All right. Welcome back to the course. So in the last video, we went ahead and created our victim account. Our attacker account. We then ran the beef tool. So we launched beef and we also went ahead and copied and pasted a script into our block area. And we left off by being the victim and navigating to the view block area.
So now we're gonna go ahead and actually view the log. So
in this drop down boxes, please choose Author Box. We want to select the attacker block, and we're just going to save Luke. View the bloc countries button.
Let's go and do that. Now sits clicking here and it's down near the bottom, usually. So well, scroll down and click on attacker and then view log entries.
All right, you'll see that we don't really have a whole lot information there. Would you see that? Either attacker did have a block,
but as a victim, we don't really see, like, a whole block post or anything like that, and that's on purpose.
Are. So now we're gonna go back to the beef tool page
and we're to look under the browser areas, so let's go ahead and do that. Now, I'm gonna move this slightly out of my way there so I can get back to my beef page.
You'll see a couple things here. We're gonna look at the online browser, the offline browser. That's that Fire Fox one. That's what we close with the attacker session there.
But we want to look at the online browser. That's the victim one. So just go ahead and click where it says the local I p address her with 1 27.0 dot zero. That one, and you'll see it. It'll give us all sorts of information about the victim's browser session. Wouldn't get good information on that.
All right, so our next step in the labs were actually want to go ahead and actually give a better hook here. So the hook we have in place
is basically if the victim that you know the victim in this case navigates away from the paint stir on, we're gonna lose that hook. So we want to go ahead and put a hook, and that's persistent that as a click through pages on this particular website, we keep them infected, and we can keep looking at their sessions in the goal here is potentially. Maybe they enter a user name password, right,
so we could steal that information.
So all we have to do inside of this tool is we're just gonna go to commands option and click on Persistence Folder and that selecting men in the browser option it's really is that simple? So that's why I recommend you check out Joe's course. He goes over a lot more stuff. Well, this particular tool So we're gonna click on commands here that the tab here, the top
and then we're gonna click on Persistence
down here near the bottom. 3rd 1 up,
expand that out and then we're gonna select a man in the browser option. Once you select that, you'll see at the very bottom, right? There's an execute button. Just go ahead and click on that, and that's all you have to do.
So now, if the victim went through and clicked,
you know, different pages were gonna keep them infected, based off, you know, wherever they go on the on the site, they're still gonna remain affected, and we'll still be able to see their session. It'll still shows online
now the other thing in this lab that I leave here in the instructions for He's just clicking through the tool and just checking out some of the other options here. I'm not gonna do that in this particular video. Just feel free to stop the video here, let it run through and click through and just check out some of the different options again. As I mentioned, check out Joe Perry's course and the breaking stuff with Joe Siri's or B S. W. J
is how you could search for it in the catalog
where you could to search for the word beef and that will pull it up for you as well. So be G E F, and that will pull it up.
So in this video is wrapped up our lab using the beef tool to create a browser hook. And then we went ahead and click through Thean, selecting the man in the browser option that basically gave us a persistent hook. So as a victim, click through different pages on the Web page. It's still showed us as an online brother and basically an active session, and so we could see everything the user was doing
in that particular session and hopefully get some
log in credentials as an ultimate goal of that.
In the next video, I'm gonna show you the assessments that I want you to do in the catalog again. The assessments. I do not have a step by step guide for you. They do have instructions with them, and they're kind of walking through some things, but they're more intended to test your skill level on car state scripting. So I show you how to find those in the catalog in the next video.
Identifying Web Attacks Through Logs
Log analysis involves reviewing and evaluating system activities to help mitigate risks. If you’re training ...
3 CEU/CPE Hours Available
Certificate of Completion Offered
The OWASP Online test is a premium Cybrary assessment test created by iMocha. It is ...