Hi, everyone. Welcome back to the course. So in the last video, we learned about what caressing scripting is. We also talked about the different types. So if you remember, we talked about stored or as it's more commonly called persistent, we also talked about reflected which we're gonna be doing in this lab on then also Don based. So in this lab, Or as I mentioned, we gonna be doing the reflected across that scripting attack. This one's a very simple one. There's gonna be basically changing the u. R L and attempted to run our malicious script. So just make sure you're locked into the cyber, a website which you should be already. If you're watching this video and there in the catalog, you're gonna be searching for this long name here this introduction of a lost top 10 a seven et cetera, et cetera. Wth e. Easiest thing to do is just type in a seven and search for that and you'll see that I'll pull it up right up there for you.
So go ahead and click on that and they cook the launch button right there, and it's gonna give you one more option here We just need to click that launch item button. It's gonna open that in a separate tab of our browser there. And it takes about a minute or so to actually pull two slaps. I'm gonna briefly pause a video while it pulls it up, and then we'll get started again. All right, Welcome back. So, you see, we've got our lab pulled up here now, a couple of housekeeping keeping items real quick. You'll notice some pop ups that might occur. Just go ahead and ex out of those, or you can read through if you want to. The other thing with these particular labs is you'll want to actually have to manually mark your progress in them.
Now for the first lab here, it'll it will actually be this first lap that they have offered here. So you can go ahead mark through these, as you log in with, like Student, for example for the user's password. But the second lab that we're doing, I've kind of merged the last two labs. I've taken components from those so you'll actually want to go through those laugh separately on your own to get 100% on this entire lab and fire it. So I just want to mention that in advance that the very first lab are doing here. In this video, you'll be able to go through Mark through as we do the steps. However, for the next couple of labs, you just want to do those on your own and the next lab that we're doing. I've taken components of the last couple of labs. The other thing I want to mention is we're gonna be long in here in just a second, but you want to use the user name and password of student.
If you try to use the traditional Callie lyrics, user name and password of root and tour, it's going to It's going to let you lock in. But you won't see the chrome option, which we actually will need to complete this lap. So just f Y I on that. If you log in and you don't see chrome, it's more than likely because you did not use student for the user name and password. All right, let's go back to our lab document real quick and you'll see here as we after we've launched our lab that here on step six, we're gonna be logging in this. I mentioned with the user name of student and the password of students.
Let's go ahead and do that now. So a student all over case from both the user name and password. Now, once it locks us into Callie lyrics, we're gonna see the chrome option by using the student using a password. As I mentioned, if you try to use the normal Kelly Landis love and it's going to it's going to still love you in. But you will not see chrome here on the left side. Course we go back to our lab document. Our next step here and Step seven is to actually go ahead and launch Chrome's. Let's do that. Now Just go and click that little icon there. It looks like kind of a blue square near the top left of the menu there, and it should automatically open up the Mattila Day page for us. I'd like to expand this out just a little bit. All right, so let's go back to our lab document to see what we need to actually do.
All right, so now we're gonna go down to the password generator option so here and Step eight through 11 we're gonna be selecting these different menu options. So let's go and do that. So we're gonna be here on the top left with a lost 2017. We're gonna then come over to a seven across state scripting. We're gonna go to reflected first order, and then we're gonna go down to the password generator. I usually have to scroll down the page a little bit. It's down here near the bottom and had to be careful with your mouth. Because sometimes if you just move your mouth a little bit, you see, it all disappears on you. So just keep that in mind that it can be frustrating. Just be patient with it, and you'll eventually get to the correct spot. All right, so we're going to pass for a generator. And now we're at this page here. So the first thing we're gonna do is actually change this anonymous Too quirky, as you'll see in the lab document here.
So here, in step 12 were to change anonymous to acquire tea in that you are ill, and then we're just gonna press enter. And our goal is to see if we can find a user name that's mentioned in the girl. And by the way, if you haven't downloaded this lab document yet, the lab documents are available of the resource is section. If for some reason you don't see them and they're sending email to support at cyber dot idea to let them know sometimes it's a little buggy and they may disappear on us on, so just let us know we'll get him back in there for you. All right, So here, we're gonna come up to our u R l just click in there and then we're gonna take out anonymous, and we're typing quirky. All right, once you've typed that in this press Internet keyboard there, and we just want to see doesn't tell us the user name. Obviously, we're told that right, this password is for clarity. So we know that Quartey is the user name there. All right, let's go back to our lab document.
The goal here is to see a pop up that mentions malicious John screen. So we want to see a pop, a box that says malicious Java script. And if we do have that, we know that we were successful. So let's go ahead and type all this in now. So again, I already got the word queer attacked in there. So I'm gonna be a little lazy here and just leave that, not type it again. We'll put a quotation mark. You know, we've been mass out of the way there. We'll put a semi colon. Where to put the word alert.