00:04
And finally, we're gonna show you another great free scanner,
00:07
which is Iraq night. So let's go check it out.
00:11
We're gonna come every a folder.
00:30
Let's come over here
00:36
jump into the Iraq knife. Older
00:47
Sierra Iraq knife older.
00:55
We will CD into Iraq. Nine.
01:26
I can't remember exactly where it was located at. All right, So we're going to
01:33
run the Iraq my Web script here
01:40
to get the Iraq nice Web set up.
02:06
All right, we see here that listening on
02:09
port 92 92. Local host.
02:13
We're gonna come over here or a browser
02:15
going. D'oh! Local host 9 to 9 to
02:24
admin account is admin at admin dot admin and the password is
02:37
Tipton, incorrectly. So,
02:53
All right, we're gonna come up here to scans click Now,
02:55
I'm gonna do a target. Earl of one into it. Out. 168
03:04
Zero down. 11 are whatever it is that you chose.
03:15
Remember to add the http
03:16
and we're gonna check for sequel injections.
03:23
if you want some kind of special description here Something for you to remember the different kind of scans of Jilin or who you're doing enforcement like that. You type that
03:31
right here in the description portion.
03:37
We're gonna perform a direct scan
03:46
scanner is initializing and running through.
03:49
So is that it? Do its thing.
03:59
All right, we're certain to see some results here.
04:04
when can see. Hey, look at that sequel example. One.
04:09
It's found a a sequel injection here.
04:17
and I'll give us some further detail,
04:23
what exactly was injected into it,
04:27
and then the request it was sent
04:31
If there was a proper response back, it would be here. But there was not a proper response for this one.
04:44
Here's some more information about the sequel injection, which could be very helpful for building or your report.
04:50
Now you can click scans here,
04:56
and it will show you your current scans and a skins you had in the past.
05:00
Then you just click on the eye and I'll take you back to your current active scan, and you can continue looking at
05:06
and reviewing the different
05:11
injections here that you get
05:32
now, as you can see here that this may be missing some contacts because the skin is still running. So if we wait for the end of the skin and will give us some more detail about what? Actually,
05:48
let's let this ah, continue scanning. Here
05:53
is what you see. Here we see the runtime,
05:56
how many pages of sexually scanned and how many issues it's found. So let's continue. Let's let this continue doing it saying here
06:13
all right. And the scan is complete.
06:15
Found seven different
06:23
let's go. Let's go check out the review further. See what additional details we may have gone from this.
06:41
recognize a fantastic tool.
06:43
It allows you to heavily edit your skins.
06:49
We could look at the different profiles force canings.
06:56
We could see what kind of different areas
07:02
buzzing and what it actually is putting into
07:05
the different fields here.
07:10
So if we wanted Thio
07:15
the, uh the sequel injection,
07:18
we go over to our profiles, click the edit button
07:26
is ah is where we were at it. You know what we want our did it and think things like that.
07:33
so this is very important for
07:36
you know how in depth you may want the scan ago. How may how aggressive you may want it. Any kind of user names that you want put in a password. So say you have an application that requires,
07:50
you know, being logged into you could put your authentication methods here, let it log in and scan even deeper into
08:01
that. The page. So very handy stuff,
08:05
Very useful stuff to damage Iraq, and I
08:09
tweak it. Check it out. It's fantastic. So what exactly was covered? Why the scanning is important. You know why the discovery is important?
08:16
Two different types of discoveries. And then we also discuss these different tools that you can use, and I showed you some examples of how to use them. So go play a little, try out the different variables, see what you can dig up.
08:31
Happy acting, everyone