12:42.84,Default,,0000,0000,0000,,post where
Dialogue: 0,0:12:42.84,0:12:45.18,Default,,0000,0000,0000,,my password and name was put in there
Dialogue: 0,0:12:45.18,0:12:48.72,Default,,0000,0000,0000,,let's open up resend and you can see my
Dialogue: 0,0:12:48.72,0:12:51.66,Default,,0000,0000,0000,,username here and the password there so
Dialogue: 0,0:12:51.66,0:12:53.48,Default,,0000,0000,0000,,what we're going to do is actually fuzz
Dialogue: 0,0:12:53.48,0:12:57.24,Default,,0000,0000,0000,,on that password there
Dialogue: 0,0:12:57.24,0:12:59.16,Default,,0000,0000,0000,,so we've got it selected I'm going to
Dialogue: 0,0:12:59.16,0:13:00.60,Default,,0000,0000,0000,,remove that because I just do that every
Dialogue: 0,0:13:00.60,0:13:02.94,Default,,0000,0000,0000,,time I'm going to double click and we're
Dialogue: 0,0:13:02.94,0:13:07.02,Default,,0000,0000,0000,,going to add the word list that it
Dialogue: 0,0:13:07.02,0:13:08.70,Default,,0000,0000,0000,,is recommended so in this case it was
Dialogue: 0,0:13:08.70,0:13:11.06,Default,,0000,0000,0000,,fast track
Dialogue: 0,0:13:11.28,0:13:14.82,Default,,0000,0000,0000,,you'll find word lists
Dialogue: 0,0:13:14.82,0:13:17.88,Default,,0000,0000,0000,,file select
Dialogue: 0,0:13:17.88,0:13:20.34,Default,,0000,0000,0000,,Bingo Bango
Dialogue: 0,0:13:20.34,0:13:22.68,Default,,0000,0000,0000,,okay
Dialogue: 0,0:13:22.68,0:13:24.18,Default,,0000,0000,0000,,add
Dialogue: 0,0:13:24.18,0:13:26.04,Default,,0000,0000,0000,,okay
Dialogue: 0,0:13:26.04,0:13:28.02,Default,,0000,0000,0000,,options
Dialogue: 0,0:13:28.02,0:13:31.16,Default,,0000,0000,0000,,follow redirects
Dialogue: 0,0:13:33.00,0:13:37.40,Default,,0000,0000,0000,,and we are going to start the fuzzer
Dialogue: 0,0:13:45.06,0:13:49.82,Default,,0000,0000,0000,,and we will investigate each of these
Dialogue: 0,0:13:50.04,0:13:53.00,Default,,0000,0000,0000,,reflected
Dialogue: 0,0:14:04.68,0:14:06.72,Default,,0000,0000,0000,,we had we had a couple options that were
Dialogue: 0,0:14:06.72,0:14:08.04,Default,,0000,0000,0000,,good security
Dialogue: 0,0:14:08.04,0:14:12.98,Default,,0000,0000,0000,,and password let's try both of those
Dialogue: 0,0:14:17.28,0:14:19.76,Default,,0000,0000,0000,,password
Dialogue: 0,0:14:24.96,0:14:29.18,Default,,0000,0000,0000,,so we can see that this one is in fact
Dialogue: 0,0:14:29.18,0:14:31.62,Default,,0000,0000,0000,,the password that actually worked when
Dialogue: 0,0:14:31.62,0:14:33.84,Default,,0000,0000,0000,,we brute forced it so it's just straight
Dialogue: 0,0:14:33.84,0:14:36.32,Default,,0000,0000,0000,,up password
Dialogue: 0,0:14:36.90,0:14:39.30,Default,,0000,0000,0000,,there you go so that was
Dialogue: 0,0:14:39.30,0:14:43.04,Default,,0000,0000,0000,,brute forcing with web login
Dialogue: 0,0:14:43.04,0:14:45.30,Default,,0000,0000,0000,,zap extensions
Dialogue: 0,0:14:45.30,0:14:47.64,Default,,0000,0000,0000,,so this app's really cool in that it has
Dialogue: 0,0:14:47.64,0:14:49.26,Default,,0000,0000,0000,,a ton of extensions that we can actually
Dialogue: 0,0:14:49.26,0:14:51.54,Default,,0000,0000,0000,,add to
Dialogue: 0,0:14:51.54,0:14:56.10,Default,,0000,0000,0000,,our our tool and in this page this part
Dialogue: 0,0:14:56.10,0:14:56.88,Default,,0000,0000,0000,,here they're actually giving us
Dialogue: 0,0:14:56.88,0:14:59.46,Default,,0000,0000,0000,,instructions on where to find some of
Dialogue: 0,0:14:59.46,0:15:01.20,Default,,0000,0000,0000,,these tools so I recommend going ahead
Dialogue: 0,0:15:01.20,0:15:03.54,Default,,0000,0000,0000,,and actually locating these things and
Dialogue: 0,0:15:03.54,0:15:04.92,Default,,0000,0000,0000,,and testing them out if you're enjoying
Dialogue: 0,0:15:04.92,0:15:07.14,Default,,0000,0000,0000,,zap then then learn more about these
Dialogue: 0,0:15:07.14,0:15:08.88,Default,,0000,0000,0000,,things and maybe you can even build your
Dialogue: 0,0:15:08.88,0:15:11.58,Default,,0000,0000,0000,,own scripts that we can add but for try
Dialogue: 0,0:15:11.58,0:15:13.62,Default,,0000,0000,0000,,hack me we are
Dialogue: 0,0:15:13.62,0:15:16.98,Default,,0000,0000,0000,,happy with knowing that we can do that
Dialogue: 0,0:15:16.98,0:15:20.66,Default,,0000,0000,0000,,let's go on to task 10.
Dialogue: 0,0:15:21.30,0:15:24.72,Default,,0000,0000,0000,,and it's more documentation than what I
Dialogue: 0,0:15:24.72,0:15:27.78,Default,,0000,0000,0000,,I kind of find funny about this
Dialogue: 0,0:15:27.78,0:15:28.92,Default,,0000,0000,0000,,um
Dialogue: 0,0:15:28.92,0:15:31.38,Default,,0000,0000,0000,,this particular section is that it
Dialogue: 0,0:15:31.38,0:15:32.94,Default,,0000,0000,0000,,the the author's like yeah that's pretty
Dialogue: 0,0:15:32.94,0:15:35.28,Default,,0000,0000,0000,,much all there is which is which is kind
Dialogue: 0,0:15:35.28,0:15:37.14,Default,,0000,0000,0000,,of true is that because burp is so
Dialogue: 0,0:15:37.14,0:15:39.06,Default,,0000,0000,0000,,popular it's got so much documentation
Dialogue: 0,0:15:39.06,0:15:40.56,Default,,0000,0000,0000,,on it
Dialogue: 0,0:15:40.56,0:15:43.08,Default,,0000,0000,0000,,um it's just so widely adopted that zap
Dialogue: 0,0:15:43.08,0:15:44.70,Default,,0000,0000,0000,,sort of has been put into the the
Dialogue: 0,0:15:44.70,0:15:45.84,Default,,0000,0000,0000,,background
Dialogue: 0,0:15:45.84,0:15:47.16,Default,,0000,0000,0000,,but I don't think that should be the
Dialogue: 0,0:15:47.16,0:15:49.20,Default,,0000,0000,0000,,case it is actually a pretty cool tool
Dialogue: 0,0:15:49.20,0:15:52.26,Default,,0000,0000,0000,,and it's been around a while and it has
Dialogue: 0,0:15:52.26,0:15:55.74,Default,,0000,0000,0000,,I just I just I enjoy using sound
Dialogue: 0,0:15:55.74,0:15:57.90,Default,,0000,0000,0000,,there you go so we can finish this room
Dialogue: 0,0:15:57.90,0:16:01.58,Default,,0000,0000,0000,,with a completed
Dialogue: 0,0:16:02.52,0:16:04.74,Default,,0000,0000,0000,,and bingo bango there you go we have
Dialogue: 0,0:16:04.74,0:16:08.52,Default,,0000,0000,0000,,finished the introduction to zath
Dialogue: 0,0:16:08.52,0:16:12.08,Default,,0000,0000,0000,,room thanks for watching