subtitlecat.com

All language subtitles for Linux for Ethical Hackers (Kali Linux Tutorial)

Afrikaans

Albanian

Amharic

Arabic Download

Armenian

Azerbaijani

Basque

Belarusian

Bengali

Bosnian

Bulgarian

Catalan

Cebuano

Chichewa

Chinese (Simplified)

Chinese (Traditional)

Corsican

Croatian

Czech

Danish

Dutch

English

Esperanto

Estonian

Filipino

Finnish

French

Frisian

Galician

Georgian

German

Greek

Gujarati

Haitian Creole

Hausa

Hawaiian

Hebrew

Hindi

Hmong

Hungarian

Icelandic

Igbo

Indonesian

Irish

Italian

Japanese

Javanese

Kannada

Kazakh

Khmer

Korean

Kurdish (Kurmanji)

Kyrgyz

Lao

Latin

Latvian

Lithuanian

Luxembourgish

Macedonian

Malagasy

Malay

Malayalam

Maltese

Maori

Marathi

Mongolian

Myanmar (Burmese)

Nepali

Norwegian

Pashto

Persian

Polish

Portuguese

Punjabi

Romanian

Russian

Samoan

Scots Gaelic

Serbian

Sesotho

Shona

Sindhi

Sinhala

Slovak

Slovenian

Somali

Spanish

Sundanese

Swahili

Swedish

Tajik

Tamil

Telugu

Thai

Turkish

Ukrainian

Urdu

Uzbek

Vietnamese

Welsh

Xhosa

Yiddish

Yoruba

Zulu

Odia (Oriya)

Kinyarwanda

Turkmen

Tatar

Uyghur

Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,240 --> 00:00:01,680 hello everyone and welcome to this 2 00:00:01,680 --> 00:00:04,720 course on linux for ethical hackers my 3 00:00:04,720 --> 00:00:06,480 name is heath adams and i'm going to be 4 00:00:06,480 --> 00:00:09,040 your instructor for this course 5 00:00:09,040 --> 00:00:11,360 a little bit about me i am an ethical 6 00:00:11,360 --> 00:00:14,160 hacker by trade i am the business owner 7 00:00:14,160 --> 00:00:17,840 and ceo at tcm security we are a dual 8 00:00:17,840 --> 00:00:20,560 headed organization part of what we do 9 00:00:20,560 --> 00:00:22,240 is penetration testing and ethical 10 00:00:22,240 --> 00:00:25,519 hacking so clients pay us to break into 11 00:00:25,519 --> 00:00:27,599 their networks to their web applications 12 00:00:27,599 --> 00:00:29,679 and sometimes even their buildings 13 00:00:29,679 --> 00:00:31,439 and we do that to find vulnerabilities 14 00:00:31,439 --> 00:00:33,840 before the bad people do 15 00:00:33,840 --> 00:00:35,680 the other side of our organization is 16 00:00:35,680 --> 00:00:38,160 that we are a training organization we 17 00:00:38,160 --> 00:00:40,320 have an academy called tcm security 18 00:00:40,320 --> 00:00:43,120 academy and we teach people how to 19 00:00:43,120 --> 00:00:45,200 become ethical hackers 20 00:00:45,200 --> 00:00:47,520 at this point on the youtube channel we 21 00:00:47,520 --> 00:00:50,879 have well over 300 000 subscribers we've 22 00:00:50,879 --> 00:00:52,640 taught well over a million people 23 00:00:52,640 --> 00:00:55,760 through our academy and other platforms 24 00:00:55,760 --> 00:00:58,800 and i just love to teach so here's a 25 00:00:58,800 --> 00:01:00,320 little bit about me if you're interested 26 00:01:00,320 --> 00:01:02,800 in finding me on social media or any of 27 00:01:02,800 --> 00:01:05,438 our websites you can and here's a little 28 00:01:05,438 --> 00:01:06,960 bit of the certifications that i have 29 00:01:06,960 --> 00:01:09,280 that are hacking related 30 00:01:09,280 --> 00:01:11,200 and in this course 31 00:01:11,200 --> 00:01:12,799 we're going to be covering everything 32 00:01:12,799 --> 00:01:15,040 that we need to know to 33 00:01:15,040 --> 00:01:18,000 understand linux as an ethical hacker so 34 00:01:18,000 --> 00:01:20,000 if you've never used linux before and 35 00:01:20,000 --> 00:01:22,000 you're looking into the field of ethical 36 00:01:22,000 --> 00:01:24,479 hacking then this is going to be the 37 00:01:24,479 --> 00:01:27,040 course for you we're going to be 38 00:01:27,040 --> 00:01:29,600 covering how to install and run a 39 00:01:29,600 --> 00:01:32,479 version of linux called kali linux we're 40 00:01:32,479 --> 00:01:34,640 going to cover what kali linux is and 41 00:01:34,640 --> 00:01:36,320 then we're going to talk through 42 00:01:36,320 --> 00:01:38,960 how to navigate the file system how to 43 00:01:38,960 --> 00:01:41,680 use common network commands how to 44 00:01:41,680 --> 00:01:43,680 create files and view files and edit 45 00:01:43,680 --> 00:01:46,159 files and how to stop services start 46 00:01:46,159 --> 00:01:47,439 services 47 00:01:47,439 --> 00:01:50,159 how to install tools and how to write a 48 00:01:50,159 --> 00:01:52,799 script with bash scripting all this is 49 00:01:52,799 --> 00:01:54,560 very important because as an ethical 50 00:01:54,560 --> 00:01:57,600 hacker you are going to be 51 00:01:57,600 --> 00:02:00,719 using linux on a daily basis so it's 52 00:02:00,719 --> 00:02:02,399 important to know how to use linux and 53 00:02:02,399 --> 00:02:04,560 if you've never done it before again 54 00:02:04,560 --> 00:02:07,759 this is the course for you 55 00:02:07,759 --> 00:02:10,878 now quickly switching over to youtube i 56 00:02:10,878 --> 00:02:13,280 have taught this course before 57 00:02:13,280 --> 00:02:15,440 now i taught this course two years ago 58 00:02:15,440 --> 00:02:17,840 and i provided that course for free to 59 00:02:17,840 --> 00:02:20,800 free code camp i also actually taught a 60 00:02:20,800 --> 00:02:22,480 ethical hacking course for them a couple 61 00:02:22,480 --> 00:02:24,879 years ago and provided that to their 62 00:02:24,879 --> 00:02:27,360 youtube channel since then we have 63 00:02:27,360 --> 00:02:29,440 launched our academy our youtube channel 64 00:02:29,440 --> 00:02:31,599 has blown up and we are self-sufficient 65 00:02:31,599 --> 00:02:33,360 on our own channel 66 00:02:33,360 --> 00:02:35,200 to the point now we're putting up 67 00:02:35,200 --> 00:02:37,200 updated materials such as this ethical 68 00:02:37,200 --> 00:02:40,160 hacking course and this opsint or open 69 00:02:40,160 --> 00:02:42,480 source intelligence course and now this 70 00:02:42,480 --> 00:02:45,840 linux course for 2022 71 00:02:45,840 --> 00:02:47,200 so if you're asking what the big 72 00:02:47,200 --> 00:02:48,959 differentiator is between the old 73 00:02:48,959 --> 00:02:51,040 courses and the new ones is that these 74 00:02:51,040 --> 00:02:53,280 are incredibly up-to-date in this course 75 00:02:53,280 --> 00:02:56,560 we're going to be using ali 2022.2 which 76 00:02:56,560 --> 00:03:00,560 is the very latest edition of kali linux 77 00:03:00,560 --> 00:03:02,080 last thing to mention before we jump 78 00:03:02,080 --> 00:03:03,440 into the course 79 00:03:03,440 --> 00:03:06,400 is that this course does belong as part 80 00:03:06,400 --> 00:03:09,120 of a larger course at our tcm security 81 00:03:09,120 --> 00:03:10,159 academy 82 00:03:10,159 --> 00:03:12,400 if you scroll down we do have courses on 83 00:03:12,400 --> 00:03:15,120 all kinds of things we've got courses on 84 00:03:15,120 --> 00:03:17,840 linux if you are interested in a full-on 85 00:03:17,840 --> 00:03:20,239 linux course we've got courses on python 86 00:03:20,239 --> 00:03:22,800 as well the linux for ethical hackers 87 00:03:22,800 --> 00:03:24,640 actually is part of the practical 88 00:03:24,640 --> 00:03:26,400 ethical hacking course which is a 89 00:03:26,400 --> 00:03:29,599 25-hour long course on ethical hacking 90 00:03:29,599 --> 00:03:31,440 so if you find that you really enjoyed 91 00:03:31,440 --> 00:03:32,480 this course 92 00:03:32,480 --> 00:03:33,920 and you want to learn more about ethical 93 00:03:33,920 --> 00:03:36,319 hacking please do consider coming and 94 00:03:36,319 --> 00:03:37,920 checking out our practical ethical 95 00:03:37,920 --> 00:03:40,640 hacking course on the academy and any of 96 00:03:40,640 --> 00:03:42,480 our great other courses that we have 97 00:03:42,480 --> 00:03:43,840 here 98 00:03:43,840 --> 00:03:45,680 and please do consider subscribing to 99 00:03:45,680 --> 00:03:46,799 the channel 100 00:03:46,799 --> 00:03:48,720 subscriptions go a long way for us they 101 00:03:48,720 --> 00:03:51,200 help with providing the free content and 102 00:03:51,200 --> 00:03:53,040 getting awareness out there for the 103 00:03:53,040 --> 00:03:55,360 ethical hacking field and helping get 104 00:03:55,360 --> 00:03:59,280 people into the career of cyber security 105 00:03:59,280 --> 00:04:00,959 if you're watching one of our videos all 106 00:04:00,959 --> 00:04:02,480 you have to do is come here and hit 107 00:04:02,480 --> 00:04:04,720 subscribe and then you will get notified 108 00:04:04,720 --> 00:04:07,200 anytime we release new content such as 109 00:04:07,200 --> 00:04:09,439 awesome courses like this one so without 110 00:04:09,439 --> 00:04:11,040 further ado let's go ahead and jump 111 00:04:11,040 --> 00:04:13,840 right into the 112 00:04:13,840 --> 00:04:16,079 all right so in order to be successful 113 00:04:16,079 --> 00:04:18,160 in this course we are going to be 114 00:04:18,160 --> 00:04:20,079 utilizing what is called a virtual 115 00:04:20,079 --> 00:04:22,320 machine now virtual machines are known 116 00:04:22,320 --> 00:04:24,639 as vms for short 117 00:04:24,639 --> 00:04:27,759 and a vm is just a machine on top of a 118 00:04:27,759 --> 00:04:29,840 machine and to give you an example i'm 119 00:04:29,840 --> 00:04:31,280 actually running this windows 10 120 00:04:31,280 --> 00:04:33,360 instance that you see here 121 00:04:33,360 --> 00:04:35,919 on top of my windows 10 instance so here 122 00:04:35,919 --> 00:04:38,240 you can see if i scroll up that i have a 123 00:04:38,240 --> 00:04:40,400 windows 10 machine i also have a linux 124 00:04:40,400 --> 00:04:43,840 machine sitting here if i were to 125 00:04:43,840 --> 00:04:46,400 de-maximize this you can see that i'm 126 00:04:46,400 --> 00:04:48,479 actually running here a windows machine 127 00:04:48,479 --> 00:04:49,520 in the back 128 00:04:49,520 --> 00:04:51,360 this is my wife and i 129 00:04:51,360 --> 00:04:53,440 and you come through here we just blow 130 00:04:53,440 --> 00:04:55,040 it back up and we're back inside of our 131 00:04:55,040 --> 00:04:57,680 machine so a virtual machine is just a 132 00:04:57,680 --> 00:04:59,840 machine inside of a machine 133 00:04:59,840 --> 00:05:01,360 so what we're going to be doing is we're 134 00:05:01,360 --> 00:05:03,360 going to be utilizing this to build out 135 00:05:03,360 --> 00:05:05,039 labs that way we don't have to actually 136 00:05:05,039 --> 00:05:06,720 have a bunch of hardware we can just use 137 00:05:06,720 --> 00:05:09,919 this for our our course and run what we 138 00:05:09,919 --> 00:05:11,759 need to on top of our own machine 139 00:05:11,759 --> 00:05:14,880 already now this can get resource 140 00:05:14,880 --> 00:05:17,759 intensive so if you are only utilizing 141 00:05:17,759 --> 00:05:20,320 something like eight gigabytes of ram 142 00:05:20,320 --> 00:05:22,240 then you might have some issues with 143 00:05:22,240 --> 00:05:24,639 this but you can still follow along when 144 00:05:24,639 --> 00:05:26,880 we get into the active directory portion 145 00:05:26,880 --> 00:05:28,560 you might run into issues if you do not 146 00:05:28,560 --> 00:05:30,960 have at least 16 gigabytes of ram to 147 00:05:30,960 --> 00:05:33,120 utilize but we'll worry about that when 148 00:05:33,120 --> 00:05:34,560 we get there there are still plenty of 149 00:05:34,560 --> 00:05:36,160 ways to follow along throughout this 150 00:05:36,160 --> 00:05:39,280 whole course so another thing to note is 151 00:05:39,280 --> 00:05:41,759 that i use vm's every single day this 152 00:05:41,759 --> 00:05:44,160 machine that you see here is actually my 153 00:05:44,160 --> 00:05:47,199 day-to-day pen testing machine so i run 154 00:05:47,199 --> 00:05:50,000 a kali linux instance on top of my 155 00:05:50,000 --> 00:05:52,800 windows machine and utilize that to do 156 00:05:52,800 --> 00:05:55,360 penetration testing so i'm going to 157 00:05:55,360 --> 00:05:57,280 demonstrate that to you and how we're 158 00:05:57,280 --> 00:05:59,039 going to build out our labs with that 159 00:05:59,039 --> 00:06:01,360 and a lot of us in the industry run 160 00:06:01,360 --> 00:06:03,360 through vms as opposed to running it 161 00:06:03,360 --> 00:06:06,800 directly on metal or on a machine so in 162 00:06:06,800 --> 00:06:07,840 order to 163 00:06:07,840 --> 00:06:09,919 utilize virtual machines we first need 164 00:06:09,919 --> 00:06:12,720 some sort of virtual machine software to 165 00:06:12,720 --> 00:06:14,560 play these so there are two different 166 00:06:14,560 --> 00:06:16,319 ways that we can do this 167 00:06:16,319 --> 00:06:18,560 if you are on a windows machine or a 168 00:06:18,560 --> 00:06:21,360 linux machine you can utilize vmware 169 00:06:21,360 --> 00:06:22,960 workstation player 170 00:06:22,960 --> 00:06:24,720 now if you type in vmware workstation 171 00:06:24,720 --> 00:06:26,080 player in google 172 00:06:26,080 --> 00:06:28,639 the first one here that says download 173 00:06:28,639 --> 00:06:30,400 vmware workstation player you just click 174 00:06:30,400 --> 00:06:32,080 on that 175 00:06:32,080 --> 00:06:34,800 and if you are in a mac environment 176 00:06:34,800 --> 00:06:36,319 you're going to be utilizing oracle 177 00:06:36,319 --> 00:06:38,560 virtualbox so if you type in oracle 178 00:06:38,560 --> 00:06:40,319 virtualbox you come here and you go to 179 00:06:40,319 --> 00:06:41,919 downloads 180 00:06:41,919 --> 00:06:43,919 you have your option there as well 181 00:06:43,919 --> 00:06:44,800 so 182 00:06:44,800 --> 00:06:47,600 in this course i will be using vmware 183 00:06:47,600 --> 00:06:49,680 workstation player i'm going to be 184 00:06:49,680 --> 00:06:51,599 running it on top of windows if you are 185 00:06:51,599 --> 00:06:53,840 using mac that is absolutely fine you're 186 00:06:53,840 --> 00:06:55,440 going to be following along just the 187 00:06:55,440 --> 00:06:56,319 same 188 00:06:56,319 --> 00:06:58,720 all you need to be able to do is 189 00:06:58,720 --> 00:07:00,160 follow the same instructions that i give 190 00:07:00,160 --> 00:07:02,560 you and you will be a-okay 191 00:07:02,560 --> 00:07:04,639 so if you scroll down here you can see 192 00:07:04,639 --> 00:07:06,400 try workstation player for windows or 193 00:07:06,400 --> 00:07:08,400 try a workstation player for linux go 194 00:07:08,400 --> 00:07:10,400 ahead and just select download now 195 00:07:10,400 --> 00:07:12,000 that should bring up a download and go 196 00:07:12,000 --> 00:07:14,720 ahead and save it 197 00:07:14,720 --> 00:07:17,039 if you're doing virtualbox go ahead and 198 00:07:17,039 --> 00:07:20,639 download uh for os x i will download the 199 00:07:20,639 --> 00:07:23,599 windows version just so that we can uh 200 00:07:23,599 --> 00:07:25,039 we can see what that looks like as well 201 00:07:25,039 --> 00:07:27,599 so i'll save both of these 202 00:07:27,599 --> 00:07:29,360 so let's view our downloads and we've 203 00:07:29,360 --> 00:07:32,319 got vmware workstation player here 204 00:07:32,319 --> 00:07:36,720 i'm going to go ahead and open this one 205 00:07:36,800 --> 00:07:40,080 and we're going to install this 206 00:07:42,240 --> 00:07:44,879 and this will be very point and click 207 00:07:44,879 --> 00:07:47,520 so next accept the agreement possibly 208 00:07:47,520 --> 00:07:49,680 give away our first child uh yeah we 209 00:07:49,680 --> 00:07:51,520 should go ahead and install the enhanced 210 00:07:51,520 --> 00:07:55,120 keyboard driver while we have this 211 00:07:55,440 --> 00:07:57,759 and then we don't need to enjoy join any 212 00:07:57,759 --> 00:07:59,759 improvement programs or check for 213 00:07:59,759 --> 00:08:01,680 product update that's okay 214 00:08:01,680 --> 00:08:04,000 we will install desktop start menu you 215 00:08:04,000 --> 00:08:05,919 check check your preferences as you like 216 00:08:05,919 --> 00:08:08,879 it i'm just going to install this 217 00:08:08,879 --> 00:08:10,879 and this should just finish here in just 218 00:08:10,879 --> 00:08:13,840 a second 219 00:08:13,919 --> 00:08:15,280 okay then you'll be brought to the 220 00:08:15,280 --> 00:08:16,800 screen once everything's done it should 221 00:08:16,800 --> 00:08:18,639 take about a minute or two and we're 222 00:08:18,639 --> 00:08:21,440 going to go ahead and hit finish 223 00:08:21,440 --> 00:08:23,440 and it's going to want a restart to take 224 00:08:23,440 --> 00:08:24,879 effect you can go ahead and restart your 225 00:08:24,879 --> 00:08:27,440 system i'm going to say no right now 226 00:08:27,440 --> 00:08:29,199 let's go ahead and install virtualbox if 227 00:08:29,199 --> 00:08:32,240 you are a mac user 228 00:08:32,320 --> 00:08:34,399 we'll hit next 229 00:08:34,399 --> 00:08:36,640 next here 230 00:08:36,640 --> 00:08:41,200 next and yes and install 231 00:08:41,200 --> 00:08:42,719 accept 232 00:08:42,719 --> 00:08:45,040 and again vary point and click with the 233 00:08:45,040 --> 00:08:46,800 installation 234 00:08:46,800 --> 00:08:49,200 select install and any options that do 235 00:08:49,200 --> 00:08:51,440 pop up 236 00:08:51,440 --> 00:08:53,600 and then we can start oracle vm if we 237 00:08:53,600 --> 00:08:56,080 want let's go ahead and just start that 238 00:08:56,080 --> 00:08:58,959 this is what oracle vm looks like 239 00:08:58,959 --> 00:09:01,360 and let's see if we can start the vmware 240 00:09:01,360 --> 00:09:02,560 player here 241 00:09:02,560 --> 00:09:05,760 even though we need to restart 242 00:09:07,040 --> 00:09:09,200 and this is what vmware workstation 243 00:09:09,200 --> 00:09:10,560 player looks like 244 00:09:10,560 --> 00:09:11,920 so here you could see that we have 245 00:09:11,920 --> 00:09:13,680 virtual machines we can create new 246 00:09:13,680 --> 00:09:16,240 virtual machines open ones etc we'll get 247 00:09:16,240 --> 00:09:18,640 into that in the next video so again if 248 00:09:18,640 --> 00:09:20,560 you are using windows or linux this is 249 00:09:20,560 --> 00:09:21,839 probably what your view is going to look 250 00:09:21,839 --> 00:09:23,600 like for the rest of the time 251 00:09:23,600 --> 00:09:26,480 if you are using oracle on a mac this is 252 00:09:26,480 --> 00:09:28,480 what your view is going to look like 253 00:09:28,480 --> 00:09:29,680 another site 254 00:09:29,680 --> 00:09:32,080 pro tip here is that i am using 255 00:09:32,080 --> 00:09:34,640 workstation pro and i might utilize this 256 00:09:34,640 --> 00:09:36,880 in some instances throughout the course 257 00:09:36,880 --> 00:09:38,399 other instances i'll be utilizing the 258 00:09:38,399 --> 00:09:40,560 workstation player they are not much of 259 00:09:40,560 --> 00:09:42,000 a difference especially in the beginning 260 00:09:42,000 --> 00:09:43,600 when we get into the active directory 261 00:09:43,600 --> 00:09:45,600 portion it might actually be worth it 262 00:09:45,600 --> 00:09:49,120 for you all to download the vmware pro 263 00:09:49,120 --> 00:09:51,519 trial because the trial's 30 days and 264 00:09:51,519 --> 00:09:53,120 you can utilize that to get through some 265 00:09:53,120 --> 00:09:54,640 sections and actually have nice little 266 00:09:54,640 --> 00:09:56,959 windows here uh to 267 00:09:56,959 --> 00:09:59,760 to be clean and just have a pro edition 268 00:09:59,760 --> 00:10:01,279 i you can do everything that i'm going 269 00:10:01,279 --> 00:10:03,360 to show you in the course on the player 270 00:10:03,360 --> 00:10:05,360 it just is that you have to open if you 271 00:10:05,360 --> 00:10:06,959 want to run more than one machine you'll 272 00:10:06,959 --> 00:10:08,399 just have to reopen the vmware 273 00:10:08,399 --> 00:10:11,279 workstation player uh several times to 274 00:10:11,279 --> 00:10:13,440 run multiple machines but that's okay it 275 00:10:13,440 --> 00:10:14,720 just won't look like this nice clean 276 00:10:14,720 --> 00:10:16,240 layout where you can transfer between 277 00:10:16,240 --> 00:10:18,480 machines like i can do just here 278 00:10:18,480 --> 00:10:20,160 so with that being said let's go ahead 279 00:10:20,160 --> 00:10:21,440 and move on to the next video we're 280 00:10:21,440 --> 00:10:24,320 going to be installing kali linux onto 281 00:10:24,320 --> 00:10:27,920 our vmware workstation player 282 00:10:27,920 --> 00:10:30,320 now that we've installed vmware or 283 00:10:30,320 --> 00:10:33,839 virtualbox we need to install linux 284 00:10:33,839 --> 00:10:35,279 we're going to be using a version of 285 00:10:35,279 --> 00:10:37,440 linux called kali linux throughout this 286 00:10:37,440 --> 00:10:38,640 course 287 00:10:38,640 --> 00:10:40,959 this version of linux is a debian based 288 00:10:40,959 --> 00:10:43,760 distribution which is geared towards 289 00:10:43,760 --> 00:10:46,240 ethical hacking and penetration testing 290 00:10:46,240 --> 00:10:48,560 so it's a special version of linux that 291 00:10:48,560 --> 00:10:50,880 allows us to have all the tools in one 292 00:10:50,880 --> 00:10:51,920 place 293 00:10:51,920 --> 00:10:53,680 that will allow us to hack without 294 00:10:53,680 --> 00:10:55,279 having to download these tools and 295 00:10:55,279 --> 00:10:57,200 install them on our own custom linux 296 00:10:57,200 --> 00:10:59,360 distribution so it's all kind of nicely 297 00:10:59,360 --> 00:11:01,360 built into one package 298 00:11:01,360 --> 00:11:03,600 so if you go out to google and you type 299 00:11:03,600 --> 00:11:05,680 in kali linux download you should see 300 00:11:05,680 --> 00:11:07,600 this link i'll put the link in the 301 00:11:07,600 --> 00:11:09,760 description below as well but you should 302 00:11:09,760 --> 00:11:11,680 just be able to go to get cali right 303 00:11:11,680 --> 00:11:13,200 here 304 00:11:13,200 --> 00:11:14,800 and you're going to be presented with a 305 00:11:14,800 --> 00:11:16,959 couple of options here we're going to be 306 00:11:16,959 --> 00:11:18,399 using a virtual machine in this course 307 00:11:18,399 --> 00:11:19,440 so we're just going to go ahead and 308 00:11:19,440 --> 00:11:22,079 click on this virtual machine option 309 00:11:22,079 --> 00:11:23,680 and that's going to take us down just a 310 00:11:23,680 --> 00:11:25,279 little bit here 311 00:11:25,279 --> 00:11:26,959 what you're going to do is you're going 312 00:11:26,959 --> 00:11:29,680 to download the respective 313 00:11:29,680 --> 00:11:31,120 version that you need so if you need 314 00:11:31,120 --> 00:11:33,040 vmware you download vmware if you're 315 00:11:33,040 --> 00:11:34,640 using virtualbox go ahead and download 316 00:11:34,640 --> 00:11:36,320 the virtualbox one 317 00:11:36,320 --> 00:11:37,920 now they have a direct download which is 318 00:11:37,920 --> 00:11:39,839 a 7-zip and they also have a torrent if 319 00:11:39,839 --> 00:11:41,680 you know how to torrent 320 00:11:41,680 --> 00:11:42,959 what you're going to do is go ahead and 321 00:11:42,959 --> 00:11:45,200 download the file that you need 322 00:11:45,200 --> 00:11:47,600 and while you're doing that if you do 323 00:11:47,600 --> 00:11:50,079 choose to download directly you're also 324 00:11:50,079 --> 00:11:52,959 going to need a tool called 7-zip or a 325 00:11:52,959 --> 00:11:55,920 way to unzip this file so go ahead and 326 00:11:55,920 --> 00:11:57,360 start your download 327 00:11:57,360 --> 00:11:59,040 while it's downloading let's also go 328 00:11:59,040 --> 00:12:02,639 ahead and navigate to 7-zip so if you go 329 00:12:02,639 --> 00:12:05,120 to google and you look at 7-zip 330 00:12:05,120 --> 00:12:07,279 you'll see this page here comes up you 331 00:12:07,279 --> 00:12:09,519 just go to download in here you're going 332 00:12:09,519 --> 00:12:12,000 to download the file that is for your 333 00:12:12,000 --> 00:12:13,680 respective system 334 00:12:13,680 --> 00:12:16,959 so here i'm using windows on 64-bit i 335 00:12:16,959 --> 00:12:18,639 would download this executable right 336 00:12:18,639 --> 00:12:20,720 here now if you're running on linux 337 00:12:20,720 --> 00:12:22,399 here's where you download linux if 338 00:12:22,399 --> 00:12:23,760 you're running on mac os here's where 339 00:12:23,760 --> 00:12:25,360 you download for mac os 340 00:12:25,360 --> 00:12:27,440 very straightforward i've already got 341 00:12:27,440 --> 00:12:29,040 this installed but what you need to do 342 00:12:29,040 --> 00:12:30,800 is just download this and literally 343 00:12:30,800 --> 00:12:32,320 click next through it 344 00:12:32,320 --> 00:12:34,560 make sure you get it installed 345 00:12:34,560 --> 00:12:36,880 go ahead and pause the video 346 00:12:36,880 --> 00:12:39,600 once that is installed 7-zip that is and 347 00:12:39,600 --> 00:12:41,519 once you have the 348 00:12:41,519 --> 00:12:44,000 actual cali image downloaded go ahead 349 00:12:44,000 --> 00:12:45,440 and unpause the video i'll be here 350 00:12:45,440 --> 00:12:47,680 waiting for you 351 00:12:47,680 --> 00:12:49,440 okay so your next step should look 352 00:12:49,440 --> 00:12:51,600 something like this 353 00:12:51,600 --> 00:12:55,040 you have your 7-zip file open you should 354 00:12:55,040 --> 00:12:57,200 see a folder located in there and the 355 00:12:57,200 --> 00:12:59,200 easiest thing is to just drag and drop 356 00:12:59,200 --> 00:13:00,959 this you can also right-click and 357 00:13:00,959 --> 00:13:02,480 extract if you know where you want to 358 00:13:02,480 --> 00:13:04,959 extract it i created a folder called 359 00:13:04,959 --> 00:13:06,880 cali i'm just going to grab this and i'm 360 00:13:06,880 --> 00:13:08,320 going to drag it over 361 00:13:08,320 --> 00:13:10,000 and it's going to take a minute here 362 00:13:10,000 --> 00:13:12,720 just a few seconds honestly to unzip 363 00:13:12,720 --> 00:13:14,880 the file size of this one at least for 364 00:13:14,880 --> 00:13:17,519 the vmware version is around 11 365 00:13:17,519 --> 00:13:19,519 gigabytes or 11 gigabytes exactly 366 00:13:19,519 --> 00:13:21,600 unzipped so make sure you have the space 367 00:13:21,600 --> 00:13:25,040 on your hard drive in order to do this 368 00:13:25,040 --> 00:13:27,360 now once you have it 369 00:13:27,360 --> 00:13:28,720 unzipped you can go ahead and just 370 00:13:28,720 --> 00:13:30,240 double click in here you'll see a bunch 371 00:13:30,240 --> 00:13:32,000 of files 372 00:13:32,000 --> 00:13:34,000 if you have vmware installed you can 373 00:13:34,000 --> 00:13:35,839 actually just double click on this vmx 374 00:13:35,839 --> 00:13:37,760 file and that should open things up for 375 00:13:37,760 --> 00:13:38,480 you 376 00:13:38,480 --> 00:13:40,079 i'm just going to show you the other way 377 00:13:40,079 --> 00:13:43,680 around doing this as well 378 00:13:43,680 --> 00:13:46,399 so with vmware workstation player open 379 00:13:46,399 --> 00:13:48,800 what you're going to want to do is go to 380 00:13:48,800 --> 00:13:51,920 open a virtual machine 381 00:13:52,399 --> 00:13:54,399 and in the folder that you have you 382 00:13:54,399 --> 00:13:56,720 should see this vmx file as well again 383 00:13:56,720 --> 00:13:58,240 you could double click it or you could 384 00:13:58,240 --> 00:14:00,240 just open it through this 385 00:14:00,240 --> 00:14:02,399 what's going to happen is it's going to 386 00:14:02,399 --> 00:14:04,320 open that file here and you're going to 387 00:14:04,320 --> 00:14:06,000 want to edit this virtual machine 388 00:14:06,000 --> 00:14:06,959 settings 389 00:14:06,959 --> 00:14:08,720 once you have it loaded click on edit 390 00:14:08,720 --> 00:14:10,959 virtual machine settings 391 00:14:10,959 --> 00:14:13,360 and in here we're going to want to first 392 00:14:13,360 --> 00:14:15,279 change the amount of ram that we have 393 00:14:15,279 --> 00:14:18,560 now this is dependent on your system 394 00:14:18,560 --> 00:14:20,800 if you have like eight gigs of ram or 395 00:14:20,800 --> 00:14:22,800 maybe even 16 gigs of ram you might want 396 00:14:22,800 --> 00:14:25,279 to try leaving it at two at first 397 00:14:25,279 --> 00:14:27,120 i'm gonna bump mine up to 398 00:14:27,120 --> 00:14:29,680 four gigs which is 4096 399 00:14:29,680 --> 00:14:31,079 and i have 400 00:14:31,079 --> 00:14:34,320 128 gigs of ram so i have more than 401 00:14:34,320 --> 00:14:36,720 enough space to allocate for this but if 402 00:14:36,720 --> 00:14:38,160 you again if you're on like eight gigs 403 00:14:38,160 --> 00:14:40,320 of ram probably not the best idea to 404 00:14:40,320 --> 00:14:42,160 jack this up beyond 405 00:14:42,160 --> 00:14:44,320 two honestly i would try it at one maybe 406 00:14:44,320 --> 00:14:46,000 two see how it works 407 00:14:46,000 --> 00:14:47,120 the other thing you're going to make 408 00:14:47,120 --> 00:14:49,360 sure of is that you're running on nat 409 00:14:49,360 --> 00:14:50,720 network so if you click on network 410 00:14:50,720 --> 00:14:53,519 adapter make sure that it says nat and 411 00:14:53,519 --> 00:14:55,440 that's selected once that's selected go 412 00:14:55,440 --> 00:14:57,040 ahead and hit ok 413 00:14:57,040 --> 00:14:58,240 and then you're just going to hit play 414 00:14:58,240 --> 00:15:00,880 virtual machine 415 00:15:00,880 --> 00:15:03,199 when it asks you what to do just say i 416 00:15:03,199 --> 00:15:05,440 copied it 417 00:15:05,440 --> 00:15:06,560 now from here it's going to take a 418 00:15:06,560 --> 00:15:08,639 minute for this to load 419 00:15:08,639 --> 00:15:10,160 you can just let this run through it'll 420 00:15:10,160 --> 00:15:12,480 boot on its own once you are presented 421 00:15:12,480 --> 00:15:14,399 with the login screen go ahead and 422 00:15:14,399 --> 00:15:16,639 unpause the video but until then pause 423 00:15:16,639 --> 00:15:17,760 and i'll meet you back when you're at 424 00:15:17,760 --> 00:15:20,639 the login screen 425 00:15:20,800 --> 00:15:22,399 okay i'm at the login screen i'm going 426 00:15:22,399 --> 00:15:24,240 to make this a little bit bigger just so 427 00:15:24,240 --> 00:15:27,360 we can see and from here what i'm going 428 00:15:27,360 --> 00:15:29,120 to do is i'm just going to type in the 429 00:15:29,120 --> 00:15:32,240 username of cali aali 430 00:15:32,240 --> 00:15:36,000 and the password of cali aali 431 00:15:36,000 --> 00:15:39,240 hit enter 432 00:15:40,000 --> 00:15:41,440 and if you see this screen 433 00:15:41,440 --> 00:15:43,519 congratulations you have successfully 434 00:15:43,519 --> 00:15:45,839 installed kali linux and you now have it 435 00:15:45,839 --> 00:15:47,680 up and running 436 00:15:47,680 --> 00:15:50,000 in later videos we're going to cover 437 00:15:50,000 --> 00:15:51,839 what we're going to be doing and how to 438 00:15:51,839 --> 00:15:53,519 use this and how to use linux and all 439 00:15:53,519 --> 00:15:55,600 this but for now pat yourself on the 440 00:15:55,600 --> 00:15:58,000 back you've got linux installed and 441 00:15:58,000 --> 00:15:59,440 we're going to pause here and move on to 442 00:15:59,440 --> 00:16:01,120 the next video 443 00:16:01,120 --> 00:16:04,240 okay so this video pertains to some 444 00:16:04,240 --> 00:16:06,720 updates we need to make to virtualbox 445 00:16:06,720 --> 00:16:08,800 for quality of life 446 00:16:08,800 --> 00:16:10,720 so if you're not using virtualbox you 447 00:16:10,720 --> 00:16:13,279 can go ahead and skip this video if you 448 00:16:13,279 --> 00:16:15,440 are buckle in we just need to do a 449 00:16:15,440 --> 00:16:17,360 couple of quick updates and then we 450 00:16:17,360 --> 00:16:18,639 should be good for the rest of the 451 00:16:18,639 --> 00:16:19,680 course 452 00:16:19,680 --> 00:16:22,399 so go ahead and go out to google and 453 00:16:22,399 --> 00:16:24,959 google virtualbox extension pack what 454 00:16:24,959 --> 00:16:26,320 it's going to bring up is just the 455 00:16:26,320 --> 00:16:28,639 downloads page of virtualbox so we're 456 00:16:28,639 --> 00:16:30,880 going to want to go here 457 00:16:30,880 --> 00:16:32,959 and on this page if you look kind of 458 00:16:32,959 --> 00:16:34,800 towards the middle you'll see that there 459 00:16:34,800 --> 00:16:38,560 is a virtual box extension pack here 460 00:16:38,560 --> 00:16:40,480 we're going to just click all supported 461 00:16:40,480 --> 00:16:42,480 platforms and that will automatically 462 00:16:42,480 --> 00:16:45,759 download the file that we need 463 00:16:45,759 --> 00:16:48,000 so once that is downloaded and pause if 464 00:16:48,000 --> 00:16:52,240 you need to go ahead and open virtualbox 465 00:16:52,240 --> 00:16:53,839 and you can come in here 466 00:16:53,839 --> 00:16:55,519 and up at the top we're going to go 467 00:16:55,519 --> 00:16:58,240 ahead and click on preferences 468 00:16:58,240 --> 00:17:00,639 and from here we are interested in 469 00:17:00,639 --> 00:17:03,279 extensions see extensions right here go 470 00:17:03,279 --> 00:17:05,199 ahead and click on that there's a little 471 00:17:05,199 --> 00:17:06,480 plus sign we're going to go ahead and 472 00:17:06,480 --> 00:17:07,919 click on that 473 00:17:07,919 --> 00:17:09,919 and then you should have your downloads 474 00:17:09,919 --> 00:17:11,280 right here so we're going to take the 475 00:17:11,280 --> 00:17:13,839 downloads and just 476 00:17:13,839 --> 00:17:17,359 go ahead and install that hit install 477 00:17:17,359 --> 00:17:20,720 read this give away your firstborn 478 00:17:20,720 --> 00:17:23,520 accept all the terms and you should be 479 00:17:23,520 --> 00:17:26,319 good very quick install okay 480 00:17:26,319 --> 00:17:28,640 the second thing we need to do is we 481 00:17:28,640 --> 00:17:30,960 need to come to the one tab appear above 482 00:17:30,960 --> 00:17:33,200 which is network 483 00:17:33,200 --> 00:17:34,240 we're going to go ahead and hit the 484 00:17:34,240 --> 00:17:36,400 network button or this add button we're 485 00:17:36,400 --> 00:17:38,080 going to add what is called a nat 486 00:17:38,080 --> 00:17:39,520 network 487 00:17:39,520 --> 00:17:41,120 okay and we're going to come in here and 488 00:17:41,120 --> 00:17:43,679 we're going to double click 489 00:17:43,679 --> 00:17:46,000 and you can go ahead and keep these 490 00:17:46,000 --> 00:17:47,919 defaults i'm going to actually change 491 00:17:47,919 --> 00:17:50,480 them to 492 00:17:50,840 --> 00:17:52,640 192.168.57.0 because that's what's going 493 00:17:52,640 --> 00:17:54,160 to be used through the rest of the 494 00:17:54,160 --> 00:17:56,480 course and that is what the cider 495 00:17:56,480 --> 00:17:59,760 notation of my cali machine and my key 496 00:17:59,760 --> 00:18:02,080 optrix which you'll see later etc all 497 00:18:02,080 --> 00:18:04,799 fell into this 57.0 so we're going to go 498 00:18:04,799 --> 00:18:07,360 ahead and keep it on this network make 499 00:18:07,360 --> 00:18:10,000 sure you support dhcp go ahead and just 500 00:18:10,000 --> 00:18:11,440 hit ok 501 00:18:11,440 --> 00:18:13,120 hit ok 502 00:18:13,120 --> 00:18:15,440 and then for a machine and make sure any 503 00:18:15,440 --> 00:18:18,080 machine that you use again any machine 504 00:18:18,080 --> 00:18:19,919 that you use in this course 505 00:18:19,919 --> 00:18:22,080 make sure you set it to nat network if 506 00:18:22,080 --> 00:18:24,080 you're using virtualbox so you can come 507 00:18:24,080 --> 00:18:25,600 in here click on a machine like this 508 00:18:25,600 --> 00:18:27,039 mail machine i have here you can just 509 00:18:27,039 --> 00:18:28,960 click on that settings 510 00:18:28,960 --> 00:18:30,559 go to network 511 00:18:30,559 --> 00:18:33,039 and then you can go ahead and just go to 512 00:18:33,039 --> 00:18:35,120 nat network all right 513 00:18:35,120 --> 00:18:37,039 and that name right here you see name 514 00:18:37,039 --> 00:18:38,320 net network that's all we're going to 515 00:18:38,320 --> 00:18:40,880 use that'll automatically set it up so 516 00:18:40,880 --> 00:18:42,320 when you have a cali machine running 517 00:18:42,320 --> 00:18:44,720 later and you have keoptrex or another 518 00:18:44,720 --> 00:18:46,960 box running or even when we build out an 519 00:18:46,960 --> 00:18:48,799 active directory lab you need to make 520 00:18:48,799 --> 00:18:50,160 sure that you're running that net 521 00:18:50,160 --> 00:18:52,080 network so that all the machines are on 522 00:18:52,080 --> 00:18:53,280 the same 523 00:18:53,280 --> 00:18:56,320 subnet if you don't you might run into a 524 00:18:56,320 --> 00:18:59,120 situation where uh the same ip comes up 525 00:18:59,120 --> 00:19:01,280 for the same machine and then they're uh 526 00:19:01,280 --> 00:19:03,280 conflicting with each other or you get 527 00:19:03,280 --> 00:19:04,799 on different networks and some weird 528 00:19:04,799 --> 00:19:07,039 stuff happens so make sure again that 529 00:19:07,039 --> 00:19:08,400 it's imperative that you're setting that 530 00:19:08,400 --> 00:19:10,559 net network for every single machine 531 00:19:10,559 --> 00:19:13,120 that you're setting up so with that said 532 00:19:13,120 --> 00:19:14,799 we're going to go ahead and move on to 533 00:19:14,799 --> 00:19:18,160 the next video in this section 534 00:19:18,160 --> 00:19:19,919 the first thing i'd like to do before we 535 00:19:19,919 --> 00:19:21,840 get started with any commands or 536 00:19:21,840 --> 00:19:23,919 anything like that is just take a look 537 00:19:23,919 --> 00:19:26,080 around kali linux and kind of 538 00:19:26,080 --> 00:19:27,679 demonstrate why 539 00:19:27,679 --> 00:19:30,320 a pen tester or ethical hacker might use 540 00:19:30,320 --> 00:19:32,640 this distribution of linux 541 00:19:32,640 --> 00:19:34,799 now throughout the course as stated in 542 00:19:34,799 --> 00:19:37,840 the last video you might see a different 543 00:19:37,840 --> 00:19:40,720 version of this pop up as i recorded 544 00:19:40,720 --> 00:19:43,120 videos on some of the older versions 545 00:19:43,120 --> 00:19:45,840 everything should still work just as is 546 00:19:45,840 --> 00:19:48,080 you just might see a different look and 547 00:19:48,080 --> 00:19:50,559 feel to some of the cali interface but 548 00:19:50,559 --> 00:19:51,919 all the commands i'm going to show you 549 00:19:51,919 --> 00:19:54,000 everything that we do is going to be the 550 00:19:54,000 --> 00:19:56,559 same so let's take a look and just 551 00:19:56,559 --> 00:19:58,960 explore kali linux just for a bit so if 552 00:19:58,960 --> 00:20:01,039 we come up here into the corner and we 553 00:20:01,039 --> 00:20:03,120 just click on the little cali logo 554 00:20:03,120 --> 00:20:05,360 you can see that we have nice things 555 00:20:05,360 --> 00:20:07,200 broken out for us so we've got these 556 00:20:07,200 --> 00:20:09,280 favorites up here which we have our 557 00:20:09,280 --> 00:20:10,880 terminal which we're going to be living 558 00:20:10,880 --> 00:20:13,360 in essentially we've got a text editor 559 00:20:13,360 --> 00:20:15,600 we've got a web browser which is 560 00:20:15,600 --> 00:20:17,760 basically firefox we've got some other 561 00:20:17,760 --> 00:20:19,200 tools down here 562 00:20:19,200 --> 00:20:21,840 docs etc the other thing that we can 563 00:20:21,840 --> 00:20:23,280 come scroll through is we can see that 564 00:20:23,280 --> 00:20:25,840 we have different applications in here 565 00:20:25,840 --> 00:20:27,280 if we look at the different sections 566 00:20:27,280 --> 00:20:28,640 these kind of go in order which we 567 00:20:28,640 --> 00:20:30,480 haven't covered quite yet but in the 568 00:20:30,480 --> 00:20:33,200 order of how a hack might go down so 569 00:20:33,200 --> 00:20:34,720 information gathering is usually the 570 00:20:34,720 --> 00:20:36,559 first step you can come in here look 571 00:20:36,559 --> 00:20:38,240 through this and here's a bunch of tools 572 00:20:38,240 --> 00:20:40,799 related to information gathering you can 573 00:20:40,799 --> 00:20:42,559 even click into these and go deeper if 574 00:20:42,559 --> 00:20:44,960 you wanted to related to specific things 575 00:20:44,960 --> 00:20:47,840 so dns or smb or open source 576 00:20:47,840 --> 00:20:49,360 intelligence 577 00:20:49,360 --> 00:20:51,360 all of this that's in here 578 00:20:51,360 --> 00:20:53,679 this is just built in tools so let's say 579 00:20:53,679 --> 00:20:55,360 we're coming in here we want to do a 580 00:20:55,360 --> 00:20:57,120 wireless attack well we go to wireless 581 00:20:57,120 --> 00:20:58,960 stacks got a bunch of tools already 582 00:20:58,960 --> 00:21:02,559 built in so kali linux is just 583 00:21:02,559 --> 00:21:04,240 essentially a 584 00:21:04,240 --> 00:21:06,720 ethical hacking distribution of linux 585 00:21:06,720 --> 00:21:08,640 and it's built on debian so if you've 586 00:21:08,640 --> 00:21:10,320 ever used something like ubuntu or 587 00:21:10,320 --> 00:21:12,240 anything along those lines of a debian 588 00:21:12,240 --> 00:21:14,320 distribution this is all going to feel 589 00:21:14,320 --> 00:21:16,159 really familiar to you with just a bunch 590 00:21:16,159 --> 00:21:18,320 of tools built in on top of it 591 00:21:18,320 --> 00:21:19,120 so 592 00:21:19,120 --> 00:21:20,799 fairly straightforward they do have some 593 00:21:20,799 --> 00:21:22,960 nice tools in here you can come through 594 00:21:22,960 --> 00:21:24,880 and utilize these 595 00:21:24,880 --> 00:21:26,799 a lot of this is already built in and 596 00:21:26,799 --> 00:21:28,480 we're going to take a look at that as we 597 00:21:28,480 --> 00:21:30,559 go okay so the next thing that we're 598 00:21:30,559 --> 00:21:32,400 going to do is and throughout the rest 599 00:21:32,400 --> 00:21:34,320 of this course is start looking at the 600 00:21:34,320 --> 00:21:36,240 terminal so if you come up here you'll 601 00:21:36,240 --> 00:21:38,400 see that we have a terminal now mostly 602 00:21:38,400 --> 00:21:39,840 everything that we do is going to be 603 00:21:39,840 --> 00:21:41,840 done in this terminal here 604 00:21:41,840 --> 00:21:43,440 now this is 605 00:21:43,440 --> 00:21:45,600 almost like accessing the command line 606 00:21:45,600 --> 00:21:47,760 so if you're using a command line like 607 00:21:47,760 --> 00:21:48,880 in 608 00:21:48,880 --> 00:21:50,559 windows for example if you've ever used 609 00:21:50,559 --> 00:21:52,640 command line if not that's okay 610 00:21:52,640 --> 00:21:54,720 but we do a lot of this from this 611 00:21:54,720 --> 00:21:57,280 interface as opposed to maybe utilizing 612 00:21:57,280 --> 00:21:59,760 a gui base interface where if we clicked 613 00:21:59,760 --> 00:22:01,440 a folder this might look more familiar 614 00:22:01,440 --> 00:22:03,600 to you if you're a windows or mac user 615 00:22:03,600 --> 00:22:05,600 you come in here you have this kind of 616 00:22:05,600 --> 00:22:07,520 area yeah yeah we can do that and 617 00:22:07,520 --> 00:22:09,440 sometimes we'll utilize this but a lot 618 00:22:09,440 --> 00:22:10,720 of times we're going to be living right 619 00:22:10,720 --> 00:22:12,880 here okay so 620 00:22:12,880 --> 00:22:14,320 as we move forward we're going to start 621 00:22:14,320 --> 00:22:16,080 talking about this command line how we 622 00:22:16,080 --> 00:22:18,000 can utilize it and use it to our 623 00:22:18,000 --> 00:22:19,679 advantage and then we'll do some tips 624 00:22:19,679 --> 00:22:21,120 and tricks and 625 00:22:21,120 --> 00:22:22,559 hopefully learn some pretty neat stuff 626 00:22:22,559 --> 00:22:24,880 as we go so in the next video i'm going 627 00:22:24,880 --> 00:22:26,799 to cover the pseudo feature which i 628 00:22:26,799 --> 00:22:28,640 think is important it's something that 629 00:22:28,640 --> 00:22:30,880 was brought in now originally we had 630 00:22:30,880 --> 00:22:32,480 something called a root permission and 631 00:22:32,480 --> 00:22:35,039 we'll talk about that that has changed 632 00:22:35,039 --> 00:22:37,760 since 2020.1 moving forward so we're 633 00:22:37,760 --> 00:22:39,600 introducing that into this course and 634 00:22:39,600 --> 00:22:41,919 we'll talk options that you have so 635 00:22:41,919 --> 00:22:43,440 let's go ahead and move to the next 636 00:22:43,440 --> 00:22:45,360 video where we talk about the pseudo 637 00:22:45,360 --> 00:22:48,080 feature all right so before we look at 638 00:22:48,080 --> 00:22:51,120 any commands or learn any command line 639 00:22:51,120 --> 00:22:55,039 we have to talk about sudo sudo is very 640 00:22:55,039 --> 00:22:56,799 important and 641 00:22:56,799 --> 00:22:59,760 what had happened previously was that in 642 00:22:59,760 --> 00:23:02,400 the earlier versions of kali linux we 643 00:23:02,400 --> 00:23:05,200 ran as a user called root root is the 644 00:23:05,200 --> 00:23:06,880 ultimate user you could think of it as 645 00:23:06,880 --> 00:23:09,200 the administrator of the machine 646 00:23:09,200 --> 00:23:11,440 now we're running as a user called cali 647 00:23:11,440 --> 00:23:13,200 so we don't have root privileges 648 00:23:13,200 --> 00:23:16,240 directly this is as an improved security 649 00:23:16,240 --> 00:23:17,840 feature because we should be running 650 00:23:17,840 --> 00:23:20,960 only certain commands when we need to as 651 00:23:20,960 --> 00:23:22,720 the root user 652 00:23:22,720 --> 00:23:24,559 so we're going to see is we're going to 653 00:23:24,559 --> 00:23:26,799 see how we can run commands as an 654 00:23:26,799 --> 00:23:28,240 elevated privilege and we're going to do 655 00:23:28,240 --> 00:23:31,120 that with sudo which stands for super 656 00:23:31,120 --> 00:23:33,360 user do they just kind of shortened it 657 00:23:33,360 --> 00:23:36,320 so we just have pseudo now okay now with 658 00:23:36,320 --> 00:23:38,400 sudo what we're doing is we're saying 659 00:23:38,400 --> 00:23:40,799 hey i want to run a command elevated i 660 00:23:40,799 --> 00:23:43,760 want to run this as a higher user in 661 00:23:43,760 --> 00:23:45,520 this instance we can say i want to run 662 00:23:45,520 --> 00:23:47,840 the command as root 663 00:23:47,840 --> 00:23:50,320 why is that important well let's take a 664 00:23:50,320 --> 00:23:52,400 look at an example let's say that i 665 00:23:52,400 --> 00:23:55,200 wanted to look at a very sensitive file 666 00:23:55,200 --> 00:23:58,080 now one sensitive file in our system is 667 00:23:58,080 --> 00:24:00,880 the etsy shadow file you can see cat 668 00:24:00,880 --> 00:24:01,840 etsy 669 00:24:01,840 --> 00:24:04,159 like this etsy shadow and you don't have 670 00:24:04,159 --> 00:24:05,919 to follow along right now 671 00:24:05,919 --> 00:24:06,799 you don't have to really understand 672 00:24:06,799 --> 00:24:08,240 what's going on if you've never seen 673 00:24:08,240 --> 00:24:10,159 linux all i'm doing is saying hey i want 674 00:24:10,159 --> 00:24:12,400 to print out this file i want to look at 675 00:24:12,400 --> 00:24:15,360 it okay and for here i can't see it it 676 00:24:15,360 --> 00:24:17,360 says permission denied you don't have 677 00:24:17,360 --> 00:24:19,360 the access to see this file that's a 678 00:24:19,360 --> 00:24:20,640 good thing 679 00:24:20,640 --> 00:24:23,440 but if i was the root user or somebody 680 00:24:23,440 --> 00:24:25,919 that had elevated privileges i could see 681 00:24:25,919 --> 00:24:28,960 it so i could say sudo 682 00:24:28,960 --> 00:24:30,080 cat 683 00:24:30,080 --> 00:24:32,640 etsy shadow like this 684 00:24:32,640 --> 00:24:34,400 okay and it's going to say what is your 685 00:24:34,400 --> 00:24:36,240 password for cali i'm going to go ahead 686 00:24:36,240 --> 00:24:38,960 and say cali k-a-l-i 687 00:24:38,960 --> 00:24:40,720 hit enter 688 00:24:40,720 --> 00:24:43,279 and now i can see that i have access to 689 00:24:43,279 --> 00:24:44,640 this file and this file is very 690 00:24:44,640 --> 00:24:46,240 sensitive we'll talk about this later on 691 00:24:46,240 --> 00:24:49,440 in the course but sends it a file okay 692 00:24:49,440 --> 00:24:52,400 so when we're looking at it i ran that 693 00:24:52,400 --> 00:24:55,679 command specifically as the root user as 694 00:24:55,679 --> 00:24:58,320 the root user i'm able to see 695 00:24:58,320 --> 00:25:01,679 okay this file now 696 00:25:01,679 --> 00:25:04,320 why or what's going on here 697 00:25:04,320 --> 00:25:06,559 well we're running that specific command 698 00:25:06,559 --> 00:25:07,360 right 699 00:25:07,360 --> 00:25:09,679 and we're still staying as cali we're 700 00:25:09,679 --> 00:25:13,200 doing this in a kind of one-off scenario 701 00:25:13,200 --> 00:25:15,679 so there will be times where something 702 00:25:15,679 --> 00:25:18,000 that you run in this course might 703 00:25:18,000 --> 00:25:20,000 require pseudo or you can run the 704 00:25:20,000 --> 00:25:22,080 command without sudo but you notice 705 00:25:22,080 --> 00:25:24,720 something doesn't work so best practice 706 00:25:24,720 --> 00:25:25,760 for this 707 00:25:25,760 --> 00:25:28,159 is saying hey let's go ahead and just 708 00:25:28,159 --> 00:25:29,039 run 709 00:25:29,039 --> 00:25:30,960 mostly everything that i'm showing you 710 00:25:30,960 --> 00:25:33,200 command-wise in this course that's not 711 00:25:33,200 --> 00:25:35,279 best practice overall usually you should 712 00:25:35,279 --> 00:25:37,679 run things just as a regular user if you 713 00:25:37,679 --> 00:25:39,679 get permissions blocked then run it as 714 00:25:39,679 --> 00:25:42,400 sudo as necessary now 715 00:25:42,400 --> 00:25:43,840 the other thing to point out and we'll 716 00:25:43,840 --> 00:25:45,600 talk about this again in later on in the 717 00:25:45,600 --> 00:25:47,120 course but 718 00:25:47,120 --> 00:25:49,360 why can we do this is because this user 719 00:25:49,360 --> 00:25:51,760 is part of what's called a sudoers file 720 00:25:51,760 --> 00:25:52,640 meaning 721 00:25:52,640 --> 00:25:55,600 we can have this permission not any user 722 00:25:55,600 --> 00:25:57,440 can come in here say we made a new user 723 00:25:57,440 --> 00:25:59,440 and we just called the user john we 724 00:25:59,440 --> 00:26:01,279 can't just take john and just go ahead 725 00:26:01,279 --> 00:26:03,679 and just run these commands as root no 726 00:26:03,679 --> 00:26:05,279 john has to have the permission to do 727 00:26:05,279 --> 00:26:07,279 this so you can think of cali as being 728 00:26:07,279 --> 00:26:10,240 an administrator but only when we 729 00:26:10,240 --> 00:26:12,880 utilize that access or that privilege 730 00:26:12,880 --> 00:26:14,480 okay the other thing i want to show you 731 00:26:14,480 --> 00:26:15,279 though 732 00:26:15,279 --> 00:26:17,520 is that we can switch over to root if we 733 00:26:17,520 --> 00:26:19,760 want to we can come in here and we can 734 00:26:19,760 --> 00:26:23,520 say sudo switch user 735 00:26:23,520 --> 00:26:25,279 dash just like that and then i'll put us 736 00:26:25,279 --> 00:26:27,600 into room now you can see okay we're 737 00:26:27,600 --> 00:26:29,919 running root at cali and that's only for 738 00:26:29,919 --> 00:26:31,600 this instance 739 00:26:31,600 --> 00:26:33,840 you can if you want i'm not going to 740 00:26:33,840 --> 00:26:35,760 demonstrate how to do this but you can 741 00:26:35,760 --> 00:26:38,880 if you want change the root password log 742 00:26:38,880 --> 00:26:41,760 out and log back in as root and run 743 00:26:41,760 --> 00:26:43,600 through this course as root again that's 744 00:26:43,600 --> 00:26:46,080 not best security practice but that 745 00:26:46,080 --> 00:26:48,320 feature is available to you if you are a 746 00:26:48,320 --> 00:26:50,080 linux user that is comfortable with 747 00:26:50,080 --> 00:26:51,600 linux comfortable with running as root 748 00:26:51,600 --> 00:26:53,039 and you want the 749 00:26:53,039 --> 00:26:55,600 easy path otherwise i highly recommend 750 00:26:55,600 --> 00:26:57,919 just staying as cali running as pseudo 751 00:26:57,919 --> 00:26:59,600 privileges as you need it and then 752 00:26:59,600 --> 00:27:01,520 moving forward but this is a quick way 753 00:27:01,520 --> 00:27:03,840 to switch into root if you need to 754 00:27:03,840 --> 00:27:05,679 sometimes even running pseudo causes 755 00:27:05,679 --> 00:27:08,000 some issues so switching to root to run 756 00:27:08,000 --> 00:27:11,120 a command is okay what we can do here 757 00:27:11,120 --> 00:27:13,120 too is the demonstration is we can go 758 00:27:13,120 --> 00:27:14,720 file new tab 759 00:27:14,720 --> 00:27:16,159 and look at a new instance and you'll 760 00:27:16,159 --> 00:27:18,559 see that this instance of root is only 761 00:27:18,559 --> 00:27:21,600 good for this tab here once we start a 762 00:27:21,600 --> 00:27:23,440 new tab we're going to be brought back 763 00:27:23,440 --> 00:27:25,120 right back to cali cali you can see that 764 00:27:25,120 --> 00:27:27,840 from the top line in the tab as well so 765 00:27:27,840 --> 00:27:29,200 just keep note of this when you're 766 00:27:29,200 --> 00:27:31,360 running commands in this course if you 767 00:27:31,360 --> 00:27:34,000 see something again try running it with 768 00:27:34,000 --> 00:27:36,880 sudo if it's not working or if it says 769 00:27:36,880 --> 00:27:38,640 access denied then you know hey i need 770 00:27:38,640 --> 00:27:41,760 to run sudo very very very important 771 00:27:41,760 --> 00:27:43,840 okay i'm trying to drive that in into 772 00:27:43,840 --> 00:27:46,000 your brains right now so from here we're 773 00:27:46,000 --> 00:27:47,120 going to move on we're going to start 774 00:27:47,120 --> 00:27:48,720 looking at how to navigate around the 775 00:27:48,720 --> 00:27:50,000 file system 776 00:27:50,000 --> 00:27:52,399 taking a look at everything from a 777 00:27:52,399 --> 00:27:55,600 bigger picture and diving into terminal 778 00:27:55,600 --> 00:27:58,000 so i will see you over in the next video 779 00:27:58,000 --> 00:28:00,000 now we're going to take a look at the 780 00:28:00,000 --> 00:28:03,840 linux terminal and if you're a user of a 781 00:28:03,840 --> 00:28:06,240 regular computer like windows or even 782 00:28:06,240 --> 00:28:09,200 mac os you are probably used to using 783 00:28:09,200 --> 00:28:12,640 what is called a gui or a graphical user 784 00:28:12,640 --> 00:28:14,159 interface 785 00:28:14,159 --> 00:28:16,720 and we can do this with our version of 786 00:28:16,720 --> 00:28:18,320 linux we can come in here and if we want 787 00:28:18,320 --> 00:28:20,320 to like go to folders we can absolutely 788 00:28:20,320 --> 00:28:23,039 open this and go to folders we've got 789 00:28:23,039 --> 00:28:25,440 the ability to go to firefox we've got 790 00:28:25,440 --> 00:28:27,279 all of our tools in here that we want to 791 00:28:27,279 --> 00:28:28,799 use or look at 792 00:28:28,799 --> 00:28:31,600 and we have a graphical user interface 793 00:28:31,600 --> 00:28:33,760 however a lot of our time is going to be 794 00:28:33,760 --> 00:28:36,799 spent on the command line and using a 795 00:28:36,799 --> 00:28:38,880 terminal so it's very important that we 796 00:28:38,880 --> 00:28:41,679 learn how to use a terminal in linux 797 00:28:41,679 --> 00:28:44,080 so looking at our terminal here we can 798 00:28:44,080 --> 00:28:45,919 see a few things before we even get 799 00:28:45,919 --> 00:28:47,200 started 800 00:28:47,200 --> 00:28:49,600 the first thing is that we have a cali 801 00:28:49,600 --> 00:28:51,679 at cali 802 00:28:51,679 --> 00:28:53,520 what does that mean well 803 00:28:53,520 --> 00:28:56,000 the first instance here is cali that is 804 00:28:56,000 --> 00:28:58,320 your user so remember when we first 805 00:28:58,320 --> 00:29:00,640 logged in we logged in as cali 806 00:29:00,640 --> 00:29:02,399 and that is our user so if we ever 807 00:29:02,399 --> 00:29:05,600 switch over to root we'll see root here 808 00:29:05,600 --> 00:29:08,480 the second part of this is our host name 809 00:29:08,480 --> 00:29:11,360 so our computer name happens to also be 810 00:29:11,360 --> 00:29:13,520 cali if you change your host name you 811 00:29:13,520 --> 00:29:15,039 could say whatever you wanted to say 812 00:29:15,039 --> 00:29:16,159 here 813 00:29:16,159 --> 00:29:17,679 the last little part of this is this 814 00:29:17,679 --> 00:29:20,320 atilda this is actually the directory 815 00:29:20,320 --> 00:29:22,240 that you are currently in so this is a 816 00:29:22,240 --> 00:29:24,960 quick way to say what user am i what 817 00:29:24,960 --> 00:29:27,760 workstation am i on and what directory 818 00:29:27,760 --> 00:29:29,039 am i in 819 00:29:29,039 --> 00:29:31,200 now we can take a look at what directory 820 00:29:31,200 --> 00:29:34,159 we are in with the pwd command 821 00:29:34,159 --> 00:29:36,159 and that stands for print working 822 00:29:36,159 --> 00:29:37,360 directory 823 00:29:37,360 --> 00:29:38,960 and in this instance you can see we are 824 00:29:38,960 --> 00:29:42,320 in the home forward slash cali folder 825 00:29:42,320 --> 00:29:44,640 and that is the equivalent of being in 826 00:29:44,640 --> 00:29:46,640 the atilda so if you see the atilda that 827 00:29:46,640 --> 00:29:49,440 just means you are in your users home 828 00:29:49,440 --> 00:29:50,399 folder 829 00:29:50,399 --> 00:29:52,000 so if we were a root user we would 830 00:29:52,000 --> 00:29:53,600 actually be in the forward slash root 831 00:29:53,600 --> 00:29:55,600 folder as opposed to the home cali 832 00:29:55,600 --> 00:29:57,679 folder so the atilda means something 833 00:29:57,679 --> 00:29:59,840 different for every user that you're on 834 00:29:59,840 --> 00:30:01,360 the next thing we're going to look at is 835 00:30:01,360 --> 00:30:04,559 the change directory feature so imagine 836 00:30:04,559 --> 00:30:06,000 that we are 837 00:30:06,000 --> 00:30:08,640 in our folder here so if we go to like i 838 00:30:08,640 --> 00:30:10,480 don't know our desktop 839 00:30:10,480 --> 00:30:12,240 and we're sitting in our cali folder 840 00:30:12,240 --> 00:30:13,760 this is really what we're looking at so 841 00:30:13,760 --> 00:30:16,399 we're looking at cali right here 842 00:30:16,399 --> 00:30:18,399 and we want to get out of this cali 843 00:30:18,399 --> 00:30:20,320 folder and change into another folder 844 00:30:20,320 --> 00:30:22,159 say like i don't know downloads for 845 00:30:22,159 --> 00:30:25,039 example if we go into downloads it's 846 00:30:25,039 --> 00:30:26,799 very easy to click into but how do we 847 00:30:26,799 --> 00:30:28,240 navigate around 848 00:30:28,240 --> 00:30:30,080 on the terminal i'm going to show you 849 00:30:30,080 --> 00:30:31,440 how to do that so the first thing we're 850 00:30:31,440 --> 00:30:33,679 going to do is use the cd command that 851 00:30:33,679 --> 00:30:36,320 stands for change directory now if we do 852 00:30:36,320 --> 00:30:38,640 change directory dot dot 853 00:30:38,640 --> 00:30:41,760 that says i want to go backwards so if i 854 00:30:41,760 --> 00:30:43,760 do that 855 00:30:43,760 --> 00:30:45,120 now you can see that we are in the 856 00:30:45,120 --> 00:30:46,880 forward slash home folder but we can 857 00:30:46,880 --> 00:30:48,720 also do a pwd 858 00:30:48,720 --> 00:30:50,240 print the working directory and you can 859 00:30:50,240 --> 00:30:52,799 see that we are in the home folder 860 00:30:52,799 --> 00:30:55,120 now can we go any further back well 861 00:30:55,120 --> 00:30:57,600 let's try cd dot dot again 862 00:30:57,600 --> 00:30:59,279 and now you can see we add a forward 863 00:30:59,279 --> 00:31:01,760 slash if we do a pwd 864 00:31:01,760 --> 00:31:04,080 we are at a forward slash and one more 865 00:31:04,080 --> 00:31:06,159 time i'm going to cd dot dot and see if 866 00:31:06,159 --> 00:31:08,559 anything happens nothing happens here we 867 00:31:08,559 --> 00:31:11,360 cannot change any further we are in what 868 00:31:11,360 --> 00:31:13,919 is called our base directory so if you 869 00:31:13,919 --> 00:31:16,399 see a forward slash think of that as the 870 00:31:16,399 --> 00:31:18,799 base folder you cannot go any further 871 00:31:18,799 --> 00:31:20,399 back from that 872 00:31:20,399 --> 00:31:21,840 now i'm going to clear my screen if you 873 00:31:21,840 --> 00:31:23,279 want to clear your screen you just hit 874 00:31:23,279 --> 00:31:25,279 control l 875 00:31:25,279 --> 00:31:27,679 like that and that'll clear the screen 876 00:31:27,679 --> 00:31:29,760 and from here we're going to look at 877 00:31:29,760 --> 00:31:32,240 what is in our base folder and to do 878 00:31:32,240 --> 00:31:35,120 that we can use a tool called list 879 00:31:35,120 --> 00:31:37,200 which is ls 880 00:31:37,200 --> 00:31:39,279 so from here we can see 881 00:31:39,279 --> 00:31:42,320 different colors and different things 882 00:31:42,320 --> 00:31:44,159 and we can tell based on the colors 883 00:31:44,159 --> 00:31:45,919 though these color schemes are not the 884 00:31:45,919 --> 00:31:48,399 greatest in the newest kali linux we can 885 00:31:48,399 --> 00:31:50,240 still see like hey this darker version 886 00:31:50,240 --> 00:31:53,039 of blue is actually a folder where some 887 00:31:53,039 --> 00:31:55,600 of these other things are actually files 888 00:31:55,600 --> 00:31:56,960 we don't have to worry too much about 889 00:31:56,960 --> 00:31:58,559 that right now but we just came out of 890 00:31:58,559 --> 00:32:01,440 the home folder so we can see here that 891 00:32:01,440 --> 00:32:03,840 we have a bunch of files and folders and 892 00:32:03,840 --> 00:32:05,360 let's say we want to go back to the home 893 00:32:05,360 --> 00:32:08,320 folder well we can cd home 894 00:32:08,320 --> 00:32:10,559 and i'm going to start typing h and i'm 895 00:32:10,559 --> 00:32:11,919 just going to hit tab 896 00:32:11,919 --> 00:32:13,600 and because there's nothing else in here 897 00:32:13,600 --> 00:32:15,279 with an h we don't have to worry too 898 00:32:15,279 --> 00:32:16,960 much it will just auto-complete to the 899 00:32:16,960 --> 00:32:19,679 home folder now for example if there's a 900 00:32:19,679 --> 00:32:21,279 bunch of l's i'm going to back up really 901 00:32:21,279 --> 00:32:23,039 quick before i hit enter 902 00:32:23,039 --> 00:32:25,039 if i wanted to try something that has 903 00:32:25,039 --> 00:32:27,679 multiple items in here if i try the l 904 00:32:27,679 --> 00:32:29,440 and i hit tab you're going to see that 905 00:32:29,440 --> 00:32:32,000 there's going to be a lot of options for 906 00:32:32,000 --> 00:32:33,600 me to go through 907 00:32:33,600 --> 00:32:34,559 and 908 00:32:34,559 --> 00:32:36,720 depending on what you have is when you 909 00:32:36,720 --> 00:32:38,960 can auto complete so if i start typing 910 00:32:38,960 --> 00:32:41,679 lo it should know that there's only one 911 00:32:41,679 --> 00:32:44,000 lo and i can tab and auto complete the 912 00:32:44,000 --> 00:32:45,360 rest so you just have to be able to get 913 00:32:45,360 --> 00:32:47,279 to a point where you can tab out or if 914 00:32:47,279 --> 00:32:49,200 you know the first letter of the file 915 00:32:49,200 --> 00:32:50,720 that you're looking for you can hit tab 916 00:32:50,720 --> 00:32:52,320 on that and you can see 917 00:32:52,320 --> 00:32:53,919 okay here's where i need to be or here's 918 00:32:53,919 --> 00:32:55,200 what i can look at with everything that 919 00:32:55,200 --> 00:32:56,720 starts with that letter i'm going to 920 00:32:56,720 --> 00:32:58,320 delete this and we're going to cd back 921 00:32:58,320 --> 00:33:00,399 into home 922 00:33:00,399 --> 00:33:02,159 we're going to ls to list the contents 923 00:33:02,159 --> 00:33:04,799 of home which is just our cali folder so 924 00:33:04,799 --> 00:33:08,320 i'm going to cd into cali 925 00:33:08,720 --> 00:33:11,360 and if i ls from here you can see that i 926 00:33:11,360 --> 00:33:13,840 have our desktop documents downloads 927 00:33:13,840 --> 00:33:16,240 similar to what we saw in the graphical 928 00:33:16,240 --> 00:33:17,679 user interface when we were in the 929 00:33:17,679 --> 00:33:20,000 folder now we can see it from our 930 00:33:20,000 --> 00:33:22,799 terminal now before we go diving deeper 931 00:33:22,799 --> 00:33:24,720 into these folders 932 00:33:24,720 --> 00:33:26,960 something that i want to look at is what 933 00:33:26,960 --> 00:33:29,760 if i wanted to get to this etsy folder 934 00:33:29,760 --> 00:33:31,760 over here so there's this etsy folder 935 00:33:31,760 --> 00:33:33,760 that was in our base 936 00:33:33,760 --> 00:33:37,200 now if i try to cd into etsy from here 937 00:33:37,200 --> 00:33:39,120 nothing's going to work i'm tabbing 938 00:33:39,120 --> 00:33:41,039 nothing works if i try cd etsy it's 939 00:33:41,039 --> 00:33:42,960 going to say i can't find it 940 00:33:42,960 --> 00:33:43,840 so 941 00:33:43,840 --> 00:33:45,600 what does that mean well when we change 942 00:33:45,600 --> 00:33:47,200 directories we can only change 943 00:33:47,200 --> 00:33:49,279 directories from the folders that we 944 00:33:49,279 --> 00:33:51,679 have available to us so i can only 945 00:33:51,679 --> 00:33:54,080 change directories into these folders 946 00:33:54,080 --> 00:33:57,440 by using that sort of nomenclature 947 00:33:57,440 --> 00:34:00,159 however if i can provide a full 948 00:34:00,159 --> 00:34:02,480 directory or a full path 949 00:34:02,480 --> 00:34:04,640 then i can cd from any folder that i'm 950 00:34:04,640 --> 00:34:06,640 in so if i go cd 951 00:34:06,640 --> 00:34:08,399 forward slash because remember we have 952 00:34:08,399 --> 00:34:09,760 the base here 953 00:34:09,760 --> 00:34:12,320 well then i can say forward slash et 954 00:34:12,320 --> 00:34:14,159 start typing that out and guess what i 955 00:34:14,159 --> 00:34:15,599 get etsy here 956 00:34:15,599 --> 00:34:17,440 and if i wanted to dive deeper into what 957 00:34:17,440 --> 00:34:19,679 folders are in there i could hit tab and 958 00:34:19,679 --> 00:34:21,280 i could see all the folders that are 959 00:34:21,280 --> 00:34:23,199 available in the etsy folder to complete 960 00:34:23,199 --> 00:34:26,320 my task now if i hit enter 961 00:34:26,320 --> 00:34:28,639 i will be brought into the etsy folder 962 00:34:28,639 --> 00:34:31,679 and similarly i can hit ls and see all 963 00:34:31,679 --> 00:34:34,800 the files and folders that are in here 964 00:34:34,800 --> 00:34:37,040 now let's just cd here and i'm going to 965 00:34:37,040 --> 00:34:38,399 use the atilda and that's going to get 966 00:34:38,399 --> 00:34:40,320 us back to our home folder 967 00:34:40,320 --> 00:34:42,480 i'm going to ctrl l to clear screen and 968 00:34:42,480 --> 00:34:44,000 then i'm going to ls again you're going 969 00:34:44,000 --> 00:34:46,719 to see we're back where we just were 970 00:34:46,719 --> 00:34:49,199 now in this case what if i wanted to 971 00:34:49,199 --> 00:34:51,520 list the files of the etsy folder well 972 00:34:51,520 --> 00:34:53,679 it's the same thing i could do ls 973 00:34:53,679 --> 00:34:55,918 forward slash etsy 974 00:34:55,918 --> 00:34:57,920 and that will list all the files as if i 975 00:34:57,920 --> 00:35:00,480 were sitting in that folder so just know 976 00:35:00,480 --> 00:35:03,119 that you can list folders and files you 977 00:35:03,119 --> 00:35:04,800 can change directories from being it 978 00:35:04,800 --> 00:35:06,880 within another directory it doesn't have 979 00:35:06,880 --> 00:35:09,119 to be in that same up and down tree that 980 00:35:09,119 --> 00:35:10,800 i was showing you there's a lot more 981 00:35:10,800 --> 00:35:13,200 robustness to these commands same thing 982 00:35:13,200 --> 00:35:14,880 if we ls in here 983 00:35:14,880 --> 00:35:16,960 we could take a look at the folders and 984 00:35:16,960 --> 00:35:18,560 we don't have to change the directory to 985 00:35:18,560 --> 00:35:20,480 see what's in these folders we can just 986 00:35:20,480 --> 00:35:23,119 ls desktop for example and start auto 987 00:35:23,119 --> 00:35:24,560 tab completing 988 00:35:24,560 --> 00:35:26,240 there's nothing in there i do have 989 00:35:26,240 --> 00:35:27,599 something in the downloads folder just 990 00:35:27,599 --> 00:35:30,240 because i changed my picture i put our 991 00:35:30,240 --> 00:35:32,800 tcm security logo in there so 992 00:35:32,800 --> 00:35:34,560 i have that in the downloads folder but 993 00:35:34,560 --> 00:35:35,760 it's completely normal not to have 994 00:35:35,760 --> 00:35:37,520 anything in your desktop or downloads 995 00:35:37,520 --> 00:35:40,400 when you first install cali and again we 996 00:35:40,400 --> 00:35:42,800 can achieve the same thing by cd into 997 00:35:42,800 --> 00:35:45,280 downloads and then hitting ls 998 00:35:45,280 --> 00:35:47,760 you have the same object here as you saw 999 00:35:47,760 --> 00:35:49,760 before except we're just now in that 1000 00:35:49,760 --> 00:35:51,520 folder so you have to declare the folder 1001 00:35:51,520 --> 00:35:52,960 or be within the folder to see the 1002 00:35:52,960 --> 00:35:54,720 contents okay 1003 00:35:54,720 --> 00:35:56,880 now let's go ahead and cd back to the 1004 00:35:56,880 --> 00:35:59,359 base folder you could cd dot dot or just 1005 00:35:59,359 --> 00:36:01,440 use the atilda i'm going to clear my 1006 00:36:01,440 --> 00:36:02,640 screen 1007 00:36:02,640 --> 00:36:04,560 and from here we want to talk about 1008 00:36:04,560 --> 00:36:06,880 making a directory 1009 00:36:06,880 --> 00:36:09,040 so let's make a directory i'm going to 1010 00:36:09,040 --> 00:36:10,960 make a directory called heath you can 1011 00:36:10,960 --> 00:36:13,440 just use your first name if you want 1012 00:36:13,440 --> 00:36:15,680 and then when you ls in here 1013 00:36:15,680 --> 00:36:18,079 you can see now that the heath directory 1014 00:36:18,079 --> 00:36:19,359 is here 1015 00:36:19,359 --> 00:36:20,720 and i could see the end of that heat 1016 00:36:20,720 --> 00:36:23,440 directory i can ls in that directory and 1017 00:36:23,440 --> 00:36:24,640 there's not going to be anything in 1018 00:36:24,640 --> 00:36:25,440 there 1019 00:36:25,440 --> 00:36:27,119 so i'm going to go ahead and 1020 00:36:27,119 --> 00:36:28,560 back up one 1021 00:36:28,560 --> 00:36:29,920 and now i'm going to show you how to 1022 00:36:29,920 --> 00:36:32,400 remove a directory or remove a folder so 1023 00:36:32,400 --> 00:36:34,880 you say rmdir 1024 00:36:34,880 --> 00:36:36,560 and you're going to go ahead and just 1025 00:36:36,560 --> 00:36:38,560 say heath 1026 00:36:38,560 --> 00:36:40,400 and that will remove that 1027 00:36:40,400 --> 00:36:42,400 these commands work exactly the same as 1028 00:36:42,400 --> 00:36:43,920 everything else if i wanted to make a 1029 00:36:43,920 --> 00:36:46,079 directory in the base folder i could 1030 00:36:46,079 --> 00:36:48,480 totally make dur forward slash heath if 1031 00:36:48,480 --> 00:36:50,880 i wanted to and i could also remove that 1032 00:36:50,880 --> 00:36:53,599 from here so again it doesn't matter 1033 00:36:53,599 --> 00:36:54,960 exactly where you're at as long as 1034 00:36:54,960 --> 00:36:57,200 you're using full file paths 1035 00:36:57,200 --> 00:36:58,880 okay so i've cleared my screen and now i 1036 00:36:58,880 --> 00:37:01,200 want to run ls 1037 00:37:01,200 --> 00:37:03,040 and you see in ls that we just have a 1038 00:37:03,040 --> 00:37:05,520 bunch of folders but that's not entirely 1039 00:37:05,520 --> 00:37:06,880 true 1040 00:37:06,880 --> 00:37:08,160 what we're going to do is we're going to 1041 00:37:08,160 --> 00:37:11,119 do an ls dash la 1042 00:37:11,119 --> 00:37:14,400 and i like to think of this as list all 1043 00:37:14,400 --> 00:37:17,599 but really it stands for long all 1044 00:37:17,599 --> 00:37:20,079 and if we hit enter you can see that 1045 00:37:20,079 --> 00:37:23,359 there's a bunch of new files in here and 1046 00:37:23,359 --> 00:37:26,320 folders actually so from this we can see 1047 00:37:26,320 --> 00:37:27,680 that we have 1048 00:37:27,680 --> 00:37:30,720 a like a bash history we've got a dot 1049 00:37:30,720 --> 00:37:33,440 java folder anything with a dot is 1050 00:37:33,440 --> 00:37:35,920 considered a hidden file we won't see 1051 00:37:35,920 --> 00:37:37,920 that when we're using the ls command we 1052 00:37:37,920 --> 00:37:40,800 actually have to do a dash la command 1053 00:37:40,800 --> 00:37:42,400 and this is a great time to actually 1054 00:37:42,400 --> 00:37:44,960 take a look at what these sub commands 1055 00:37:44,960 --> 00:37:47,359 are and how are some ways that we can 1056 00:37:47,359 --> 00:37:49,760 identify what these things mean 1057 00:37:49,760 --> 00:37:51,680 so i'm going to show you a website first 1058 00:37:51,680 --> 00:37:53,760 and i think this website is awesome we 1059 00:37:53,760 --> 00:37:55,240 can go to something like 1060 00:37:55,240 --> 00:37:58,400 explainshell.com so it is 1061 00:37:58,400 --> 00:37:59,839 explain 1062 00:37:59,839 --> 00:38:01,680 shell you can see it auto completing up 1063 00:38:01,680 --> 00:38:04,720 there but explain shell.com and if you 1064 00:38:04,720 --> 00:38:06,880 came in here and you wanted to take a 1065 00:38:06,880 --> 00:38:08,240 look let me make this a little bit 1066 00:38:08,240 --> 00:38:09,920 bigger if you wanted to take a look at 1067 00:38:09,920 --> 00:38:10,599 like 1068 00:38:10,599 --> 00:38:12,160 ls-la 1069 00:38:12,160 --> 00:38:14,640 you could say okay explain this to me 1070 00:38:14,640 --> 00:38:16,560 and it'll tell you okay the first part 1071 00:38:16,560 --> 00:38:19,440 is ls that means list directory contents 1072 00:38:19,440 --> 00:38:21,280 remember i called it the list command 1073 00:38:21,280 --> 00:38:23,280 that's what it is now what does that la 1074 00:38:23,280 --> 00:38:26,480 do well the l you hover over it says use 1075 00:38:26,480 --> 00:38:29,839 long listing format and the a says use 1076 00:38:29,839 --> 00:38:32,560 all okay so do not ignore entries 1077 00:38:32,560 --> 00:38:34,400 starting with a dot which is what we're 1078 00:38:34,400 --> 00:38:35,520 looking for 1079 00:38:35,520 --> 00:38:38,400 and the long listing just gives us more 1080 00:38:38,400 --> 00:38:40,800 detail gives us these file permissions 1081 00:38:40,800 --> 00:38:42,320 which we'll get into a little bit later 1082 00:38:42,320 --> 00:38:44,480 and who owns it and what the file size 1083 00:38:44,480 --> 00:38:48,079 is the directory etc etc we'll get down 1084 00:38:48,079 --> 00:38:51,040 into that in just a few videos 1085 00:38:51,040 --> 00:38:52,880 we can also use what are called man 1086 00:38:52,880 --> 00:38:55,359 pages i'm going to control l again if we 1087 00:38:55,359 --> 00:38:56,480 do man 1088 00:38:56,480 --> 00:39:00,320 ls man stands for manual so man ls we 1089 00:39:00,320 --> 00:39:02,640 could see in here that ls means list 1090 00:39:02,640 --> 00:39:05,440 directory contents great dash a stands 1091 00:39:05,440 --> 00:39:07,280 for all do not ignore entry starting 1092 00:39:07,280 --> 00:39:08,480 with the period 1093 00:39:08,480 --> 00:39:10,079 same thing as we saw before we could 1094 00:39:10,079 --> 00:39:12,480 scroll down look for the l portion of 1095 00:39:12,480 --> 00:39:13,440 this 1096 00:39:13,440 --> 00:39:15,359 and we'll see that we have use a long 1097 00:39:15,359 --> 00:39:16,720 listing format 1098 00:39:16,720 --> 00:39:19,040 you can hit q to quit this 1099 00:39:19,040 --> 00:39:20,800 so if you don't have internet access for 1100 00:39:20,800 --> 00:39:23,040 example you can use man pages 1101 00:39:23,040 --> 00:39:25,599 i like using explainshell.com i think 1102 00:39:25,599 --> 00:39:27,599 it's pretty awesome but man works very 1103 00:39:27,599 --> 00:39:28,960 quick and from the terminal you don't 1104 00:39:28,960 --> 00:39:31,040 have to leave or do anything another 1105 00:39:31,040 --> 00:39:33,760 thing that you can do is ls dash dash 1106 00:39:33,760 --> 00:39:35,440 help 1107 00:39:35,440 --> 00:39:37,280 and that will give you similar to the 1108 00:39:37,280 --> 00:39:39,760 man pages though not as 1109 00:39:39,760 --> 00:39:41,680 full detail i guess is the best way to 1110 00:39:41,680 --> 00:39:42,640 say it 1111 00:39:42,640 --> 00:39:44,000 and you come in here and you can see the 1112 00:39:44,000 --> 00:39:45,760 same kind of switches and commands that 1113 00:39:45,760 --> 00:39:47,599 were in here so 1114 00:39:47,599 --> 00:39:50,240 dash help works for a lot of commands 1115 00:39:50,240 --> 00:39:51,680 it's one of those that you should know 1116 00:39:51,680 --> 00:39:53,520 and you should try if you have any 1117 00:39:53,520 --> 00:39:55,760 questions about what you're trying to do 1118 00:39:55,760 --> 00:39:58,560 it's a great resource so if we ls dash 1119 00:39:58,560 --> 00:39:59,760 la 1120 00:39:59,760 --> 00:40:01,680 we can cd into one of these hidden 1121 00:40:01,680 --> 00:40:04,000 folders like we could cd into dot cache 1122 00:40:04,000 --> 00:40:05,599 for example 1123 00:40:05,599 --> 00:40:08,480 and we just ls that you can see that 1124 00:40:08,480 --> 00:40:10,319 there's actually stuff in the cache in 1125 00:40:10,319 --> 00:40:12,480 here so we're not going to get into this 1126 00:40:12,480 --> 00:40:14,160 i just want to show you that hidden 1127 00:40:14,160 --> 00:40:16,240 files and folders do exist so if you're 1128 00:40:16,240 --> 00:40:17,920 looking for something 1129 00:40:17,920 --> 00:40:20,160 especially pen test related something 1130 00:40:20,160 --> 00:40:21,520 might be hidden if you're on a linux 1131 00:40:21,520 --> 00:40:23,920 machine you might need to do ls-la to 1132 00:40:23,920 --> 00:40:25,359 see a hidden file 1133 00:40:25,359 --> 00:40:27,119 and they're incredibly easy to see as 1134 00:40:27,119 --> 00:40:28,800 you can see for yourself 1135 00:40:28,800 --> 00:40:31,680 let's go ahead and cd back to our home 1136 00:40:31,680 --> 00:40:32,800 folder 1137 00:40:32,800 --> 00:40:34,640 and from here i'm going to show you a 1138 00:40:34,640 --> 00:40:35,760 couple of 1139 00:40:35,760 --> 00:40:37,599 things that we're going to explain later 1140 00:40:37,599 --> 00:40:38,880 on but i just kind of want to get you 1141 00:40:38,880 --> 00:40:40,560 familiar with it so the first thing i 1142 00:40:40,560 --> 00:40:42,079 want to show you is the echo command if 1143 00:40:42,079 --> 00:40:44,240 we go echo and we use a single 1144 00:40:44,240 --> 00:40:46,720 apostrophe and we say hi like this 1145 00:40:46,720 --> 00:40:48,400 that's just going to echo out to the 1146 00:40:48,400 --> 00:40:49,359 screen 1147 00:40:49,359 --> 00:40:51,040 we'll get into the echo command a little 1148 00:40:51,040 --> 00:40:52,880 bit later on in the course 1149 00:40:52,880 --> 00:40:54,640 what we're doing here is we're going to 1150 00:40:54,640 --> 00:40:55,920 echo this 1151 00:40:55,920 --> 00:40:59,280 into a file so i'm going to say hi 1152 00:40:59,280 --> 00:41:01,440 and then i'm going to put that file 1153 00:41:01,440 --> 00:41:03,440 i'm going to use this greater than 1154 00:41:03,440 --> 00:41:05,119 symbol and that's going to be a 1155 00:41:05,119 --> 00:41:06,720 redirection operator and i'm going to 1156 00:41:06,720 --> 00:41:08,800 say hey just go ahead and make a file 1157 00:41:08,800 --> 00:41:11,040 called test.text 1158 00:41:11,040 --> 00:41:12,480 and while you don't need to know this 1159 00:41:12,480 --> 00:41:16,079 yet if i ran cat on this on test.txt 1160 00:41:16,079 --> 00:41:18,720 you'll see that it prints back out hi 1161 00:41:18,720 --> 00:41:21,119 okay so i just want to have this file 1162 00:41:21,119 --> 00:41:22,960 here that we created and what we're 1163 00:41:22,960 --> 00:41:24,560 going to do is we're going to just 1164 00:41:24,560 --> 00:41:26,079 quickly ls 1165 00:41:26,079 --> 00:41:27,760 we're going to see that it's there you 1166 00:41:27,760 --> 00:41:29,440 can see that there are color differences 1167 00:41:29,440 --> 00:41:31,359 for files and folders again and the 1168 00:41:31,359 --> 00:41:33,200 reason we're making this in this video 1169 00:41:33,200 --> 00:41:35,520 is i want to show you the copy command 1170 00:41:35,520 --> 00:41:38,079 so if we run copy on this we could say 1171 00:41:38,079 --> 00:41:40,400 copy test dot text 1172 00:41:40,400 --> 00:41:42,400 what i want to do is i want to copy this 1173 00:41:42,400 --> 00:41:44,880 into the downloads folder so i can just 1174 00:41:44,880 --> 00:41:48,960 say copy test.text into downloads 1175 00:41:48,960 --> 00:41:51,359 if we ls we'll see that test.text is 1176 00:41:51,359 --> 00:41:54,319 here we're making a copy if we ls 1177 00:41:54,319 --> 00:41:55,599 downloads 1178 00:41:55,599 --> 00:41:58,079 we can see that test.txt is actually in 1179 00:41:58,079 --> 00:41:59,839 there as well 1180 00:41:59,839 --> 00:42:02,079 so similar with the remove directory we 1181 00:42:02,079 --> 00:42:04,400 can use the rm command and what we're 1182 00:42:04,400 --> 00:42:06,960 going to do is remove that file 1183 00:42:06,960 --> 00:42:08,560 and again we don't have to be in the 1184 00:42:08,560 --> 00:42:10,240 directory to remove it we can call the 1185 00:42:10,240 --> 00:42:14,240 directory path and then test.txt 1186 00:42:14,240 --> 00:42:18,079 if we hit ls on downloads again 1187 00:42:18,079 --> 00:42:19,280 we can just 1188 00:42:19,280 --> 00:42:20,560 go ahead and hit enter and you're going 1189 00:42:20,560 --> 00:42:21,839 to see that 1190 00:42:21,839 --> 00:42:24,319 there is no test.text in there anymore 1191 00:42:24,319 --> 00:42:26,000 but if we ls here 1192 00:42:26,000 --> 00:42:28,960 you'll see that test.text does exist so 1193 00:42:28,960 --> 00:42:31,520 i'm going to go ahead and control l 1194 00:42:31,520 --> 00:42:33,280 the opposite of this 1195 00:42:33,280 --> 00:42:36,480 is the move command now if i move 1196 00:42:36,480 --> 00:42:37,920 test.txt 1197 00:42:37,920 --> 00:42:40,319 and i put that into downloads 1198 00:42:40,319 --> 00:42:42,960 if i ls now 1199 00:42:42,960 --> 00:42:45,040 you're gonna see that there is no 1200 00:42:45,040 --> 00:42:48,000 test.text in here why is that well if we 1201 00:42:48,000 --> 00:42:49,680 ls downloads 1202 00:42:49,680 --> 00:42:51,440 you're gonna see that we moved it so 1203 00:42:51,440 --> 00:42:54,160 remember copy leaves an original version 1204 00:42:54,160 --> 00:42:56,160 wherever you copied from 1205 00:42:56,160 --> 00:42:59,359 move completely moves it so the cp and 1206 00:42:59,359 --> 00:43:01,200 the mv commands are what you need to 1207 00:43:01,200 --> 00:43:02,319 know there 1208 00:43:02,319 --> 00:43:03,760 now while we're on this what we're going 1209 00:43:03,760 --> 00:43:05,839 to do is we're going to look at a 1210 00:43:05,839 --> 00:43:07,760 command called locate 1211 00:43:07,760 --> 00:43:09,680 the locate's pretty awesome if you did 1212 00:43:09,680 --> 00:43:11,520 locate and say i wanted to find out 1213 00:43:11,520 --> 00:43:14,000 where that test.txt file is 1214 00:43:14,000 --> 00:43:16,000 i could do locatetest.txt and we're 1215 00:43:16,000 --> 00:43:17,680 probably not going to get anything back 1216 00:43:17,680 --> 00:43:19,839 quite yet now if we're looking through 1217 00:43:19,839 --> 00:43:22,160 this none of these files are where we're 1218 00:43:22,160 --> 00:43:24,720 at so there are some tests.txt files on 1219 00:43:24,720 --> 00:43:26,960 this machine but we're not seeing the 1220 00:43:26,960 --> 00:43:29,200 one that we created so say that we 1221 00:43:29,200 --> 00:43:30,880 created a file we can't remember where 1222 00:43:30,880 --> 00:43:32,319 we put it and we just want to go search 1223 00:43:32,319 --> 00:43:33,760 for it and find it 1224 00:43:33,760 --> 00:43:37,200 what we can do is we can say update db 1225 00:43:37,200 --> 00:43:38,800 and you're going to see that we actually 1226 00:43:38,800 --> 00:43:40,800 get a denied why are we getting 1227 00:43:40,800 --> 00:43:42,480 permission denied well this comes back 1228 00:43:42,480 --> 00:43:44,560 to sudo so let's go ahead and sudo 1229 00:43:44,560 --> 00:43:45,680 update 1230 00:43:45,680 --> 00:43:47,280 db 1231 00:43:47,280 --> 00:43:48,640 you're going to enter in your sudo 1232 00:43:48,640 --> 00:43:49,839 password 1233 00:43:49,839 --> 00:43:52,079 it's going to update the database 1234 00:43:52,079 --> 00:43:54,560 and now if we do locate test.txt and you 1235 00:43:54,560 --> 00:43:56,160 can just when you see a screen like this 1236 00:43:56,160 --> 00:43:58,480 by the way where it's kind of semi-gray 1237 00:43:58,480 --> 00:44:00,560 if you just hit the right arrow that 1238 00:44:00,560 --> 00:44:02,079 will go ahead and auto-complete because 1239 00:44:02,079 --> 00:44:04,319 it remembers your last command 1240 00:44:04,319 --> 00:44:06,400 you can hit that 1241 00:44:06,400 --> 00:44:08,319 and you can now see that the first entry 1242 00:44:08,319 --> 00:44:10,720 in here is home cali downloads test.txt 1243 00:44:10,720 --> 00:44:12,720 so now the database is updated and it 1244 00:44:12,720 --> 00:44:14,000 finds it 1245 00:44:14,000 --> 00:44:15,680 one other thing to mention i just talked 1246 00:44:15,680 --> 00:44:17,440 about autocompleting with the right 1247 00:44:17,440 --> 00:44:20,480 arrow if you hit the up arrow you can go 1248 00:44:20,480 --> 00:44:22,560 through your previous commands 1249 00:44:22,560 --> 00:44:24,240 you can see all the commands that i've 1250 00:44:24,240 --> 00:44:26,400 been running through so we can also use 1251 00:44:26,400 --> 00:44:27,839 the down arrow to scroll back down 1252 00:44:27,839 --> 00:44:29,760 through those commands so say i wanted 1253 00:44:29,760 --> 00:44:31,920 to run that locate test.txt command 1254 00:44:31,920 --> 00:44:33,680 again instead of typing it out i just 1255 00:44:33,680 --> 00:44:36,720 hit the up arrow and then i hit enter 1256 00:44:36,720 --> 00:44:38,079 easy breezy 1257 00:44:38,079 --> 00:44:39,440 okay so we're gonna go ahead and remove 1258 00:44:39,440 --> 00:44:42,640 downloads test.txt 1259 00:44:42,640 --> 00:44:44,560 and now that file should be gone we can 1260 00:44:44,560 --> 00:44:46,720 ls one more time into downloads just to 1261 00:44:46,720 --> 00:44:49,520 make sure and you can see that ecm 1262 00:44:49,520 --> 00:44:51,359 security finals the only thing that's in 1263 00:44:51,359 --> 00:44:52,560 there 1264 00:44:52,560 --> 00:44:54,400 one other thing to point out that i just 1265 00:44:54,400 --> 00:44:55,760 noticed actually 1266 00:44:55,760 --> 00:44:56,880 is 1267 00:44:56,880 --> 00:44:58,560 these files are case sensitive and the 1268 00:44:58,560 --> 00:45:00,240 folders are case sensitive so if i try 1269 00:45:00,240 --> 00:45:02,960 to cd into downloads 1270 00:45:02,960 --> 00:45:04,560 it's not going to work because downloads 1271 00:45:04,560 --> 00:45:07,599 doesn't exist so if i cdn2 downloads 1272 00:45:07,599 --> 00:45:09,280 i could spell 1273 00:45:09,280 --> 00:45:10,800 then you can see that i actually get 1274 00:45:10,800 --> 00:45:13,200 into the downloads folder so note that 1275 00:45:13,200 --> 00:45:15,520 it's case sensitive auto complete i go 1276 00:45:15,520 --> 00:45:16,319 back 1277 00:45:16,319 --> 00:45:18,640 we'll do a pretty decent job at trying 1278 00:45:18,640 --> 00:45:20,720 on newer versions of cali that is if i 1279 00:45:20,720 --> 00:45:23,119 hit do for example and then i tab it'll 1280 00:45:23,119 --> 00:45:24,400 realize that i'm trying to get to 1281 00:45:24,400 --> 00:45:26,160 downloads the last thing i'm going to 1282 00:45:26,160 --> 00:45:28,480 show you is the password command that is 1283 00:45:28,480 --> 00:45:30,800 p-a-s-s-w-d 1284 00:45:30,800 --> 00:45:32,240 we are going to be good security 1285 00:45:32,240 --> 00:45:34,480 engineers and change our password we're 1286 00:45:34,480 --> 00:45:35,760 going to make it a strong password 1287 00:45:35,760 --> 00:45:37,920 because we're good security engineers 1288 00:45:37,920 --> 00:45:40,160 i am going to be the bad security 1289 00:45:40,160 --> 00:45:42,960 engineer and make my password password 1290 00:45:42,960 --> 00:45:44,640 and i'm doing that because later on the 1291 00:45:44,640 --> 00:45:47,280 course will talk about cracking linux 1292 00:45:47,280 --> 00:45:49,440 passwords and we're going to use my bad 1293 00:45:49,440 --> 00:45:51,839 password as an example so here we're 1294 00:45:51,839 --> 00:45:53,520 going to type our current password cali 1295 00:45:53,520 --> 00:45:55,599 is a terrible password by the way 1296 00:45:55,599 --> 00:45:56,960 and we're going to go ahead and type in 1297 00:45:56,960 --> 00:45:58,240 our new password you can make your 1298 00:45:58,240 --> 00:46:00,560 password whatever you want i'm making 1299 00:46:00,560 --> 00:46:03,440 mine password and now we have updated 1300 00:46:03,440 --> 00:46:05,520 successfully and we have finished all 1301 00:46:05,520 --> 00:46:07,040 the commands that we need to know for 1302 00:46:07,040 --> 00:46:09,440 this video i'll go ahead and see you in 1303 00:46:09,440 --> 00:46:11,200 the next lesson 1304 00:46:11,200 --> 00:46:13,119 now we're going to talk about users and 1305 00:46:13,119 --> 00:46:14,480 privileges 1306 00:46:14,480 --> 00:46:16,560 so in the last video we learned about 1307 00:46:16,560 --> 00:46:18,400 ls-la 1308 00:46:18,400 --> 00:46:21,040 so i am in my home folder which is the 1309 00:46:21,040 --> 00:46:23,680 atilda here and all i'm gonna do is just 1310 00:46:23,680 --> 00:46:26,079 say ls-la 1311 00:46:26,079 --> 00:46:28,400 i'm gonna hit enter 1312 00:46:28,400 --> 00:46:30,720 and we're going to see a bunch of stuff 1313 00:46:30,720 --> 00:46:33,520 over here on the left hand side we've 1314 00:46:33,520 --> 00:46:36,160 got this we've got the details kind of 1315 00:46:36,160 --> 00:46:38,560 of ownership we've got some file size in 1316 00:46:38,560 --> 00:46:41,119 here and we'll talk about all of this 1317 00:46:41,119 --> 00:46:43,520 but we do ls-la we're getting so much 1318 00:46:43,520 --> 00:46:45,520 more information than whether or not a 1319 00:46:45,520 --> 00:46:46,960 file is hidden which is kind of the 1320 00:46:46,960 --> 00:46:49,760 purpose we looked at it for last time 1321 00:46:49,760 --> 00:46:51,359 but now we can take it and look at it 1322 00:46:51,359 --> 00:46:54,160 from a different scope or a lens 1323 00:46:54,160 --> 00:46:57,040 we can see that we have this column here 1324 00:46:57,040 --> 00:46:58,560 the first column 1325 00:46:58,560 --> 00:47:00,160 now the first column tells us something 1326 00:47:00,160 --> 00:47:01,599 interesting 1327 00:47:01,599 --> 00:47:04,240 it first tells us whether or not we are 1328 00:47:04,240 --> 00:47:07,119 looking at a file or a directory so if 1329 00:47:07,119 --> 00:47:09,520 we see a d here we are seeing that this 1330 00:47:09,520 --> 00:47:11,760 is a directory note that these are also 1331 00:47:11,760 --> 00:47:14,560 color coded right so we have blue for 1332 00:47:14,560 --> 00:47:16,880 directories it looks like and then white 1333 00:47:16,880 --> 00:47:19,920 here or files and then we also have 1334 00:47:19,920 --> 00:47:21,680 links which we're not going to get into 1335 00:47:21,680 --> 00:47:24,000 much right now but a link looks like 1336 00:47:24,000 --> 00:47:25,599 it's a lighter blue 1337 00:47:25,599 --> 00:47:29,040 so we have the indicator here first it 1338 00:47:29,040 --> 00:47:31,119 says okay it's either a d or maybe a 1339 00:47:31,119 --> 00:47:32,720 dash or an l 1340 00:47:32,720 --> 00:47:34,240 there are other settings that could be 1341 00:47:34,240 --> 00:47:36,000 here but for now this is all we need to 1342 00:47:36,000 --> 00:47:37,119 worry about 1343 00:47:37,119 --> 00:47:38,240 the next set of things that we're going 1344 00:47:38,240 --> 00:47:41,280 to look at are these rwx's 1345 00:47:41,280 --> 00:47:44,400 or our blank x what does that all mean 1346 00:47:44,400 --> 00:47:47,920 well rwx means read write execute when 1347 00:47:47,920 --> 00:47:50,400 we're missing one of those like a dash 1348 00:47:50,400 --> 00:47:52,319 here that just means we have a read and 1349 00:47:52,319 --> 00:47:53,440 execute 1350 00:47:53,440 --> 00:47:54,960 and there are actually three groups that 1351 00:47:54,960 --> 00:47:56,400 we're looking at here 1352 00:47:56,400 --> 00:47:58,400 so we have the first group 1353 00:47:58,400 --> 00:48:00,960 which is the owner of our file so this 1354 00:48:00,960 --> 00:48:02,880 first group says read write execute for 1355 00:48:02,880 --> 00:48:05,119 the owner of this file and if we look at 1356 00:48:05,119 --> 00:48:06,400 the owner of the file we can actually 1357 00:48:06,400 --> 00:48:08,640 see that the owner is going to be cali 1358 00:48:08,640 --> 00:48:11,040 well in this instance it's the directory 1359 00:48:11,040 --> 00:48:13,280 but here we're looking at cali you can 1360 00:48:13,280 --> 00:48:14,960 see that one of these has root listed 1361 00:48:14,960 --> 00:48:17,040 but in this instance since we're using 1362 00:48:17,040 --> 00:48:18,559 the cali user and we're in our home 1363 00:48:18,559 --> 00:48:20,559 folder we're looking at mostly cali 1364 00:48:20,559 --> 00:48:23,520 being the file owner for this 1365 00:48:23,520 --> 00:48:24,880 the next one we're going to look at is 1366 00:48:24,880 --> 00:48:26,720 we're going to say okay 1367 00:48:26,720 --> 00:48:28,240 group membership 1368 00:48:28,240 --> 00:48:32,240 so anybody that is a part of this group 1369 00:48:32,240 --> 00:48:35,359 what do they get ownership to or what do 1370 00:48:35,359 --> 00:48:37,839 they get to do with this directory or 1371 00:48:37,839 --> 00:48:39,040 this file 1372 00:48:39,040 --> 00:48:39,920 well 1373 00:48:39,920 --> 00:48:42,000 anybody in this group can read or 1374 00:48:42,000 --> 00:48:44,559 execute but they cannot write to this 1375 00:48:44,559 --> 00:48:46,160 directory or file 1376 00:48:46,160 --> 00:48:48,000 and lastly we have the third setting 1377 00:48:48,000 --> 00:48:50,559 which is all other users what can all 1378 00:48:50,559 --> 00:48:52,400 other users do 1379 00:48:52,400 --> 00:48:54,319 all the users can read and execute but 1380 00:48:54,319 --> 00:48:56,559 they cannot write here 1381 00:48:56,559 --> 00:48:58,160 and we don't have anything in here 1382 00:48:58,160 --> 00:49:00,160 besides this link that is read write 1383 00:49:00,160 --> 00:49:02,800 execute we don't have a world read write 1384 00:49:02,800 --> 00:49:07,040 execute in this folder and that's okay 1385 00:49:07,040 --> 00:49:08,480 this does come into play when we're 1386 00:49:08,480 --> 00:49:10,640 doing penetration testing however when 1387 00:49:10,640 --> 00:49:13,040 we want to find some sort of file that 1388 00:49:13,040 --> 00:49:16,240 has read write access or read write 1389 00:49:16,240 --> 00:49:18,800 execute access if we have full access 1390 00:49:18,800 --> 00:49:20,319 that is ideal 1391 00:49:20,319 --> 00:49:21,680 especially if there are some sensitive 1392 00:49:21,680 --> 00:49:23,440 files that we're not supposed to see or 1393 00:49:23,440 --> 00:49:25,839 maybe were misconfigured or if we need 1394 00:49:25,839 --> 00:49:28,559 somewhere to write to on the disk for 1395 00:49:28,559 --> 00:49:30,800 example if i clear the screen here and 1396 00:49:30,800 --> 00:49:36,160 we do an ls-la of the temp folder 1397 00:49:36,720 --> 00:49:39,440 we can see that temp actually has read 1398 00:49:39,440 --> 00:49:42,240 write execute privileges throughout 1399 00:49:42,240 --> 00:49:44,559 this is a great place when we're doing 1400 00:49:44,559 --> 00:49:46,800 pen testing and we're working on a linux 1401 00:49:46,800 --> 00:49:49,040 machine that if we need to come drop a 1402 00:49:49,040 --> 00:49:51,520 file we know that this temp folder can 1403 00:49:51,520 --> 00:49:54,000 be written to we can write whatever file 1404 00:49:54,000 --> 00:49:55,520 we want and execute these files from 1405 00:49:55,520 --> 00:49:57,680 here without having to worry about too 1406 00:49:57,680 --> 00:49:59,520 many permissions so if we're attacking 1407 00:49:59,520 --> 00:50:01,440 machines later on especially as we get 1408 00:50:01,440 --> 00:50:03,040 on into the practical ethical hacking 1409 00:50:03,040 --> 00:50:04,000 course 1410 00:50:04,000 --> 00:50:06,720 you may see me go and use the temp 1411 00:50:06,720 --> 00:50:09,599 folder to upload malware or write a 1412 00:50:09,599 --> 00:50:12,079 malicious file or something that i can 1413 00:50:12,079 --> 00:50:14,480 do from a folder that is read write 1414 00:50:14,480 --> 00:50:16,559 executable so let's clear the screen 1415 00:50:16,559 --> 00:50:17,680 again 1416 00:50:17,680 --> 00:50:19,839 now another reason and importance for 1417 00:50:19,839 --> 00:50:21,760 the read write execute is that if we 1418 00:50:21,760 --> 00:50:23,839 write a script we won't be able to 1419 00:50:23,839 --> 00:50:25,680 execute that script until we have full 1420 00:50:25,680 --> 00:50:28,079 access to do so that's going to become 1421 00:50:28,079 --> 00:50:30,000 more important as we download files and 1422 00:50:30,000 --> 00:50:32,000 try to run them against machines but 1423 00:50:32,000 --> 00:50:33,920 even in this little section when we're 1424 00:50:33,920 --> 00:50:36,240 looking at the bash scripting we're 1425 00:50:36,240 --> 00:50:38,480 going to need to be able to execute our 1426 00:50:38,480 --> 00:50:39,839 script and we're going to need to be 1427 00:50:39,839 --> 00:50:41,839 able to change the permissions on that 1428 00:50:41,839 --> 00:50:43,599 let's go ahead and do that here we're 1429 00:50:43,599 --> 00:50:44,960 going to create a little text file and 1430 00:50:44,960 --> 00:50:46,319 just look at the permissions and how 1431 00:50:46,319 --> 00:50:47,680 things change 1432 00:50:47,680 --> 00:50:49,359 so similar to the last video we're going 1433 00:50:49,359 --> 00:50:51,119 to do an echo and we're just going to 1434 00:50:51,119 --> 00:50:53,200 say hello 1435 00:50:53,200 --> 00:50:55,520 and in this we are going to use our 1436 00:50:55,520 --> 00:50:57,359 directional operator and we are going to 1437 00:50:57,359 --> 00:51:01,920 just put this in a hello.txt file 1438 00:51:02,000 --> 00:51:05,400 if we ls-la 1439 00:51:05,599 --> 00:51:08,960 we could see that hello.txt is in here 1440 00:51:08,960 --> 00:51:11,520 but look at the permissions that are set 1441 00:51:11,520 --> 00:51:13,200 we have read write permissions we don't 1442 00:51:13,200 --> 00:51:15,200 have any execute permissions if this was 1443 00:51:15,200 --> 00:51:16,480 a script or anything that we're trying 1444 00:51:16,480 --> 00:51:18,480 to run the machine will not let us run 1445 00:51:18,480 --> 00:51:20,000 it because we do not have the execute 1446 00:51:20,000 --> 00:51:21,359 permissions 1447 00:51:21,359 --> 00:51:23,119 same thing here everybody else can only 1448 00:51:23,119 --> 00:51:24,800 read this file they cannot write or 1449 00:51:24,800 --> 00:51:27,119 execute this file so we can change the 1450 00:51:27,119 --> 00:51:28,880 permissions on this and we can do that 1451 00:51:28,880 --> 00:51:31,839 with the ch mod which stands for 1452 00:51:31,839 --> 00:51:33,280 change mode 1453 00:51:33,280 --> 00:51:34,640 so i'm going to go ahead and clear 1454 00:51:34,640 --> 00:51:37,520 screen again and we can do a ch mod 1455 00:51:37,520 --> 00:51:39,040 and there's two different ways to do 1456 00:51:39,040 --> 00:51:39,839 this 1457 00:51:39,839 --> 00:51:41,920 the first way is to do something like a 1458 00:51:41,920 --> 00:51:43,040 plus sign 1459 00:51:43,040 --> 00:51:44,640 and then give the permissions that you 1460 00:51:44,640 --> 00:51:46,960 want set for that file so we could do 1461 00:51:46,960 --> 00:51:49,839 something like rwx that is read write 1462 00:51:49,839 --> 00:51:52,720 execute if you wanted just read access 1463 00:51:52,720 --> 00:51:54,720 or read write access or just write 1464 00:51:54,720 --> 00:51:55,760 access 1465 00:51:55,760 --> 00:51:57,680 you would put the appropriate lettering 1466 00:51:57,680 --> 00:51:59,440 there and let's go ahead and just give 1467 00:51:59,440 --> 00:52:01,280 this a read write execute and i'm going 1468 00:52:01,280 --> 00:52:03,359 to say hello.txt 1469 00:52:03,359 --> 00:52:04,960 and hit enter 1470 00:52:04,960 --> 00:52:07,359 and we're going to go ahead in ls-la 1471 00:52:07,359 --> 00:52:08,559 again 1472 00:52:08,559 --> 00:52:10,240 and now you can see that the color of 1473 00:52:10,240 --> 00:52:12,400 this has changed why 1474 00:52:12,400 --> 00:52:15,760 it is fully read write executable for us 1475 00:52:15,760 --> 00:52:17,440 as the user 1476 00:52:17,440 --> 00:52:19,839 okay as the owner i should say 1477 00:52:19,839 --> 00:52:22,960 so that's one way of doing it however 1478 00:52:22,960 --> 00:52:24,960 there is another way of doing this as 1479 00:52:24,960 --> 00:52:25,920 well 1480 00:52:25,920 --> 00:52:28,400 we can say chmod 1481 00:52:28,400 --> 00:52:30,240 777 1482 00:52:30,240 --> 00:52:31,359 hello 1483 00:52:31,359 --> 00:52:33,839 that txt hit enter 1484 00:52:33,839 --> 00:52:36,400 do an ls-la 1485 00:52:36,400 --> 00:52:38,079 and you'll see now 1486 00:52:38,079 --> 00:52:40,960 that everything has read write execute 1487 00:52:40,960 --> 00:52:41,920 here 1488 00:52:41,920 --> 00:52:45,599 well what changed what is this 777 and 1489 00:52:45,599 --> 00:52:47,920 why is it so important 1490 00:52:47,920 --> 00:52:49,839 okay for that we're going to jump over 1491 00:52:49,839 --> 00:52:52,160 to powerpoint for just a second 1492 00:52:52,160 --> 00:52:54,160 okay so we have different numbers that 1493 00:52:54,160 --> 00:52:56,559 we can set for the ch mod 1494 00:52:56,559 --> 00:52:58,200 and remember we did 1495 00:52:58,200 --> 00:53:01,119 777 because we gave a seven to each 1496 00:53:01,119 --> 00:53:03,040 group we had the first second and third 1497 00:53:03,040 --> 00:53:04,880 groups remember that well what does 1498 00:53:04,880 --> 00:53:06,160 seven mean 1499 00:53:06,160 --> 00:53:09,520 well seven means read write execute so 1500 00:53:09,520 --> 00:53:12,960 for a read permission we get four points 1501 00:53:12,960 --> 00:53:15,599 or a right we get two and for execute we 1502 00:53:15,599 --> 00:53:17,440 get one so as you can see down here we 1503 00:53:17,440 --> 00:53:19,520 have four plus two plus one 1504 00:53:19,520 --> 00:53:21,040 that equals seven 1505 00:53:21,040 --> 00:53:22,559 well if we had no permissions that would 1506 00:53:22,559 --> 00:53:24,400 be zero so we could do something like a 1507 00:53:24,400 --> 00:53:26,079 seven zero zero 1508 00:53:26,079 --> 00:53:28,480 you might see something like read only 1509 00:53:28,480 --> 00:53:29,920 and then you would just give it four 1510 00:53:29,920 --> 00:53:32,880 four four across the board for example 1511 00:53:32,880 --> 00:53:36,000 or i've seen something like an ssh pem 1512 00:53:36,000 --> 00:53:38,720 file and those files require specific 1513 00:53:38,720 --> 00:53:41,040 permissions typically it is six four 1514 00:53:41,040 --> 00:53:43,680 four so that would say that the owner 1515 00:53:43,680 --> 00:53:46,480 has read write but no execute and then 1516 00:53:46,480 --> 00:53:48,559 the rest of everybody else has just read 1517 00:53:48,559 --> 00:53:50,800 access to that file so that would be a 1518 00:53:50,800 --> 00:53:53,680 644 permission so if you ever wonder 1519 00:53:53,680 --> 00:53:55,280 what the permissions mean you can always 1520 00:53:55,280 --> 00:53:57,040 refer back to a chart like this or 1521 00:53:57,040 --> 00:53:59,200 quickly google what do the ch mod 1522 00:53:59,200 --> 00:54:01,119 numbers mean just know if you want to 1523 00:54:01,119 --> 00:54:03,119 give something full permissions you are 1524 00:54:03,119 --> 00:54:06,240 going to set 777 across the board and if 1525 00:54:06,240 --> 00:54:08,079 we're doing hacking or doing penetration 1526 00:54:08,079 --> 00:54:09,760 testing that's often what we're going to 1527 00:54:09,760 --> 00:54:10,559 use 1528 00:54:10,559 --> 00:54:12,880 with the exception of pem files where 1529 00:54:12,880 --> 00:54:14,319 they have to have more restricted 1530 00:54:14,319 --> 00:54:16,480 permissions sometimes six four four 1531 00:54:16,480 --> 00:54:18,480 sometimes actually four zero zero is 1532 00:54:18,480 --> 00:54:20,559 what i've seen as well from here let's 1533 00:54:20,559 --> 00:54:23,119 go back to our cali machine and i'm 1534 00:54:23,119 --> 00:54:25,200 going to go ahead and control l to clear 1535 00:54:25,200 --> 00:54:26,640 the screen 1536 00:54:26,640 --> 00:54:28,559 here we want to take a look at adding a 1537 00:54:28,559 --> 00:54:29,680 user 1538 00:54:29,680 --> 00:54:32,720 so we're going to do a sudo 1539 00:54:32,720 --> 00:54:34,400 add user 1540 00:54:34,400 --> 00:54:36,240 and you can give whatever username you 1541 00:54:36,240 --> 00:54:37,839 want i'm going to just call this user 1542 00:54:37,839 --> 00:54:39,520 john 1543 00:54:39,520 --> 00:54:40,799 it's going to ask for our pseudo 1544 00:54:40,799 --> 00:54:42,400 password remember we changed our 1545 00:54:42,400 --> 00:54:43,920 password so make sure you put in the 1546 00:54:43,920 --> 00:54:45,200 right password 1547 00:54:45,200 --> 00:54:47,119 and now it's going to say okay what 1548 00:54:47,119 --> 00:54:50,640 password do you want to use for john 1549 00:54:50,640 --> 00:54:52,480 i'm going to go ahead and enter that 1550 00:54:52,480 --> 00:54:55,599 and i'm going to enter it again 1551 00:54:56,640 --> 00:54:57,920 and then you could just hit enter 1552 00:54:57,920 --> 00:54:59,920 through all of this 1553 00:54:59,920 --> 00:55:01,520 and get back to this screen where it 1554 00:55:01,520 --> 00:55:03,520 says cali app cali 1555 00:55:03,520 --> 00:55:04,960 from here we're going to go ahead and 1556 00:55:04,960 --> 00:55:08,000 switch user and go into john so just do 1557 00:55:08,000 --> 00:55:09,839 su john 1558 00:55:09,839 --> 00:55:11,599 i'm going to ask for john's password go 1559 00:55:11,599 --> 00:55:13,760 ahead and give that password 1560 00:55:13,760 --> 00:55:15,839 and now you can see 1561 00:55:15,839 --> 00:55:18,160 that we are john at cali 1562 00:55:18,160 --> 00:55:20,079 so what is special about john well we've 1563 00:55:20,079 --> 00:55:21,680 made a new user 1564 00:55:21,680 --> 00:55:24,799 and john has some permissions now if we 1565 00:55:24,799 --> 00:55:27,200 wanted to cut out like the 1566 00:55:27,200 --> 00:55:30,720 etsy password file 1567 00:55:30,720 --> 00:55:32,960 we can and this is a very common file 1568 00:55:32,960 --> 00:55:34,319 that you're going to look at as a pen 1569 00:55:34,319 --> 00:55:36,720 tester if you come in here the etsy 1570 00:55:36,720 --> 00:55:39,040 password file is important this is 1571 00:55:39,040 --> 00:55:40,400 something that we can see a lot of 1572 00:55:40,400 --> 00:55:42,480 information about this machine now the 1573 00:55:42,480 --> 00:55:44,000 etsy password file is called the 1574 00:55:44,000 --> 00:55:45,599 password file not because it has our 1575 00:55:45,599 --> 00:55:47,920 password in it but because it used to 1576 00:55:47,920 --> 00:55:50,079 store our password in it a very very 1577 00:55:50,079 --> 00:55:51,440 long time ago 1578 00:55:51,440 --> 00:55:53,520 now what is being done is they put an x 1579 00:55:53,520 --> 00:55:55,440 here for a placeholder and that 1580 00:55:55,440 --> 00:55:57,680 placeholder is then filled in with the 1581 00:55:57,680 --> 00:55:59,200 shadow file we'll take a look at that 1582 00:55:59,200 --> 00:56:00,559 here in a second 1583 00:56:00,559 --> 00:56:02,480 so we are using the cat command and 1584 00:56:02,480 --> 00:56:03,839 you've seen me use this several times 1585 00:56:03,839 --> 00:56:05,119 throughout the course 1586 00:56:05,119 --> 00:56:07,680 we are using that to basically print out 1587 00:56:07,680 --> 00:56:09,920 a file so when we print out the file we 1588 00:56:09,920 --> 00:56:11,440 can read the file 1589 00:56:11,440 --> 00:56:13,119 so from here we're reading the file 1590 00:56:13,119 --> 00:56:16,640 we're saying okay i see root root is the 1591 00:56:16,640 --> 00:56:19,119 zero user id and that is important 1592 00:56:19,119 --> 00:56:21,920 that's telling us they are the ultimate 1593 00:56:21,920 --> 00:56:25,200 user on the machine they are user zero 1594 00:56:25,200 --> 00:56:27,119 if we scroll way down to the bottom we 1595 00:56:27,119 --> 00:56:29,200 should see some users that were created 1596 00:56:29,200 --> 00:56:32,079 here for example we see cali cali's user 1597 00:56:32,079 --> 00:56:35,200 1000 pretty common we can also see that 1598 00:56:35,200 --> 00:56:37,359 john is in use here and john is user 1599 00:56:37,359 --> 00:56:38,880 1001 1600 00:56:38,880 --> 00:56:40,559 we can see what type of shell type 1601 00:56:40,559 --> 00:56:42,640 they're using and what their home folder 1602 00:56:42,640 --> 00:56:45,760 is as well you can see the zsh shell 1603 00:56:45,760 --> 00:56:48,720 type compared to john's bin bash so they 1604 00:56:48,720 --> 00:56:50,319 are different shell types and we'll get 1605 00:56:50,319 --> 00:56:52,319 into those a little later on 1606 00:56:52,319 --> 00:56:54,480 but from here we can also see 1607 00:56:54,480 --> 00:56:56,240 roots here we can see the root shell 1608 00:56:56,240 --> 00:56:58,720 type and we can also see what kind of 1609 00:56:58,720 --> 00:57:00,960 services are running on this machine so 1610 00:57:00,960 --> 00:57:02,240 if you want to find the users i 1611 00:57:02,240 --> 00:57:04,079 typically look at root and then i look 1612 00:57:04,079 --> 00:57:05,440 and scroll all the way to the bottom to 1613 00:57:05,440 --> 00:57:07,280 see what's been installed 1614 00:57:07,280 --> 00:57:09,599 besides what's on this machine so in 1615 00:57:09,599 --> 00:57:11,599 here we can see some things like 1616 00:57:11,599 --> 00:57:14,319 ssh which is important we know okay this 1617 00:57:14,319 --> 00:57:16,799 has the capability of running ssh maybe 1618 00:57:16,799 --> 00:57:19,920 has an ssh service maybe it has a sql 1619 00:57:19,920 --> 00:57:23,359 service here with the mysql openvpn so 1620 00:57:23,359 --> 00:57:24,559 it's a little bit of information 1621 00:57:24,559 --> 00:57:27,119 gathering if we were to land on a 1622 00:57:27,119 --> 00:57:28,720 machine for example and we're a 1623 00:57:28,720 --> 00:57:30,880 low-level user with no privileges we 1624 00:57:30,880 --> 00:57:32,480 could start to look at who are the other 1625 00:57:32,480 --> 00:57:34,240 users on the computer 1626 00:57:34,240 --> 00:57:36,720 why are they important how can we get a 1627 00:57:36,720 --> 00:57:38,400 hold of them where are their files 1628 00:57:38,400 --> 00:57:40,400 located what kind of services are 1629 00:57:40,400 --> 00:57:42,400 running on this machine this is all part 1630 00:57:42,400 --> 00:57:44,960 of the information gathering stage of 1631 00:57:44,960 --> 00:57:48,000 ethical hacking and this file leads to a 1632 00:57:48,000 --> 00:57:49,839 lot of clues for us 1633 00:57:49,839 --> 00:57:51,680 now clearing the screen 1634 00:57:51,680 --> 00:57:54,000 let's say i want to view the shadow file 1635 00:57:54,000 --> 00:57:56,160 the shadow file is the file that 1636 00:57:56,160 --> 00:57:58,559 contains the password hashes for this 1637 00:57:58,559 --> 00:57:59,680 machine 1638 00:57:59,680 --> 00:58:02,079 i'm going to go ahead and try to type in 1639 00:58:02,079 --> 00:58:04,160 cat 1640 00:58:04,160 --> 00:58:08,040 etsy shadow 1641 00:58:08,799 --> 00:58:11,599 permission denied okay maybe i need to 1642 00:58:11,599 --> 00:58:14,319 use sudo 1643 00:58:15,760 --> 00:58:18,960 let's try it here enter our password 1644 00:58:18,960 --> 00:58:22,000 oh john is not in the sudoers file this 1645 00:58:22,000 --> 00:58:24,319 is also called the su-doers file and you 1646 00:58:24,319 --> 00:58:27,359 can also call sudo sudo depends on your 1647 00:58:27,359 --> 00:58:29,040 nomenclature and how you pronounce it 1648 00:58:29,040 --> 00:58:30,880 i'm a pseudo person 1649 00:58:30,880 --> 00:58:33,040 so from here i'm going to go ahead and 1650 00:58:33,040 --> 00:58:34,240 control l 1651 00:58:34,240 --> 00:58:36,559 we're going to switch user back into 1652 00:58:36,559 --> 00:58:37,839 cali and we're gonna take a look at some 1653 00:58:37,839 --> 00:58:40,400 stuff so if i go switch user 1654 00:58:40,400 --> 00:58:42,559 kali it's gonna ask me for the password 1655 00:58:42,559 --> 00:58:45,760 and enter our password in 1656 00:58:45,760 --> 00:58:48,240 and first thing i want to show you the 1657 00:58:48,240 --> 00:58:50,079 shadow file before we move on to the 1658 00:58:50,079 --> 00:58:52,480 sudoers file so if we go 1659 00:58:52,480 --> 00:58:54,079 sudo cat 1660 00:58:54,079 --> 00:58:56,160 etsy shadow i think this is important to 1661 00:58:56,160 --> 00:58:57,520 see 1662 00:58:57,520 --> 00:58:59,599 you can come in here and remember how i 1663 00:58:59,599 --> 00:59:01,200 said with a hash 1664 00:59:01,200 --> 00:59:03,359 that this is set here so our root 1665 00:59:03,359 --> 00:59:04,960 password has not been set there's no 1666 00:59:04,960 --> 00:59:07,520 hash in here and this is security best 1667 00:59:07,520 --> 00:59:08,960 practice we don't really want to have a 1668 00:59:08,960 --> 00:59:10,799 root password unless we absolutely need 1669 00:59:10,799 --> 00:59:11,520 to 1670 00:59:11,520 --> 00:59:12,960 in this instance we might just want to 1671 00:59:12,960 --> 00:59:15,119 have certain users that can elevate into 1672 00:59:15,119 --> 00:59:18,240 root and then if logging is enabled we 1673 00:59:18,240 --> 00:59:20,880 can then see from our logs who accessed 1674 00:59:20,880 --> 00:59:22,799 that root account at what time you 1675 00:59:22,799 --> 00:59:24,319 really don't want to have a root 1676 00:59:24,319 --> 00:59:26,079 password where anybody can just log in 1677 00:59:26,079 --> 00:59:28,079 with a known password because then that 1678 00:59:28,079 --> 00:59:30,559 eliminates some accountability so best 1679 00:59:30,559 --> 00:59:32,319 practice would say hey if we have a 1680 00:59:32,319 --> 00:59:34,559 linux machine you get all regular user 1681 00:59:34,559 --> 00:59:35,760 accounts and then if you want to run 1682 00:59:35,760 --> 00:59:38,160 something as an elevated privilege 1683 00:59:38,160 --> 00:59:39,359 you're going to do that with your 1684 00:59:39,359 --> 00:59:42,160 account and then use sudo for that 1685 00:59:42,160 --> 00:59:43,040 but 1686 00:59:43,040 --> 00:59:45,760 looking down here we can see the hashes 1687 00:59:45,760 --> 00:59:46,640 for 1688 00:59:46,640 --> 00:59:48,000 this computer 1689 00:59:48,000 --> 00:59:51,280 okay and what's interesting actually is 1690 00:59:51,280 --> 00:59:53,520 kali and john have the same password but 1691 00:59:53,520 --> 00:59:56,319 they have different hashes and that is 1692 00:59:56,319 --> 00:59:58,160 sort of unique if you saw this in a 1693 00:59:58,160 --> 01:00:00,559 windows machine if the password was the 1694 01:00:00,559 --> 01:00:02,400 same on the local machine you would see 1695 01:00:02,400 --> 01:00:04,559 the exact same hash and that is a clear 1696 01:00:04,559 --> 01:00:07,359 indicator that password reuse is in play 1697 01:00:07,359 --> 01:00:09,440 but here it's not so the hashing 1698 01:00:09,440 --> 01:00:11,040 algorithm that's being used is a little 1699 01:00:11,040 --> 01:00:12,400 bit different and it's generating 1700 01:00:12,400 --> 01:00:13,520 different hashes even though the 1701 01:00:13,520 --> 01:00:15,599 password is the same regardless the 1702 01:00:15,599 --> 01:00:17,119 password for both of these accounts is 1703 01:00:17,119 --> 01:00:19,680 password and that's very weak and can 1704 01:00:19,680 --> 01:00:21,280 easily be cracked as we'll find out 1705 01:00:21,280 --> 01:00:22,559 later on 1706 01:00:22,559 --> 01:00:25,760 okay now on to the sudoers file what 1707 01:00:25,760 --> 01:00:27,599 we're going to do is we're going to do a 1708 01:00:27,599 --> 01:00:29,200 pseudo cat 1709 01:00:29,200 --> 01:00:31,680 and we're going to look at etsy 1710 01:00:31,680 --> 01:00:34,240 sudoers just like that and i might have 1711 01:00:34,240 --> 01:00:35,599 typed that a little fast so i'm going to 1712 01:00:35,599 --> 01:00:37,520 go ahead and scroll back up for a second 1713 01:00:37,520 --> 01:00:41,040 pseudo cat etsy sue doers 1714 01:00:41,040 --> 01:00:43,040 okay just like that it should auto tab 1715 01:00:43,040 --> 01:00:44,160 complete 1716 01:00:44,160 --> 01:00:45,520 and from there we're going to come in 1717 01:00:45,520 --> 01:00:47,280 here and we're going to look at who has 1718 01:00:47,280 --> 01:00:48,880 what privileges 1719 01:00:48,880 --> 01:00:51,280 well if you see allow members of a group 1720 01:00:51,280 --> 01:00:54,079 sudo to execute any command and you see 1721 01:00:54,079 --> 01:00:56,240 percent sudo so it's calling sudo from 1722 01:00:56,240 --> 01:00:58,160 somewhere else sometimes we can just 1723 01:00:58,160 --> 01:01:00,000 include users in here we could say hey 1724 01:01:00,000 --> 01:01:03,040 the user cali i want to do these things 1725 01:01:03,040 --> 01:01:04,720 instead this is saying hey anybody a 1726 01:01:04,720 --> 01:01:06,400 part of this group i want to be able to 1727 01:01:06,400 --> 01:01:08,480 do whatever they want they can execute 1728 01:01:08,480 --> 01:01:10,160 any commands like they were the root 1729 01:01:10,160 --> 01:01:11,839 user essentially 1730 01:01:11,839 --> 01:01:13,839 so with that what we're going to do is 1731 01:01:13,839 --> 01:01:16,960 we're going to take a look at who is in 1732 01:01:16,960 --> 01:01:19,599 that percent pseudo group and we can do 1733 01:01:19,599 --> 01:01:22,000 that by using the grep command 1734 01:01:22,000 --> 01:01:23,680 so we can say grep and we're going to 1735 01:01:23,680 --> 01:01:25,839 get really familiar with grep in the 1736 01:01:25,839 --> 01:01:27,599 bash scripting video but basically think 1737 01:01:27,599 --> 01:01:30,960 of grep as pulling out a specific string 1738 01:01:30,960 --> 01:01:34,000 or element out of a file or some 1739 01:01:34,000 --> 01:01:36,000 contents that you want to see it's a 1740 01:01:36,000 --> 01:01:38,319 great way to narrow down specifics and 1741 01:01:38,319 --> 01:01:40,240 pull down only the information that you 1742 01:01:40,240 --> 01:01:41,359 want and we're going to get really 1743 01:01:41,359 --> 01:01:42,880 familiar with it here in a couple of 1744 01:01:42,880 --> 01:01:43,920 videos 1745 01:01:43,920 --> 01:01:45,119 we're going to say grep and then we're 1746 01:01:45,119 --> 01:01:48,000 going to say sudo just like this 1747 01:01:48,000 --> 01:01:49,920 and we're going to do that from etsy 1748 01:01:49,920 --> 01:01:52,559 group 1749 01:01:52,559 --> 01:01:54,400 okay and it says who has a pseudo 1750 01:01:54,400 --> 01:01:57,599 privilege here all we see is kali so our 1751 01:01:57,599 --> 01:01:59,839 user has pseudo privilege if we wanted 1752 01:01:59,839 --> 01:02:01,680 to give privileges to john we'd have to 1753 01:02:01,680 --> 01:02:05,039 add john to the sudo group in the etsy 1754 01:02:05,039 --> 01:02:07,760 group or we could add john specifically 1755 01:02:07,760 --> 01:02:10,319 to the sudoers file and give him 1756 01:02:10,319 --> 01:02:12,400 specific permissions as well 1757 01:02:12,400 --> 01:02:14,319 and as we move on in the course and we 1758 01:02:14,319 --> 01:02:16,880 get into privilege escalation and if you 1759 01:02:16,880 --> 01:02:18,880 ever go into more of the privilege 1760 01:02:18,880 --> 01:02:21,119 escalation courses that we have you'll 1761 01:02:21,119 --> 01:02:23,359 see that we look at pseudo privileges 1762 01:02:23,359 --> 01:02:25,520 immediately when we get onto a machine 1763 01:02:25,520 --> 01:02:28,160 by doing something like sudo-l and we'll 1764 01:02:28,160 --> 01:02:30,319 take a look at those and say okay what 1765 01:02:30,319 --> 01:02:32,160 commands can i run and in this instance 1766 01:02:32,160 --> 01:02:34,880 we could see okay all commands can be 1767 01:02:34,880 --> 01:02:36,559 run here but sometimes that's not the 1768 01:02:36,559 --> 01:02:38,799 case sometimes we can only run one 1769 01:02:38,799 --> 01:02:40,799 specific command or maybe 1770 01:02:40,799 --> 01:02:42,880 john for example we want john to be able 1771 01:02:42,880 --> 01:02:45,200 to run python because john's a developer 1772 01:02:45,200 --> 01:02:47,039 so john can run python with pseudo 1773 01:02:47,039 --> 01:02:49,520 privileges but cannot run anything else 1774 01:02:49,520 --> 01:02:51,440 so something to think about depending on 1775 01:02:51,440 --> 01:02:53,119 the individual and who we want to give 1776 01:02:53,119 --> 01:02:54,319 permissions to 1777 01:02:54,319 --> 01:02:55,839 on that machine they might not have 1778 01:02:55,839 --> 01:02:58,079 privileges to access everything as sudo 1779 01:02:58,079 --> 01:02:59,599 they can actually be limited in what 1780 01:02:59,599 --> 01:03:01,599 they can run as well so that is it for 1781 01:03:01,599 --> 01:03:03,200 this video i'm going to go ahead and 1782 01:03:03,200 --> 01:03:05,760 catch you in the next one 1783 01:03:05,760 --> 01:03:07,680 now we're going to touch on networking 1784 01:03:07,680 --> 01:03:09,920 commands that are relevant to 1785 01:03:09,920 --> 01:03:12,319 penetration testing and relevant to this 1786 01:03:12,319 --> 01:03:13,440 course 1787 01:03:13,440 --> 01:03:14,640 so the first thing that we're going to 1788 01:03:14,640 --> 01:03:18,559 do is we're going to use the ip command 1789 01:03:18,559 --> 01:03:21,520 and that is ipa 1790 01:03:21,520 --> 01:03:24,640 ipa lists all is the way i like to think 1791 01:03:24,640 --> 01:03:25,599 about it 1792 01:03:25,599 --> 01:03:27,839 and you can see here that we have a 1793 01:03:27,839 --> 01:03:30,720 loopback address and we have our eth0 1794 01:03:30,720 --> 01:03:32,640 this is our ethernet address 1795 01:03:32,640 --> 01:03:34,079 and you can see that we have an ip 1796 01:03:34,079 --> 01:03:39,280 address here ipv4 of 192 168 138 140. 1797 01:03:39,280 --> 01:03:42,160 we are on a slash 24 subnet 1798 01:03:42,160 --> 01:03:46,240 and here is our broadcast address here 1799 01:03:46,240 --> 01:03:49,200 we can also see our ipv6 here which is 1800 01:03:49,200 --> 01:03:53,200 nice and we can see our mac address here 1801 01:03:53,200 --> 01:03:55,440 so we can also look at this through the 1802 01:03:55,440 --> 01:03:59,599 i f config command 1803 01:03:59,599 --> 01:04:01,839 and that will show us the same things 1804 01:04:01,839 --> 01:04:04,000 here's ethernet zero here is the 1805 01:04:04,000 --> 01:04:05,200 loopback 1806 01:04:05,200 --> 01:04:08,000 all the same information here ifconfig 1807 01:04:08,000 --> 01:04:10,559 is the old-school way of doing it ipa is 1808 01:04:10,559 --> 01:04:13,200 the newer way of doing it ipa is nice 1809 01:04:13,200 --> 01:04:15,599 and colorful if i'm being honest i still 1810 01:04:15,599 --> 01:04:17,920 use ifconfig because i like the old 1811 01:04:17,920 --> 01:04:20,960 school way of doing things but ipa is 1812 01:04:20,960 --> 01:04:22,880 the new way of doing things and in some 1813 01:04:22,880 --> 01:04:25,920 instances ifconfig requires pseudo to 1814 01:04:25,920 --> 01:04:27,520 even run or may no longer be on a 1815 01:04:27,520 --> 01:04:28,400 machine 1816 01:04:28,400 --> 01:04:30,400 but in some instances ip is not a 1817 01:04:30,400 --> 01:04:31,920 machine depending on 1818 01:04:31,920 --> 01:04:33,599 what type of machine you're on and what 1819 01:04:33,599 --> 01:04:35,440 you access you may need either one of 1820 01:04:35,440 --> 01:04:38,000 these so it's great to show you both 1821 01:04:38,000 --> 01:04:40,400 now while the ipa 1822 01:04:40,400 --> 01:04:42,000 does all 1823 01:04:42,000 --> 01:04:44,960 if only shows the ethernet connection so 1824 01:04:44,960 --> 01:04:47,200 the hardwired connections if we want to 1825 01:04:47,200 --> 01:04:48,960 see wireless connections we need to do 1826 01:04:48,960 --> 01:04:51,280 iw config 1827 01:04:51,280 --> 01:04:52,799 and in this instance you're going to see 1828 01:04:52,799 --> 01:04:54,960 down here that we have no wireless 1829 01:04:54,960 --> 01:04:57,359 connections right now when we get into 1830 01:04:57,359 --> 01:04:59,680 wireless hacking we'll see that we have 1831 01:04:59,680 --> 01:05:01,200 connections established and we'll use 1832 01:05:01,200 --> 01:05:03,839 the iwconfig command but just know for 1833 01:05:03,839 --> 01:05:05,760 now that it's for wireless and if you 1834 01:05:05,760 --> 01:05:08,640 ever need to use it that's what it's for 1835 01:05:08,640 --> 01:05:10,240 let's clear our screen and the next 1836 01:05:10,240 --> 01:05:12,359 thing i want to cover is the 1837 01:05:12,359 --> 01:05:15,359 ipn and n stands for 1838 01:05:15,359 --> 01:05:16,400 neighbor 1839 01:05:16,400 --> 01:05:19,839 the alternative to this is the arp dash 1840 01:05:19,839 --> 01:05:21,359 a 1841 01:05:21,359 --> 01:05:24,000 okay what is arp if you do not know what 1842 01:05:24,000 --> 01:05:26,640 arp is that is the address resolution 1843 01:05:26,640 --> 01:05:27,760 protocol 1844 01:05:27,760 --> 01:05:29,760 this comes from your networking if you 1845 01:05:29,760 --> 01:05:32,000 are not familiar with networking then 1846 01:05:32,000 --> 01:05:33,760 you may need to go study up on a little 1847 01:05:33,760 --> 01:05:34,880 bit of this 1848 01:05:34,880 --> 01:05:37,039 now arp says 1849 01:05:37,039 --> 01:05:39,760 what ip address is associated with what 1850 01:05:39,760 --> 01:05:42,799 mac address and what happens is 1851 01:05:42,799 --> 01:05:45,760 a broadcast message goes out when 1852 01:05:45,760 --> 01:05:48,640 we are trying to identify an ip address 1853 01:05:48,640 --> 01:05:50,400 and a mac address so broadcast goes out 1854 01:05:50,400 --> 01:05:53,599 and it says who has this ip address 1855 01:05:53,599 --> 01:05:55,760 and whoever has the ip address will come 1856 01:05:55,760 --> 01:05:58,160 back and it'll say hey that's me i have 1857 01:05:58,160 --> 01:06:00,640 that ip address and here is my mac 1858 01:06:00,640 --> 01:06:03,839 address so now you can associate my mac 1859 01:06:03,839 --> 01:06:06,880 address with this ip address 1860 01:06:06,880 --> 01:06:09,599 and it is a way to identify 1861 01:06:09,599 --> 01:06:11,920 these two items together and link them 1862 01:06:11,920 --> 01:06:14,160 up so again in this instance we can use 1863 01:06:14,160 --> 01:06:16,960 the iep command or the old arp command 1864 01:06:16,960 --> 01:06:19,119 now the ip command is a little bit 1865 01:06:19,119 --> 01:06:20,960 prettier and a little bit more colorful 1866 01:06:20,960 --> 01:06:24,160 i think easier to read in my opinion but 1867 01:06:24,160 --> 01:06:27,599 either will work in this situation 1868 01:06:27,599 --> 01:06:29,200 another iep command that we're going to 1869 01:06:29,200 --> 01:06:33,039 want to run and know is the ipr command 1870 01:06:33,039 --> 01:06:36,240 now r stands for route you could also 1871 01:06:36,240 --> 01:06:37,920 type in route 1872 01:06:37,920 --> 01:06:40,960 and you'll get similar feedback here 1873 01:06:40,960 --> 01:06:42,799 so what we're looking at is what is 1874 01:06:42,799 --> 01:06:45,359 called a routing table we want to know 1875 01:06:45,359 --> 01:06:48,160 where our traffic is routing and here 1876 01:06:48,160 --> 01:06:50,160 you can see on either one of these that 1877 01:06:50,160 --> 01:06:53,880 we're routing through 192.168.138.0 1878 01:06:54,400 --> 01:06:56,720 we have an open gateway we can see the 1879 01:06:56,720 --> 01:06:58,520 gateway here is 1880 01:06:58,520 --> 01:07:02,319 138.2 we can see our mask here and we 1881 01:07:02,319 --> 01:07:04,319 can find all that information out up 1882 01:07:04,319 --> 01:07:06,799 here as well so it's important to know 1883 01:07:06,799 --> 01:07:08,799 the routing and what's going on 1884 01:07:08,799 --> 01:07:11,359 especially if you are in a network for 1885 01:07:11,359 --> 01:07:13,280 example where you might have multiple 1886 01:07:13,280 --> 01:07:16,400 routes say if we come in and we say oh 1887 01:07:16,400 --> 01:07:17,680 ipa 1888 01:07:17,680 --> 01:07:21,760 okay we're on the 192 168 138 network 1889 01:07:21,760 --> 01:07:23,680 but we just try to connect to only the 1890 01:07:23,680 --> 01:07:25,359 machines on this network we see a slash 1891 01:07:25,359 --> 01:07:28,960 24 we think okay well i know a slash 24 1892 01:07:28,960 --> 01:07:32,640 has 255 potential iep addresses 1893 01:07:32,640 --> 01:07:34,400 and i'm going to go ahead and just stick 1894 01:07:34,400 --> 01:07:37,839 to scanning that subnet and looking for 1895 01:07:37,839 --> 01:07:41,039 those ips on that subnet well if you 1896 01:07:41,039 --> 01:07:42,720 looked at the routing table you might 1897 01:07:42,720 --> 01:07:44,960 actually see that there's a 137 in here 1898 01:07:44,960 --> 01:07:48,799 or 136 or maybe a 10 dot ip address or 1899 01:07:48,799 --> 01:07:51,359 something different than what you have 1900 01:07:51,359 --> 01:07:53,599 here maybe you have the ability to talk 1901 01:07:53,599 --> 01:07:56,160 to other networks even though you're on 1902 01:07:56,160 --> 01:07:58,799 this one slash 24 network 1903 01:07:58,799 --> 01:08:00,079 very important to look at the routing 1904 01:08:00,079 --> 01:08:02,799 table it's also important because in 1905 01:08:02,799 --> 01:08:05,839 real life pen tests we have been on a 1906 01:08:05,839 --> 01:08:08,880 quote unquote segmented network 1907 01:08:08,880 --> 01:08:10,880 and in reality it really wasn't a 1908 01:08:10,880 --> 01:08:12,640 segmented network there just wasn't a 1909 01:08:12,640 --> 01:08:15,200 route to that network so they said that 1910 01:08:15,200 --> 01:08:17,279 we were isolated and we couldn't access 1911 01:08:17,279 --> 01:08:19,759 anything and all we had to do was say 1912 01:08:19,759 --> 01:08:22,000 okay we're gonna go add that network to 1913 01:08:22,000 --> 01:08:24,080 our routing table and what do you know 1914 01:08:24,080 --> 01:08:25,759 we were able to scan and connect to the 1915 01:08:25,759 --> 01:08:27,040 network so 1916 01:08:27,040 --> 01:08:28,960 being able to know your routing table 1917 01:08:28,960 --> 01:08:30,799 being able to understand 1918 01:08:30,799 --> 01:08:33,198 what a route is and how to add routes 1919 01:08:33,198 --> 01:08:34,799 how to remove routes can become 1920 01:08:34,799 --> 01:08:36,719 important as well these are things that 1921 01:08:36,719 --> 01:08:38,880 you should already know 1922 01:08:38,880 --> 01:08:41,279 from general networking i'm showing you 1923 01:08:41,279 --> 01:08:43,279 the commands here for 1924 01:08:43,279 --> 01:08:45,600 basic routing and how to display the 1925 01:08:45,600 --> 01:08:47,920 routing tables 1926 01:08:47,920 --> 01:08:49,679 if you need further information on 1927 01:08:49,679 --> 01:08:51,679 routing tables you should go look that 1928 01:08:51,679 --> 01:08:53,439 up and research that before continuing 1929 01:08:53,439 --> 01:08:56,319 on with the ethical hacking course 1930 01:08:56,319 --> 01:08:58,319 okay last command i want to get through 1931 01:08:58,319 --> 01:09:01,040 that is the ping command so i'm going to 1932 01:09:01,040 --> 01:09:02,880 do an ifconfig again 1933 01:09:02,880 --> 01:09:04,399 and in this instance i'm just going to 1934 01:09:04,399 --> 01:09:07,839 ping 192. 1935 01:09:07,839 --> 01:09:10,719 and i believe earlier i saw a dot 2 was 1936 01:09:10,719 --> 01:09:12,960 my gateway so i'm going to go ahead and 1937 01:09:12,960 --> 01:09:14,799 just hit enter that should talk back to 1938 01:09:14,799 --> 01:09:16,399 me and it does 1939 01:09:16,399 --> 01:09:18,719 now if you are a windows user and you've 1940 01:09:18,719 --> 01:09:21,040 ever used ping before it will only send 1941 01:09:21,040 --> 01:09:23,198 four packets out so it'll check four 1942 01:09:23,198 --> 01:09:24,399 times 1943 01:09:24,399 --> 01:09:26,000 as you can see here 1944 01:09:26,000 --> 01:09:28,158 we are getting more than four packets 1945 01:09:28,158 --> 01:09:30,960 sent we are sending indefinitely 1946 01:09:30,960 --> 01:09:32,080 and i'm gonna go ahead and just hit 1947 01:09:32,080 --> 01:09:34,158 control c and stop that we are 1948 01:09:34,158 --> 01:09:35,439 definitely seeing that we're getting 1949 01:09:35,439 --> 01:09:36,880 responses back 1950 01:09:36,880 --> 01:09:38,479 now there is a way to limit the amount 1951 01:09:38,479 --> 01:09:40,238 that we send and the amount of traffic 1952 01:09:40,238 --> 01:09:41,839 that we're sending but basically what 1953 01:09:41,839 --> 01:09:43,359 we're doing with the ping command is 1954 01:09:43,359 --> 01:09:44,799 we're saying hey 1955 01:09:44,799 --> 01:09:46,880 are you there are you alive can you 1956 01:09:46,880 --> 01:09:48,080 respond to me and let me know you're 1957 01:09:48,080 --> 01:09:50,799 there so i asked the machine at this ip 1958 01:09:50,799 --> 01:09:53,759 address to respond and tell me yes i am 1959 01:09:53,759 --> 01:09:55,800 here now this is called 1960 01:09:55,800 --> 01:09:58,239 icmp traffic 1961 01:09:58,239 --> 01:10:01,679 not all machines permit icmp traffic 1962 01:10:01,679 --> 01:10:03,920 just because we ping a machine and it 1963 01:10:03,920 --> 01:10:05,679 does not respond 1964 01:10:05,679 --> 01:10:10,000 does not mean that it's not online okay 1965 01:10:10,000 --> 01:10:12,400 there are machines that have icmp 1966 01:10:12,400 --> 01:10:14,560 disabled and will not respond to ping 1967 01:10:14,560 --> 01:10:15,600 requests 1968 01:10:15,600 --> 01:10:17,440 but ping is a quick way to see if a 1969 01:10:17,440 --> 01:10:19,280 machine is online and typically by 1970 01:10:19,280 --> 01:10:22,480 default ping or icmp 1971 01:10:22,480 --> 01:10:25,280 is enabled on most machines just as a 1972 01:10:25,280 --> 01:10:27,120 further example we can ping a machine 1973 01:10:27,120 --> 01:10:29,280 that we do not believe to be alive so 1974 01:10:29,280 --> 01:10:31,120 i'm gonna change this to a three i don't 1975 01:10:31,120 --> 01:10:33,199 think there's a three on my network 1976 01:10:33,199 --> 01:10:34,960 and you're gonna see it's gonna try to 1977 01:10:34,960 --> 01:10:36,719 send data and it's just gonna get stuck 1978 01:10:36,719 --> 01:10:39,520 here and say host unreachable 1979 01:10:39,520 --> 01:10:41,920 now again that could potentially mean 1980 01:10:41,920 --> 01:10:43,840 that that host is not there or it could 1981 01:10:43,840 --> 01:10:46,560 potentially mean that the host has icmp 1982 01:10:46,560 --> 01:10:49,280 disabled but we're going to be using 1983 01:10:49,280 --> 01:10:51,679 ping sweeping to identify a host in our 1984 01:10:51,679 --> 01:10:54,640 network and we'll do that here in just a 1985 01:10:54,640 --> 01:10:56,719 couple of videos but i wanted you to get 1986 01:10:56,719 --> 01:10:58,159 familiar with the ping command if you 1987 01:10:58,159 --> 01:11:00,239 weren't familiar already 1988 01:11:00,239 --> 01:11:01,520 now there are some commands in this 1989 01:11:01,520 --> 01:11:03,600 video that we did not talk about for 1990 01:11:03,600 --> 01:11:06,000 example the netstat command 1991 01:11:06,000 --> 01:11:08,080 now the netstat command is used to 1992 01:11:08,080 --> 01:11:10,640 identify what open ports and services 1993 01:11:10,640 --> 01:11:13,040 are there we'll take a look at that more 1994 01:11:13,040 --> 01:11:15,600 later on but just know that that command 1995 01:11:15,600 --> 01:11:17,840 exists and that we're going to do 1996 01:11:17,840 --> 01:11:20,320 due diligence on a command later so any 1997 01:11:20,320 --> 01:11:21,360 of you that are watching that have 1998 01:11:21,360 --> 01:11:23,280 networking background or like hey you 1999 01:11:23,280 --> 01:11:25,440 didn't show netstat that's so important 2000 01:11:25,440 --> 01:11:27,199 you're correct it's coming later on in 2001 01:11:27,199 --> 01:11:29,280 the course so that's it for this video 2002 01:11:29,280 --> 01:11:30,800 we're going to go ahead and move on to 2003 01:11:30,800 --> 01:11:32,800 the next one 2004 01:11:32,800 --> 01:11:35,679 let's now talk about viewing creating 2005 01:11:35,679 --> 01:11:38,080 and editing files and we've done a 2006 01:11:38,080 --> 01:11:40,960 little bit of this in the course already 2007 01:11:40,960 --> 01:11:43,840 you've seen me do something like echo 2008 01:11:43,840 --> 01:11:46,159 hello and remember that prints out to 2009 01:11:46,159 --> 01:11:47,920 the screen 2010 01:11:47,920 --> 01:11:51,360 and we could just echo that again like a 2011 01:11:51,360 --> 01:11:53,920 hello and put that into a file and 2012 01:11:53,920 --> 01:11:55,679 you've seen me do that we'll just call 2013 01:11:55,679 --> 01:11:58,480 this one hey.txt 2014 01:11:58,480 --> 01:12:01,760 and if we ls we should see hey.txt right 2015 01:12:01,760 --> 01:12:03,040 here 2016 01:12:03,040 --> 01:12:05,520 if we do a cat 2017 01:12:05,520 --> 01:12:07,520 a dot txt we should print out to the 2018 01:12:07,520 --> 01:12:09,679 screen hello 2019 01:12:09,679 --> 01:12:11,679 all these should be pretty familiar to 2020 01:12:11,679 --> 01:12:12,960 you 2021 01:12:12,960 --> 01:12:15,600 so let's build upon this let's talk 2022 01:12:15,600 --> 01:12:18,239 about how we can append to this and 2023 01:12:18,239 --> 01:12:20,880 overwrite these files in different ways 2024 01:12:20,880 --> 01:12:22,640 that we can actually 2025 01:12:22,640 --> 01:12:24,400 create and edit files i'm going to clear 2026 01:12:24,400 --> 01:12:26,480 the screen here 2027 01:12:26,480 --> 01:12:28,719 now what if i wanted to add to this file 2028 01:12:28,719 --> 01:12:30,960 and i'm just tabbing up by the way what 2029 01:12:30,960 --> 01:12:33,760 if i want to say hello again 2030 01:12:33,760 --> 01:12:36,000 so i want to say echo hello again into 2031 01:12:36,000 --> 01:12:39,120 this hey.txt file that already exists 2032 01:12:39,120 --> 01:12:41,199 what do we think is going to happen here 2033 01:12:41,199 --> 01:12:43,360 so i'm going to go ahead and hit enter 2034 01:12:43,360 --> 01:12:45,199 and then i'm going to cat out the 2035 01:12:45,199 --> 01:12:47,600 hey.txt 2036 01:12:47,600 --> 01:12:49,520 well now it says hello again it used to 2037 01:12:49,520 --> 01:12:50,800 say hello 2038 01:12:50,800 --> 01:12:53,600 well that is because when we use one 2039 01:12:53,600 --> 01:12:56,400 greater than symbol like this 2040 01:12:56,400 --> 01:12:57,679 what's going to happen is that 2041 01:12:57,679 --> 01:12:59,520 overwrites the file 2042 01:12:59,520 --> 01:13:01,280 so if we tab up 2043 01:13:01,280 --> 01:13:03,440 and if we go over and we just write a 2044 01:13:03,440 --> 01:13:06,480 again again just for fun and let's add a 2045 01:13:06,480 --> 01:13:09,120 second one of these so now there should 2046 01:13:09,120 --> 01:13:11,679 be two of these greater than symbols 2047 01:13:11,679 --> 01:13:13,679 we hit enter 2048 01:13:13,679 --> 01:13:15,280 we cat out 2049 01:13:15,280 --> 01:13:17,520 a dot txt 2050 01:13:17,520 --> 01:13:19,520 and now you can see it says hello again 2051 01:13:19,520 --> 01:13:22,080 and hello again again 2052 01:13:22,080 --> 01:13:24,640 why do we care why are we doing this 2053 01:13:24,640 --> 01:13:26,960 well when we are using 2054 01:13:26,960 --> 01:13:29,120 scripting for example and we want to 2055 01:13:29,120 --> 01:13:30,880 loop through a bunch of information and 2056 01:13:30,880 --> 01:13:32,800 we want to add that information to a 2057 01:13:32,800 --> 01:13:35,280 file we might use something like this 2058 01:13:35,280 --> 01:13:37,520 where if we're gathering say ip 2059 01:13:37,520 --> 01:13:39,440 addresses this is foreshadowing by the 2060 01:13:39,440 --> 01:13:42,159 way say we're gathering ip addresses and 2061 01:13:42,159 --> 01:13:44,400 we are wanting to put them all in a file 2062 01:13:44,400 --> 01:13:45,520 we're going to need to use something 2063 01:13:45,520 --> 01:13:48,400 like a double greater than in order to 2064 01:13:48,400 --> 01:13:51,040 not overwrite the file with one ip 2065 01:13:51,040 --> 01:13:52,719 address we want to list all the ip 2066 01:13:52,719 --> 01:13:54,400 addresses in the file 2067 01:13:54,400 --> 01:13:55,520 so you're going to see that when we get 2068 01:13:55,520 --> 01:13:58,880 into the bash scripting of this section 2069 01:13:58,880 --> 01:14:00,400 let's clear our screen 2070 01:14:00,400 --> 01:14:02,560 another way that we can make a new file 2071 01:14:02,560 --> 01:14:04,880 is just to say touch 2072 01:14:04,880 --> 01:14:07,679 new file.txt 2073 01:14:07,679 --> 01:14:10,480 and if we ls you can see that new 2074 01:14:10,480 --> 01:14:12,880 file.txt is here 2075 01:14:12,880 --> 01:14:15,580 we can cat out new file.txt 2076 01:14:15,580 --> 01:14:16,719 [Music] 2077 01:14:16,719 --> 01:14:19,120 and nothing is going to be in there 2078 01:14:19,120 --> 01:14:20,560 because we didn't tell it to do anything 2079 01:14:20,560 --> 01:14:23,280 we just said touch which creates a file 2080 01:14:23,280 --> 01:14:24,080 so 2081 01:14:24,080 --> 01:14:27,199 we can use a different type of editor to 2082 01:14:27,199 --> 01:14:30,800 try and edit this and save the file 2083 01:14:30,800 --> 01:14:32,560 now there are a few 2084 01:14:32,560 --> 01:14:34,320 editors that we can use within our 2085 01:14:34,320 --> 01:14:36,159 terminal so we can use something called 2086 01:14:36,159 --> 01:14:38,800 nano which is my personal favorite 2087 01:14:38,800 --> 01:14:41,440 you may hear other people talk about vi 2088 01:14:41,440 --> 01:14:42,400 and vim 2089 01:14:42,400 --> 01:14:44,080 you may hear lots of jokes about 2090 01:14:44,080 --> 01:14:46,080 quitting them and how it's impossible to 2091 01:14:46,080 --> 01:14:49,280 quit them and for that reason honestly 2092 01:14:49,280 --> 01:14:51,920 because of the complications and because 2093 01:14:51,920 --> 01:14:53,600 i like simplicity 2094 01:14:53,600 --> 01:14:58,640 i just use nano so we can nano new file 2095 01:14:58,640 --> 01:14:59,520 and 2096 01:14:59,520 --> 01:15:01,600 in here you can type whatever you want 2097 01:15:01,600 --> 01:15:04,239 i'm going to literally say i can type 2098 01:15:04,239 --> 01:15:08,640 whatever i want in here 2099 01:15:08,880 --> 01:15:11,040 and now i'm going to hit ctrl x and 2100 01:15:11,040 --> 01:15:12,320 throughout this course you're going to 2101 01:15:12,320 --> 01:15:14,239 actually see me 2102 01:15:14,239 --> 01:15:15,920 use nano quite a bit 2103 01:15:15,920 --> 01:15:18,320 and we're going to use it for updating 2104 01:15:18,320 --> 01:15:21,600 files and shell code and it's beneficial 2105 01:15:21,600 --> 01:15:23,679 if we log into a machine remotely for 2106 01:15:23,679 --> 01:15:24,800 example 2107 01:15:24,800 --> 01:15:27,280 and we won't have the ability to have a 2108 01:15:27,280 --> 01:15:29,840 graphical user interface type notepad 2109 01:15:29,840 --> 01:15:30,960 which i'm going to show you here in a 2110 01:15:30,960 --> 01:15:33,280 second we might not have the 2111 01:15:33,280 --> 01:15:35,280 luxury of having something like that we 2112 01:15:35,280 --> 01:15:38,640 might have to use nano or vim or an in 2113 01:15:38,640 --> 01:15:40,640 terminal text editor so we're going to 2114 01:15:40,640 --> 01:15:42,640 go ahead and hit ctrl x here i'm going 2115 01:15:42,640 --> 01:15:44,320 to hit y which is going to say yes i 2116 01:15:44,320 --> 01:15:46,080 want to save this file and then i'm 2117 01:15:46,080 --> 01:15:47,679 going to hit enter 2118 01:15:47,679 --> 01:15:49,520 and now if i cut out 2119 01:15:49,520 --> 01:15:51,600 new file.txt 2120 01:15:51,600 --> 01:15:53,760 you can see it says i can type whatever 2121 01:15:53,760 --> 01:15:55,520 i want in here 2122 01:15:55,520 --> 01:15:56,719 lastly we're going to look at a 2123 01:15:56,719 --> 01:15:59,600 graphical notepad so we're going to use 2124 01:15:59,600 --> 01:16:03,440 mousepad we can type in mousepad 2125 01:16:03,440 --> 01:16:07,120 and we can just say new file.txt 2126 01:16:07,120 --> 01:16:09,199 just like we created 2127 01:16:09,199 --> 01:16:11,280 and hidden here you can see that it says 2128 01:16:11,280 --> 01:16:12,880 i can type whatever i want in here and 2129 01:16:12,880 --> 01:16:14,239 that's true 2130 01:16:14,239 --> 01:16:17,280 i can also modify it's just like a 2131 01:16:17,280 --> 01:16:19,600 notepad if you had on windows machine or 2132 01:16:19,600 --> 01:16:22,239 if you've used leaf pad or any sort of 2133 01:16:22,239 --> 01:16:23,840 notepad type material this one's just 2134 01:16:23,840 --> 01:16:27,040 called mousepad so we can control s and 2135 01:16:27,040 --> 01:16:28,880 save and then 2136 01:16:28,880 --> 01:16:32,000 just exit out if we cat out our new file 2137 01:16:32,000 --> 01:16:35,520 again you can see i can also modify 2138 01:16:35,520 --> 01:16:37,040 now throughout this course you might see 2139 01:16:37,040 --> 01:16:39,520 me use a tool called g edit it is not 2140 01:16:39,520 --> 01:16:41,760 installed on this machine yet though we 2141 01:16:41,760 --> 01:16:43,760 are making updates to the course we will 2142 01:16:43,760 --> 01:16:45,360 be using g edit 2143 01:16:45,360 --> 01:16:47,199 anytime you see me use g edit feel free 2144 01:16:47,199 --> 01:16:50,320 to use mousepad instead of g edit it's 2145 01:16:50,320 --> 01:16:52,640 become deprecated offensive security got 2146 01:16:52,640 --> 01:16:54,719 rid of it in kali linux and now if you 2147 01:16:54,719 --> 01:16:56,960 go hit g edit it'll say it's not found 2148 01:16:56,960 --> 01:16:58,400 but you can install it we're not going 2149 01:16:58,400 --> 01:17:00,000 to do that right now 2150 01:17:00,000 --> 01:17:03,280 but when we install tools in a upcoming 2151 01:17:03,280 --> 01:17:05,199 video you will be able to install that 2152 01:17:05,199 --> 01:17:07,280 with one of the tools that we're running 2153 01:17:07,280 --> 01:17:09,760 so anyway just note that we're gonna be 2154 01:17:09,760 --> 01:17:11,760 using mousepad instead of g edit because 2155 01:17:11,760 --> 01:17:14,640 it's the new and latest and greatest 2156 01:17:14,640 --> 01:17:18,000 one last thing with nano or any of these 2157 01:17:18,000 --> 01:17:19,360 tools 2158 01:17:19,360 --> 01:17:21,440 you can make a brand new file so you can 2159 01:17:21,440 --> 01:17:23,640 say like brand new 2160 01:17:23,640 --> 01:17:25,520 file.txt 2161 01:17:25,520 --> 01:17:28,159 and then you can type whatever 2162 01:17:28,159 --> 01:17:29,280 in here 2163 01:17:29,280 --> 01:17:31,600 and control x 2164 01:17:31,600 --> 01:17:32,719 hit y 2165 01:17:32,719 --> 01:17:33,920 hit enter 2166 01:17:33,920 --> 01:17:36,400 and then you can cat out brand new file 2167 01:17:36,400 --> 01:17:38,960 and guess what it's there so the file 2168 01:17:38,960 --> 01:17:41,840 doesn't have to be existing to use nano 2169 01:17:41,840 --> 01:17:44,560 or existing to use mousepad you can 2170 01:17:44,560 --> 01:17:47,040 create new files with these commands as 2171 01:17:47,040 --> 01:17:48,320 well 2172 01:17:48,320 --> 01:17:50,560 so that is it for this video i'm going 2173 01:17:50,560 --> 01:17:52,159 to go ahead and catch you in the next 2174 01:17:52,159 --> 01:17:54,400 one 2175 01:17:54,400 --> 01:17:56,400 another topic we need to talk about is 2176 01:17:56,400 --> 01:17:58,960 starting and stopping services 2177 01:17:58,960 --> 01:18:01,440 we may have a service like a web server 2178 01:18:01,440 --> 01:18:04,400 or ssh or maybe sql or some sort of 2179 01:18:04,400 --> 01:18:07,199 database that we need to start 2180 01:18:07,199 --> 01:18:09,840 while we're already running cali or we 2181 01:18:09,840 --> 01:18:12,480 might want to start a service 2182 01:18:12,480 --> 01:18:14,640 on boot every single time that our 2183 01:18:14,640 --> 01:18:16,400 computer loads if you've ever used 2184 01:18:16,400 --> 01:18:18,480 windows this is similar to 2185 01:18:18,480 --> 01:18:20,080 installing a program and then having 2186 01:18:20,080 --> 01:18:22,480 that boot up on launch it's kind of the 2187 01:18:22,480 --> 01:18:24,320 same thing here if we're installing 2188 01:18:24,320 --> 01:18:26,320 something we want that service to start 2189 01:18:26,320 --> 01:18:28,560 on launch we have to tell our machine to 2190 01:18:28,560 --> 01:18:30,159 do that so we're going to look at how to 2191 01:18:30,159 --> 01:18:31,679 start a service and how to have a 2192 01:18:31,679 --> 01:18:34,000 service start on launch so the first 2193 01:18:34,000 --> 01:18:35,840 service that we're going to look at is 2194 01:18:35,840 --> 01:18:38,640 the apache service and this is what i 2195 01:18:38,640 --> 01:18:41,040 used to use when i first started out as 2196 01:18:41,040 --> 01:18:43,840 an ethical hacker and the reason is is 2197 01:18:43,840 --> 01:18:45,840 that we can spin up our own web server 2198 01:18:45,840 --> 01:18:48,960 fairly easily and host malicious data or 2199 01:18:48,960 --> 01:18:50,719 files or things that we might want to 2200 01:18:50,719 --> 01:18:52,640 access or might want somebody else to 2201 01:18:52,640 --> 01:18:55,040 access so before we run that command i 2202 01:18:55,040 --> 01:18:56,719 do want to do a proof of concept so 2203 01:18:56,719 --> 01:18:58,960 let's do an ifconfig 2204 01:18:58,960 --> 01:19:00,880 and we're going to grab our ip address 2205 01:19:00,880 --> 01:19:03,600 here i'm going to copy this 2206 01:19:03,600 --> 01:19:07,120 and then i want to open up firefox 2207 01:19:07,120 --> 01:19:09,040 from within firefox i'm going to go 2208 01:19:09,040 --> 01:19:11,360 ahead and try to navigate to that ip 2209 01:19:11,360 --> 01:19:13,040 address 2210 01:19:13,040 --> 01:19:14,320 and you're going to see that it says 2211 01:19:14,320 --> 01:19:16,320 it's unable to connect this is exactly 2212 01:19:16,320 --> 01:19:17,920 what we expected 2213 01:19:17,920 --> 01:19:19,679 so now what we're going to do is we're 2214 01:19:19,679 --> 01:19:20,880 going to 2215 01:19:20,880 --> 01:19:23,600 come in here and we're going to say sudo 2216 01:19:23,600 --> 01:19:25,440 service 2217 01:19:25,440 --> 01:19:26,880 apache 2218 01:19:26,880 --> 01:19:28,000 to 2219 01:19:28,000 --> 01:19:29,360 start 2220 01:19:29,360 --> 01:19:31,679 we hit enter it's going to ask for our 2221 01:19:31,679 --> 01:19:35,080 sudo password 2222 01:19:36,000 --> 01:19:38,640 then we have no confirmation of anything 2223 01:19:38,640 --> 01:19:40,400 so let's go ahead and come in back into 2224 01:19:40,400 --> 01:19:41,760 the browser 2225 01:19:41,760 --> 01:19:44,880 and we're going to refresh 2226 01:19:44,960 --> 01:19:47,840 and take away the https 2227 01:19:47,840 --> 01:19:49,760 and now you can see that this is here on 2228 01:19:49,760 --> 01:19:52,719 port 80. so we are actually on http not 2229 01:19:52,719 --> 01:19:55,679 https and we have an apache server 2230 01:19:55,679 --> 01:19:58,400 running now now let's say we wanted to 2231 01:19:58,400 --> 01:20:00,960 stop this service we could we can go in 2232 01:20:00,960 --> 01:20:03,760 here and say sudo service 2233 01:20:03,760 --> 01:20:04,960 apache 2234 01:20:04,960 --> 01:20:07,520 to stop and before we do that i want to 2235 01:20:07,520 --> 01:20:08,960 show you something 2236 01:20:08,960 --> 01:20:11,280 so if we come back into the apache 2 i'm 2237 01:20:11,280 --> 01:20:13,920 going to make this a little bit bigger 2238 01:20:13,920 --> 01:20:16,400 you can see that our files are located 2239 01:20:16,400 --> 01:20:18,760 in the var 2240 01:20:18,760 --> 01:20:21,920 www.html folder and what that is if we 2241 01:20:21,920 --> 01:20:24,880 come to our home folder here 2242 01:20:24,880 --> 01:20:28,080 and we just go to file system 2243 01:20:28,080 --> 01:20:31,040 we scroll down and go to var 2244 01:20:31,040 --> 01:20:33,679 and then we go to www 2245 01:20:33,679 --> 01:20:36,639 html all i'm doing is going to the same 2246 01:20:36,639 --> 01:20:38,320 location here 2247 01:20:38,320 --> 01:20:40,800 why i'm doing this is this is where if i 2248 01:20:40,800 --> 01:20:43,360 wanted to host like a picture or a file 2249 01:20:43,360 --> 01:20:46,280 or malware i could put that in here this 2250 01:20:46,280 --> 01:20:48,639 index.html is the same index page that's 2251 01:20:48,639 --> 01:20:50,639 loaded here like if i open that that's 2252 01:20:50,639 --> 01:20:52,159 literally the same page that's being 2253 01:20:52,159 --> 01:20:54,639 hosted you're seeing it here from a file 2254 01:20:54,639 --> 01:20:56,800 format but now if i go back you can see 2255 01:20:56,800 --> 01:20:59,040 i'm hosting it at this ip address so if 2256 01:20:59,040 --> 01:21:00,719 i wanted to host something malicious i 2257 01:21:00,719 --> 01:21:02,000 could do that 2258 01:21:02,000 --> 01:21:03,600 now in order to stop the service all we 2259 01:21:03,600 --> 01:21:05,199 have to do is say stop 2260 01:21:05,199 --> 01:21:07,280 hit enter then we come back and we 2261 01:21:07,280 --> 01:21:09,199 refresh this page 2262 01:21:09,199 --> 01:21:11,120 you can see that we're now again unable 2263 01:21:11,120 --> 01:21:12,480 to connect 2264 01:21:12,480 --> 01:21:14,320 now i did mention the beginning of this 2265 01:21:14,320 --> 01:21:16,800 video that this was my favorite way to 2266 01:21:16,800 --> 01:21:19,840 host malicious stuff or just host files 2267 01:21:19,840 --> 01:21:21,679 for whatever purpose 2268 01:21:21,679 --> 01:21:23,920 now that has changed 2269 01:21:23,920 --> 01:21:26,400 i now use python to do this 2270 01:21:26,400 --> 01:21:28,320 so we can create a file let's go ahead 2271 01:21:28,320 --> 01:21:31,040 and just say echo hello 2272 01:21:31,040 --> 01:21:32,410 and we're going to do 2273 01:21:32,410 --> 01:21:33,639 [Music] 2274 01:21:33,639 --> 01:21:35,280 hello.txt 2275 01:21:35,280 --> 01:21:37,199 so if we ls we can see that we've got a 2276 01:21:37,199 --> 01:21:39,080 bunch of stuff in here 2277 01:21:39,080 --> 01:21:41,760 hello.txt being one of them so what i'm 2278 01:21:41,760 --> 01:21:44,159 going to do is i'm going to spin up a 2279 01:21:44,159 --> 01:21:46,480 web server on the fly 2280 01:21:46,480 --> 01:21:50,159 with python so i'm going to say python 2281 01:21:50,159 --> 01:21:51,679 3 2282 01:21:51,679 --> 01:21:52,960 dash m 2283 01:21:52,960 --> 01:21:55,760 http.server 2284 01:21:55,760 --> 01:21:58,800 and then i'm going to give it port 80. 2285 01:21:58,800 --> 01:22:00,800 now what we're saying is we want to run 2286 01:22:00,800 --> 01:22:02,719 the module http server and we're going 2287 01:22:02,719 --> 01:22:05,120 to run port 80 here you can put whatever 2288 01:22:05,120 --> 01:22:06,639 port you want 2289 01:22:06,639 --> 01:22:08,159 and you can see now it says hey it's 2290 01:22:08,159 --> 01:22:11,199 hosting up http on port 80 and what's 2291 01:22:11,199 --> 01:22:13,440 going to happen is any file within the 2292 01:22:13,440 --> 01:22:15,440 directory that i'm in is going to now be 2293 01:22:15,440 --> 01:22:17,679 hosted so you can see that i'm hosting 2294 01:22:17,679 --> 01:22:20,639 all this stuff here pretty awesome it's 2295 01:22:20,639 --> 01:22:23,040 a quick way to host up a web server 2296 01:22:23,040 --> 01:22:24,400 without having to start and stop 2297 01:22:24,400 --> 01:22:26,960 services and you can on the fly from 2298 01:22:26,960 --> 01:22:29,360 within a folder just start a web server 2299 01:22:29,360 --> 01:22:31,760 so i think this is the cooler and better 2300 01:22:31,760 --> 01:22:33,520 way to do it so i wanted to show you how 2301 01:22:33,520 --> 01:22:35,520 to start a service but also that python 2302 01:22:35,520 --> 01:22:38,480 has some robust capabilities as well 2303 01:22:38,480 --> 01:22:40,880 if you follow into the python section 2304 01:22:40,880 --> 01:22:44,320 we'll cover how to run an ftp server as 2305 01:22:44,320 --> 01:22:47,040 well which is also fun stuff so i'm 2306 01:22:47,040 --> 01:22:48,800 going to hit control c which is going to 2307 01:22:48,800 --> 01:22:50,639 again shut down the server if i come 2308 01:22:50,639 --> 01:22:52,159 here refresh you'll see that it's now 2309 01:22:52,159 --> 01:22:53,679 shut down 2310 01:22:53,679 --> 01:22:56,080 and we can go ahead and talk about one 2311 01:22:56,080 --> 01:22:58,480 more thing before we go so 2312 01:22:58,480 --> 01:23:00,480 let's say that we wanted a service to 2313 01:23:00,480 --> 01:23:02,960 start when we started our machine 2314 01:23:02,960 --> 01:23:04,880 well for that we're going to use the 2315 01:23:04,880 --> 01:23:09,120 system ctl command system ctl 2316 01:23:09,120 --> 01:23:11,360 and we can say enable 2317 01:23:11,360 --> 01:23:14,880 if we wanted to for example enable ssh 2318 01:23:14,880 --> 01:23:17,440 we can come in here and just enable ssh 2319 01:23:17,440 --> 01:23:20,239 and we just hit enter on this and now 2320 01:23:20,239 --> 01:23:22,560 you can see that it's enabled so when we 2321 01:23:22,560 --> 01:23:25,199 restart the computer ssh will always be 2322 01:23:25,199 --> 01:23:27,040 enabled for us now i'm going to disable 2323 01:23:27,040 --> 01:23:29,280 that this isn't like security best 2324 01:23:29,280 --> 01:23:31,760 practice 2325 01:23:32,480 --> 01:23:34,159 and now you can see that we have 2326 01:23:34,159 --> 01:23:35,520 disabled it 2327 01:23:35,520 --> 01:23:37,440 and we're good to go so if you ever have 2328 01:23:37,440 --> 01:23:38,960 a service that you want to run you just 2329 01:23:38,960 --> 01:23:40,159 need to figure out the name of the 2330 01:23:40,159 --> 01:23:42,400 service and enable that and there may be 2331 01:23:42,400 --> 01:23:44,000 times that you want things to run like 2332 01:23:44,000 --> 01:23:46,719 historically i have ran ssh with it 2333 01:23:46,719 --> 01:23:49,280 enabled or i used to run the apache 2 2334 01:23:49,280 --> 01:23:50,719 server so i didn't have to spin it up 2335 01:23:50,719 --> 01:23:52,239 every time i just had a place to go 2336 01:23:52,239 --> 01:23:54,400 immediately host that but your mileage 2337 01:23:54,400 --> 01:23:55,840 may vary depending on what it is you 2338 01:23:55,840 --> 01:23:57,360 want to run but knowing these commands 2339 01:23:57,360 --> 01:23:59,280 is important in case you need to start 2340 01:23:59,280 --> 01:24:00,960 or stop a service maybe restart a 2341 01:24:00,960 --> 01:24:03,600 service same thing with enabling a 2342 01:24:03,600 --> 01:24:05,840 service at boot up or disabling a 2343 01:24:05,840 --> 01:24:07,440 service at boot up 2344 01:24:07,440 --> 01:24:08,960 so that's it for this video i'll go 2345 01:24:08,960 --> 01:24:12,239 ahead and see you over in the next one 2346 01:24:12,239 --> 01:24:14,239 now let's talk about installing and 2347 01:24:14,239 --> 01:24:16,560 updating tools 2348 01:24:16,560 --> 01:24:17,600 so the first thing that we're going to 2349 01:24:17,600 --> 01:24:19,920 do from our command line is we're going 2350 01:24:19,920 --> 01:24:22,480 to look at how we would update 2351 01:24:22,480 --> 01:24:26,000 our current machine so just like 2352 01:24:26,000 --> 01:24:27,920 other operating systems 2353 01:24:27,920 --> 01:24:30,560 linux machines require updates as well 2354 01:24:30,560 --> 01:24:33,920 and patching can be best practice 2355 01:24:33,920 --> 01:24:37,040 so in order to update and upgrade our 2356 01:24:37,040 --> 01:24:38,719 machine we're going to use the sudo 2357 01:24:38,719 --> 01:24:40,080 command 2358 01:24:40,080 --> 01:24:42,080 and we're going to say 2359 01:24:42,080 --> 01:24:43,040 apt 2360 01:24:43,040 --> 01:24:44,719 apt 2361 01:24:44,719 --> 01:24:46,960 and then we're going to say update 2362 01:24:46,960 --> 01:24:49,840 and upgrade just like that so make sure 2363 01:24:49,840 --> 01:24:52,639 you use two ampersand symbols here 2364 01:24:52,639 --> 01:24:53,920 we're going to do two commands we're 2365 01:24:53,920 --> 01:24:55,840 going to say first i want you to update 2366 01:24:55,840 --> 01:24:58,480 second i want you to upgrade well why 2367 01:24:58,480 --> 01:24:59,920 are we doing this why are we running two 2368 01:24:59,920 --> 01:25:01,760 commands in the first place 2369 01:25:01,760 --> 01:25:04,880 well what we do when we actually install 2370 01:25:04,880 --> 01:25:07,760 items on our cali machine 2371 01:25:07,760 --> 01:25:09,679 we are going out to what are called 2372 01:25:09,679 --> 01:25:11,360 repositories and we're looking through 2373 01:25:11,360 --> 01:25:12,480 packages 2374 01:25:12,480 --> 01:25:14,639 and the update command is going out to 2375 01:25:14,639 --> 01:25:16,639 the known repositories and it is 2376 01:25:16,639 --> 01:25:19,440 updating those repositories and then 2377 01:25:19,440 --> 01:25:21,520 it's going to look at those repositories 2378 01:25:21,520 --> 01:25:22,880 and say okay 2379 01:25:22,880 --> 01:25:25,679 what needs upgraded here so what tools 2380 01:25:25,679 --> 01:25:26,480 have 2381 01:25:26,480 --> 01:25:29,120 upgrades or updates available for them 2382 01:25:29,120 --> 01:25:32,239 that we need so if we run this command 2383 01:25:32,239 --> 01:25:33,600 you're going to see that it's going to 2384 01:25:33,600 --> 01:25:35,440 go through these repositories you can 2385 01:25:35,440 --> 01:25:37,760 see it going through these cali rolling 2386 01:25:37,760 --> 01:25:41,679 and release amd 64 packages and contents 2387 01:25:41,679 --> 01:25:44,400 etc etc it'll take some time 2388 01:25:44,400 --> 01:25:46,719 as it goes through and it updates these 2389 01:25:46,719 --> 01:25:48,159 repositories 2390 01:25:48,159 --> 01:25:50,480 it's going to find what programs we need 2391 01:25:50,480 --> 01:25:52,560 and it'll provide it in a list 2392 01:25:52,560 --> 01:25:54,560 now what you can see is it's asking us 2393 01:25:54,560 --> 01:25:58,080 are you rude so this is a lesson here 2394 01:25:58,080 --> 01:26:00,480 sometimes we have to be the root user we 2395 01:26:00,480 --> 01:26:01,600 can't be 2396 01:26:01,600 --> 01:26:04,800 just a pseudo user to run commands so 2397 01:26:04,800 --> 01:26:06,320 what we're going to do in this instance 2398 01:26:06,320 --> 01:26:09,199 is we're going to sudo switch user 2399 01:26:09,199 --> 01:26:10,480 into root 2400 01:26:10,480 --> 01:26:12,080 now we're root and we're going to run 2401 01:26:12,080 --> 01:26:14,000 that command again we're going to say 2402 01:26:14,000 --> 01:26:16,000 app update 2403 01:26:16,000 --> 01:26:19,920 and apt upgrade 2404 01:26:20,719 --> 01:26:22,320 okay and it's going to run through this 2405 01:26:22,320 --> 01:26:23,920 and then it should provide us with a 2406 01:26:23,920 --> 01:26:26,080 list of what we're going to install 2407 01:26:26,080 --> 01:26:27,840 which if we scroll back up to the top 2408 01:26:27,840 --> 01:26:30,080 you can see that it says hey 2409 01:26:30,080 --> 01:26:31,440 these packages were automatically 2410 01:26:31,440 --> 01:26:34,239 installed and no longer required and it 2411 01:26:34,239 --> 01:26:36,320 says we can use the app auto remove 2412 01:26:36,320 --> 01:26:37,920 command to do that 2413 01:26:37,920 --> 01:26:39,440 it's saying here are the brand new 2414 01:26:39,440 --> 01:26:41,600 packages that need to be installed and 2415 01:26:41,600 --> 01:26:42,960 then here are the packages that are 2416 01:26:42,960 --> 01:26:44,400 going to be upgraded so these are 2417 01:26:44,400 --> 01:26:47,120 already installed such as like apache 2 2418 01:26:47,120 --> 01:26:49,280 has some updates that are required and 2419 01:26:49,280 --> 01:26:50,800 it's going to go through and install all 2420 01:26:50,800 --> 01:26:52,080 these now when you scroll down to the 2421 01:26:52,080 --> 01:26:53,040 bottom 2422 01:26:53,040 --> 01:26:54,719 it's going to say 2423 01:26:54,719 --> 01:26:56,880 you need 801 megabytes and yours might 2424 01:26:56,880 --> 01:26:58,480 be different depending on when you watch 2425 01:26:58,480 --> 01:26:59,760 this video it's going to say do you want 2426 01:26:59,760 --> 01:27:02,080 to continue this operation 2427 01:27:02,080 --> 01:27:05,040 in this instance i'm going to say no 2428 01:27:05,040 --> 01:27:07,199 and the reason that i'm going to say no 2429 01:27:07,199 --> 01:27:10,960 is because updating on kali linux can 2430 01:27:10,960 --> 01:27:13,280 break things you should always have 2431 01:27:13,280 --> 01:27:15,520 almost two copies of your linux right 2432 01:27:15,520 --> 01:27:17,360 you should take a backup copy before you 2433 01:27:17,360 --> 01:27:20,080 ever make an update and there are some 2434 01:27:20,080 --> 01:27:22,000 limitations on being able to make 2435 01:27:22,000 --> 01:27:24,080 backups depending on if you're using 2436 01:27:24,080 --> 01:27:25,760 vmware virtualbox and we're not going to 2437 01:27:25,760 --> 01:27:27,920 get into that right now we just know 2438 01:27:27,920 --> 01:27:30,080 that tools can easily get broken by 2439 01:27:30,080 --> 01:27:32,800 pushing updates and we'll talk about a 2440 01:27:32,800 --> 01:27:35,920 tool that you can use that is up to date 2441 01:27:35,920 --> 01:27:38,159 and kind of makes your cali the latest 2442 01:27:38,159 --> 01:27:40,880 and greatest without breaking anything 2443 01:27:40,880 --> 01:27:42,560 even the current version of cali right 2444 01:27:42,560 --> 01:27:44,719 now 2022.2 2445 01:27:44,719 --> 01:27:47,199 not all the tools work out of the box as 2446 01:27:47,199 --> 01:27:49,040 the way that they should 2447 01:27:49,040 --> 01:27:50,639 we'll talk about that in just a little 2448 01:27:50,639 --> 01:27:53,280 bit so let's say that you wanted to 2449 01:27:53,280 --> 01:27:55,120 install a tool and we're just gonna go 2450 01:27:55,120 --> 01:27:57,120 grab one as an example 2451 01:27:57,120 --> 01:27:58,400 so let's say that there was a tool you 2452 01:27:58,400 --> 01:28:00,639 wanted to install like this kron daemon 2453 01:28:00,639 --> 01:28:03,360 common i'm just going to copy that 2454 01:28:03,360 --> 01:28:06,080 you could come in here and you could say 2455 01:28:06,080 --> 01:28:07,920 apt install 2456 01:28:07,920 --> 01:28:11,120 ron damon common like this hit enter and 2457 01:28:11,120 --> 01:28:12,719 it's going to say oh you want to install 2458 01:28:12,719 --> 01:28:15,280 this just hit yes and it will install 2459 01:28:15,280 --> 01:28:17,120 and it will also upgrade this cron 2460 01:28:17,120 --> 01:28:19,600 package here i'm not going to do that 2461 01:28:19,600 --> 01:28:21,920 but just know that you can also install 2462 01:28:21,920 --> 01:28:23,840 applications as a one-time thing if 2463 01:28:23,840 --> 01:28:26,000 they're a part of the repository that 2464 01:28:26,000 --> 01:28:27,840 you have we're not going to get into 2465 01:28:27,840 --> 01:28:30,400 updating repositories and adding manual 2466 01:28:30,400 --> 01:28:32,000 repositories we don't need to know that 2467 01:28:32,000 --> 01:28:34,320 at this point in our linux careers we 2468 01:28:34,320 --> 01:28:35,920 just need to understand that we're going 2469 01:28:35,920 --> 01:28:38,000 out to repository and we can download 2470 01:28:38,000 --> 01:28:40,800 those items or packages based on what is 2471 01:28:40,800 --> 01:28:42,400 in the repository so updating the 2472 01:28:42,400 --> 01:28:43,840 repository is always good and then we 2473 01:28:43,840 --> 01:28:46,080 check for upgrades available to our 2474 01:28:46,080 --> 01:28:47,280 packages 2475 01:28:47,280 --> 01:28:48,719 in this instance we're not going to do 2476 01:28:48,719 --> 01:28:50,800 any updating or upgrading but there may 2477 01:28:50,800 --> 01:28:52,400 be a time where we need to install a 2478 01:28:52,400 --> 01:28:54,159 specific tool or we go out to the web 2479 01:28:54,159 --> 01:28:56,560 and we have to grab a tool and it says 2480 01:28:56,560 --> 01:28:59,199 hey run this app install command this is 2481 01:28:59,199 --> 01:29:00,800 what it's going to be doing this is how 2482 01:29:00,800 --> 01:29:03,199 we would install something if we need to 2483 01:29:03,199 --> 01:29:04,400 now the next thing that we're going to 2484 01:29:04,400 --> 01:29:07,040 look at is we're going to look at the 2485 01:29:07,040 --> 01:29:08,880 get command 2486 01:29:08,880 --> 01:29:12,000 and git is a tool that runs with github 2487 01:29:12,000 --> 01:29:14,719 i'm going to open up a new firefox 2488 01:29:14,719 --> 01:29:16,560 and i'm going to make this a little bit 2489 01:29:16,560 --> 01:29:18,320 bigger we're going to go to github 2490 01:29:18,320 --> 01:29:19,840 actually let's just go to google we're 2491 01:29:19,840 --> 01:29:21,920 going to go to google 2492 01:29:21,920 --> 01:29:24,639 and a lot of times in our ethical 2493 01:29:24,639 --> 01:29:26,880 hacking careers we're going to be 2494 01:29:26,880 --> 01:29:28,639 searching for tools we're going to come 2495 01:29:28,639 --> 01:29:30,480 out here and we're going to say oh i 2496 01:29:30,480 --> 01:29:32,480 really want to find a tool maybe that 2497 01:29:32,480 --> 01:29:33,440 does 2498 01:29:33,440 --> 01:29:35,360 brute force 2499 01:29:35,360 --> 01:29:37,440 office 365 2500 01:29:37,440 --> 01:29:38,400 and then i might say something like 2501 01:29:38,400 --> 01:29:39,600 github and you can see it's already 2502 01:29:39,600 --> 01:29:41,199 starting to 2503 01:29:41,199 --> 01:29:43,760 fill out and we might go find something 2504 01:29:43,760 --> 01:29:47,199 like okay there's this daft hack tool we 2505 01:29:47,199 --> 01:29:49,360 might click on that and we come in here 2506 01:29:49,360 --> 01:29:51,280 and it might tell you how to install 2507 01:29:51,280 --> 01:29:52,800 this well this is powershell so that's 2508 01:29:52,800 --> 01:29:54,960 not a great example we might come into 2509 01:29:54,960 --> 01:29:56,719 here and we might say okay here's one 2510 01:29:56,719 --> 01:29:58,719 how to install so you go through and 2511 01:29:58,719 --> 01:30:00,719 it'll say here's the usage on how to use 2512 01:30:00,719 --> 01:30:02,560 this and sometimes we'll give you 2513 01:30:02,560 --> 01:30:04,400 installation instructions but a lot of 2514 01:30:04,400 --> 01:30:06,320 times all you will need to do is you'll 2515 01:30:06,320 --> 01:30:08,560 need to come in here and just download 2516 01:30:08,560 --> 01:30:10,880 the code to install the file 2517 01:30:10,880 --> 01:30:12,400 so i'm going to show you a tool that 2518 01:30:12,400 --> 01:30:14,719 we're going to install and run 2519 01:30:14,719 --> 01:30:17,360 we go to google 2520 01:30:17,360 --> 01:30:18,960 and we search for 2521 01:30:18,960 --> 01:30:20,719 pimp my 2522 01:30:20,719 --> 01:30:22,239 cali 2523 01:30:22,239 --> 01:30:23,600 just like that 2524 01:30:23,600 --> 01:30:25,280 you're going to see that we can click in 2525 01:30:25,280 --> 01:30:28,719 here and this tool is available to us to 2526 01:30:28,719 --> 01:30:29,760 download 2527 01:30:29,760 --> 01:30:31,120 now 2528 01:30:31,120 --> 01:30:33,679 one way to look at a tool and see if it 2529 01:30:33,679 --> 01:30:36,159 has any relevancy on github is to look 2530 01:30:36,159 --> 01:30:38,400 up at the number of stars that it has 2531 01:30:38,400 --> 01:30:40,719 and the forks that it has 2532 01:30:40,719 --> 01:30:43,040 anything with like 700 stars like this 2533 01:30:43,040 --> 01:30:44,960 is pretty reputable and you also should 2534 01:30:44,960 --> 01:30:46,880 look at when it was last updated you 2535 01:30:46,880 --> 01:30:48,800 could see that this was last updated 2536 01:30:48,800 --> 01:30:49,920 last month 2537 01:30:49,920 --> 01:30:52,000 now full disclosure dewalt actually 2538 01:30:52,000 --> 01:30:56,000 works for tcm security and is a 2539 01:30:56,000 --> 01:30:57,840 fantastic person if you never got to 2540 01:30:57,840 --> 01:30:59,679 interact with dewalt he is somebody that 2541 01:30:59,679 --> 01:31:02,400 is awesome and a great resource he built 2542 01:31:02,400 --> 01:31:03,440 this out 2543 01:31:03,440 --> 01:31:04,639 because 2544 01:31:04,639 --> 01:31:06,239 there were so many issues with kali 2545 01:31:06,239 --> 01:31:08,159 linux and the 2546 01:31:08,159 --> 01:31:10,400 tools that were coming freshly installed 2547 01:31:10,400 --> 01:31:12,639 like in 2022.2 2548 01:31:12,639 --> 01:31:14,159 don't always work in the way that we 2549 01:31:14,159 --> 01:31:16,239 intend them to work so a lot of tools 2550 01:31:16,239 --> 01:31:18,800 are broken some things need downgraded 2551 01:31:18,800 --> 01:31:20,400 and there's a lot of options in here 2552 01:31:20,400 --> 01:31:22,560 that can tell you hey here's what we can 2553 01:31:22,560 --> 01:31:24,960 fix like we can fix different missing 2554 01:31:24,960 --> 01:31:27,120 issues that are going on or we can fix 2555 01:31:27,120 --> 01:31:30,080 go laying or fix impact it and you don't 2556 01:31:30,080 --> 01:31:31,040 have to worry about what any of that 2557 01:31:31,040 --> 01:31:33,199 means right now until we get into pen 2558 01:31:33,199 --> 01:31:35,360 testing but this is something that we 2559 01:31:35,360 --> 01:31:38,480 actually do install and run when we 2560 01:31:38,480 --> 01:31:40,719 build out our lab machines or we build 2561 01:31:40,719 --> 01:31:43,120 out our machines for even 2562 01:31:43,120 --> 01:31:44,960 hacking on clients this is such a 2563 01:31:44,960 --> 01:31:47,280 well-done tool and he tells you in here 2564 01:31:47,280 --> 01:31:50,320 how to install it he says hey get clone 2565 01:31:50,320 --> 01:31:52,239 right here off of this 2566 01:31:52,239 --> 01:31:54,239 address we can also come up here we can 2567 01:31:54,239 --> 01:31:56,480 go to the code and we can just copy 2568 01:31:56,480 --> 01:31:59,040 we say copy pimp my cali right here and 2569 01:31:59,040 --> 01:32:00,800 then we'll come in and we can just say 2570 01:32:00,800 --> 01:32:02,880 get clone 2571 01:32:02,880 --> 01:32:04,320 actually let's switch user i'm sorry 2572 01:32:04,320 --> 01:32:07,280 let's sudo or let's switch user back to 2573 01:32:07,280 --> 01:32:08,560 ali 2574 01:32:08,560 --> 01:32:10,000 and we'll enter 2575 01:32:10,000 --> 01:32:11,920 here and then what i like to do when i 2576 01:32:11,920 --> 01:32:14,320 install tools is i like to install them 2577 01:32:14,320 --> 01:32:17,600 into the op folder the opt folder 2578 01:32:17,600 --> 01:32:19,760 so from here we're going to run 2579 01:32:19,760 --> 01:32:21,840 git clone 2580 01:32:21,840 --> 01:32:24,400 paste that 2581 01:32:24,800 --> 01:32:26,480 actually we're going to run sudo get 2582 01:32:26,480 --> 01:32:28,719 clone i apologize 2583 01:32:28,719 --> 01:32:32,639 and then enter your password 2584 01:32:33,600 --> 01:32:35,920 and now if we look in here 2585 01:32:35,920 --> 01:32:38,159 we should have pimp my cali which we do 2586 01:32:38,159 --> 01:32:41,840 so if we cd2 pimp my cali 2587 01:32:41,840 --> 01:32:44,080 and now we ls we can see that we have 2588 01:32:44,080 --> 01:32:46,639 the pimpmycali.sh script 2589 01:32:46,639 --> 01:32:48,880 if you come back into the website 2590 01:32:48,880 --> 01:32:51,199 it will tell you how to run and operate 2591 01:32:51,199 --> 01:32:52,080 this 2592 01:32:52,080 --> 01:32:53,760 any decent 2593 01:32:53,760 --> 01:32:56,560 github will say hey here's how you run 2594 01:32:56,560 --> 01:32:58,639 this script so it says hey you just run 2595 01:32:58,639 --> 01:33:02,239 sudo at mykali this is for a new cali vm 2596 01:33:02,239 --> 01:33:04,719 you just need to run menu option and 2597 01:33:04,719 --> 01:33:08,000 we're going to copy this and paste it 2598 01:33:08,000 --> 01:33:10,320 and then we're gonna run it 2599 01:33:10,320 --> 01:33:12,159 so now this tells you what do you want 2600 01:33:12,159 --> 01:33:13,120 to do 2601 01:33:13,120 --> 01:33:15,520 well here's all the different options n 2602 01:33:15,520 --> 01:33:17,600 is a new vm setup run this option as 2603 01:33:17,600 --> 01:33:20,000 your first time running pimp my cali 2604 01:33:20,000 --> 01:33:22,880 okay so that's going to fix all the 2605 01:33:22,880 --> 01:33:25,040 things for you i'm going to go ahead and 2606 01:33:25,040 --> 01:33:26,880 hit n and let this run 2607 01:33:26,880 --> 01:33:28,719 it's going to go out and fetch some 2608 01:33:28,719 --> 01:33:30,800 stuff from repositories and it's running 2609 01:33:30,800 --> 01:33:33,360 apt update and now it's going to install 2610 01:33:33,360 --> 01:33:35,920 certain tools and packages and uninstall 2611 01:33:35,920 --> 01:33:38,000 certain tools and packages 2612 01:33:38,000 --> 01:33:40,159 and uninstall certain tools and packages 2613 01:33:40,159 --> 01:33:42,239 as you can see it's rolling through here 2614 01:33:42,239 --> 01:33:43,840 so go ahead and let this run i'm going 2615 01:33:43,840 --> 01:33:45,920 to pause the video here for a second and 2616 01:33:45,920 --> 01:33:47,840 then meet me back when you're at the 2617 01:33:47,840 --> 01:33:49,760 next screen where you can actually enter 2618 01:33:49,760 --> 01:33:52,480 in any sort of command 2619 01:33:52,480 --> 01:33:54,719 okay so it's been about five minutes and 2620 01:33:54,719 --> 01:33:57,040 we get to this page here 2621 01:33:57,040 --> 01:33:58,560 and you can see that it's asking us if 2622 01:33:58,560 --> 01:34:00,080 we want to run 2623 01:34:00,080 --> 01:34:03,040 root login installation it explains that 2624 01:34:03,040 --> 01:34:06,400 in cali 2019 point x the default user 2625 01:34:06,400 --> 01:34:07,840 used to be root which we talked about 2626 01:34:07,840 --> 01:34:09,840 early on in this course and now that 2627 01:34:09,840 --> 01:34:11,040 they've switched it to cali which is 2628 01:34:11,040 --> 01:34:12,639 what we've been using 2629 01:34:12,639 --> 01:34:14,560 now do we want to re-enable the ability 2630 01:34:14,560 --> 01:34:17,360 to log in as root in cali 2631 01:34:17,360 --> 01:34:20,080 in this instance i'm going to choose yes 2632 01:34:20,080 --> 01:34:21,520 however 2633 01:34:21,520 --> 01:34:24,320 you need to make sure that you are 2634 01:34:24,320 --> 01:34:26,159 comfortable and capable 2635 01:34:26,159 --> 01:34:28,880 of running as root 2636 01:34:28,880 --> 01:34:31,920 in linux if you do not feel comfortable 2637 01:34:31,920 --> 01:34:34,000 stick with running as cali you're going 2638 01:34:34,000 --> 01:34:35,920 to see me throughout the course as we 2639 01:34:35,920 --> 01:34:37,840 get into the ethical hacking section 2640 01:34:37,840 --> 01:34:40,480 running as root just know that there may 2641 01:34:40,480 --> 01:34:41,920 be times where you might need to use 2642 01:34:41,920 --> 01:34:45,119 sudo or you may need to switch user into 2643 01:34:45,119 --> 01:34:46,880 root as you saw me do with upgrading 2644 01:34:46,880 --> 01:34:49,119 packages just a few minutes ago 2645 01:34:49,119 --> 01:34:52,080 that may be required so if you're 2646 01:34:52,080 --> 01:34:54,320 understanding of that you can hit no on 2647 01:34:54,320 --> 01:34:55,920 this screen and that's perfectly okay 2648 01:34:55,920 --> 01:34:58,400 security best practice suggest to hit no 2649 01:34:58,400 --> 01:35:00,000 i'm going to hit yes because i feel 2650 01:35:00,000 --> 01:35:01,760 comfortable running as root i'm the only 2651 01:35:01,760 --> 01:35:03,440 user on this machine 2652 01:35:03,440 --> 01:35:05,040 and i don't have any accountability or 2653 01:35:05,040 --> 01:35:07,440 repudiation to worry about i'm going to 2654 01:35:07,440 --> 01:35:10,800 give a new password for this 2655 01:35:12,159 --> 01:35:14,560 and i'm going to enter it again 2656 01:35:14,560 --> 01:35:15,920 and now it's going to ask if we want to 2657 01:35:15,920 --> 01:35:18,320 copy everything over from our cali 2658 01:35:18,320 --> 01:35:19,920 folder into our root folder i'm going to 2659 01:35:19,920 --> 01:35:22,480 say no 2660 01:35:24,880 --> 01:35:26,400 and now it's going to continue on 2661 01:35:26,400 --> 01:35:28,000 installing so we're going to let this 2662 01:35:28,000 --> 01:35:29,360 run again 2663 01:35:29,360 --> 01:35:30,880 go ahead and pause the video if you need 2664 01:35:30,880 --> 01:35:32,880 to and then we'll meet you back when 2665 01:35:32,880 --> 01:35:36,080 this is all said and done 2666 01:35:36,080 --> 01:35:38,480 okay and when everything is said and 2667 01:35:38,480 --> 01:35:40,000 done which it took about 10 minutes to 2668 01:35:40,000 --> 01:35:41,440 get through all that 2669 01:35:41,440 --> 01:35:43,679 you should get to this all done happy 2670 01:35:43,679 --> 01:35:46,400 hacking screen right here and everything 2671 01:35:46,400 --> 01:35:48,960 should be installed for you if you chose 2672 01:35:48,960 --> 01:35:51,440 to go the root route that's a weird 2673 01:35:51,440 --> 01:35:52,880 thing to say if you chose to go the root 2674 01:35:52,880 --> 01:35:56,000 route you can log out and log back in as 2675 01:35:56,000 --> 01:35:59,040 root and begin using linux as root 2676 01:35:59,040 --> 01:36:01,040 otherwise you can continue on with this 2677 01:36:01,040 --> 01:36:02,000 lesson 2678 01:36:02,000 --> 01:36:04,880 using cali as your main user we're gonna 2679 01:36:04,880 --> 01:36:07,679 go ahead and move on to the next video 2680 01:36:07,679 --> 01:36:09,679 last video in the section and this is 2681 01:36:09,679 --> 01:36:12,000 going to be one of my favorites so what 2682 01:36:12,000 --> 01:36:13,440 we're going to be talking about is 2683 01:36:13,440 --> 01:36:16,080 scripting with bash i'm going to show 2684 01:36:16,080 --> 01:36:18,400 you some cool tricks that we can do to 2685 01:36:18,400 --> 01:36:20,800 kind of narrow down some of the results 2686 01:36:20,800 --> 01:36:22,080 that we get and then i'm going to show 2687 01:36:22,080 --> 01:36:23,360 you how you can automate some of that 2688 01:36:23,360 --> 01:36:25,440 process and we'll take that and even 2689 01:36:25,440 --> 01:36:27,760 write out some for loops and one line 2690 01:36:27,760 --> 01:36:30,000 loops which this might not make any 2691 01:36:30,000 --> 01:36:31,440 sense right now and that's absolutely 2692 01:36:31,440 --> 01:36:33,520 okay but by the time the video is done 2693 01:36:33,520 --> 01:36:35,760 hopefully it does so the first thing i 2694 01:36:35,760 --> 01:36:38,239 want to show you is i want to show you 2695 01:36:38,239 --> 01:36:40,960 how we're going to write a ping sweep so 2696 01:36:40,960 --> 01:36:42,080 we're going to write a ping sleeper 2697 01:36:42,080 --> 01:36:43,840 basically we're going to go out and say 2698 01:36:43,840 --> 01:36:45,760 i want to ping a device if that device 2699 01:36:45,760 --> 01:36:47,360 is alive go ahead and show me that 2700 01:36:47,360 --> 01:36:48,800 result and we're going to sweep an 2701 01:36:48,800 --> 01:36:50,239 entire network 2702 01:36:50,239 --> 01:36:51,840 so what we're going to do first is we're 2703 01:36:51,840 --> 01:36:54,400 going to identify a device that's alive 2704 01:36:54,400 --> 01:36:56,719 so we can test this out and then build 2705 01:36:56,719 --> 01:36:58,880 upon that so you can go ahead and type 2706 01:36:58,880 --> 01:37:00,639 in ifconfig 2707 01:37:00,639 --> 01:37:02,560 and then just hit enter 2708 01:37:02,560 --> 01:37:04,000 now my 2709 01:37:04,000 --> 01:37:07,119 ethernet here is on a natted network so 2710 01:37:07,119 --> 01:37:09,040 i'm running through 2711 01:37:09,040 --> 01:37:12,080 a different uh ip address subnet here so 2712 01:37:12,080 --> 01:37:16,880 this one is 192 168 57 150. my actual ip 2713 01:37:16,880 --> 01:37:19,199 address is on a dot 4 2714 01:37:19,199 --> 01:37:22,639 dot x here so i'm going to for this 2715 01:37:22,639 --> 01:37:25,440 example i'm going to be pinging 2716 01:37:25,440 --> 01:37:28,440 192.168.4.29 2717 01:37:29,679 --> 01:37:31,840 however and you can see here's the ping 2718 01:37:31,840 --> 01:37:33,119 that we're getting back 2719 01:37:33,119 --> 01:37:35,520 however if you are 2720 01:37:35,520 --> 01:37:37,920 unsure of a ip address in your house 2721 01:37:37,920 --> 01:37:39,840 that is active or your subnet in your 2722 01:37:39,840 --> 01:37:43,840 house that's okay you can just run 57.1 2723 01:37:43,840 --> 01:37:46,080 for this example you might not get a lot 2724 01:37:46,080 --> 01:37:48,000 of return results however you might only 2725 01:37:48,000 --> 01:37:50,320 get one or two when we do this sweep so 2726 01:37:50,320 --> 01:37:52,239 i advise you to figure out what your ip 2727 01:37:52,239 --> 01:37:53,600 address is that's a good challenge 2728 01:37:53,600 --> 01:37:54,800 anyway 2729 01:37:54,800 --> 01:37:56,560 and if you are familiar with networking 2730 01:37:56,560 --> 01:37:57,920 which you should be at this point then 2731 01:37:57,920 --> 01:37:59,520 you should be able to determine the ip 2732 01:37:59,520 --> 01:38:01,600 address of your home network but if you 2733 01:38:01,600 --> 01:38:04,800 do not do that then you can use 57.1 or 2734 01:38:04,800 --> 01:38:06,719 whatever your ip address is here on this 2735 01:38:06,719 --> 01:38:09,360 third octet so that will also work if 2736 01:38:09,360 --> 01:38:10,880 you see that 2737 01:38:10,880 --> 01:38:12,400 all right so i'm going to clear this now 2738 01:38:12,400 --> 01:38:15,199 what are we noticing when we're pinging 2739 01:38:15,199 --> 01:38:16,719 we're pinging this address and we're 2740 01:38:16,719 --> 01:38:18,480 getting some data back 2741 01:38:18,480 --> 01:38:20,480 now if we ping an active address you can 2742 01:38:20,480 --> 01:38:23,440 see that we get okay 64 bytes from 2743 01:38:23,440 --> 01:38:25,600 192.1684.29 2744 01:38:25,600 --> 01:38:27,199 it's saying it's active we're getting 2745 01:38:27,199 --> 01:38:28,560 details back 2746 01:38:28,560 --> 01:38:29,760 if we were to 2747 01:38:29,760 --> 01:38:33,040 ping something let me do like 41 2748 01:38:33,040 --> 01:38:35,440 where we just don't get any data back 2749 01:38:35,440 --> 01:38:37,199 okay and let's try this one more time 2750 01:38:37,199 --> 01:38:38,320 let's try this a different way let's do 2751 01:38:38,320 --> 01:38:40,320 like a count of one dash c of one will 2752 01:38:40,320 --> 01:38:42,159 do a count of one 2753 01:38:42,159 --> 01:38:43,760 it's going to try to send one packet 2754 01:38:43,760 --> 01:38:45,600 over and see if it works 2755 01:38:45,600 --> 01:38:47,440 nothing's happening right it's trying to 2756 01:38:47,440 --> 01:38:49,679 transmit that packet you could see that 2757 01:38:49,679 --> 01:38:51,679 it's getting zero received here where 2758 01:38:51,679 --> 01:38:53,679 here is getting four received 2759 01:38:53,679 --> 01:38:55,199 no data is coming back it's just not 2760 01:38:55,199 --> 01:38:58,239 doing anything for us so the thing that 2761 01:38:58,239 --> 01:39:00,480 we can identify here is what's the big 2762 01:39:00,480 --> 01:39:03,280 difference if we look at line one 2763 01:39:03,280 --> 01:39:06,880 and two versus line one and two 2764 01:39:06,880 --> 01:39:09,280 what are we seeing when we get data back 2765 01:39:09,280 --> 01:39:10,880 well the big difference here is we're 2766 01:39:10,880 --> 01:39:12,880 well two of them i guess we see that we 2767 01:39:12,880 --> 01:39:14,960 get this response right that's big 2768 01:39:14,960 --> 01:39:16,800 difference and then down here it'll say 2769 01:39:16,800 --> 01:39:18,719 hey we receive some packets if it's not 2770 01:39:18,719 --> 01:39:21,440 zero now the easy way to do this is to 2771 01:39:21,440 --> 01:39:23,920 look at a line that says hey we received 2772 01:39:23,920 --> 01:39:26,639 data which is this line here okay 2773 01:39:26,639 --> 01:39:28,400 now what i want to do is i want to 2774 01:39:28,400 --> 01:39:30,320 narrow this down just a little bit what 2775 01:39:30,320 --> 01:39:31,679 we're going to say is we're just going 2776 01:39:31,679 --> 01:39:34,400 to do a ping of one time so i'm going to 2777 01:39:34,400 --> 01:39:36,000 clear this i'm going to bring it back to 2778 01:39:36,000 --> 01:39:37,520 this like this 2779 01:39:37,520 --> 01:39:39,600 i'm going to do a count of 1 2780 01:39:39,600 --> 01:39:40,800 and that should just ping once and 2781 01:39:40,800 --> 01:39:42,159 that's perfect we don't need to ping 2782 01:39:42,159 --> 01:39:43,920 endlessly we just want to make sure we 2783 01:39:43,920 --> 01:39:46,000 can ping once and then we're done 2784 01:39:46,000 --> 01:39:47,600 okay and then from here i'm going to put 2785 01:39:47,600 --> 01:39:49,440 this into a text file i'm just going to 2786 01:39:49,440 --> 01:39:52,239 call this ip.txt just like that 2787 01:39:52,239 --> 01:39:56,000 so when i cut out ip.txt 2788 01:39:56,000 --> 01:39:58,400 now you can see that i have this file 2789 01:39:58,400 --> 01:39:59,600 it's stored i don't have to run the 2790 01:39:59,600 --> 01:40:01,840 command again we're good to go 2791 01:40:01,840 --> 01:40:03,440 so what we're going to do now is we can 2792 01:40:03,440 --> 01:40:04,960 take this and then we can start 2793 01:40:04,960 --> 01:40:07,679 gathering data based off of what we see 2794 01:40:07,679 --> 01:40:08,639 here 2795 01:40:08,639 --> 01:40:10,800 so what i want to do 2796 01:40:10,800 --> 01:40:13,760 is i want to just extract this one line 2797 01:40:13,760 --> 01:40:18,400 here the 64 bytes from 192 168 4.29 2798 01:40:18,400 --> 01:40:20,719 and the best way to do that is with a 2799 01:40:20,719 --> 01:40:22,719 command called grep 2800 01:40:22,719 --> 01:40:25,199 so grep is going to look for a specific 2801 01:40:25,199 --> 01:40:27,040 term or phrase 2802 01:40:27,040 --> 01:40:28,480 and we can do that and it's going to 2803 01:40:28,480 --> 01:40:30,639 pull down any line that has that term or 2804 01:40:30,639 --> 01:40:33,520 phrase so if i say grep here and then i 2805 01:40:33,520 --> 01:40:38,159 just put in quotation 64 bytes like this 2806 01:40:38,159 --> 01:40:40,239 now when i cut out this all i'm pulling 2807 01:40:40,239 --> 01:40:41,760 down is this line and it's even 2808 01:40:41,760 --> 01:40:42,960 highlighting it for us it's saying 2809 01:40:42,960 --> 01:40:45,360 here's the line that we see 64 bytes 2810 01:40:45,360 --> 01:40:48,400 from 192.168. okay so we've extracted 2811 01:40:48,400 --> 01:40:49,840 just the one line and why am i 2812 01:40:49,840 --> 01:40:51,760 extracting this line well if we're 2813 01:40:51,760 --> 01:40:54,320 building out a ping sweeper what i want 2814 01:40:54,320 --> 01:40:57,280 to do is i want to sweep every single ip 2815 01:40:57,280 --> 01:40:58,560 within a 2816 01:40:58,560 --> 01:41:01,920 specific subnet so say this dot 4 right 2817 01:41:01,920 --> 01:41:04,639 i want to ping 2818 01:41:04,679 --> 01:41:08,800 4.1.2.3 all the way through 254 255. i 2819 01:41:08,800 --> 01:41:11,040 want to see if i can get through all the 2820 01:41:11,040 --> 01:41:13,360 ip addresses in a subnet 2821 01:41:13,360 --> 01:41:14,800 so what we're going to do is we're going 2822 01:41:14,800 --> 01:41:16,480 to ping every single one of them and say 2823 01:41:16,480 --> 01:41:19,040 hey are you up are you there and we're 2824 01:41:19,040 --> 01:41:20,719 gonna do it with the count of one 2825 01:41:20,719 --> 01:41:22,639 and we're gonna say are you there okay 2826 01:41:22,639 --> 01:41:23,679 and if they're there they're gonna say 2827 01:41:23,679 --> 01:41:25,679 yeah i'm here 64 bytes here's my 2828 01:41:25,679 --> 01:41:28,080 response and it's going to say 64 bytes 2829 01:41:28,080 --> 01:41:30,960 from this ip address so we want to 2830 01:41:30,960 --> 01:41:32,880 extract the ip addresses to say yeah 2831 01:41:32,880 --> 01:41:35,040 we're alive that's basically our goal 2832 01:41:35,040 --> 01:41:37,440 here so when we run this on a bigger 2833 01:41:37,440 --> 01:41:39,440 scale which is what we're going to do 2834 01:41:39,440 --> 01:41:41,040 we're going to need to grep out this 2835 01:41:41,040 --> 01:41:43,040 information and extract this information 2836 01:41:43,040 --> 01:41:45,119 to where we only just get the ip address 2837 01:41:45,119 --> 01:41:46,400 back 2838 01:41:46,400 --> 01:41:48,000 okay so what we're going to do now is 2839 01:41:48,000 --> 01:41:50,159 we're going to start narrowing down and 2840 01:41:50,159 --> 01:41:51,760 grabbing this ip address and then i'm 2841 01:41:51,760 --> 01:41:52,800 going to show you how we're going to 2842 01:41:52,800 --> 01:41:55,760 take this all in one instance and run it 2843 01:41:55,760 --> 01:41:58,159 and then extract ip addresses so from 2844 01:41:58,159 --> 01:41:59,040 here 2845 01:41:59,040 --> 01:42:00,400 what i want to do 2846 01:42:00,400 --> 01:42:03,119 is i want to do another command so every 2847 01:42:03,119 --> 01:42:05,280 time we pipe we're saying hey run this 2848 01:42:05,280 --> 01:42:06,480 command 2849 01:42:06,480 --> 01:42:09,119 then with that command run this command 2850 01:42:09,119 --> 01:42:12,000 then also run this command too so we're 2851 01:42:12,000 --> 01:42:13,600 going to keep running this command on 2852 01:42:13,600 --> 01:42:14,800 top of this 2853 01:42:14,800 --> 01:42:16,800 to narrow things down so here's what 2854 01:42:16,800 --> 01:42:18,320 we're doing here we're going to run a 2855 01:42:18,320 --> 01:42:20,159 command called cut 2856 01:42:20,159 --> 01:42:21,760 and with cut we're going to say i want 2857 01:42:21,760 --> 01:42:23,840 to cut something out of this 2858 01:42:23,840 --> 01:42:25,280 we need to provide it what is called a 2859 01:42:25,280 --> 01:42:28,560 delimiter so we do a dash d like this 2860 01:42:28,560 --> 01:42:30,320 and the delimiter i'm going to use is a 2861 01:42:30,320 --> 01:42:31,840 space 2862 01:42:31,840 --> 01:42:33,679 and then i'm going to say dash f for 2863 01:42:33,679 --> 01:42:36,159 field and then i'm going to say 4 2864 01:42:36,159 --> 01:42:38,480 okay what is this doing well it's saying 2865 01:42:38,480 --> 01:42:41,280 hey i want to cut this line that you're 2866 01:42:41,280 --> 01:42:42,560 getting back 2867 01:42:42,560 --> 01:42:45,119 on a space so the delimiter's a space so 2868 01:42:45,119 --> 01:42:47,119 here's a space here's a space here's a 2869 01:42:47,119 --> 01:42:50,320 space and it says i want to count up to 2870 01:42:50,320 --> 01:42:54,480 four to grab that data so one two three 2871 01:42:54,480 --> 01:42:55,440 four 2872 01:42:55,440 --> 01:42:56,400 right here 2873 01:42:56,400 --> 01:42:59,040 so if we say 4 here like this we hit 2874 01:42:59,040 --> 01:43:01,600 enter we're grabbing that specific ip 2875 01:43:01,600 --> 01:43:04,960 address because we're doing it by spaces 2876 01:43:04,960 --> 01:43:06,639 if we did it on 3 what do you think 2877 01:43:06,639 --> 01:43:07,920 we're going to grab we're going to grab 2878 01:43:07,920 --> 01:43:09,280 the word from 2879 01:43:09,280 --> 01:43:11,119 so you can see here it's from 2880 01:43:11,119 --> 01:43:13,360 so what i want to do is grab the ip so 2881 01:43:13,360 --> 01:43:15,119 we're going to use this cut just like 2882 01:43:15,119 --> 01:43:17,600 this use our delimiter and then get to 2883 01:43:17,600 --> 01:43:19,440 the correct field position that we want 2884 01:43:19,440 --> 01:43:21,520 to grab the ip address 2885 01:43:21,520 --> 01:43:23,760 all right so we've got the ip address 2886 01:43:23,760 --> 01:43:25,920 now there's only one thing wrong here 2887 01:43:25,920 --> 01:43:28,480 with this ip address is that there is a 2888 01:43:28,480 --> 01:43:30,560 little colon on the end of it we just 2889 01:43:30,560 --> 01:43:32,320 want this without a colon at all we want 2890 01:43:32,320 --> 01:43:34,159 it just like this now there's a couple 2891 01:43:34,159 --> 01:43:35,520 ways we can do this we could use 2892 01:43:35,520 --> 01:43:37,840 something called said says a little bit 2893 01:43:37,840 --> 01:43:39,679 complicated and a little bit advanced i 2894 01:43:39,679 --> 01:43:41,840 would say for where we're at right now 2895 01:43:41,840 --> 01:43:43,679 so i'd rather teach you an easier way to 2896 01:43:43,679 --> 01:43:46,800 do this and that is called translate so 2897 01:43:46,800 --> 01:43:49,040 with translate all we're going to do is 2898 01:43:49,040 --> 01:43:50,800 we're going to do one more pipe like 2899 01:43:50,800 --> 01:43:53,040 this and we're just going to say tr for 2900 01:43:53,040 --> 01:43:54,159 translate 2901 01:43:54,159 --> 01:43:56,560 a dash d for a delimiter again and then 2902 01:43:56,560 --> 01:43:58,960 we're going to say we want to get rid of 2903 01:43:58,960 --> 01:44:00,159 this 2904 01:44:00,159 --> 01:44:01,520 and that's it we're just getting rid of 2905 01:44:01,520 --> 01:44:03,360 this okay so if we run this one more 2906 01:44:03,360 --> 01:44:04,560 time 2907 01:44:04,560 --> 01:44:06,239 now you can see that we've successfully 2908 01:44:06,239 --> 01:44:09,040 extracted this ip address out that's our 2909 01:44:09,040 --> 01:44:11,119 goal that's all we wanted to do 2910 01:44:11,119 --> 01:44:13,760 now how can we apply this to something 2911 01:44:13,760 --> 01:44:15,440 bigger how can we make this part of a 2912 01:44:15,440 --> 01:44:18,719 bigger script that is the question and 2913 01:44:18,719 --> 01:44:20,159 we're going to do that so what i want 2914 01:44:20,159 --> 01:44:22,400 you to do is i just want you to copy 2915 01:44:22,400 --> 01:44:25,920 this okay copy this entire line 2916 01:44:25,920 --> 01:44:27,040 and 2917 01:44:27,040 --> 01:44:28,719 we're going to 2918 01:44:28,719 --> 01:44:30,639 go into a mouse pad so let's copy this 2919 01:44:30,639 --> 01:44:31,679 selection 2920 01:44:31,679 --> 01:44:33,040 and i'm going to clear my screen i'm 2921 01:44:33,040 --> 01:44:34,960 just going to say mousepad 2922 01:44:34,960 --> 01:44:39,159 and we're going to call this ipsweep.sh 2923 01:44:39,440 --> 01:44:41,600 okay so this is going to be a 2924 01:44:41,600 --> 01:44:43,679 bash script 2925 01:44:43,679 --> 01:44:46,080 and i'm going to make this bigger 2926 01:44:46,080 --> 01:44:47,119 and the first thing we're going to do 2927 01:44:47,119 --> 01:44:48,639 with our bash script is we have to 2928 01:44:48,639 --> 01:44:50,880 declare that it's a bash script we're 2929 01:44:50,880 --> 01:44:51,840 going to say 2930 01:44:51,840 --> 01:44:53,520 bang right here or shebang is what we'd 2931 01:44:53,520 --> 01:44:54,480 call this 2932 01:44:54,480 --> 01:44:56,719 forward slash bin forward slash bash 2933 01:44:56,719 --> 01:44:58,320 this allows the 2934 01:44:58,320 --> 01:45:00,080 machine to know when we run this this 2935 01:45:00,080 --> 01:45:01,679 allows bash to know hey we're calling 2936 01:45:01,679 --> 01:45:03,440 this here's the location of bash this is 2937 01:45:03,440 --> 01:45:04,719 what we're running with the script 2938 01:45:04,719 --> 01:45:06,480 you're also going to see this when we we 2939 01:45:06,480 --> 01:45:08,480 use python as well you'll see the the 2940 01:45:08,480 --> 01:45:10,320 declaration here at the top or when 2941 01:45:10,320 --> 01:45:11,760 we're calling this out 2942 01:45:11,760 --> 01:45:14,000 so i'm going to go ahead and ctrl s and 2943 01:45:14,000 --> 01:45:15,119 save this 2944 01:45:15,119 --> 01:45:16,880 that'll add some nice color to this so 2945 01:45:16,880 --> 01:45:18,560 when we're coding this out we get to see 2946 01:45:18,560 --> 01:45:21,040 in color i like that a lot i'm going to 2947 01:45:21,040 --> 01:45:22,480 actually make this a little bit smaller 2948 01:45:22,480 --> 01:45:24,239 and then make this like this here so we 2949 01:45:24,239 --> 01:45:25,760 can get the whole picture 2950 01:45:25,760 --> 01:45:28,080 okay so what i want to do is i want to 2951 01:45:28,080 --> 01:45:30,080 paste in what we just wrote so i'm just 2952 01:45:30,080 --> 01:45:31,760 going to control v here and paste that 2953 01:45:31,760 --> 01:45:33,040 in 2954 01:45:33,040 --> 01:45:34,400 so 2955 01:45:34,400 --> 01:45:37,040 we don't need to do a cat of an ip 2956 01:45:37,040 --> 01:45:38,639 address here 2957 01:45:38,639 --> 01:45:40,239 in this instance instead we're going to 2958 01:45:40,239 --> 01:45:42,080 change this back we're going to paint 2959 01:45:42,080 --> 01:45:43,920 remember we want to ping every device in 2960 01:45:43,920 --> 01:45:46,320 the network so we want to ping say if 2961 01:45:46,320 --> 01:45:49,360 we're pinging 192 168 4 2962 01:45:49,360 --> 01:45:50,880 dot x 2963 01:45:50,880 --> 01:45:53,119 okay we want to ping that and we can 2964 01:45:53,119 --> 01:45:55,119 leave this like this for now don't worry 2965 01:45:55,119 --> 01:45:56,560 about changing anything here this is 2966 01:45:56,560 --> 01:45:58,400 just going to be a placeholder we're 2967 01:45:58,400 --> 01:46:01,360 going to do a little bit of extra 2968 01:46:01,360 --> 01:46:03,600 syntax here to make this work 2969 01:46:03,600 --> 01:46:05,600 so we're going to write what is called a 2970 01:46:05,600 --> 01:46:07,199 for loop 2971 01:46:07,199 --> 01:46:08,800 so we're going to say 2972 01:46:08,800 --> 01:46:09,760 4 2973 01:46:09,760 --> 01:46:11,280 and i'll explain what this does here in 2974 01:46:11,280 --> 01:46:12,719 a second you're also going to see this 2975 01:46:12,719 --> 01:46:15,520 again when we get into python and coding 2976 01:46:15,520 --> 01:46:17,679 and so you'll be able to understand more 2977 01:46:17,679 --> 01:46:19,840 and more about loops and what for loops 2978 01:46:19,840 --> 01:46:21,360 are while loops et cetera they're very 2979 01:46:21,360 --> 01:46:23,199 very useful and very common in coding 2980 01:46:23,199 --> 01:46:24,400 and scripting 2981 01:46:24,400 --> 01:46:26,639 so i'm going to say 4 ip 2982 01:46:26,639 --> 01:46:27,440 in 2983 01:46:27,440 --> 01:46:30,159 and then i'm going to say sequence 2984 01:46:30,159 --> 01:46:32,480 1 through 254 2985 01:46:32,480 --> 01:46:33,840 now 2986 01:46:33,840 --> 01:46:36,159 very important this character here is 2987 01:46:36,159 --> 01:46:38,320 not an apostrophe okay this is not an 2988 01:46:38,320 --> 01:46:39,679 apostrophe 2989 01:46:39,679 --> 01:46:41,840 this is the little line i don't know 2990 01:46:41,840 --> 01:46:43,360 what it's called it's above the atilda 2991 01:46:43,360 --> 01:46:45,360 next to your escape button on your 2992 01:46:45,360 --> 01:46:47,760 keyboard so it's this right here okay 2993 01:46:47,760 --> 01:46:49,840 it's like a backwards apostrophe almost 2994 01:46:49,840 --> 01:46:51,199 i'm sure there's a term for it i just 2995 01:46:51,199 --> 01:46:52,239 don't know it 2996 01:46:52,239 --> 01:46:54,080 so you come in here and you say okay 2997 01:46:54,080 --> 01:46:57,119 four ip address in sequence one through 2998 01:46:57,119 --> 01:46:59,199 two fifty four and i'm gonna explain 2999 01:46:59,199 --> 01:47:00,639 what all this does in a second i want 3000 01:47:00,639 --> 01:47:02,480 you just to type this out for now 3001 01:47:02,480 --> 01:47:05,360 i want you to say do 3002 01:47:05,360 --> 01:47:06,960 all right and then i want you to come 3003 01:47:06,960 --> 01:47:10,000 down here and we're going to say 3004 01:47:10,000 --> 01:47:11,679 ampersand on this line and we're going 3005 01:47:11,679 --> 01:47:13,119 to say done i'm going to explain what 3006 01:47:13,119 --> 01:47:14,800 all this means 3007 01:47:14,800 --> 01:47:16,880 okay so this is a loop that we've just 3008 01:47:16,880 --> 01:47:18,080 created 3009 01:47:18,080 --> 01:47:20,960 what we're saying is for the ip address 3010 01:47:20,960 --> 01:47:22,320 and we're just declaring this this could 3011 01:47:22,320 --> 01:47:24,320 be bob if you wanted to we just i'm just 3012 01:47:24,320 --> 01:47:26,639 making it a name or a term that's easy 3013 01:47:26,639 --> 01:47:28,560 for us to remember so we're going to say 3014 01:47:28,560 --> 01:47:30,639 for ip but if you want to call this bob 3015 01:47:30,639 --> 01:47:33,520 call bob for ip in 3016 01:47:33,520 --> 01:47:36,320 sequence 1 through 254 so what sequence 3017 01:47:36,320 --> 01:47:38,400 is doing is it's saying hey i want to 3018 01:47:38,400 --> 01:47:42,000 count everything from 1 to 254 so 1 2 3 3019 01:47:42,000 --> 01:47:44,719 4 5 6 7 8 all the way to 254. 3020 01:47:44,719 --> 01:47:47,360 this for loop means i'm going to do this 3021 01:47:47,360 --> 01:47:49,920 every single time so for 3022 01:47:49,920 --> 01:47:53,600 ip in one for ipn2 for ipn3 we're going 3023 01:47:53,600 --> 01:47:56,320 to run this command until we're done so 3024 01:47:56,320 --> 01:47:59,840 until this sequence has run 255 times 3025 01:47:59,840 --> 01:48:01,040 it's done 3026 01:48:01,040 --> 01:48:03,600 okay and now we're going to say i want 3027 01:48:03,600 --> 01:48:06,159 to do a count of 3028 01:48:06,159 --> 01:48:08,480 dollar sign ip 3029 01:48:08,480 --> 01:48:11,600 so what we're saying here is for ip in 3030 01:48:11,600 --> 01:48:14,080 sequence one through 254 go ahead and do 3031 01:48:14,080 --> 01:48:16,800 a ping dash c for a count of one one 3032 01:48:16,800 --> 01:48:18,159 nine 1 192.1684 3033 01:48:18,159 --> 01:48:21,480 254. and here we're going to say 3034 01:48:21,480 --> 01:48:24,000 1.2.3 every time this loops over and 3035 01:48:24,000 --> 01:48:25,840 over and over it's going to be 3036 01:48:25,840 --> 01:48:27,440 incrementing that number through this 3037 01:48:27,440 --> 01:48:29,360 sequence that's all we're doing this is 3038 01:48:29,360 --> 01:48:31,440 a basic loop okay so we're going to keep 3039 01:48:31,440 --> 01:48:33,360 going through and through and through 3040 01:48:33,360 --> 01:48:35,600 now this will work if you plugged in 3041 01:48:35,600 --> 01:48:37,840 your hard-coded ip address here this 3042 01:48:37,840 --> 01:48:39,679 will absolutely work 3043 01:48:39,679 --> 01:48:41,520 now we can improve this just a little 3044 01:48:41,520 --> 01:48:43,760 bit if we want to so what's going on 3045 01:48:43,760 --> 01:48:46,080 here is what we're going to say is if we 3046 01:48:46,080 --> 01:48:48,159 wanted to run this we would just do dot 3047 01:48:48,159 --> 01:48:51,520 forward slash and then ipsweep okay 3048 01:48:51,520 --> 01:48:53,440 and this would work that's fine but we 3049 01:48:53,440 --> 01:48:55,119 can make this a little bit better from a 3050 01:48:55,119 --> 01:48:57,119 coding perspective we can come in here 3051 01:48:57,119 --> 01:49:01,440 and we can give this a dollar sign one 3052 01:49:01,440 --> 01:49:04,080 and that means argument one 3053 01:49:04,080 --> 01:49:05,679 so what we're saying here is i want to 3054 01:49:05,679 --> 01:49:08,639 give an argument instead so if you want 3055 01:49:08,639 --> 01:49:11,600 to be technical this first 3056 01:49:11,600 --> 01:49:12,840 dot forward slash 3057 01:49:12,840 --> 01:49:16,320 ipsweep.sh that is argument zero so you 3058 01:49:16,320 --> 01:49:18,560 can consider this dollar sign zero 3059 01:49:18,560 --> 01:49:20,320 argument one would be what you type 3060 01:49:20,320 --> 01:49:22,800 after that so this would be argument one 3061 01:49:22,800 --> 01:49:26,000 argument two etc so in this case what we 3062 01:49:26,000 --> 01:49:27,520 could do is we could say i want to run 3063 01:49:27,520 --> 01:49:29,599 192.168.4 3064 01:49:29,599 --> 01:49:30,800 like this 3065 01:49:30,800 --> 01:49:33,080 and this will run the dot 3066 01:49:33,080 --> 01:49:35,679 1.2.3 after it so you provide the 3067 01:49:35,679 --> 01:49:38,719 argument it places that here in argument 3068 01:49:38,719 --> 01:49:39,599 1 3069 01:49:39,599 --> 01:49:42,159 and then it does the rest for you so 3070 01:49:42,159 --> 01:49:43,920 this way you can specify 3071 01:49:43,920 --> 01:49:45,440 your network and if you wanted to ping 3072 01:49:45,440 --> 01:49:46,639 multiple networks you don't have to come 3073 01:49:46,639 --> 01:49:48,960 back in here and keep changing this 3074 01:49:48,960 --> 01:49:51,280 it just works so super easy this is a 3075 01:49:51,280 --> 01:49:53,520 great little script for a 3076 01:49:53,520 --> 01:49:57,440 slash 24 type subnet okay 3077 01:49:57,440 --> 01:49:59,280 okay so let's go ahead and try running 3078 01:49:59,280 --> 01:50:00,800 this really quick i'm going to just 3079 01:50:00,800 --> 01:50:01,920 control 3080 01:50:01,920 --> 01:50:03,599 s save this 3081 01:50:03,599 --> 01:50:05,119 i'm going to close it 3082 01:50:05,119 --> 01:50:06,719 we're going to do a 3083 01:50:06,719 --> 01:50:10,560 chmod plus x on ipsweep if it'll allow 3084 01:50:10,560 --> 01:50:13,280 us to we might have to do a 3085 01:50:13,280 --> 01:50:15,599 okay let's do ls la real quick make sure 3086 01:50:15,599 --> 01:50:17,040 it worked 3087 01:50:17,040 --> 01:50:18,719 it sure did okay so here's what we're 3088 01:50:18,719 --> 01:50:20,400 going to do we're going to run the 3089 01:50:20,400 --> 01:50:22,239 ipsweep 3090 01:50:22,239 --> 01:50:25,360 and we're going to say 192 168 you just 3091 01:50:25,360 --> 01:50:27,599 put in your ip here i'm going to run 3092 01:50:27,599 --> 01:50:28,400 that 3093 01:50:28,400 --> 01:50:30,400 all right 3094 01:50:30,400 --> 01:50:32,080 and you can see all the devices that are 3095 01:50:32,080 --> 01:50:34,480 coming back within my network here 3096 01:50:34,480 --> 01:50:37,280 i'm going to go ahead and hit control c 3097 01:50:37,280 --> 01:50:39,280 cancel this out 3098 01:50:39,280 --> 01:50:40,400 and so this is grabbing all the 3099 01:50:40,400 --> 01:50:42,320 different devices in my network 3100 01:50:42,320 --> 01:50:43,840 now that's great 3101 01:50:43,840 --> 01:50:46,000 that works out really well but what we 3102 01:50:46,000 --> 01:50:48,080 can do is improve this what if i typed 3103 01:50:48,080 --> 01:50:49,119 in a 3104 01:50:49,119 --> 01:50:50,480 what if i didn't type anything at all 3105 01:50:50,480 --> 01:50:52,560 what if i just hit enter here now i'm 3106 01:50:52,560 --> 01:50:54,480 just getting all kinds of pings unknown 3107 01:50:54,480 --> 01:50:56,320 and it's going off of some of the stuff 3108 01:50:56,320 --> 01:50:58,719 i was doing before but it just causes 3109 01:50:58,719 --> 01:51:00,639 all kinds of issues and errors right so 3110 01:51:00,639 --> 01:51:02,159 you can see i'm trying to hit control c 3111 01:51:02,159 --> 01:51:04,719 it's it's taking its time to break um 3112 01:51:04,719 --> 01:51:07,119 here we get issues because we're not 3113 01:51:07,119 --> 01:51:08,800 we're just allowing any sort of argument 3114 01:51:08,800 --> 01:51:11,040 here what we need to do is we need to 3115 01:51:11,040 --> 01:51:13,440 fix this up just a little bit so what we 3116 01:51:13,440 --> 01:51:15,119 can say is we can come back in here and 3117 01:51:15,119 --> 01:51:16,639 just go mousepad 3118 01:51:16,639 --> 01:51:20,000 um ipsweep.sh 3119 01:51:20,000 --> 01:51:22,080 and come in here and let's add a little 3120 01:51:22,080 --> 01:51:24,320 bit extra oh and i also left this in 3121 01:51:24,320 --> 01:51:25,840 here don't leave this in here that's why 3122 01:51:25,840 --> 01:51:27,840 that was running twice 3123 01:51:27,840 --> 01:51:30,719 okay so what we're doing here is 3124 01:51:30,719 --> 01:51:32,880 we need to add in a statement what we're 3125 01:51:32,880 --> 01:51:34,560 going to do is we're going to add in a 3126 01:51:34,560 --> 01:51:36,400 if statement if statements are 3127 01:51:36,400 --> 01:51:38,400 conditions we're saying hey if this 3128 01:51:38,400 --> 01:51:41,520 condition is met do something for us if 3129 01:51:41,520 --> 01:51:43,840 it's not met then go ahead and do 3130 01:51:43,840 --> 01:51:45,280 something else 3131 01:51:45,280 --> 01:51:46,239 all right 3132 01:51:46,239 --> 01:51:49,040 so we're going to say 3133 01:51:49,040 --> 01:51:51,040 if 3134 01:51:51,040 --> 01:51:52,560 and we're going to just put in here 3135 01:51:52,560 --> 01:51:54,960 dollar sign 1 3136 01:51:54,960 --> 01:51:58,000 is equal to nothing 3137 01:51:58,000 --> 01:51:59,520 then we're going to go ahead and just 3138 01:51:59,520 --> 01:52:01,360 say then 3139 01:52:01,360 --> 01:52:03,040 echo 3140 01:52:03,040 --> 01:52:04,560 you forgot 3141 01:52:04,560 --> 01:52:08,080 an ip address 3142 01:52:08,239 --> 01:52:10,000 echo 3143 01:52:10,000 --> 01:52:11,199 syntax 3144 01:52:11,199 --> 01:52:13,920 something like this we'll just say 3145 01:52:13,920 --> 01:52:15,599 i p 3146 01:52:15,599 --> 01:52:17,440 suite 3147 01:52:17,440 --> 01:52:20,880 and we'll go 192.168.4 3148 01:52:20,880 --> 01:52:22,239 like that 3149 01:52:22,239 --> 01:52:23,440 okay 3150 01:52:23,440 --> 01:52:24,560 and then 3151 01:52:24,560 --> 01:52:28,159 if we did do this correctly 3152 01:52:28,159 --> 01:52:30,560 if we do have an argument inside of 3153 01:52:30,560 --> 01:52:33,199 argument one then we're gonna say else 3154 01:52:33,199 --> 01:52:34,960 do all this here 3155 01:52:34,960 --> 01:52:36,719 and be done and then we're gonna end our 3156 01:52:36,719 --> 01:52:38,960 if statement with fi 3157 01:52:38,960 --> 01:52:39,920 now 3158 01:52:39,920 --> 01:52:42,560 this script or this resemblance of this 3159 01:52:42,560 --> 01:52:43,679 script 3160 01:52:43,679 --> 01:52:46,000 is not one of my own by the way this is 3161 01:52:46,000 --> 01:52:47,920 goes credit to something i've modified 3162 01:52:47,920 --> 01:52:49,599 over time but the original credit 3163 01:52:49,599 --> 01:52:52,000 definitely goes to georgia weidman i 3164 01:52:52,000 --> 01:52:54,080 remember seeing this in her course a 3165 01:52:54,080 --> 01:52:55,360 long long time ago when i was first 3166 01:52:55,360 --> 01:52:57,599 getting started and she did a great job 3167 01:52:57,599 --> 01:52:58,800 of teaching this this is just a 3168 01:52:58,800 --> 01:53:00,560 modification of this script so i just 3169 01:53:00,560 --> 01:53:01,920 want to make sure that all credit goes 3170 01:53:01,920 --> 01:53:03,520 to her but 3171 01:53:03,520 --> 01:53:05,679 looking at this let's break this down 3172 01:53:05,679 --> 01:53:07,520 really quick before we run this again 3173 01:53:07,520 --> 01:53:10,400 we've got an if statement we said if 3174 01:53:10,400 --> 01:53:12,800 argument 1 doesn't equal anything then 3175 01:53:12,800 --> 01:53:14,639 you're going to echo back out and say 3176 01:53:14,639 --> 01:53:16,719 hey you forgot an ip address 3177 01:53:16,719 --> 01:53:18,320 here's the syntax 3178 01:53:18,320 --> 01:53:20,400 if it does include something then we're 3179 01:53:20,400 --> 01:53:22,080 going to go ahead and come in here and 3180 01:53:22,080 --> 01:53:24,239 say let's run our for statement or for 3181 01:53:24,239 --> 01:53:25,760 loop and run through it and then we're 3182 01:53:25,760 --> 01:53:27,440 going to end our if here 3183 01:53:27,440 --> 01:53:29,440 the only thing that i'm doing uniquely 3184 01:53:29,440 --> 01:53:31,360 here is i'm including this ampersand 3185 01:53:31,360 --> 01:53:34,800 which is going to run this command 3186 01:53:34,800 --> 01:53:36,480 multiple times at once this is a good 3187 01:53:36,480 --> 01:53:39,280 way to explain it basically we have a 3188 01:53:39,280 --> 01:53:42,000 couple ways of doing this we could say 3189 01:53:42,000 --> 01:53:43,679 like this we can put a command here and 3190 01:53:43,679 --> 01:53:46,000 this will run one at a time it'll say 3191 01:53:46,000 --> 01:53:49,840 okay four one four two four three 3192 01:53:49,840 --> 01:53:51,360 this allows 3193 01:53:51,360 --> 01:53:53,520 multiple instances of this loop to run 3194 01:53:53,520 --> 01:53:55,840 at once and just speeds things up i can 3195 01:53:55,840 --> 01:53:57,199 show you the difference between that so 3196 01:53:57,199 --> 01:53:59,040 i'm going to go ahead and just control s 3197 01:53:59,040 --> 01:54:00,080 save this 3198 01:54:00,080 --> 01:54:01,520 i'm going to go ahead and just run this 3199 01:54:01,520 --> 01:54:03,119 script real quick now let's try running 3200 01:54:03,119 --> 01:54:03,920 it with 3201 01:54:03,920 --> 01:54:05,920 without anything here 3202 01:54:05,920 --> 01:54:07,599 okay now look it says you forgot an ip 3203 01:54:07,599 --> 01:54:09,840 address so look we did that correctly 3204 01:54:09,840 --> 01:54:12,639 now let's go ahead and add the 192.168.4 3205 01:54:12,639 --> 01:54:13,599 run it 3206 01:54:13,599 --> 01:54:15,920 and you can see okay it's sweeping but 3207 01:54:15,920 --> 01:54:18,000 it's taking its sweet time 3208 01:54:18,000 --> 01:54:19,920 especially for the ip addresses that are 3209 01:54:19,920 --> 01:54:22,400 going to hang like um like if i don't 3210 01:54:22,400 --> 01:54:24,159 have a dot 2 or dot 3 it's going to take 3211 01:54:24,159 --> 01:54:26,239 a while so i'm going to control c and 3212 01:54:26,239 --> 01:54:28,000 get out of this if it'll let me and it 3213 01:54:28,000 --> 01:54:29,679 looks like it's actually going to hang 3214 01:54:29,679 --> 01:54:31,440 so what we can do is we can come back in 3215 01:54:31,440 --> 01:54:32,800 i'm going to open a new tab real quick 3216 01:54:32,800 --> 01:54:34,400 just while that's waiting and i'm just 3217 01:54:34,400 --> 01:54:36,880 going to say mousepad and we're just 3218 01:54:36,880 --> 01:54:40,920 going to go back into ipsweep.sh 3219 01:54:41,040 --> 01:54:44,480 it's in this folder there we go okay 3220 01:54:44,480 --> 01:54:45,840 so from here 3221 01:54:45,840 --> 01:54:46,960 i'm going to change this back to the 3222 01:54:46,960 --> 01:54:49,599 ampersand and i'm going to save it 3223 01:54:49,599 --> 01:54:51,040 i just want you to see the difference 3224 01:54:51,040 --> 01:54:52,639 really quick 3225 01:54:52,639 --> 01:54:56,320 and why i run it like this so ip sweep 3226 01:54:56,320 --> 01:54:59,560 the sh192168.4 3227 01:55:00,320 --> 01:55:02,239 you can see it's picking everything up 3228 01:55:02,239 --> 01:55:05,360 really fast all right what i can do now 3229 01:55:05,360 --> 01:55:07,679 is i can run this and then store this 3230 01:55:07,679 --> 01:55:10,880 into like ips.txt something like that 3231 01:55:10,880 --> 01:55:13,119 just like found ip addresses okay so now 3232 01:55:13,119 --> 01:55:15,199 if i cat ips 3233 01:55:15,199 --> 01:55:16,560 dot txt 3234 01:55:16,560 --> 01:55:18,320 i have all the ip addresses i just found 3235 01:55:18,320 --> 01:55:20,719 and i found them that fast 3236 01:55:20,719 --> 01:55:23,280 versus this which may still be going and 3237 01:55:23,280 --> 01:55:24,719 it is and i can't even kill i'm just 3238 01:55:24,719 --> 01:55:27,199 going to close this out okay so this is 3239 01:55:27,199 --> 01:55:28,320 the big difference there with that 3240 01:55:28,320 --> 01:55:30,320 ampersand and the speed of what it is 3241 01:55:30,320 --> 01:55:32,719 capable of doing so 3242 01:55:32,719 --> 01:55:34,400 with all that being said we could take 3243 01:55:34,400 --> 01:55:37,520 this and do one more thing so i want to 3244 01:55:37,520 --> 01:55:39,840 show you how we can utilize 3245 01:55:39,840 --> 01:55:42,480 a one-liner these are called one line 3246 01:55:42,480 --> 01:55:45,679 statements in um in bash and we can do 3247 01:55:45,679 --> 01:55:47,360 similar to what we just did and 3248 01:55:47,360 --> 01:55:49,599 accomplish that in this command line so 3249 01:55:49,599 --> 01:55:51,840 now we have an ip address we have a list 3250 01:55:51,840 --> 01:55:54,480 of ip addresses let's say that we want 3251 01:55:54,480 --> 01:55:57,679 to run nmap now we haven't gotten to map 3252 01:55:57,679 --> 01:55:59,119 yet you don't need to really know about 3253 01:55:59,119 --> 01:56:01,679 it just know that it is a tool that 3254 01:56:01,679 --> 01:56:04,159 allows us to go out and do port scanning 3255 01:56:04,159 --> 01:56:06,000 okay so typically we would just say 3256 01:56:06,000 --> 01:56:08,480 something like nmap and we might do 3257 01:56:08,480 --> 01:56:09,920 something like 3258 01:56:09,920 --> 01:56:11,040 dash 3259 01:56:11,040 --> 01:56:14,480 t4 dash a dash p dash like this this is 3260 01:56:14,480 --> 01:56:16,639 just saying i want to run 3261 01:56:16,639 --> 01:56:18,320 map scan i want to look at everything 3262 01:56:18,320 --> 01:56:20,159 and i want to scan all ports this is 3263 01:56:20,159 --> 01:56:22,400 just an example you can just run map ip 3264 01:56:22,400 --> 01:56:23,920 address like this 3265 01:56:23,920 --> 01:56:25,920 and that would be fine too like we could 3266 01:56:25,920 --> 01:56:28,800 just go 192 168 192.168.4.29 3267 01:56:28,800 --> 01:56:30,960 and we'll do a quick map scan 3268 01:56:30,960 --> 01:56:33,920 okay but what we can't do here is we 3269 01:56:33,920 --> 01:56:37,199 can't just say hey i want to run 3270 01:56:37,199 --> 01:56:38,800 well we could we could say i want to run 3271 01:56:38,800 --> 01:56:41,440 nmap for everything in 3272 01:56:41,440 --> 01:56:43,840 dot zero slash 24. 3273 01:56:43,840 --> 01:56:45,840 the issue is it's going to take time 3274 01:56:45,840 --> 01:56:47,920 looking and finding what i p addresses 3275 01:56:47,920 --> 01:56:49,440 are valid here 3276 01:56:49,440 --> 01:56:51,440 if we have a list we can automate this 3277 01:56:51,440 --> 01:56:53,760 process quite a bit we can just come in 3278 01:56:53,760 --> 01:56:55,599 here and we can say something a little 3279 01:56:55,599 --> 01:56:58,560 bit different we can say hey for 3280 01:56:58,560 --> 01:57:01,280 ip we're using the same kind of syntax 3281 01:57:01,280 --> 01:57:03,520 in dollar sign 3282 01:57:03,520 --> 01:57:05,119 and we're going to put parentheses here 3283 01:57:05,119 --> 01:57:07,599 we're going to say cat 3284 01:57:07,599 --> 01:57:10,960 and then we're going to say ips.txt 3285 01:57:10,960 --> 01:57:12,480 and then we're just going to do this 3286 01:57:12,480 --> 01:57:14,159 we're going to say do 3287 01:57:14,159 --> 01:57:15,599 nmap 3288 01:57:15,599 --> 01:57:18,000 dollar sign ip 3289 01:57:18,000 --> 01:57:19,520 and then again we have the option of 3290 01:57:19,520 --> 01:57:22,880 doing done or we can do 3291 01:57:22,880 --> 01:57:24,480 ampersand done 3292 01:57:24,480 --> 01:57:26,480 just like this okay 3293 01:57:26,480 --> 01:57:28,320 i'm just going to do done here as an 3294 01:57:28,320 --> 01:57:30,320 example and just show you so this is 3295 01:57:30,320 --> 01:57:32,080 really easy we're saying hey for every 3296 01:57:32,080 --> 01:57:33,440 ip address 3297 01:57:33,440 --> 01:57:34,880 in this list and all we're doing is 3298 01:57:34,880 --> 01:57:36,639 we're cutting out this ip list that we 3299 01:57:36,639 --> 01:57:38,560 just had so it's going to take the first 3300 01:57:38,560 --> 01:57:40,719 ip then run the maps again and it's 3301 01:57:40,719 --> 01:57:42,080 going to come back and run the next one 3302 01:57:42,080 --> 01:57:44,320 so until this list is completely done 3303 01:57:44,320 --> 01:57:45,599 it's going to keep going through this 3304 01:57:45,599 --> 01:57:47,920 loop that's all it is a simple loop then 3305 01:57:47,920 --> 01:57:49,280 we're going to say done 3306 01:57:49,280 --> 01:57:50,719 it's going to take that ip address it's 3307 01:57:50,719 --> 01:57:52,000 going to start scanning it it's going to 3308 01:57:52,000 --> 01:57:54,560 go through and hopefully find 3309 01:57:54,560 --> 01:57:57,199 information and go in a loop so this is 3310 01:57:57,199 --> 01:57:58,880 a quick way to automate some of this 3311 01:57:58,880 --> 01:58:00,639 process i actually do this with a lot of 3312 01:58:00,639 --> 01:58:03,280 my scripts where i will do some probing 3313 01:58:03,280 --> 01:58:04,800 see if anything is out there that's 3314 01:58:04,800 --> 01:58:07,280 alive put it into an ip file and you're 3315 01:58:07,280 --> 01:58:08,480 going to see this later in the course 3316 01:58:08,480 --> 01:58:10,719 and then end map scan that 3317 01:58:10,719 --> 01:58:11,520 so 3318 01:58:11,520 --> 01:58:12,880 think about this hopefully this gets 3319 01:58:12,880 --> 01:58:15,440 your wheels spinning on what you can do 3320 01:58:15,440 --> 01:58:17,280 to really start 3321 01:58:17,280 --> 01:58:18,800 scripting some of this stuff out and 3322 01:58:18,800 --> 01:58:20,080 this is going to be the first time you 3323 01:58:20,080 --> 01:58:21,599 get your hands dirty with scripting 3324 01:58:21,599 --> 01:58:23,760 we're going to go on again with this and 3325 01:58:23,760 --> 01:58:25,840 we're going to get more advanced as we 3326 01:58:25,840 --> 01:58:27,199 go but this should be a good 3327 01:58:27,199 --> 01:58:29,599 introductory lesson to you on how we can 3328 01:58:29,599 --> 01:58:31,280 build a simple tool and automate a lot 3329 01:58:31,280 --> 01:58:32,960 of this process 3330 01:58:32,960 --> 01:58:34,800 fairly easily with just a little bit of 3331 01:58:34,800 --> 01:58:37,360 command line syntax so we're gonna go 3332 01:58:37,360 --> 01:58:39,440 ahead and move on to the next section 3333 01:58:39,440 --> 01:58:42,639 and i will see you over there 3334 01:58:42,639 --> 01:58:44,719 and we have reached the end of our video 3335 01:58:44,719 --> 01:58:46,560 so thank you so much for taking the time 3336 01:58:46,560 --> 01:58:48,880 to spend the last two hours with me 3337 01:58:48,880 --> 01:58:51,280 again if you enjoyed the video please do 3338 01:58:51,280 --> 01:58:53,199 consider subscribing to our channel it's 3339 01:58:53,199 --> 01:58:55,199 as simple as just hitting the subscribe 3340 01:58:55,199 --> 01:58:57,760 button and you get access to all of our 3341 01:58:57,760 --> 01:58:59,360 content and the new content that we're 3342 01:58:59,360 --> 01:59:02,400 releasing including courses similar to 3343 01:59:02,400 --> 01:59:04,480 this one and while you're at it please 3344 01:59:04,480 --> 01:59:06,320 do consider checking out the rest of the 3345 01:59:06,320 --> 01:59:08,639 videos on our youtube channel we do have 3346 01:59:08,639 --> 01:59:11,199 a 12 hour ethical hacking course we've 3347 01:59:11,199 --> 01:59:13,040 got open source intelligence course 3348 01:59:13,040 --> 01:59:15,280 course on buffer overflows we got a 3349 01:59:15,280 --> 01:59:17,280 bunch of cool videos on open source 3350 01:59:17,280 --> 01:59:19,040 intelligence and other things on this 3351 01:59:19,040 --> 01:59:20,960 channel as well 3352 01:59:20,960 --> 01:59:23,040 lastly if you enjoyed this course again 3353 01:59:23,040 --> 01:59:25,679 this is part of a full length course a 3354 01:59:25,679 --> 01:59:28,560 25 hour course on ethical hacking this 3355 01:59:28,560 --> 01:59:30,480 is just scratching the surface on what 3356 01:59:30,480 --> 01:59:32,560 is to come you can come to the 3357 01:59:32,560 --> 01:59:35,560 academy.tcm-sec.com 3358 01:59:36,480 --> 01:59:38,320 and come down and check out the 3359 01:59:38,320 --> 01:59:40,480 practical ethical hacking course 3360 01:59:40,480 --> 01:59:42,239 as always i'll put everything down in 3361 01:59:42,239 --> 01:59:43,920 the description below but we do cover a 3362 01:59:43,920 --> 01:59:46,080 lot of great stuff and a lot of the 3363 01:59:46,080 --> 01:59:47,920 information required to get you into the 3364 01:59:47,920 --> 01:59:50,000 field of ethical hacking 3365 01:59:50,000 --> 01:59:52,400 so that is it for this video 3366 01:59:52,400 --> 01:59:54,800 i thank you again for taking the time to 3367 01:59:54,800 --> 01:59:56,880 sit with me and learn linux with me and 3368 01:59:56,880 --> 01:59:59,040 hopefully you took some valuable 3369 01:59:59,040 --> 02:00:01,280 information away from this and i'll see 3370 02:00:01,280 --> 02:00:03,840 you soon in the ethical hacking field 3371 02:00:03,840 --> 02:00:07,400 thank you so much 231974