WEBVTT 1 00:00:00.040 --> 00:00:02.600 Okay, let's unpack this. We've got a really interesting source 2 00:00:02.680 --> 00:00:07.679 document today that dives into something pretty much everyone interacts 3 00:00:07.679 --> 00:00:10.640 with daily computers and online security. 4 00:00:10.679 --> 00:00:13.640 Now we receive this unique package from a listener. It's 5 00:00:13.679 --> 00:00:17.079 a digital document called ANAG Hacking with Experts. 6 00:00:16.640 --> 00:00:19.920 And the title definitely grabs your attention. This document, presented 7 00:00:19.920 --> 00:00:23.079 by a young author identified as UNDERAG, is quite a mix. 8 00:00:23.079 --> 00:00:26.559 It really is. It's structured with legal disclaimers, introductions to 9 00:00:26.640 --> 00:00:30.760 core hacking concepts, and then well jumps into a surprisingly 10 00:00:30.800 --> 00:00:33.200 broad range of how to guides. 11 00:00:33.039 --> 00:00:36.240 Covering everything from techniques that sound like social engineering tricks, 12 00:00:36.280 --> 00:00:39.399 to manipulating windows using batch files. 13 00:00:39.159 --> 00:00:42.600 And even describing network level attacks. It's quite the spread, right, And. 14 00:00:42.560 --> 00:00:45.200 Before we go any further into the content, it's crucial 15 00:00:45.240 --> 00:00:47.880 to highlight what the source document puts front and center. 16 00:00:48.479 --> 00:00:50.159 A prominent legal disclaimer. 17 00:00:50.359 --> 00:00:54.719 Absolutely, it states explicitly that all the material within is 18 00:00:54.759 --> 00:00:58.960 intended for educational and research purposes only. There's a serious 19 00:00:58.960 --> 00:01:03.359 warning that any misuse could lead to unlawful charges, and it. 20 00:01:03.280 --> 00:01:06.159 Makes it clear that the author and by extension, us 21 00:01:06.200 --> 00:01:09.400 reviewing it, are not responsible for legal activity. 22 00:01:09.599 --> 00:01:13.680 Exactly. Our mission in this deep dive is to navigate 23 00:01:13.760 --> 00:01:18.000 through the information presented strictly within this source document. We're 24 00:01:18.000 --> 00:01:21.480 trying to explore this landscape of online knowledge as it's 25 00:01:21.480 --> 00:01:23.159 shared by this enthusiast author. 26 00:01:23.439 --> 00:01:26.760 We're here to understand the methods described, distill the key 27 00:01:26.799 --> 00:01:31.280 insights from the document's perspective, and see what awareness, particularly 28 00:01:31.319 --> 00:01:34.200 regarding security, we can gain from this exploration. 29 00:01:34.560 --> 00:01:38.799 Right, we are absolutely not endorsing or recommending any illegal 30 00:01:38.840 --> 00:01:40.200 actions based on this content. 31 00:01:40.359 --> 00:01:43.400 That's key, and that connects right back to you, the listener. 32 00:01:43.719 --> 00:01:46.879 The source itself concludes by stating that understanding these methods 33 00:01:46.879 --> 00:01:48.680 can actually help you protect yourself. 34 00:01:48.840 --> 00:01:51.959 So think of this deep dive as us exploring the 35 00:01:52.000 --> 00:01:55.040 world as presented in this document to help you see 36 00:01:55.079 --> 00:01:57.519 the kinds of things described so you can be better 37 00:01:57.519 --> 00:01:59.000 informed about the digital landscape. 38 00:01:59.000 --> 00:02:01.079 Okay, let's jump in and see what this document covers. 39 00:02:01.359 --> 00:02:04.280 To start, the document offers its own definition of what 40 00:02:04.319 --> 00:02:07.560 a hacker is. According to Aniug, it's someone who likes 41 00:02:07.560 --> 00:02:10.960 to pinker, explore, and find ways to make computer systems 42 00:02:11.000 --> 00:02:12.800 work differently than originally intended. 43 00:02:12.919 --> 00:02:17.479 Hmmm, the classic Tenkerer definition, and the source breaks this 44 00:02:17.599 --> 00:02:20.319 down into a hierarchy, right, which is a common way 45 00:02:20.319 --> 00:02:22.280 to categorize people in this space. 46 00:02:22.120 --> 00:02:24.680 Yeah, it does. At the top, as described here are 47 00:02:24.680 --> 00:02:28.080 the white hats. These are the good guys, security experts 48 00:02:28.080 --> 00:02:31.039 who use their skills to help, not harm. 49 00:02:31.280 --> 00:02:33.759 Then there are the black hats, presented as the bad guys. 50 00:02:33.919 --> 00:02:37.280 Right, they use their skills maliciously for personal gain, like 51 00:02:38.199 --> 00:02:42.680 hacking banks, stealing credit cards, or defacing websites. The document 52 00:02:42.719 --> 00:02:45.439 actually notes these terms come from old Westerns. 53 00:02:45.439 --> 00:02:47.120 Interesting and below them. 54 00:02:47.159 --> 00:02:49.360 Below them are the script kitties. The source calls them 55 00:02:49.400 --> 00:02:52.120 wannabes and says they're looked down upon. Why is that 56 00:02:52.639 --> 00:02:56.080 because they use tools others have developed without really understanding 57 00:02:56.080 --> 00:02:58.960 how they work, and according to the document, they make 58 00:02:59.039 --> 00:02:59.919 hackers look bad. 59 00:03:00.080 --> 00:03:02.000 Okay. Then you have intermediate hackers. 60 00:03:02.319 --> 00:03:05.759 Yeah, they know computers, networks, and some programming enough to 61 00:03:05.800 --> 00:03:08.960 understand what a script does, maybe, but mainly using pre 62 00:03:09.000 --> 00:03:12.199 made exploits, and the source defines an exploit simply as 63 00:03:12.280 --> 00:03:15.879 code that takes advantage of a vulnerability to gain control. Correct. 64 00:03:16.159 --> 00:03:19.439 And finally, the elite hackers. These are presented as the 65 00:03:19.479 --> 00:03:20.280 most skilled. 66 00:03:20.439 --> 00:03:23.599 They write their own tools and exploits, can break into systems, 67 00:03:23.719 --> 00:03:25.360 cover their tracks exactly. 68 00:03:25.719 --> 00:03:27.840 The author states their goal for the reader is to 69 00:03:27.879 --> 00:03:31.080 strive for this elite level while you know, always looping 70 00:03:31.120 --> 00:03:32.520 back to that educational purpose. 71 00:03:32.639 --> 00:03:35.039 Okay, let's move into some of the practical examples. The 72 00:03:35.080 --> 00:03:39.080 source details starting with web based methods. One phishing technique 73 00:03:39.120 --> 00:03:41.199 described is called tab napping. 74 00:03:41.319 --> 00:03:45.000 Ah tab napping. This method, as explained in the document, 75 00:03:45.280 --> 00:03:49.000 praise entirely on user distraction. How So, the idea is 76 00:03:49.039 --> 00:03:51.120 you get a user to visit a site you control. 77 00:03:51.560 --> 00:03:54.080 When they switch to another tab, say to check Facebook 78 00:03:54.159 --> 00:03:57.120 or email, and leave your site open, but idle a 79 00:03:57.120 --> 00:03:58.240 script on your site. 80 00:03:58.000 --> 00:03:59.680 Waits, and when they come back, when. 81 00:03:59.520 --> 00:04:02.439 They come back to your original tab, the script redirects 82 00:04:02.439 --> 00:04:05.199 it to a fake login page designed to look just 83 00:04:05.280 --> 00:04:07.840 like Facebook, Gmail or Yahoo Wow. 84 00:04:08.199 --> 00:04:11.199 So it's less about sophisticated code breaking and more about 85 00:04:11.439 --> 00:04:13.439 basic human inattention. 86 00:04:13.840 --> 00:04:17.319 Pretty much, the source details steps like getting free web hosting, 87 00:04:17.639 --> 00:04:20.759 uploading scripts and fake pages, and luring the victim to 88 00:04:20.800 --> 00:04:24.240 the site. It really highlights how effective simple social engineering 89 00:04:24.240 --> 00:04:27.040 can be when combined with a little technical trickery. 90 00:04:27.160 --> 00:04:29.680 The unsuspecting user just thinks they're logging back into their 91 00:04:29.680 --> 00:04:32.079 account and hands over their credentials exactly. 92 00:04:32.560 --> 00:04:36.839 The document also covers directly targeting website vulnerabilities. One method 93 00:04:36.839 --> 00:04:40.439 detailed is RFI or remote file inclusion RFI. 94 00:04:40.800 --> 00:04:44.639 Okay, how does the source say you find vulnerable sites? 95 00:04:44.879 --> 00:04:48.040 According to the source, you find vulnerable sites using specific 96 00:04:48.079 --> 00:04:51.279 Google searches what are called Google dorks, like searching for interol, 97 00:04:51.319 --> 00:04:53.160 dot index, dot, php, dot. 98 00:04:52.920 --> 00:04:56.920 Page right, and the test described is injecting a URL 99 00:04:57.000 --> 00:05:00.199 into that page parameter, like appending www dot google dot 100 00:05:00.480 --> 00:05:03.279 to the site's URL, and if the site is vulnerable, 101 00:05:03.399 --> 00:05:04.079 what happens? 102 00:05:04.160 --> 00:05:07.079 The document says if the Google homepage loads within or 103 00:05:07.160 --> 00:05:10.519 instead of the expected content, the site is vulnerable. The 104 00:05:10.560 --> 00:05:14.000 next step described is uploading shells, which are essentially commanded 105 00:05:14.000 --> 00:05:17.040 control tools like C ninety nine or R fifty seven 106 00:05:17.360 --> 00:05:20.279 to a web hosting site you control right. 107 00:05:20.439 --> 00:05:24.560 And then using the RFI vulnerability, you execute the shell 108 00:05:24.600 --> 00:05:27.240 on the target site by including its URL in that 109 00:05:27.360 --> 00:05:28.360 vulnerable parameter. 110 00:05:28.480 --> 00:05:29.519 That's the idea presented. 111 00:05:29.680 --> 00:05:31.720 So you find a weakness that lets you tell the 112 00:05:31.759 --> 00:05:34.839 server to fashion run a file from anywhere and you 113 00:05:34.879 --> 00:05:36.720 point it to a file you control that gives you 114 00:05:36.800 --> 00:05:38.040 access pretty much. 115 00:05:38.560 --> 00:05:41.639 The source also goes into SQL injection, which is targeting 116 00:05:41.639 --> 00:05:43.279 the website's database. 117 00:05:42.920 --> 00:05:44.120 Ah sql injection. 118 00:05:44.439 --> 00:05:44.639 Yeah. 119 00:05:44.759 --> 00:05:48.399 Yeah. It details both a manual process called blind SQL 120 00:05:48.439 --> 00:05:51.240 injection and using an automated tool called Hovey. 121 00:05:51.639 --> 00:05:55.439 That blind method is fascinating because, as the document explains, 122 00:05:55.839 --> 00:05:57.959 you don't get direct error messages telling you about the 123 00:05:58.040 --> 00:06:00.319 database structure. You have to figure things out by by bite. 124 00:06:00.360 --> 00:06:01.920 How does the source say? You test for that? 125 00:06:02.120 --> 00:06:04.600 By adding conditions to the URL like and one at 126 00:06:04.720 --> 00:06:06.160 one and then at one in one one two. 127 00:06:06.319 --> 00:06:06.600 Okay. 128 00:06:06.680 --> 00:06:09.120 If the page content changes or disappears when you use 129 00:06:09.319 --> 00:06:12.759 one use which is always false, the site is likely vulnerable. 130 00:06:12.920 --> 00:06:16.120 And then from the sources description it becomes this painstaking 131 00:06:16.160 --> 00:06:19.040 process of guessing information character by character. 132 00:06:19.160 --> 00:06:23.199 Precisely, the document lays out the steps guessing the database version, 133 00:06:23.519 --> 00:06:27.360 checking if you can run subqueries, trying to access user tables, like. 134 00:06:27.399 --> 00:06:31.319 Guessing table names like users, then column names like username 135 00:06:31.399 --> 00:06:32.639 and password. 136 00:06:32.319 --> 00:06:37.439 Exactly, and finally extracting data letter by letter using ASCI comparisons, 137 00:06:37.839 --> 00:06:40.279 like checking if the first character of the password hash 138 00:06:40.360 --> 00:06:43.879 is greater than say, ask you value eighty than ninety 139 00:06:43.920 --> 00:06:44.439 and so on. 140 00:06:44.720 --> 00:06:48.480 Wow, that's incredibly detailed. It highlights the underlying logic needed 141 00:06:48.480 --> 00:06:49.959 when you don't have direct feedback. 142 00:06:50.199 --> 00:06:52.800 Yeah, but contrast that manual method with what the source 143 00:06:52.800 --> 00:06:54.920 describes next using Haavy. 144 00:06:55.160 --> 00:06:57.759 This is presented as the automated way to do SEQL 145 00:06:57.759 --> 00:06:58.720 injection right. 146 00:06:58.879 --> 00:07:01.319 According to the document, you pace the vulnerable link into 147 00:07:01.360 --> 00:07:05.560 the tool, click analyze, then get tables, get columns. 148 00:07:05.160 --> 00:07:09.279 Listing common ones you might look for like users, username, password. 149 00:07:08.959 --> 00:07:12.680 Yeah, and finally get data. The key insight here from 150 00:07:12.680 --> 00:07:16.160 the sources perspective is the power of automation. It takes 151 00:07:16.160 --> 00:07:18.639 this complex manual process and makes it point and. 152 00:07:18.600 --> 00:07:21.839 Click makes sense. The document also includes a section on 153 00:07:22.000 --> 00:07:22.680 mass toface. 154 00:07:23.079 --> 00:07:26.399 This sounds exactly like it is. The source describes needing 155 00:07:26.439 --> 00:07:29.800 a rooted server meaning you already have significant access and 156 00:07:29.879 --> 00:07:32.800 a script, and the steps download the script and a 157 00:07:32.839 --> 00:07:35.959 defacement page, then run the script with the deface page 158 00:07:35.959 --> 00:07:38.959 file as input. This is presented as a way to 159 00:07:39.040 --> 00:07:42.160 change the appearance of potentially many websites hosted on that 160 00:07:42.240 --> 00:07:43.240 server at once. 161 00:07:43.560 --> 00:07:47.120 Okay. Shifting gears a bit from web servers to networks 162 00:07:47.120 --> 00:07:50.879 and individual PCs. The document gets into Wi fi hacking, 163 00:07:51.240 --> 00:07:55.560 specifically targeting WEP security using Backtrack Linux ah Yes. 164 00:07:55.759 --> 00:08:00.480 Backtrack a Linux distribution designed for security tasks. First notes 165 00:08:00.639 --> 00:08:04.000 WEPS not safe compared to WABPA, which it says requires 166 00:08:04.079 --> 00:08:05.839 more effort like brute force attacks. 167 00:08:05.879 --> 00:08:08.920 And for WEP, the document describes a process involving listening 168 00:08:08.920 --> 00:08:10.519 to the wireless traffic exactly. 169 00:08:10.839 --> 00:08:13.160 How does the source break down the steps in backtrack? 170 00:08:13.240 --> 00:08:15.959 Well, first, you use tools like kismet to scan for networks. 171 00:08:16.199 --> 00:08:20.759 You identify the target WAP network by its m mentioned address, BSSID, name, 172 00:08:21.160 --> 00:08:22.160 es IT, and channel. 173 00:08:22.279 --> 00:08:24.959 Then you put your wireless adapter into monitoring mode to 174 00:08:25.040 --> 00:08:26.399 capture all passing traffic. 175 00:08:26.759 --> 00:08:30.319 Right. Then, according to the document, you use aero dumping 176 00:08:30.399 --> 00:08:33.320 to capture packets associated with the target network, saving them 177 00:08:33.320 --> 00:08:36.639 to a file. While that's running, you use airplane for 178 00:08:36.720 --> 00:08:38.960 fake authentication and packet injection. 179 00:08:39.240 --> 00:08:41.320 And what does that achieve? What's the point of the injection? 180 00:08:41.519 --> 00:08:45.159 The goal is to generate traffic faster. By injecting packets, 181 00:08:45.240 --> 00:08:48.519 you trick the access point into sending more data packets 182 00:08:48.519 --> 00:08:49.840 back quickly, which. 183 00:08:49.679 --> 00:08:52.720 Increases the amount of data aero dumping is capturing. 184 00:08:52.320 --> 00:08:55.519 Right, because you need tens or hundreds of thousands of 185 00:08:55.559 --> 00:08:59.240 packets for cracking WEP, according to the source, And once. 186 00:08:59.080 --> 00:09:01.600 You have enough data, the source says, you use air cracking. 187 00:09:01.879 --> 00:09:05.000 Exactly, You point air cracking at the file containing the 188 00:09:05.000 --> 00:09:09.559 captured packets, and it analyzes the initialization factors ivs within 189 00:09:09.639 --> 00:09:12.679 those packets to deduce the WEP key. 190 00:09:12.799 --> 00:09:16.879 The document provides specific commands to like aero dumping channel, 191 00:09:17.000 --> 00:09:20.360 DASH channel, dash file name, bsitb device. 192 00:09:20.000 --> 00:09:23.919 And aircrack and dash onebbsidfilename dot ibs. It also mentions 193 00:09:23.919 --> 00:09:26.639 a GUI tool called Jerik's Wychey Cracker ad ag in 194 00:09:26.759 --> 00:09:28.879 backtrack that automates these steps. 195 00:09:29.120 --> 00:09:32.759 Makes it easier for sure. Now here's where it gets well, 196 00:09:32.799 --> 00:09:35.919 maybe less technical in some ways. The document describes a 197 00:09:36.000 --> 00:09:40.639 method for hacking PC using pendrives ah. 198 00:09:40.279 --> 00:09:44.120 The USB stick approach. This section describes a surprisingly simple 199 00:09:44.159 --> 00:09:47.919 technique reliant on physical access and crucially user action. 200 00:09:48.639 --> 00:09:52.200 It involves a toolkit containing a specific program nor cmd 201 00:09:52.360 --> 00:09:53.320 dot ex. 202 00:09:53.519 --> 00:09:56.200 And the process how does the source describe it? 203 00:09:56.279 --> 00:09:58.440 According to the source, you copy the files from this 204 00:09:58.519 --> 00:10:01.879 toolkit onto a USB draw. You then insert the drive 205 00:10:01.919 --> 00:10:02.840 into the target PC. 206 00:10:03.080 --> 00:10:05.639 But it's not automatic, not necessarily. 207 00:10:05.879 --> 00:10:09.559 The document notes that antivirus might block autoerun so you 208 00:10:09.639 --> 00:10:12.200 might need the user to manually click the file, maybe 209 00:10:12.279 --> 00:10:13.960 even needing to disable av first. 210 00:10:14.000 --> 00:10:16.480 So it's a physical access method that often still requires 211 00:10:16.600 --> 00:10:18.639 user interaction or tricking the user somehow. 212 00:10:18.720 --> 00:10:21.440 Yes, it seems to prey on curiosity or trust. The 213 00:10:21.480 --> 00:10:23.720 source claims that once the program is run, your job 214 00:10:23.799 --> 00:10:26.200 is done and you get access to a dumbfolder on 215 00:10:26.240 --> 00:10:29.000 your own PC containing all the info want from the target. 216 00:10:29.159 --> 00:10:31.279 A bit vague on the exact info, but the principle 217 00:10:31.320 --> 00:10:35.080 is clear. A malicious file executed from a USB drive right. 218 00:10:35.600 --> 00:10:39.840 The document also covers hacking remote PCs using remote administration 219 00:10:39.960 --> 00:10:43.399 tools or rats. It mentions tools like pro rat and 220 00:10:43.480 --> 00:10:45.240 extreme rat RATS. 221 00:10:45.480 --> 00:10:48.200 These are programs designed for controlling a computer from a 222 00:10:48.240 --> 00:10:52.320 far right. The source details setting up an right server component. 223 00:10:52.480 --> 00:10:55.200 Yeah, what's the general process described in the source for 224 00:10:55.279 --> 00:10:55.960 setting that up? 225 00:10:56.200 --> 00:10:59.200 You download the tool. The source even give a default 226 00:10:59.240 --> 00:11:03.600 password for p RAT pro, open it, and configure the 227 00:11:03.639 --> 00:11:04.240 server file. 228 00:11:04.320 --> 00:11:05.600 Configuration involves what. 229 00:11:05.919 --> 00:11:08.320 Telling it how to connect back to you, setting your 230 00:11:08.360 --> 00:11:11.440 IP address. It mentioned services like no ip des for 231 00:11:11.600 --> 00:11:14.799 dynamic IPS, and needing a DUC client to update it, 232 00:11:14.840 --> 00:11:17.840 a port, a password to access the victim machine, and 233 00:11:17.919 --> 00:11:19.279 a name for the victim machine. 234 00:11:19.320 --> 00:11:21.679 Okay, so you build this little server package, and then 235 00:11:21.679 --> 00:11:24.279 you need to get this server file onto the victim's computer. 236 00:11:24.440 --> 00:11:27.879 Precisely. The source describes binding the server file with something 237 00:11:27.879 --> 00:11:31.600 innocuous like an image, PDF or text file to disguise. 238 00:11:31.240 --> 00:11:32.320 It, make it look harmless. 239 00:11:32.399 --> 00:11:35.279 Yeah, you choose an icon prefer in dot ex extension, 240 00:11:35.279 --> 00:11:38.039 according to the source, and then you distribute this disguised file, 241 00:11:38.120 --> 00:11:40.120 perhaps via file sharing or email. 242 00:11:40.399 --> 00:11:44.399 And if the victim opens this file, clicks on the disguised. 243 00:11:43.919 --> 00:11:46.960 Image or whatever, according to the source, their computer becomes 244 00:11:47.039 --> 00:11:49.600 controlled by your RA client software. 245 00:11:49.759 --> 00:11:51.519 Wow, and what can you do? Then? 246 00:11:51.960 --> 00:11:55.360 The document lists capabilities like access and files, using the 247 00:11:55.360 --> 00:11:58.720 webcam and capturing the screen. It also briefly touches on 248 00:11:58.840 --> 00:12:02.000 network set up like needing, port forwarding or using a 249 00:12:02.080 --> 00:12:05.679 VPM like proxpen to make the remote connection work if 250 00:12:05.720 --> 00:12:07.159 the attacker is behind a router. 251 00:12:07.360 --> 00:12:11.639 Okay, so quite powerful if deployed successfully. Another network related 252 00:12:11.720 --> 00:12:15.960 method described is local file inclusion or LFI LFI. 253 00:12:16.200 --> 00:12:18.559 How does the source explain the difference between that and 254 00:12:18.720 --> 00:12:20.440 RFI remote file inclusion? 255 00:12:20.759 --> 00:12:24.600 Well, while RFI is about including remote files from other servers, LFI, 256 00:12:24.639 --> 00:12:27.559 as described here, is about browsing through the server's own 257 00:12:27.720 --> 00:12:30.039 filesystem using a URL parameter. 258 00:12:30.120 --> 00:12:30.840 How does that work? 259 00:12:30.919 --> 00:12:35.080 The example given is using directory traversal paths like dot TETSI, PASSWD, 260 00:12:35.519 --> 00:12:38.679 and a vulnerable URL. You're trying to access system files 261 00:12:38.759 --> 00:12:41.320 like et ceter pass toword on Linux servers. 262 00:12:40.960 --> 00:12:43.360 So you're trying to trick the web server into letting 263 00:12:43.360 --> 00:12:46.240 you read sensitive files. It has access to files it 264 00:12:46.240 --> 00:12:48.080 shouldn't normally show you exactly. 265 00:12:48.679 --> 00:12:52.279 The source explains the structure of excta password showing username 266 00:12:52.480 --> 00:12:56.519 password fields often a placeholder X user ID, group ID, 267 00:12:56.720 --> 00:12:57.320 stuff like that. 268 00:12:57.399 --> 00:12:59.360 It notes that if the password hashes were an etceter 269 00:12:59.480 --> 00:13:00.639 pass would you could try. 270 00:13:00.480 --> 00:13:03.039 To crack them, but if they're shadowed, meaning stored securely 271 00:13:03.080 --> 00:13:06.279 in the center shadow which isn't usually web accessible. The 272 00:13:06.360 --> 00:13:08.879 document suggests trying log injection. 273 00:13:09.360 --> 00:13:12.919 Log injection and what does that involve? According to the source. 274 00:13:12.759 --> 00:13:14.960 It's presented as an attempt to run commands on the 275 00:13:14.960 --> 00:13:18.679 server indirectly. You find common log file locations. 276 00:13:18.240 --> 00:13:20.240 Like web server access logs. 277 00:13:19.879 --> 00:13:24.399 Potentially yeah, and using the LFI vulnerability, you inject PHP 278 00:13:24.600 --> 00:13:29.679 code into the URL itself, like dot pass through get cetmt. 279 00:13:30.519 --> 00:13:32.639 This code gets written into the server's. 280 00:13:32.320 --> 00:13:34.480 Log file even if the browser encodes it. 281 00:13:34.679 --> 00:13:37.639 The source mentions a pearl script that can supposedly bypass 282 00:13:37.679 --> 00:13:38.840 this encoding issue, and. 283 00:13:38.759 --> 00:13:40.399 If that works, if you get the code into the 284 00:13:40.440 --> 00:13:41.759 log file and execute it. 285 00:13:41.799 --> 00:13:44.600 According to the document, executing that injected code via the 286 00:13:44.639 --> 00:13:47.720 pearlscript allows you to run system commands on the server 287 00:13:48.159 --> 00:13:50.759 through your web browser. Is described as a way to 288 00:13:50.759 --> 00:13:54.399 gain remote command execution when direct access isn't possible. 289 00:13:54.720 --> 00:13:58.960 Hmmm, clever. The document also covers password cracking and recovery 290 00:13:58.960 --> 00:14:02.720 for Windows. One method described is getting the Windows XP 291 00:14:02.840 --> 00:14:05.279 administrator password using a tool called. 292 00:14:05.159 --> 00:14:09.440 Canaan able right canonable. The source detail steps like using 293 00:14:09.480 --> 00:14:13.840 the tools cracker tab, selecting and NTLM hashes and dumping 294 00:14:13.919 --> 00:14:16.080 nt hashes from local machine. 295 00:14:15.639 --> 00:14:19.200 Which extracts the scrambled password representations the hashes from the 296 00:14:19.200 --> 00:14:20.799 current Window system exactly. 297 00:14:21.039 --> 00:14:23.919 Then you choose an attack type like brute force, which 298 00:14:23.960 --> 00:14:27.600 the source notes is slow but guaranteed, and brute. 299 00:14:27.240 --> 00:14:30.120 Force is explained simply in the source is just trying 300 00:14:30.240 --> 00:14:34.039 every possible character combination until the scrambled version matches the 301 00:14:34.080 --> 00:14:34.799 target hash. 302 00:14:35.080 --> 00:14:40.519 Yes, precisely. It describes encrypting possibilities like abcab and so 303 00:14:40.600 --> 00:14:43.399 on and comparing the result to the hash you dumped. 304 00:14:43.240 --> 00:14:46.159 And for recovering a lost Windows password, the source suggests 305 00:14:46.240 --> 00:14:48.759 using the off crack live CD offcrack. 306 00:14:48.960 --> 00:14:52.039 This involves creating a bootable CD from an ISO image, 307 00:14:52.399 --> 00:14:53.600 booting the computer from. 308 00:14:53.480 --> 00:14:56.919 It, and according to the source, off crack should automatically 309 00:14:56.960 --> 00:14:59.759 find and crack the password hashes stored on the hard drive. 310 00:15:00.360 --> 00:15:03.080 It's presented as a recovery method that bypasses the running 311 00:15:03.120 --> 00:15:04.519 Windows system. 312 00:15:04.080 --> 00:15:08.320 Okay, shifting again. The document touches on hacking social media 313 00:15:08.399 --> 00:15:11.639 and communication accounts. It links back to methods already discussed, 314 00:15:11.639 --> 00:15:12.720 doesn't it It does. 315 00:15:12.840 --> 00:15:15.879 It mentions how tabnapping keyloggers. 316 00:15:15.360 --> 00:15:19.039 Which it separately details needing a tool like emissary keylogger, 317 00:15:19.360 --> 00:15:23.159 binding it to another file, distributing it and noting potential av. 318 00:15:23.080 --> 00:15:26.600 Issues right and Wi Fi session hijacking using tools like 319 00:15:26.639 --> 00:15:30.480 firesheet by capturing session cookies on unsecured networks can be 320 00:15:30.559 --> 00:15:32.600 used against accounts like Facebook or Twitter. 321 00:15:32.799 --> 00:15:35.799 So the insight here is how user actions or network 322 00:15:35.879 --> 00:15:40.279 vulnerabilities can compromise account security, even on major platforms. 323 00:15:40.320 --> 00:15:43.840 The source also details some specific Yahoo Messenger tricks, yeah 324 00:15:43.960 --> 00:15:47.120 like what it describes enabling multi login by changing a 325 00:15:47.159 --> 00:15:51.039 specific value plural in the Windows Registry editor. It lists 326 00:15:51.120 --> 00:15:54.759 Yahoo Chat commands like join or ignore basic chants to 327 00:15:55.080 --> 00:15:58.080 and it describes hacking the Yahoo webcam by replacing a 328 00:15:58.120 --> 00:16:03.440 specific file resumes in the installation directory with a cracked 329 00:16:03.480 --> 00:16:05.879 version provided via a download link, though. 330 00:16:05.720 --> 00:16:08.159 It doesn't explain what the hack actually does, just that 331 00:16:08.200 --> 00:16:09.559 it involves file. 332 00:16:09.360 --> 00:16:12.759 Replacement exactly, kind of vague on the outcome. The document 333 00:16:12.759 --> 00:16:16.159 includes some practical tips too, like protecting email accounts from 334 00:16:16.159 --> 00:16:17.600 spam ah. 335 00:16:17.360 --> 00:16:20.720 Yes, yeah, a list of pretty standard advice actually. 336 00:16:20.639 --> 00:16:24.559 Like using built in spam filters, avoiding posting your email publicly, 337 00:16:24.960 --> 00:16:27.320 using separate dummy accounts for services. 338 00:16:27.240 --> 00:16:29.840 And formatting your email address on websites like email at 339 00:16:29.840 --> 00:16:34.240 domaina dot com to confuse automated bots. Sensible stuff. 340 00:16:34.279 --> 00:16:37.440 There are also several tips presented for Facebook and Twitter 341 00:16:37.519 --> 00:16:40.799 that feel less like technical hacking and more like clever 342 00:16:40.879 --> 00:16:44.080 ways to use platform features or external services. 343 00:16:43.679 --> 00:16:46.840 Right exactly, like using an external website to make your 344 00:16:46.840 --> 00:16:49.519 Facebook status appeer posted via any. 345 00:16:49.320 --> 00:16:52.720 Device, or getting Twitter followers by simply using and searching 346 00:16:52.720 --> 00:16:56.559 the hashtag team followback tag and following others who use it, 347 00:16:56.679 --> 00:16:58.320 expecting them to follow you back. 348 00:16:58.200 --> 00:17:00.440 The follower for formal strategy. Yeah. 349 00:17:00.519 --> 00:17:03.600 It even suggests using another external site to post to 350 00:17:03.600 --> 00:17:05.079 all your Facebook groups at once. 351 00:17:05.279 --> 00:17:08.200 But importantly, the source warns this could get your account 352 00:17:08.240 --> 00:17:11.680 blocked if done regularly, so use with caution. 353 00:17:11.839 --> 00:17:15.119 It implies definitely and sending anonymous email. 354 00:17:15.519 --> 00:17:19.680 The source mentions using a specific external website mci dot cz. 355 00:17:20.359 --> 00:17:23.839 It says you can manually enter the sender name, recipient, subject, body, 356 00:17:23.880 --> 00:17:26.599 and attachments, making it appear to come from someone else. 357 00:17:26.720 --> 00:17:28.720 Okay, Now, this is a part of the document that 358 00:17:28.759 --> 00:17:32.519 feels quite different from the more complex network attacks. There's 359 00:17:32.519 --> 00:17:35.559 a whole section on simple and funny tricks, often using 360 00:17:35.599 --> 00:17:38.759 basic Windows tools like notepad or batch files. 361 00:17:38.920 --> 00:17:42.160 Yeah, this really shows the spectrum of tinkering. The author explores. 362 00:17:42.799 --> 00:17:46.319 Batch files are simply text files containing commands that Windows executes. 363 00:17:46.759 --> 00:17:49.640 A basic example given is just typing dirhan to lis 364 00:17:49.720 --> 00:17:53.000 files and pause to wait for a keypress. 365 00:17:53.359 --> 00:17:57.119 Simple enough, and some of the specific, less serious tricks. 366 00:17:57.319 --> 00:17:58.400 What does it describe? 367 00:17:58.440 --> 00:18:01.319 There's a method to delete an under leadable file using 368 00:18:01.319 --> 00:18:05.039 the command prompt. It involves temporarily stopping the Windows Graphical 369 00:18:05.079 --> 00:18:09.599 interface explored dot ex, deleting the file via command line, 370 00:18:09.920 --> 00:18:11.400 and then restarting the interface. 371 00:18:11.759 --> 00:18:14.119 A bit involved. Is there a simpler way mentioned? 372 00:18:14.480 --> 00:18:18.559 Yes, a simpler trick involves using notepads save as function 373 00:18:18.920 --> 00:18:21.319 to overwrite the file by putting its name in quotes 374 00:18:21.680 --> 00:18:23.440 and saving as all files. 375 00:18:23.599 --> 00:18:27.119 Oh okay. There's also a batch file described to clean 376 00:18:27.319 --> 00:18:29.359 temporary files in history. 377 00:18:29.160 --> 00:18:32.799 Using the ramdercu command to delete specific folders like recent 378 00:18:33.119 --> 00:18:34.480 temp history, et cetera. 379 00:18:34.599 --> 00:18:36.920 And the funny FB virus What's that about? 380 00:18:37.119 --> 00:18:39.279 This is just a batch file prank. It creates a 381 00:18:39.279 --> 00:18:42.599 message box claiming virus detected and that your Facebook account 382 00:18:42.599 --> 00:18:45.079 will be deleted, followed by scheduling a system shut down 383 00:18:45.079 --> 00:18:46.960 with a fake error message. 384 00:18:46.640 --> 00:18:49.519 Harmless but maybe annoying. The source notes is just a joke. 385 00:18:49.759 --> 00:18:52.960 Yeah. Then there's the World Trade Center attack and Notepad. 386 00:18:52.559 --> 00:18:54.200 Which is just a visual coincidence trick. 387 00:18:54.279 --> 00:18:57.359 Right exactly. You tag Q thirty three n in Notepad, 388 00:18:57.799 --> 00:19:00.319 then change the font to wingings and the side to 389 00:19:00.359 --> 00:19:04.519 seventy two, and the characters visually resemble a plane approaching towers. 390 00:19:05.000 --> 00:19:06.759 It's presented purely as an oddity. 391 00:19:07.200 --> 00:19:10.359 Other simple tricks include creating a personal logbook in Notepad 392 00:19:10.400 --> 00:19:13.079 that automatically adds the current date in time each time 393 00:19:13.119 --> 00:19:13.640 you open it. 394 00:19:14.079 --> 00:19:16.559 Just by typing dot log on the very first line 395 00:19:16.559 --> 00:19:17.160 and saving it. 396 00:19:17.480 --> 00:19:20.599 Testing your antivirus by saving the iicar test string. 397 00:19:20.839 --> 00:19:23.440 Yeah, that's a standard harmless file designed only to be 398 00:19:23.519 --> 00:19:26.440 detected as malware. You save it in notepad as a 399 00:19:26.519 --> 00:19:29.799 dot ex file. The source does note this specific trick 400 00:19:29.880 --> 00:19:32.079 might not work on sixty four bit windows. 401 00:19:32.279 --> 00:19:36.119 And some more visually disruptive ones using simple scripts vbscripts 402 00:19:36.160 --> 00:19:36.920 mostly right. 403 00:19:37.160 --> 00:19:39.680 There's a VB script describe that forces your CD drive 404 00:19:39.720 --> 00:19:43.400 to repeatedly open and close in a loop. Annoying definitely. 405 00:19:43.720 --> 00:19:46.440 Another BADG file trick creates a scrolling stream of random 406 00:19:46.440 --> 00:19:50.160 green numbers in the command prompt window, mimicking the matrix effect. 407 00:19:50.519 --> 00:19:54.000 You can also change notepads header or footer using special 408 00:19:54.039 --> 00:19:56.759 codes in the page setup menu, like NF for the 409 00:19:56.759 --> 00:19:59.119 file name or ND for the date, and. 410 00:19:59.119 --> 00:20:02.160 Some classic user interface pranks. The source includes those two. 411 00:20:02.519 --> 00:20:06.200 It does a VBScript that continuously types you are a 412 00:20:06.240 --> 00:20:09.079 fool by sending keyboard commands to the active window. 413 00:20:09.200 --> 00:20:09.759 Oh dear. 414 00:20:10.079 --> 00:20:13.440 Another VBScript creates a disco light effect on your keyboard 415 00:20:13.480 --> 00:20:16.960 by rapidly toggling the caps lock, numb lock and scroll 416 00:20:16.960 --> 00:20:17.559 lock lights. 417 00:20:18.039 --> 00:20:18.880 How do you stop that one? 418 00:20:18.960 --> 00:20:21.359 You have to stop it via task manager finding the 419 00:20:21.480 --> 00:20:24.039 wscript dot exx process and ending it. 420 00:20:24.119 --> 00:20:26.960 Okay, and you can change the name Windows displays for 421 00:20:27.000 --> 00:20:31.240 your processor using the registry editor regie dot exx Yeah 422 00:20:31.279 --> 00:20:31.640 the n R. 423 00:20:31.880 --> 00:20:34.240 The source gives the example of changing it to Intel 424 00:20:34.319 --> 00:20:36.000 Core I eleven just to fool. 425 00:20:35.799 --> 00:20:39.200 Friends, and finally determining your PCs gender. 426 00:20:39.920 --> 00:20:43.839 Bizarrely, yes, the document includes a VBScript that uses text 427 00:20:43.920 --> 00:20:46.319 to speech to say how are you and suggests the 428 00:20:46.359 --> 00:20:48.519 gender of the voice determines your PC's gender. 429 00:20:48.680 --> 00:20:51.759 Well. That certainly adds some unexpected lighter variety to a 430 00:20:51.799 --> 00:20:54.039 document titled Hacking with Experts. 431 00:20:54.440 --> 00:20:56.960 It really shows the breadth of digital tinkering. The author 432 00:20:57.000 --> 00:20:59.839 explores from complex attacks to well that. 433 00:21:00.319 --> 00:21:03.160 But beyond the tricks, the document includes some practical system 434 00:21:03.200 --> 00:21:04.920 maintenance and optimization tips. 435 00:21:04.680 --> 00:21:07.920 Too, like the ten security enhancements That sounds useful. 436 00:21:08.240 --> 00:21:11.079 Yes, and it's a pretty solid list of fundamental security 437 00:21:11.079 --> 00:21:15.519 practices from the source, things like keeping Windows and software updated, 438 00:21:15.799 --> 00:21:18.920 using a personal firewall, installing anti. 439 00:21:18.480 --> 00:21:23.079 Spyware, disabling specific old Windows services that caused pop up spam, 440 00:21:23.319 --> 00:21:27.359 using strong passwords. It suggests seven plus characters mixed types. 441 00:21:27.519 --> 00:21:30.960 It also advises using current versions of email clients having 442 00:21:31.079 --> 00:21:34.640 up to date antivirus, mentioning AVG free and online. 443 00:21:34.279 --> 00:21:39.119 Scanners, securing wireless networks, listing MSc filtering, and turning off 444 00:21:39.240 --> 00:21:42.200 SSID broadcast. Though the tip apparently cuts off in the 445 00:21:42.240 --> 00:21:42.960 source and. 446 00:21:42.960 --> 00:21:47.119 Generally being skeptical of unsolicited emails or attachments, it's a 447 00:21:47.119 --> 00:21:50.039 good set of basics presented alongside the more advanced techniques. 448 00:21:50.240 --> 00:21:53.400 The document also details common reasons why PCs crash and 449 00:21:53.440 --> 00:21:55.759 troubleshooting steps five reasons I. 450 00:21:55.720 --> 00:21:58.640 Think that's right. Five reasons and their fixes as described 451 00:21:58.640 --> 00:22:02.319 in the source. First, hardware conflict, often due to devices 452 00:22:02.359 --> 00:22:05.359 sharing IRQ lines interrupt request lines. 453 00:22:05.079 --> 00:22:08.680 An older issue maybe, but still relevant. The fix involves 454 00:22:08.759 --> 00:22:13.079 checking device manager for conflicts and potentially reinstalling devices or drivers. 455 00:22:13.400 --> 00:22:18.759 Second, bad or mismatching RAM symptoms include fatal errors. The 456 00:22:18.799 --> 00:22:21.839 source warns against mixing RAM with different speeds or types 457 00:22:22.200 --> 00:22:25.839 and suggests adjusting bio settings or testing ramsticks individually. 458 00:22:26.200 --> 00:22:30.480 Third, bio settings themselves. The source cautions about making changes 459 00:22:30.799 --> 00:22:33.160 and suggests writing down original settings. 460 00:22:32.799 --> 00:22:37.119 First good advice. It specifically mentions adjusting CAAs latency for 461 00:22:37.160 --> 00:22:40.680 certain RAM types and setting IRQ to auto and enabling 462 00:22:40.759 --> 00:22:43.599 plug and playos in the bios to let Windows manage 463 00:22:43.599 --> 00:22:44.880 hardware resources better. 464 00:22:45.079 --> 00:22:48.519 Fourth, hard disk drives fragmentation is listed as a cause 465 00:22:48.599 --> 00:22:49.680 for freezes, so. 466 00:22:49.599 --> 00:22:54.319 The document recommends regular defragmentation, adjusting read ahead optimization settings, 467 00:22:54.519 --> 00:22:57.759 freeing disk space, and scanning for errors using tools like 468 00:22:57.839 --> 00:22:59.640 scan disc standard maintenance. 469 00:23:00.079 --> 00:23:02.039 Fifth reason for crash is listed. 470 00:23:01.920 --> 00:23:05.559 Fatal OE exceptions and VxD errors. These are often linked 471 00:23:05.599 --> 00:23:07.240 to video card problems. 472 00:23:06.799 --> 00:23:10.160 According to the source, so the advices suggestions. 473 00:23:09.519 --> 00:23:13.240 Include reducing screen resolution or color depth, checking for videocard 474 00:23:13.279 --> 00:23:17.519 conflicts and device manager, adjusting hardware acceleration, and crucially keeping 475 00:23:17.559 --> 00:23:18.759 graphics drivers updated. 476 00:23:18.920 --> 00:23:22.200 It's interesting that a document focused on hacking includes such 477 00:23:22.200 --> 00:23:27.279 a comprehensive basic PC troubleshooting guide. Really blonds the scope. 478 00:23:27.359 --> 00:23:29.759 Yes, it adds a layer of practical utility you might 479 00:23:29.799 --> 00:23:33.599 not expect. The document also has tips like increasing internet 480 00:23:33.640 --> 00:23:37.480 speed up to a three hundred percent, specifically for Firefox. 481 00:23:37.759 --> 00:23:40.400 Okay, how does it claim to do That sounds a 482 00:23:40.440 --> 00:23:41.559 bit too good to be true. 483 00:23:41.640 --> 00:23:44.720 Well, it involves modifying settings in firefoxes about duck and 484 00:23:44.799 --> 00:23:47.880 fig page. You said network dot SHGDP dot pipelining and 485 00:23:47.920 --> 00:23:51.400 network dot HDDP dot proxy dot pipelining to tree and 486 00:23:51.440 --> 00:23:54.119 you create a new integer value called anglayout dot initial 487 00:23:54.160 --> 00:23:57.160 pain dot delay and set it to zero. The source 488 00:23:57.160 --> 00:23:59.799 claims this speeds up page loading by allowing Firefox to 489 00:24:00.039 --> 00:24:03.400 has multiple items at once, reducing delays. Whether it hits 490 00:24:03.400 --> 00:24:04.640 three hundred percent, who knows. 491 00:24:05.400 --> 00:24:07.799 Another utility tip mentioned is using your pen drive as 492 00:24:07.920 --> 00:24:09.079 RAM yes, which. 493 00:24:08.920 --> 00:24:11.480 Is basically describing the ready boost feature in Windows or 494 00:24:11.519 --> 00:24:12.119 something similar. 495 00:24:12.160 --> 00:24:13.400 How does the source explain it? 496 00:24:13.440 --> 00:24:17.319 Through system properties, advanced performance settings, advanced virtual memory change. 497 00:24:17.559 --> 00:24:20.240 You select the USB drive, choose custom size, and set 498 00:24:20.279 --> 00:24:22.559 an initial and maximum size for Windows to use the 499 00:24:22.640 --> 00:24:24.720 drive as extra cash or virtual memory. 500 00:24:24.880 --> 00:24:28.559 Got it. The document then moves into mobile tricks, starting 501 00:24:28.559 --> 00:24:30.920 with secret codes for Android phones right. 502 00:24:31.000 --> 00:24:33.279 These are typically codes you dial on the phone keypad 503 00:24:33.359 --> 00:24:34.680 to access hidden men user. 504 00:24:34.559 --> 00:24:36.839 Functions like what kinds of functions are listed? 505 00:24:37.039 --> 00:24:39.759 Codes for checking phone and battery info hashtag four six 506 00:24:39.799 --> 00:24:43.200 three six tash tag, performing a factory data reset hashtag 507 00:24:43.200 --> 00:24:45.440 seven seven eighty az er tag tag, or even a 508 00:24:45.480 --> 00:24:49.880 full factory format and firmware reinsall two seven, six, seven, three, eight, 509 00:24:49.920 --> 00:24:50.599 five five. 510 00:24:50.480 --> 00:24:53.440 Five WHOA That last one sounds risky. 511 00:24:53.359 --> 00:24:56.359 Very The source includes strong warnings with several of these codes, 512 00:24:56.759 --> 00:24:58.920 like one for camera updates that it says could make 513 00:24:58.960 --> 00:25:00.480 your camera stop working if you choose the. 514 00:25:00.480 --> 00:25:02.720 Wrong option, and a general warning too, Yeah. 515 00:25:02.599 --> 00:25:05.960 General warning, try these codes on er risk. It also 516 00:25:06.000 --> 00:25:10.839 lists codes for various tests WLAND, GPS, Bluetooth, media backup, 517 00:25:11.039 --> 00:25:12.720 and accessing service mode. Okay. 518 00:25:12.880 --> 00:25:16.000 There's also a mention of hacking mobile using Bluetooth. 519 00:25:15.559 --> 00:25:18.759 Yes, introducing a tool called super Bluetooth Hack two thousand 520 00:25:18.759 --> 00:25:22.119 and nine specifically for symbionos and job enabled phones. 521 00:25:22.200 --> 00:25:24.759 So older test and the process described. 522 00:25:24.319 --> 00:25:28.240 Installing the app searching for nearby Bluetooth devices, selecting one, 523 00:25:28.440 --> 00:25:30.480 and then being able to start managing them via. 524 00:25:30.359 --> 00:25:34.000 Bluetooth hacks, but it's vague on what managing means. 525 00:25:34.319 --> 00:25:37.480 Very vague. The document provides a download link, but doesn't 526 00:25:37.519 --> 00:25:39.240 detail the specific capabilities. 527 00:25:39.319 --> 00:25:42.000 Okay. And an SMS bomber for Android phones. 528 00:25:42.759 --> 00:25:45.319 This is described as an app you download requiring you 529 00:25:45.400 --> 00:25:49.519 to enable unknown sources to install apps outside the official store, 530 00:25:49.799 --> 00:25:51.559 which is a security risk itself. 531 00:25:51.799 --> 00:25:52.759 What does the app do? 532 00:25:53.200 --> 00:25:55.680 It can apparently send an unlimited number of texts to 533 00:25:55.720 --> 00:25:58.920 flood a contacts phone. The source list features like hitting 534 00:25:59.000 --> 00:26:02.200 multiple contacts, a cancel button, and no delay. 535 00:26:02.480 --> 00:26:05.039 Does the source mentioned security concerns. 536 00:26:04.720 --> 00:26:07.920 Crucially, Yes, it notes the app as detected as a virus, 537 00:26:07.920 --> 00:26:10.799 but then claims this is a false positive and the 538 00:26:10.799 --> 00:26:13.720 app is clean. That's a huge red flag right there. 539 00:26:13.920 --> 00:26:17.079 It also mentions an anti SMS bomber counterpart app. 540 00:26:17.359 --> 00:26:21.599 Definitely approach with caution. The document briefly discusses hacking os 541 00:26:21.640 --> 00:26:22.880 for mobile phones too. 542 00:26:22.839 --> 00:26:26.440 Yeah, essentially looking at penetration testing environments on mobile It 543 00:26:26.480 --> 00:26:30.599 mentions b NHD two described as a security focused Aubunddebian 544 00:26:30.680 --> 00:26:33.000 system for specific HDC phones. 545 00:26:33.119 --> 00:26:35.559 So running a full Linux environment on a phone for 546 00:26:35.599 --> 00:26:36.960 security testing that. 547 00:26:36.960 --> 00:26:39.200 Seems to be the idea. It also notes the existence 548 00:26:39.200 --> 00:26:42.440 of Android pen testing apps like antiidsploi and face neef. 549 00:26:42.599 --> 00:26:47.440 Okay, here's a surprising inclusion. A gpr's trick for all networks. 550 00:26:47.599 --> 00:26:50.680 This section seems quite specific, likely to a certain region 551 00:26:50.759 --> 00:26:57.680 or time India, based on the networks listed. Reliance Air, Cell, BSNL, Airtel, vodaphone. 552 00:26:57.559 --> 00:26:58.839 Idea and what's the trick? 553 00:26:59.039 --> 00:27:02.799 It provides specific proxy port and APN settings for each network. 554 00:27:03.119 --> 00:27:05.799 The concept presented is that using these particular settings might 555 00:27:05.799 --> 00:27:08.880 allow for free GPRS Internet access on those networks. 556 00:27:09.079 --> 00:27:11.200 Lists. The actual ips important Yes. 557 00:27:11.079 --> 00:27:13.720 Precise settings for each provider, like for Reliance it gives 558 00:27:13.759 --> 00:27:15.960 proxy ten point z or one point one four five 559 00:27:16.000 --> 00:27:18.920 point two seven, port eighty or eighty apn R comment 560 00:27:19.200 --> 00:27:21.559 for BSNL proxy one ten point one hundred one point 561 00:27:21.559 --> 00:27:24.960 three point two port nine two zero nine apn wop west, dot, Salan, 562 00:27:25.000 --> 00:27:25.920 dot in and so on. 563 00:27:26.240 --> 00:27:28.079 Does this suggest using specific apps? 564 00:27:28.160 --> 00:27:30.720 It suggests using handler apps like Opera Handler or UC 565 00:27:30.839 --> 00:27:33.759 handler for some networks. But importantly it includes the warning 566 00:27:33.880 --> 00:27:35.160 try it low balance. 567 00:27:34.839 --> 00:27:39.039 Only right, implying it might not work or could incur charges. Okay, 568 00:27:39.039 --> 00:27:43.079 we've covered technical web and network attacks, simple PC pranks, 569 00:27:43.240 --> 00:27:46.759 system maintenance, and mobile tricks. The document wraps up with 570 00:27:46.799 --> 00:27:48.960 a collection of other interesting utility tips. 571 00:27:49.000 --> 00:27:51.039 This is a real grab bag, isn't it? A bit 572 00:27:51.079 --> 00:27:51.599 of everything? 573 00:27:51.680 --> 00:27:54.839 It really is. It includes converting movies to PSP. 574 00:27:54.559 --> 00:27:58.920 Format, detailing a multi step process using specific tools like 575 00:27:59.039 --> 00:28:03.039 DVD decryptor super dbd ripper an image converter to get 576 00:28:03.039 --> 00:28:06.640 from a DVD to the PSP's MP four format. Quite 577 00:28:06.759 --> 00:28:09.640 dated now, but detailed creating. 578 00:28:09.240 --> 00:28:11.559 A forum on your own PC. How's that? 579 00:28:11.640 --> 00:28:14.839 Described as setting up a local web server environment using 580 00:28:14.880 --> 00:28:18.039 a package like phpdev, which bundles a patchy PHP in 581 00:28:18.119 --> 00:28:21.680 mysequel and installing a form script like phpBB in the 582 00:28:21.759 --> 00:28:23.079 correct directory. 583 00:28:22.680 --> 00:28:24.720 So you can run your own little web forum locally. 584 00:28:25.039 --> 00:28:27.079 Yeah. The idea is you can then access your form 585 00:28:27.119 --> 00:28:29.440 locally or potentially from the internet if you know your 586 00:28:29.480 --> 00:28:31.880 external IP and configure your network correctly. 587 00:28:31.920 --> 00:28:34.519 Setting a wallpaper on a pendle. It is also described 588 00:28:34.599 --> 00:28:36.319 that sounds odd it is a bit niche. 589 00:28:36.400 --> 00:28:39.759 It involves using a special configuration file called desktop dot 590 00:28:39.799 --> 00:28:41.200 eon on the drive itself. 591 00:28:41.240 --> 00:28:41.960 What does a file do? 592 00:28:42.319 --> 00:28:44.559 It points to an image file also stored on the 593 00:28:44.640 --> 00:28:48.119 drive and tells Windows Explorer to use that image as 594 00:28:48.160 --> 00:28:51.279 the background for that specific folder when you view it. 595 00:28:51.599 --> 00:28:54.920 A purely cosmetic tweak. A simple YouTube download trick is 596 00:28:54.960 --> 00:28:55.559 included too. 597 00:28:55.759 --> 00:28:59.680 Yes, change the www dot in the YouTube video you 598 00:28:59.720 --> 00:29:04.240 are a l to sss www dot YouTube dot com 599 00:29:04.359 --> 00:29:07.039 becomes sutube dot com. 600 00:29:06.680 --> 00:29:08.960 And according to the source, it redirects you to a 601 00:29:09.000 --> 00:29:10.319 download page for the video. 602 00:29:10.640 --> 00:29:13.359 Simple enough if it works. The document also mentions a 603 00:29:13.400 --> 00:29:15.240 PHP dots DASA. 604 00:29:14.880 --> 00:29:17.599 Tax script, but presumably with the usual disclaimer. 605 00:29:17.720 --> 00:29:20.680 Yes, it provides a download link, but immediately reiterates the 606 00:29:20.720 --> 00:29:24.759 sources consistent disclaimer about using it responsibly and for educational 607 00:29:24.799 --> 00:29:25.599 purposes only. 608 00:29:25.799 --> 00:29:29.680 Okay. One truly fascinating section is make er PC talk 609 00:29:29.799 --> 00:29:31.480 like Jarvis operating system like. 610 00:29:31.440 --> 00:29:34.559 The AI from iron Man. The source makes that exact connection. 611 00:29:34.640 --> 00:29:35.839 How does it say you do it? 612 00:29:35.480 --> 00:29:39.000 It describes using Windows Speech MACROS, a tool you download 613 00:29:39.039 --> 00:29:42.039 and install. Then you create files containing commands that look 614 00:29:42.079 --> 00:29:44.559 a bit like code using XML style tags. 615 00:29:44.680 --> 00:29:46.799 And how do these commands work? What tags does it mention? 616 00:29:47.079 --> 00:29:50.640 These files use specific tags? For example, the listen for 617 00:29:50.759 --> 00:29:53.480 tag tells the computer what voice command to listen for, 618 00:29:53.640 --> 00:29:58.000 like saying Jarvis, good morning, Jarvis, or nukd okay. The 619 00:29:58.039 --> 00:30:00.359 speak tag tells computer what to say back as a 620 00:30:00.359 --> 00:30:03.279 spoken response. You can also use tags to make the 621 00:30:03.319 --> 00:30:08.319 computer run programs, run command, or send keyboard mouse commands, 622 00:30:08.440 --> 00:30:11.279 send keys, mouse sanas via voice. 623 00:30:11.559 --> 00:30:14.680 So you could potentially control parts of your PC with 624 00:30:14.839 --> 00:30:16.160 voice commands you define. 625 00:30:16.240 --> 00:30:18.720 That's the idea prevented. You save this code in notepad 626 00:30:18.720 --> 00:30:21.359 as a WSRMAC file. Maybe you need to import a 627 00:30:21.440 --> 00:30:24.680 signing certificate. Then open Windows Speech Recognition and you can 628 00:30:24.759 --> 00:30:26.039 use your custom voice commands. 629 00:30:26.079 --> 00:30:28.039 Where did the source get this from. 630 00:30:27.759 --> 00:30:30.720 The source credits a place called Devil's cafe for the method. 631 00:30:30.960 --> 00:30:33.400 It's a truly unique inclusion in this document. 632 00:30:33.119 --> 00:30:36.960 Definitely stands out. The document also lists five rarely known 633 00:30:37.200 --> 00:30:40.119 Google I'm Feeling tricks ah. 634 00:30:39.720 --> 00:30:43.359 The fun Google Easter Eggs. These are visual effects triggered 635 00:30:43.359 --> 00:30:46.160 by typing specific phrases into the Google search bar and 636 00:30:46.200 --> 00:30:47.880 clicking the I'm Feeling Lucky button. 637 00:30:47.960 --> 00:30:49.720 What examples does the source list. 638 00:30:49.759 --> 00:30:54.559 Google sphere makes search results revolve, Google pond adds a 639 00:30:54.599 --> 00:30:58.480 water effect, epic, Google zooms in, Weeni, Google zooms out, 640 00:30:58.839 --> 00:31:01.759 and Google Guitar, an interactive guitar that appeared for Les 641 00:31:01.759 --> 00:31:03.440 Paul's birthday. Just fun stuff. 642 00:31:03.720 --> 00:31:07.000 It also includes a how to DDoS manually method using 643 00:31:07.039 --> 00:31:09.079 the command prompt seems basic. 644 00:31:09.160 --> 00:31:11.440 It's a very basic method described in the source. First 645 00:31:11.759 --> 00:31:14.119 you get the IP address of the target site by 646 00:31:14.160 --> 00:31:18.559 pinging it pingwww dot ny site dot com. Then then 647 00:31:18.680 --> 00:31:21.839 you use the command ping ip address dandy TDSHL six 648 00:31:21.920 --> 00:31:24.559 five to five hundred to send a continuous stream of 649 00:31:24.680 --> 00:31:25.480 large packets. 650 00:31:25.640 --> 00:31:28.200 And the source claims this can take a site down. 651 00:31:28.400 --> 00:31:30.720 It claims doing this from multiple PCs can take a 652 00:31:30.720 --> 00:31:33.480 site down, and again includes the educational purpose. Note it's 653 00:31:33.480 --> 00:31:36.160 a very rudimentary explanation of a denial of service concept. 654 00:31:36.319 --> 00:31:39.400 Finally, the document even includes a C plus plus tutorial 655 00:31:39.400 --> 00:31:41.559 basics A quick intro to programming. 656 00:31:41.200 --> 00:31:45.119 Yeah, dipping into programming fundamentals. The source covers why people program, like, 657 00:31:45.200 --> 00:31:48.599 understanding computers, building software, what C plus plus and object 658 00:31:48.640 --> 00:31:49.799 oriented programming are C. 659 00:31:49.799 --> 00:31:53.759 Plus plus extend coop uses classes, useful for a graphical 660 00:31:53.799 --> 00:31:56.400 interfaces that sort of thing exactly. 661 00:31:55.960 --> 00:31:59.400 And what you need Computer compiler curiosity. It describes the 662 00:31:59.440 --> 00:32:04.000 basic program process writing source code, compilingly get to object code, 663 00:32:04.440 --> 00:32:06.920 linking it to create an executable, and running it. 664 00:32:07.039 --> 00:32:09.200 Does it define any core elements. 665 00:32:08.880 --> 00:32:12.440 Yes, things like statements, commands ending with a semicolon, comments 666 00:32:12.440 --> 00:32:16.920 and air libraries hashtag include iostream dot h functions in 667 00:32:17.119 --> 00:32:22.359 main code, locks and curly braces, streams, cout for output 668 00:32:22.720 --> 00:32:24.519 and return return zero. 669 00:32:24.720 --> 00:32:26.039 Very standard interest stuff. 670 00:32:26.119 --> 00:32:28.759 Yeah. It briefly touches on data topes and number systems, 671 00:32:28.960 --> 00:32:32.079 and suggests exercises like running sample code or typing conversions. 672 00:32:32.319 --> 00:32:34.920 It even points to some external resources for learning more 673 00:32:35.200 --> 00:32:36.039 C plus plus. 674 00:32:36.119 --> 00:32:39.279 Yow, that was quite a journey through this document, Anni 675 00:32:39.400 --> 00:32:42.359 rag Hacking with experts. It's remarkable how varied the content 676 00:32:42.480 --> 00:32:42.839 is it. 677 00:32:42.799 --> 00:32:46.359 Really is, spanning from highly technical exploits like blind SQL 678 00:32:46.400 --> 00:32:50.480 injection to simple notepad pranks and basic PC utility tips. 679 00:32:50.559 --> 00:32:53.119 It truly explores a wide range of ways one can 680 00:32:53.160 --> 00:32:56.720 interact with and manipulate technology. It really reflects perhaps a 681 00:32:56.759 --> 00:33:00.279 young enthusiast's broad curiosity about the digital world and sharing 682 00:33:00.319 --> 00:33:02.319 everything they find and throughout it. 683 00:33:02.279 --> 00:33:06.920 All, especially in sections describing potentially harmful activities, the document 684 00:33:07.000 --> 00:33:10.720 consistently includes that clear legal disclaimer. 685 00:33:10.359 --> 00:33:14.279 Right emphasizing it's for educational and research purposes only and 686 00:33:14.359 --> 00:33:17.640 warning against illegal use. It frames this knowledge as a 687 00:33:17.640 --> 00:33:20.240 way to understand the minds of hackers. 688 00:33:20.519 --> 00:33:23.680 Yes, the sources stated intention right at the end is 689 00:33:23.720 --> 00:33:27.240 that by being exposed to this content you become capable 690 00:33:27.240 --> 00:33:30.559 of securing your own and your surrounding computers from the 691 00:33:30.599 --> 00:33:31.960 threat we called hacking. 692 00:33:32.240 --> 00:33:36.079 It explicitly positions understanding the how as a fundamental step 693 00:33:36.119 --> 00:33:39.599 in defense, learning the attacker's perspective to improve your own 694 00:33:39.640 --> 00:33:40.640 security posture. 695 00:33:41.160 --> 00:33:43.039 So what does this all mean for you? The listener? 696 00:33:43.519 --> 00:33:46.480 How is simply knowing about the diverse techniques described in 697 00:33:46.480 --> 00:33:49.799 this document, Everything from the detailed steps of WEP cracking 698 00:33:50.039 --> 00:33:52.119 to the concept of a r AT all the way 699 00:33:52.160 --> 00:33:54.920 down to a funny CD drive prank script or a 700 00:33:54.960 --> 00:33:57.960 note about Google tricks change the way you interact with technology? 701 00:33:58.319 --> 00:34:01.839 How does it affect how you approach your own digital security? 702 00:34:02.519 --> 00:34:05.440 If understanding the how is the first step in defense, 703 00:34:05.480 --> 00:34:08.440 As the source suggests, how a might knowing about this 704 00:34:08.519 --> 00:34:11.599 particular collection of methods influence your next steps. 705 00:34:11.719 --> 00:34:14.280 It certainly gives you a unique perspective on the various 706 00:34:14.320 --> 00:34:18.840 approaches one might take when tinkering with or targeting computer systems, 707 00:34:19.000 --> 00:34:21.079 A very broad perspective based on this source 708 00:34:21.280 --> 00:34:22.119 Something to think about.