1 00:00:01,980 --> 00:00:10,610 So now you're going to go capture five which we've captured during the AM IDM attack the left stoppered 2 00:00:10,620 --> 00:00:11,650 for a second. 3 00:00:12,940 --> 00:00:20,490 And let's just see this violence then on backstopped or whatever you want to see on the backstop. 4 00:00:20,550 --> 00:00:25,870 And that extension will be by a shot. 5 00:00:25,960 --> 00:00:29,860 You see we didn't get the sense that the law is messed 6 00:00:33,660 --> 00:00:34,640 to see event. 7 00:00:35,030 --> 00:00:35,590 Right. 8 00:00:35,850 --> 00:00:40,680 So first of all we should know the IP of our victim to analyze the file. 9 00:00:40,680 --> 00:00:47,880 We should know the IPO for the victim so that we can filter out all the facts on IPV says. 10 00:00:47,910 --> 00:00:48,600 Right. 11 00:00:48,630 --> 00:00:53,410 So our victim IP was 1 9 2 1 6. 12 00:00:53,450 --> 00:00:55,500 It got to five point three. 13 00:00:55,500 --> 00:00:56,240 Right. 14 00:00:56,250 --> 00:01:06,940 So let's just say I beat in the filter box at the top and that's to give God a D or doubling calls and 15 00:01:06,940 --> 00:01:16,480 then we have to type by the right 1 9 2 dot 1 6 8 dot 2 5 door 1 2 or 3. 16 00:01:16,580 --> 00:01:17,350 Right. 17 00:01:17,810 --> 00:01:20,860 And last thing on the front cover. 18 00:01:21,020 --> 00:01:30,120 It's going to filter all the records related to the IP but the form us our destination to it will show 19 00:01:30,160 --> 00:01:34,930 all the packets related to the object on my right as you can see. 20 00:01:35,240 --> 00:01:38,630 These are the packets lifted to my right. 21 00:01:38,720 --> 00:01:40,160 So why are you doing. 22 00:01:40,160 --> 00:01:42,070 Am I being attacked. 23 00:01:42,110 --> 00:01:50,100 Most of the time we are interested only in extra people Packards fight for length of do and first learn. 24 00:01:50,400 --> 00:01:56,820 And let's this type HGT like for people display records related to a.p. 25 00:01:57,050 --> 00:01:59,810 And with the with them I have the right. 26 00:02:00,190 --> 00:02:02,770 So now you're applying through printers. 27 00:02:02,790 --> 00:02:09,810 We are seeing that unique backaches from this IP and the vectors should be the protocol of asked you 28 00:02:09,840 --> 00:02:10,200 to be. 29 00:02:10,210 --> 00:02:11,060 Right. 30 00:02:11,570 --> 00:02:16,650 So as you can see there are multiple packets on here. 31 00:02:17,000 --> 00:02:25,560 Let us try to analyze few back there for over here you can see their data in the backflips 32 00:02:28,660 --> 00:02:29,160 right. 33 00:02:29,320 --> 00:02:31,870 So we can see the sites which you have for the dirt 34 00:02:36,110 --> 00:02:39,570 and there are multiple food packets as well. 35 00:02:39,980 --> 00:02:45,210 I'm going to show you how you can analyze on all aspects as well in that second. 36 00:02:45,590 --> 00:02:48,180 There are multiple factors as well. 37 00:02:49,500 --> 00:02:50,080 Right. 38 00:02:50,370 --> 00:02:56,780 So you can see there are images as well captured on this. 39 00:02:56,940 --> 00:03:05,130 You are an adult which we visited for less just do math or request Red-Haired 40 00:03:11,050 --> 00:03:20,270 Beverly was forthright so it can only display backpacks of GDP. 41 00:03:20,420 --> 00:03:22,530 And also that Crick's right. 42 00:03:22,520 --> 00:03:22,850 All right. 43 00:03:22,860 --> 00:03:27,930 So now you can see there are only four Specker are this main. 44 00:03:28,290 --> 00:03:33,150 So you have if you remember in the previous video we filled out the form as well. 45 00:03:33,150 --> 00:03:37,190 So let's just try to find that at right in the post. 46 00:03:37,230 --> 00:03:43,000 So let's just first try to find the IP of that site. 47 00:03:43,050 --> 00:03:51,140 So as you can see this is the IP the destination IP because we are seeing the source IP for a whole 48 00:03:51,140 --> 00:03:54,130 bunch of unbecome IP and it's going to defy definition. 49 00:03:54,130 --> 00:03:54,560 Right. 50 00:03:54,800 --> 00:03:58,610 And over here you can see the whole story right. 51 00:03:59,120 --> 00:04:03,620 So this is their destination IP for let's just type 52 00:04:06,350 --> 00:04:08,610 one more to enrich we. 53 00:04:08,660 --> 00:04:28,040 I'll be darned Bethy nation and double equals and we have the IP of host which is this Lesters and it 54 00:04:28,130 --> 00:04:31,760 will further filter out all the Packards. 55 00:04:32,070 --> 00:04:32,790 Right. 56 00:04:32,970 --> 00:04:41,380 As you can see we just have one force packet on this IP right and it's the host is this fight. 57 00:04:41,620 --> 00:04:46,310 So let's just try to analyze this packet. 58 00:04:46,500 --> 00:04:53,680 So as you can see the form which faded out in the previous video we can see it all here. 59 00:04:53,940 --> 00:04:58,870 And this is the very sensitive information as you can see in the same manner. 60 00:04:58,870 --> 00:05:03,360 We can also see the log in forms and other forms. 61 00:05:03,440 --> 00:05:04,240 That right. 62 00:05:04,440 --> 00:05:06,360 So we can do the same. 63 00:05:06,490 --> 00:05:14,220 You can apply the same concept on dog form if there might be a tag going on. 64 00:05:14,340 --> 00:05:18,220 And if they you just logged into any site. 65 00:05:18,230 --> 00:05:24,360 Now we will also capture that packet and we can analyze that packet in a very short order. 66 00:05:24,390 --> 00:05:24,950 Right. 67 00:05:25,260 --> 00:05:29,980 So this is how you analyze packets to Wireshark. 68 00:05:30,150 --> 00:05:30,920 Right. 69 00:05:30,960 --> 00:05:38,410 So in the next full We are going to see a scenario in which we were attacked from one night drunk and 70 00:05:38,470 --> 00:05:39,580 that create.