Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,480 --> 00:00:04,200 The final tool is that they want to point to a section. 2 00:00:04,230 --> 00:00:06,070 It's a very very important tool. 3 00:00:06,090 --> 00:00:08,980 It's called Map and math. 4 00:00:09,060 --> 00:00:16,900 It's one of the best scanning tool in any platform and it's built in. 5 00:00:16,910 --> 00:00:21,700 Inside colonics but you can download the Windows version if you want and map that up. 6 00:00:21,900 --> 00:00:27,700 But I wouldn't recommend that the Linux map. 7 00:00:27,720 --> 00:00:29,200 It's quite effective. 8 00:00:29,400 --> 00:00:36,390 And if you're not very good in memorizing switches minus as minus or minus B you can use a graphical 9 00:00:36,390 --> 00:00:41,770 one so you have to open for using a map for scanning any victim using the command line which you can 10 00:00:41,790 --> 00:00:43,650 start with and then using the 11 00:00:47,980 --> 00:00:49,240 graphical interface. 12 00:00:49,240 --> 00:00:53,300 So let's start by checking and map too. 13 00:00:53,550 --> 00:00:58,050 So I'm going to open a terminal and map the command line first. 14 00:00:58,130 --> 00:01:00,090 It's used. 15 00:01:00,340 --> 00:01:02,110 You can use it by typing and map. 16 00:01:02,230 --> 00:01:07,840 And then if you type minus minus help it will show you all the switches you can use. 17 00:01:07,850 --> 00:01:09,180 And actually it's quite big. 18 00:01:09,220 --> 00:01:15,130 And I'm going to add with the course description I'm gonna add some additional material to explain all 19 00:01:15,130 --> 00:01:24,190 the switches and give you some example but let's take a small demonstration about and map identifying 20 00:01:24,190 --> 00:01:27,970 the victim and let's see how to use it. 21 00:01:27,970 --> 00:01:29,550 So I have here two victims. 22 00:01:29,560 --> 00:01:31,840 Let me check them. 23 00:01:32,080 --> 00:01:34,640 This one is Windows 8. 24 00:01:34,810 --> 00:01:36,790 Check its IP CMG 25 00:01:40,860 --> 00:01:44,270 and type IP config. 26 00:01:46,700 --> 00:01:53,890 And the IP of this machine is 1 4 2 1 3 9 and I have another device another virtual machine. 27 00:01:53,990 --> 00:01:57,180 It's a Windows XP machine. 28 00:01:57,330 --> 00:02:00,730 And let's check 29 00:02:11,140 --> 00:02:18,350 now the first thing we're going to try would be a common line xylem got to choose a graphic and I think 30 00:02:18,350 --> 00:02:26,750 that graphical it's more powerful than a calm and light from my point of view is a common lens is a 31 00:02:27,020 --> 00:02:31,960 powerful one in any tools but graphic it has a lot of feature and you don't need to memorize common 32 00:02:32,000 --> 00:02:38,000 so I'm going to show you first how to scan any system to know the servers operating systems open pool 33 00:02:38,780 --> 00:02:44,490 using ZCom and lines and then how to repeat that using the you of map. 34 00:02:45,110 --> 00:02:47,530 So this is my XP machine. 35 00:02:47,570 --> 00:02:51,050 I just need to get the IP of this machine 36 00:02:54,730 --> 00:03:00,720 which is 1 9 2 and succeed 2 1 3 1. 37 00:03:00,720 --> 00:03:01,940 Excellent. 38 00:03:01,950 --> 00:03:04,840 So getting back to our question in the next. 39 00:03:04,920 --> 00:03:08,580 And let's check both machines using Unmap. 40 00:03:08,640 --> 00:03:17,640 So we're going to type first and map minus small as Zen Captain S which is the port and the service 41 00:03:17,670 --> 00:03:18,720 opening port. 42 00:03:18,720 --> 00:03:27,840 Zen minus capital and then you put the IP of the victims. 43 00:03:27,840 --> 00:03:35,410 Let's try first Windows 8 1 2 1 3 9. 44 00:03:35,490 --> 00:03:36,390 It's quite fun. 45 00:03:36,470 --> 00:03:42,660 As a result of which that you can use you can use a switch that identify or specify a range of board 46 00:03:43,170 --> 00:03:49,010 or the switch to scan a full network or some IP. 47 00:03:49,010 --> 00:03:50,560 I mean that is a lot of switches. 48 00:03:50,760 --> 00:03:57,210 But as I told you instead of memorizing or searching for help I'm going to repeat this step using a 49 00:03:57,390 --> 00:03:59,970 graphical interface and you're going to see the result. 50 00:04:00,090 --> 00:04:06,340 So I'm going to keep this one running and I'm going to put another terminal and scan Zazzle machine. 51 00:04:06,340 --> 00:04:07,820 So to save time. 52 00:04:07,830 --> 00:04:17,390 So here also I'm going to type and map my own as small as captain is minus capital. 53 00:04:17,910 --> 00:04:27,340 And then 1 9 2 1 6 8 1 2 1 3 1. 54 00:04:28,480 --> 00:04:36,430 Okay I think here we have a problem up to. 55 00:04:36,660 --> 00:04:39,140 It was not able to get any single. 56 00:04:39,150 --> 00:04:47,790 I'm not sure if IP is right or not that sleeping on the machine to make sure is that I think 1 9 2 1 57 00:04:47,790 --> 00:04:54,710 6 8 1 2 1 3 9 it's not pinging. 58 00:04:56,820 --> 00:05:01,510 Eyes I'm so sorry these IPs 1 4 2 1 3 9. 59 00:05:01,770 --> 00:05:02,830 My mistake. 60 00:05:06,030 --> 00:05:08,130 Sorry happen sometimes. 61 00:05:08,340 --> 00:05:14,070 So let's clear the screen and comment one more time. 62 00:05:14,100 --> 00:05:22,390 It's 1 4 2 1 4 2 2 3 9 and enter 63 00:05:25,190 --> 00:05:34,140 while here it's not pinging on full is I'm sorry I'm sorry. 64 00:05:34,530 --> 00:05:43,720 And Matt you didn't go one or two and he started in my opinion and need to change that as well because 65 00:05:43,720 --> 00:05:45,340 it was one way for you. 66 00:05:45,610 --> 00:05:51,280 So Also here is one for two. 67 00:05:52,090 --> 00:05:54,780 And you should not take time. 68 00:05:55,240 --> 00:06:03,280 And as you can see for the second machine he give us all the open port to see in the media upload how 69 00:06:03,280 --> 00:06:10,120 to utilize this information to search for vulnerability and what servers are opening those port. 70 00:06:10,150 --> 00:06:12,070 So this one is the Nexus One. 71 00:06:12,160 --> 00:06:19,420 And if use net cut to connect to this port you will know which 10 that exactly is using or which I guess 72 00:06:19,420 --> 00:06:25,450 is using which would be very useful for you in the meta deployed section searching for weaknesses in 73 00:06:25,450 --> 00:06:26,650 those servers. 74 00:06:26,660 --> 00:06:31,620 Also give us the MAC address of this machine. 75 00:06:32,050 --> 00:06:39,730 This is you know useful if you need to do they are to attack like this or capture and he was able to 76 00:06:39,730 --> 00:06:44,920 figure out that this is a virtual machine it's not a physical machine and operating system running on 77 00:06:44,920 --> 00:06:47,700 this machine could be one of those super things. 78 00:06:47,920 --> 00:06:54,780 And here we still have a problem I don't know why most of 1 4 2 1 3 9. 79 00:06:55,090 --> 00:07:01,760 Let's check if we got the right IP here or not. 80 00:07:02,040 --> 00:07:08,640 It's 1 4 2 1 3 9. 81 00:07:09,160 --> 00:07:09,780 OK. 82 00:07:09,940 --> 00:07:16,960 Seems that he was not able to scan Zealander's point one we're going to try to troubleshoot that. 83 00:07:17,320 --> 00:07:26,290 But let's use a graphical way and see if he will be able to scan and get his results from that. 84 00:07:26,560 --> 00:07:32,210 So let's use you for a map which is much more easier and give you much more information. 85 00:07:32,320 --> 00:07:37,370 Open terminal and type Zenn man and man 86 00:07:40,070 --> 00:07:44,780 and opens and map it will opens a graphical interface. 87 00:07:44,780 --> 00:07:55,490 And here you just need two types I.P you could put one computer like this one 9 2 1 6 8 8 1 4 2 8 whatever 88 00:07:55,490 --> 00:08:04,280 IP or you can put that 0 slash 24 which will scan the full letter getting all the computer on the network 89 00:08:04,330 --> 00:08:07,060 and open port and service an operating system. 90 00:08:07,340 --> 00:08:12,840 And the good thing about the maps that is showing you what comment we'll be using and you can say See 91 00:08:13,400 --> 00:08:20,090 if you are aware of and maybe you can change on such switches but I'm going to keep the default and 92 00:08:20,120 --> 00:08:23,690 Weakland going to click on scan. 93 00:08:23,720 --> 00:08:26,270 Now this may take a time because I have like six machine. 94 00:08:26,270 --> 00:08:26,870 So. 95 00:08:26,890 --> 00:08:33,120 But as you can see it's fast but I want to show you what would be the output of his scans full network. 96 00:08:33,170 --> 00:08:41,940 But I'm going to pause for a few seconds until we finish a few minutes because it's going to take time. 97 00:08:42,000 --> 00:08:43,350 So it took a few minutes. 98 00:08:43,410 --> 00:08:47,260 And as you can see and again it will bigger Bickersons that it will take more time. 99 00:08:47,280 --> 00:08:55,110 It was able to discover all PC all the open port services the operating system everything on this machine. 100 00:08:55,530 --> 00:08:59,960 But besides it and even the version of some of those services. 101 00:09:00,390 --> 00:09:07,530 But besides that if you go here to typology he was able to figure out how this network is connected 102 00:09:08,190 --> 00:09:12,130 and which machine it's more vulnerable than other machine. 103 00:09:12,360 --> 00:09:18,420 So if you plan to compromise the network from which one should you start zoning green those are kind 104 00:09:18,420 --> 00:09:20,040 of secure it will take time. 105 00:09:20,220 --> 00:09:25,800 Well one is that this is very easy to compromise and usually is ruling the network that if you compromise 106 00:09:25,890 --> 00:09:29,290 any computer inside the network it's quite easy to compromise that amount. 107 00:09:29,580 --> 00:09:37,530 So if I can get access to this machine then there is some technique that can be used to compromise secure 108 00:09:37,530 --> 00:09:38,280 one. 109 00:09:38,280 --> 00:09:43,340 And one of the major one of those attack is call Pozza hash. 10536