WEBVTT 00:01.080 --> 00:01.440 Okay. 00:01.440 --> 00:08.920 Now we have our program that is, uh, doing a small part that is post option. 00:08.920 --> 00:09.240 Okay. 00:09.280 --> 00:11.280 It is handling the post option. 00:11.600 --> 00:15.760 Now let's go and create a program to guess the login information okay. 00:15.800 --> 00:20.320 For example, the, uh, password for this website. 00:21.640 --> 00:24.360 And here I'm going to create a new file. 00:24.360 --> 00:31.800 It is going to be guess this login dot pi. 00:32.040 --> 00:36.040 So here I am going to use that. 00:36.040 --> 00:40.000 And also let's create a list of password here. 00:41.040 --> 00:45.400 So it's going to be password dot list. 00:45.440 --> 00:45.960 Let enter. 00:46.000 --> 00:48.240 Now the list is almost here. 00:49.560 --> 00:58.240 Uh we have um. 01:01.030 --> 01:10.950 Just let's use this little information that we have here, okay, as a password and add let's add some 01:10.950 --> 01:11.350 new thing. 01:11.350 --> 01:11.990 For example. 01:11.990 --> 01:13.830 The other one is going to be admin. 01:13.830 --> 01:19.350 We have pass we have pass w we have password. 01:19.390 --> 01:24.270 We have like we have love this information. 01:24.270 --> 01:31.790 This little which is 20 line of code, 20 line of uh password that we are going to use here to test 01:31.790 --> 01:31.950 it. 01:31.950 --> 01:32.830 Okay. 01:32.870 --> 01:36.230 I don't have a big password list here. 01:36.630 --> 01:43.910 I'm going to just use that to get the just the password for this data for this website. 01:43.950 --> 01:44.670 Okay. 01:44.710 --> 01:48.550 Again in here we are going to use the request as well. 01:49.630 --> 01:55.470 So you see that, uh, we have this little information here that I'm going to use. 01:55.830 --> 02:01.780 I copy that and use that here and paste it here. 02:01.820 --> 02:02.180 Okay. 02:06.260 --> 02:09.060 Here you see we have the username which is equal to admin. 02:09.060 --> 02:10.620 Password is equal to password. 02:10.620 --> 02:14.700 Here I'm going to remove that and put an empty string there. 02:15.140 --> 02:18.620 And the next thing is to open this password list. 02:18.740 --> 02:22.740 And then try that on this website and try to log in. 02:22.780 --> 02:27.260 If we log in we'll find a correct password. 02:27.260 --> 02:34.620 So we need to provide a correct message that shows that we are we are finding or we found the password. 02:34.620 --> 02:41.100 If not so give me an appropriate message or that you didn't find the password for this website. 02:41.140 --> 02:41.780 Okay. 02:41.820 --> 02:47.420 So the first thing is we need to open the file. 02:47.420 --> 02:54.580 The file is as word dot list okay. 02:56.260 --> 02:58.930 And when we open this? 02:59.130 --> 03:00.250 I want to read it. 03:00.330 --> 03:00.730 Okay. 03:02.050 --> 03:07.610 As something as for example, I'm going to name it word list. 03:08.450 --> 03:12.250 So when I open this I need to go inside. 03:12.250 --> 03:13.530 So we need you. 03:13.570 --> 03:20.650 We need to use a for loop for line in word list that we have okay. 03:20.690 --> 03:30.250 So when I go inside of this and then I can do one thing to remove extra space and enter from here. 03:30.250 --> 03:36.770 That is, uh, word is equal to line dot strip. 03:37.090 --> 03:37.690 Okay. 03:37.730 --> 03:43.290 This will remove the extra thing like the enter that we have at the end of each line. 03:43.450 --> 03:46.170 The next thing I can do is the data dictionary. 03:46.530 --> 03:47.970 One of the it's key. 03:48.010 --> 03:54.410 That is um that is password okay. 03:54.610 --> 03:56.170 We need to find this. 03:56.530 --> 03:59.560 And Um password. 03:59.600 --> 04:00.040 Okay. 04:01.600 --> 04:04.000 Is going to be equal to word. 04:04.640 --> 04:04.920 So. 04:07.320 --> 04:15.080 Now we are going to have uh, the target URL and also the data. 04:15.800 --> 04:17.480 I mean we need to use the post. 04:17.520 --> 04:17.920 Okay. 04:18.160 --> 04:27.720 So again let's use the response is going to be equal to requests dot post okay. 04:27.720 --> 04:29.880 Here we need to give two things. 04:29.920 --> 04:32.280 The first one is the target URL. 04:32.440 --> 04:42.000 And the next one is going to be data is equal to data underscore dictionary. 04:42.480 --> 04:47.480 So now let's use an if condition here. 04:47.880 --> 05:01.640 If we have something here let me show you in here When I try to log in with a false information, I 05:01.680 --> 05:02.480 hit login. 05:02.760 --> 05:05.800 I have something called login failed. 05:05.840 --> 05:06.280 Okay. 05:08.320 --> 05:13.360 It shows me this text here that I can use it in here. 05:13.640 --> 05:14.000 Okay. 05:14.800 --> 05:15.200 If. 05:17.640 --> 05:19.400 If this login failed. 05:21.200 --> 05:30.000 Not in, uh response dot content that we could use. 05:30.320 --> 05:34.680 If it is not in here, that means we are logged in. 05:34.960 --> 05:38.440 So let's print that. 05:43.320 --> 05:45.280 Uh, got the password. 05:48.520 --> 05:52.160 And that is the password. 05:52.200 --> 05:52.600 Okay. 05:54.960 --> 06:01.030 So the world will have will contain only the thing that it found. 06:01.070 --> 06:01.710 It finds. 06:01.750 --> 06:02.150 Okay. 06:03.190 --> 06:09.070 And then let's exit this. 06:09.110 --> 06:11.550 And if not, find it. 06:11.590 --> 06:11.750 Okay. 06:11.750 --> 06:16.150 If we are not able to find what we're looking for. 06:19.230 --> 06:20.910 Then let's print something else. 06:23.110 --> 06:27.310 In here I am going to print that. 06:27.910 --> 06:28.510 Great. 06:30.870 --> 06:31.310 Mm. 06:32.830 --> 06:33.670 End of line. 06:34.630 --> 06:35.750 Let's save this. 06:35.790 --> 06:38.710 And now you see that we have a password list here. 06:39.270 --> 06:44.270 That is, uh, in here we are opening that and we are reading each line, and then we are removing the 06:44.270 --> 06:48.470 extra entry from that each line. 06:48.470 --> 06:57.340 And then we are checking that data dictionary which has a password key here and it has an empty value. 06:57.380 --> 06:59.380 We are going to assign the word in here. 06:59.380 --> 07:04.860 And in here we are checking that if we don't have login failed in response dot content, that means 07:04.860 --> 07:05.900 we are logged in. 07:05.900 --> 07:11.860 And that thing that we provided is correct and the word is founded. 07:12.140 --> 07:12.980 Let's save it. 07:13.140 --> 07:14.740 And here. 07:18.540 --> 07:23.060 Okay I am going to use this login. 07:23.220 --> 07:24.060 Let's hit enter. 07:24.500 --> 07:24.900 Okay. 07:25.580 --> 07:32.620 We have something again here on line 11 that is here. 07:34.580 --> 07:37.100 That means we need to change this again. 07:37.100 --> 07:38.420 Back to string. 07:40.780 --> 07:42.100 And save it. 07:43.220 --> 07:46.540 Try to re-execute this and you see. 07:46.580 --> 07:47.420 Got the password. 07:47.420 --> 07:49.460 And the password is equal to password. 07:49.460 --> 07:52.460 That means we have found the password. 07:53.020 --> 07:58.730 What if I remove this password from here and now. 08:01.650 --> 08:06.050 I save this and really execute the program. 08:06.770 --> 08:13.210 You will see that ridge end of line and we don't have any password or something. 08:13.250 --> 08:13.650 Okay. 08:14.090 --> 08:18.010 So now you learn how to guess a login page. 08:18.490 --> 08:19.290 Okay. 08:19.330 --> 08:22.930 Login page details like password. 08:23.850 --> 08:31.410 If you're going to try this on a big website like Facebook or like Gmail or something, for example, 08:31.410 --> 08:34.010 you have the email address trying to find the password. 08:34.010 --> 08:35.850 You need to have a big password. 08:35.850 --> 08:40.290 You give the URL here and then you provide the username and also the password. 08:40.330 --> 08:40.850 Okay. 08:40.890 --> 08:42.850 Go and check the source code. 08:42.850 --> 08:49.570 And then you will be able to test that you need to have a big password list. 08:49.570 --> 08:52.770 So thanks for watching and I will see you later.