Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:01,370 --> 00:00:06,990 Lemon I'll show you another tool if you remember the tools in Cali are listed under the Applications 2 00:00:06,990 --> 00:00:14,730 menu and in applications the tools are grouped by category information gathering vulnerability analysis 3 00:00:14,730 --> 00:00:15,810 and so on. 4 00:00:15,990 --> 00:00:21,080 In the information gathering we've already seen the net discover tool and the map tool. 5 00:00:21,180 --> 00:00:24,010 Now we're going to have a look at these and map tool. 6 00:00:24,450 --> 00:00:31,230 You could either started from the graphical menu or you started from the command line then map as basically 7 00:00:31,260 --> 00:00:35,930 and map sister or brother which is the graphical and map really. 8 00:00:36,240 --> 00:00:41,670 Once you start it all you need to do is type in the IP address and then it automatically populates the 9 00:00:41,670 --> 00:00:43,510 command that is going to run. 10 00:00:43,920 --> 00:00:48,840 And as you can see here this is a very similar command to the one that we ran earlier on the command 11 00:00:48,840 --> 00:00:50,720 interface. 12 00:00:50,730 --> 00:00:55,310 The good thing here though is that from this dropdown menu you can change the options. 13 00:00:55,320 --> 00:01:01,860 So if I choose and then scan all ATC reports notice what happens on the left hand side it automatically 14 00:01:01,860 --> 00:01:07,890 populates the command to scan all ports from 1 to 6 5 5 3 5. 15 00:01:08,110 --> 00:01:13,750 It's still at timing 4 and the minus option that we talked about and the minus v option. 16 00:01:13,760 --> 00:01:15,140 We also talked about. 17 00:01:15,610 --> 00:01:21,890 And as you can see here there are multiple different options that you can pick and choose from. 18 00:01:21,900 --> 00:01:27,030 So I'm going to remove the full port range from here just to keep it quick because we've already seen 19 00:01:27,030 --> 00:01:36,080 the scan output and I'm going to hit scan Now notice the difference because I'm not scanning every single 20 00:01:36,620 --> 00:01:46,920 port and map and this case scans 1000 ports only 1000 points from more than 65000 ports. 21 00:01:47,810 --> 00:01:49,320 So that's a big difference. 22 00:01:49,320 --> 00:01:55,170 However you might not notice a big difference in the results because these are the most common and 1000 23 00:01:55,260 --> 00:01:56,690 Bortz. 24 00:01:56,770 --> 00:02:02,140 So it's very likely that the machine that we're targeting will have the services running on it belonging 25 00:02:02,140 --> 00:02:09,750 to one of these 1000 ports now that the port scan is done again and map is doing the additional scans 26 00:02:10,310 --> 00:02:15,540 the script scanning the Vonda that it is scanning and so on which we talk about in more detail and the 27 00:02:15,540 --> 00:02:18,790 advanced courses and the scan is complete. 28 00:02:19,660 --> 00:02:22,190 You know the see at how much faster the scan was. 29 00:02:23,360 --> 00:02:27,150 Now the nice thing about Zenn map is that visually it's much more comfortable. 30 00:02:27,960 --> 00:02:31,850 You can immediately see here that the ports open are colored in green. 31 00:02:31,860 --> 00:02:38,910 If we had more than hosta scan on the left side we can group the output by the operating system or by 32 00:02:38,910 --> 00:02:44,460 the IP addresses on the right hand side we have multiple tabs that we can go through and that makes 33 00:02:44,460 --> 00:02:51,000 things much easier to look at if we click on the ports that we can see immediately in a very beautiful 34 00:02:51,000 --> 00:02:51,610 summary. 35 00:02:51,780 --> 00:02:57,660 All the ports that are open and this is very important information to us because your job as an ethical 36 00:02:57,660 --> 00:03:03,740 hacker or as a penetration test that your job is to investigate each and every single one of these sports 37 00:03:04,850 --> 00:03:09,620 and the services running behind them to see if there's any vulnerabilities that are existing and then 38 00:03:09,620 --> 00:03:11,860 to try and exploit these vulnerabilities. 39 00:03:12,730 --> 00:03:19,350 So this gives us a very nice summary or sort of a checklist of what boys exist on the target machine. 40 00:03:19,510 --> 00:03:24,550 And as we progress through these videos it's going to be seeing how we work our way through these boards 41 00:03:24,820 --> 00:03:29,130 not all of them obviously because that will be an entire five hour course on its own. 42 00:03:29,320 --> 00:03:33,820 However sequentially I'm going to pick and choose some of these sports and show you how to use them 43 00:03:34,120 --> 00:03:36,490 to break into the target machine. 44 00:03:36,490 --> 00:03:42,040 And this is the tab that shows you the network topology that you're scanning over how the network that 45 00:03:42,040 --> 00:03:44,370 you're scanning is organized or designed. 46 00:03:44,800 --> 00:03:51,250 And because we have one target the network looks fairly simple so this is me the local host and immediately 47 00:03:51,250 --> 00:03:54,540 connected to me is the target machine. 48 00:03:54,610 --> 00:03:58,700 Then you have the host details which is a very high level summary of the host. 49 00:03:58,810 --> 00:04:02,990 So you can see here that the host is up and has 23 open ports. 50 00:04:03,010 --> 00:04:06,940 This is the operating system that got detected and how it got detected. 51 00:04:06,940 --> 00:04:11,140 Again these are things that we talk about in more advanced courses that don't worry too much about that 52 00:04:11,140 --> 00:04:12,140 for now. 53 00:04:12,580 --> 00:04:19,450 And lastly we have the summary of the scan or the command that we did to run the scan. 54 00:04:19,570 --> 00:04:23,950 And by the way if you want you can save the scan of Vesely so you can come back to it later. 55 00:04:23,960 --> 00:04:25,660 Anytime you want. 56 00:04:25,660 --> 00:04:31,120 Now that we have the details scan output we can start to target the services running on the machine 57 00:04:31,470 --> 00:04:37,200 and the next video we're going to be hacking our first service and getting access to our target. 6718