Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,150 --> 00:00:01,850 Hello everybody and welcome back. 2 00:00:02,080 --> 00:00:07,950 And this is the last part of the printing section where we will cover two tools which are basically 3 00:00:07,950 --> 00:00:11,990 almost the same but there are slight differences between them. 4 00:00:12,090 --> 00:00:13,970 The first one it is called the. 5 00:00:14,040 --> 00:00:20,070 So if we just type here on your people you will notice that nothing will happen since we didn't specify 6 00:00:20,160 --> 00:00:21,480 any upset. 7 00:00:21,540 --> 00:00:24,270 But for more information we will just take your take. 8 00:00:24,270 --> 00:00:30,090 Does this help to provide us with the simple usage of this comment. 9 00:00:30,130 --> 00:00:32,990 Now you can use any website for this view. 10 00:00:33,030 --> 00:00:34,380 It is basically not legal. 11 00:00:34,380 --> 00:00:42,030 This is just a tool not to scan the DNS deck basically stands for Domain Internet copper and with it 12 00:00:42,030 --> 00:00:49,530 you can basically try one of the attacks which is called The Zone transfer now zone transfer. 13 00:00:49,530 --> 00:00:57,550 It is basically it uses the replication for primary and secondary DNS servers in order to be synchronized. 14 00:00:57,750 --> 00:01:04,530 Basically the secondary server for example ask for data for zone from primary server in primary server 15 00:01:04,560 --> 00:01:09,050 answers with copy of database which is IP addresses and name of hosts. 16 00:01:09,210 --> 00:01:16,020 Now from configuration of the DNS can potentially allow anyone to request to request a zone transfer. 17 00:01:16,020 --> 00:01:21,570 So with this tool we will try out the zone transfer on some of the bigger web sites which of course 18 00:01:21,660 --> 00:01:22,750 won't work. 19 00:01:22,800 --> 00:01:29,640 But on the smaller ones it could possibly be mis configuration in the DNS so that these don't transfer 20 00:01:29,730 --> 00:01:40,240 is enabled now zone transfer is happening all DP on Port 53 and not over UDP at the port of it three 21 00:01:40,260 --> 00:01:41,540 for the DNS. 22 00:01:41,550 --> 00:01:48,960 So if you just type here like Google Netcom you will notice that it would give us a bunch of the informations 23 00:01:49,500 --> 00:01:51,710 about the Google dot com. 24 00:01:51,750 --> 00:01:56,830 So for example as we could see this is the DNS query right here. 25 00:01:57,090 --> 00:02:06,640 The and is right here stands for named server and you can see that there are four of them the A basically 26 00:02:06,640 --> 00:02:14,770 represents the IP address the one a stands for the IP for IP address and for a stands for the IP B6 27 00:02:14,860 --> 00:02:22,440 IP address we can see of some of the other options which is the server that it used to query which is 28 00:02:22,500 --> 00:02:30,780 our own router on port if the three as you can see the usual DNS port will be port three or UDP and 29 00:02:30,780 --> 00:02:33,000 by router IP address is 192. 30 00:02:33,010 --> 00:02:34,880 That 168 that one that one. 31 00:02:36,960 --> 00:02:44,220 We can see that the one query we got one answer authority for which is these four servers right here 32 00:02:45,540 --> 00:02:53,370 an additional nine I believe is referring to this one right here even though there is eight once but 33 00:02:53,380 --> 00:02:59,140 these are basically the same servers just with a different IP address not different IP address different 34 00:02:59,140 --> 00:03:00,210 format of IP address. 35 00:03:00,220 --> 00:03:07,400 This one is as you said IP before and this one right here is by P6 IP address so that is the basic use 36 00:03:07,400 --> 00:03:08,710 of the command. 37 00:03:08,750 --> 00:03:12,140 You can you you can use it to find out some of the information about the domain. 38 00:03:12,590 --> 00:03:19,940 But if you for example want to try out the zone transfer you can do it like this for example. 39 00:03:19,940 --> 00:03:27,200 So just type your dick and then you type your a exe as R which stands for the zone transfer. 40 00:03:27,230 --> 00:03:35,960 Now we can use for example Facebook dot com and we can use the other server for example a dot unless 41 00:03:36,640 --> 00:03:38,650 the Facebook dot com. 42 00:03:39,380 --> 00:03:44,900 And if we try to type this right here you will not destroy a few seconds it will basically prompt us 43 00:03:44,900 --> 00:03:48,860 with some transfer failed since the Facebook. 44 00:03:49,730 --> 00:03:58,720 Since Facebook didn't miss configure the DNS so do some transfer tech cannot be done on Facebook. 45 00:03:58,860 --> 00:04:04,650 Now there may be other smaller sites it could be possibly vulnerable to the same transfer attack but 46 00:04:04,710 --> 00:04:06,480 we won't be trying to find them at the moment. 47 00:04:06,480 --> 00:04:12,240 This is just one of the tools that you can use in order to find out if it is vulnerable. 48 00:04:12,270 --> 00:04:19,320 But let me just show you another tool right here which is called Leon's DNS enum which is also installed 49 00:04:19,320 --> 00:04:21,100 in the clinics. 50 00:04:21,150 --> 00:04:30,250 So basically it is the same as the Digg tool is a free type right here DNS venom and Google dot com. 51 00:04:30,960 --> 00:04:36,990 It will provide us with similar information as we can see hosts address Google dot com which is a sense 52 00:04:36,990 --> 00:04:44,360 for the IP before and then it will print us the IP address the IP before address of Google dot com. 53 00:04:44,820 --> 00:04:50,340 And right here it is trying to find out somebody's named servers of Google as we saw before. 54 00:04:50,340 --> 00:04:51,540 There should be four of them 55 00:04:54,880 --> 00:04:56,560 now this might take a few seconds. 56 00:04:57,730 --> 00:05:02,320 And sometimes it's actually just times out in my time out right now. 57 00:05:02,340 --> 00:05:08,660 But we'll see in a few seconds I will come back when this finishes so we can see it finished right here 58 00:05:08,660 --> 00:05:12,910 and it says the eagle dot com and its record where it failed. 59 00:05:12,920 --> 00:05:16,150 It turned out so we won't be trying that anymore. 60 00:05:16,220 --> 00:05:21,560 I just want to show you that you can use that tool as well if you want to but that would be it for e-book 61 00:05:21,650 --> 00:05:22,780 printing section. 62 00:05:23,060 --> 00:05:25,430 So let us just recap what we covered. 63 00:05:25,430 --> 00:05:31,480 We covered some of the tools that we use to gather as much information as we can about our targets. 64 00:05:31,490 --> 00:05:37,970 So for example these two we covered in order together some of the information from their server or their 65 00:05:37,970 --> 00:05:38,570 DNS. 66 00:05:38,600 --> 00:05:44,390 And basically we also tried one of the attacks which is on transport which of course didn't work on 67 00:05:44,390 --> 00:05:51,290 Facebook but as he said it might work on some of the other Web sites and we also covered these. 68 00:05:51,300 --> 00:05:52,450 Who is. 69 00:05:52,690 --> 00:05:54,760 We also covered the shutdown Web site. 70 00:05:54,760 --> 00:06:01,540 We covered the harvester in this lecture or in the previous lecture where I showed you that it sometimes 71 00:06:01,570 --> 00:06:02,680 can't actually work. 72 00:06:02,710 --> 00:06:06,120 So we gather some of the e-mails from it. 73 00:06:06,210 --> 00:06:10,270 We also covered the NICTA which is a big mental. 74 00:06:10,320 --> 00:06:15,060 You should search more about it if you want to it might be useful later on. 75 00:06:15,060 --> 00:06:18,800 So that would be about it for the foot printing section. 76 00:06:19,050 --> 00:06:27,360 And with this section we basically finished the beginner section and we enter the Intermediate section 77 00:06:27,450 --> 00:06:35,400 where we will start off with creating our wearable machine which we will use in order to run our scans 78 00:06:35,460 --> 00:06:41,170 and attacks since it is not legal for us to attack our machine that we do not own. 79 00:06:41,220 --> 00:06:44,750 We will create a virtual machine which we can attack. 80 00:06:44,940 --> 00:06:50,040 Now you might have heard of that little machine is called that is portable and I will show you in the 81 00:06:50,100 --> 00:06:52,230 next tutorial how to install it. 82 00:06:52,230 --> 00:06:57,560 And basically we will start covering one of the bigger tools in the clinics. 83 00:06:57,570 --> 00:07:04,090 And one of the tools that you will lose a lot which is called The and but more about that in the scanning 84 00:07:04,090 --> 00:07:07,780 section and I hope I will see you there. 85 00:07:07,780 --> 00:07:08,200 Take care. 9195