7 hours 6 minutes
Hey, everyone, welcome back to the course. So in this video, we're gonna go over H t track. So well, if you recall from our earlier discussion, HD track is just a website nearing tool. We would want to do that, because that way, as we're analyzing a website, it's not sending request to the Web server, and we can hopefully remain somewhat undetected.
So what we're gonna do is go ahead and we're gonna make sure that we've actually
got HP HP track installed on this machine. I already know it has its, but we'll go ahead and run the command to install it in case we don't have it on our machine.
And so to do so, we're just gonna put in apt get install and then Web h t track and you notice my finishes pretty quickly because I already have it installed on McCallie machine. The next thing we're gonna do is actually go ahead and launch h t track. And the way we do that is we're gonna type in Web h t track
and it might take a moment or so, but then it's gonna launch a browser window for us.
All right, so you see, it's launched in our browser, and the first thing we're gonna do selector language. I'm in the US, so I'm gonna select English and then just select next.
Well, then give this project and name. I'm gonna go ahead and just put in C E h h. And I'm gonna leave all the other defaults alone here at this screen. I'm just gonna select next,
and the first thing I'm gonna do under action is I'm actually gonna change this because I want to get all of the pages
so we'll select the download all sites and pages in parentheses at multiple mirror. Then we need is actually specify what you are ill or what site we're going after. In this case, I'm gonna pick one that actually know has malware on it. It's a former candle company s o p candle dot com. Here. You can use this one if you want. Just be careful. Don't actually go to this website.
It does have malware embedded in at least the last I knew at the time of this filming.
Andi, Uh, I'm gonna switch toe options next. I'm gonna is gonna check the test. All links option There's other options you could specify here. You could see him here. You know, robots. Txt.
I'm just gonna go ahead and select, okay? Here
and not make any other changes. I'll just make the single change, which was checking that box is says test all links,
so we'll select. Okay,
and then back to this screen. I'm just going to select the next button, and then if we scroll down just a little bit will select start, and that's actually gonna go ahead and start marrying the website now, because I chose all pages. This is gonna take a while. And what am I actually do in just a moment here is I'll actually abort this and then we'll just take a look at what we've been able to clone so far.
All right, So I went ahead and just aborted that Make it a little faster here. We do have some data from this site. So the next thing we're gonna do is we're gonna go ahead and select exit, and then we'll just close out our browser and go back to the terminal window.
So here in the terminal, what we're gonna do is after we clear just to clean it up a little bit, we're gonna go ahead and change the directory to our Web sites directory, and then also, we're going to list out everything in there. So to do that, we just do CD. So change directory websites, ford slash
semi colon and then space ls the list command that's gonna list out everything in there. Now, this doesn't give us any real data about what these things are. Are they? Files are the directories. So what we're gonna do is we're gonna do what's called a long list and with a long list command that's gonna allow us to see which of these are directories.
So that's simply just ls And then space dash l. So if you're not familiar with Lennox at all,
that's the command will use here. So l s Dash l will be a long list and you'll see here. Now we know which ones are directories and you see the C e h h. That's one of our directories.
So what we need to do now is we need to actually move that see ehh directory to our Apache Web service. So that way we can actually open it by opening our browser and going to the local host. Ford's last. See ehh.
Alright. So to move that directory running, use CPI space dash lower case our space and then the name of our directory, the C h h four slash. And then we wanna put the path that we wanted to go into, which is gonna be the var Dub, Dub, Dub Html.
All right, so now that's there. And we're gonna go ahead and check our Apache Web service and see if it's actually running,
so we'll see the status of it. And I noticed that I missed the two there, so we need to actually put in service Apache two status on that's gonna allow us to actually see if our Web server is up.
All right, so you see, when we put the Apache two in there, we see that our service is not actually up right now, so let's go ahead and started. So service Apache to start, that'll start the web service. And then not what we could do is we actually go launch Firefox. We could launch your Web browser and we'll go to local host for its last C e h h
and we can actually see doesn't pull up the website or or the image of the website
that we're looking for that will tell us if we're successful with me on the website as well as
actually being able to pull it up on our Web service. So let's type in local holds ford slash c e h h and you'll see here. This is what the website looks like again a time I think of this filming this website actually has malware on it, you see redirects you to the same cast dot com one, which actually has has some malware embedded on it. And that's why
I'm telling you not to go to the actual
pete candle dot com u R l
So you'll see here that way did stop our mirror early, but it did grab a good amount of information, right? We could see that different pages of the site here, and we can click around and get a feel for how the site is laid out and how it actually looks.
We could also if have we done the entire mirror, we could also look at things like the HTML code we could look for comments from the developers potentially some hard coded credentials, so that's why we would want to mirror the website.