1
00:00:00,330 --> 00:00:05,450
Welcome everyone to this lecture where we are going to take a look at the code of how we can make our

2
00:00:05,620 --> 00:00:11,030
sage brute force our work faster by using threat library.

3
00:00:11,100 --> 00:00:11,550
All right.

4
00:00:11,580 --> 00:00:17,220
So here is the code and the reason why we are not going to code it ourselves is because it is rather

5
00:00:17,220 --> 00:00:21,750
similar to the first program that we coded in the previous few videos.

6
00:00:21,810 --> 00:00:27,900
There are just some minor changes as well as adding some libraries that we are going to need.

7
00:00:27,900 --> 00:00:29,550
So let's start off from the beginning.

8
00:00:30,180 --> 00:00:33,900
Well first of all there are two different libraries that we had to import.

9
00:00:33,900 --> 00:00:41,100
Next to these for those two our time library and threading library both of these libraries belong to

10
00:00:41,100 --> 00:00:42,910
the default Python libraries.

11
00:00:42,960 --> 00:00:48,330
So there is no need for you to actually install them in your virtual environment as they're already

12
00:00:48,330 --> 00:00:48,670
there.

13
00:00:49,640 --> 00:00:54,950
Right after right at the beginning of the program we declare a stop flag variable and this variable

14
00:00:54,950 --> 00:00:59,120
is going to be of use to us once we get to the actual threading part.

15
00:00:59,120 --> 00:01:06,110
So for now we simply just declare a variable and it will be an integer value of zero in our essays connect

16
00:01:06,110 --> 00:01:06,890
function.

17
00:01:06,950 --> 00:01:12,300
We make a few minor changes such as for example we declare that we are going to use the global stop

18
00:01:12,310 --> 00:01:15,170
flag variable inside of this function.

19
00:01:15,170 --> 00:01:21,140
Then we perform the same two things that we performed in the regular brute force or after it would try

20
00:01:21,140 --> 00:01:22,060
to connect.

21
00:01:22,130 --> 00:01:29,530
And if we manage to connect then we set the stop flag to be equal to 1 then after it we print that password

22
00:01:29,540 --> 00:01:30,140
was found.

23
00:01:30,170 --> 00:01:36,210
And in any other case will print incorrect log in and we will close the SDH connection.

24
00:01:36,230 --> 00:01:40,570
Now let's get to the part where we actually set this top like variable to be equal to 1.

25
00:01:40,580 --> 00:01:41,740
Why do we do that.

26
00:01:41,750 --> 00:01:47,810
Well if we go all the way down all these things are the same as in the previous program.

27
00:01:47,930 --> 00:01:54,230
Right here I just had a print statement that says starting threaded SDH brute force and below there

28
00:01:54,230 --> 00:01:59,330
we open the file for passports and if we go to the passwords dot the Steve file you will notice that

29
00:01:59,330 --> 00:02:06,620
they added a few more passwords right here around 150 so we can see how fast it will brute force the

30
00:02:06,650 --> 00:02:10,960
correct password is somewhere around here and let us continue with the program.

31
00:02:10,970 --> 00:02:18,290
So we go into the for loop and we read password by password or line by line and if stop flag is equal

32
00:02:18,290 --> 00:02:25,130
to zero then we will join all threads and exit the program and the threads that we create are actually

33
00:02:25,130 --> 00:02:25,960
down here.

34
00:02:26,140 --> 00:02:30,950
OK so let's not pay attention to this part of the code at the moment.

35
00:02:30,950 --> 00:02:37,850
So for each password we perform the strip function onto that password so we can get rid of all the unnecessary

36
00:02:37,850 --> 00:02:38,960
characters.

37
00:02:38,960 --> 00:02:43,090
Then we create our thread object which is going to be called Deep.

38
00:02:43,550 --> 00:02:49,580
We perform the actual thread the object and the thread function onto the SSA connect function and that

39
00:02:49,580 --> 00:02:52,560
is the first parameter to the thread function.

40
00:02:52,580 --> 00:02:58,340
So the target is the actual function that you're going to perform the thread on and the args are the

41
00:02:58,400 --> 00:03:00,400
arguments to that function.

42
00:03:00,410 --> 00:03:04,910
So in our case that is just one argument which is the password parameter.

43
00:03:04,910 --> 00:03:09,160
And this common right here has to be there even though we don't have a second parameter.

44
00:03:09,410 --> 00:03:11,000
Otherwise this will not work.

45
00:03:11,000 --> 00:03:16,640
So we have to add it right here right after we create the thread object and we call it onto the target

46
00:03:16,640 --> 00:03:22,370
of our search connect with the arguments password then we can start that thread and we can sleep for

47
00:03:22,370 --> 00:03:26,270
zero point five seconds after every time we start the thread.

48
00:03:26,270 --> 00:03:26,890
All right.

49
00:03:27,590 --> 00:03:32,480
So what this will do is it will start the thread each time a new path for this being read from the file

50
00:03:32,840 --> 00:03:36,040
and each password will have its own thread.

51
00:03:36,230 --> 00:03:39,190
And in case the stop flick gets switched to one.

52
00:03:39,200 --> 00:03:44,300
Well that means that some of those threads actually managed to find the correct password as they managed

53
00:03:44,300 --> 00:03:45,760
to connect to the target.

54
00:03:45,920 --> 00:03:48,390
Therefore we said the flag to be equal to one.

55
00:03:48,470 --> 00:03:53,780
And once the flag is set to one that means that we can close the program since we found the correct

56
00:03:53,780 --> 00:03:59,750
password therefore we performed a joint function which will join all the threads that running and then

57
00:03:59,750 --> 00:04:02,190
we can exit the program.

58
00:04:02,210 --> 00:04:05,660
And that is the entire program that runs on threats.

59
00:04:05,660 --> 00:04:09,310
So let's see whether it is faster than the previous one.

60
00:04:09,530 --> 00:04:13,160
First I am going to go and enlarge this

61
00:04:15,880 --> 00:04:19,810
then I will navigate to the pie chart and Dennis sage brute force.

62
00:04:19,810 --> 00:04:21,970
And first we will run the previous program.

63
00:04:22,450 --> 00:04:25,380
So the previous program had no threading library.

64
00:04:25,400 --> 00:04:27,040
Now let's see how that one will do.

65
00:04:27,670 --> 00:04:31,020
So the target address is 182 that 168 up front.

66
00:04:31,060 --> 00:04:34,690
Three in my case the SSA user name is MSF admin.

67
00:04:35,170 --> 00:04:40,280
And the password file is password or passwords without key step.

68
00:04:40,690 --> 00:04:44,200
Press your enter.

69
00:04:44,310 --> 00:04:45,300
It will start running.

70
00:04:45,300 --> 00:04:55,230
We can see we got some incorrect plugins and you can see each password takes around one second to finish.

71
00:04:55,280 --> 00:04:57,950
Therefore this is going rather slow.

72
00:04:57,950 --> 00:05:01,780
So let's just control this so we don't wait for the correct password.

73
00:05:03,020 --> 00:05:11,540
And if we run the second program which is our threaded brute force search and type in the same information

74
00:05:16,450 --> 00:05:17,680
it will start power threaded.

75
00:05:17,680 --> 00:05:22,740
Brute force her and you will see that the passwords go a lot faster than before.

76
00:05:24,130 --> 00:05:28,120
As you can see we already managed to cover more than 20 passwords.

77
00:05:28,150 --> 00:05:29,130
And here it is.

78
00:05:29,140 --> 00:05:34,480
Here is the correct password and few seconds after that it closed the program.

79
00:05:34,490 --> 00:05:40,000
Now the reason why it goes for a few more passwords after finding the correct password is because all

80
00:05:40,000 --> 00:05:44,470
of these passwords were separate threads that ran before.

81
00:05:44,470 --> 00:05:45,810
This one has finished.

82
00:05:45,820 --> 00:05:50,100
Therefore it had to finish these ones first and then exit the program.

83
00:05:50,470 --> 00:05:56,320
And you can see how many passwords we managed to actually cover in just a matter of a second or two.

84
00:05:56,380 --> 00:06:00,210
And it also managed to find the correct password.

85
00:06:00,250 --> 00:06:05,410
Now the reason why incorrect passwords are printed in red is because they also added a print statement

86
00:06:05,950 --> 00:06:13,390
somewhere around here which says that we print the incorrect password in red color by using term colored

87
00:06:13,390 --> 00:06:15,700
dot colored function which we already covered before.

88
00:06:16,570 --> 00:06:20,140
That's basically it for these same brute force.

89
00:06:20,440 --> 00:06:26,560
I hope you enjoyed this section as well as the previous two and this was also some type of a recap video

90
00:06:26,560 --> 00:06:31,480
to this brute force and therefore we are not going to do a recap video as the next lecture we are going

91
00:06:31,480 --> 00:06:34,030
to go straight into the next project.

92
00:06:34,030 --> 00:06:38,740
So hope you enjoyed this for months again and I will see you in the next tutorial by.