Time
1 hour 49 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:00
Hey, everyone, welcome back to the core. So in the last video, we wrapped up our first lab. So with that lab, we performed several manual sequel injection attacks. So we started off by performing attacks against a log in page. We want to see it. Can we bypass the authentication and log in as administrator? And we had seen that we were successful in doing so.
00:18
And then we moved into actually trying to get information from the database.
00:21
And in this case, we try to get user names and passwords of other users or any type of users in the database. And again, we were successful with that. No, of course we used Mattila Day, and that's naturally vulnerable, and we were able to get all the information that we needed.
00:35
Now those lads were done in the cyber environment. If you haven't done that particular lab yet, then be sure to go back to it and pause this video and take a look at that lab in this video. What we're going to do is take a look at a tool called the Sequel Injection Vulnerability scanner. I'm gonna show you how to install it real quick and then we'll just run it real quick as well as I mentioned before
00:54
in this video as well as the next lab. What you're gonna notice is that I'm gonna be blocking out some information. It's for your own good.
01:00
So with this particular lab, what I'm going to do is block on information on the U. R l is that I'm getting information back on. So the girls that are vulnerable to sequel injection attacks and then in the next lab I'm gonna be using a site that I don't have permission for students to use. I just have permission myself. So the u R l I'm using I can't share with anyone. So again,
01:19
in that situation, I'll just be blocking out that information.
01:23
But that way you just get a generalized idea of how to do these various things in the next laboratory using a tool called sequel map. Now
01:32
I want to stress that I have created step by step guide. So for this lab in the next one, I've got step by step guides on how to the different commands that you'll need to put in. But I I'm not going to show those on screen as I normally do. I just want to talk you through what I'm doing on the screen in both of these labs
01:49
and again, that's mostly for your benefit. Since I have to block out of information,
01:53
it makes it easier to not use a separate document to go through it. But again, all that stuff is available in the supplement of resource is section. And be sure you download from the resource is tab and get all of the helpful information for this course, including the step by step lab guides.
02:07
I also want to mention that you want to make sure you have permission before you touch anything with sequel injection attacks. Right. So we're gonna be running this tool called the Sequel Injection Vulnerability Scanner. But again, just because you're checking for vulnerabilities doesn't mean that you should go ahead and start attacking these. You are. Hell's that. You discover when you're running this tool
02:27
again, you have to have permission, right? Thistle the whole ethical side of the hacking part that we're doing
02:31
in this course and many others write something with the next video. The next lab next video we do with the sequel map again. Since you know, as I mentioned, I don't have permission to share that. You are with everyone else.
02:44
Make sure that you actually have permission to attack u R L. And as I mentioned already many times throughout this course,
02:51
I have several supplementary sources several additional outside
02:54
sites that you can go to in practice your hands on for sequel injection in a sandbox environment. So don't worry about not getting a lot of hands on. You'll get plenty of that if you use those resources along with this course.
03:07
So the first thing we want to do here to install the sequel injection vulnerability scanners just actually open a terminal window here inside of Cali lyrics. You'll notice that I'm using the my own instance of Cali lyrics I'm not using inside of cyber lab environment again. That's because that's a sandbox environment on security. Settings wouldn't allow me to install this particular tool.
03:25
So once you've opened a terminal window, just go ahead and we need to go to get hub essentially and pull the tool from there.
03:35
So what we're gonna do, just typing, get
03:37
here at the command line and then clone and then we're gonna put the U R l So https
03:43
colon forces forward slash get hub dot com
03:46
and then the actual location. So capital H lower case A D E
03:51
s y two k. And again, all this isn't a step by step guide to make sure you download that and I'll show you exactly what you need to type in.
03:59
And then what has put a ford slash SQL ivy dot Get
04:04
all right, that'll go ahead and pull it for us.
04:08
All right, So the next thing we want to do is just change directory into the sequel, live one so CD and then SQL ivy
04:15
in this press, Enter on the keyboard. There. Now we're in that directory, and then we're just gonna run our python script here. So pseudo python too
04:24
set up
04:25
duck P y and Ash. Lower case, I
04:29
that'll Go ahead. Start running it for us. It's gonna take a few minutes to go ahead and run. That's all possible. You briefly while we get that installed.
04:35
All right. You have noticed that we've gone ahead and installed announce we've gone ahead and run our pike on script and now we can actually start using the tools, so I'm gonna go and type clear. Here it is to clear up my screen, so it's a little easier to see.
04:46
And then the single command that we're gonna type in Is this a Google Door command again? Before I hit enter here. After I type this in, I'm gonna go ahead. You'll notice that when I produced the results, I've got everything blocked out again. That's for your own good as well as my own. Good. So that way we don't see any type of vulnerable. You are, l's. Obviously, if you're on this on your own,
05:05
you'll see some but that you know, again, you want to make sure you're doing things ethically. So
05:11
this is just for research purposes.
05:14
So are we gonna do now she's typing a Google dork command using SQL ivy or again, the sequel injection Vulnerability scanner.
05:20
So we're just gonna type in at the prompt here. What is content? Type in S Q L i V. To call the tool that we want. We're gonna put a space and then a dash lower case D
05:30
space and then in u R L. So if you're familiar with Googled working and all. You'll recognize that if you're not familiar with Google Dorking, I should talk about it. In my ethical hacking course, we'll take a look at that as well. So we're gonna put in your l
05:44
corn item dot PHP
05:47
And again, I've got all this in step by step guide for you so you can pause the video and take a look at that.
05:53
So PHP and then question Mark Heidi.
05:56
Now we're gonna put an equal sign
05:58
and then we're gonna put another space and then dash lower case G
06:01
A space and then Google
06:03
a space and that we need to specify how many sites are we taking a look at, right? So many sites. Do we want this to run against? We're just gonna do a dash lowercase p. And then I think for our purposes, we'll just say, like, 20 or so. That's what I've put in a step by step guide just running against 20 sites to make it a pretty quick scan for everyone,
06:24
and that's it. That's all we have to put in there. And as soon as I press enter is going to start pulling the results for you. So, as I mentioned, you'll notice that as soon as I do that the results said it's setting back to us. We're gonna be all blurred out again. That's on purpose. But you will be able to see the results on your end if you're running this particular tool.
06:41
So again, A very important thing. Make sure in your dearest jurisdiction that this part
06:46
right here is not illegal. You don't want to go to jail over something like this. It's fine. Just watch. The video will follow along and again. Any you, Earl, you find you should not be attacking unless you have permission
06:57
from that particular website owner in writing. So just make sure you do all those fun legal things and make sure you're covered. But again, I can't give you legal advice on attorney, But just make sure you're covered. You don't want to go to jail over something as simple as this. So I'm gonna go ahead and press enter here and you're gonna notice that I'm gonna have a lot of stuff blurt out in the results
07:16
again. That's simply because we don't want you to see
07:19
the girls that I'm finding on my side.
07:21
All right, so you'll see that is pulling up many results here for me again. I've got all those blurred out for everybody so that we can't see those, so don't worry about that. But you'll notice that it's pulling up many, many results for me now.
07:32
It's also telling me potentially, like, isn't vulnerable or not. So I'm getting that annotated there, and you'll see that in your end as well, and we'll let this run a little bit. Like I said, it's just gonna run against 20 sites. So it's basically just testing these 20 sites to see if there's any
07:47
potentials for sequel vulnerabilities in those sites.
07:51
So that's all this tool does. Azi name implies. You see it wrapped up pretty quickly there, and then it trunk eight's the information for us for me and tells me basically like these air the vulnerable sites for you and I could take a look at whatever sites those are
08:03
now those tools Great. You know, if you are running a pen test
08:07
or even if you were like, you know, potentially a criminal hacker out there doing doing a nefarious things. This is a great tool for you to use to, you know, find vulnerable sites for sequel injection attacks. However, for you as a pen tester is an ethical hacker. This is a great way for you to take a large company that you're doing a penetration test for
08:28
and through all their domains and basically filter all by their domains
08:31
and be able to find out if all any other domains might have sequel injection vulnerability. So that's really the intent of this tool. Least as far as we're concerned is we're gonna be signed up as an ethical hacker penetration tester with some organization, be performing this type of test and then finding
08:50
vulnerable sites on various. So that's kind of our goal with that.
08:54
So I hope you enjoyed this brief video again. In this video, we just use a tool called the sequel Injection Vulnerability Scanner. I showed you how to install it real quick again. You just do that aside Callie Lennox, with a few commands that I've got in this step by step guide for you. And then we went ahead and just ran the tool to take a look at 20 you know, random sites in Google search
09:11
and to see if any of those sites might be vulnerable to sequel injection attacks.
09:15
Now, in the next video, we're gonna use a tool called sequel map again. And that one you're gonna notice that I block out the U R L that I'm using again simply because no students watching this course will have permission to attack that particular or to run the scan against that particular you are ill. So I don't want to get in trouble by providing that to you. So just you'll notice in the step by step guide
09:33
that it will just basically say, like, put your you are hell information here
09:37
so you can use one that you actually have legal permission to use. So I look forward to seeing in the next video.

Up Next

SQL Injection

This course will cover a brief introduction to databases and SQL commands, basic information about Web applications, and basic information about SQL Injection attacks.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor