WEBVTT 00:01.120 --> 00:10.000 Okay, we can test and complete this program on any website, but it is better to start doing this on 00:10.120 --> 00:12.880 a website or on Google. 00:12.920 --> 00:15.040 Okay, it's better to use it on Google. 00:15.880 --> 00:19.880 Here I have created something called subdomain. 00:19.920 --> 00:24.040 Okay, let me move it inside this website. 00:24.080 --> 00:24.560 Hacking. 00:24.680 --> 00:30.000 Here I added some WWE mail connect account, log mail and some words. 00:30.040 --> 00:32.600 Okay, here I want to test this. 00:32.600 --> 00:35.560 For example, I test that WWE google.com. 00:35.560 --> 00:40.320 If that exists I want to print that that that that is existing. 00:40.360 --> 00:43.720 Also I want to print if mail is exist. 00:43.760 --> 00:47.320 If connected google.com is exist as subdomain or not. 00:47.360 --> 00:48.360 Okay. 00:48.400 --> 00:53.120 And for me some of them is not going to work because these are filtered. 00:53.120 --> 00:56.800 And in some cases it is not going to work. 00:56.840 --> 01:01.040 But for you it is going to work perfectly and Good. 01:01.440 --> 01:03.480 So, uh. 01:03.480 --> 01:03.960 Here. 01:06.320 --> 01:07.040 Let me. 01:09.960 --> 01:10.120 Here. 01:10.120 --> 01:12.920 I'm going to put this all into a function. 01:12.920 --> 01:14.880 Let's create a method or function. 01:14.880 --> 01:21.800 I'm going to name it request and giving the URL as argument here. 01:24.160 --> 01:27.360 So let's hit tab to put this all inside here. 01:27.800 --> 01:33.880 And also as you see we are printing this git request and blah blah blah. 01:33.920 --> 01:38.960 I'm going to return it here because now it is a method okay. 01:39.640 --> 01:41.080 So save this. 01:41.080 --> 01:49.200 And also here you see that we are trying to access uh, this thing that is not what we want okay. 01:49.240 --> 01:54.200 I want to access for example google.com 01:56.160 --> 01:59.680 google.com and also everything else is good. 02:00.770 --> 02:03.530 So it will come in http and then google.com. 02:03.570 --> 02:04.530 Try to access that. 02:04.530 --> 02:08.290 If it is possible then we will see something. 02:08.290 --> 02:10.290 If not, then not. 02:14.410 --> 02:21.210 So here I am going to open a file that is here. 02:21.250 --> 02:23.210 Okay. 02:23.450 --> 02:28.530 Let me okay this app domain dot txt I'm going to open this here. 02:28.530 --> 02:32.290 Read it and then uh print it okay. 02:33.170 --> 02:33.530 So. 02:35.770 --> 02:49.490 Uh I'm going to open this with open here it was sub domain I think dot txt and I'm going to just read 02:49.490 --> 02:50.010 it okay. 02:52.450 --> 02:56.330 As something I'm going to name it word list. 02:58.530 --> 03:00.730 You can name it anything you want On Tolkien. 03:01.050 --> 03:03.690 So if you want to read that line by line. 03:03.690 --> 03:10.130 So you need to use a for loop here I use for line in word list that we just created. 03:10.170 --> 03:11.210 Okay. 03:11.210 --> 03:15.330 So inside here we are going to strip this. 03:15.370 --> 03:16.650 What does that mean. 03:16.690 --> 03:17.770 Let me show you. 03:18.530 --> 03:24.170 In here you see that on each line we have an enter okay. 03:24.210 --> 03:31.810 Or in here when we write w-w-w then we have a backslash n or I mean we're going to go to New Line. 03:31.810 --> 03:37.850 So when we want to print this we will be having something extra here. 03:37.850 --> 03:41.570 So to remove that we need to use strip method. 03:41.810 --> 03:44.530 So I'm going to create another variable name it word. 03:44.570 --> 03:49.090 Word is going to be equal to line dot strip method. 03:49.370 --> 03:52.090 This will remove that extra thing that it has. 03:52.130 --> 03:52.890 Okay. 03:52.930 --> 03:57.210 So let's use a let's create a URL variable. 03:57.210 --> 04:01.610 It is going to be equal to word that we have Here. 04:02.050 --> 04:05.530 And then I'm going to concatenate this with a dot. 04:06.730 --> 04:13.730 And then again concatenate this with the URL that we just have it over here. 04:14.290 --> 04:21.010 So that means for example in word we have something like mail okay. 04:21.050 --> 04:24.450 So we will be having mail then dot then google.com. 04:25.090 --> 04:27.130 So we have that here. 04:27.610 --> 04:29.570 Now the test URL is completed. 04:31.090 --> 04:35.850 And also as you see we have had a function called request here. 04:35.890 --> 04:36.330 Okay. 04:36.730 --> 04:40.170 So here I have the response. 04:40.850 --> 04:42.930 This response is going to be equal. 04:42.930 --> 04:48.050 We have request and we are going to give the URL to this. 04:48.330 --> 04:51.810 So the URL now it is this URL. 04:51.850 --> 04:52.570 Okay. 04:52.610 --> 04:53.370 Very good. 04:53.410 --> 04:54.450 Now we have this. 04:54.650 --> 04:58.130 It will come and get this test URL here. 04:58.130 --> 05:03.900 And we'll test this and then there's the request that git will return something. 05:04.620 --> 05:11.500 And when we return that and we get it here, then we need to do something with that. 05:12.100 --> 05:19.940 So first let's check if a response return or this response has a true value. 05:20.340 --> 05:23.980 Then let's print that. 05:27.300 --> 05:27.820 Sorry. 05:29.100 --> 05:35.500 Okay here I'm going to tell this, uh, this dot, this domain is discovered. 05:35.540 --> 05:36.300 Okay. 05:36.340 --> 05:41.180 Or we can name it discovered 05:42.940 --> 05:44.300 domains. 05:44.340 --> 05:44.700 Okay. 05:45.460 --> 05:51.060 So now also we need to concatenate this with something else. 05:51.060 --> 05:54.700 And that is the test URL. 05:54.740 --> 05:55.140 Okay. 05:58.100 --> 06:02.460 And Now let me save this. 06:02.620 --> 06:12.420 Now, if I try to access everything that is inside here and as you see these two file, for example 06:12.420 --> 06:17.620 the alert P1 and also the subdomain this both are in the same directory. 06:17.620 --> 06:21.300 So we don't need to use any extra slashes or something like that here. 06:21.980 --> 06:23.660 And that is it okay. 06:24.340 --> 06:27.300 So let's save this and try to execute this. 06:27.300 --> 06:31.180 And let's see how many of these subdomain exist. 06:33.340 --> 06:37.300 First it will come and check for WW. 06:37.340 --> 06:40.100 And you know that WW google.com exists. 06:40.100 --> 06:45.100 But for me it's not working because uh it is um filtered. 06:45.140 --> 06:45.540 Okay. 06:47.420 --> 06:52.740 So let's see if some of them is not filtered here. 06:53.300 --> 06:54.660 It must work. 06:54.740 --> 06:55.700 If not. 06:55.980 --> 06:57.220 So it will not work. 06:58.460 --> 07:00.660 If it doesn't work here in Kali color Linux. 07:00.780 --> 07:05.900 I will test it in other system immediately and you will see that okay. 07:05.940 --> 07:08.580 Right now you see that we see we saw nothing. 07:09.420 --> 07:11.460 And like this. 07:14.260 --> 07:14.700 Okay. 07:14.700 --> 07:23.060 You see that some of them is not filtered like chatbot google.com logout google.com mobile google.com 07:23.180 --> 07:23.780 tools. 07:24.580 --> 07:26.740 And it's about news okay. 07:26.780 --> 07:33.940 It is not also and images maybe it is, it is filtered for me or it doesn't exist. 07:33.940 --> 07:41.460 So from all this thing that you see this part is exist okay. 07:41.500 --> 07:50.580 So now like this, you can find uh sub domains for the main domain that you have. 07:50.620 --> 07:51.540 Okay. 07:51.540 --> 07:58.780 So how did I do this I use the request okay here request dot get. 07:59.180 --> 08:04.870 And it only shows me if I get a response code of 200. 08:04.910 --> 08:07.510 That means it can connect to this thing. 08:07.550 --> 08:09.270 For example cloud.google.com. 08:09.270 --> 08:10.390 It exists. 08:10.390 --> 08:21.670 So now I can understand that the Google has this much subdomain from the whole thing that I provided 08:21.670 --> 08:22.110 here. 08:22.470 --> 08:24.710 So that's how it works. 08:24.710 --> 08:29.830 And it is not only about finding subdomains. 08:30.590 --> 08:41.710 You can use this on in a lot of places, like cracking some password and also a lot of things okay, 08:41.750 --> 08:48.670 hacking WiFi and then using wordlist, a lot of things we can use something like this okay. 08:48.710 --> 08:50.830 It is one of the very good way. 08:50.830 --> 08:55.190 And you need to remember that we are going to use this in a lot of places. 08:55.190 --> 08:56.910 So very good. 08:56.910 --> 09:00.590 Thanks for watching and I will see you in the next lecture.