Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,240 --> 00:00:01,680
hello everyone and welcome to this
2
00:00:01,680 --> 00:00:04,720
course on linux for ethical hackers my
3
00:00:04,720 --> 00:00:06,480
name is heath adams and i'm going to be
4
00:00:06,480 --> 00:00:09,040
your instructor for this course
5
00:00:09,040 --> 00:00:11,360
a little bit about me i am an ethical
6
00:00:11,360 --> 00:00:14,160
hacker by trade i am the business owner
7
00:00:14,160 --> 00:00:17,840
and ceo at tcm security we are a dual
8
00:00:17,840 --> 00:00:20,560
headed organization part of what we do
9
00:00:20,560 --> 00:00:22,240
is penetration testing and ethical
10
00:00:22,240 --> 00:00:25,519
hacking so clients pay us to break into
11
00:00:25,519 --> 00:00:27,599
their networks to their web applications
12
00:00:27,599 --> 00:00:29,679
and sometimes even their buildings
13
00:00:29,679 --> 00:00:31,439
and we do that to find vulnerabilities
14
00:00:31,439 --> 00:00:33,840
before the bad people do
15
00:00:33,840 --> 00:00:35,680
the other side of our organization is
16
00:00:35,680 --> 00:00:38,160
that we are a training organization we
17
00:00:38,160 --> 00:00:40,320
have an academy called tcm security
18
00:00:40,320 --> 00:00:43,120
academy and we teach people how to
19
00:00:43,120 --> 00:00:45,200
become ethical hackers
20
00:00:45,200 --> 00:00:47,520
at this point on the youtube channel we
21
00:00:47,520 --> 00:00:50,879
have well over 300 000 subscribers we've
22
00:00:50,879 --> 00:00:52,640
taught well over a million people
23
00:00:52,640 --> 00:00:55,760
through our academy and other platforms
24
00:00:55,760 --> 00:00:58,800
and i just love to teach so here's a
25
00:00:58,800 --> 00:01:00,320
little bit about me if you're interested
26
00:01:00,320 --> 00:01:02,800
in finding me on social media or any of
27
00:01:02,800 --> 00:01:05,438
our websites you can and here's a little
28
00:01:05,438 --> 00:01:06,960
bit of the certifications that i have
29
00:01:06,960 --> 00:01:09,280
that are hacking related
30
00:01:09,280 --> 00:01:11,200
and in this course
31
00:01:11,200 --> 00:01:12,799
we're going to be covering everything
32
00:01:12,799 --> 00:01:15,040
that we need to know to
33
00:01:15,040 --> 00:01:18,000
understand linux as an ethical hacker so
34
00:01:18,000 --> 00:01:20,000
if you've never used linux before and
35
00:01:20,000 --> 00:01:22,000
you're looking into the field of ethical
36
00:01:22,000 --> 00:01:24,479
hacking then this is going to be the
37
00:01:24,479 --> 00:01:27,040
course for you we're going to be
38
00:01:27,040 --> 00:01:29,600
covering how to install and run a
39
00:01:29,600 --> 00:01:32,479
version of linux called kali linux we're
40
00:01:32,479 --> 00:01:34,640
going to cover what kali linux is and
41
00:01:34,640 --> 00:01:36,320
then we're going to talk through
42
00:01:36,320 --> 00:01:38,960
how to navigate the file system how to
43
00:01:38,960 --> 00:01:41,680
use common network commands how to
44
00:01:41,680 --> 00:01:43,680
create files and view files and edit
45
00:01:43,680 --> 00:01:46,159
files and how to stop services start
46
00:01:46,159 --> 00:01:47,439
services
47
00:01:47,439 --> 00:01:50,159
how to install tools and how to write a
48
00:01:50,159 --> 00:01:52,799
script with bash scripting all this is
49
00:01:52,799 --> 00:01:54,560
very important because as an ethical
50
00:01:54,560 --> 00:01:57,600
hacker you are going to be
51
00:01:57,600 --> 00:02:00,719
using linux on a daily basis so it's
52
00:02:00,719 --> 00:02:02,399
important to know how to use linux and
53
00:02:02,399 --> 00:02:04,560
if you've never done it before again
54
00:02:04,560 --> 00:02:07,759
this is the course for you
55
00:02:07,759 --> 00:02:10,878
now quickly switching over to youtube i
56
00:02:10,878 --> 00:02:13,280
have taught this course before
57
00:02:13,280 --> 00:02:15,440
now i taught this course two years ago
58
00:02:15,440 --> 00:02:17,840
and i provided that course for free to
59
00:02:17,840 --> 00:02:20,800
free code camp i also actually taught a
60
00:02:20,800 --> 00:02:22,480
ethical hacking course for them a couple
61
00:02:22,480 --> 00:02:24,879
years ago and provided that to their
62
00:02:24,879 --> 00:02:27,360
youtube channel since then we have
63
00:02:27,360 --> 00:02:29,440
launched our academy our youtube channel
64
00:02:29,440 --> 00:02:31,599
has blown up and we are self-sufficient
65
00:02:31,599 --> 00:02:33,360
on our own channel
66
00:02:33,360 --> 00:02:35,200
to the point now we're putting up
67
00:02:35,200 --> 00:02:37,200
updated materials such as this ethical
68
00:02:37,200 --> 00:02:40,160
hacking course and this opsint or open
69
00:02:40,160 --> 00:02:42,480
source intelligence course and now this
70
00:02:42,480 --> 00:02:45,840
linux course for 2022
71
00:02:45,840 --> 00:02:47,200
so if you're asking what the big
72
00:02:47,200 --> 00:02:48,959
differentiator is between the old
73
00:02:48,959 --> 00:02:51,040
courses and the new ones is that these
74
00:02:51,040 --> 00:02:53,280
are incredibly up-to-date in this course
75
00:02:53,280 --> 00:02:56,560
we're going to be using ali 2022.2 which
76
00:02:56,560 --> 00:03:00,560
is the very latest edition of kali linux
77
00:03:00,560 --> 00:03:02,080
last thing to mention before we jump
78
00:03:02,080 --> 00:03:03,440
into the course
79
00:03:03,440 --> 00:03:06,400
is that this course does belong as part
80
00:03:06,400 --> 00:03:09,120
of a larger course at our tcm security
81
00:03:09,120 --> 00:03:10,159
academy
82
00:03:10,159 --> 00:03:12,400
if you scroll down we do have courses on
83
00:03:12,400 --> 00:03:15,120
all kinds of things we've got courses on
84
00:03:15,120 --> 00:03:17,840
linux if you are interested in a full-on
85
00:03:17,840 --> 00:03:20,239
linux course we've got courses on python
86
00:03:20,239 --> 00:03:22,800
as well the linux for ethical hackers
87
00:03:22,800 --> 00:03:24,640
actually is part of the practical
88
00:03:24,640 --> 00:03:26,400
ethical hacking course which is a
89
00:03:26,400 --> 00:03:29,599
25-hour long course on ethical hacking
90
00:03:29,599 --> 00:03:31,440
so if you find that you really enjoyed
91
00:03:31,440 --> 00:03:32,480
this course
92
00:03:32,480 --> 00:03:33,920
and you want to learn more about ethical
93
00:03:33,920 --> 00:03:36,319
hacking please do consider coming and
94
00:03:36,319 --> 00:03:37,920
checking out our practical ethical
95
00:03:37,920 --> 00:03:40,640
hacking course on the academy and any of
96
00:03:40,640 --> 00:03:42,480
our great other courses that we have
97
00:03:42,480 --> 00:03:43,840
here
98
00:03:43,840 --> 00:03:45,680
and please do consider subscribing to
99
00:03:45,680 --> 00:03:46,799
the channel
100
00:03:46,799 --> 00:03:48,720
subscriptions go a long way for us they
101
00:03:48,720 --> 00:03:51,200
help with providing the free content and
102
00:03:51,200 --> 00:03:53,040
getting awareness out there for the
103
00:03:53,040 --> 00:03:55,360
ethical hacking field and helping get
104
00:03:55,360 --> 00:03:59,280
people into the career of cyber security
105
00:03:59,280 --> 00:04:00,959
if you're watching one of our videos all
106
00:04:00,959 --> 00:04:02,480
you have to do is come here and hit
107
00:04:02,480 --> 00:04:04,720
subscribe and then you will get notified
108
00:04:04,720 --> 00:04:07,200
anytime we release new content such as
109
00:04:07,200 --> 00:04:09,439
awesome courses like this one so without
110
00:04:09,439 --> 00:04:11,040
further ado let's go ahead and jump
111
00:04:11,040 --> 00:04:13,840
right into the
112
00:04:13,840 --> 00:04:16,079
all right so in order to be successful
113
00:04:16,079 --> 00:04:18,160
in this course we are going to be
114
00:04:18,160 --> 00:04:20,079
utilizing what is called a virtual
115
00:04:20,079 --> 00:04:22,320
machine now virtual machines are known
116
00:04:22,320 --> 00:04:24,639
as vms for short
117
00:04:24,639 --> 00:04:27,759
and a vm is just a machine on top of a
118
00:04:27,759 --> 00:04:29,840
machine and to give you an example i'm
119
00:04:29,840 --> 00:04:31,280
actually running this windows 10
120
00:04:31,280 --> 00:04:33,360
instance that you see here
121
00:04:33,360 --> 00:04:35,919
on top of my windows 10 instance so here
122
00:04:35,919 --> 00:04:38,240
you can see if i scroll up that i have a
123
00:04:38,240 --> 00:04:40,400
windows 10 machine i also have a linux
124
00:04:40,400 --> 00:04:43,840
machine sitting here if i were to
125
00:04:43,840 --> 00:04:46,400
de-maximize this you can see that i'm
126
00:04:46,400 --> 00:04:48,479
actually running here a windows machine
127
00:04:48,479 --> 00:04:49,520
in the back
128
00:04:49,520 --> 00:04:51,360
this is my wife and i
129
00:04:51,360 --> 00:04:53,440
and you come through here we just blow
130
00:04:53,440 --> 00:04:55,040
it back up and we're back inside of our
131
00:04:55,040 --> 00:04:57,680
machine so a virtual machine is just a
132
00:04:57,680 --> 00:04:59,840
machine inside of a machine
133
00:04:59,840 --> 00:05:01,360
so what we're going to be doing is we're
134
00:05:01,360 --> 00:05:03,360
going to be utilizing this to build out
135
00:05:03,360 --> 00:05:05,039
labs that way we don't have to actually
136
00:05:05,039 --> 00:05:06,720
have a bunch of hardware we can just use
137
00:05:06,720 --> 00:05:09,919
this for our our course and run what we
138
00:05:09,919 --> 00:05:11,759
need to on top of our own machine
139
00:05:11,759 --> 00:05:14,880
already now this can get resource
140
00:05:14,880 --> 00:05:17,759
intensive so if you are only utilizing
141
00:05:17,759 --> 00:05:20,320
something like eight gigabytes of ram
142
00:05:20,320 --> 00:05:22,240
then you might have some issues with
143
00:05:22,240 --> 00:05:24,639
this but you can still follow along when
144
00:05:24,639 --> 00:05:26,880
we get into the active directory portion
145
00:05:26,880 --> 00:05:28,560
you might run into issues if you do not
146
00:05:28,560 --> 00:05:30,960
have at least 16 gigabytes of ram to
147
00:05:30,960 --> 00:05:33,120
utilize but we'll worry about that when
148
00:05:33,120 --> 00:05:34,560
we get there there are still plenty of
149
00:05:34,560 --> 00:05:36,160
ways to follow along throughout this
150
00:05:36,160 --> 00:05:39,280
whole course so another thing to note is
151
00:05:39,280 --> 00:05:41,759
that i use vm's every single day this
152
00:05:41,759 --> 00:05:44,160
machine that you see here is actually my
153
00:05:44,160 --> 00:05:47,199
day-to-day pen testing machine so i run
154
00:05:47,199 --> 00:05:50,000
a kali linux instance on top of my
155
00:05:50,000 --> 00:05:52,800
windows machine and utilize that to do
156
00:05:52,800 --> 00:05:55,360
penetration testing so i'm going to
157
00:05:55,360 --> 00:05:57,280
demonstrate that to you and how we're
158
00:05:57,280 --> 00:05:59,039
going to build out our labs with that
159
00:05:59,039 --> 00:06:01,360
and a lot of us in the industry run
160
00:06:01,360 --> 00:06:03,360
through vms as opposed to running it
161
00:06:03,360 --> 00:06:06,800
directly on metal or on a machine so in
162
00:06:06,800 --> 00:06:07,840
order to
163
00:06:07,840 --> 00:06:09,919
utilize virtual machines we first need
164
00:06:09,919 --> 00:06:12,720
some sort of virtual machine software to
165
00:06:12,720 --> 00:06:14,560
play these so there are two different
166
00:06:14,560 --> 00:06:16,319
ways that we can do this
167
00:06:16,319 --> 00:06:18,560
if you are on a windows machine or a
168
00:06:18,560 --> 00:06:21,360
linux machine you can utilize vmware
169
00:06:21,360 --> 00:06:22,960
workstation player
170
00:06:22,960 --> 00:06:24,720
now if you type in vmware workstation
171
00:06:24,720 --> 00:06:26,080
player in google
172
00:06:26,080 --> 00:06:28,639
the first one here that says download
173
00:06:28,639 --> 00:06:30,400
vmware workstation player you just click
174
00:06:30,400 --> 00:06:32,080
on that
175
00:06:32,080 --> 00:06:34,800
and if you are in a mac environment
176
00:06:34,800 --> 00:06:36,319
you're going to be utilizing oracle
177
00:06:36,319 --> 00:06:38,560
virtualbox so if you type in oracle
178
00:06:38,560 --> 00:06:40,319
virtualbox you come here and you go to
179
00:06:40,319 --> 00:06:41,919
downloads
180
00:06:41,919 --> 00:06:43,919
you have your option there as well
181
00:06:43,919 --> 00:06:44,800
so
182
00:06:44,800 --> 00:06:47,600
in this course i will be using vmware
183
00:06:47,600 --> 00:06:49,680
workstation player i'm going to be
184
00:06:49,680 --> 00:06:51,599
running it on top of windows if you are
185
00:06:51,599 --> 00:06:53,840
using mac that is absolutely fine you're
186
00:06:53,840 --> 00:06:55,440
going to be following along just the
187
00:06:55,440 --> 00:06:56,319
same
188
00:06:56,319 --> 00:06:58,720
all you need to be able to do is
189
00:06:58,720 --> 00:07:00,160
follow the same instructions that i give
190
00:07:00,160 --> 00:07:02,560
you and you will be a-okay
191
00:07:02,560 --> 00:07:04,639
so if you scroll down here you can see
192
00:07:04,639 --> 00:07:06,400
try workstation player for windows or
193
00:07:06,400 --> 00:07:08,400
try a workstation player for linux go
194
00:07:08,400 --> 00:07:10,400
ahead and just select download now
195
00:07:10,400 --> 00:07:12,000
that should bring up a download and go
196
00:07:12,000 --> 00:07:14,720
ahead and save it
197
00:07:14,720 --> 00:07:17,039
if you're doing virtualbox go ahead and
198
00:07:17,039 --> 00:07:20,639
download uh for os x i will download the
199
00:07:20,639 --> 00:07:23,599
windows version just so that we can uh
200
00:07:23,599 --> 00:07:25,039
we can see what that looks like as well
201
00:07:25,039 --> 00:07:27,599
so i'll save both of these
202
00:07:27,599 --> 00:07:29,360
so let's view our downloads and we've
203
00:07:29,360 --> 00:07:32,319
got vmware workstation player here
204
00:07:32,319 --> 00:07:36,720
i'm going to go ahead and open this one
205
00:07:36,800 --> 00:07:40,080
and we're going to install this
206
00:07:42,240 --> 00:07:44,879
and this will be very point and click
207
00:07:44,879 --> 00:07:47,520
so next accept the agreement possibly
208
00:07:47,520 --> 00:07:49,680
give away our first child uh yeah we
209
00:07:49,680 --> 00:07:51,520
should go ahead and install the enhanced
210
00:07:51,520 --> 00:07:55,120
keyboard driver while we have this
211
00:07:55,440 --> 00:07:57,759
and then we don't need to enjoy join any
212
00:07:57,759 --> 00:07:59,759
improvement programs or check for
213
00:07:59,759 --> 00:08:01,680
product update that's okay
214
00:08:01,680 --> 00:08:04,000
we will install desktop start menu you
215
00:08:04,000 --> 00:08:05,919
check check your preferences as you like
216
00:08:05,919 --> 00:08:08,879
it i'm just going to install this
217
00:08:08,879 --> 00:08:10,879
and this should just finish here in just
218
00:08:10,879 --> 00:08:13,840
a second
219
00:08:13,919 --> 00:08:15,280
okay then you'll be brought to the
220
00:08:15,280 --> 00:08:16,800
screen once everything's done it should
221
00:08:16,800 --> 00:08:18,639
take about a minute or two and we're
222
00:08:18,639 --> 00:08:21,440
going to go ahead and hit finish
223
00:08:21,440 --> 00:08:23,440
and it's going to want a restart to take
224
00:08:23,440 --> 00:08:24,879
effect you can go ahead and restart your
225
00:08:24,879 --> 00:08:27,440
system i'm going to say no right now
226
00:08:27,440 --> 00:08:29,199
let's go ahead and install virtualbox if
227
00:08:29,199 --> 00:08:32,240
you are a mac user
228
00:08:32,320 --> 00:08:34,399
we'll hit next
229
00:08:34,399 --> 00:08:36,640
next here
230
00:08:36,640 --> 00:08:41,200
next and yes and install
231
00:08:41,200 --> 00:08:42,719
accept
232
00:08:42,719 --> 00:08:45,040
and again vary point and click with the
233
00:08:45,040 --> 00:08:46,800
installation
234
00:08:46,800 --> 00:08:49,200
select install and any options that do
235
00:08:49,200 --> 00:08:51,440
pop up
236
00:08:51,440 --> 00:08:53,600
and then we can start oracle vm if we
237
00:08:53,600 --> 00:08:56,080
want let's go ahead and just start that
238
00:08:56,080 --> 00:08:58,959
this is what oracle vm looks like
239
00:08:58,959 --> 00:09:01,360
and let's see if we can start the vmware
240
00:09:01,360 --> 00:09:02,560
player here
241
00:09:02,560 --> 00:09:05,760
even though we need to restart
242
00:09:07,040 --> 00:09:09,200
and this is what vmware workstation
243
00:09:09,200 --> 00:09:10,560
player looks like
244
00:09:10,560 --> 00:09:11,920
so here you could see that we have
245
00:09:11,920 --> 00:09:13,680
virtual machines we can create new
246
00:09:13,680 --> 00:09:16,240
virtual machines open ones etc we'll get
247
00:09:16,240 --> 00:09:18,640
into that in the next video so again if
248
00:09:18,640 --> 00:09:20,560
you are using windows or linux this is
249
00:09:20,560 --> 00:09:21,839
probably what your view is going to look
250
00:09:21,839 --> 00:09:23,600
like for the rest of the time
251
00:09:23,600 --> 00:09:26,480
if you are using oracle on a mac this is
252
00:09:26,480 --> 00:09:28,480
what your view is going to look like
253
00:09:28,480 --> 00:09:29,680
another site
254
00:09:29,680 --> 00:09:32,080
pro tip here is that i am using
255
00:09:32,080 --> 00:09:34,640
workstation pro and i might utilize this
256
00:09:34,640 --> 00:09:36,880
in some instances throughout the course
257
00:09:36,880 --> 00:09:38,399
other instances i'll be utilizing the
258
00:09:38,399 --> 00:09:40,560
workstation player they are not much of
259
00:09:40,560 --> 00:09:42,000
a difference especially in the beginning
260
00:09:42,000 --> 00:09:43,600
when we get into the active directory
261
00:09:43,600 --> 00:09:45,600
portion it might actually be worth it
262
00:09:45,600 --> 00:09:49,120
for you all to download the vmware pro
263
00:09:49,120 --> 00:09:51,519
trial because the trial's 30 days and
264
00:09:51,519 --> 00:09:53,120
you can utilize that to get through some
265
00:09:53,120 --> 00:09:54,640
sections and actually have nice little
266
00:09:54,640 --> 00:09:56,959
windows here uh to
267
00:09:56,959 --> 00:09:59,760
to be clean and just have a pro edition
268
00:09:59,760 --> 00:10:01,279
i you can do everything that i'm going
269
00:10:01,279 --> 00:10:03,360
to show you in the course on the player
270
00:10:03,360 --> 00:10:05,360
it just is that you have to open if you
271
00:10:05,360 --> 00:10:06,959
want to run more than one machine you'll
272
00:10:06,959 --> 00:10:08,399
just have to reopen the vmware
273
00:10:08,399 --> 00:10:11,279
workstation player uh several times to
274
00:10:11,279 --> 00:10:13,440
run multiple machines but that's okay it
275
00:10:13,440 --> 00:10:14,720
just won't look like this nice clean
276
00:10:14,720 --> 00:10:16,240
layout where you can transfer between
277
00:10:16,240 --> 00:10:18,480
machines like i can do just here
278
00:10:18,480 --> 00:10:20,160
so with that being said let's go ahead
279
00:10:20,160 --> 00:10:21,440
and move on to the next video we're
280
00:10:21,440 --> 00:10:24,320
going to be installing kali linux onto
281
00:10:24,320 --> 00:10:27,920
our vmware workstation player
282
00:10:27,920 --> 00:10:30,320
now that we've installed vmware or
283
00:10:30,320 --> 00:10:33,839
virtualbox we need to install linux
284
00:10:33,839 --> 00:10:35,279
we're going to be using a version of
285
00:10:35,279 --> 00:10:37,440
linux called kali linux throughout this
286
00:10:37,440 --> 00:10:38,640
course
287
00:10:38,640 --> 00:10:40,959
this version of linux is a debian based
288
00:10:40,959 --> 00:10:43,760
distribution which is geared towards
289
00:10:43,760 --> 00:10:46,240
ethical hacking and penetration testing
290
00:10:46,240 --> 00:10:48,560
so it's a special version of linux that
291
00:10:48,560 --> 00:10:50,880
allows us to have all the tools in one
292
00:10:50,880 --> 00:10:51,920
place
293
00:10:51,920 --> 00:10:53,680
that will allow us to hack without
294
00:10:53,680 --> 00:10:55,279
having to download these tools and
295
00:10:55,279 --> 00:10:57,200
install them on our own custom linux
296
00:10:57,200 --> 00:10:59,360
distribution so it's all kind of nicely
297
00:10:59,360 --> 00:11:01,360
built into one package
298
00:11:01,360 --> 00:11:03,600
so if you go out to google and you type
299
00:11:03,600 --> 00:11:05,680
in kali linux download you should see
300
00:11:05,680 --> 00:11:07,600
this link i'll put the link in the
301
00:11:07,600 --> 00:11:09,760
description below as well but you should
302
00:11:09,760 --> 00:11:11,680
just be able to go to get cali right
303
00:11:11,680 --> 00:11:13,200
here
304
00:11:13,200 --> 00:11:14,800
and you're going to be presented with a
305
00:11:14,800 --> 00:11:16,959
couple of options here we're going to be
306
00:11:16,959 --> 00:11:18,399
using a virtual machine in this course
307
00:11:18,399 --> 00:11:19,440
so we're just going to go ahead and
308
00:11:19,440 --> 00:11:22,079
click on this virtual machine option
309
00:11:22,079 --> 00:11:23,680
and that's going to take us down just a
310
00:11:23,680 --> 00:11:25,279
little bit here
311
00:11:25,279 --> 00:11:26,959
what you're going to do is you're going
312
00:11:26,959 --> 00:11:29,680
to download the respective
313
00:11:29,680 --> 00:11:31,120
version that you need so if you need
314
00:11:31,120 --> 00:11:33,040
vmware you download vmware if you're
315
00:11:33,040 --> 00:11:34,640
using virtualbox go ahead and download
316
00:11:34,640 --> 00:11:36,320
the virtualbox one
317
00:11:36,320 --> 00:11:37,920
now they have a direct download which is
318
00:11:37,920 --> 00:11:39,839
a 7-zip and they also have a torrent if
319
00:11:39,839 --> 00:11:41,680
you know how to torrent
320
00:11:41,680 --> 00:11:42,959
what you're going to do is go ahead and
321
00:11:42,959 --> 00:11:45,200
download the file that you need
322
00:11:45,200 --> 00:11:47,600
and while you're doing that if you do
323
00:11:47,600 --> 00:11:50,079
choose to download directly you're also
324
00:11:50,079 --> 00:11:52,959
going to need a tool called 7-zip or a
325
00:11:52,959 --> 00:11:55,920
way to unzip this file so go ahead and
326
00:11:55,920 --> 00:11:57,360
start your download
327
00:11:57,360 --> 00:11:59,040
while it's downloading let's also go
328
00:11:59,040 --> 00:12:02,639
ahead and navigate to 7-zip so if you go
329
00:12:02,639 --> 00:12:05,120
to google and you look at 7-zip
330
00:12:05,120 --> 00:12:07,279
you'll see this page here comes up you
331
00:12:07,279 --> 00:12:09,519
just go to download in here you're going
332
00:12:09,519 --> 00:12:12,000
to download the file that is for your
333
00:12:12,000 --> 00:12:13,680
respective system
334
00:12:13,680 --> 00:12:16,959
so here i'm using windows on 64-bit i
335
00:12:16,959 --> 00:12:18,639
would download this executable right
336
00:12:18,639 --> 00:12:20,720
here now if you're running on linux
337
00:12:20,720 --> 00:12:22,399
here's where you download linux if
338
00:12:22,399 --> 00:12:23,760
you're running on mac os here's where
339
00:12:23,760 --> 00:12:25,360
you download for mac os
340
00:12:25,360 --> 00:12:27,440
very straightforward i've already got
341
00:12:27,440 --> 00:12:29,040
this installed but what you need to do
342
00:12:29,040 --> 00:12:30,800
is just download this and literally
343
00:12:30,800 --> 00:12:32,320
click next through it
344
00:12:32,320 --> 00:12:34,560
make sure you get it installed
345
00:12:34,560 --> 00:12:36,880
go ahead and pause the video
346
00:12:36,880 --> 00:12:39,600
once that is installed 7-zip that is and
347
00:12:39,600 --> 00:12:41,519
once you have the
348
00:12:41,519 --> 00:12:44,000
actual cali image downloaded go ahead
349
00:12:44,000 --> 00:12:45,440
and unpause the video i'll be here
350
00:12:45,440 --> 00:12:47,680
waiting for you
351
00:12:47,680 --> 00:12:49,440
okay so your next step should look
352
00:12:49,440 --> 00:12:51,600
something like this
353
00:12:51,600 --> 00:12:55,040
you have your 7-zip file open you should
354
00:12:55,040 --> 00:12:57,200
see a folder located in there and the
355
00:12:57,200 --> 00:12:59,200
easiest thing is to just drag and drop
356
00:12:59,200 --> 00:13:00,959
this you can also right-click and
357
00:13:00,959 --> 00:13:02,480
extract if you know where you want to
358
00:13:02,480 --> 00:13:04,959
extract it i created a folder called
359
00:13:04,959 --> 00:13:06,880
cali i'm just going to grab this and i'm
360
00:13:06,880 --> 00:13:08,320
going to drag it over
361
00:13:08,320 --> 00:13:10,000
and it's going to take a minute here
362
00:13:10,000 --> 00:13:12,720
just a few seconds honestly to unzip
363
00:13:12,720 --> 00:13:14,880
the file size of this one at least for
364
00:13:14,880 --> 00:13:17,519
the vmware version is around 11
365
00:13:17,519 --> 00:13:19,519
gigabytes or 11 gigabytes exactly
366
00:13:19,519 --> 00:13:21,600
unzipped so make sure you have the space
367
00:13:21,600 --> 00:13:25,040
on your hard drive in order to do this
368
00:13:25,040 --> 00:13:27,360
now once you have it
369
00:13:27,360 --> 00:13:28,720
unzipped you can go ahead and just
370
00:13:28,720 --> 00:13:30,240
double click in here you'll see a bunch
371
00:13:30,240 --> 00:13:32,000
of files
372
00:13:32,000 --> 00:13:34,000
if you have vmware installed you can
373
00:13:34,000 --> 00:13:35,839
actually just double click on this vmx
374
00:13:35,839 --> 00:13:37,760
file and that should open things up for
375
00:13:37,760 --> 00:13:38,480
you
376
00:13:38,480 --> 00:13:40,079
i'm just going to show you the other way
377
00:13:40,079 --> 00:13:43,680
around doing this as well
378
00:13:43,680 --> 00:13:46,399
so with vmware workstation player open
379
00:13:46,399 --> 00:13:48,800
what you're going to want to do is go to
380
00:13:48,800 --> 00:13:51,920
open a virtual machine
381
00:13:52,399 --> 00:13:54,399
and in the folder that you have you
382
00:13:54,399 --> 00:13:56,720
should see this vmx file as well again
383
00:13:56,720 --> 00:13:58,240
you could double click it or you could
384
00:13:58,240 --> 00:14:00,240
just open it through this
385
00:14:00,240 --> 00:14:02,399
what's going to happen is it's going to
386
00:14:02,399 --> 00:14:04,320
open that file here and you're going to
387
00:14:04,320 --> 00:14:06,000
want to edit this virtual machine
388
00:14:06,000 --> 00:14:06,959
settings
389
00:14:06,959 --> 00:14:08,720
once you have it loaded click on edit
390
00:14:08,720 --> 00:14:10,959
virtual machine settings
391
00:14:10,959 --> 00:14:13,360
and in here we're going to want to first
392
00:14:13,360 --> 00:14:15,279
change the amount of ram that we have
393
00:14:15,279 --> 00:14:18,560
now this is dependent on your system
394
00:14:18,560 --> 00:14:20,800
if you have like eight gigs of ram or
395
00:14:20,800 --> 00:14:22,800
maybe even 16 gigs of ram you might want
396
00:14:22,800 --> 00:14:25,279
to try leaving it at two at first
397
00:14:25,279 --> 00:14:27,120
i'm gonna bump mine up to
398
00:14:27,120 --> 00:14:29,680
four gigs which is 4096
399
00:14:29,680 --> 00:14:31,079
and i have
400
00:14:31,079 --> 00:14:34,320
128 gigs of ram so i have more than
401
00:14:34,320 --> 00:14:36,720
enough space to allocate for this but if
402
00:14:36,720 --> 00:14:38,160
you again if you're on like eight gigs
403
00:14:38,160 --> 00:14:40,320
of ram probably not the best idea to
404
00:14:40,320 --> 00:14:42,160
jack this up beyond
405
00:14:42,160 --> 00:14:44,320
two honestly i would try it at one maybe
406
00:14:44,320 --> 00:14:46,000
two see how it works
407
00:14:46,000 --> 00:14:47,120
the other thing you're going to make
408
00:14:47,120 --> 00:14:49,360
sure of is that you're running on nat
409
00:14:49,360 --> 00:14:50,720
network so if you click on network
410
00:14:50,720 --> 00:14:53,519
adapter make sure that it says nat and
411
00:14:53,519 --> 00:14:55,440
that's selected once that's selected go
412
00:14:55,440 --> 00:14:57,040
ahead and hit ok
413
00:14:57,040 --> 00:14:58,240
and then you're just going to hit play
414
00:14:58,240 --> 00:15:00,880
virtual machine
415
00:15:00,880 --> 00:15:03,199
when it asks you what to do just say i
416
00:15:03,199 --> 00:15:05,440
copied it
417
00:15:05,440 --> 00:15:06,560
now from here it's going to take a
418
00:15:06,560 --> 00:15:08,639
minute for this to load
419
00:15:08,639 --> 00:15:10,160
you can just let this run through it'll
420
00:15:10,160 --> 00:15:12,480
boot on its own once you are presented
421
00:15:12,480 --> 00:15:14,399
with the login screen go ahead and
422
00:15:14,399 --> 00:15:16,639
unpause the video but until then pause
423
00:15:16,639 --> 00:15:17,760
and i'll meet you back when you're at
424
00:15:17,760 --> 00:15:20,639
the login screen
425
00:15:20,800 --> 00:15:22,399
okay i'm at the login screen i'm going
426
00:15:22,399 --> 00:15:24,240
to make this a little bit bigger just so
427
00:15:24,240 --> 00:15:27,360
we can see and from here what i'm going
428
00:15:27,360 --> 00:15:29,120
to do is i'm just going to type in the
429
00:15:29,120 --> 00:15:32,240
username of cali aali
430
00:15:32,240 --> 00:15:36,000
and the password of cali aali
431
00:15:36,000 --> 00:15:39,240
hit enter
432
00:15:40,000 --> 00:15:41,440
and if you see this screen
433
00:15:41,440 --> 00:15:43,519
congratulations you have successfully
434
00:15:43,519 --> 00:15:45,839
installed kali linux and you now have it
435
00:15:45,839 --> 00:15:47,680
up and running
436
00:15:47,680 --> 00:15:50,000
in later videos we're going to cover
437
00:15:50,000 --> 00:15:51,839
what we're going to be doing and how to
438
00:15:51,839 --> 00:15:53,519
use this and how to use linux and all
439
00:15:53,519 --> 00:15:55,600
this but for now pat yourself on the
440
00:15:55,600 --> 00:15:58,000
back you've got linux installed and
441
00:15:58,000 --> 00:15:59,440
we're going to pause here and move on to
442
00:15:59,440 --> 00:16:01,120
the next video
443
00:16:01,120 --> 00:16:04,240
okay so this video pertains to some
444
00:16:04,240 --> 00:16:06,720
updates we need to make to virtualbox
445
00:16:06,720 --> 00:16:08,800
for quality of life
446
00:16:08,800 --> 00:16:10,720
so if you're not using virtualbox you
447
00:16:10,720 --> 00:16:13,279
can go ahead and skip this video if you
448
00:16:13,279 --> 00:16:15,440
are buckle in we just need to do a
449
00:16:15,440 --> 00:16:17,360
couple of quick updates and then we
450
00:16:17,360 --> 00:16:18,639
should be good for the rest of the
451
00:16:18,639 --> 00:16:19,680
course
452
00:16:19,680 --> 00:16:22,399
so go ahead and go out to google and
453
00:16:22,399 --> 00:16:24,959
google virtualbox extension pack what
454
00:16:24,959 --> 00:16:26,320
it's going to bring up is just the
455
00:16:26,320 --> 00:16:28,639
downloads page of virtualbox so we're
456
00:16:28,639 --> 00:16:30,880
going to want to go here
457
00:16:30,880 --> 00:16:32,959
and on this page if you look kind of
458
00:16:32,959 --> 00:16:34,800
towards the middle you'll see that there
459
00:16:34,800 --> 00:16:38,560
is a virtual box extension pack here
460
00:16:38,560 --> 00:16:40,480
we're going to just click all supported
461
00:16:40,480 --> 00:16:42,480
platforms and that will automatically
462
00:16:42,480 --> 00:16:45,759
download the file that we need
463
00:16:45,759 --> 00:16:48,000
so once that is downloaded and pause if
464
00:16:48,000 --> 00:16:52,240
you need to go ahead and open virtualbox
465
00:16:52,240 --> 00:16:53,839
and you can come in here
466
00:16:53,839 --> 00:16:55,519
and up at the top we're going to go
467
00:16:55,519 --> 00:16:58,240
ahead and click on preferences
468
00:16:58,240 --> 00:17:00,639
and from here we are interested in
469
00:17:00,639 --> 00:17:03,279
extensions see extensions right here go
470
00:17:03,279 --> 00:17:05,199
ahead and click on that there's a little
471
00:17:05,199 --> 00:17:06,480
plus sign we're going to go ahead and
472
00:17:06,480 --> 00:17:07,919
click on that
473
00:17:07,919 --> 00:17:09,919
and then you should have your downloads
474
00:17:09,919 --> 00:17:11,280
right here so we're going to take the
475
00:17:11,280 --> 00:17:13,839
downloads and just
476
00:17:13,839 --> 00:17:17,359
go ahead and install that hit install
477
00:17:17,359 --> 00:17:20,720
read this give away your firstborn
478
00:17:20,720 --> 00:17:23,520
accept all the terms and you should be
479
00:17:23,520 --> 00:17:26,319
good very quick install okay
480
00:17:26,319 --> 00:17:28,640
the second thing we need to do is we
481
00:17:28,640 --> 00:17:30,960
need to come to the one tab appear above
482
00:17:30,960 --> 00:17:33,200
which is network
483
00:17:33,200 --> 00:17:34,240
we're going to go ahead and hit the
484
00:17:34,240 --> 00:17:36,400
network button or this add button we're
485
00:17:36,400 --> 00:17:38,080
going to add what is called a nat
486
00:17:38,080 --> 00:17:39,520
network
487
00:17:39,520 --> 00:17:41,120
okay and we're going to come in here and
488
00:17:41,120 --> 00:17:43,679
we're going to double click
489
00:17:43,679 --> 00:17:46,000
and you can go ahead and keep these
490
00:17:46,000 --> 00:17:47,919
defaults i'm going to actually change
491
00:17:47,919 --> 00:17:50,480
them to
492
00:17:50,840 --> 00:17:52,640
192.168.57.0 because that's what's going
493
00:17:52,640 --> 00:17:54,160
to be used through the rest of the
494
00:17:54,160 --> 00:17:56,480
course and that is what the cider
495
00:17:56,480 --> 00:17:59,760
notation of my cali machine and my key
496
00:17:59,760 --> 00:18:02,080
optrix which you'll see later etc all
497
00:18:02,080 --> 00:18:04,799
fell into this 57.0 so we're going to go
498
00:18:04,799 --> 00:18:07,360
ahead and keep it on this network make
499
00:18:07,360 --> 00:18:10,000
sure you support dhcp go ahead and just
500
00:18:10,000 --> 00:18:11,440
hit ok
501
00:18:11,440 --> 00:18:13,120
hit ok
502
00:18:13,120 --> 00:18:15,440
and then for a machine and make sure any
503
00:18:15,440 --> 00:18:18,080
machine that you use again any machine
504
00:18:18,080 --> 00:18:19,919
that you use in this course
505
00:18:19,919 --> 00:18:22,080
make sure you set it to nat network if
506
00:18:22,080 --> 00:18:24,080
you're using virtualbox so you can come
507
00:18:24,080 --> 00:18:25,600
in here click on a machine like this
508
00:18:25,600 --> 00:18:27,039
mail machine i have here you can just
509
00:18:27,039 --> 00:18:28,960
click on that settings
510
00:18:28,960 --> 00:18:30,559
go to network
511
00:18:30,559 --> 00:18:33,039
and then you can go ahead and just go to
512
00:18:33,039 --> 00:18:35,120
nat network all right
513
00:18:35,120 --> 00:18:37,039
and that name right here you see name
514
00:18:37,039 --> 00:18:38,320
net network that's all we're going to
515
00:18:38,320 --> 00:18:40,880
use that'll automatically set it up so
516
00:18:40,880 --> 00:18:42,320
when you have a cali machine running
517
00:18:42,320 --> 00:18:44,720
later and you have keoptrex or another
518
00:18:44,720 --> 00:18:46,960
box running or even when we build out an
519
00:18:46,960 --> 00:18:48,799
active directory lab you need to make
520
00:18:48,799 --> 00:18:50,160
sure that you're running that net
521
00:18:50,160 --> 00:18:52,080
network so that all the machines are on
522
00:18:52,080 --> 00:18:53,280
the same
523
00:18:53,280 --> 00:18:56,320
subnet if you don't you might run into a
524
00:18:56,320 --> 00:18:59,120
situation where uh the same ip comes up
525
00:18:59,120 --> 00:19:01,280
for the same machine and then they're uh
526
00:19:01,280 --> 00:19:03,280
conflicting with each other or you get
527
00:19:03,280 --> 00:19:04,799
on different networks and some weird
528
00:19:04,799 --> 00:19:07,039
stuff happens so make sure again that
529
00:19:07,039 --> 00:19:08,400
it's imperative that you're setting that
530
00:19:08,400 --> 00:19:10,559
net network for every single machine
531
00:19:10,559 --> 00:19:13,120
that you're setting up so with that said
532
00:19:13,120 --> 00:19:14,799
we're going to go ahead and move on to
533
00:19:14,799 --> 00:19:18,160
the next video in this section
534
00:19:18,160 --> 00:19:19,919
the first thing i'd like to do before we
535
00:19:19,919 --> 00:19:21,840
get started with any commands or
536
00:19:21,840 --> 00:19:23,919
anything like that is just take a look
537
00:19:23,919 --> 00:19:26,080
around kali linux and kind of
538
00:19:26,080 --> 00:19:27,679
demonstrate why
539
00:19:27,679 --> 00:19:30,320
a pen tester or ethical hacker might use
540
00:19:30,320 --> 00:19:32,640
this distribution of linux
541
00:19:32,640 --> 00:19:34,799
now throughout the course as stated in
542
00:19:34,799 --> 00:19:37,840
the last video you might see a different
543
00:19:37,840 --> 00:19:40,720
version of this pop up as i recorded
544
00:19:40,720 --> 00:19:43,120
videos on some of the older versions
545
00:19:43,120 --> 00:19:45,840
everything should still work just as is
546
00:19:45,840 --> 00:19:48,080
you just might see a different look and
547
00:19:48,080 --> 00:19:50,559
feel to some of the cali interface but
548
00:19:50,559 --> 00:19:51,919
all the commands i'm going to show you
549
00:19:51,919 --> 00:19:54,000
everything that we do is going to be the
550
00:19:54,000 --> 00:19:56,559
same so let's take a look and just
551
00:19:56,559 --> 00:19:58,960
explore kali linux just for a bit so if
552
00:19:58,960 --> 00:20:01,039
we come up here into the corner and we
553
00:20:01,039 --> 00:20:03,120
just click on the little cali logo
554
00:20:03,120 --> 00:20:05,360
you can see that we have nice things
555
00:20:05,360 --> 00:20:07,200
broken out for us so we've got these
556
00:20:07,200 --> 00:20:09,280
favorites up here which we have our
557
00:20:09,280 --> 00:20:10,880
terminal which we're going to be living
558
00:20:10,880 --> 00:20:13,360
in essentially we've got a text editor
559
00:20:13,360 --> 00:20:15,600
we've got a web browser which is
560
00:20:15,600 --> 00:20:17,760
basically firefox we've got some other
561
00:20:17,760 --> 00:20:19,200
tools down here
562
00:20:19,200 --> 00:20:21,840
docs etc the other thing that we can
563
00:20:21,840 --> 00:20:23,280
come scroll through is we can see that
564
00:20:23,280 --> 00:20:25,840
we have different applications in here
565
00:20:25,840 --> 00:20:27,280
if we look at the different sections
566
00:20:27,280 --> 00:20:28,640
these kind of go in order which we
567
00:20:28,640 --> 00:20:30,480
haven't covered quite yet but in the
568
00:20:30,480 --> 00:20:33,200
order of how a hack might go down so
569
00:20:33,200 --> 00:20:34,720
information gathering is usually the
570
00:20:34,720 --> 00:20:36,559
first step you can come in here look
571
00:20:36,559 --> 00:20:38,240
through this and here's a bunch of tools
572
00:20:38,240 --> 00:20:40,799
related to information gathering you can
573
00:20:40,799 --> 00:20:42,559
even click into these and go deeper if
574
00:20:42,559 --> 00:20:44,960
you wanted to related to specific things
575
00:20:44,960 --> 00:20:47,840
so dns or smb or open source
576
00:20:47,840 --> 00:20:49,360
intelligence
577
00:20:49,360 --> 00:20:51,360
all of this that's in here
578
00:20:51,360 --> 00:20:53,679
this is just built in tools so let's say
579
00:20:53,679 --> 00:20:55,360
we're coming in here we want to do a
580
00:20:55,360 --> 00:20:57,120
wireless attack well we go to wireless
581
00:20:57,120 --> 00:20:58,960
stacks got a bunch of tools already
582
00:20:58,960 --> 00:21:02,559
built in so kali linux is just
583
00:21:02,559 --> 00:21:04,240
essentially a
584
00:21:04,240 --> 00:21:06,720
ethical hacking distribution of linux
585
00:21:06,720 --> 00:21:08,640
and it's built on debian so if you've
586
00:21:08,640 --> 00:21:10,320
ever used something like ubuntu or
587
00:21:10,320 --> 00:21:12,240
anything along those lines of a debian
588
00:21:12,240 --> 00:21:14,320
distribution this is all going to feel
589
00:21:14,320 --> 00:21:16,159
really familiar to you with just a bunch
590
00:21:16,159 --> 00:21:18,320
of tools built in on top of it
591
00:21:18,320 --> 00:21:19,120
so
592
00:21:19,120 --> 00:21:20,799
fairly straightforward they do have some
593
00:21:20,799 --> 00:21:22,960
nice tools in here you can come through
594
00:21:22,960 --> 00:21:24,880
and utilize these
595
00:21:24,880 --> 00:21:26,799
a lot of this is already built in and
596
00:21:26,799 --> 00:21:28,480
we're going to take a look at that as we
597
00:21:28,480 --> 00:21:30,559
go okay so the next thing that we're
598
00:21:30,559 --> 00:21:32,400
going to do is and throughout the rest
599
00:21:32,400 --> 00:21:34,320
of this course is start looking at the
600
00:21:34,320 --> 00:21:36,240
terminal so if you come up here you'll
601
00:21:36,240 --> 00:21:38,400
see that we have a terminal now mostly
602
00:21:38,400 --> 00:21:39,840
everything that we do is going to be
603
00:21:39,840 --> 00:21:41,840
done in this terminal here
604
00:21:41,840 --> 00:21:43,440
now this is
605
00:21:43,440 --> 00:21:45,600
almost like accessing the command line
606
00:21:45,600 --> 00:21:47,760
so if you're using a command line like
607
00:21:47,760 --> 00:21:48,880
in
608
00:21:48,880 --> 00:21:50,559
windows for example if you've ever used
609
00:21:50,559 --> 00:21:52,640
command line if not that's okay
610
00:21:52,640 --> 00:21:54,720
but we do a lot of this from this
611
00:21:54,720 --> 00:21:57,280
interface as opposed to maybe utilizing
612
00:21:57,280 --> 00:21:59,760
a gui base interface where if we clicked
613
00:21:59,760 --> 00:22:01,440
a folder this might look more familiar
614
00:22:01,440 --> 00:22:03,600
to you if you're a windows or mac user
615
00:22:03,600 --> 00:22:05,600
you come in here you have this kind of
616
00:22:05,600 --> 00:22:07,520
area yeah yeah we can do that and
617
00:22:07,520 --> 00:22:09,440
sometimes we'll utilize this but a lot
618
00:22:09,440 --> 00:22:10,720
of times we're going to be living right
619
00:22:10,720 --> 00:22:12,880
here okay so
620
00:22:12,880 --> 00:22:14,320
as we move forward we're going to start
621
00:22:14,320 --> 00:22:16,080
talking about this command line how we
622
00:22:16,080 --> 00:22:18,000
can utilize it and use it to our
623
00:22:18,000 --> 00:22:19,679
advantage and then we'll do some tips
624
00:22:19,679 --> 00:22:21,120
and tricks and
625
00:22:21,120 --> 00:22:22,559
hopefully learn some pretty neat stuff
626
00:22:22,559 --> 00:22:24,880
as we go so in the next video i'm going
627
00:22:24,880 --> 00:22:26,799
to cover the pseudo feature which i
628
00:22:26,799 --> 00:22:28,640
think is important it's something that
629
00:22:28,640 --> 00:22:30,880
was brought in now originally we had
630
00:22:30,880 --> 00:22:32,480
something called a root permission and
631
00:22:32,480 --> 00:22:35,039
we'll talk about that that has changed
632
00:22:35,039 --> 00:22:37,760
since 2020.1 moving forward so we're
633
00:22:37,760 --> 00:22:39,600
introducing that into this course and
634
00:22:39,600 --> 00:22:41,919
we'll talk options that you have so
635
00:22:41,919 --> 00:22:43,440
let's go ahead and move to the next
636
00:22:43,440 --> 00:22:45,360
video where we talk about the pseudo
637
00:22:45,360 --> 00:22:48,080
feature all right so before we look at
638
00:22:48,080 --> 00:22:51,120
any commands or learn any command line
639
00:22:51,120 --> 00:22:55,039
we have to talk about sudo sudo is very
640
00:22:55,039 --> 00:22:56,799
important and
641
00:22:56,799 --> 00:22:59,760
what had happened previously was that in
642
00:22:59,760 --> 00:23:02,400
the earlier versions of kali linux we
643
00:23:02,400 --> 00:23:05,200
ran as a user called root root is the
644
00:23:05,200 --> 00:23:06,880
ultimate user you could think of it as
645
00:23:06,880 --> 00:23:09,200
the administrator of the machine
646
00:23:09,200 --> 00:23:11,440
now we're running as a user called cali
647
00:23:11,440 --> 00:23:13,200
so we don't have root privileges
648
00:23:13,200 --> 00:23:16,240
directly this is as an improved security
649
00:23:16,240 --> 00:23:17,840
feature because we should be running
650
00:23:17,840 --> 00:23:20,960
only certain commands when we need to as
651
00:23:20,960 --> 00:23:22,720
the root user
652
00:23:22,720 --> 00:23:24,559
so we're going to see is we're going to
653
00:23:24,559 --> 00:23:26,799
see how we can run commands as an
654
00:23:26,799 --> 00:23:28,240
elevated privilege and we're going to do
655
00:23:28,240 --> 00:23:31,120
that with sudo which stands for super
656
00:23:31,120 --> 00:23:33,360
user do they just kind of shortened it
657
00:23:33,360 --> 00:23:36,320
so we just have pseudo now okay now with
658
00:23:36,320 --> 00:23:38,400
sudo what we're doing is we're saying
659
00:23:38,400 --> 00:23:40,799
hey i want to run a command elevated i
660
00:23:40,799 --> 00:23:43,760
want to run this as a higher user in
661
00:23:43,760 --> 00:23:45,520
this instance we can say i want to run
662
00:23:45,520 --> 00:23:47,840
the command as root
663
00:23:47,840 --> 00:23:50,320
why is that important well let's take a
664
00:23:50,320 --> 00:23:52,400
look at an example let's say that i
665
00:23:52,400 --> 00:23:55,200
wanted to look at a very sensitive file
666
00:23:55,200 --> 00:23:58,080
now one sensitive file in our system is
667
00:23:58,080 --> 00:24:00,880
the etsy shadow file you can see cat
668
00:24:00,880 --> 00:24:01,840
etsy
669
00:24:01,840 --> 00:24:04,159
like this etsy shadow and you don't have
670
00:24:04,159 --> 00:24:05,919
to follow along right now
671
00:24:05,919 --> 00:24:06,799
you don't have to really understand
672
00:24:06,799 --> 00:24:08,240
what's going on if you've never seen
673
00:24:08,240 --> 00:24:10,159
linux all i'm doing is saying hey i want
674
00:24:10,159 --> 00:24:12,400
to print out this file i want to look at
675
00:24:12,400 --> 00:24:15,360
it okay and for here i can't see it it
676
00:24:15,360 --> 00:24:17,360
says permission denied you don't have
677
00:24:17,360 --> 00:24:19,360
the access to see this file that's a
678
00:24:19,360 --> 00:24:20,640
good thing
679
00:24:20,640 --> 00:24:23,440
but if i was the root user or somebody
680
00:24:23,440 --> 00:24:25,919
that had elevated privileges i could see
681
00:24:25,919 --> 00:24:28,960
it so i could say sudo
682
00:24:28,960 --> 00:24:30,080
cat
683
00:24:30,080 --> 00:24:32,640
etsy shadow like this
684
00:24:32,640 --> 00:24:34,400
okay and it's going to say what is your
685
00:24:34,400 --> 00:24:36,240
password for cali i'm going to go ahead
686
00:24:36,240 --> 00:24:38,960
and say cali k-a-l-i
687
00:24:38,960 --> 00:24:40,720
hit enter
688
00:24:40,720 --> 00:24:43,279
and now i can see that i have access to
689
00:24:43,279 --> 00:24:44,640
this file and this file is very
690
00:24:44,640 --> 00:24:46,240
sensitive we'll talk about this later on
691
00:24:46,240 --> 00:24:49,440
in the course but sends it a file okay
692
00:24:49,440 --> 00:24:52,400
so when we're looking at it i ran that
693
00:24:52,400 --> 00:24:55,679
command specifically as the root user as
694
00:24:55,679 --> 00:24:58,320
the root user i'm able to see
695
00:24:58,320 --> 00:25:01,679
okay this file now
696
00:25:01,679 --> 00:25:04,320
why or what's going on here
697
00:25:04,320 --> 00:25:06,559
well we're running that specific command
698
00:25:06,559 --> 00:25:07,360
right
699
00:25:07,360 --> 00:25:09,679
and we're still staying as cali we're
700
00:25:09,679 --> 00:25:13,200
doing this in a kind of one-off scenario
701
00:25:13,200 --> 00:25:15,679
so there will be times where something
702
00:25:15,679 --> 00:25:18,000
that you run in this course might
703
00:25:18,000 --> 00:25:20,000
require pseudo or you can run the
704
00:25:20,000 --> 00:25:22,080
command without sudo but you notice
705
00:25:22,080 --> 00:25:24,720
something doesn't work so best practice
706
00:25:24,720 --> 00:25:25,760
for this
707
00:25:25,760 --> 00:25:28,159
is saying hey let's go ahead and just
708
00:25:28,159 --> 00:25:29,039
run
709
00:25:29,039 --> 00:25:30,960
mostly everything that i'm showing you
710
00:25:30,960 --> 00:25:33,200
command-wise in this course that's not
711
00:25:33,200 --> 00:25:35,279
best practice overall usually you should
712
00:25:35,279 --> 00:25:37,679
run things just as a regular user if you
713
00:25:37,679 --> 00:25:39,679
get permissions blocked then run it as
714
00:25:39,679 --> 00:25:42,400
sudo as necessary now
715
00:25:42,400 --> 00:25:43,840
the other thing to point out and we'll
716
00:25:43,840 --> 00:25:45,600
talk about this again in later on in the
717
00:25:45,600 --> 00:25:47,120
course but
718
00:25:47,120 --> 00:25:49,360
why can we do this is because this user
719
00:25:49,360 --> 00:25:51,760
is part of what's called a sudoers file
720
00:25:51,760 --> 00:25:52,640
meaning
721
00:25:52,640 --> 00:25:55,600
we can have this permission not any user
722
00:25:55,600 --> 00:25:57,440
can come in here say we made a new user
723
00:25:57,440 --> 00:25:59,440
and we just called the user john we
724
00:25:59,440 --> 00:26:01,279
can't just take john and just go ahead
725
00:26:01,279 --> 00:26:03,679
and just run these commands as root no
726
00:26:03,679 --> 00:26:05,279
john has to have the permission to do
727
00:26:05,279 --> 00:26:07,279
this so you can think of cali as being
728
00:26:07,279 --> 00:26:10,240
an administrator but only when we
729
00:26:10,240 --> 00:26:12,880
utilize that access or that privilege
730
00:26:12,880 --> 00:26:14,480
okay the other thing i want to show you
731
00:26:14,480 --> 00:26:15,279
though
732
00:26:15,279 --> 00:26:17,520
is that we can switch over to root if we
733
00:26:17,520 --> 00:26:19,760
want to we can come in here and we can
734
00:26:19,760 --> 00:26:23,520
say sudo switch user
735
00:26:23,520 --> 00:26:25,279
dash just like that and then i'll put us
736
00:26:25,279 --> 00:26:27,600
into room now you can see okay we're
737
00:26:27,600 --> 00:26:29,919
running root at cali and that's only for
738
00:26:29,919 --> 00:26:31,600
this instance
739
00:26:31,600 --> 00:26:33,840
you can if you want i'm not going to
740
00:26:33,840 --> 00:26:35,760
demonstrate how to do this but you can
741
00:26:35,760 --> 00:26:38,880
if you want change the root password log
742
00:26:38,880 --> 00:26:41,760
out and log back in as root and run
743
00:26:41,760 --> 00:26:43,600
through this course as root again that's
744
00:26:43,600 --> 00:26:46,080
not best security practice but that
745
00:26:46,080 --> 00:26:48,320
feature is available to you if you are a
746
00:26:48,320 --> 00:26:50,080
linux user that is comfortable with
747
00:26:50,080 --> 00:26:51,600
linux comfortable with running as root
748
00:26:51,600 --> 00:26:53,039
and you want the
749
00:26:53,039 --> 00:26:55,600
easy path otherwise i highly recommend
750
00:26:55,600 --> 00:26:57,919
just staying as cali running as pseudo
751
00:26:57,919 --> 00:26:59,600
privileges as you need it and then
752
00:26:59,600 --> 00:27:01,520
moving forward but this is a quick way
753
00:27:01,520 --> 00:27:03,840
to switch into root if you need to
754
00:27:03,840 --> 00:27:05,679
sometimes even running pseudo causes
755
00:27:05,679 --> 00:27:08,000
some issues so switching to root to run
756
00:27:08,000 --> 00:27:11,120
a command is okay what we can do here
757
00:27:11,120 --> 00:27:13,120
too is the demonstration is we can go
758
00:27:13,120 --> 00:27:14,720
file new tab
759
00:27:14,720 --> 00:27:16,159
and look at a new instance and you'll
760
00:27:16,159 --> 00:27:18,559
see that this instance of root is only
761
00:27:18,559 --> 00:27:21,600
good for this tab here once we start a
762
00:27:21,600 --> 00:27:23,440
new tab we're going to be brought back
763
00:27:23,440 --> 00:27:25,120
right back to cali cali you can see that
764
00:27:25,120 --> 00:27:27,840
from the top line in the tab as well so
765
00:27:27,840 --> 00:27:29,200
just keep note of this when you're
766
00:27:29,200 --> 00:27:31,360
running commands in this course if you
767
00:27:31,360 --> 00:27:34,000
see something again try running it with
768
00:27:34,000 --> 00:27:36,880
sudo if it's not working or if it says
769
00:27:36,880 --> 00:27:38,640
access denied then you know hey i need
770
00:27:38,640 --> 00:27:41,760
to run sudo very very very important
771
00:27:41,760 --> 00:27:43,840
okay i'm trying to drive that in into
772
00:27:43,840 --> 00:27:46,000
your brains right now so from here we're
773
00:27:46,000 --> 00:27:47,120
going to move on we're going to start
774
00:27:47,120 --> 00:27:48,720
looking at how to navigate around the
775
00:27:48,720 --> 00:27:50,000
file system
776
00:27:50,000 --> 00:27:52,399
taking a look at everything from a
777
00:27:52,399 --> 00:27:55,600
bigger picture and diving into terminal
778
00:27:55,600 --> 00:27:58,000
so i will see you over in the next video
779
00:27:58,000 --> 00:28:00,000
now we're going to take a look at the
780
00:28:00,000 --> 00:28:03,840
linux terminal and if you're a user of a
781
00:28:03,840 --> 00:28:06,240
regular computer like windows or even
782
00:28:06,240 --> 00:28:09,200
mac os you are probably used to using
783
00:28:09,200 --> 00:28:12,640
what is called a gui or a graphical user
784
00:28:12,640 --> 00:28:14,159
interface
785
00:28:14,159 --> 00:28:16,720
and we can do this with our version of
786
00:28:16,720 --> 00:28:18,320
linux we can come in here and if we want
787
00:28:18,320 --> 00:28:20,320
to like go to folders we can absolutely
788
00:28:20,320 --> 00:28:23,039
open this and go to folders we've got
789
00:28:23,039 --> 00:28:25,440
the ability to go to firefox we've got
790
00:28:25,440 --> 00:28:27,279
all of our tools in here that we want to
791
00:28:27,279 --> 00:28:28,799
use or look at
792
00:28:28,799 --> 00:28:31,600
and we have a graphical user interface
793
00:28:31,600 --> 00:28:33,760
however a lot of our time is going to be
794
00:28:33,760 --> 00:28:36,799
spent on the command line and using a
795
00:28:36,799 --> 00:28:38,880
terminal so it's very important that we
796
00:28:38,880 --> 00:28:41,679
learn how to use a terminal in linux
797
00:28:41,679 --> 00:28:44,080
so looking at our terminal here we can
798
00:28:44,080 --> 00:28:45,919
see a few things before we even get
799
00:28:45,919 --> 00:28:47,200
started
800
00:28:47,200 --> 00:28:49,600
the first thing is that we have a cali
801
00:28:49,600 --> 00:28:51,679
at cali
802
00:28:51,679 --> 00:28:53,520
what does that mean well
803
00:28:53,520 --> 00:28:56,000
the first instance here is cali that is
804
00:28:56,000 --> 00:28:58,320
your user so remember when we first
805
00:28:58,320 --> 00:29:00,640
logged in we logged in as cali
806
00:29:00,640 --> 00:29:02,399
and that is our user so if we ever
807
00:29:02,399 --> 00:29:05,600
switch over to root we'll see root here
808
00:29:05,600 --> 00:29:08,480
the second part of this is our host name
809
00:29:08,480 --> 00:29:11,360
so our computer name happens to also be
810
00:29:11,360 --> 00:29:13,520
cali if you change your host name you
811
00:29:13,520 --> 00:29:15,039
could say whatever you wanted to say
812
00:29:15,039 --> 00:29:16,159
here
813
00:29:16,159 --> 00:29:17,679
the last little part of this is this
814
00:29:17,679 --> 00:29:20,320
atilda this is actually the directory
815
00:29:20,320 --> 00:29:22,240
that you are currently in so this is a
816
00:29:22,240 --> 00:29:24,960
quick way to say what user am i what
817
00:29:24,960 --> 00:29:27,760
workstation am i on and what directory
818
00:29:27,760 --> 00:29:29,039
am i in
819
00:29:29,039 --> 00:29:31,200
now we can take a look at what directory
820
00:29:31,200 --> 00:29:34,159
we are in with the pwd command
821
00:29:34,159 --> 00:29:36,159
and that stands for print working
822
00:29:36,159 --> 00:29:37,360
directory
823
00:29:37,360 --> 00:29:38,960
and in this instance you can see we are
824
00:29:38,960 --> 00:29:42,320
in the home forward slash cali folder
825
00:29:42,320 --> 00:29:44,640
and that is the equivalent of being in
826
00:29:44,640 --> 00:29:46,640
the atilda so if you see the atilda that
827
00:29:46,640 --> 00:29:49,440
just means you are in your users home
828
00:29:49,440 --> 00:29:50,399
folder
829
00:29:50,399 --> 00:29:52,000
so if we were a root user we would
830
00:29:52,000 --> 00:29:53,600
actually be in the forward slash root
831
00:29:53,600 --> 00:29:55,600
folder as opposed to the home cali
832
00:29:55,600 --> 00:29:57,679
folder so the atilda means something
833
00:29:57,679 --> 00:29:59,840
different for every user that you're on
834
00:29:59,840 --> 00:30:01,360
the next thing we're going to look at is
835
00:30:01,360 --> 00:30:04,559
the change directory feature so imagine
836
00:30:04,559 --> 00:30:06,000
that we are
837
00:30:06,000 --> 00:30:08,640
in our folder here so if we go to like i
838
00:30:08,640 --> 00:30:10,480
don't know our desktop
839
00:30:10,480 --> 00:30:12,240
and we're sitting in our cali folder
840
00:30:12,240 --> 00:30:13,760
this is really what we're looking at so
841
00:30:13,760 --> 00:30:16,399
we're looking at cali right here
842
00:30:16,399 --> 00:30:18,399
and we want to get out of this cali
843
00:30:18,399 --> 00:30:20,320
folder and change into another folder
844
00:30:20,320 --> 00:30:22,159
say like i don't know downloads for
845
00:30:22,159 --> 00:30:25,039
example if we go into downloads it's
846
00:30:25,039 --> 00:30:26,799
very easy to click into but how do we
847
00:30:26,799 --> 00:30:28,240
navigate around
848
00:30:28,240 --> 00:30:30,080
on the terminal i'm going to show you
849
00:30:30,080 --> 00:30:31,440
how to do that so the first thing we're
850
00:30:31,440 --> 00:30:33,679
going to do is use the cd command that
851
00:30:33,679 --> 00:30:36,320
stands for change directory now if we do
852
00:30:36,320 --> 00:30:38,640
change directory dot dot
853
00:30:38,640 --> 00:30:41,760
that says i want to go backwards so if i
854
00:30:41,760 --> 00:30:43,760
do that
855
00:30:43,760 --> 00:30:45,120
now you can see that we are in the
856
00:30:45,120 --> 00:30:46,880
forward slash home folder but we can
857
00:30:46,880 --> 00:30:48,720
also do a pwd
858
00:30:48,720 --> 00:30:50,240
print the working directory and you can
859
00:30:50,240 --> 00:30:52,799
see that we are in the home folder
860
00:30:52,799 --> 00:30:55,120
now can we go any further back well
861
00:30:55,120 --> 00:30:57,600
let's try cd dot dot again
862
00:30:57,600 --> 00:30:59,279
and now you can see we add a forward
863
00:30:59,279 --> 00:31:01,760
slash if we do a pwd
864
00:31:01,760 --> 00:31:04,080
we are at a forward slash and one more
865
00:31:04,080 --> 00:31:06,159
time i'm going to cd dot dot and see if
866
00:31:06,159 --> 00:31:08,559
anything happens nothing happens here we
867
00:31:08,559 --> 00:31:11,360
cannot change any further we are in what
868
00:31:11,360 --> 00:31:13,919
is called our base directory so if you
869
00:31:13,919 --> 00:31:16,399
see a forward slash think of that as the
870
00:31:16,399 --> 00:31:18,799
base folder you cannot go any further
871
00:31:18,799 --> 00:31:20,399
back from that
872
00:31:20,399 --> 00:31:21,840
now i'm going to clear my screen if you
873
00:31:21,840 --> 00:31:23,279
want to clear your screen you just hit
874
00:31:23,279 --> 00:31:25,279
control l
875
00:31:25,279 --> 00:31:27,679
like that and that'll clear the screen
876
00:31:27,679 --> 00:31:29,760
and from here we're going to look at
877
00:31:29,760 --> 00:31:32,240
what is in our base folder and to do
878
00:31:32,240 --> 00:31:35,120
that we can use a tool called list
879
00:31:35,120 --> 00:31:37,200
which is ls
880
00:31:37,200 --> 00:31:39,279
so from here we can see
881
00:31:39,279 --> 00:31:42,320
different colors and different things
882
00:31:42,320 --> 00:31:44,159
and we can tell based on the colors
883
00:31:44,159 --> 00:31:45,919
though these color schemes are not the
884
00:31:45,919 --> 00:31:48,399
greatest in the newest kali linux we can
885
00:31:48,399 --> 00:31:50,240
still see like hey this darker version
886
00:31:50,240 --> 00:31:53,039
of blue is actually a folder where some
887
00:31:53,039 --> 00:31:55,600
of these other things are actually files
888
00:31:55,600 --> 00:31:56,960
we don't have to worry too much about
889
00:31:56,960 --> 00:31:58,559
that right now but we just came out of
890
00:31:58,559 --> 00:32:01,440
the home folder so we can see here that
891
00:32:01,440 --> 00:32:03,840
we have a bunch of files and folders and
892
00:32:03,840 --> 00:32:05,360
let's say we want to go back to the home
893
00:32:05,360 --> 00:32:08,320
folder well we can cd home
894
00:32:08,320 --> 00:32:10,559
and i'm going to start typing h and i'm
895
00:32:10,559 --> 00:32:11,919
just going to hit tab
896
00:32:11,919 --> 00:32:13,600
and because there's nothing else in here
897
00:32:13,600 --> 00:32:15,279
with an h we don't have to worry too
898
00:32:15,279 --> 00:32:16,960
much it will just auto-complete to the
899
00:32:16,960 --> 00:32:19,679
home folder now for example if there's a
900
00:32:19,679 --> 00:32:21,279
bunch of l's i'm going to back up really
901
00:32:21,279 --> 00:32:23,039
quick before i hit enter
902
00:32:23,039 --> 00:32:25,039
if i wanted to try something that has
903
00:32:25,039 --> 00:32:27,679
multiple items in here if i try the l
904
00:32:27,679 --> 00:32:29,440
and i hit tab you're going to see that
905
00:32:29,440 --> 00:32:32,000
there's going to be a lot of options for
906
00:32:32,000 --> 00:32:33,600
me to go through
907
00:32:33,600 --> 00:32:34,559
and
908
00:32:34,559 --> 00:32:36,720
depending on what you have is when you
909
00:32:36,720 --> 00:32:38,960
can auto complete so if i start typing
910
00:32:38,960 --> 00:32:41,679
lo it should know that there's only one
911
00:32:41,679 --> 00:32:44,000
lo and i can tab and auto complete the
912
00:32:44,000 --> 00:32:45,360
rest so you just have to be able to get
913
00:32:45,360 --> 00:32:47,279
to a point where you can tab out or if
914
00:32:47,279 --> 00:32:49,200
you know the first letter of the file
915
00:32:49,200 --> 00:32:50,720
that you're looking for you can hit tab
916
00:32:50,720 --> 00:32:52,320
on that and you can see
917
00:32:52,320 --> 00:32:53,919
okay here's where i need to be or here's
918
00:32:53,919 --> 00:32:55,200
what i can look at with everything that
919
00:32:55,200 --> 00:32:56,720
starts with that letter i'm going to
920
00:32:56,720 --> 00:32:58,320
delete this and we're going to cd back
921
00:32:58,320 --> 00:33:00,399
into home
922
00:33:00,399 --> 00:33:02,159
we're going to ls to list the contents
923
00:33:02,159 --> 00:33:04,799
of home which is just our cali folder so
924
00:33:04,799 --> 00:33:08,320
i'm going to cd into cali
925
00:33:08,720 --> 00:33:11,360
and if i ls from here you can see that i
926
00:33:11,360 --> 00:33:13,840
have our desktop documents downloads
927
00:33:13,840 --> 00:33:16,240
similar to what we saw in the graphical
928
00:33:16,240 --> 00:33:17,679
user interface when we were in the
929
00:33:17,679 --> 00:33:20,000
folder now we can see it from our
930
00:33:20,000 --> 00:33:22,799
terminal now before we go diving deeper
931
00:33:22,799 --> 00:33:24,720
into these folders
932
00:33:24,720 --> 00:33:26,960
something that i want to look at is what
933
00:33:26,960 --> 00:33:29,760
if i wanted to get to this etsy folder
934
00:33:29,760 --> 00:33:31,760
over here so there's this etsy folder
935
00:33:31,760 --> 00:33:33,760
that was in our base
936
00:33:33,760 --> 00:33:37,200
now if i try to cd into etsy from here
937
00:33:37,200 --> 00:33:39,120
nothing's going to work i'm tabbing
938
00:33:39,120 --> 00:33:41,039
nothing works if i try cd etsy it's
939
00:33:41,039 --> 00:33:42,960
going to say i can't find it
940
00:33:42,960 --> 00:33:43,840
so
941
00:33:43,840 --> 00:33:45,600
what does that mean well when we change
942
00:33:45,600 --> 00:33:47,200
directories we can only change
943
00:33:47,200 --> 00:33:49,279
directories from the folders that we
944
00:33:49,279 --> 00:33:51,679
have available to us so i can only
945
00:33:51,679 --> 00:33:54,080
change directories into these folders
946
00:33:54,080 --> 00:33:57,440
by using that sort of nomenclature
947
00:33:57,440 --> 00:34:00,159
however if i can provide a full
948
00:34:00,159 --> 00:34:02,480
directory or a full path
949
00:34:02,480 --> 00:34:04,640
then i can cd from any folder that i'm
950
00:34:04,640 --> 00:34:06,640
in so if i go cd
951
00:34:06,640 --> 00:34:08,399
forward slash because remember we have
952
00:34:08,399 --> 00:34:09,760
the base here
953
00:34:09,760 --> 00:34:12,320
well then i can say forward slash et
954
00:34:12,320 --> 00:34:14,159
start typing that out and guess what i
955
00:34:14,159 --> 00:34:15,599
get etsy here
956
00:34:15,599 --> 00:34:17,440
and if i wanted to dive deeper into what
957
00:34:17,440 --> 00:34:19,679
folders are in there i could hit tab and
958
00:34:19,679 --> 00:34:21,280
i could see all the folders that are
959
00:34:21,280 --> 00:34:23,199
available in the etsy folder to complete
960
00:34:23,199 --> 00:34:26,320
my task now if i hit enter
961
00:34:26,320 --> 00:34:28,639
i will be brought into the etsy folder
962
00:34:28,639 --> 00:34:31,679
and similarly i can hit ls and see all
963
00:34:31,679 --> 00:34:34,800
the files and folders that are in here
964
00:34:34,800 --> 00:34:37,040
now let's just cd here and i'm going to
965
00:34:37,040 --> 00:34:38,399
use the atilda and that's going to get
966
00:34:38,399 --> 00:34:40,320
us back to our home folder
967
00:34:40,320 --> 00:34:42,480
i'm going to ctrl l to clear screen and
968
00:34:42,480 --> 00:34:44,000
then i'm going to ls again you're going
969
00:34:44,000 --> 00:34:46,719
to see we're back where we just were
970
00:34:46,719 --> 00:34:49,199
now in this case what if i wanted to
971
00:34:49,199 --> 00:34:51,520
list the files of the etsy folder well
972
00:34:51,520 --> 00:34:53,679
it's the same thing i could do ls
973
00:34:53,679 --> 00:34:55,918
forward slash etsy
974
00:34:55,918 --> 00:34:57,920
and that will list all the files as if i
975
00:34:57,920 --> 00:35:00,480
were sitting in that folder so just know
976
00:35:00,480 --> 00:35:03,119
that you can list folders and files you
977
00:35:03,119 --> 00:35:04,800
can change directories from being it
978
00:35:04,800 --> 00:35:06,880
within another directory it doesn't have
979
00:35:06,880 --> 00:35:09,119
to be in that same up and down tree that
980
00:35:09,119 --> 00:35:10,800
i was showing you there's a lot more
981
00:35:10,800 --> 00:35:13,200
robustness to these commands same thing
982
00:35:13,200 --> 00:35:14,880
if we ls in here
983
00:35:14,880 --> 00:35:16,960
we could take a look at the folders and
984
00:35:16,960 --> 00:35:18,560
we don't have to change the directory to
985
00:35:18,560 --> 00:35:20,480
see what's in these folders we can just
986
00:35:20,480 --> 00:35:23,119
ls desktop for example and start auto
987
00:35:23,119 --> 00:35:24,560
tab completing
988
00:35:24,560 --> 00:35:26,240
there's nothing in there i do have
989
00:35:26,240 --> 00:35:27,599
something in the downloads folder just
990
00:35:27,599 --> 00:35:30,240
because i changed my picture i put our
991
00:35:30,240 --> 00:35:32,800
tcm security logo in there so
992
00:35:32,800 --> 00:35:34,560
i have that in the downloads folder but
993
00:35:34,560 --> 00:35:35,760
it's completely normal not to have
994
00:35:35,760 --> 00:35:37,520
anything in your desktop or downloads
995
00:35:37,520 --> 00:35:40,400
when you first install cali and again we
996
00:35:40,400 --> 00:35:42,800
can achieve the same thing by cd into
997
00:35:42,800 --> 00:35:45,280
downloads and then hitting ls
998
00:35:45,280 --> 00:35:47,760
you have the same object here as you saw
999
00:35:47,760 --> 00:35:49,760
before except we're just now in that
1000
00:35:49,760 --> 00:35:51,520
folder so you have to declare the folder
1001
00:35:51,520 --> 00:35:52,960
or be within the folder to see the
1002
00:35:52,960 --> 00:35:54,720
contents okay
1003
00:35:54,720 --> 00:35:56,880
now let's go ahead and cd back to the
1004
00:35:56,880 --> 00:35:59,359
base folder you could cd dot dot or just
1005
00:35:59,359 --> 00:36:01,440
use the atilda i'm going to clear my
1006
00:36:01,440 --> 00:36:02,640
screen
1007
00:36:02,640 --> 00:36:04,560
and from here we want to talk about
1008
00:36:04,560 --> 00:36:06,880
making a directory
1009
00:36:06,880 --> 00:36:09,040
so let's make a directory i'm going to
1010
00:36:09,040 --> 00:36:10,960
make a directory called heath you can
1011
00:36:10,960 --> 00:36:13,440
just use your first name if you want
1012
00:36:13,440 --> 00:36:15,680
and then when you ls in here
1013
00:36:15,680 --> 00:36:18,079
you can see now that the heath directory
1014
00:36:18,079 --> 00:36:19,359
is here
1015
00:36:19,359 --> 00:36:20,720
and i could see the end of that heat
1016
00:36:20,720 --> 00:36:23,440
directory i can ls in that directory and
1017
00:36:23,440 --> 00:36:24,640
there's not going to be anything in
1018
00:36:24,640 --> 00:36:25,440
there
1019
00:36:25,440 --> 00:36:27,119
so i'm going to go ahead and
1020
00:36:27,119 --> 00:36:28,560
back up one
1021
00:36:28,560 --> 00:36:29,920
and now i'm going to show you how to
1022
00:36:29,920 --> 00:36:32,400
remove a directory or remove a folder so
1023
00:36:32,400 --> 00:36:34,880
you say rmdir
1024
00:36:34,880 --> 00:36:36,560
and you're going to go ahead and just
1025
00:36:36,560 --> 00:36:38,560
say heath
1026
00:36:38,560 --> 00:36:40,400
and that will remove that
1027
00:36:40,400 --> 00:36:42,400
these commands work exactly the same as
1028
00:36:42,400 --> 00:36:43,920
everything else if i wanted to make a
1029
00:36:43,920 --> 00:36:46,079
directory in the base folder i could
1030
00:36:46,079 --> 00:36:48,480
totally make dur forward slash heath if
1031
00:36:48,480 --> 00:36:50,880
i wanted to and i could also remove that
1032
00:36:50,880 --> 00:36:53,599
from here so again it doesn't matter
1033
00:36:53,599 --> 00:36:54,960
exactly where you're at as long as
1034
00:36:54,960 --> 00:36:57,200
you're using full file paths
1035
00:36:57,200 --> 00:36:58,880
okay so i've cleared my screen and now i
1036
00:36:58,880 --> 00:37:01,200
want to run ls
1037
00:37:01,200 --> 00:37:03,040
and you see in ls that we just have a
1038
00:37:03,040 --> 00:37:05,520
bunch of folders but that's not entirely
1039
00:37:05,520 --> 00:37:06,880
true
1040
00:37:06,880 --> 00:37:08,160
what we're going to do is we're going to
1041
00:37:08,160 --> 00:37:11,119
do an ls dash la
1042
00:37:11,119 --> 00:37:14,400
and i like to think of this as list all
1043
00:37:14,400 --> 00:37:17,599
but really it stands for long all
1044
00:37:17,599 --> 00:37:20,079
and if we hit enter you can see that
1045
00:37:20,079 --> 00:37:23,359
there's a bunch of new files in here and
1046
00:37:23,359 --> 00:37:26,320
folders actually so from this we can see
1047
00:37:26,320 --> 00:37:27,680
that we have
1048
00:37:27,680 --> 00:37:30,720
a like a bash history we've got a dot
1049
00:37:30,720 --> 00:37:33,440
java folder anything with a dot is
1050
00:37:33,440 --> 00:37:35,920
considered a hidden file we won't see
1051
00:37:35,920 --> 00:37:37,920
that when we're using the ls command we
1052
00:37:37,920 --> 00:37:40,800
actually have to do a dash la command
1053
00:37:40,800 --> 00:37:42,400
and this is a great time to actually
1054
00:37:42,400 --> 00:37:44,960
take a look at what these sub commands
1055
00:37:44,960 --> 00:37:47,359
are and how are some ways that we can
1056
00:37:47,359 --> 00:37:49,760
identify what these things mean
1057
00:37:49,760 --> 00:37:51,680
so i'm going to show you a website first
1058
00:37:51,680 --> 00:37:53,760
and i think this website is awesome we
1059
00:37:53,760 --> 00:37:55,240
can go to something like
1060
00:37:55,240 --> 00:37:58,400
explainshell.com so it is
1061
00:37:58,400 --> 00:37:59,839
explain
1062
00:37:59,839 --> 00:38:01,680
shell you can see it auto completing up
1063
00:38:01,680 --> 00:38:04,720
there but explain shell.com and if you
1064
00:38:04,720 --> 00:38:06,880
came in here and you wanted to take a
1065
00:38:06,880 --> 00:38:08,240
look let me make this a little bit
1066
00:38:08,240 --> 00:38:09,920
bigger if you wanted to take a look at
1067
00:38:09,920 --> 00:38:10,599
like
1068
00:38:10,599 --> 00:38:12,160
ls-la
1069
00:38:12,160 --> 00:38:14,640
you could say okay explain this to me
1070
00:38:14,640 --> 00:38:16,560
and it'll tell you okay the first part
1071
00:38:16,560 --> 00:38:19,440
is ls that means list directory contents
1072
00:38:19,440 --> 00:38:21,280
remember i called it the list command
1073
00:38:21,280 --> 00:38:23,280
that's what it is now what does that la
1074
00:38:23,280 --> 00:38:26,480
do well the l you hover over it says use
1075
00:38:26,480 --> 00:38:29,839
long listing format and the a says use
1076
00:38:29,839 --> 00:38:32,560
all okay so do not ignore entries
1077
00:38:32,560 --> 00:38:34,400
starting with a dot which is what we're
1078
00:38:34,400 --> 00:38:35,520
looking for
1079
00:38:35,520 --> 00:38:38,400
and the long listing just gives us more
1080
00:38:38,400 --> 00:38:40,800
detail gives us these file permissions
1081
00:38:40,800 --> 00:38:42,320
which we'll get into a little bit later
1082
00:38:42,320 --> 00:38:44,480
and who owns it and what the file size
1083
00:38:44,480 --> 00:38:48,079
is the directory etc etc we'll get down
1084
00:38:48,079 --> 00:38:51,040
into that in just a few videos
1085
00:38:51,040 --> 00:38:52,880
we can also use what are called man
1086
00:38:52,880 --> 00:38:55,359
pages i'm going to control l again if we
1087
00:38:55,359 --> 00:38:56,480
do man
1088
00:38:56,480 --> 00:39:00,320
ls man stands for manual so man ls we
1089
00:39:00,320 --> 00:39:02,640
could see in here that ls means list
1090
00:39:02,640 --> 00:39:05,440
directory contents great dash a stands
1091
00:39:05,440 --> 00:39:07,280
for all do not ignore entry starting
1092
00:39:07,280 --> 00:39:08,480
with the period
1093
00:39:08,480 --> 00:39:10,079
same thing as we saw before we could
1094
00:39:10,079 --> 00:39:12,480
scroll down look for the l portion of
1095
00:39:12,480 --> 00:39:13,440
this
1096
00:39:13,440 --> 00:39:15,359
and we'll see that we have use a long
1097
00:39:15,359 --> 00:39:16,720
listing format
1098
00:39:16,720 --> 00:39:19,040
you can hit q to quit this
1099
00:39:19,040 --> 00:39:20,800
so if you don't have internet access for
1100
00:39:20,800 --> 00:39:23,040
example you can use man pages
1101
00:39:23,040 --> 00:39:25,599
i like using explainshell.com i think
1102
00:39:25,599 --> 00:39:27,599
it's pretty awesome but man works very
1103
00:39:27,599 --> 00:39:28,960
quick and from the terminal you don't
1104
00:39:28,960 --> 00:39:31,040
have to leave or do anything another
1105
00:39:31,040 --> 00:39:33,760
thing that you can do is ls dash dash
1106
00:39:33,760 --> 00:39:35,440
help
1107
00:39:35,440 --> 00:39:37,280
and that will give you similar to the
1108
00:39:37,280 --> 00:39:39,760
man pages though not as
1109
00:39:39,760 --> 00:39:41,680
full detail i guess is the best way to
1110
00:39:41,680 --> 00:39:42,640
say it
1111
00:39:42,640 --> 00:39:44,000
and you come in here and you can see the
1112
00:39:44,000 --> 00:39:45,760
same kind of switches and commands that
1113
00:39:45,760 --> 00:39:47,599
were in here so
1114
00:39:47,599 --> 00:39:50,240
dash help works for a lot of commands
1115
00:39:50,240 --> 00:39:51,680
it's one of those that you should know
1116
00:39:51,680 --> 00:39:53,520
and you should try if you have any
1117
00:39:53,520 --> 00:39:55,760
questions about what you're trying to do
1118
00:39:55,760 --> 00:39:58,560
it's a great resource so if we ls dash
1119
00:39:58,560 --> 00:39:59,760
la
1120
00:39:59,760 --> 00:40:01,680
we can cd into one of these hidden
1121
00:40:01,680 --> 00:40:04,000
folders like we could cd into dot cache
1122
00:40:04,000 --> 00:40:05,599
for example
1123
00:40:05,599 --> 00:40:08,480
and we just ls that you can see that
1124
00:40:08,480 --> 00:40:10,319
there's actually stuff in the cache in
1125
00:40:10,319 --> 00:40:12,480
here so we're not going to get into this
1126
00:40:12,480 --> 00:40:14,160
i just want to show you that hidden
1127
00:40:14,160 --> 00:40:16,240
files and folders do exist so if you're
1128
00:40:16,240 --> 00:40:17,920
looking for something
1129
00:40:17,920 --> 00:40:20,160
especially pen test related something
1130
00:40:20,160 --> 00:40:21,520
might be hidden if you're on a linux
1131
00:40:21,520 --> 00:40:23,920
machine you might need to do ls-la to
1132
00:40:23,920 --> 00:40:25,359
see a hidden file
1133
00:40:25,359 --> 00:40:27,119
and they're incredibly easy to see as
1134
00:40:27,119 --> 00:40:28,800
you can see for yourself
1135
00:40:28,800 --> 00:40:31,680
let's go ahead and cd back to our home
1136
00:40:31,680 --> 00:40:32,800
folder
1137
00:40:32,800 --> 00:40:34,640
and from here i'm going to show you a
1138
00:40:34,640 --> 00:40:35,760
couple of
1139
00:40:35,760 --> 00:40:37,599
things that we're going to explain later
1140
00:40:37,599 --> 00:40:38,880
on but i just kind of want to get you
1141
00:40:38,880 --> 00:40:40,560
familiar with it so the first thing i
1142
00:40:40,560 --> 00:40:42,079
want to show you is the echo command if
1143
00:40:42,079 --> 00:40:44,240
we go echo and we use a single
1144
00:40:44,240 --> 00:40:46,720
apostrophe and we say hi like this
1145
00:40:46,720 --> 00:40:48,400
that's just going to echo out to the
1146
00:40:48,400 --> 00:40:49,359
screen
1147
00:40:49,359 --> 00:40:51,040
we'll get into the echo command a little
1148
00:40:51,040 --> 00:40:52,880
bit later on in the course
1149
00:40:52,880 --> 00:40:54,640
what we're doing here is we're going to
1150
00:40:54,640 --> 00:40:55,920
echo this
1151
00:40:55,920 --> 00:40:59,280
into a file so i'm going to say hi
1152
00:40:59,280 --> 00:41:01,440
and then i'm going to put that file
1153
00:41:01,440 --> 00:41:03,440
i'm going to use this greater than
1154
00:41:03,440 --> 00:41:05,119
symbol and that's going to be a
1155
00:41:05,119 --> 00:41:06,720
redirection operator and i'm going to
1156
00:41:06,720 --> 00:41:08,800
say hey just go ahead and make a file
1157
00:41:08,800 --> 00:41:11,040
called test.text
1158
00:41:11,040 --> 00:41:12,480
and while you don't need to know this
1159
00:41:12,480 --> 00:41:16,079
yet if i ran cat on this on test.txt
1160
00:41:16,079 --> 00:41:18,720
you'll see that it prints back out hi
1161
00:41:18,720 --> 00:41:21,119
okay so i just want to have this file
1162
00:41:21,119 --> 00:41:22,960
here that we created and what we're
1163
00:41:22,960 --> 00:41:24,560
going to do is we're going to just
1164
00:41:24,560 --> 00:41:26,079
quickly ls
1165
00:41:26,079 --> 00:41:27,760
we're going to see that it's there you
1166
00:41:27,760 --> 00:41:29,440
can see that there are color differences
1167
00:41:29,440 --> 00:41:31,359
for files and folders again and the
1168
00:41:31,359 --> 00:41:33,200
reason we're making this in this video
1169
00:41:33,200 --> 00:41:35,520
is i want to show you the copy command
1170
00:41:35,520 --> 00:41:38,079
so if we run copy on this we could say
1171
00:41:38,079 --> 00:41:40,400
copy test dot text
1172
00:41:40,400 --> 00:41:42,400
what i want to do is i want to copy this
1173
00:41:42,400 --> 00:41:44,880
into the downloads folder so i can just
1174
00:41:44,880 --> 00:41:48,960
say copy test.text into downloads
1175
00:41:48,960 --> 00:41:51,359
if we ls we'll see that test.text is
1176
00:41:51,359 --> 00:41:54,319
here we're making a copy if we ls
1177
00:41:54,319 --> 00:41:55,599
downloads
1178
00:41:55,599 --> 00:41:58,079
we can see that test.txt is actually in
1179
00:41:58,079 --> 00:41:59,839
there as well
1180
00:41:59,839 --> 00:42:02,079
so similar with the remove directory we
1181
00:42:02,079 --> 00:42:04,400
can use the rm command and what we're
1182
00:42:04,400 --> 00:42:06,960
going to do is remove that file
1183
00:42:06,960 --> 00:42:08,560
and again we don't have to be in the
1184
00:42:08,560 --> 00:42:10,240
directory to remove it we can call the
1185
00:42:10,240 --> 00:42:14,240
directory path and then test.txt
1186
00:42:14,240 --> 00:42:18,079
if we hit ls on downloads again
1187
00:42:18,079 --> 00:42:19,280
we can just
1188
00:42:19,280 --> 00:42:20,560
go ahead and hit enter and you're going
1189
00:42:20,560 --> 00:42:21,839
to see that
1190
00:42:21,839 --> 00:42:24,319
there is no test.text in there anymore
1191
00:42:24,319 --> 00:42:26,000
but if we ls here
1192
00:42:26,000 --> 00:42:28,960
you'll see that test.text does exist so
1193
00:42:28,960 --> 00:42:31,520
i'm going to go ahead and control l
1194
00:42:31,520 --> 00:42:33,280
the opposite of this
1195
00:42:33,280 --> 00:42:36,480
is the move command now if i move
1196
00:42:36,480 --> 00:42:37,920
test.txt
1197
00:42:37,920 --> 00:42:40,319
and i put that into downloads
1198
00:42:40,319 --> 00:42:42,960
if i ls now
1199
00:42:42,960 --> 00:42:45,040
you're gonna see that there is no
1200
00:42:45,040 --> 00:42:48,000
test.text in here why is that well if we
1201
00:42:48,000 --> 00:42:49,680
ls downloads
1202
00:42:49,680 --> 00:42:51,440
you're gonna see that we moved it so
1203
00:42:51,440 --> 00:42:54,160
remember copy leaves an original version
1204
00:42:54,160 --> 00:42:56,160
wherever you copied from
1205
00:42:56,160 --> 00:42:59,359
move completely moves it so the cp and
1206
00:42:59,359 --> 00:43:01,200
the mv commands are what you need to
1207
00:43:01,200 --> 00:43:02,319
know there
1208
00:43:02,319 --> 00:43:03,760
now while we're on this what we're going
1209
00:43:03,760 --> 00:43:05,839
to do is we're going to look at a
1210
00:43:05,839 --> 00:43:07,760
command called locate
1211
00:43:07,760 --> 00:43:09,680
the locate's pretty awesome if you did
1212
00:43:09,680 --> 00:43:11,520
locate and say i wanted to find out
1213
00:43:11,520 --> 00:43:14,000
where that test.txt file is
1214
00:43:14,000 --> 00:43:16,000
i could do locatetest.txt and we're
1215
00:43:16,000 --> 00:43:17,680
probably not going to get anything back
1216
00:43:17,680 --> 00:43:19,839
quite yet now if we're looking through
1217
00:43:19,839 --> 00:43:22,160
this none of these files are where we're
1218
00:43:22,160 --> 00:43:24,720
at so there are some tests.txt files on
1219
00:43:24,720 --> 00:43:26,960
this machine but we're not seeing the
1220
00:43:26,960 --> 00:43:29,200
one that we created so say that we
1221
00:43:29,200 --> 00:43:30,880
created a file we can't remember where
1222
00:43:30,880 --> 00:43:32,319
we put it and we just want to go search
1223
00:43:32,319 --> 00:43:33,760
for it and find it
1224
00:43:33,760 --> 00:43:37,200
what we can do is we can say update db
1225
00:43:37,200 --> 00:43:38,800
and you're going to see that we actually
1226
00:43:38,800 --> 00:43:40,800
get a denied why are we getting
1227
00:43:40,800 --> 00:43:42,480
permission denied well this comes back
1228
00:43:42,480 --> 00:43:44,560
to sudo so let's go ahead and sudo
1229
00:43:44,560 --> 00:43:45,680
update
1230
00:43:45,680 --> 00:43:47,280
db
1231
00:43:47,280 --> 00:43:48,640
you're going to enter in your sudo
1232
00:43:48,640 --> 00:43:49,839
password
1233
00:43:49,839 --> 00:43:52,079
it's going to update the database
1234
00:43:52,079 --> 00:43:54,560
and now if we do locate test.txt and you
1235
00:43:54,560 --> 00:43:56,160
can just when you see a screen like this
1236
00:43:56,160 --> 00:43:58,480
by the way where it's kind of semi-gray
1237
00:43:58,480 --> 00:44:00,560
if you just hit the right arrow that
1238
00:44:00,560 --> 00:44:02,079
will go ahead and auto-complete because
1239
00:44:02,079 --> 00:44:04,319
it remembers your last command
1240
00:44:04,319 --> 00:44:06,400
you can hit that
1241
00:44:06,400 --> 00:44:08,319
and you can now see that the first entry
1242
00:44:08,319 --> 00:44:10,720
in here is home cali downloads test.txt
1243
00:44:10,720 --> 00:44:12,720
so now the database is updated and it
1244
00:44:12,720 --> 00:44:14,000
finds it
1245
00:44:14,000 --> 00:44:15,680
one other thing to mention i just talked
1246
00:44:15,680 --> 00:44:17,440
about autocompleting with the right
1247
00:44:17,440 --> 00:44:20,480
arrow if you hit the up arrow you can go
1248
00:44:20,480 --> 00:44:22,560
through your previous commands
1249
00:44:22,560 --> 00:44:24,240
you can see all the commands that i've
1250
00:44:24,240 --> 00:44:26,400
been running through so we can also use
1251
00:44:26,400 --> 00:44:27,839
the down arrow to scroll back down
1252
00:44:27,839 --> 00:44:29,760
through those commands so say i wanted
1253
00:44:29,760 --> 00:44:31,920
to run that locate test.txt command
1254
00:44:31,920 --> 00:44:33,680
again instead of typing it out i just
1255
00:44:33,680 --> 00:44:36,720
hit the up arrow and then i hit enter
1256
00:44:36,720 --> 00:44:38,079
easy breezy
1257
00:44:38,079 --> 00:44:39,440
okay so we're gonna go ahead and remove
1258
00:44:39,440 --> 00:44:42,640
downloads test.txt
1259
00:44:42,640 --> 00:44:44,560
and now that file should be gone we can
1260
00:44:44,560 --> 00:44:46,720
ls one more time into downloads just to
1261
00:44:46,720 --> 00:44:49,520
make sure and you can see that ecm
1262
00:44:49,520 --> 00:44:51,359
security finals the only thing that's in
1263
00:44:51,359 --> 00:44:52,560
there
1264
00:44:52,560 --> 00:44:54,400
one other thing to point out that i just
1265
00:44:54,400 --> 00:44:55,760
noticed actually
1266
00:44:55,760 --> 00:44:56,880
is
1267
00:44:56,880 --> 00:44:58,560
these files are case sensitive and the
1268
00:44:58,560 --> 00:45:00,240
folders are case sensitive so if i try
1269
00:45:00,240 --> 00:45:02,960
to cd into downloads
1270
00:45:02,960 --> 00:45:04,560
it's not going to work because downloads
1271
00:45:04,560 --> 00:45:07,599
doesn't exist so if i cdn2 downloads
1272
00:45:07,599 --> 00:45:09,280
i could spell
1273
00:45:09,280 --> 00:45:10,800
then you can see that i actually get
1274
00:45:10,800 --> 00:45:13,200
into the downloads folder so note that
1275
00:45:13,200 --> 00:45:15,520
it's case sensitive auto complete i go
1276
00:45:15,520 --> 00:45:16,319
back
1277
00:45:16,319 --> 00:45:18,640
we'll do a pretty decent job at trying
1278
00:45:18,640 --> 00:45:20,720
on newer versions of cali that is if i
1279
00:45:20,720 --> 00:45:23,119
hit do for example and then i tab it'll
1280
00:45:23,119 --> 00:45:24,400
realize that i'm trying to get to
1281
00:45:24,400 --> 00:45:26,160
downloads the last thing i'm going to
1282
00:45:26,160 --> 00:45:28,480
show you is the password command that is
1283
00:45:28,480 --> 00:45:30,800
p-a-s-s-w-d
1284
00:45:30,800 --> 00:45:32,240
we are going to be good security
1285
00:45:32,240 --> 00:45:34,480
engineers and change our password we're
1286
00:45:34,480 --> 00:45:35,760
going to make it a strong password
1287
00:45:35,760 --> 00:45:37,920
because we're good security engineers
1288
00:45:37,920 --> 00:45:40,160
i am going to be the bad security
1289
00:45:40,160 --> 00:45:42,960
engineer and make my password password
1290
00:45:42,960 --> 00:45:44,640
and i'm doing that because later on the
1291
00:45:44,640 --> 00:45:47,280
course will talk about cracking linux
1292
00:45:47,280 --> 00:45:49,440
passwords and we're going to use my bad
1293
00:45:49,440 --> 00:45:51,839
password as an example so here we're
1294
00:45:51,839 --> 00:45:53,520
going to type our current password cali
1295
00:45:53,520 --> 00:45:55,599
is a terrible password by the way
1296
00:45:55,599 --> 00:45:56,960
and we're going to go ahead and type in
1297
00:45:56,960 --> 00:45:58,240
our new password you can make your
1298
00:45:58,240 --> 00:46:00,560
password whatever you want i'm making
1299
00:46:00,560 --> 00:46:03,440
mine password and now we have updated
1300
00:46:03,440 --> 00:46:05,520
successfully and we have finished all
1301
00:46:05,520 --> 00:46:07,040
the commands that we need to know for
1302
00:46:07,040 --> 00:46:09,440
this video i'll go ahead and see you in
1303
00:46:09,440 --> 00:46:11,200
the next lesson
1304
00:46:11,200 --> 00:46:13,119
now we're going to talk about users and
1305
00:46:13,119 --> 00:46:14,480
privileges
1306
00:46:14,480 --> 00:46:16,560
so in the last video we learned about
1307
00:46:16,560 --> 00:46:18,400
ls-la
1308
00:46:18,400 --> 00:46:21,040
so i am in my home folder which is the
1309
00:46:21,040 --> 00:46:23,680
atilda here and all i'm gonna do is just
1310
00:46:23,680 --> 00:46:26,079
say ls-la
1311
00:46:26,079 --> 00:46:28,400
i'm gonna hit enter
1312
00:46:28,400 --> 00:46:30,720
and we're going to see a bunch of stuff
1313
00:46:30,720 --> 00:46:33,520
over here on the left hand side we've
1314
00:46:33,520 --> 00:46:36,160
got this we've got the details kind of
1315
00:46:36,160 --> 00:46:38,560
of ownership we've got some file size in
1316
00:46:38,560 --> 00:46:41,119
here and we'll talk about all of this
1317
00:46:41,119 --> 00:46:43,520
but we do ls-la we're getting so much
1318
00:46:43,520 --> 00:46:45,520
more information than whether or not a
1319
00:46:45,520 --> 00:46:46,960
file is hidden which is kind of the
1320
00:46:46,960 --> 00:46:49,760
purpose we looked at it for last time
1321
00:46:49,760 --> 00:46:51,359
but now we can take it and look at it
1322
00:46:51,359 --> 00:46:54,160
from a different scope or a lens
1323
00:46:54,160 --> 00:46:57,040
we can see that we have this column here
1324
00:46:57,040 --> 00:46:58,560
the first column
1325
00:46:58,560 --> 00:47:00,160
now the first column tells us something
1326
00:47:00,160 --> 00:47:01,599
interesting
1327
00:47:01,599 --> 00:47:04,240
it first tells us whether or not we are
1328
00:47:04,240 --> 00:47:07,119
looking at a file or a directory so if
1329
00:47:07,119 --> 00:47:09,520
we see a d here we are seeing that this
1330
00:47:09,520 --> 00:47:11,760
is a directory note that these are also
1331
00:47:11,760 --> 00:47:14,560
color coded right so we have blue for
1332
00:47:14,560 --> 00:47:16,880
directories it looks like and then white
1333
00:47:16,880 --> 00:47:19,920
here or files and then we also have
1334
00:47:19,920 --> 00:47:21,680
links which we're not going to get into
1335
00:47:21,680 --> 00:47:24,000
much right now but a link looks like
1336
00:47:24,000 --> 00:47:25,599
it's a lighter blue
1337
00:47:25,599 --> 00:47:29,040
so we have the indicator here first it
1338
00:47:29,040 --> 00:47:31,119
says okay it's either a d or maybe a
1339
00:47:31,119 --> 00:47:32,720
dash or an l
1340
00:47:32,720 --> 00:47:34,240
there are other settings that could be
1341
00:47:34,240 --> 00:47:36,000
here but for now this is all we need to
1342
00:47:36,000 --> 00:47:37,119
worry about
1343
00:47:37,119 --> 00:47:38,240
the next set of things that we're going
1344
00:47:38,240 --> 00:47:41,280
to look at are these rwx's
1345
00:47:41,280 --> 00:47:44,400
or our blank x what does that all mean
1346
00:47:44,400 --> 00:47:47,920
well rwx means read write execute when
1347
00:47:47,920 --> 00:47:50,400
we're missing one of those like a dash
1348
00:47:50,400 --> 00:47:52,319
here that just means we have a read and
1349
00:47:52,319 --> 00:47:53,440
execute
1350
00:47:53,440 --> 00:47:54,960
and there are actually three groups that
1351
00:47:54,960 --> 00:47:56,400
we're looking at here
1352
00:47:56,400 --> 00:47:58,400
so we have the first group
1353
00:47:58,400 --> 00:48:00,960
which is the owner of our file so this
1354
00:48:00,960 --> 00:48:02,880
first group says read write execute for
1355
00:48:02,880 --> 00:48:05,119
the owner of this file and if we look at
1356
00:48:05,119 --> 00:48:06,400
the owner of the file we can actually
1357
00:48:06,400 --> 00:48:08,640
see that the owner is going to be cali
1358
00:48:08,640 --> 00:48:11,040
well in this instance it's the directory
1359
00:48:11,040 --> 00:48:13,280
but here we're looking at cali you can
1360
00:48:13,280 --> 00:48:14,960
see that one of these has root listed
1361
00:48:14,960 --> 00:48:17,040
but in this instance since we're using
1362
00:48:17,040 --> 00:48:18,559
the cali user and we're in our home
1363
00:48:18,559 --> 00:48:20,559
folder we're looking at mostly cali
1364
00:48:20,559 --> 00:48:23,520
being the file owner for this
1365
00:48:23,520 --> 00:48:24,880
the next one we're going to look at is
1366
00:48:24,880 --> 00:48:26,720
we're going to say okay
1367
00:48:26,720 --> 00:48:28,240
group membership
1368
00:48:28,240 --> 00:48:32,240
so anybody that is a part of this group
1369
00:48:32,240 --> 00:48:35,359
what do they get ownership to or what do
1370
00:48:35,359 --> 00:48:37,839
they get to do with this directory or
1371
00:48:37,839 --> 00:48:39,040
this file
1372
00:48:39,040 --> 00:48:39,920
well
1373
00:48:39,920 --> 00:48:42,000
anybody in this group can read or
1374
00:48:42,000 --> 00:48:44,559
execute but they cannot write to this
1375
00:48:44,559 --> 00:48:46,160
directory or file
1376
00:48:46,160 --> 00:48:48,000
and lastly we have the third setting
1377
00:48:48,000 --> 00:48:50,559
which is all other users what can all
1378
00:48:50,559 --> 00:48:52,400
other users do
1379
00:48:52,400 --> 00:48:54,319
all the users can read and execute but
1380
00:48:54,319 --> 00:48:56,559
they cannot write here
1381
00:48:56,559 --> 00:48:58,160
and we don't have anything in here
1382
00:48:58,160 --> 00:49:00,160
besides this link that is read write
1383
00:49:00,160 --> 00:49:02,800
execute we don't have a world read write
1384
00:49:02,800 --> 00:49:07,040
execute in this folder and that's okay
1385
00:49:07,040 --> 00:49:08,480
this does come into play when we're
1386
00:49:08,480 --> 00:49:10,640
doing penetration testing however when
1387
00:49:10,640 --> 00:49:13,040
we want to find some sort of file that
1388
00:49:13,040 --> 00:49:16,240
has read write access or read write
1389
00:49:16,240 --> 00:49:18,800
execute access if we have full access
1390
00:49:18,800 --> 00:49:20,319
that is ideal
1391
00:49:20,319 --> 00:49:21,680
especially if there are some sensitive
1392
00:49:21,680 --> 00:49:23,440
files that we're not supposed to see or
1393
00:49:23,440 --> 00:49:25,839
maybe were misconfigured or if we need
1394
00:49:25,839 --> 00:49:28,559
somewhere to write to on the disk for
1395
00:49:28,559 --> 00:49:30,800
example if i clear the screen here and
1396
00:49:30,800 --> 00:49:36,160
we do an ls-la of the temp folder
1397
00:49:36,720 --> 00:49:39,440
we can see that temp actually has read
1398
00:49:39,440 --> 00:49:42,240
write execute privileges throughout
1399
00:49:42,240 --> 00:49:44,559
this is a great place when we're doing
1400
00:49:44,559 --> 00:49:46,800
pen testing and we're working on a linux
1401
00:49:46,800 --> 00:49:49,040
machine that if we need to come drop a
1402
00:49:49,040 --> 00:49:51,520
file we know that this temp folder can
1403
00:49:51,520 --> 00:49:54,000
be written to we can write whatever file
1404
00:49:54,000 --> 00:49:55,520
we want and execute these files from
1405
00:49:55,520 --> 00:49:57,680
here without having to worry about too
1406
00:49:57,680 --> 00:49:59,520
many permissions so if we're attacking
1407
00:49:59,520 --> 00:50:01,440
machines later on especially as we get
1408
00:50:01,440 --> 00:50:03,040
on into the practical ethical hacking
1409
00:50:03,040 --> 00:50:04,000
course
1410
00:50:04,000 --> 00:50:06,720
you may see me go and use the temp
1411
00:50:06,720 --> 00:50:09,599
folder to upload malware or write a
1412
00:50:09,599 --> 00:50:12,079
malicious file or something that i can
1413
00:50:12,079 --> 00:50:14,480
do from a folder that is read write
1414
00:50:14,480 --> 00:50:16,559
executable so let's clear the screen
1415
00:50:16,559 --> 00:50:17,680
again
1416
00:50:17,680 --> 00:50:19,839
now another reason and importance for
1417
00:50:19,839 --> 00:50:21,760
the read write execute is that if we
1418
00:50:21,760 --> 00:50:23,839
write a script we won't be able to
1419
00:50:23,839 --> 00:50:25,680
execute that script until we have full
1420
00:50:25,680 --> 00:50:28,079
access to do so that's going to become
1421
00:50:28,079 --> 00:50:30,000
more important as we download files and
1422
00:50:30,000 --> 00:50:32,000
try to run them against machines but
1423
00:50:32,000 --> 00:50:33,920
even in this little section when we're
1424
00:50:33,920 --> 00:50:36,240
looking at the bash scripting we're
1425
00:50:36,240 --> 00:50:38,480
going to need to be able to execute our
1426
00:50:38,480 --> 00:50:39,839
script and we're going to need to be
1427
00:50:39,839 --> 00:50:41,839
able to change the permissions on that
1428
00:50:41,839 --> 00:50:43,599
let's go ahead and do that here we're
1429
00:50:43,599 --> 00:50:44,960
going to create a little text file and
1430
00:50:44,960 --> 00:50:46,319
just look at the permissions and how
1431
00:50:46,319 --> 00:50:47,680
things change
1432
00:50:47,680 --> 00:50:49,359
so similar to the last video we're going
1433
00:50:49,359 --> 00:50:51,119
to do an echo and we're just going to
1434
00:50:51,119 --> 00:50:53,200
say hello
1435
00:50:53,200 --> 00:50:55,520
and in this we are going to use our
1436
00:50:55,520 --> 00:50:57,359
directional operator and we are going to
1437
00:50:57,359 --> 00:51:01,920
just put this in a hello.txt file
1438
00:51:02,000 --> 00:51:05,400
if we ls-la
1439
00:51:05,599 --> 00:51:08,960
we could see that hello.txt is in here
1440
00:51:08,960 --> 00:51:11,520
but look at the permissions that are set
1441
00:51:11,520 --> 00:51:13,200
we have read write permissions we don't
1442
00:51:13,200 --> 00:51:15,200
have any execute permissions if this was
1443
00:51:15,200 --> 00:51:16,480
a script or anything that we're trying
1444
00:51:16,480 --> 00:51:18,480
to run the machine will not let us run
1445
00:51:18,480 --> 00:51:20,000
it because we do not have the execute
1446
00:51:20,000 --> 00:51:21,359
permissions
1447
00:51:21,359 --> 00:51:23,119
same thing here everybody else can only
1448
00:51:23,119 --> 00:51:24,800
read this file they cannot write or
1449
00:51:24,800 --> 00:51:27,119
execute this file so we can change the
1450
00:51:27,119 --> 00:51:28,880
permissions on this and we can do that
1451
00:51:28,880 --> 00:51:31,839
with the ch mod which stands for
1452
00:51:31,839 --> 00:51:33,280
change mode
1453
00:51:33,280 --> 00:51:34,640
so i'm going to go ahead and clear
1454
00:51:34,640 --> 00:51:37,520
screen again and we can do a ch mod
1455
00:51:37,520 --> 00:51:39,040
and there's two different ways to do
1456
00:51:39,040 --> 00:51:39,839
this
1457
00:51:39,839 --> 00:51:41,920
the first way is to do something like a
1458
00:51:41,920 --> 00:51:43,040
plus sign
1459
00:51:43,040 --> 00:51:44,640
and then give the permissions that you
1460
00:51:44,640 --> 00:51:46,960
want set for that file so we could do
1461
00:51:46,960 --> 00:51:49,839
something like rwx that is read write
1462
00:51:49,839 --> 00:51:52,720
execute if you wanted just read access
1463
00:51:52,720 --> 00:51:54,720
or read write access or just write
1464
00:51:54,720 --> 00:51:55,760
access
1465
00:51:55,760 --> 00:51:57,680
you would put the appropriate lettering
1466
00:51:57,680 --> 00:51:59,440
there and let's go ahead and just give
1467
00:51:59,440 --> 00:52:01,280
this a read write execute and i'm going
1468
00:52:01,280 --> 00:52:03,359
to say hello.txt
1469
00:52:03,359 --> 00:52:04,960
and hit enter
1470
00:52:04,960 --> 00:52:07,359
and we're going to go ahead in ls-la
1471
00:52:07,359 --> 00:52:08,559
again
1472
00:52:08,559 --> 00:52:10,240
and now you can see that the color of
1473
00:52:10,240 --> 00:52:12,400
this has changed why
1474
00:52:12,400 --> 00:52:15,760
it is fully read write executable for us
1475
00:52:15,760 --> 00:52:17,440
as the user
1476
00:52:17,440 --> 00:52:19,839
okay as the owner i should say
1477
00:52:19,839 --> 00:52:22,960
so that's one way of doing it however
1478
00:52:22,960 --> 00:52:24,960
there is another way of doing this as
1479
00:52:24,960 --> 00:52:25,920
well
1480
00:52:25,920 --> 00:52:28,400
we can say chmod
1481
00:52:28,400 --> 00:52:30,240
777
1482
00:52:30,240 --> 00:52:31,359
hello
1483
00:52:31,359 --> 00:52:33,839
that txt hit enter
1484
00:52:33,839 --> 00:52:36,400
do an ls-la
1485
00:52:36,400 --> 00:52:38,079
and you'll see now
1486
00:52:38,079 --> 00:52:40,960
that everything has read write execute
1487
00:52:40,960 --> 00:52:41,920
here
1488
00:52:41,920 --> 00:52:45,599
well what changed what is this 777 and
1489
00:52:45,599 --> 00:52:47,920
why is it so important
1490
00:52:47,920 --> 00:52:49,839
okay for that we're going to jump over
1491
00:52:49,839 --> 00:52:52,160
to powerpoint for just a second
1492
00:52:52,160 --> 00:52:54,160
okay so we have different numbers that
1493
00:52:54,160 --> 00:52:56,559
we can set for the ch mod
1494
00:52:56,559 --> 00:52:58,200
and remember we did
1495
00:52:58,200 --> 00:53:01,119
777 because we gave a seven to each
1496
00:53:01,119 --> 00:53:03,040
group we had the first second and third
1497
00:53:03,040 --> 00:53:04,880
groups remember that well what does
1498
00:53:04,880 --> 00:53:06,160
seven mean
1499
00:53:06,160 --> 00:53:09,520
well seven means read write execute so
1500
00:53:09,520 --> 00:53:12,960
for a read permission we get four points
1501
00:53:12,960 --> 00:53:15,599
or a right we get two and for execute we
1502
00:53:15,599 --> 00:53:17,440
get one so as you can see down here we
1503
00:53:17,440 --> 00:53:19,520
have four plus two plus one
1504
00:53:19,520 --> 00:53:21,040
that equals seven
1505
00:53:21,040 --> 00:53:22,559
well if we had no permissions that would
1506
00:53:22,559 --> 00:53:24,400
be zero so we could do something like a
1507
00:53:24,400 --> 00:53:26,079
seven zero zero
1508
00:53:26,079 --> 00:53:28,480
you might see something like read only
1509
00:53:28,480 --> 00:53:29,920
and then you would just give it four
1510
00:53:29,920 --> 00:53:32,880
four four across the board for example
1511
00:53:32,880 --> 00:53:36,000
or i've seen something like an ssh pem
1512
00:53:36,000 --> 00:53:38,720
file and those files require specific
1513
00:53:38,720 --> 00:53:41,040
permissions typically it is six four
1514
00:53:41,040 --> 00:53:43,680
four so that would say that the owner
1515
00:53:43,680 --> 00:53:46,480
has read write but no execute and then
1516
00:53:46,480 --> 00:53:48,559
the rest of everybody else has just read
1517
00:53:48,559 --> 00:53:50,800
access to that file so that would be a
1518
00:53:50,800 --> 00:53:53,680
644 permission so if you ever wonder
1519
00:53:53,680 --> 00:53:55,280
what the permissions mean you can always
1520
00:53:55,280 --> 00:53:57,040
refer back to a chart like this or
1521
00:53:57,040 --> 00:53:59,200
quickly google what do the ch mod
1522
00:53:59,200 --> 00:54:01,119
numbers mean just know if you want to
1523
00:54:01,119 --> 00:54:03,119
give something full permissions you are
1524
00:54:03,119 --> 00:54:06,240
going to set 777 across the board and if
1525
00:54:06,240 --> 00:54:08,079
we're doing hacking or doing penetration
1526
00:54:08,079 --> 00:54:09,760
testing that's often what we're going to
1527
00:54:09,760 --> 00:54:10,559
use
1528
00:54:10,559 --> 00:54:12,880
with the exception of pem files where
1529
00:54:12,880 --> 00:54:14,319
they have to have more restricted
1530
00:54:14,319 --> 00:54:16,480
permissions sometimes six four four
1531
00:54:16,480 --> 00:54:18,480
sometimes actually four zero zero is
1532
00:54:18,480 --> 00:54:20,559
what i've seen as well from here let's
1533
00:54:20,559 --> 00:54:23,119
go back to our cali machine and i'm
1534
00:54:23,119 --> 00:54:25,200
going to go ahead and control l to clear
1535
00:54:25,200 --> 00:54:26,640
the screen
1536
00:54:26,640 --> 00:54:28,559
here we want to take a look at adding a
1537
00:54:28,559 --> 00:54:29,680
user
1538
00:54:29,680 --> 00:54:32,720
so we're going to do a sudo
1539
00:54:32,720 --> 00:54:34,400
add user
1540
00:54:34,400 --> 00:54:36,240
and you can give whatever username you
1541
00:54:36,240 --> 00:54:37,839
want i'm going to just call this user
1542
00:54:37,839 --> 00:54:39,520
john
1543
00:54:39,520 --> 00:54:40,799
it's going to ask for our pseudo
1544
00:54:40,799 --> 00:54:42,400
password remember we changed our
1545
00:54:42,400 --> 00:54:43,920
password so make sure you put in the
1546
00:54:43,920 --> 00:54:45,200
right password
1547
00:54:45,200 --> 00:54:47,119
and now it's going to say okay what
1548
00:54:47,119 --> 00:54:50,640
password do you want to use for john
1549
00:54:50,640 --> 00:54:52,480
i'm going to go ahead and enter that
1550
00:54:52,480 --> 00:54:55,599
and i'm going to enter it again
1551
00:54:56,640 --> 00:54:57,920
and then you could just hit enter
1552
00:54:57,920 --> 00:54:59,920
through all of this
1553
00:54:59,920 --> 00:55:01,520
and get back to this screen where it
1554
00:55:01,520 --> 00:55:03,520
says cali app cali
1555
00:55:03,520 --> 00:55:04,960
from here we're going to go ahead and
1556
00:55:04,960 --> 00:55:08,000
switch user and go into john so just do
1557
00:55:08,000 --> 00:55:09,839
su john
1558
00:55:09,839 --> 00:55:11,599
i'm going to ask for john's password go
1559
00:55:11,599 --> 00:55:13,760
ahead and give that password
1560
00:55:13,760 --> 00:55:15,839
and now you can see
1561
00:55:15,839 --> 00:55:18,160
that we are john at cali
1562
00:55:18,160 --> 00:55:20,079
so what is special about john well we've
1563
00:55:20,079 --> 00:55:21,680
made a new user
1564
00:55:21,680 --> 00:55:24,799
and john has some permissions now if we
1565
00:55:24,799 --> 00:55:27,200
wanted to cut out like the
1566
00:55:27,200 --> 00:55:30,720
etsy password file
1567
00:55:30,720 --> 00:55:32,960
we can and this is a very common file
1568
00:55:32,960 --> 00:55:34,319
that you're going to look at as a pen
1569
00:55:34,319 --> 00:55:36,720
tester if you come in here the etsy
1570
00:55:36,720 --> 00:55:39,040
password file is important this is
1571
00:55:39,040 --> 00:55:40,400
something that we can see a lot of
1572
00:55:40,400 --> 00:55:42,480
information about this machine now the
1573
00:55:42,480 --> 00:55:44,000
etsy password file is called the
1574
00:55:44,000 --> 00:55:45,599
password file not because it has our
1575
00:55:45,599 --> 00:55:47,920
password in it but because it used to
1576
00:55:47,920 --> 00:55:50,079
store our password in it a very very
1577
00:55:50,079 --> 00:55:51,440
long time ago
1578
00:55:51,440 --> 00:55:53,520
now what is being done is they put an x
1579
00:55:53,520 --> 00:55:55,440
here for a placeholder and that
1580
00:55:55,440 --> 00:55:57,680
placeholder is then filled in with the
1581
00:55:57,680 --> 00:55:59,200
shadow file we'll take a look at that
1582
00:55:59,200 --> 00:56:00,559
here in a second
1583
00:56:00,559 --> 00:56:02,480
so we are using the cat command and
1584
00:56:02,480 --> 00:56:03,839
you've seen me use this several times
1585
00:56:03,839 --> 00:56:05,119
throughout the course
1586
00:56:05,119 --> 00:56:07,680
we are using that to basically print out
1587
00:56:07,680 --> 00:56:09,920
a file so when we print out the file we
1588
00:56:09,920 --> 00:56:11,440
can read the file
1589
00:56:11,440 --> 00:56:13,119
so from here we're reading the file
1590
00:56:13,119 --> 00:56:16,640
we're saying okay i see root root is the
1591
00:56:16,640 --> 00:56:19,119
zero user id and that is important
1592
00:56:19,119 --> 00:56:21,920
that's telling us they are the ultimate
1593
00:56:21,920 --> 00:56:25,200
user on the machine they are user zero
1594
00:56:25,200 --> 00:56:27,119
if we scroll way down to the bottom we
1595
00:56:27,119 --> 00:56:29,200
should see some users that were created
1596
00:56:29,200 --> 00:56:32,079
here for example we see cali cali's user
1597
00:56:32,079 --> 00:56:35,200
1000 pretty common we can also see that
1598
00:56:35,200 --> 00:56:37,359
john is in use here and john is user
1599
00:56:37,359 --> 00:56:38,880
1001
1600
00:56:38,880 --> 00:56:40,559
we can see what type of shell type
1601
00:56:40,559 --> 00:56:42,640
they're using and what their home folder
1602
00:56:42,640 --> 00:56:45,760
is as well you can see the zsh shell
1603
00:56:45,760 --> 00:56:48,720
type compared to john's bin bash so they
1604
00:56:48,720 --> 00:56:50,319
are different shell types and we'll get
1605
00:56:50,319 --> 00:56:52,319
into those a little later on
1606
00:56:52,319 --> 00:56:54,480
but from here we can also see
1607
00:56:54,480 --> 00:56:56,240
roots here we can see the root shell
1608
00:56:56,240 --> 00:56:58,720
type and we can also see what kind of
1609
00:56:58,720 --> 00:57:00,960
services are running on this machine so
1610
00:57:00,960 --> 00:57:02,240
if you want to find the users i
1611
00:57:02,240 --> 00:57:04,079
typically look at root and then i look
1612
00:57:04,079 --> 00:57:05,440
and scroll all the way to the bottom to
1613
00:57:05,440 --> 00:57:07,280
see what's been installed
1614
00:57:07,280 --> 00:57:09,599
besides what's on this machine so in
1615
00:57:09,599 --> 00:57:11,599
here we can see some things like
1616
00:57:11,599 --> 00:57:14,319
ssh which is important we know okay this
1617
00:57:14,319 --> 00:57:16,799
has the capability of running ssh maybe
1618
00:57:16,799 --> 00:57:19,920
has an ssh service maybe it has a sql
1619
00:57:19,920 --> 00:57:23,359
service here with the mysql openvpn so
1620
00:57:23,359 --> 00:57:24,559
it's a little bit of information
1621
00:57:24,559 --> 00:57:27,119
gathering if we were to land on a
1622
00:57:27,119 --> 00:57:28,720
machine for example and we're a
1623
00:57:28,720 --> 00:57:30,880
low-level user with no privileges we
1624
00:57:30,880 --> 00:57:32,480
could start to look at who are the other
1625
00:57:32,480 --> 00:57:34,240
users on the computer
1626
00:57:34,240 --> 00:57:36,720
why are they important how can we get a
1627
00:57:36,720 --> 00:57:38,400
hold of them where are their files
1628
00:57:38,400 --> 00:57:40,400
located what kind of services are
1629
00:57:40,400 --> 00:57:42,400
running on this machine this is all part
1630
00:57:42,400 --> 00:57:44,960
of the information gathering stage of
1631
00:57:44,960 --> 00:57:48,000
ethical hacking and this file leads to a
1632
00:57:48,000 --> 00:57:49,839
lot of clues for us
1633
00:57:49,839 --> 00:57:51,680
now clearing the screen
1634
00:57:51,680 --> 00:57:54,000
let's say i want to view the shadow file
1635
00:57:54,000 --> 00:57:56,160
the shadow file is the file that
1636
00:57:56,160 --> 00:57:58,559
contains the password hashes for this
1637
00:57:58,559 --> 00:57:59,680
machine
1638
00:57:59,680 --> 00:58:02,079
i'm going to go ahead and try to type in
1639
00:58:02,079 --> 00:58:04,160
cat
1640
00:58:04,160 --> 00:58:08,040
etsy shadow
1641
00:58:08,799 --> 00:58:11,599
permission denied okay maybe i need to
1642
00:58:11,599 --> 00:58:14,319
use sudo
1643
00:58:15,760 --> 00:58:18,960
let's try it here enter our password
1644
00:58:18,960 --> 00:58:22,000
oh john is not in the sudoers file this
1645
00:58:22,000 --> 00:58:24,319
is also called the su-doers file and you
1646
00:58:24,319 --> 00:58:27,359
can also call sudo sudo depends on your
1647
00:58:27,359 --> 00:58:29,040
nomenclature and how you pronounce it
1648
00:58:29,040 --> 00:58:30,880
i'm a pseudo person
1649
00:58:30,880 --> 00:58:33,040
so from here i'm going to go ahead and
1650
00:58:33,040 --> 00:58:34,240
control l
1651
00:58:34,240 --> 00:58:36,559
we're going to switch user back into
1652
00:58:36,559 --> 00:58:37,839
cali and we're gonna take a look at some
1653
00:58:37,839 --> 00:58:40,400
stuff so if i go switch user
1654
00:58:40,400 --> 00:58:42,559
kali it's gonna ask me for the password
1655
00:58:42,559 --> 00:58:45,760
and enter our password in
1656
00:58:45,760 --> 00:58:48,240
and first thing i want to show you the
1657
00:58:48,240 --> 00:58:50,079
shadow file before we move on to the
1658
00:58:50,079 --> 00:58:52,480
sudoers file so if we go
1659
00:58:52,480 --> 00:58:54,079
sudo cat
1660
00:58:54,079 --> 00:58:56,160
etsy shadow i think this is important to
1661
00:58:56,160 --> 00:58:57,520
see
1662
00:58:57,520 --> 00:58:59,599
you can come in here and remember how i
1663
00:58:59,599 --> 00:59:01,200
said with a hash
1664
00:59:01,200 --> 00:59:03,359
that this is set here so our root
1665
00:59:03,359 --> 00:59:04,960
password has not been set there's no
1666
00:59:04,960 --> 00:59:07,520
hash in here and this is security best
1667
00:59:07,520 --> 00:59:08,960
practice we don't really want to have a
1668
00:59:08,960 --> 00:59:10,799
root password unless we absolutely need
1669
00:59:10,799 --> 00:59:11,520
to
1670
00:59:11,520 --> 00:59:12,960
in this instance we might just want to
1671
00:59:12,960 --> 00:59:15,119
have certain users that can elevate into
1672
00:59:15,119 --> 00:59:18,240
root and then if logging is enabled we
1673
00:59:18,240 --> 00:59:20,880
can then see from our logs who accessed
1674
00:59:20,880 --> 00:59:22,799
that root account at what time you
1675
00:59:22,799 --> 00:59:24,319
really don't want to have a root
1676
00:59:24,319 --> 00:59:26,079
password where anybody can just log in
1677
00:59:26,079 --> 00:59:28,079
with a known password because then that
1678
00:59:28,079 --> 00:59:30,559
eliminates some accountability so best
1679
00:59:30,559 --> 00:59:32,319
practice would say hey if we have a
1680
00:59:32,319 --> 00:59:34,559
linux machine you get all regular user
1681
00:59:34,559 --> 00:59:35,760
accounts and then if you want to run
1682
00:59:35,760 --> 00:59:38,160
something as an elevated privilege
1683
00:59:38,160 --> 00:59:39,359
you're going to do that with your
1684
00:59:39,359 --> 00:59:42,160
account and then use sudo for that
1685
00:59:42,160 --> 00:59:43,040
but
1686
00:59:43,040 --> 00:59:45,760
looking down here we can see the hashes
1687
00:59:45,760 --> 00:59:46,640
for
1688
00:59:46,640 --> 00:59:48,000
this computer
1689
00:59:48,000 --> 00:59:51,280
okay and what's interesting actually is
1690
00:59:51,280 --> 00:59:53,520
kali and john have the same password but
1691
00:59:53,520 --> 00:59:56,319
they have different hashes and that is
1692
00:59:56,319 --> 00:59:58,160
sort of unique if you saw this in a
1693
00:59:58,160 --> 01:00:00,559
windows machine if the password was the
1694
01:00:00,559 --> 01:00:02,400
same on the local machine you would see
1695
01:00:02,400 --> 01:00:04,559
the exact same hash and that is a clear
1696
01:00:04,559 --> 01:00:07,359
indicator that password reuse is in play
1697
01:00:07,359 --> 01:00:09,440
but here it's not so the hashing
1698
01:00:09,440 --> 01:00:11,040
algorithm that's being used is a little
1699
01:00:11,040 --> 01:00:12,400
bit different and it's generating
1700
01:00:12,400 --> 01:00:13,520
different hashes even though the
1701
01:00:13,520 --> 01:00:15,599
password is the same regardless the
1702
01:00:15,599 --> 01:00:17,119
password for both of these accounts is
1703
01:00:17,119 --> 01:00:19,680
password and that's very weak and can
1704
01:00:19,680 --> 01:00:21,280
easily be cracked as we'll find out
1705
01:00:21,280 --> 01:00:22,559
later on
1706
01:00:22,559 --> 01:00:25,760
okay now on to the sudoers file what
1707
01:00:25,760 --> 01:00:27,599
we're going to do is we're going to do a
1708
01:00:27,599 --> 01:00:29,200
pseudo cat
1709
01:00:29,200 --> 01:00:31,680
and we're going to look at etsy
1710
01:00:31,680 --> 01:00:34,240
sudoers just like that and i might have
1711
01:00:34,240 --> 01:00:35,599
typed that a little fast so i'm going to
1712
01:00:35,599 --> 01:00:37,520
go ahead and scroll back up for a second
1713
01:00:37,520 --> 01:00:41,040
pseudo cat etsy sue doers
1714
01:00:41,040 --> 01:00:43,040
okay just like that it should auto tab
1715
01:00:43,040 --> 01:00:44,160
complete
1716
01:00:44,160 --> 01:00:45,520
and from there we're going to come in
1717
01:00:45,520 --> 01:00:47,280
here and we're going to look at who has
1718
01:00:47,280 --> 01:00:48,880
what privileges
1719
01:00:48,880 --> 01:00:51,280
well if you see allow members of a group
1720
01:00:51,280 --> 01:00:54,079
sudo to execute any command and you see
1721
01:00:54,079 --> 01:00:56,240
percent sudo so it's calling sudo from
1722
01:00:56,240 --> 01:00:58,160
somewhere else sometimes we can just
1723
01:00:58,160 --> 01:01:00,000
include users in here we could say hey
1724
01:01:00,000 --> 01:01:03,040
the user cali i want to do these things
1725
01:01:03,040 --> 01:01:04,720
instead this is saying hey anybody a
1726
01:01:04,720 --> 01:01:06,400
part of this group i want to be able to
1727
01:01:06,400 --> 01:01:08,480
do whatever they want they can execute
1728
01:01:08,480 --> 01:01:10,160
any commands like they were the root
1729
01:01:10,160 --> 01:01:11,839
user essentially
1730
01:01:11,839 --> 01:01:13,839
so with that what we're going to do is
1731
01:01:13,839 --> 01:01:16,960
we're going to take a look at who is in
1732
01:01:16,960 --> 01:01:19,599
that percent pseudo group and we can do
1733
01:01:19,599 --> 01:01:22,000
that by using the grep command
1734
01:01:22,000 --> 01:01:23,680
so we can say grep and we're going to
1735
01:01:23,680 --> 01:01:25,839
get really familiar with grep in the
1736
01:01:25,839 --> 01:01:27,599
bash scripting video but basically think
1737
01:01:27,599 --> 01:01:30,960
of grep as pulling out a specific string
1738
01:01:30,960 --> 01:01:34,000
or element out of a file or some
1739
01:01:34,000 --> 01:01:36,000
contents that you want to see it's a
1740
01:01:36,000 --> 01:01:38,319
great way to narrow down specifics and
1741
01:01:38,319 --> 01:01:40,240
pull down only the information that you
1742
01:01:40,240 --> 01:01:41,359
want and we're going to get really
1743
01:01:41,359 --> 01:01:42,880
familiar with it here in a couple of
1744
01:01:42,880 --> 01:01:43,920
videos
1745
01:01:43,920 --> 01:01:45,119
we're going to say grep and then we're
1746
01:01:45,119 --> 01:01:48,000
going to say sudo just like this
1747
01:01:48,000 --> 01:01:49,920
and we're going to do that from etsy
1748
01:01:49,920 --> 01:01:52,559
group
1749
01:01:52,559 --> 01:01:54,400
okay and it says who has a pseudo
1750
01:01:54,400 --> 01:01:57,599
privilege here all we see is kali so our
1751
01:01:57,599 --> 01:01:59,839
user has pseudo privilege if we wanted
1752
01:01:59,839 --> 01:02:01,680
to give privileges to john we'd have to
1753
01:02:01,680 --> 01:02:05,039
add john to the sudo group in the etsy
1754
01:02:05,039 --> 01:02:07,760
group or we could add john specifically
1755
01:02:07,760 --> 01:02:10,319
to the sudoers file and give him
1756
01:02:10,319 --> 01:02:12,400
specific permissions as well
1757
01:02:12,400 --> 01:02:14,319
and as we move on in the course and we
1758
01:02:14,319 --> 01:02:16,880
get into privilege escalation and if you
1759
01:02:16,880 --> 01:02:18,880
ever go into more of the privilege
1760
01:02:18,880 --> 01:02:21,119
escalation courses that we have you'll
1761
01:02:21,119 --> 01:02:23,359
see that we look at pseudo privileges
1762
01:02:23,359 --> 01:02:25,520
immediately when we get onto a machine
1763
01:02:25,520 --> 01:02:28,160
by doing something like sudo-l and we'll
1764
01:02:28,160 --> 01:02:30,319
take a look at those and say okay what
1765
01:02:30,319 --> 01:02:32,160
commands can i run and in this instance
1766
01:02:32,160 --> 01:02:34,880
we could see okay all commands can be
1767
01:02:34,880 --> 01:02:36,559
run here but sometimes that's not the
1768
01:02:36,559 --> 01:02:38,799
case sometimes we can only run one
1769
01:02:38,799 --> 01:02:40,799
specific command or maybe
1770
01:02:40,799 --> 01:02:42,880
john for example we want john to be able
1771
01:02:42,880 --> 01:02:45,200
to run python because john's a developer
1772
01:02:45,200 --> 01:02:47,039
so john can run python with pseudo
1773
01:02:47,039 --> 01:02:49,520
privileges but cannot run anything else
1774
01:02:49,520 --> 01:02:51,440
so something to think about depending on
1775
01:02:51,440 --> 01:02:53,119
the individual and who we want to give
1776
01:02:53,119 --> 01:02:54,319
permissions to
1777
01:02:54,319 --> 01:02:55,839
on that machine they might not have
1778
01:02:55,839 --> 01:02:58,079
privileges to access everything as sudo
1779
01:02:58,079 --> 01:02:59,599
they can actually be limited in what
1780
01:02:59,599 --> 01:03:01,599
they can run as well so that is it for
1781
01:03:01,599 --> 01:03:03,200
this video i'm going to go ahead and
1782
01:03:03,200 --> 01:03:05,760
catch you in the next one
1783
01:03:05,760 --> 01:03:07,680
now we're going to touch on networking
1784
01:03:07,680 --> 01:03:09,920
commands that are relevant to
1785
01:03:09,920 --> 01:03:12,319
penetration testing and relevant to this
1786
01:03:12,319 --> 01:03:13,440
course
1787
01:03:13,440 --> 01:03:14,640
so the first thing that we're going to
1788
01:03:14,640 --> 01:03:18,559
do is we're going to use the ip command
1789
01:03:18,559 --> 01:03:21,520
and that is ipa
1790
01:03:21,520 --> 01:03:24,640
ipa lists all is the way i like to think
1791
01:03:24,640 --> 01:03:25,599
about it
1792
01:03:25,599 --> 01:03:27,839
and you can see here that we have a
1793
01:03:27,839 --> 01:03:30,720
loopback address and we have our eth0
1794
01:03:30,720 --> 01:03:32,640
this is our ethernet address
1795
01:03:32,640 --> 01:03:34,079
and you can see that we have an ip
1796
01:03:34,079 --> 01:03:39,280
address here ipv4 of 192 168 138 140.
1797
01:03:39,280 --> 01:03:42,160
we are on a slash 24 subnet
1798
01:03:42,160 --> 01:03:46,240
and here is our broadcast address here
1799
01:03:46,240 --> 01:03:49,200
we can also see our ipv6 here which is
1800
01:03:49,200 --> 01:03:53,200
nice and we can see our mac address here
1801
01:03:53,200 --> 01:03:55,440
so we can also look at this through the
1802
01:03:55,440 --> 01:03:59,599
i f config command
1803
01:03:59,599 --> 01:04:01,839
and that will show us the same things
1804
01:04:01,839 --> 01:04:04,000
here's ethernet zero here is the
1805
01:04:04,000 --> 01:04:05,200
loopback
1806
01:04:05,200 --> 01:04:08,000
all the same information here ifconfig
1807
01:04:08,000 --> 01:04:10,559
is the old-school way of doing it ipa is
1808
01:04:10,559 --> 01:04:13,200
the newer way of doing it ipa is nice
1809
01:04:13,200 --> 01:04:15,599
and colorful if i'm being honest i still
1810
01:04:15,599 --> 01:04:17,920
use ifconfig because i like the old
1811
01:04:17,920 --> 01:04:20,960
school way of doing things but ipa is
1812
01:04:20,960 --> 01:04:22,880
the new way of doing things and in some
1813
01:04:22,880 --> 01:04:25,920
instances ifconfig requires pseudo to
1814
01:04:25,920 --> 01:04:27,520
even run or may no longer be on a
1815
01:04:27,520 --> 01:04:28,400
machine
1816
01:04:28,400 --> 01:04:30,400
but in some instances ip is not a
1817
01:04:30,400 --> 01:04:31,920
machine depending on
1818
01:04:31,920 --> 01:04:33,599
what type of machine you're on and what
1819
01:04:33,599 --> 01:04:35,440
you access you may need either one of
1820
01:04:35,440 --> 01:04:38,000
these so it's great to show you both
1821
01:04:38,000 --> 01:04:40,400
now while the ipa
1822
01:04:40,400 --> 01:04:42,000
does all
1823
01:04:42,000 --> 01:04:44,960
if only shows the ethernet connection so
1824
01:04:44,960 --> 01:04:47,200
the hardwired connections if we want to
1825
01:04:47,200 --> 01:04:48,960
see wireless connections we need to do
1826
01:04:48,960 --> 01:04:51,280
iw config
1827
01:04:51,280 --> 01:04:52,799
and in this instance you're going to see
1828
01:04:52,799 --> 01:04:54,960
down here that we have no wireless
1829
01:04:54,960 --> 01:04:57,359
connections right now when we get into
1830
01:04:57,359 --> 01:04:59,680
wireless hacking we'll see that we have
1831
01:04:59,680 --> 01:05:01,200
connections established and we'll use
1832
01:05:01,200 --> 01:05:03,839
the iwconfig command but just know for
1833
01:05:03,839 --> 01:05:05,760
now that it's for wireless and if you
1834
01:05:05,760 --> 01:05:08,640
ever need to use it that's what it's for
1835
01:05:08,640 --> 01:05:10,240
let's clear our screen and the next
1836
01:05:10,240 --> 01:05:12,359
thing i want to cover is the
1837
01:05:12,359 --> 01:05:15,359
ipn and n stands for
1838
01:05:15,359 --> 01:05:16,400
neighbor
1839
01:05:16,400 --> 01:05:19,839
the alternative to this is the arp dash
1840
01:05:19,839 --> 01:05:21,359
a
1841
01:05:21,359 --> 01:05:24,000
okay what is arp if you do not know what
1842
01:05:24,000 --> 01:05:26,640
arp is that is the address resolution
1843
01:05:26,640 --> 01:05:27,760
protocol
1844
01:05:27,760 --> 01:05:29,760
this comes from your networking if you
1845
01:05:29,760 --> 01:05:32,000
are not familiar with networking then
1846
01:05:32,000 --> 01:05:33,760
you may need to go study up on a little
1847
01:05:33,760 --> 01:05:34,880
bit of this
1848
01:05:34,880 --> 01:05:37,039
now arp says
1849
01:05:37,039 --> 01:05:39,760
what ip address is associated with what
1850
01:05:39,760 --> 01:05:42,799
mac address and what happens is
1851
01:05:42,799 --> 01:05:45,760
a broadcast message goes out when
1852
01:05:45,760 --> 01:05:48,640
we are trying to identify an ip address
1853
01:05:48,640 --> 01:05:50,400
and a mac address so broadcast goes out
1854
01:05:50,400 --> 01:05:53,599
and it says who has this ip address
1855
01:05:53,599 --> 01:05:55,760
and whoever has the ip address will come
1856
01:05:55,760 --> 01:05:58,160
back and it'll say hey that's me i have
1857
01:05:58,160 --> 01:06:00,640
that ip address and here is my mac
1858
01:06:00,640 --> 01:06:03,839
address so now you can associate my mac
1859
01:06:03,839 --> 01:06:06,880
address with this ip address
1860
01:06:06,880 --> 01:06:09,599
and it is a way to identify
1861
01:06:09,599 --> 01:06:11,920
these two items together and link them
1862
01:06:11,920 --> 01:06:14,160
up so again in this instance we can use
1863
01:06:14,160 --> 01:06:16,960
the iep command or the old arp command
1864
01:06:16,960 --> 01:06:19,119
now the ip command is a little bit
1865
01:06:19,119 --> 01:06:20,960
prettier and a little bit more colorful
1866
01:06:20,960 --> 01:06:24,160
i think easier to read in my opinion but
1867
01:06:24,160 --> 01:06:27,599
either will work in this situation
1868
01:06:27,599 --> 01:06:29,200
another iep command that we're going to
1869
01:06:29,200 --> 01:06:33,039
want to run and know is the ipr command
1870
01:06:33,039 --> 01:06:36,240
now r stands for route you could also
1871
01:06:36,240 --> 01:06:37,920
type in route
1872
01:06:37,920 --> 01:06:40,960
and you'll get similar feedback here
1873
01:06:40,960 --> 01:06:42,799
so what we're looking at is what is
1874
01:06:42,799 --> 01:06:45,359
called a routing table we want to know
1875
01:06:45,359 --> 01:06:48,160
where our traffic is routing and here
1876
01:06:48,160 --> 01:06:50,160
you can see on either one of these that
1877
01:06:50,160 --> 01:06:53,880
we're routing through 192.168.138.0
1878
01:06:54,400 --> 01:06:56,720
we have an open gateway we can see the
1879
01:06:56,720 --> 01:06:58,520
gateway here is
1880
01:06:58,520 --> 01:07:02,319
138.2 we can see our mask here and we
1881
01:07:02,319 --> 01:07:04,319
can find all that information out up
1882
01:07:04,319 --> 01:07:06,799
here as well so it's important to know
1883
01:07:06,799 --> 01:07:08,799
the routing and what's going on
1884
01:07:08,799 --> 01:07:11,359
especially if you are in a network for
1885
01:07:11,359 --> 01:07:13,280
example where you might have multiple
1886
01:07:13,280 --> 01:07:16,400
routes say if we come in and we say oh
1887
01:07:16,400 --> 01:07:17,680
ipa
1888
01:07:17,680 --> 01:07:21,760
okay we're on the 192 168 138 network
1889
01:07:21,760 --> 01:07:23,680
but we just try to connect to only the
1890
01:07:23,680 --> 01:07:25,359
machines on this network we see a slash
1891
01:07:25,359 --> 01:07:28,960
24 we think okay well i know a slash 24
1892
01:07:28,960 --> 01:07:32,640
has 255 potential iep addresses
1893
01:07:32,640 --> 01:07:34,400
and i'm going to go ahead and just stick
1894
01:07:34,400 --> 01:07:37,839
to scanning that subnet and looking for
1895
01:07:37,839 --> 01:07:41,039
those ips on that subnet well if you
1896
01:07:41,039 --> 01:07:42,720
looked at the routing table you might
1897
01:07:42,720 --> 01:07:44,960
actually see that there's a 137 in here
1898
01:07:44,960 --> 01:07:48,799
or 136 or maybe a 10 dot ip address or
1899
01:07:48,799 --> 01:07:51,359
something different than what you have
1900
01:07:51,359 --> 01:07:53,599
here maybe you have the ability to talk
1901
01:07:53,599 --> 01:07:56,160
to other networks even though you're on
1902
01:07:56,160 --> 01:07:58,799
this one slash 24 network
1903
01:07:58,799 --> 01:08:00,079
very important to look at the routing
1904
01:08:00,079 --> 01:08:02,799
table it's also important because in
1905
01:08:02,799 --> 01:08:05,839
real life pen tests we have been on a
1906
01:08:05,839 --> 01:08:08,880
quote unquote segmented network
1907
01:08:08,880 --> 01:08:10,880
and in reality it really wasn't a
1908
01:08:10,880 --> 01:08:12,640
segmented network there just wasn't a
1909
01:08:12,640 --> 01:08:15,200
route to that network so they said that
1910
01:08:15,200 --> 01:08:17,279
we were isolated and we couldn't access
1911
01:08:17,279 --> 01:08:19,759
anything and all we had to do was say
1912
01:08:19,759 --> 01:08:22,000
okay we're gonna go add that network to
1913
01:08:22,000 --> 01:08:24,080
our routing table and what do you know
1914
01:08:24,080 --> 01:08:25,759
we were able to scan and connect to the
1915
01:08:25,759 --> 01:08:27,040
network so
1916
01:08:27,040 --> 01:08:28,960
being able to know your routing table
1917
01:08:28,960 --> 01:08:30,799
being able to understand
1918
01:08:30,799 --> 01:08:33,198
what a route is and how to add routes
1919
01:08:33,198 --> 01:08:34,799
how to remove routes can become
1920
01:08:34,799 --> 01:08:36,719
important as well these are things that
1921
01:08:36,719 --> 01:08:38,880
you should already know
1922
01:08:38,880 --> 01:08:41,279
from general networking i'm showing you
1923
01:08:41,279 --> 01:08:43,279
the commands here for
1924
01:08:43,279 --> 01:08:45,600
basic routing and how to display the
1925
01:08:45,600 --> 01:08:47,920
routing tables
1926
01:08:47,920 --> 01:08:49,679
if you need further information on
1927
01:08:49,679 --> 01:08:51,679
routing tables you should go look that
1928
01:08:51,679 --> 01:08:53,439
up and research that before continuing
1929
01:08:53,439 --> 01:08:56,319
on with the ethical hacking course
1930
01:08:56,319 --> 01:08:58,319
okay last command i want to get through
1931
01:08:58,319 --> 01:09:01,040
that is the ping command so i'm going to
1932
01:09:01,040 --> 01:09:02,880
do an ifconfig again
1933
01:09:02,880 --> 01:09:04,399
and in this instance i'm just going to
1934
01:09:04,399 --> 01:09:07,839
ping 192.
1935
01:09:07,839 --> 01:09:10,719
and i believe earlier i saw a dot 2 was
1936
01:09:10,719 --> 01:09:12,960
my gateway so i'm going to go ahead and
1937
01:09:12,960 --> 01:09:14,799
just hit enter that should talk back to
1938
01:09:14,799 --> 01:09:16,399
me and it does
1939
01:09:16,399 --> 01:09:18,719
now if you are a windows user and you've
1940
01:09:18,719 --> 01:09:21,040
ever used ping before it will only send
1941
01:09:21,040 --> 01:09:23,198
four packets out so it'll check four
1942
01:09:23,198 --> 01:09:24,399
times
1943
01:09:24,399 --> 01:09:26,000
as you can see here
1944
01:09:26,000 --> 01:09:28,158
we are getting more than four packets
1945
01:09:28,158 --> 01:09:30,960
sent we are sending indefinitely
1946
01:09:30,960 --> 01:09:32,080
and i'm gonna go ahead and just hit
1947
01:09:32,080 --> 01:09:34,158
control c and stop that we are
1948
01:09:34,158 --> 01:09:35,439
definitely seeing that we're getting
1949
01:09:35,439 --> 01:09:36,880
responses back
1950
01:09:36,880 --> 01:09:38,479
now there is a way to limit the amount
1951
01:09:38,479 --> 01:09:40,238
that we send and the amount of traffic
1952
01:09:40,238 --> 01:09:41,839
that we're sending but basically what
1953
01:09:41,839 --> 01:09:43,359
we're doing with the ping command is
1954
01:09:43,359 --> 01:09:44,799
we're saying hey
1955
01:09:44,799 --> 01:09:46,880
are you there are you alive can you
1956
01:09:46,880 --> 01:09:48,080
respond to me and let me know you're
1957
01:09:48,080 --> 01:09:50,799
there so i asked the machine at this ip
1958
01:09:50,799 --> 01:09:53,759
address to respond and tell me yes i am
1959
01:09:53,759 --> 01:09:55,800
here now this is called
1960
01:09:55,800 --> 01:09:58,239
icmp traffic
1961
01:09:58,239 --> 01:10:01,679
not all machines permit icmp traffic
1962
01:10:01,679 --> 01:10:03,920
just because we ping a machine and it
1963
01:10:03,920 --> 01:10:05,679
does not respond
1964
01:10:05,679 --> 01:10:10,000
does not mean that it's not online okay
1965
01:10:10,000 --> 01:10:12,400
there are machines that have icmp
1966
01:10:12,400 --> 01:10:14,560
disabled and will not respond to ping
1967
01:10:14,560 --> 01:10:15,600
requests
1968
01:10:15,600 --> 01:10:17,440
but ping is a quick way to see if a
1969
01:10:17,440 --> 01:10:19,280
machine is online and typically by
1970
01:10:19,280 --> 01:10:22,480
default ping or icmp
1971
01:10:22,480 --> 01:10:25,280
is enabled on most machines just as a
1972
01:10:25,280 --> 01:10:27,120
further example we can ping a machine
1973
01:10:27,120 --> 01:10:29,280
that we do not believe to be alive so
1974
01:10:29,280 --> 01:10:31,120
i'm gonna change this to a three i don't
1975
01:10:31,120 --> 01:10:33,199
think there's a three on my network
1976
01:10:33,199 --> 01:10:34,960
and you're gonna see it's gonna try to
1977
01:10:34,960 --> 01:10:36,719
send data and it's just gonna get stuck
1978
01:10:36,719 --> 01:10:39,520
here and say host unreachable
1979
01:10:39,520 --> 01:10:41,920
now again that could potentially mean
1980
01:10:41,920 --> 01:10:43,840
that that host is not there or it could
1981
01:10:43,840 --> 01:10:46,560
potentially mean that the host has icmp
1982
01:10:46,560 --> 01:10:49,280
disabled but we're going to be using
1983
01:10:49,280 --> 01:10:51,679
ping sweeping to identify a host in our
1984
01:10:51,679 --> 01:10:54,640
network and we'll do that here in just a
1985
01:10:54,640 --> 01:10:56,719
couple of videos but i wanted you to get
1986
01:10:56,719 --> 01:10:58,159
familiar with the ping command if you
1987
01:10:58,159 --> 01:11:00,239
weren't familiar already
1988
01:11:00,239 --> 01:11:01,520
now there are some commands in this
1989
01:11:01,520 --> 01:11:03,600
video that we did not talk about for
1990
01:11:03,600 --> 01:11:06,000
example the netstat command
1991
01:11:06,000 --> 01:11:08,080
now the netstat command is used to
1992
01:11:08,080 --> 01:11:10,640
identify what open ports and services
1993
01:11:10,640 --> 01:11:13,040
are there we'll take a look at that more
1994
01:11:13,040 --> 01:11:15,600
later on but just know that that command
1995
01:11:15,600 --> 01:11:17,840
exists and that we're going to do
1996
01:11:17,840 --> 01:11:20,320
due diligence on a command later so any
1997
01:11:20,320 --> 01:11:21,360
of you that are watching that have
1998
01:11:21,360 --> 01:11:23,280
networking background or like hey you
1999
01:11:23,280 --> 01:11:25,440
didn't show netstat that's so important
2000
01:11:25,440 --> 01:11:27,199
you're correct it's coming later on in
2001
01:11:27,199 --> 01:11:29,280
the course so that's it for this video
2002
01:11:29,280 --> 01:11:30,800
we're going to go ahead and move on to
2003
01:11:30,800 --> 01:11:32,800
the next one
2004
01:11:32,800 --> 01:11:35,679
let's now talk about viewing creating
2005
01:11:35,679 --> 01:11:38,080
and editing files and we've done a
2006
01:11:38,080 --> 01:11:40,960
little bit of this in the course already
2007
01:11:40,960 --> 01:11:43,840
you've seen me do something like echo
2008
01:11:43,840 --> 01:11:46,159
hello and remember that prints out to
2009
01:11:46,159 --> 01:11:47,920
the screen
2010
01:11:47,920 --> 01:11:51,360
and we could just echo that again like a
2011
01:11:51,360 --> 01:11:53,920
hello and put that into a file and
2012
01:11:53,920 --> 01:11:55,679
you've seen me do that we'll just call
2013
01:11:55,679 --> 01:11:58,480
this one hey.txt
2014
01:11:58,480 --> 01:12:01,760
and if we ls we should see hey.txt right
2015
01:12:01,760 --> 01:12:03,040
here
2016
01:12:03,040 --> 01:12:05,520
if we do a cat
2017
01:12:05,520 --> 01:12:07,520
a dot txt we should print out to the
2018
01:12:07,520 --> 01:12:09,679
screen hello
2019
01:12:09,679 --> 01:12:11,679
all these should be pretty familiar to
2020
01:12:11,679 --> 01:12:12,960
you
2021
01:12:12,960 --> 01:12:15,600
so let's build upon this let's talk
2022
01:12:15,600 --> 01:12:18,239
about how we can append to this and
2023
01:12:18,239 --> 01:12:20,880
overwrite these files in different ways
2024
01:12:20,880 --> 01:12:22,640
that we can actually
2025
01:12:22,640 --> 01:12:24,400
create and edit files i'm going to clear
2026
01:12:24,400 --> 01:12:26,480
the screen here
2027
01:12:26,480 --> 01:12:28,719
now what if i wanted to add to this file
2028
01:12:28,719 --> 01:12:30,960
and i'm just tabbing up by the way what
2029
01:12:30,960 --> 01:12:33,760
if i want to say hello again
2030
01:12:33,760 --> 01:12:36,000
so i want to say echo hello again into
2031
01:12:36,000 --> 01:12:39,120
this hey.txt file that already exists
2032
01:12:39,120 --> 01:12:41,199
what do we think is going to happen here
2033
01:12:41,199 --> 01:12:43,360
so i'm going to go ahead and hit enter
2034
01:12:43,360 --> 01:12:45,199
and then i'm going to cat out the
2035
01:12:45,199 --> 01:12:47,600
hey.txt
2036
01:12:47,600 --> 01:12:49,520
well now it says hello again it used to
2037
01:12:49,520 --> 01:12:50,800
say hello
2038
01:12:50,800 --> 01:12:53,600
well that is because when we use one
2039
01:12:53,600 --> 01:12:56,400
greater than symbol like this
2040
01:12:56,400 --> 01:12:57,679
what's going to happen is that
2041
01:12:57,679 --> 01:12:59,520
overwrites the file
2042
01:12:59,520 --> 01:13:01,280
so if we tab up
2043
01:13:01,280 --> 01:13:03,440
and if we go over and we just write a
2044
01:13:03,440 --> 01:13:06,480
again again just for fun and let's add a
2045
01:13:06,480 --> 01:13:09,120
second one of these so now there should
2046
01:13:09,120 --> 01:13:11,679
be two of these greater than symbols
2047
01:13:11,679 --> 01:13:13,679
we hit enter
2048
01:13:13,679 --> 01:13:15,280
we cat out
2049
01:13:15,280 --> 01:13:17,520
a dot txt
2050
01:13:17,520 --> 01:13:19,520
and now you can see it says hello again
2051
01:13:19,520 --> 01:13:22,080
and hello again again
2052
01:13:22,080 --> 01:13:24,640
why do we care why are we doing this
2053
01:13:24,640 --> 01:13:26,960
well when we are using
2054
01:13:26,960 --> 01:13:29,120
scripting for example and we want to
2055
01:13:29,120 --> 01:13:30,880
loop through a bunch of information and
2056
01:13:30,880 --> 01:13:32,800
we want to add that information to a
2057
01:13:32,800 --> 01:13:35,280
file we might use something like this
2058
01:13:35,280 --> 01:13:37,520
where if we're gathering say ip
2059
01:13:37,520 --> 01:13:39,440
addresses this is foreshadowing by the
2060
01:13:39,440 --> 01:13:42,159
way say we're gathering ip addresses and
2061
01:13:42,159 --> 01:13:44,400
we are wanting to put them all in a file
2062
01:13:44,400 --> 01:13:45,520
we're going to need to use something
2063
01:13:45,520 --> 01:13:48,400
like a double greater than in order to
2064
01:13:48,400 --> 01:13:51,040
not overwrite the file with one ip
2065
01:13:51,040 --> 01:13:52,719
address we want to list all the ip
2066
01:13:52,719 --> 01:13:54,400
addresses in the file
2067
01:13:54,400 --> 01:13:55,520
so you're going to see that when we get
2068
01:13:55,520 --> 01:13:58,880
into the bash scripting of this section
2069
01:13:58,880 --> 01:14:00,400
let's clear our screen
2070
01:14:00,400 --> 01:14:02,560
another way that we can make a new file
2071
01:14:02,560 --> 01:14:04,880
is just to say touch
2072
01:14:04,880 --> 01:14:07,679
new file.txt
2073
01:14:07,679 --> 01:14:10,480
and if we ls you can see that new
2074
01:14:10,480 --> 01:14:12,880
file.txt is here
2075
01:14:12,880 --> 01:14:15,580
we can cat out new file.txt
2076
01:14:15,580 --> 01:14:16,719
[Music]
2077
01:14:16,719 --> 01:14:19,120
and nothing is going to be in there
2078
01:14:19,120 --> 01:14:20,560
because we didn't tell it to do anything
2079
01:14:20,560 --> 01:14:23,280
we just said touch which creates a file
2080
01:14:23,280 --> 01:14:24,080
so
2081
01:14:24,080 --> 01:14:27,199
we can use a different type of editor to
2082
01:14:27,199 --> 01:14:30,800
try and edit this and save the file
2083
01:14:30,800 --> 01:14:32,560
now there are a few
2084
01:14:32,560 --> 01:14:34,320
editors that we can use within our
2085
01:14:34,320 --> 01:14:36,159
terminal so we can use something called
2086
01:14:36,159 --> 01:14:38,800
nano which is my personal favorite
2087
01:14:38,800 --> 01:14:41,440
you may hear other people talk about vi
2088
01:14:41,440 --> 01:14:42,400
and vim
2089
01:14:42,400 --> 01:14:44,080
you may hear lots of jokes about
2090
01:14:44,080 --> 01:14:46,080
quitting them and how it's impossible to
2091
01:14:46,080 --> 01:14:49,280
quit them and for that reason honestly
2092
01:14:49,280 --> 01:14:51,920
because of the complications and because
2093
01:14:51,920 --> 01:14:53,600
i like simplicity
2094
01:14:53,600 --> 01:14:58,640
i just use nano so we can nano new file
2095
01:14:58,640 --> 01:14:59,520
and
2096
01:14:59,520 --> 01:15:01,600
in here you can type whatever you want
2097
01:15:01,600 --> 01:15:04,239
i'm going to literally say i can type
2098
01:15:04,239 --> 01:15:08,640
whatever i want in here
2099
01:15:08,880 --> 01:15:11,040
and now i'm going to hit ctrl x and
2100
01:15:11,040 --> 01:15:12,320
throughout this course you're going to
2101
01:15:12,320 --> 01:15:14,239
actually see me
2102
01:15:14,239 --> 01:15:15,920
use nano quite a bit
2103
01:15:15,920 --> 01:15:18,320
and we're going to use it for updating
2104
01:15:18,320 --> 01:15:21,600
files and shell code and it's beneficial
2105
01:15:21,600 --> 01:15:23,679
if we log into a machine remotely for
2106
01:15:23,679 --> 01:15:24,800
example
2107
01:15:24,800 --> 01:15:27,280
and we won't have the ability to have a
2108
01:15:27,280 --> 01:15:29,840
graphical user interface type notepad
2109
01:15:29,840 --> 01:15:30,960
which i'm going to show you here in a
2110
01:15:30,960 --> 01:15:33,280
second we might not have the
2111
01:15:33,280 --> 01:15:35,280
luxury of having something like that we
2112
01:15:35,280 --> 01:15:38,640
might have to use nano or vim or an in
2113
01:15:38,640 --> 01:15:40,640
terminal text editor so we're going to
2114
01:15:40,640 --> 01:15:42,640
go ahead and hit ctrl x here i'm going
2115
01:15:42,640 --> 01:15:44,320
to hit y which is going to say yes i
2116
01:15:44,320 --> 01:15:46,080
want to save this file and then i'm
2117
01:15:46,080 --> 01:15:47,679
going to hit enter
2118
01:15:47,679 --> 01:15:49,520
and now if i cut out
2119
01:15:49,520 --> 01:15:51,600
new file.txt
2120
01:15:51,600 --> 01:15:53,760
you can see it says i can type whatever
2121
01:15:53,760 --> 01:15:55,520
i want in here
2122
01:15:55,520 --> 01:15:56,719
lastly we're going to look at a
2123
01:15:56,719 --> 01:15:59,600
graphical notepad so we're going to use
2124
01:15:59,600 --> 01:16:03,440
mousepad we can type in mousepad
2125
01:16:03,440 --> 01:16:07,120
and we can just say new file.txt
2126
01:16:07,120 --> 01:16:09,199
just like we created
2127
01:16:09,199 --> 01:16:11,280
and hidden here you can see that it says
2128
01:16:11,280 --> 01:16:12,880
i can type whatever i want in here and
2129
01:16:12,880 --> 01:16:14,239
that's true
2130
01:16:14,239 --> 01:16:17,280
i can also modify it's just like a
2131
01:16:17,280 --> 01:16:19,600
notepad if you had on windows machine or
2132
01:16:19,600 --> 01:16:22,239
if you've used leaf pad or any sort of
2133
01:16:22,239 --> 01:16:23,840
notepad type material this one's just
2134
01:16:23,840 --> 01:16:27,040
called mousepad so we can control s and
2135
01:16:27,040 --> 01:16:28,880
save and then
2136
01:16:28,880 --> 01:16:32,000
just exit out if we cat out our new file
2137
01:16:32,000 --> 01:16:35,520
again you can see i can also modify
2138
01:16:35,520 --> 01:16:37,040
now throughout this course you might see
2139
01:16:37,040 --> 01:16:39,520
me use a tool called g edit it is not
2140
01:16:39,520 --> 01:16:41,760
installed on this machine yet though we
2141
01:16:41,760 --> 01:16:43,760
are making updates to the course we will
2142
01:16:43,760 --> 01:16:45,360
be using g edit
2143
01:16:45,360 --> 01:16:47,199
anytime you see me use g edit feel free
2144
01:16:47,199 --> 01:16:50,320
to use mousepad instead of g edit it's
2145
01:16:50,320 --> 01:16:52,640
become deprecated offensive security got
2146
01:16:52,640 --> 01:16:54,719
rid of it in kali linux and now if you
2147
01:16:54,719 --> 01:16:56,960
go hit g edit it'll say it's not found
2148
01:16:56,960 --> 01:16:58,400
but you can install it we're not going
2149
01:16:58,400 --> 01:17:00,000
to do that right now
2150
01:17:00,000 --> 01:17:03,280
but when we install tools in a upcoming
2151
01:17:03,280 --> 01:17:05,199
video you will be able to install that
2152
01:17:05,199 --> 01:17:07,280
with one of the tools that we're running
2153
01:17:07,280 --> 01:17:09,760
so anyway just note that we're gonna be
2154
01:17:09,760 --> 01:17:11,760
using mousepad instead of g edit because
2155
01:17:11,760 --> 01:17:14,640
it's the new and latest and greatest
2156
01:17:14,640 --> 01:17:18,000
one last thing with nano or any of these
2157
01:17:18,000 --> 01:17:19,360
tools
2158
01:17:19,360 --> 01:17:21,440
you can make a brand new file so you can
2159
01:17:21,440 --> 01:17:23,640
say like brand new
2160
01:17:23,640 --> 01:17:25,520
file.txt
2161
01:17:25,520 --> 01:17:28,159
and then you can type whatever
2162
01:17:28,159 --> 01:17:29,280
in here
2163
01:17:29,280 --> 01:17:31,600
and control x
2164
01:17:31,600 --> 01:17:32,719
hit y
2165
01:17:32,719 --> 01:17:33,920
hit enter
2166
01:17:33,920 --> 01:17:36,400
and then you can cat out brand new file
2167
01:17:36,400 --> 01:17:38,960
and guess what it's there so the file
2168
01:17:38,960 --> 01:17:41,840
doesn't have to be existing to use nano
2169
01:17:41,840 --> 01:17:44,560
or existing to use mousepad you can
2170
01:17:44,560 --> 01:17:47,040
create new files with these commands as
2171
01:17:47,040 --> 01:17:48,320
well
2172
01:17:48,320 --> 01:17:50,560
so that is it for this video i'm going
2173
01:17:50,560 --> 01:17:52,159
to go ahead and catch you in the next
2174
01:17:52,159 --> 01:17:54,400
one
2175
01:17:54,400 --> 01:17:56,400
another topic we need to talk about is
2176
01:17:56,400 --> 01:17:58,960
starting and stopping services
2177
01:17:58,960 --> 01:18:01,440
we may have a service like a web server
2178
01:18:01,440 --> 01:18:04,400
or ssh or maybe sql or some sort of
2179
01:18:04,400 --> 01:18:07,199
database that we need to start
2180
01:18:07,199 --> 01:18:09,840
while we're already running cali or we
2181
01:18:09,840 --> 01:18:12,480
might want to start a service
2182
01:18:12,480 --> 01:18:14,640
on boot every single time that our
2183
01:18:14,640 --> 01:18:16,400
computer loads if you've ever used
2184
01:18:16,400 --> 01:18:18,480
windows this is similar to
2185
01:18:18,480 --> 01:18:20,080
installing a program and then having
2186
01:18:20,080 --> 01:18:22,480
that boot up on launch it's kind of the
2187
01:18:22,480 --> 01:18:24,320
same thing here if we're installing
2188
01:18:24,320 --> 01:18:26,320
something we want that service to start
2189
01:18:26,320 --> 01:18:28,560
on launch we have to tell our machine to
2190
01:18:28,560 --> 01:18:30,159
do that so we're going to look at how to
2191
01:18:30,159 --> 01:18:31,679
start a service and how to have a
2192
01:18:31,679 --> 01:18:34,000
service start on launch so the first
2193
01:18:34,000 --> 01:18:35,840
service that we're going to look at is
2194
01:18:35,840 --> 01:18:38,640
the apache service and this is what i
2195
01:18:38,640 --> 01:18:41,040
used to use when i first started out as
2196
01:18:41,040 --> 01:18:43,840
an ethical hacker and the reason is is
2197
01:18:43,840 --> 01:18:45,840
that we can spin up our own web server
2198
01:18:45,840 --> 01:18:48,960
fairly easily and host malicious data or
2199
01:18:48,960 --> 01:18:50,719
files or things that we might want to
2200
01:18:50,719 --> 01:18:52,640
access or might want somebody else to
2201
01:18:52,640 --> 01:18:55,040
access so before we run that command i
2202
01:18:55,040 --> 01:18:56,719
do want to do a proof of concept so
2203
01:18:56,719 --> 01:18:58,960
let's do an ifconfig
2204
01:18:58,960 --> 01:19:00,880
and we're going to grab our ip address
2205
01:19:00,880 --> 01:19:03,600
here i'm going to copy this
2206
01:19:03,600 --> 01:19:07,120
and then i want to open up firefox
2207
01:19:07,120 --> 01:19:09,040
from within firefox i'm going to go
2208
01:19:09,040 --> 01:19:11,360
ahead and try to navigate to that ip
2209
01:19:11,360 --> 01:19:13,040
address
2210
01:19:13,040 --> 01:19:14,320
and you're going to see that it says
2211
01:19:14,320 --> 01:19:16,320
it's unable to connect this is exactly
2212
01:19:16,320 --> 01:19:17,920
what we expected
2213
01:19:17,920 --> 01:19:19,679
so now what we're going to do is we're
2214
01:19:19,679 --> 01:19:20,880
going to
2215
01:19:20,880 --> 01:19:23,600
come in here and we're going to say sudo
2216
01:19:23,600 --> 01:19:25,440
service
2217
01:19:25,440 --> 01:19:26,880
apache
2218
01:19:26,880 --> 01:19:28,000
to
2219
01:19:28,000 --> 01:19:29,360
start
2220
01:19:29,360 --> 01:19:31,679
we hit enter it's going to ask for our
2221
01:19:31,679 --> 01:19:35,080
sudo password
2222
01:19:36,000 --> 01:19:38,640
then we have no confirmation of anything
2223
01:19:38,640 --> 01:19:40,400
so let's go ahead and come in back into
2224
01:19:40,400 --> 01:19:41,760
the browser
2225
01:19:41,760 --> 01:19:44,880
and we're going to refresh
2226
01:19:44,960 --> 01:19:47,840
and take away the https
2227
01:19:47,840 --> 01:19:49,760
and now you can see that this is here on
2228
01:19:49,760 --> 01:19:52,719
port 80. so we are actually on http not
2229
01:19:52,719 --> 01:19:55,679
https and we have an apache server
2230
01:19:55,679 --> 01:19:58,400
running now now let's say we wanted to
2231
01:19:58,400 --> 01:20:00,960
stop this service we could we can go in
2232
01:20:00,960 --> 01:20:03,760
here and say sudo service
2233
01:20:03,760 --> 01:20:04,960
apache
2234
01:20:04,960 --> 01:20:07,520
to stop and before we do that i want to
2235
01:20:07,520 --> 01:20:08,960
show you something
2236
01:20:08,960 --> 01:20:11,280
so if we come back into the apache 2 i'm
2237
01:20:11,280 --> 01:20:13,920
going to make this a little bit bigger
2238
01:20:13,920 --> 01:20:16,400
you can see that our files are located
2239
01:20:16,400 --> 01:20:18,760
in the var
2240
01:20:18,760 --> 01:20:21,920
www.html folder and what that is if we
2241
01:20:21,920 --> 01:20:24,880
come to our home folder here
2242
01:20:24,880 --> 01:20:28,080
and we just go to file system
2243
01:20:28,080 --> 01:20:31,040
we scroll down and go to var
2244
01:20:31,040 --> 01:20:33,679
and then we go to www
2245
01:20:33,679 --> 01:20:36,639
html all i'm doing is going to the same
2246
01:20:36,639 --> 01:20:38,320
location here
2247
01:20:38,320 --> 01:20:40,800
why i'm doing this is this is where if i
2248
01:20:40,800 --> 01:20:43,360
wanted to host like a picture or a file
2249
01:20:43,360 --> 01:20:46,280
or malware i could put that in here this
2250
01:20:46,280 --> 01:20:48,639
index.html is the same index page that's
2251
01:20:48,639 --> 01:20:50,639
loaded here like if i open that that's
2252
01:20:50,639 --> 01:20:52,159
literally the same page that's being
2253
01:20:52,159 --> 01:20:54,639
hosted you're seeing it here from a file
2254
01:20:54,639 --> 01:20:56,800
format but now if i go back you can see
2255
01:20:56,800 --> 01:20:59,040
i'm hosting it at this ip address so if
2256
01:20:59,040 --> 01:21:00,719
i wanted to host something malicious i
2257
01:21:00,719 --> 01:21:02,000
could do that
2258
01:21:02,000 --> 01:21:03,600
now in order to stop the service all we
2259
01:21:03,600 --> 01:21:05,199
have to do is say stop
2260
01:21:05,199 --> 01:21:07,280
hit enter then we come back and we
2261
01:21:07,280 --> 01:21:09,199
refresh this page
2262
01:21:09,199 --> 01:21:11,120
you can see that we're now again unable
2263
01:21:11,120 --> 01:21:12,480
to connect
2264
01:21:12,480 --> 01:21:14,320
now i did mention the beginning of this
2265
01:21:14,320 --> 01:21:16,800
video that this was my favorite way to
2266
01:21:16,800 --> 01:21:19,840
host malicious stuff or just host files
2267
01:21:19,840 --> 01:21:21,679
for whatever purpose
2268
01:21:21,679 --> 01:21:23,920
now that has changed
2269
01:21:23,920 --> 01:21:26,400
i now use python to do this
2270
01:21:26,400 --> 01:21:28,320
so we can create a file let's go ahead
2271
01:21:28,320 --> 01:21:31,040
and just say echo hello
2272
01:21:31,040 --> 01:21:32,410
and we're going to do
2273
01:21:32,410 --> 01:21:33,639
[Music]
2274
01:21:33,639 --> 01:21:35,280
hello.txt
2275
01:21:35,280 --> 01:21:37,199
so if we ls we can see that we've got a
2276
01:21:37,199 --> 01:21:39,080
bunch of stuff in here
2277
01:21:39,080 --> 01:21:41,760
hello.txt being one of them so what i'm
2278
01:21:41,760 --> 01:21:44,159
going to do is i'm going to spin up a
2279
01:21:44,159 --> 01:21:46,480
web server on the fly
2280
01:21:46,480 --> 01:21:50,159
with python so i'm going to say python
2281
01:21:50,159 --> 01:21:51,679
3
2282
01:21:51,679 --> 01:21:52,960
dash m
2283
01:21:52,960 --> 01:21:55,760
http.server
2284
01:21:55,760 --> 01:21:58,800
and then i'm going to give it port 80.
2285
01:21:58,800 --> 01:22:00,800
now what we're saying is we want to run
2286
01:22:00,800 --> 01:22:02,719
the module http server and we're going
2287
01:22:02,719 --> 01:22:05,120
to run port 80 here you can put whatever
2288
01:22:05,120 --> 01:22:06,639
port you want
2289
01:22:06,639 --> 01:22:08,159
and you can see now it says hey it's
2290
01:22:08,159 --> 01:22:11,199
hosting up http on port 80 and what's
2291
01:22:11,199 --> 01:22:13,440
going to happen is any file within the
2292
01:22:13,440 --> 01:22:15,440
directory that i'm in is going to now be
2293
01:22:15,440 --> 01:22:17,679
hosted so you can see that i'm hosting
2294
01:22:17,679 --> 01:22:20,639
all this stuff here pretty awesome it's
2295
01:22:20,639 --> 01:22:23,040
a quick way to host up a web server
2296
01:22:23,040 --> 01:22:24,400
without having to start and stop
2297
01:22:24,400 --> 01:22:26,960
services and you can on the fly from
2298
01:22:26,960 --> 01:22:29,360
within a folder just start a web server
2299
01:22:29,360 --> 01:22:31,760
so i think this is the cooler and better
2300
01:22:31,760 --> 01:22:33,520
way to do it so i wanted to show you how
2301
01:22:33,520 --> 01:22:35,520
to start a service but also that python
2302
01:22:35,520 --> 01:22:38,480
has some robust capabilities as well
2303
01:22:38,480 --> 01:22:40,880
if you follow into the python section
2304
01:22:40,880 --> 01:22:44,320
we'll cover how to run an ftp server as
2305
01:22:44,320 --> 01:22:47,040
well which is also fun stuff so i'm
2306
01:22:47,040 --> 01:22:48,800
going to hit control c which is going to
2307
01:22:48,800 --> 01:22:50,639
again shut down the server if i come
2308
01:22:50,639 --> 01:22:52,159
here refresh you'll see that it's now
2309
01:22:52,159 --> 01:22:53,679
shut down
2310
01:22:53,679 --> 01:22:56,080
and we can go ahead and talk about one
2311
01:22:56,080 --> 01:22:58,480
more thing before we go so
2312
01:22:58,480 --> 01:23:00,480
let's say that we wanted a service to
2313
01:23:00,480 --> 01:23:02,960
start when we started our machine
2314
01:23:02,960 --> 01:23:04,880
well for that we're going to use the
2315
01:23:04,880 --> 01:23:09,120
system ctl command system ctl
2316
01:23:09,120 --> 01:23:11,360
and we can say enable
2317
01:23:11,360 --> 01:23:14,880
if we wanted to for example enable ssh
2318
01:23:14,880 --> 01:23:17,440
we can come in here and just enable ssh
2319
01:23:17,440 --> 01:23:20,239
and we just hit enter on this and now
2320
01:23:20,239 --> 01:23:22,560
you can see that it's enabled so when we
2321
01:23:22,560 --> 01:23:25,199
restart the computer ssh will always be
2322
01:23:25,199 --> 01:23:27,040
enabled for us now i'm going to disable
2323
01:23:27,040 --> 01:23:29,280
that this isn't like security best
2324
01:23:29,280 --> 01:23:31,760
practice
2325
01:23:32,480 --> 01:23:34,159
and now you can see that we have
2326
01:23:34,159 --> 01:23:35,520
disabled it
2327
01:23:35,520 --> 01:23:37,440
and we're good to go so if you ever have
2328
01:23:37,440 --> 01:23:38,960
a service that you want to run you just
2329
01:23:38,960 --> 01:23:40,159
need to figure out the name of the
2330
01:23:40,159 --> 01:23:42,400
service and enable that and there may be
2331
01:23:42,400 --> 01:23:44,000
times that you want things to run like
2332
01:23:44,000 --> 01:23:46,719
historically i have ran ssh with it
2333
01:23:46,719 --> 01:23:49,280
enabled or i used to run the apache 2
2334
01:23:49,280 --> 01:23:50,719
server so i didn't have to spin it up
2335
01:23:50,719 --> 01:23:52,239
every time i just had a place to go
2336
01:23:52,239 --> 01:23:54,400
immediately host that but your mileage
2337
01:23:54,400 --> 01:23:55,840
may vary depending on what it is you
2338
01:23:55,840 --> 01:23:57,360
want to run but knowing these commands
2339
01:23:57,360 --> 01:23:59,280
is important in case you need to start
2340
01:23:59,280 --> 01:24:00,960
or stop a service maybe restart a
2341
01:24:00,960 --> 01:24:03,600
service same thing with enabling a
2342
01:24:03,600 --> 01:24:05,840
service at boot up or disabling a
2343
01:24:05,840 --> 01:24:07,440
service at boot up
2344
01:24:07,440 --> 01:24:08,960
so that's it for this video i'll go
2345
01:24:08,960 --> 01:24:12,239
ahead and see you over in the next one
2346
01:24:12,239 --> 01:24:14,239
now let's talk about installing and
2347
01:24:14,239 --> 01:24:16,560
updating tools
2348
01:24:16,560 --> 01:24:17,600
so the first thing that we're going to
2349
01:24:17,600 --> 01:24:19,920
do from our command line is we're going
2350
01:24:19,920 --> 01:24:22,480
to look at how we would update
2351
01:24:22,480 --> 01:24:26,000
our current machine so just like
2352
01:24:26,000 --> 01:24:27,920
other operating systems
2353
01:24:27,920 --> 01:24:30,560
linux machines require updates as well
2354
01:24:30,560 --> 01:24:33,920
and patching can be best practice
2355
01:24:33,920 --> 01:24:37,040
so in order to update and upgrade our
2356
01:24:37,040 --> 01:24:38,719
machine we're going to use the sudo
2357
01:24:38,719 --> 01:24:40,080
command
2358
01:24:40,080 --> 01:24:42,080
and we're going to say
2359
01:24:42,080 --> 01:24:43,040
apt
2360
01:24:43,040 --> 01:24:44,719
apt
2361
01:24:44,719 --> 01:24:46,960
and then we're going to say update
2362
01:24:46,960 --> 01:24:49,840
and upgrade just like that so make sure
2363
01:24:49,840 --> 01:24:52,639
you use two ampersand symbols here
2364
01:24:52,639 --> 01:24:53,920
we're going to do two commands we're
2365
01:24:53,920 --> 01:24:55,840
going to say first i want you to update
2366
01:24:55,840 --> 01:24:58,480
second i want you to upgrade well why
2367
01:24:58,480 --> 01:24:59,920
are we doing this why are we running two
2368
01:24:59,920 --> 01:25:01,760
commands in the first place
2369
01:25:01,760 --> 01:25:04,880
well what we do when we actually install
2370
01:25:04,880 --> 01:25:07,760
items on our cali machine
2371
01:25:07,760 --> 01:25:09,679
we are going out to what are called
2372
01:25:09,679 --> 01:25:11,360
repositories and we're looking through
2373
01:25:11,360 --> 01:25:12,480
packages
2374
01:25:12,480 --> 01:25:14,639
and the update command is going out to
2375
01:25:14,639 --> 01:25:16,639
the known repositories and it is
2376
01:25:16,639 --> 01:25:19,440
updating those repositories and then
2377
01:25:19,440 --> 01:25:21,520
it's going to look at those repositories
2378
01:25:21,520 --> 01:25:22,880
and say okay
2379
01:25:22,880 --> 01:25:25,679
what needs upgraded here so what tools
2380
01:25:25,679 --> 01:25:26,480
have
2381
01:25:26,480 --> 01:25:29,120
upgrades or updates available for them
2382
01:25:29,120 --> 01:25:32,239
that we need so if we run this command
2383
01:25:32,239 --> 01:25:33,600
you're going to see that it's going to
2384
01:25:33,600 --> 01:25:35,440
go through these repositories you can
2385
01:25:35,440 --> 01:25:37,760
see it going through these cali rolling
2386
01:25:37,760 --> 01:25:41,679
and release amd 64 packages and contents
2387
01:25:41,679 --> 01:25:44,400
etc etc it'll take some time
2388
01:25:44,400 --> 01:25:46,719
as it goes through and it updates these
2389
01:25:46,719 --> 01:25:48,159
repositories
2390
01:25:48,159 --> 01:25:50,480
it's going to find what programs we need
2391
01:25:50,480 --> 01:25:52,560
and it'll provide it in a list
2392
01:25:52,560 --> 01:25:54,560
now what you can see is it's asking us
2393
01:25:54,560 --> 01:25:58,080
are you rude so this is a lesson here
2394
01:25:58,080 --> 01:26:00,480
sometimes we have to be the root user we
2395
01:26:00,480 --> 01:26:01,600
can't be
2396
01:26:01,600 --> 01:26:04,800
just a pseudo user to run commands so
2397
01:26:04,800 --> 01:26:06,320
what we're going to do in this instance
2398
01:26:06,320 --> 01:26:09,199
is we're going to sudo switch user
2399
01:26:09,199 --> 01:26:10,480
into root
2400
01:26:10,480 --> 01:26:12,080
now we're root and we're going to run
2401
01:26:12,080 --> 01:26:14,000
that command again we're going to say
2402
01:26:14,000 --> 01:26:16,000
app update
2403
01:26:16,000 --> 01:26:19,920
and apt upgrade
2404
01:26:20,719 --> 01:26:22,320
okay and it's going to run through this
2405
01:26:22,320 --> 01:26:23,920
and then it should provide us with a
2406
01:26:23,920 --> 01:26:26,080
list of what we're going to install
2407
01:26:26,080 --> 01:26:27,840
which if we scroll back up to the top
2408
01:26:27,840 --> 01:26:30,080
you can see that it says hey
2409
01:26:30,080 --> 01:26:31,440
these packages were automatically
2410
01:26:31,440 --> 01:26:34,239
installed and no longer required and it
2411
01:26:34,239 --> 01:26:36,320
says we can use the app auto remove
2412
01:26:36,320 --> 01:26:37,920
command to do that
2413
01:26:37,920 --> 01:26:39,440
it's saying here are the brand new
2414
01:26:39,440 --> 01:26:41,600
packages that need to be installed and
2415
01:26:41,600 --> 01:26:42,960
then here are the packages that are
2416
01:26:42,960 --> 01:26:44,400
going to be upgraded so these are
2417
01:26:44,400 --> 01:26:47,120
already installed such as like apache 2
2418
01:26:47,120 --> 01:26:49,280
has some updates that are required and
2419
01:26:49,280 --> 01:26:50,800
it's going to go through and install all
2420
01:26:50,800 --> 01:26:52,080
these now when you scroll down to the
2421
01:26:52,080 --> 01:26:53,040
bottom
2422
01:26:53,040 --> 01:26:54,719
it's going to say
2423
01:26:54,719 --> 01:26:56,880
you need 801 megabytes and yours might
2424
01:26:56,880 --> 01:26:58,480
be different depending on when you watch
2425
01:26:58,480 --> 01:26:59,760
this video it's going to say do you want
2426
01:26:59,760 --> 01:27:02,080
to continue this operation
2427
01:27:02,080 --> 01:27:05,040
in this instance i'm going to say no
2428
01:27:05,040 --> 01:27:07,199
and the reason that i'm going to say no
2429
01:27:07,199 --> 01:27:10,960
is because updating on kali linux can
2430
01:27:10,960 --> 01:27:13,280
break things you should always have
2431
01:27:13,280 --> 01:27:15,520
almost two copies of your linux right
2432
01:27:15,520 --> 01:27:17,360
you should take a backup copy before you
2433
01:27:17,360 --> 01:27:20,080
ever make an update and there are some
2434
01:27:20,080 --> 01:27:22,000
limitations on being able to make
2435
01:27:22,000 --> 01:27:24,080
backups depending on if you're using
2436
01:27:24,080 --> 01:27:25,760
vmware virtualbox and we're not going to
2437
01:27:25,760 --> 01:27:27,920
get into that right now we just know
2438
01:27:27,920 --> 01:27:30,080
that tools can easily get broken by
2439
01:27:30,080 --> 01:27:32,800
pushing updates and we'll talk about a
2440
01:27:32,800 --> 01:27:35,920
tool that you can use that is up to date
2441
01:27:35,920 --> 01:27:38,159
and kind of makes your cali the latest
2442
01:27:38,159 --> 01:27:40,880
and greatest without breaking anything
2443
01:27:40,880 --> 01:27:42,560
even the current version of cali right
2444
01:27:42,560 --> 01:27:44,719
now 2022.2
2445
01:27:44,719 --> 01:27:47,199
not all the tools work out of the box as
2446
01:27:47,199 --> 01:27:49,040
the way that they should
2447
01:27:49,040 --> 01:27:50,639
we'll talk about that in just a little
2448
01:27:50,639 --> 01:27:53,280
bit so let's say that you wanted to
2449
01:27:53,280 --> 01:27:55,120
install a tool and we're just gonna go
2450
01:27:55,120 --> 01:27:57,120
grab one as an example
2451
01:27:57,120 --> 01:27:58,400
so let's say that there was a tool you
2452
01:27:58,400 --> 01:28:00,639
wanted to install like this kron daemon
2453
01:28:00,639 --> 01:28:03,360
common i'm just going to copy that
2454
01:28:03,360 --> 01:28:06,080
you could come in here and you could say
2455
01:28:06,080 --> 01:28:07,920
apt install
2456
01:28:07,920 --> 01:28:11,120
ron damon common like this hit enter and
2457
01:28:11,120 --> 01:28:12,719
it's going to say oh you want to install
2458
01:28:12,719 --> 01:28:15,280
this just hit yes and it will install
2459
01:28:15,280 --> 01:28:17,120
and it will also upgrade this cron
2460
01:28:17,120 --> 01:28:19,600
package here i'm not going to do that
2461
01:28:19,600 --> 01:28:21,920
but just know that you can also install
2462
01:28:21,920 --> 01:28:23,840
applications as a one-time thing if
2463
01:28:23,840 --> 01:28:26,000
they're a part of the repository that
2464
01:28:26,000 --> 01:28:27,840
you have we're not going to get into
2465
01:28:27,840 --> 01:28:30,400
updating repositories and adding manual
2466
01:28:30,400 --> 01:28:32,000
repositories we don't need to know that
2467
01:28:32,000 --> 01:28:34,320
at this point in our linux careers we
2468
01:28:34,320 --> 01:28:35,920
just need to understand that we're going
2469
01:28:35,920 --> 01:28:38,000
out to repository and we can download
2470
01:28:38,000 --> 01:28:40,800
those items or packages based on what is
2471
01:28:40,800 --> 01:28:42,400
in the repository so updating the
2472
01:28:42,400 --> 01:28:43,840
repository is always good and then we
2473
01:28:43,840 --> 01:28:46,080
check for upgrades available to our
2474
01:28:46,080 --> 01:28:47,280
packages
2475
01:28:47,280 --> 01:28:48,719
in this instance we're not going to do
2476
01:28:48,719 --> 01:28:50,800
any updating or upgrading but there may
2477
01:28:50,800 --> 01:28:52,400
be a time where we need to install a
2478
01:28:52,400 --> 01:28:54,159
specific tool or we go out to the web
2479
01:28:54,159 --> 01:28:56,560
and we have to grab a tool and it says
2480
01:28:56,560 --> 01:28:59,199
hey run this app install command this is
2481
01:28:59,199 --> 01:29:00,800
what it's going to be doing this is how
2482
01:29:00,800 --> 01:29:03,199
we would install something if we need to
2483
01:29:03,199 --> 01:29:04,400
now the next thing that we're going to
2484
01:29:04,400 --> 01:29:07,040
look at is we're going to look at the
2485
01:29:07,040 --> 01:29:08,880
get command
2486
01:29:08,880 --> 01:29:12,000
and git is a tool that runs with github
2487
01:29:12,000 --> 01:29:14,719
i'm going to open up a new firefox
2488
01:29:14,719 --> 01:29:16,560
and i'm going to make this a little bit
2489
01:29:16,560 --> 01:29:18,320
bigger we're going to go to github
2490
01:29:18,320 --> 01:29:19,840
actually let's just go to google we're
2491
01:29:19,840 --> 01:29:21,920
going to go to google
2492
01:29:21,920 --> 01:29:24,639
and a lot of times in our ethical
2493
01:29:24,639 --> 01:29:26,880
hacking careers we're going to be
2494
01:29:26,880 --> 01:29:28,639
searching for tools we're going to come
2495
01:29:28,639 --> 01:29:30,480
out here and we're going to say oh i
2496
01:29:30,480 --> 01:29:32,480
really want to find a tool maybe that
2497
01:29:32,480 --> 01:29:33,440
does
2498
01:29:33,440 --> 01:29:35,360
brute force
2499
01:29:35,360 --> 01:29:37,440
office 365
2500
01:29:37,440 --> 01:29:38,400
and then i might say something like
2501
01:29:38,400 --> 01:29:39,600
github and you can see it's already
2502
01:29:39,600 --> 01:29:41,199
starting to
2503
01:29:41,199 --> 01:29:43,760
fill out and we might go find something
2504
01:29:43,760 --> 01:29:47,199
like okay there's this daft hack tool we
2505
01:29:47,199 --> 01:29:49,360
might click on that and we come in here
2506
01:29:49,360 --> 01:29:51,280
and it might tell you how to install
2507
01:29:51,280 --> 01:29:52,800
this well this is powershell so that's
2508
01:29:52,800 --> 01:29:54,960
not a great example we might come into
2509
01:29:54,960 --> 01:29:56,719
here and we might say okay here's one
2510
01:29:56,719 --> 01:29:58,719
how to install so you go through and
2511
01:29:58,719 --> 01:30:00,719
it'll say here's the usage on how to use
2512
01:30:00,719 --> 01:30:02,560
this and sometimes we'll give you
2513
01:30:02,560 --> 01:30:04,400
installation instructions but a lot of
2514
01:30:04,400 --> 01:30:06,320
times all you will need to do is you'll
2515
01:30:06,320 --> 01:30:08,560
need to come in here and just download
2516
01:30:08,560 --> 01:30:10,880
the code to install the file
2517
01:30:10,880 --> 01:30:12,400
so i'm going to show you a tool that
2518
01:30:12,400 --> 01:30:14,719
we're going to install and run
2519
01:30:14,719 --> 01:30:17,360
we go to google
2520
01:30:17,360 --> 01:30:18,960
and we search for
2521
01:30:18,960 --> 01:30:20,719
pimp my
2522
01:30:20,719 --> 01:30:22,239
cali
2523
01:30:22,239 --> 01:30:23,600
just like that
2524
01:30:23,600 --> 01:30:25,280
you're going to see that we can click in
2525
01:30:25,280 --> 01:30:28,719
here and this tool is available to us to
2526
01:30:28,719 --> 01:30:29,760
download
2527
01:30:29,760 --> 01:30:31,120
now
2528
01:30:31,120 --> 01:30:33,679
one way to look at a tool and see if it
2529
01:30:33,679 --> 01:30:36,159
has any relevancy on github is to look
2530
01:30:36,159 --> 01:30:38,400
up at the number of stars that it has
2531
01:30:38,400 --> 01:30:40,719
and the forks that it has
2532
01:30:40,719 --> 01:30:43,040
anything with like 700 stars like this
2533
01:30:43,040 --> 01:30:44,960
is pretty reputable and you also should
2534
01:30:44,960 --> 01:30:46,880
look at when it was last updated you
2535
01:30:46,880 --> 01:30:48,800
could see that this was last updated
2536
01:30:48,800 --> 01:30:49,920
last month
2537
01:30:49,920 --> 01:30:52,000
now full disclosure dewalt actually
2538
01:30:52,000 --> 01:30:56,000
works for tcm security and is a
2539
01:30:56,000 --> 01:30:57,840
fantastic person if you never got to
2540
01:30:57,840 --> 01:30:59,679
interact with dewalt he is somebody that
2541
01:30:59,679 --> 01:31:02,400
is awesome and a great resource he built
2542
01:31:02,400 --> 01:31:03,440
this out
2543
01:31:03,440 --> 01:31:04,639
because
2544
01:31:04,639 --> 01:31:06,239
there were so many issues with kali
2545
01:31:06,239 --> 01:31:08,159
linux and the
2546
01:31:08,159 --> 01:31:10,400
tools that were coming freshly installed
2547
01:31:10,400 --> 01:31:12,639
like in 2022.2
2548
01:31:12,639 --> 01:31:14,159
don't always work in the way that we
2549
01:31:14,159 --> 01:31:16,239
intend them to work so a lot of tools
2550
01:31:16,239 --> 01:31:18,800
are broken some things need downgraded
2551
01:31:18,800 --> 01:31:20,400
and there's a lot of options in here
2552
01:31:20,400 --> 01:31:22,560
that can tell you hey here's what we can
2553
01:31:22,560 --> 01:31:24,960
fix like we can fix different missing
2554
01:31:24,960 --> 01:31:27,120
issues that are going on or we can fix
2555
01:31:27,120 --> 01:31:30,080
go laying or fix impact it and you don't
2556
01:31:30,080 --> 01:31:31,040
have to worry about what any of that
2557
01:31:31,040 --> 01:31:33,199
means right now until we get into pen
2558
01:31:33,199 --> 01:31:35,360
testing but this is something that we
2559
01:31:35,360 --> 01:31:38,480
actually do install and run when we
2560
01:31:38,480 --> 01:31:40,719
build out our lab machines or we build
2561
01:31:40,719 --> 01:31:43,120
out our machines for even
2562
01:31:43,120 --> 01:31:44,960
hacking on clients this is such a
2563
01:31:44,960 --> 01:31:47,280
well-done tool and he tells you in here
2564
01:31:47,280 --> 01:31:50,320
how to install it he says hey get clone
2565
01:31:50,320 --> 01:31:52,239
right here off of this
2566
01:31:52,239 --> 01:31:54,239
address we can also come up here we can
2567
01:31:54,239 --> 01:31:56,480
go to the code and we can just copy
2568
01:31:56,480 --> 01:31:59,040
we say copy pimp my cali right here and
2569
01:31:59,040 --> 01:32:00,800
then we'll come in and we can just say
2570
01:32:00,800 --> 01:32:02,880
get clone
2571
01:32:02,880 --> 01:32:04,320
actually let's switch user i'm sorry
2572
01:32:04,320 --> 01:32:07,280
let's sudo or let's switch user back to
2573
01:32:07,280 --> 01:32:08,560
ali
2574
01:32:08,560 --> 01:32:10,000
and we'll enter
2575
01:32:10,000 --> 01:32:11,920
here and then what i like to do when i
2576
01:32:11,920 --> 01:32:14,320
install tools is i like to install them
2577
01:32:14,320 --> 01:32:17,600
into the op folder the opt folder
2578
01:32:17,600 --> 01:32:19,760
so from here we're going to run
2579
01:32:19,760 --> 01:32:21,840
git clone
2580
01:32:21,840 --> 01:32:24,400
paste that
2581
01:32:24,800 --> 01:32:26,480
actually we're going to run sudo get
2582
01:32:26,480 --> 01:32:28,719
clone i apologize
2583
01:32:28,719 --> 01:32:32,639
and then enter your password
2584
01:32:33,600 --> 01:32:35,920
and now if we look in here
2585
01:32:35,920 --> 01:32:38,159
we should have pimp my cali which we do
2586
01:32:38,159 --> 01:32:41,840
so if we cd2 pimp my cali
2587
01:32:41,840 --> 01:32:44,080
and now we ls we can see that we have
2588
01:32:44,080 --> 01:32:46,639
the pimpmycali.sh script
2589
01:32:46,639 --> 01:32:48,880
if you come back into the website
2590
01:32:48,880 --> 01:32:51,199
it will tell you how to run and operate
2591
01:32:51,199 --> 01:32:52,080
this
2592
01:32:52,080 --> 01:32:53,760
any decent
2593
01:32:53,760 --> 01:32:56,560
github will say hey here's how you run
2594
01:32:56,560 --> 01:32:58,639
this script so it says hey you just run
2595
01:32:58,639 --> 01:33:02,239
sudo at mykali this is for a new cali vm
2596
01:33:02,239 --> 01:33:04,719
you just need to run menu option and
2597
01:33:04,719 --> 01:33:08,000
we're going to copy this and paste it
2598
01:33:08,000 --> 01:33:10,320
and then we're gonna run it
2599
01:33:10,320 --> 01:33:12,159
so now this tells you what do you want
2600
01:33:12,159 --> 01:33:13,120
to do
2601
01:33:13,120 --> 01:33:15,520
well here's all the different options n
2602
01:33:15,520 --> 01:33:17,600
is a new vm setup run this option as
2603
01:33:17,600 --> 01:33:20,000
your first time running pimp my cali
2604
01:33:20,000 --> 01:33:22,880
okay so that's going to fix all the
2605
01:33:22,880 --> 01:33:25,040
things for you i'm going to go ahead and
2606
01:33:25,040 --> 01:33:26,880
hit n and let this run
2607
01:33:26,880 --> 01:33:28,719
it's going to go out and fetch some
2608
01:33:28,719 --> 01:33:30,800
stuff from repositories and it's running
2609
01:33:30,800 --> 01:33:33,360
apt update and now it's going to install
2610
01:33:33,360 --> 01:33:35,920
certain tools and packages and uninstall
2611
01:33:35,920 --> 01:33:38,000
certain tools and packages
2612
01:33:38,000 --> 01:33:40,159
and uninstall certain tools and packages
2613
01:33:40,159 --> 01:33:42,239
as you can see it's rolling through here
2614
01:33:42,239 --> 01:33:43,840
so go ahead and let this run i'm going
2615
01:33:43,840 --> 01:33:45,920
to pause the video here for a second and
2616
01:33:45,920 --> 01:33:47,840
then meet me back when you're at the
2617
01:33:47,840 --> 01:33:49,760
next screen where you can actually enter
2618
01:33:49,760 --> 01:33:52,480
in any sort of command
2619
01:33:52,480 --> 01:33:54,719
okay so it's been about five minutes and
2620
01:33:54,719 --> 01:33:57,040
we get to this page here
2621
01:33:57,040 --> 01:33:58,560
and you can see that it's asking us if
2622
01:33:58,560 --> 01:34:00,080
we want to run
2623
01:34:00,080 --> 01:34:03,040
root login installation it explains that
2624
01:34:03,040 --> 01:34:06,400
in cali 2019 point x the default user
2625
01:34:06,400 --> 01:34:07,840
used to be root which we talked about
2626
01:34:07,840 --> 01:34:09,840
early on in this course and now that
2627
01:34:09,840 --> 01:34:11,040
they've switched it to cali which is
2628
01:34:11,040 --> 01:34:12,639
what we've been using
2629
01:34:12,639 --> 01:34:14,560
now do we want to re-enable the ability
2630
01:34:14,560 --> 01:34:17,360
to log in as root in cali
2631
01:34:17,360 --> 01:34:20,080
in this instance i'm going to choose yes
2632
01:34:20,080 --> 01:34:21,520
however
2633
01:34:21,520 --> 01:34:24,320
you need to make sure that you are
2634
01:34:24,320 --> 01:34:26,159
comfortable and capable
2635
01:34:26,159 --> 01:34:28,880
of running as root
2636
01:34:28,880 --> 01:34:31,920
in linux if you do not feel comfortable
2637
01:34:31,920 --> 01:34:34,000
stick with running as cali you're going
2638
01:34:34,000 --> 01:34:35,920
to see me throughout the course as we
2639
01:34:35,920 --> 01:34:37,840
get into the ethical hacking section
2640
01:34:37,840 --> 01:34:40,480
running as root just know that there may
2641
01:34:40,480 --> 01:34:41,920
be times where you might need to use
2642
01:34:41,920 --> 01:34:45,119
sudo or you may need to switch user into
2643
01:34:45,119 --> 01:34:46,880
root as you saw me do with upgrading
2644
01:34:46,880 --> 01:34:49,119
packages just a few minutes ago
2645
01:34:49,119 --> 01:34:52,080
that may be required so if you're
2646
01:34:52,080 --> 01:34:54,320
understanding of that you can hit no on
2647
01:34:54,320 --> 01:34:55,920
this screen and that's perfectly okay
2648
01:34:55,920 --> 01:34:58,400
security best practice suggest to hit no
2649
01:34:58,400 --> 01:35:00,000
i'm going to hit yes because i feel
2650
01:35:00,000 --> 01:35:01,760
comfortable running as root i'm the only
2651
01:35:01,760 --> 01:35:03,440
user on this machine
2652
01:35:03,440 --> 01:35:05,040
and i don't have any accountability or
2653
01:35:05,040 --> 01:35:07,440
repudiation to worry about i'm going to
2654
01:35:07,440 --> 01:35:10,800
give a new password for this
2655
01:35:12,159 --> 01:35:14,560
and i'm going to enter it again
2656
01:35:14,560 --> 01:35:15,920
and now it's going to ask if we want to
2657
01:35:15,920 --> 01:35:18,320
copy everything over from our cali
2658
01:35:18,320 --> 01:35:19,920
folder into our root folder i'm going to
2659
01:35:19,920 --> 01:35:22,480
say no
2660
01:35:24,880 --> 01:35:26,400
and now it's going to continue on
2661
01:35:26,400 --> 01:35:28,000
installing so we're going to let this
2662
01:35:28,000 --> 01:35:29,360
run again
2663
01:35:29,360 --> 01:35:30,880
go ahead and pause the video if you need
2664
01:35:30,880 --> 01:35:32,880
to and then we'll meet you back when
2665
01:35:32,880 --> 01:35:36,080
this is all said and done
2666
01:35:36,080 --> 01:35:38,480
okay and when everything is said and
2667
01:35:38,480 --> 01:35:40,000
done which it took about 10 minutes to
2668
01:35:40,000 --> 01:35:41,440
get through all that
2669
01:35:41,440 --> 01:35:43,679
you should get to this all done happy
2670
01:35:43,679 --> 01:35:46,400
hacking screen right here and everything
2671
01:35:46,400 --> 01:35:48,960
should be installed for you if you chose
2672
01:35:48,960 --> 01:35:51,440
to go the root route that's a weird
2673
01:35:51,440 --> 01:35:52,880
thing to say if you chose to go the root
2674
01:35:52,880 --> 01:35:56,000
route you can log out and log back in as
2675
01:35:56,000 --> 01:35:59,040
root and begin using linux as root
2676
01:35:59,040 --> 01:36:01,040
otherwise you can continue on with this
2677
01:36:01,040 --> 01:36:02,000
lesson
2678
01:36:02,000 --> 01:36:04,880
using cali as your main user we're gonna
2679
01:36:04,880 --> 01:36:07,679
go ahead and move on to the next video
2680
01:36:07,679 --> 01:36:09,679
last video in the section and this is
2681
01:36:09,679 --> 01:36:12,000
going to be one of my favorites so what
2682
01:36:12,000 --> 01:36:13,440
we're going to be talking about is
2683
01:36:13,440 --> 01:36:16,080
scripting with bash i'm going to show
2684
01:36:16,080 --> 01:36:18,400
you some cool tricks that we can do to
2685
01:36:18,400 --> 01:36:20,800
kind of narrow down some of the results
2686
01:36:20,800 --> 01:36:22,080
that we get and then i'm going to show
2687
01:36:22,080 --> 01:36:23,360
you how you can automate some of that
2688
01:36:23,360 --> 01:36:25,440
process and we'll take that and even
2689
01:36:25,440 --> 01:36:27,760
write out some for loops and one line
2690
01:36:27,760 --> 01:36:30,000
loops which this might not make any
2691
01:36:30,000 --> 01:36:31,440
sense right now and that's absolutely
2692
01:36:31,440 --> 01:36:33,520
okay but by the time the video is done
2693
01:36:33,520 --> 01:36:35,760
hopefully it does so the first thing i
2694
01:36:35,760 --> 01:36:38,239
want to show you is i want to show you
2695
01:36:38,239 --> 01:36:40,960
how we're going to write a ping sweep so
2696
01:36:40,960 --> 01:36:42,080
we're going to write a ping sleeper
2697
01:36:42,080 --> 01:36:43,840
basically we're going to go out and say
2698
01:36:43,840 --> 01:36:45,760
i want to ping a device if that device
2699
01:36:45,760 --> 01:36:47,360
is alive go ahead and show me that
2700
01:36:47,360 --> 01:36:48,800
result and we're going to sweep an
2701
01:36:48,800 --> 01:36:50,239
entire network
2702
01:36:50,239 --> 01:36:51,840
so what we're going to do first is we're
2703
01:36:51,840 --> 01:36:54,400
going to identify a device that's alive
2704
01:36:54,400 --> 01:36:56,719
so we can test this out and then build
2705
01:36:56,719 --> 01:36:58,880
upon that so you can go ahead and type
2706
01:36:58,880 --> 01:37:00,639
in ifconfig
2707
01:37:00,639 --> 01:37:02,560
and then just hit enter
2708
01:37:02,560 --> 01:37:04,000
now my
2709
01:37:04,000 --> 01:37:07,119
ethernet here is on a natted network so
2710
01:37:07,119 --> 01:37:09,040
i'm running through
2711
01:37:09,040 --> 01:37:12,080
a different uh ip address subnet here so
2712
01:37:12,080 --> 01:37:16,880
this one is 192 168 57 150. my actual ip
2713
01:37:16,880 --> 01:37:19,199
address is on a dot 4
2714
01:37:19,199 --> 01:37:22,639
dot x here so i'm going to for this
2715
01:37:22,639 --> 01:37:25,440
example i'm going to be pinging
2716
01:37:25,440 --> 01:37:28,440
192.168.4.29
2717
01:37:29,679 --> 01:37:31,840
however and you can see here's the ping
2718
01:37:31,840 --> 01:37:33,119
that we're getting back
2719
01:37:33,119 --> 01:37:35,520
however if you are
2720
01:37:35,520 --> 01:37:37,920
unsure of a ip address in your house
2721
01:37:37,920 --> 01:37:39,840
that is active or your subnet in your
2722
01:37:39,840 --> 01:37:43,840
house that's okay you can just run 57.1
2723
01:37:43,840 --> 01:37:46,080
for this example you might not get a lot
2724
01:37:46,080 --> 01:37:48,000
of return results however you might only
2725
01:37:48,000 --> 01:37:50,320
get one or two when we do this sweep so
2726
01:37:50,320 --> 01:37:52,239
i advise you to figure out what your ip
2727
01:37:52,239 --> 01:37:53,600
address is that's a good challenge
2728
01:37:53,600 --> 01:37:54,800
anyway
2729
01:37:54,800 --> 01:37:56,560
and if you are familiar with networking
2730
01:37:56,560 --> 01:37:57,920
which you should be at this point then
2731
01:37:57,920 --> 01:37:59,520
you should be able to determine the ip
2732
01:37:59,520 --> 01:38:01,600
address of your home network but if you
2733
01:38:01,600 --> 01:38:04,800
do not do that then you can use 57.1 or
2734
01:38:04,800 --> 01:38:06,719
whatever your ip address is here on this
2735
01:38:06,719 --> 01:38:09,360
third octet so that will also work if
2736
01:38:09,360 --> 01:38:10,880
you see that
2737
01:38:10,880 --> 01:38:12,400
all right so i'm going to clear this now
2738
01:38:12,400 --> 01:38:15,199
what are we noticing when we're pinging
2739
01:38:15,199 --> 01:38:16,719
we're pinging this address and we're
2740
01:38:16,719 --> 01:38:18,480
getting some data back
2741
01:38:18,480 --> 01:38:20,480
now if we ping an active address you can
2742
01:38:20,480 --> 01:38:23,440
see that we get okay 64 bytes from
2743
01:38:23,440 --> 01:38:25,600
192.1684.29
2744
01:38:25,600 --> 01:38:27,199
it's saying it's active we're getting
2745
01:38:27,199 --> 01:38:28,560
details back
2746
01:38:28,560 --> 01:38:29,760
if we were to
2747
01:38:29,760 --> 01:38:33,040
ping something let me do like 41
2748
01:38:33,040 --> 01:38:35,440
where we just don't get any data back
2749
01:38:35,440 --> 01:38:37,199
okay and let's try this one more time
2750
01:38:37,199 --> 01:38:38,320
let's try this a different way let's do
2751
01:38:38,320 --> 01:38:40,320
like a count of one dash c of one will
2752
01:38:40,320 --> 01:38:42,159
do a count of one
2753
01:38:42,159 --> 01:38:43,760
it's going to try to send one packet
2754
01:38:43,760 --> 01:38:45,600
over and see if it works
2755
01:38:45,600 --> 01:38:47,440
nothing's happening right it's trying to
2756
01:38:47,440 --> 01:38:49,679
transmit that packet you could see that
2757
01:38:49,679 --> 01:38:51,679
it's getting zero received here where
2758
01:38:51,679 --> 01:38:53,679
here is getting four received
2759
01:38:53,679 --> 01:38:55,199
no data is coming back it's just not
2760
01:38:55,199 --> 01:38:58,239
doing anything for us so the thing that
2761
01:38:58,239 --> 01:39:00,480
we can identify here is what's the big
2762
01:39:00,480 --> 01:39:03,280
difference if we look at line one
2763
01:39:03,280 --> 01:39:06,880
and two versus line one and two
2764
01:39:06,880 --> 01:39:09,280
what are we seeing when we get data back
2765
01:39:09,280 --> 01:39:10,880
well the big difference here is we're
2766
01:39:10,880 --> 01:39:12,880
well two of them i guess we see that we
2767
01:39:12,880 --> 01:39:14,960
get this response right that's big
2768
01:39:14,960 --> 01:39:16,800
difference and then down here it'll say
2769
01:39:16,800 --> 01:39:18,719
hey we receive some packets if it's not
2770
01:39:18,719 --> 01:39:21,440
zero now the easy way to do this is to
2771
01:39:21,440 --> 01:39:23,920
look at a line that says hey we received
2772
01:39:23,920 --> 01:39:26,639
data which is this line here okay
2773
01:39:26,639 --> 01:39:28,400
now what i want to do is i want to
2774
01:39:28,400 --> 01:39:30,320
narrow this down just a little bit what
2775
01:39:30,320 --> 01:39:31,679
we're going to say is we're just going
2776
01:39:31,679 --> 01:39:34,400
to do a ping of one time so i'm going to
2777
01:39:34,400 --> 01:39:36,000
clear this i'm going to bring it back to
2778
01:39:36,000 --> 01:39:37,520
this like this
2779
01:39:37,520 --> 01:39:39,600
i'm going to do a count of 1
2780
01:39:39,600 --> 01:39:40,800
and that should just ping once and
2781
01:39:40,800 --> 01:39:42,159
that's perfect we don't need to ping
2782
01:39:42,159 --> 01:39:43,920
endlessly we just want to make sure we
2783
01:39:43,920 --> 01:39:46,000
can ping once and then we're done
2784
01:39:46,000 --> 01:39:47,600
okay and then from here i'm going to put
2785
01:39:47,600 --> 01:39:49,440
this into a text file i'm just going to
2786
01:39:49,440 --> 01:39:52,239
call this ip.txt just like that
2787
01:39:52,239 --> 01:39:56,000
so when i cut out ip.txt
2788
01:39:56,000 --> 01:39:58,400
now you can see that i have this file
2789
01:39:58,400 --> 01:39:59,600
it's stored i don't have to run the
2790
01:39:59,600 --> 01:40:01,840
command again we're good to go
2791
01:40:01,840 --> 01:40:03,440
so what we're going to do now is we can
2792
01:40:03,440 --> 01:40:04,960
take this and then we can start
2793
01:40:04,960 --> 01:40:07,679
gathering data based off of what we see
2794
01:40:07,679 --> 01:40:08,639
here
2795
01:40:08,639 --> 01:40:10,800
so what i want to do
2796
01:40:10,800 --> 01:40:13,760
is i want to just extract this one line
2797
01:40:13,760 --> 01:40:18,400
here the 64 bytes from 192 168 4.29
2798
01:40:18,400 --> 01:40:20,719
and the best way to do that is with a
2799
01:40:20,719 --> 01:40:22,719
command called grep
2800
01:40:22,719 --> 01:40:25,199
so grep is going to look for a specific
2801
01:40:25,199 --> 01:40:27,040
term or phrase
2802
01:40:27,040 --> 01:40:28,480
and we can do that and it's going to
2803
01:40:28,480 --> 01:40:30,639
pull down any line that has that term or
2804
01:40:30,639 --> 01:40:33,520
phrase so if i say grep here and then i
2805
01:40:33,520 --> 01:40:38,159
just put in quotation 64 bytes like this
2806
01:40:38,159 --> 01:40:40,239
now when i cut out this all i'm pulling
2807
01:40:40,239 --> 01:40:41,760
down is this line and it's even
2808
01:40:41,760 --> 01:40:42,960
highlighting it for us it's saying
2809
01:40:42,960 --> 01:40:45,360
here's the line that we see 64 bytes
2810
01:40:45,360 --> 01:40:48,400
from 192.168. okay so we've extracted
2811
01:40:48,400 --> 01:40:49,840
just the one line and why am i
2812
01:40:49,840 --> 01:40:51,760
extracting this line well if we're
2813
01:40:51,760 --> 01:40:54,320
building out a ping sweeper what i want
2814
01:40:54,320 --> 01:40:57,280
to do is i want to sweep every single ip
2815
01:40:57,280 --> 01:40:58,560
within a
2816
01:40:58,560 --> 01:41:01,920
specific subnet so say this dot 4 right
2817
01:41:01,920 --> 01:41:04,639
i want to ping
2818
01:41:04,679 --> 01:41:08,800
4.1.2.3 all the way through 254 255. i
2819
01:41:08,800 --> 01:41:11,040
want to see if i can get through all the
2820
01:41:11,040 --> 01:41:13,360
ip addresses in a subnet
2821
01:41:13,360 --> 01:41:14,800
so what we're going to do is we're going
2822
01:41:14,800 --> 01:41:16,480
to ping every single one of them and say
2823
01:41:16,480 --> 01:41:19,040
hey are you up are you there and we're
2824
01:41:19,040 --> 01:41:20,719
gonna do it with the count of one
2825
01:41:20,719 --> 01:41:22,639
and we're gonna say are you there okay
2826
01:41:22,639 --> 01:41:23,679
and if they're there they're gonna say
2827
01:41:23,679 --> 01:41:25,679
yeah i'm here 64 bytes here's my
2828
01:41:25,679 --> 01:41:28,080
response and it's going to say 64 bytes
2829
01:41:28,080 --> 01:41:30,960
from this ip address so we want to
2830
01:41:30,960 --> 01:41:32,880
extract the ip addresses to say yeah
2831
01:41:32,880 --> 01:41:35,040
we're alive that's basically our goal
2832
01:41:35,040 --> 01:41:37,440
here so when we run this on a bigger
2833
01:41:37,440 --> 01:41:39,440
scale which is what we're going to do
2834
01:41:39,440 --> 01:41:41,040
we're going to need to grep out this
2835
01:41:41,040 --> 01:41:43,040
information and extract this information
2836
01:41:43,040 --> 01:41:45,119
to where we only just get the ip address
2837
01:41:45,119 --> 01:41:46,400
back
2838
01:41:46,400 --> 01:41:48,000
okay so what we're going to do now is
2839
01:41:48,000 --> 01:41:50,159
we're going to start narrowing down and
2840
01:41:50,159 --> 01:41:51,760
grabbing this ip address and then i'm
2841
01:41:51,760 --> 01:41:52,800
going to show you how we're going to
2842
01:41:52,800 --> 01:41:55,760
take this all in one instance and run it
2843
01:41:55,760 --> 01:41:58,159
and then extract ip addresses so from
2844
01:41:58,159 --> 01:41:59,040
here
2845
01:41:59,040 --> 01:42:00,400
what i want to do
2846
01:42:00,400 --> 01:42:03,119
is i want to do another command so every
2847
01:42:03,119 --> 01:42:05,280
time we pipe we're saying hey run this
2848
01:42:05,280 --> 01:42:06,480
command
2849
01:42:06,480 --> 01:42:09,119
then with that command run this command
2850
01:42:09,119 --> 01:42:12,000
then also run this command too so we're
2851
01:42:12,000 --> 01:42:13,600
going to keep running this command on
2852
01:42:13,600 --> 01:42:14,800
top of this
2853
01:42:14,800 --> 01:42:16,800
to narrow things down so here's what
2854
01:42:16,800 --> 01:42:18,320
we're doing here we're going to run a
2855
01:42:18,320 --> 01:42:20,159
command called cut
2856
01:42:20,159 --> 01:42:21,760
and with cut we're going to say i want
2857
01:42:21,760 --> 01:42:23,840
to cut something out of this
2858
01:42:23,840 --> 01:42:25,280
we need to provide it what is called a
2859
01:42:25,280 --> 01:42:28,560
delimiter so we do a dash d like this
2860
01:42:28,560 --> 01:42:30,320
and the delimiter i'm going to use is a
2861
01:42:30,320 --> 01:42:31,840
space
2862
01:42:31,840 --> 01:42:33,679
and then i'm going to say dash f for
2863
01:42:33,679 --> 01:42:36,159
field and then i'm going to say 4
2864
01:42:36,159 --> 01:42:38,480
okay what is this doing well it's saying
2865
01:42:38,480 --> 01:42:41,280
hey i want to cut this line that you're
2866
01:42:41,280 --> 01:42:42,560
getting back
2867
01:42:42,560 --> 01:42:45,119
on a space so the delimiter's a space so
2868
01:42:45,119 --> 01:42:47,119
here's a space here's a space here's a
2869
01:42:47,119 --> 01:42:50,320
space and it says i want to count up to
2870
01:42:50,320 --> 01:42:54,480
four to grab that data so one two three
2871
01:42:54,480 --> 01:42:55,440
four
2872
01:42:55,440 --> 01:42:56,400
right here
2873
01:42:56,400 --> 01:42:59,040
so if we say 4 here like this we hit
2874
01:42:59,040 --> 01:43:01,600
enter we're grabbing that specific ip
2875
01:43:01,600 --> 01:43:04,960
address because we're doing it by spaces
2876
01:43:04,960 --> 01:43:06,639
if we did it on 3 what do you think
2877
01:43:06,639 --> 01:43:07,920
we're going to grab we're going to grab
2878
01:43:07,920 --> 01:43:09,280
the word from
2879
01:43:09,280 --> 01:43:11,119
so you can see here it's from
2880
01:43:11,119 --> 01:43:13,360
so what i want to do is grab the ip so
2881
01:43:13,360 --> 01:43:15,119
we're going to use this cut just like
2882
01:43:15,119 --> 01:43:17,600
this use our delimiter and then get to
2883
01:43:17,600 --> 01:43:19,440
the correct field position that we want
2884
01:43:19,440 --> 01:43:21,520
to grab the ip address
2885
01:43:21,520 --> 01:43:23,760
all right so we've got the ip address
2886
01:43:23,760 --> 01:43:25,920
now there's only one thing wrong here
2887
01:43:25,920 --> 01:43:28,480
with this ip address is that there is a
2888
01:43:28,480 --> 01:43:30,560
little colon on the end of it we just
2889
01:43:30,560 --> 01:43:32,320
want this without a colon at all we want
2890
01:43:32,320 --> 01:43:34,159
it just like this now there's a couple
2891
01:43:34,159 --> 01:43:35,520
ways we can do this we could use
2892
01:43:35,520 --> 01:43:37,840
something called said says a little bit
2893
01:43:37,840 --> 01:43:39,679
complicated and a little bit advanced i
2894
01:43:39,679 --> 01:43:41,840
would say for where we're at right now
2895
01:43:41,840 --> 01:43:43,679
so i'd rather teach you an easier way to
2896
01:43:43,679 --> 01:43:46,800
do this and that is called translate so
2897
01:43:46,800 --> 01:43:49,040
with translate all we're going to do is
2898
01:43:49,040 --> 01:43:50,800
we're going to do one more pipe like
2899
01:43:50,800 --> 01:43:53,040
this and we're just going to say tr for
2900
01:43:53,040 --> 01:43:54,159
translate
2901
01:43:54,159 --> 01:43:56,560
a dash d for a delimiter again and then
2902
01:43:56,560 --> 01:43:58,960
we're going to say we want to get rid of
2903
01:43:58,960 --> 01:44:00,159
this
2904
01:44:00,159 --> 01:44:01,520
and that's it we're just getting rid of
2905
01:44:01,520 --> 01:44:03,360
this okay so if we run this one more
2906
01:44:03,360 --> 01:44:04,560
time
2907
01:44:04,560 --> 01:44:06,239
now you can see that we've successfully
2908
01:44:06,239 --> 01:44:09,040
extracted this ip address out that's our
2909
01:44:09,040 --> 01:44:11,119
goal that's all we wanted to do
2910
01:44:11,119 --> 01:44:13,760
now how can we apply this to something
2911
01:44:13,760 --> 01:44:15,440
bigger how can we make this part of a
2912
01:44:15,440 --> 01:44:18,719
bigger script that is the question and
2913
01:44:18,719 --> 01:44:20,159
we're going to do that so what i want
2914
01:44:20,159 --> 01:44:22,400
you to do is i just want you to copy
2915
01:44:22,400 --> 01:44:25,920
this okay copy this entire line
2916
01:44:25,920 --> 01:44:27,040
and
2917
01:44:27,040 --> 01:44:28,719
we're going to
2918
01:44:28,719 --> 01:44:30,639
go into a mouse pad so let's copy this
2919
01:44:30,639 --> 01:44:31,679
selection
2920
01:44:31,679 --> 01:44:33,040
and i'm going to clear my screen i'm
2921
01:44:33,040 --> 01:44:34,960
just going to say mousepad
2922
01:44:34,960 --> 01:44:39,159
and we're going to call this ipsweep.sh
2923
01:44:39,440 --> 01:44:41,600
okay so this is going to be a
2924
01:44:41,600 --> 01:44:43,679
bash script
2925
01:44:43,679 --> 01:44:46,080
and i'm going to make this bigger
2926
01:44:46,080 --> 01:44:47,119
and the first thing we're going to do
2927
01:44:47,119 --> 01:44:48,639
with our bash script is we have to
2928
01:44:48,639 --> 01:44:50,880
declare that it's a bash script we're
2929
01:44:50,880 --> 01:44:51,840
going to say
2930
01:44:51,840 --> 01:44:53,520
bang right here or shebang is what we'd
2931
01:44:53,520 --> 01:44:54,480
call this
2932
01:44:54,480 --> 01:44:56,719
forward slash bin forward slash bash
2933
01:44:56,719 --> 01:44:58,320
this allows the
2934
01:44:58,320 --> 01:45:00,080
machine to know when we run this this
2935
01:45:00,080 --> 01:45:01,679
allows bash to know hey we're calling
2936
01:45:01,679 --> 01:45:03,440
this here's the location of bash this is
2937
01:45:03,440 --> 01:45:04,719
what we're running with the script
2938
01:45:04,719 --> 01:45:06,480
you're also going to see this when we we
2939
01:45:06,480 --> 01:45:08,480
use python as well you'll see the the
2940
01:45:08,480 --> 01:45:10,320
declaration here at the top or when
2941
01:45:10,320 --> 01:45:11,760
we're calling this out
2942
01:45:11,760 --> 01:45:14,000
so i'm going to go ahead and ctrl s and
2943
01:45:14,000 --> 01:45:15,119
save this
2944
01:45:15,119 --> 01:45:16,880
that'll add some nice color to this so
2945
01:45:16,880 --> 01:45:18,560
when we're coding this out we get to see
2946
01:45:18,560 --> 01:45:21,040
in color i like that a lot i'm going to
2947
01:45:21,040 --> 01:45:22,480
actually make this a little bit smaller
2948
01:45:22,480 --> 01:45:24,239
and then make this like this here so we
2949
01:45:24,239 --> 01:45:25,760
can get the whole picture
2950
01:45:25,760 --> 01:45:28,080
okay so what i want to do is i want to
2951
01:45:28,080 --> 01:45:30,080
paste in what we just wrote so i'm just
2952
01:45:30,080 --> 01:45:31,760
going to control v here and paste that
2953
01:45:31,760 --> 01:45:33,040
in
2954
01:45:33,040 --> 01:45:34,400
so
2955
01:45:34,400 --> 01:45:37,040
we don't need to do a cat of an ip
2956
01:45:37,040 --> 01:45:38,639
address here
2957
01:45:38,639 --> 01:45:40,239
in this instance instead we're going to
2958
01:45:40,239 --> 01:45:42,080
change this back we're going to paint
2959
01:45:42,080 --> 01:45:43,920
remember we want to ping every device in
2960
01:45:43,920 --> 01:45:46,320
the network so we want to ping say if
2961
01:45:46,320 --> 01:45:49,360
we're pinging 192 168 4
2962
01:45:49,360 --> 01:45:50,880
dot x
2963
01:45:50,880 --> 01:45:53,119
okay we want to ping that and we can
2964
01:45:53,119 --> 01:45:55,119
leave this like this for now don't worry
2965
01:45:55,119 --> 01:45:56,560
about changing anything here this is
2966
01:45:56,560 --> 01:45:58,400
just going to be a placeholder we're
2967
01:45:58,400 --> 01:46:01,360
going to do a little bit of extra
2968
01:46:01,360 --> 01:46:03,600
syntax here to make this work
2969
01:46:03,600 --> 01:46:05,600
so we're going to write what is called a
2970
01:46:05,600 --> 01:46:07,199
for loop
2971
01:46:07,199 --> 01:46:08,800
so we're going to say
2972
01:46:08,800 --> 01:46:09,760
4
2973
01:46:09,760 --> 01:46:11,280
and i'll explain what this does here in
2974
01:46:11,280 --> 01:46:12,719
a second you're also going to see this
2975
01:46:12,719 --> 01:46:15,520
again when we get into python and coding
2976
01:46:15,520 --> 01:46:17,679
and so you'll be able to understand more
2977
01:46:17,679 --> 01:46:19,840
and more about loops and what for loops
2978
01:46:19,840 --> 01:46:21,360
are while loops et cetera they're very
2979
01:46:21,360 --> 01:46:23,199
very useful and very common in coding
2980
01:46:23,199 --> 01:46:24,400
and scripting
2981
01:46:24,400 --> 01:46:26,639
so i'm going to say 4 ip
2982
01:46:26,639 --> 01:46:27,440
in
2983
01:46:27,440 --> 01:46:30,159
and then i'm going to say sequence
2984
01:46:30,159 --> 01:46:32,480
1 through 254
2985
01:46:32,480 --> 01:46:33,840
now
2986
01:46:33,840 --> 01:46:36,159
very important this character here is
2987
01:46:36,159 --> 01:46:38,320
not an apostrophe okay this is not an
2988
01:46:38,320 --> 01:46:39,679
apostrophe
2989
01:46:39,679 --> 01:46:41,840
this is the little line i don't know
2990
01:46:41,840 --> 01:46:43,360
what it's called it's above the atilda
2991
01:46:43,360 --> 01:46:45,360
next to your escape button on your
2992
01:46:45,360 --> 01:46:47,760
keyboard so it's this right here okay
2993
01:46:47,760 --> 01:46:49,840
it's like a backwards apostrophe almost
2994
01:46:49,840 --> 01:46:51,199
i'm sure there's a term for it i just
2995
01:46:51,199 --> 01:46:52,239
don't know it
2996
01:46:52,239 --> 01:46:54,080
so you come in here and you say okay
2997
01:46:54,080 --> 01:46:57,119
four ip address in sequence one through
2998
01:46:57,119 --> 01:46:59,199
two fifty four and i'm gonna explain
2999
01:46:59,199 --> 01:47:00,639
what all this does in a second i want
3000
01:47:00,639 --> 01:47:02,480
you just to type this out for now
3001
01:47:02,480 --> 01:47:05,360
i want you to say do
3002
01:47:05,360 --> 01:47:06,960
all right and then i want you to come
3003
01:47:06,960 --> 01:47:10,000
down here and we're going to say
3004
01:47:10,000 --> 01:47:11,679
ampersand on this line and we're going
3005
01:47:11,679 --> 01:47:13,119
to say done i'm going to explain what
3006
01:47:13,119 --> 01:47:14,800
all this means
3007
01:47:14,800 --> 01:47:16,880
okay so this is a loop that we've just
3008
01:47:16,880 --> 01:47:18,080
created
3009
01:47:18,080 --> 01:47:20,960
what we're saying is for the ip address
3010
01:47:20,960 --> 01:47:22,320
and we're just declaring this this could
3011
01:47:22,320 --> 01:47:24,320
be bob if you wanted to we just i'm just
3012
01:47:24,320 --> 01:47:26,639
making it a name or a term that's easy
3013
01:47:26,639 --> 01:47:28,560
for us to remember so we're going to say
3014
01:47:28,560 --> 01:47:30,639
for ip but if you want to call this bob
3015
01:47:30,639 --> 01:47:33,520
call bob for ip in
3016
01:47:33,520 --> 01:47:36,320
sequence 1 through 254 so what sequence
3017
01:47:36,320 --> 01:47:38,400
is doing is it's saying hey i want to
3018
01:47:38,400 --> 01:47:42,000
count everything from 1 to 254 so 1 2 3
3019
01:47:42,000 --> 01:47:44,719
4 5 6 7 8 all the way to 254.
3020
01:47:44,719 --> 01:47:47,360
this for loop means i'm going to do this
3021
01:47:47,360 --> 01:47:49,920
every single time so for
3022
01:47:49,920 --> 01:47:53,600
ip in one for ipn2 for ipn3 we're going
3023
01:47:53,600 --> 01:47:56,320
to run this command until we're done so
3024
01:47:56,320 --> 01:47:59,840
until this sequence has run 255 times
3025
01:47:59,840 --> 01:48:01,040
it's done
3026
01:48:01,040 --> 01:48:03,600
okay and now we're going to say i want
3027
01:48:03,600 --> 01:48:06,159
to do a count of
3028
01:48:06,159 --> 01:48:08,480
dollar sign ip
3029
01:48:08,480 --> 01:48:11,600
so what we're saying here is for ip in
3030
01:48:11,600 --> 01:48:14,080
sequence one through 254 go ahead and do
3031
01:48:14,080 --> 01:48:16,800
a ping dash c for a count of one one
3032
01:48:16,800 --> 01:48:18,159
nine 1 192.1684
3033
01:48:18,159 --> 01:48:21,480
254. and here we're going to say
3034
01:48:21,480 --> 01:48:24,000
1.2.3 every time this loops over and
3035
01:48:24,000 --> 01:48:25,840
over and over it's going to be
3036
01:48:25,840 --> 01:48:27,440
incrementing that number through this
3037
01:48:27,440 --> 01:48:29,360
sequence that's all we're doing this is
3038
01:48:29,360 --> 01:48:31,440
a basic loop okay so we're going to keep
3039
01:48:31,440 --> 01:48:33,360
going through and through and through
3040
01:48:33,360 --> 01:48:35,600
now this will work if you plugged in
3041
01:48:35,600 --> 01:48:37,840
your hard-coded ip address here this
3042
01:48:37,840 --> 01:48:39,679
will absolutely work
3043
01:48:39,679 --> 01:48:41,520
now we can improve this just a little
3044
01:48:41,520 --> 01:48:43,760
bit if we want to so what's going on
3045
01:48:43,760 --> 01:48:46,080
here is what we're going to say is if we
3046
01:48:46,080 --> 01:48:48,159
wanted to run this we would just do dot
3047
01:48:48,159 --> 01:48:51,520
forward slash and then ipsweep okay
3048
01:48:51,520 --> 01:48:53,440
and this would work that's fine but we
3049
01:48:53,440 --> 01:48:55,119
can make this a little bit better from a
3050
01:48:55,119 --> 01:48:57,119
coding perspective we can come in here
3051
01:48:57,119 --> 01:49:01,440
and we can give this a dollar sign one
3052
01:49:01,440 --> 01:49:04,080
and that means argument one
3053
01:49:04,080 --> 01:49:05,679
so what we're saying here is i want to
3054
01:49:05,679 --> 01:49:08,639
give an argument instead so if you want
3055
01:49:08,639 --> 01:49:11,600
to be technical this first
3056
01:49:11,600 --> 01:49:12,840
dot forward slash
3057
01:49:12,840 --> 01:49:16,320
ipsweep.sh that is argument zero so you
3058
01:49:16,320 --> 01:49:18,560
can consider this dollar sign zero
3059
01:49:18,560 --> 01:49:20,320
argument one would be what you type
3060
01:49:20,320 --> 01:49:22,800
after that so this would be argument one
3061
01:49:22,800 --> 01:49:26,000
argument two etc so in this case what we
3062
01:49:26,000 --> 01:49:27,520
could do is we could say i want to run
3063
01:49:27,520 --> 01:49:29,599
192.168.4
3064
01:49:29,599 --> 01:49:30,800
like this
3065
01:49:30,800 --> 01:49:33,080
and this will run the dot
3066
01:49:33,080 --> 01:49:35,679
1.2.3 after it so you provide the
3067
01:49:35,679 --> 01:49:38,719
argument it places that here in argument
3068
01:49:38,719 --> 01:49:39,599
1
3069
01:49:39,599 --> 01:49:42,159
and then it does the rest for you so
3070
01:49:42,159 --> 01:49:43,920
this way you can specify
3071
01:49:43,920 --> 01:49:45,440
your network and if you wanted to ping
3072
01:49:45,440 --> 01:49:46,639
multiple networks you don't have to come
3073
01:49:46,639 --> 01:49:48,960
back in here and keep changing this
3074
01:49:48,960 --> 01:49:51,280
it just works so super easy this is a
3075
01:49:51,280 --> 01:49:53,520
great little script for a
3076
01:49:53,520 --> 01:49:57,440
slash 24 type subnet okay
3077
01:49:57,440 --> 01:49:59,280
okay so let's go ahead and try running
3078
01:49:59,280 --> 01:50:00,800
this really quick i'm going to just
3079
01:50:00,800 --> 01:50:01,920
control
3080
01:50:01,920 --> 01:50:03,599
s save this
3081
01:50:03,599 --> 01:50:05,119
i'm going to close it
3082
01:50:05,119 --> 01:50:06,719
we're going to do a
3083
01:50:06,719 --> 01:50:10,560
chmod plus x on ipsweep if it'll allow
3084
01:50:10,560 --> 01:50:13,280
us to we might have to do a
3085
01:50:13,280 --> 01:50:15,599
okay let's do ls la real quick make sure
3086
01:50:15,599 --> 01:50:17,040
it worked
3087
01:50:17,040 --> 01:50:18,719
it sure did okay so here's what we're
3088
01:50:18,719 --> 01:50:20,400
going to do we're going to run the
3089
01:50:20,400 --> 01:50:22,239
ipsweep
3090
01:50:22,239 --> 01:50:25,360
and we're going to say 192 168 you just
3091
01:50:25,360 --> 01:50:27,599
put in your ip here i'm going to run
3092
01:50:27,599 --> 01:50:28,400
that
3093
01:50:28,400 --> 01:50:30,400
all right
3094
01:50:30,400 --> 01:50:32,080
and you can see all the devices that are
3095
01:50:32,080 --> 01:50:34,480
coming back within my network here
3096
01:50:34,480 --> 01:50:37,280
i'm going to go ahead and hit control c
3097
01:50:37,280 --> 01:50:39,280
cancel this out
3098
01:50:39,280 --> 01:50:40,400
and so this is grabbing all the
3099
01:50:40,400 --> 01:50:42,320
different devices in my network
3100
01:50:42,320 --> 01:50:43,840
now that's great
3101
01:50:43,840 --> 01:50:46,000
that works out really well but what we
3102
01:50:46,000 --> 01:50:48,080
can do is improve this what if i typed
3103
01:50:48,080 --> 01:50:49,119
in a
3104
01:50:49,119 --> 01:50:50,480
what if i didn't type anything at all
3105
01:50:50,480 --> 01:50:52,560
what if i just hit enter here now i'm
3106
01:50:52,560 --> 01:50:54,480
just getting all kinds of pings unknown
3107
01:50:54,480 --> 01:50:56,320
and it's going off of some of the stuff
3108
01:50:56,320 --> 01:50:58,719
i was doing before but it just causes
3109
01:50:58,719 --> 01:51:00,639
all kinds of issues and errors right so
3110
01:51:00,639 --> 01:51:02,159
you can see i'm trying to hit control c
3111
01:51:02,159 --> 01:51:04,719
it's it's taking its time to break um
3112
01:51:04,719 --> 01:51:07,119
here we get issues because we're not
3113
01:51:07,119 --> 01:51:08,800
we're just allowing any sort of argument
3114
01:51:08,800 --> 01:51:11,040
here what we need to do is we need to
3115
01:51:11,040 --> 01:51:13,440
fix this up just a little bit so what we
3116
01:51:13,440 --> 01:51:15,119
can say is we can come back in here and
3117
01:51:15,119 --> 01:51:16,639
just go mousepad
3118
01:51:16,639 --> 01:51:20,000
um ipsweep.sh
3119
01:51:20,000 --> 01:51:22,080
and come in here and let's add a little
3120
01:51:22,080 --> 01:51:24,320
bit extra oh and i also left this in
3121
01:51:24,320 --> 01:51:25,840
here don't leave this in here that's why
3122
01:51:25,840 --> 01:51:27,840
that was running twice
3123
01:51:27,840 --> 01:51:30,719
okay so what we're doing here is
3124
01:51:30,719 --> 01:51:32,880
we need to add in a statement what we're
3125
01:51:32,880 --> 01:51:34,560
going to do is we're going to add in a
3126
01:51:34,560 --> 01:51:36,400
if statement if statements are
3127
01:51:36,400 --> 01:51:38,400
conditions we're saying hey if this
3128
01:51:38,400 --> 01:51:41,520
condition is met do something for us if
3129
01:51:41,520 --> 01:51:43,840
it's not met then go ahead and do
3130
01:51:43,840 --> 01:51:45,280
something else
3131
01:51:45,280 --> 01:51:46,239
all right
3132
01:51:46,239 --> 01:51:49,040
so we're going to say
3133
01:51:49,040 --> 01:51:51,040
if
3134
01:51:51,040 --> 01:51:52,560
and we're going to just put in here
3135
01:51:52,560 --> 01:51:54,960
dollar sign 1
3136
01:51:54,960 --> 01:51:58,000
is equal to nothing
3137
01:51:58,000 --> 01:51:59,520
then we're going to go ahead and just
3138
01:51:59,520 --> 01:52:01,360
say then
3139
01:52:01,360 --> 01:52:03,040
echo
3140
01:52:03,040 --> 01:52:04,560
you forgot
3141
01:52:04,560 --> 01:52:08,080
an ip address
3142
01:52:08,239 --> 01:52:10,000
echo
3143
01:52:10,000 --> 01:52:11,199
syntax
3144
01:52:11,199 --> 01:52:13,920
something like this we'll just say
3145
01:52:13,920 --> 01:52:15,599
i p
3146
01:52:15,599 --> 01:52:17,440
suite
3147
01:52:17,440 --> 01:52:20,880
and we'll go 192.168.4
3148
01:52:20,880 --> 01:52:22,239
like that
3149
01:52:22,239 --> 01:52:23,440
okay
3150
01:52:23,440 --> 01:52:24,560
and then
3151
01:52:24,560 --> 01:52:28,159
if we did do this correctly
3152
01:52:28,159 --> 01:52:30,560
if we do have an argument inside of
3153
01:52:30,560 --> 01:52:33,199
argument one then we're gonna say else
3154
01:52:33,199 --> 01:52:34,960
do all this here
3155
01:52:34,960 --> 01:52:36,719
and be done and then we're gonna end our
3156
01:52:36,719 --> 01:52:38,960
if statement with fi
3157
01:52:38,960 --> 01:52:39,920
now
3158
01:52:39,920 --> 01:52:42,560
this script or this resemblance of this
3159
01:52:42,560 --> 01:52:43,679
script
3160
01:52:43,679 --> 01:52:46,000
is not one of my own by the way this is
3161
01:52:46,000 --> 01:52:47,920
goes credit to something i've modified
3162
01:52:47,920 --> 01:52:49,599
over time but the original credit
3163
01:52:49,599 --> 01:52:52,000
definitely goes to georgia weidman i
3164
01:52:52,000 --> 01:52:54,080
remember seeing this in her course a
3165
01:52:54,080 --> 01:52:55,360
long long time ago when i was first
3166
01:52:55,360 --> 01:52:57,599
getting started and she did a great job
3167
01:52:57,599 --> 01:52:58,800
of teaching this this is just a
3168
01:52:58,800 --> 01:53:00,560
modification of this script so i just
3169
01:53:00,560 --> 01:53:01,920
want to make sure that all credit goes
3170
01:53:01,920 --> 01:53:03,520
to her but
3171
01:53:03,520 --> 01:53:05,679
looking at this let's break this down
3172
01:53:05,679 --> 01:53:07,520
really quick before we run this again
3173
01:53:07,520 --> 01:53:10,400
we've got an if statement we said if
3174
01:53:10,400 --> 01:53:12,800
argument 1 doesn't equal anything then
3175
01:53:12,800 --> 01:53:14,639
you're going to echo back out and say
3176
01:53:14,639 --> 01:53:16,719
hey you forgot an ip address
3177
01:53:16,719 --> 01:53:18,320
here's the syntax
3178
01:53:18,320 --> 01:53:20,400
if it does include something then we're
3179
01:53:20,400 --> 01:53:22,080
going to go ahead and come in here and
3180
01:53:22,080 --> 01:53:24,239
say let's run our for statement or for
3181
01:53:24,239 --> 01:53:25,760
loop and run through it and then we're
3182
01:53:25,760 --> 01:53:27,440
going to end our if here
3183
01:53:27,440 --> 01:53:29,440
the only thing that i'm doing uniquely
3184
01:53:29,440 --> 01:53:31,360
here is i'm including this ampersand
3185
01:53:31,360 --> 01:53:34,800
which is going to run this command
3186
01:53:34,800 --> 01:53:36,480
multiple times at once this is a good
3187
01:53:36,480 --> 01:53:39,280
way to explain it basically we have a
3188
01:53:39,280 --> 01:53:42,000
couple ways of doing this we could say
3189
01:53:42,000 --> 01:53:43,679
like this we can put a command here and
3190
01:53:43,679 --> 01:53:46,000
this will run one at a time it'll say
3191
01:53:46,000 --> 01:53:49,840
okay four one four two four three
3192
01:53:49,840 --> 01:53:51,360
this allows
3193
01:53:51,360 --> 01:53:53,520
multiple instances of this loop to run
3194
01:53:53,520 --> 01:53:55,840
at once and just speeds things up i can
3195
01:53:55,840 --> 01:53:57,199
show you the difference between that so
3196
01:53:57,199 --> 01:53:59,040
i'm going to go ahead and just control s
3197
01:53:59,040 --> 01:54:00,080
save this
3198
01:54:00,080 --> 01:54:01,520
i'm going to go ahead and just run this
3199
01:54:01,520 --> 01:54:03,119
script real quick now let's try running
3200
01:54:03,119 --> 01:54:03,920
it with
3201
01:54:03,920 --> 01:54:05,920
without anything here
3202
01:54:05,920 --> 01:54:07,599
okay now look it says you forgot an ip
3203
01:54:07,599 --> 01:54:09,840
address so look we did that correctly
3204
01:54:09,840 --> 01:54:12,639
now let's go ahead and add the 192.168.4
3205
01:54:12,639 --> 01:54:13,599
run it
3206
01:54:13,599 --> 01:54:15,920
and you can see okay it's sweeping but
3207
01:54:15,920 --> 01:54:18,000
it's taking its sweet time
3208
01:54:18,000 --> 01:54:19,920
especially for the ip addresses that are
3209
01:54:19,920 --> 01:54:22,400
going to hang like um like if i don't
3210
01:54:22,400 --> 01:54:24,159
have a dot 2 or dot 3 it's going to take
3211
01:54:24,159 --> 01:54:26,239
a while so i'm going to control c and
3212
01:54:26,239 --> 01:54:28,000
get out of this if it'll let me and it
3213
01:54:28,000 --> 01:54:29,679
looks like it's actually going to hang
3214
01:54:29,679 --> 01:54:31,440
so what we can do is we can come back in
3215
01:54:31,440 --> 01:54:32,800
i'm going to open a new tab real quick
3216
01:54:32,800 --> 01:54:34,400
just while that's waiting and i'm just
3217
01:54:34,400 --> 01:54:36,880
going to say mousepad and we're just
3218
01:54:36,880 --> 01:54:40,920
going to go back into ipsweep.sh
3219
01:54:41,040 --> 01:54:44,480
it's in this folder there we go okay
3220
01:54:44,480 --> 01:54:45,840
so from here
3221
01:54:45,840 --> 01:54:46,960
i'm going to change this back to the
3222
01:54:46,960 --> 01:54:49,599
ampersand and i'm going to save it
3223
01:54:49,599 --> 01:54:51,040
i just want you to see the difference
3224
01:54:51,040 --> 01:54:52,639
really quick
3225
01:54:52,639 --> 01:54:56,320
and why i run it like this so ip sweep
3226
01:54:56,320 --> 01:54:59,560
the sh192168.4
3227
01:55:00,320 --> 01:55:02,239
you can see it's picking everything up
3228
01:55:02,239 --> 01:55:05,360
really fast all right what i can do now
3229
01:55:05,360 --> 01:55:07,679
is i can run this and then store this
3230
01:55:07,679 --> 01:55:10,880
into like ips.txt something like that
3231
01:55:10,880 --> 01:55:13,119
just like found ip addresses okay so now
3232
01:55:13,119 --> 01:55:15,199
if i cat ips
3233
01:55:15,199 --> 01:55:16,560
dot txt
3234
01:55:16,560 --> 01:55:18,320
i have all the ip addresses i just found
3235
01:55:18,320 --> 01:55:20,719
and i found them that fast
3236
01:55:20,719 --> 01:55:23,280
versus this which may still be going and
3237
01:55:23,280 --> 01:55:24,719
it is and i can't even kill i'm just
3238
01:55:24,719 --> 01:55:27,199
going to close this out okay so this is
3239
01:55:27,199 --> 01:55:28,320
the big difference there with that
3240
01:55:28,320 --> 01:55:30,320
ampersand and the speed of what it is
3241
01:55:30,320 --> 01:55:32,719
capable of doing so
3242
01:55:32,719 --> 01:55:34,400
with all that being said we could take
3243
01:55:34,400 --> 01:55:37,520
this and do one more thing so i want to
3244
01:55:37,520 --> 01:55:39,840
show you how we can utilize
3245
01:55:39,840 --> 01:55:42,480
a one-liner these are called one line
3246
01:55:42,480 --> 01:55:45,679
statements in um in bash and we can do
3247
01:55:45,679 --> 01:55:47,360
similar to what we just did and
3248
01:55:47,360 --> 01:55:49,599
accomplish that in this command line so
3249
01:55:49,599 --> 01:55:51,840
now we have an ip address we have a list
3250
01:55:51,840 --> 01:55:54,480
of ip addresses let's say that we want
3251
01:55:54,480 --> 01:55:57,679
to run nmap now we haven't gotten to map
3252
01:55:57,679 --> 01:55:59,119
yet you don't need to really know about
3253
01:55:59,119 --> 01:56:01,679
it just know that it is a tool that
3254
01:56:01,679 --> 01:56:04,159
allows us to go out and do port scanning
3255
01:56:04,159 --> 01:56:06,000
okay so typically we would just say
3256
01:56:06,000 --> 01:56:08,480
something like nmap and we might do
3257
01:56:08,480 --> 01:56:09,920
something like
3258
01:56:09,920 --> 01:56:11,040
dash
3259
01:56:11,040 --> 01:56:14,480
t4 dash a dash p dash like this this is
3260
01:56:14,480 --> 01:56:16,639
just saying i want to run
3261
01:56:16,639 --> 01:56:18,320
map scan i want to look at everything
3262
01:56:18,320 --> 01:56:20,159
and i want to scan all ports this is
3263
01:56:20,159 --> 01:56:22,400
just an example you can just run map ip
3264
01:56:22,400 --> 01:56:23,920
address like this
3265
01:56:23,920 --> 01:56:25,920
and that would be fine too like we could
3266
01:56:25,920 --> 01:56:28,800
just go 192 168 192.168.4.29
3267
01:56:28,800 --> 01:56:30,960
and we'll do a quick map scan
3268
01:56:30,960 --> 01:56:33,920
okay but what we can't do here is we
3269
01:56:33,920 --> 01:56:37,199
can't just say hey i want to run
3270
01:56:37,199 --> 01:56:38,800
well we could we could say i want to run
3271
01:56:38,800 --> 01:56:41,440
nmap for everything in
3272
01:56:41,440 --> 01:56:43,840
dot zero slash 24.
3273
01:56:43,840 --> 01:56:45,840
the issue is it's going to take time
3274
01:56:45,840 --> 01:56:47,920
looking and finding what i p addresses
3275
01:56:47,920 --> 01:56:49,440
are valid here
3276
01:56:49,440 --> 01:56:51,440
if we have a list we can automate this
3277
01:56:51,440 --> 01:56:53,760
process quite a bit we can just come in
3278
01:56:53,760 --> 01:56:55,599
here and we can say something a little
3279
01:56:55,599 --> 01:56:58,560
bit different we can say hey for
3280
01:56:58,560 --> 01:57:01,280
ip we're using the same kind of syntax
3281
01:57:01,280 --> 01:57:03,520
in dollar sign
3282
01:57:03,520 --> 01:57:05,119
and we're going to put parentheses here
3283
01:57:05,119 --> 01:57:07,599
we're going to say cat
3284
01:57:07,599 --> 01:57:10,960
and then we're going to say ips.txt
3285
01:57:10,960 --> 01:57:12,480
and then we're just going to do this
3286
01:57:12,480 --> 01:57:14,159
we're going to say do
3287
01:57:14,159 --> 01:57:15,599
nmap
3288
01:57:15,599 --> 01:57:18,000
dollar sign ip
3289
01:57:18,000 --> 01:57:19,520
and then again we have the option of
3290
01:57:19,520 --> 01:57:22,880
doing done or we can do
3291
01:57:22,880 --> 01:57:24,480
ampersand done
3292
01:57:24,480 --> 01:57:26,480
just like this okay
3293
01:57:26,480 --> 01:57:28,320
i'm just going to do done here as an
3294
01:57:28,320 --> 01:57:30,320
example and just show you so this is
3295
01:57:30,320 --> 01:57:32,080
really easy we're saying hey for every
3296
01:57:32,080 --> 01:57:33,440
ip address
3297
01:57:33,440 --> 01:57:34,880
in this list and all we're doing is
3298
01:57:34,880 --> 01:57:36,639
we're cutting out this ip list that we
3299
01:57:36,639 --> 01:57:38,560
just had so it's going to take the first
3300
01:57:38,560 --> 01:57:40,719
ip then run the maps again and it's
3301
01:57:40,719 --> 01:57:42,080
going to come back and run the next one
3302
01:57:42,080 --> 01:57:44,320
so until this list is completely done
3303
01:57:44,320 --> 01:57:45,599
it's going to keep going through this
3304
01:57:45,599 --> 01:57:47,920
loop that's all it is a simple loop then
3305
01:57:47,920 --> 01:57:49,280
we're going to say done
3306
01:57:49,280 --> 01:57:50,719
it's going to take that ip address it's
3307
01:57:50,719 --> 01:57:52,000
going to start scanning it it's going to
3308
01:57:52,000 --> 01:57:54,560
go through and hopefully find
3309
01:57:54,560 --> 01:57:57,199
information and go in a loop so this is
3310
01:57:57,199 --> 01:57:58,880
a quick way to automate some of this
3311
01:57:58,880 --> 01:58:00,639
process i actually do this with a lot of
3312
01:58:00,639 --> 01:58:03,280
my scripts where i will do some probing
3313
01:58:03,280 --> 01:58:04,800
see if anything is out there that's
3314
01:58:04,800 --> 01:58:07,280
alive put it into an ip file and you're
3315
01:58:07,280 --> 01:58:08,480
going to see this later in the course
3316
01:58:08,480 --> 01:58:10,719
and then end map scan that
3317
01:58:10,719 --> 01:58:11,520
so
3318
01:58:11,520 --> 01:58:12,880
think about this hopefully this gets
3319
01:58:12,880 --> 01:58:15,440
your wheels spinning on what you can do
3320
01:58:15,440 --> 01:58:17,280
to really start
3321
01:58:17,280 --> 01:58:18,800
scripting some of this stuff out and
3322
01:58:18,800 --> 01:58:20,080
this is going to be the first time you
3323
01:58:20,080 --> 01:58:21,599
get your hands dirty with scripting
3324
01:58:21,599 --> 01:58:23,760
we're going to go on again with this and
3325
01:58:23,760 --> 01:58:25,840
we're going to get more advanced as we
3326
01:58:25,840 --> 01:58:27,199
go but this should be a good
3327
01:58:27,199 --> 01:58:29,599
introductory lesson to you on how we can
3328
01:58:29,599 --> 01:58:31,280
build a simple tool and automate a lot
3329
01:58:31,280 --> 01:58:32,960
of this process
3330
01:58:32,960 --> 01:58:34,800
fairly easily with just a little bit of
3331
01:58:34,800 --> 01:58:37,360
command line syntax so we're gonna go
3332
01:58:37,360 --> 01:58:39,440
ahead and move on to the next section
3333
01:58:39,440 --> 01:58:42,639
and i will see you over there
3334
01:58:42,639 --> 01:58:44,719
and we have reached the end of our video
3335
01:58:44,719 --> 01:58:46,560
so thank you so much for taking the time
3336
01:58:46,560 --> 01:58:48,880
to spend the last two hours with me
3337
01:58:48,880 --> 01:58:51,280
again if you enjoyed the video please do
3338
01:58:51,280 --> 01:58:53,199
consider subscribing to our channel it's
3339
01:58:53,199 --> 01:58:55,199
as simple as just hitting the subscribe
3340
01:58:55,199 --> 01:58:57,760
button and you get access to all of our
3341
01:58:57,760 --> 01:58:59,360
content and the new content that we're
3342
01:58:59,360 --> 01:59:02,400
releasing including courses similar to
3343
01:59:02,400 --> 01:59:04,480
this one and while you're at it please
3344
01:59:04,480 --> 01:59:06,320
do consider checking out the rest of the
3345
01:59:06,320 --> 01:59:08,639
videos on our youtube channel we do have
3346
01:59:08,639 --> 01:59:11,199
a 12 hour ethical hacking course we've
3347
01:59:11,199 --> 01:59:13,040
got open source intelligence course
3348
01:59:13,040 --> 01:59:15,280
course on buffer overflows we got a
3349
01:59:15,280 --> 01:59:17,280
bunch of cool videos on open source
3350
01:59:17,280 --> 01:59:19,040
intelligence and other things on this
3351
01:59:19,040 --> 01:59:20,960
channel as well
3352
01:59:20,960 --> 01:59:23,040
lastly if you enjoyed this course again
3353
01:59:23,040 --> 01:59:25,679
this is part of a full length course a
3354
01:59:25,679 --> 01:59:28,560
25 hour course on ethical hacking this
3355
01:59:28,560 --> 01:59:30,480
is just scratching the surface on what
3356
01:59:30,480 --> 01:59:32,560
is to come you can come to the
3357
01:59:32,560 --> 01:59:35,560
academy.tcm-sec.com
3358
01:59:36,480 --> 01:59:38,320
and come down and check out the
3359
01:59:38,320 --> 01:59:40,480
practical ethical hacking course
3360
01:59:40,480 --> 01:59:42,239
as always i'll put everything down in
3361
01:59:42,239 --> 01:59:43,920
the description below but we do cover a
3362
01:59:43,920 --> 01:59:46,080
lot of great stuff and a lot of the
3363
01:59:46,080 --> 01:59:47,920
information required to get you into the
3364
01:59:47,920 --> 01:59:50,000
field of ethical hacking
3365
01:59:50,000 --> 01:59:52,400
so that is it for this video
3366
01:59:52,400 --> 01:59:54,800
i thank you again for taking the time to
3367
01:59:54,800 --> 01:59:56,880
sit with me and learn linux with me and
3368
01:59:56,880 --> 01:59:59,040
hopefully you took some valuable
3369
01:59:59,040 --> 02:00:01,280
information away from this and i'll see
3370
02:00:01,280 --> 02:00:03,840
you soon in the ethical hacking field
3371
02:00:03,840 --> 02:00:07,400
thank you so much
231974
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.