Time
1 hour 18 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:00
Hello and welcome back to the course. In the previous video, we've demonstrated how to not only installed windows through the virtual box, but also to sew the exam, which enables us to run our own local server, Apache and my SQL
00:14
Now, in this video we're gonna be doing is illustrating how did download what's called D V W ay. This is crucial for understanding how to do a session hijacking. So one thing I want to illustrate here is now that we have our ports open, you'll see that the local host is here
00:31
Now, if I go out and open up my follow explorer
00:34
and I go to exam
00:37
and then from there, if I go down and I scroll, I see that Okay, this is my actual directory.
00:42
Let's roll up here again,
00:47
go down.
00:48
And now on my eight sea docks folder, What I want to do is I want to get rid of this again.
00:53
Wherever you insult it. Accent
00:56
a sea docks.
00:59
Delete this
01:00
now again, if now, if I refresh, this is gonna bring me to
01:06
nothing is found, which is fine. So now what I want to dio is I want to go ahead and open up a new tab and I want to take in DV w a.
01:15
So what I'm gonna be doing today is showing you down. This is a very safe and very ethical
01:19
hacking tools.
01:22
So what I want to do is I want to show you how this could be installed the exam.
01:26
So once I click on download,
01:30
we want to say this
01:30
sumas as
01:33
I am a god and put this through with the desktop DVD view master
01:41
running security skin, etcetera. Let this run
01:45
again. This is all for illegal environments purposes. Okay, we'll close out of this,
01:49
and I want to extract this file. So let's move out this window
01:53
really quick,
01:55
right click. And I want to extract all
01:57
Yeah, we'll go ahead. And you know what? They're gonna go ahead and change it to the best,
02:04
So let's go in and extractors
02:07
this might take a little bit of time.
02:09
Just bear with me, and you're fully understand how this works.
02:15
Okay, so we're approaching almost 50% tile, etcetera.
02:20
Let's go ahead and get this running.
02:31
Okay. Great.
02:32
Now what we have, I'm gonna close this out.
02:40
That's right, Move over a little bit more. Close it.
02:45
Okay. Now in the D V w Master, what I want to do is I basically want to do the phone,
02:51
so I want to go back to my file explorer
02:54
now. H c t docks. I want to create a new folder
02:58
is a very important new folder,
03:00
and that's gonna be called D V W A
03:04
T V W
03:06
now
03:08
under the docks. What? I'd like to d'oh
03:13
go ahead and bring this down up
03:20
And what? We're gonna go ahead and do with movies here? I want to go ahead and maximizes window just in larger rather
03:28
and go down. And what I want to do is I want to select everything here.
03:32
We'll bring this down again
03:40
given moment that run.
03:46
Okay,
03:53
so let's bring this down. Just like an enlarged again.
03:58
And now what I wanna do. Perfect. Let's move this over right.
04:01
Let's let everything here
04:04
and now what we want to do is we want to drag this into this folder.
04:09
Can we dragged everything from the deviate W Master into that folder?
04:13
Now we're gonna do is we're gonna go in and close this
04:16
and we're gonna do is we're gonna go in and refresh
04:27
so local host,
04:30
Let's go ahead and open up another window.
04:40
Now we can see the DVD of your shoulder.
04:45
Okay, Now, here is a common ever. So basically, this is what throws many people off. You're gonna see Devi w assistant our copy config dot fig. So basically get rid of distribution. So if I go back down to my folder
05:00
and I go to the config,
05:02
what I'm gonna do is I'm gonna simply rename this
05:06
and get rid of the distribution and rename it to dot PHP,
05:11
Yes.
05:12
So let's go ahead and refresh this
05:15
Now here we go. Here's the database setup. You'll see everything is set for Windows. Now we want to create and reset the dented beers,
05:24
and we're gonna see if there's an ever here.
05:26
So simply what we need to d'oh
05:28
is we need to open this
05:31
you open with
05:34
look for more APS and go to no pad.
05:40
Now in this particular example for all cases, we need to get rid of the past, were here and leave this as
05:47
the colon and leave. This is blank.
05:49
Now I'm gonna go and save this.
05:55
I'm gonna go to Reset
05:57
Recreate.
06:00
It's going to refresh.
06:03
Give this a moment
06:05
there. Everything is logged, everything is created. My databases is created now on D V W ay, the password is adamant.
06:16
Password.
06:18
There we go. Now I've logged in. So now I'm gonna go in and further deep dive again. Hopefully you can review this interior as I don't understand how once this is loaded. So, for example, if I were to shut down my Apache server and my SP Oh, this would not work.
06:34
The next up here is to go out and show you how to install and change different settings and then go ahead because this is our victim machine
06:44
and then go ahead and install County Lennox and go through the same material
06:48
will be enjoyed this and look forward to seeing in the next lesson.

Up Next

Session Hijacking

This course covers session hijacking, which is where an attacker takes over a legitimately established session between a user and host. This is normally seen between a user and a Web server, but it could occur with a Telnet session or other TCP-based connection.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor
Instructor Profile Image
Dave Kupratis
Instructor