Coding

Linux for Ethical Hackers (Kali Linux Tutorial)

  • 00:00:00 what is up everybody my name is Heath
  • 00:00:02 Adams and I welcome you to this course
  • 00:00:04 called Linux for ethical hackers so in
  • 00:00:08 this course we're going to be covering a
  • 00:00:10 lot of things we're really going to be
  • 00:00:11 going and hammering down on the terminal
  • 00:00:13 and the command line and if you've never
  • 00:00:15 learned Linux before this is a really
  • 00:00:17 great start for you especially if you're
  • 00:00:19 interested in becoming ethical hacker or
  • 00:00:21 a penetration tester so enough of my
  • 00:00:23 face let's go ahead and just dive right
  • 00:00:26 in
  • 00:00:26 alright everyone welcome to this course
  • 00:00:29 titled Linux for ethical hackers before
  • 00:00:32 we get started I'd like to do a little
  • 00:00:34 who am I so my name is Heath Adams I
  • 00:00:36 also go by the cyber mentor I am a
  • 00:00:40 husband first a hacker a military
  • 00:00:43 veteran gamer sports fan and animal dad
  • 00:00:47 I am a former accountant turned security
  • 00:00:51 geek so I've been in cybersecurity about
  • 00:00:53 three years now and before that I was an
  • 00:00:56 accountant hated it picked that bad
  • 00:00:58 field for all the wrong reasons so once
  • 00:01:01 I went into IT and cybersecurity I never
  • 00:01:04 looked back and I've never been happier
  • 00:01:06 on the day-to-day I am a senior security
  • 00:01:09 engineer I'm also a business owner at
  • 00:01:12 TCM security so before that I was a
  • 00:01:15 senior penetration tester doing
  • 00:01:17 penetration testing and ethical hacking
  • 00:01:19 I branched out and started my own
  • 00:01:21 business focusing on ethical hacking
  • 00:01:23 training and student development so now
  • 00:01:27 I'm doing that full-time along with a
  • 00:01:31 job as a senior security engineer okay
  • 00:01:35 so let's go ahead and talk about what
  • 00:01:36 we'll learn in this course so this
  • 00:01:39 course is going to be all hands-on
  • 00:01:41 besides this little introduction here
  • 00:01:44 you're not going to see a lot of
  • 00:01:45 PowerPoint besides quick overview of
  • 00:01:47 what the course or the video that you're
  • 00:01:49 about to see has coming so 95% hands-on
  • 00:01:54 course I will not kill you with
  • 00:01:55 PowerPoint that's not my goal we're
  • 00:01:58 going to be focusing on Kali Linux this
  • 00:02:00 entire course and really learning Linux
  • 00:02:03 and learning Linux for the purpose of
  • 00:02:05 becoming ethical hackers so we're going
  • 00:02:08 to install VMware which is a virtualized
  • 00:02:11 software virtualization software
  • 00:02:13 then we're gonna run Kali Linux inside
  • 00:02:15 of VMware after that I'm gonna give you
  • 00:02:17 a overview of Kali Linux show you some
  • 00:02:20 of the common tools what it can do why
  • 00:02:22 it's awesome and then we're gonna do a
  • 00:02:24 deep dive into the terminal so what that
  • 00:02:27 means is we're going to be hands-on
  • 00:02:29 doing commands and learning Linux so
  • 00:02:33 we'll be running navigating the
  • 00:02:35 filesystem so how to get around in the
  • 00:02:37 filesystem from the terminal will learn
  • 00:02:40 about users and privileges how to add
  • 00:02:42 users how to what kind of privileges and
  • 00:02:45 permissions are there what important
  • 00:02:46 files exist regarding those we're gonna
  • 00:02:49 talk about common Network commands so if
  • 00:02:51 you want to be a pentester ethical
  • 00:02:53 hacker you need to know networking at
  • 00:02:56 least had a basic minimum so we'll talk
  • 00:02:59 about those common network commands that
  • 00:03:00 you should know how to run them what
  • 00:03:02 they do we'll talk about viewing
  • 00:03:04 creating and editing files that's
  • 00:03:06 obviously important if you want to
  • 00:03:07 create a quick file or edit a file from
  • 00:03:09 the command-line how you can do that
  • 00:03:11 we'll talk about starting and stopping
  • 00:03:13 services such as a web server SSH sequel
  • 00:03:17 database etc we're going to talk about
  • 00:03:20 how to install updates how to install
  • 00:03:22 tools and how to update those tools and
  • 00:03:25 then lastly we're going to put
  • 00:03:26 everything we learned together and do
  • 00:03:28 some scripting in bash so we're going to
  • 00:03:31 write a basic bash script and then we'll
  • 00:03:34 improve upon it and then I'll show you
  • 00:03:36 some for loops some other logical
  • 00:03:38 scripting ideas and then we'll kind of
  • 00:03:41 put that together and hopefully come to
  • 00:03:44 a nice completion when it's all said and
  • 00:03:46 done so with all this being said I am
  • 00:03:49 excited to have you in the course with
  • 00:03:51 me I look forward to teaching you and
  • 00:03:54 let's go ahead and start with installing
  • 00:03:56 VMware alright the first thing that
  • 00:03:59 we're going to need to do is to install
  • 00:04:02 software called VMware Workstation
  • 00:04:05 Player now we have two ways to run Kali
  • 00:04:09 Linux we can either run Kali Linux
  • 00:04:12 through a virtual machine or we can
  • 00:04:14 stall it as an operating system on a
  • 00:04:16 hard drive for this course and this
  • 00:04:20 lesson we're going to be using a virtual
  • 00:04:21 machine and preferably we're going to be
  • 00:04:24 using VMware Workstation player
  • 00:04:27 I'm going to show you how to install
  • 00:04:28 VMware Workstation player and I'll show
  • 00:04:31 you some of the alternatives to it as
  • 00:04:33 well so let's go ahead and dive right in
  • 00:04:36 okay so if you go out to the interweb
  • 00:04:39 and you go to Google and you type in
  • 00:04:42 VMware Workstation player the first
  • 00:04:45 thing that will come up for you is this
  • 00:04:47 download VMware Workstation player link
  • 00:04:50 you're going to go ahead and just click
  • 00:04:52 on this and now I also want to introduce
  • 00:04:57 alternatives so there is a another
  • 00:05:00 software platform called Oracle
  • 00:05:03 VirtualBox and you will be able to
  • 00:05:05 install either my preference and the
  • 00:05:08 course that's going to be taught the
  • 00:05:09 rest of the way through is going to be
  • 00:05:11 in VMware Workstation pro but we will
  • 00:05:15 use player for the install you'll be
  • 00:05:17 able to follow along with player you'll
  • 00:05:18 also be able to follow along with Oracle
  • 00:05:20 VirtualBox if you so choose but we will
  • 00:05:23 not be showing that installation another
  • 00:05:26 thing that should be noted
  • 00:05:27 is there is this comparison page here
  • 00:05:30 and I will be using VMware Workstation
  • 00:05:32 Pro there's a nice little checklist here
  • 00:05:35 that shows what Pro can do versus player
  • 00:05:37 it has a lot of the same features here
  • 00:05:40 some of the nice things is running
  • 00:05:42 multiple VMs at once you can technically
  • 00:05:45 do that with VMware Workstation player
  • 00:05:47 there's workarounds for it but to have
  • 00:05:49 it in a single tabbed interface it's
  • 00:05:52 very very nice you see here the drag
  • 00:05:54 will tabbed interface that's another
  • 00:05:56 feature snapshots so basically making a
  • 00:05:59 backup of your machine all included in
  • 00:06:02 workstation Pro so if you have some
  • 00:06:05 money to shell out and this is something
  • 00:06:07 that you are interested in doing long
  • 00:06:09 term it may be worth looking into a
  • 00:06:12 workstation Pro license but by all means
  • 00:06:15 you can get away with a workstation
  • 00:06:16 Player installation and that's exactly
  • 00:06:19 what we're going to do so let's go back
  • 00:06:21 to the first tab here and you can see it
  • 00:06:25 says try a VMware Workstation player
  • 00:06:27 we're just going to scroll down and this
  • 00:06:29 install and everything is going to be
  • 00:06:31 running on top of windows for me if
  • 00:06:33 you're installing for Linux that's fine
  • 00:06:35 as well just follow your instructions
  • 00:06:37 for your respective OS
  • 00:06:40 go ahead and select download now I'm
  • 00:06:43 gonna save the file okay it downloaded
  • 00:06:46 I'm gonna hit run it's going to ask if
  • 00:06:52 we want to accept the changes yes okay
  • 00:07:00 now we're going to hit next we'll accept
  • 00:07:03 the license agreement and possibly give
  • 00:07:05 away our first board I'm gonna go ahead
  • 00:07:10 and check yes for the enhanced keyboard
  • 00:07:12 driver we don't need to check for a
  • 00:07:17 product update we don't need to join the
  • 00:07:19 VMware customer experience improvement
  • 00:07:21 we'll hit next on that you can leave
  • 00:07:24 both of these checked or check to your
  • 00:07:25 preference and then hit install and
  • 00:07:31 while this is installing I can actually
  • 00:07:34 show you what VMware pro looks like this
  • 00:07:37 is a pro instance running here you can
  • 00:07:39 see that I have the tabs and there
  • 00:07:41 draggable as it was notated in that that
  • 00:07:43 differential spreadsheet that you saw
  • 00:07:46 and I've got a Kali instance running
  • 00:07:49 that's actually my main Kali machine
  • 00:07:51 I've got Windows 10 running here and
  • 00:07:54 this is all actually sitting on top of a
  • 00:07:55 real Windows 10 machine as well so we're
  • 00:07:58 just installing workstation Player I'm
  • 00:08:00 going to run it a VM inside of the VM so
  • 00:08:02 it's gonna be a little bit of VM ception
  • 00:08:04 here and then we're just gonna hit
  • 00:08:06 finish and then we are going to restart
  • 00:08:11 this machine as it needs a reboot real
  • 00:08:14 quick okay now we are restarted and
  • 00:08:18 we're back to our desktop here you can
  • 00:08:20 see that VMware Workstation player has
  • 00:08:23 been added to the desktop let's just go
  • 00:08:25 ahead and double click that to open it
  • 00:08:27 and we're going to choose to use VMware
  • 00:08:30 Workstation 15 player for free for
  • 00:08:33 non-commercial use if we wanted the Pro
  • 00:08:36 Edition we would enter in our access key
  • 00:08:38 here or license key and continue on with
  • 00:08:41 the Pro Edition
  • 00:08:44 and now we will use the finish button
  • 00:08:46 here and will be brought to our VMware
  • 00:08:49 Workstation 15 player so you can see
  • 00:08:52 here that it's a much much different
  • 00:08:54 view it's very very basic we have the
  • 00:08:57 option to open a VM here and we'll have
  • 00:09:01 the one VM stored in this tab that we
  • 00:09:03 can open up and that'll be it
  • 00:09:06 there are ways around running multiple
  • 00:09:09 VMs at the same time but if you're
  • 00:09:10 looking to build a fluid lab out and
  • 00:09:13 have multiple VMs running similar to
  • 00:09:14 what I have here having the VMware Pro
  • 00:09:17 again it does have its benefits here so
  • 00:09:21 you can see this is a much much
  • 00:09:23 different look this is very generic as
  • 00:09:26 we we can see here so from here what
  • 00:09:29 we're gonna do is we're gonna go ahead
  • 00:09:31 and stop in the next video we are going
  • 00:09:34 to focus on downloading Kali Linux and
  • 00:09:37 we'll talk about what Kali Linux is and
  • 00:09:39 some of its features as well so I'll
  • 00:09:42 catch you over in the next video all
  • 00:09:46 right now let's move on to installing
  • 00:09:48 Kali Linux in our VMware software ok so
  • 00:09:52 picking up where we left off we had just
  • 00:09:54 installed VMware Workstation 15 Player
  • 00:09:57 and now we need a VM to actually be able
  • 00:10:00 to play with it so this whole course is
  • 00:10:03 going to be based on Kali Linux if we
  • 00:10:06 open up a internet browser here I've got
  • 00:10:10 a few tabs already opened so what I want
  • 00:10:13 you to do is go ahead and go out to
  • 00:10:15 Google and just type in Kali ka Li Linux
  • 00:10:20 download and leave it here what we're
  • 00:10:23 gonna do as well is I want to talk just
  • 00:10:25 a quick second about what Kali Linux is
  • 00:10:28 so Kali Linux is a debian-based Linux OS
  • 00:10:34 so it's based on pen testing tools and
  • 00:10:40 it's made for pen testers so what it
  • 00:10:42 does is it comes pre-loaded with a bunch
  • 00:10:45 of penetration testing tools a tool kit
  • 00:10:48 if you'll call it and it is just made
  • 00:10:50 for people who are looking to do pen
  • 00:10:53 testing so this is provided by offensive
  • 00:10:57 six
  • 00:10:57 if you come to Cali org and you look at
  • 00:11:00 the about us it provides a little bit of
  • 00:11:02 information about who the core
  • 00:11:04 developers were and some of the
  • 00:11:06 moderators but basically what it is is
  • 00:11:10 it followed up a tool called or a
  • 00:11:13 distribution called backtrack so the new
  • 00:11:17 the new tool is Kali Linux now there are
  • 00:11:19 alternatives out there one of the
  • 00:11:22 alternatives right now is called parrot
  • 00:11:24 so if you go to parent org and you look
  • 00:11:28 into what is parent you can see that
  • 00:11:31 they have different distributions and
  • 00:11:33 they talk about why parrot is different
  • 00:11:35 but they do have a pen test distribution
  • 00:11:37 here so for this course we're going to
  • 00:11:41 be using Kali Linux but I always do like
  • 00:11:43 to introduce the alternatives Kali Linux
  • 00:11:46 is probably more popular at this point
  • 00:11:49 parrot OS is kind of on the newer side
  • 00:11:52 some people are starting to get behind
  • 00:11:54 it and liking it but I would say Kali
  • 00:11:56 still dominates the third option is that
  • 00:11:59 you set up your own distribution so you
  • 00:12:02 have an OS that you like and then you
  • 00:12:04 install the tools on the OS that you
  • 00:12:08 like and you have your own custom build
  • 00:12:09 so some people feel like you know Kali
  • 00:12:12 or an even parrot they come with a bunch
  • 00:12:14 of tools that they'll never need so
  • 00:12:16 their system's bloated and they really
  • 00:12:19 just have a set amount of tools that
  • 00:12:21 they like and if there's a tool that
  • 00:12:22 they want to add into the system then
  • 00:12:24 they'll download that on their own they
  • 00:12:26 don't want to have a ton of bloatware
  • 00:12:28 coming with their system but with my
  • 00:12:30 experience in the industry mostly
  • 00:12:33 everybody that I've worked with is using
  • 00:12:35 Kali Linux some people are doing their
  • 00:12:38 own builds especially on like the web
  • 00:12:40 app pen testing side and then now parrot
  • 00:12:43 is kind of that up-and-coming OS that
  • 00:12:46 some people are transitioning to but it
  • 00:12:48 is predominantly Kali Linux so that is
  • 00:12:51 why we're doing this course in Kali
  • 00:12:53 Linux and I feel like it's the best
  • 00:12:55 option for us
  • 00:12:56 to learn some just some basic Linux
  • 00:12:59 skills and learn it in the OS that is
  • 00:13:03 the most dominant in the industry right
  • 00:13:04 now so let's go ahead and go back to
  • 00:13:07 that kali linux download
  • 00:13:10 while this link has been clicked on do
  • 00:13:12 not let it fool you were actually not
  • 00:13:14 clicking on the official Kali Linux
  • 00:13:15 downloads page we're gonna scroll down a
  • 00:13:17 little bit I want to go to the kali
  • 00:13:19 linux custom image downloads page and
  • 00:13:22 i'll show you why here so this is that
  • 00:13:24 offensive – security comm make sure
  • 00:13:27 that's the one you're following along
  • 00:13:28 with and if you scroll down just a bit
  • 00:13:31 you see that they're providing us VMware
  • 00:13:34 images in VirtualBox images so remember
  • 00:13:37 when I told you that VirtualBox was an
  • 00:13:38 option if you chose that option here you
  • 00:13:41 go right here you'll click on this tab
  • 00:13:43 and you will download the VirtualBox
  • 00:13:45 image now what we're gonna be doing is
  • 00:13:47 we're going to be running Kali Linux VM
  • 00:13:49 ware 64-bit and we're going to download
  • 00:13:53 the 7-zip right here you also have the
  • 00:13:56 option to download a torrent if you'd
  • 00:13:58 like the file size is going to be a 2.4
  • 00:14:01 gigs so it might take you a minute
  • 00:14:03 depending on your your speed of your
  • 00:14:07 internet and they also provide a shot
  • 00:14:10 256 um if you want to check the a file
  • 00:14:13 when you download it so I'm gonna go
  • 00:14:15 ahead and just hit download on this and
  • 00:14:17 I'm gonna save it and I will come back
  • 00:14:21 as soon as this file is finished
  • 00:14:22 downloading okay so my file has finished
  • 00:14:24 downloading I'm going to navigate to the
  • 00:14:27 folder where it has downloaded to which
  • 00:14:29 is the Downloads folder and you can see
  • 00:14:33 here that is a 7-zip file so my
  • 00:14:37 installation by default does not have
  • 00:14:39 7-zip if you do not have 7-zip either we
  • 00:14:42 can go ahead and download that together
  • 00:14:44 so if you go out to Google and you just
  • 00:14:46 type in 7-zip the first thing that comes
  • 00:14:49 up is seven – zip org you'll see a
  • 00:14:52 download tab here just go ahead and
  • 00:14:54 click on that link and go ahead and
  • 00:14:58 download the executable for your
  • 00:15:01 respective operating system so for me
  • 00:15:05 I'm gonna be downloading the 64-bit
  • 00:15:08 Windows version here and I'm going to
  • 00:15:12 save I'm gonna hit run say yes I'm going
  • 00:15:21 to go ahead and install to the default
  • 00:15:22 directory okay now that's installed
  • 00:15:26 let's go back to our folder and let's
  • 00:15:31 select that we open with 7-zip here
  • 00:15:37 okay now
  • 00:15:39 you can drag and drop we can so all I'm
  • 00:15:43 doing is dragging and dropping I'm
  • 00:15:45 putting it in the Downloads folder you
  • 00:15:47 don't have to do that you can drag it
  • 00:15:49 and put it in a location that you would
  • 00:15:50 prefer this is going to extract I
  • 00:15:53 believe at a larger file size than just
  • 00:15:56 the 2.5 gigs that we downloaded or 2.4
  • 00:15:59 gig so make sure that you have file
  • 00:16:03 space where you're gonna put this so I'm
  • 00:16:05 gonna go ahead and let this finish and
  • 00:16:07 then I will be right back ok so I
  • 00:16:09 successfully unzip this file and just
  • 00:16:12 for the record if we hover over it you
  • 00:16:14 can see that it actually extracted to be
  • 00:16:16 10 point 4 gigabytes so let's make sure
  • 00:16:19 that wherever you extract it to you have
  • 00:16:21 the 10 point 4 gigabytes in order to
  • 00:16:23 successfully complete the extraction so
  • 00:16:27 from here let's go ahead and open up our
  • 00:16:29 vmware player and we're going to go to
  • 00:16:32 player up in the left hand corner we're
  • 00:16:35 gonna select file and then we're going
  • 00:16:38 to select open and then we're going to
  • 00:16:42 go to downloads and we're gonna go into
  • 00:16:45 our kali linux folder here and or
  • 00:16:48 wherever you put it if you didn't put it
  • 00:16:49 in the downloads folder and then just
  • 00:16:51 select the one item that should be here
  • 00:16:53 it's a little 4 kilobyte file and what
  • 00:16:57 this does for us is it automatically has
  • 00:16:59 a build that's just ready to go so this
  • 00:17:02 is really awesome we don't have to
  • 00:17:05 download the image itself and then
  • 00:17:08 install it and then pick all the
  • 00:17:10 features no this is just ready to go for
  • 00:17:12 us so we can also come down here and
  • 00:17:15 select edit virtual machine settings and
  • 00:17:19 there are a couple features here so
  • 00:17:22 depending on the amount of memory that
  • 00:17:24 you have on your machine so right now
  • 00:17:27 this is sitting at two gigs of ram
  • 00:17:29 that's fine if you want it to run faster
  • 00:17:34 i recommend going somewhere between 4
  • 00:17:36 and 8 obviously the more ram you give it
  • 00:17:39 the the better it's gonna perform but if
  • 00:17:42 you're running on a gigs of ram for your
  • 00:17:44 machine really not going to do well for
  • 00:17:47 you
  • 00:17:47 my recommendation is no more than a
  • 00:17:50 fourth so if you're running on six
  • 00:17:52 and maybe give this for you could really
  • 00:17:55 try pushing it up to eight but I am
  • 00:17:57 running on 32 right now so I could crank
  • 00:17:59 this up to eight by my role here but
  • 00:18:02 just for working with you and following
  • 00:18:06 along I'm gonna set this to two and then
  • 00:18:08 we're going to perform in two that way
  • 00:18:10 that we are working at the same speeds
  • 00:18:12 across the board another thing that we
  • 00:18:14 need to note is the network adapter by
  • 00:18:16 default it's set to NAT we're gonna go
  • 00:18:19 ahead and just leave it at NAT here
  • 00:18:21 yours may come set to bridge if for some
  • 00:18:24 reason it's set to bridge you can try
  • 00:18:26 that but my default preference is NAT so
  • 00:18:29 let's go ahead and just hit OK okay and
  • 00:18:33 now we're just gonna hit play virtual
  • 00:18:34 machine and a little side note I am
  • 00:18:37 actually now on my OS I'm running on my
  • 00:18:41 my Windows OS as opposed to just running
  • 00:18:44 inside the VM if I was running a VM
  • 00:18:46 inside of the VM I would have a lot of
  • 00:18:48 issues degradation etc so now I've
  • 00:18:51 actually moved out of the VM and have
  • 00:18:54 this running and player on my Windows OS
  • 00:18:56 okay and then when we get this pop up
  • 00:18:58 here go ahead and just say I copied it
  • 00:19:02 and this will start the machine and you
  • 00:19:05 can see the other vmware player back
  • 00:19:07 here it's going to go ahead and directly
  • 00:19:10 just start loading up here and we get to
  • 00:19:12 this screen so we click in and if we try
  • 00:19:15 to just enter in our username password
  • 00:19:19 our username by default is going to be
  • 00:19:21 root our password is going to be root
  • 00:19:23 backwards so t0 R and then hit enter now
  • 00:19:30 we can make this full screen over here
  • 00:19:32 by clicking this button and we'll enter
  • 00:19:34 into full screen mode we are now
  • 00:19:37 successfully logged into our Kali Linux
  • 00:19:40 machine we've installed it successfully
  • 00:19:43 and now we are ready to start learning
  • 00:19:45 so that's it for this video in the next
  • 00:19:47 video what we're going to be doing is
  • 00:19:49 we're going to cover some of the tools
  • 00:19:51 and features of Kali Linux and we'll
  • 00:19:55 start talking about what it's capable of
  • 00:19:58 and then we'll dive right into the
  • 00:20:00 terminal after that and start learning
  • 00:20:02 some so command line and some useful
  • 00:20:05 tools with Linux so I will catch you
  • 00:20:08 guys in the next video all right now
  • 00:20:11 let's take a look around kali linux and
  • 00:20:14 just see what it has to offer us in
  • 00:20:17 terms of tools design etc so let's dive
  • 00:20:21 right in ok so we're at our desktop here
  • 00:20:25 inside of kali linux now you see the
  • 00:20:28 kali linux logo you see there's a couple
  • 00:20:31 of things on the desktop you don't have
  • 00:20:33 to worry about these these are just from
  • 00:20:34 vmware themselves put on your desktop if
  • 00:20:37 you install this as an actual OS this
  • 00:20:40 will not be here so when we talk about
  • 00:20:44 navigating around kali linux there's a
  • 00:20:46 couple of places that we can look if we
  • 00:20:49 look right away you can see on the left
  • 00:20:51 hand side over here we've got a
  • 00:20:53 favorites bar so we've got our folders
  • 00:20:56 so if we click on the folders or our
  • 00:20:58 files we can navigate around this feels
  • 00:21:00 like any other machine right we have our
  • 00:21:04 documents downloads music pictures if
  • 00:21:07 you're a Windows user or Mac user
  • 00:21:09 whatever this feels pretty common so
  • 00:21:12 this is a GUI or a graphical user
  • 00:21:14 interface way
  • 00:21:16 of interacting with the folders as you
  • 00:21:18 move on and we move on in this course
  • 00:21:21 we're going to be living in the terminal
  • 00:21:23 so the terminal is right here if you
  • 00:21:25 click on the terminal this is something
  • 00:21:28 similar to your command line so from
  • 00:21:30 here we can actually navigate to all
  • 00:21:32 these folders here and we can put files
  • 00:21:35 in there take files out anything that we
  • 00:21:38 can do in a graphic point of view we can
  • 00:21:41 also do from this command line point of
  • 00:21:43 view as well so as we learn we're gonna
  • 00:21:46 get a little less relying on the
  • 00:21:48 graphical interface and more on the
  • 00:21:51 terminal side of things however do know
  • 00:21:54 that there are ways to do a lot of
  • 00:21:56 things from a graphical side if you
  • 00:21:58 still need that that interaction with
  • 00:22:01 the machine and you don't want to be
  • 00:22:03 completely keyboard oriented there are
  • 00:22:06 also tools on the side over here if we
  • 00:22:09 look we've got a leaf pad so leaf pad is
  • 00:22:12 just like a notepad right or you know
  • 00:22:16 just your notebook here you can take
  • 00:22:17 some quick notes save it out should be
  • 00:22:20 pretty familiar for you as well so
  • 00:22:24 they've got Firefox it used to be called
  • 00:22:26 iceweasel
  • 00:22:27 and that's just your web browser down
  • 00:22:30 here are some of the tools that you may
  • 00:22:32 use now burp suite is a very popular
  • 00:22:35 tool for web application penetration
  • 00:22:37 testing we're not gonna be getting into
  • 00:22:39 any of these tools at the moment but I
  • 00:22:42 will cover what a couple of them do so
  • 00:22:45 again burp Suites a web application
  • 00:22:46 penetration testing tool if you ever get
  • 00:22:49 into web app or if you even get into
  • 00:22:51 some basic pen testing chances are
  • 00:22:54 you're gonna start using burp suite on a
  • 00:22:56 pretty regular basis over here is Zen
  • 00:22:59 map now this is the graphical version of
  • 00:23:03 a tool called nmap and you will be using
  • 00:23:06 an map pretty religiously when you're
  • 00:23:08 doing pen testing so if you like a
  • 00:23:10 visual view of doing scanning so nmap is
  • 00:23:14 a network mapper it allows you to scan
  • 00:23:17 machines for open ports and for
  • 00:23:19 vulnerabilities so if you want that in a
  • 00:23:22 more of a visual type of view a
  • 00:23:25 graphical interface type view then you
  • 00:23:27 have Zen map as a
  • 00:23:29 feature this little guy down here is
  • 00:23:32 Metasploit now Metasploit is a tool that
  • 00:23:35 can be taught all these are tools that
  • 00:23:37 can be taught in deep deep lessons all
  • 00:23:40 by themselves not to make that
  • 00:23:42 intimidating for you at all just know
  • 00:23:44 that that's how robust this is we're
  • 00:23:47 looking at three tools right here and
  • 00:23:48 they're all very very powerful and this
  • 00:23:51 isn't even the half of it or the quarter
  • 00:23:54 of what kali linux has to offer so
  • 00:23:56 Metasploit you may have heard of it if
  • 00:23:58 you've heard of anything in pen testing
  • 00:24:00 it is a framework that does just a
  • 00:24:03 little bit of everything so a lot of pen
  • 00:24:05 testers live and die by this it's a
  • 00:24:08 fantastic tool in my opinion and you're
  • 00:24:12 going to get very very intimate with it
  • 00:24:13 very very quick if you do move into pen
  • 00:24:17 testing down here is a tool called
  • 00:24:20 cherry tree and that's pretty much where
  • 00:24:22 I'm gonna stop we've got multi go in
  • 00:24:24 kismet these are just this is wireless
  • 00:24:27 base and this one here is is information
  • 00:24:31 gallery base but cherry tree is another
  • 00:24:32 useful one if we open that up this is
  • 00:24:35 actually another note keeping tool like
  • 00:24:39 I showed you leafpad leave paths just
  • 00:24:40 for quick little one-offs cherry tree is
  • 00:24:44 more of note keeping as a whole so
  • 00:24:47 you've got nodes that you can add so you
  • 00:24:50 can add a node here and just say say
  • 00:24:53 you're following along and you want to
  • 00:24:54 add notes you can say Linux you know and
  • 00:24:58 then you have a node you can add all of
  • 00:25:00 your notes in here and then you can
  • 00:25:03 actually add children nodes as well so
  • 00:25:05 maybe there's a command that you want to
  • 00:25:07 add in so say we're covering commands
  • 00:25:11 and you want to write all the commands
  • 00:25:12 in about Linux down here you could do
  • 00:25:14 that as well and then save this out a
  • 00:25:17 nice thing too is that you can take
  • 00:25:19 screenshots and put them in here and
  • 00:25:22 exports really nice and this is gonna be
  • 00:25:25 very very useful for anything in your
  • 00:25:27 career but when it comes to pen testing
  • 00:25:29 there are so many tools so many commands
  • 00:25:32 that I think it is incredibly important
  • 00:25:35 to be able to take notes and Cherry Tree
  • 00:25:37 is built in already personally I use
  • 00:25:41 what used to be in
  • 00:25:43 Linux which is a tool called I keep note
  • 00:25:46 but Cherrytree is a great alternative as
  • 00:25:49 well so either of them would work and is
  • 00:25:53 highly recommended by me that you use
  • 00:25:55 some sort of note keeping tool as you go
  • 00:25:58 through your courses and get better as a
  • 00:25:59 pen tester so I'm going to close out of
  • 00:26:02 this here and I want to show you a
  • 00:26:06 couple more things you have a feature
  • 00:26:07 here where you can show all of your
  • 00:26:09 applications so if you click on that
  • 00:26:10 it'll bring up all the applications
  • 00:26:13 including the ones that are grouped down
  • 00:26:14 here another way to do this is if we
  • 00:26:17 come up into applications at the top you
  • 00:26:20 can see that everything is grouped
  • 00:26:21 really nice for you so it goes through
  • 00:26:25 the steps of penetration testing and
  • 00:26:27 let's say that like hey I'm gathering
  • 00:26:29 information on a client ok well here are
  • 00:26:32 some of the built-in tools for
  • 00:26:34 information gathering right here say you
  • 00:26:37 want to do a wireless assessment and do
  • 00:26:40 you want to do that those sorts of
  • 00:26:42 attacks you've got all these wireless
  • 00:26:43 tools built in for you right here now
  • 00:26:46 chances are you're gonna be running
  • 00:26:48 these tools from the command-line so
  • 00:26:50 again you know you don't want to get too
  • 00:26:53 hung up on the graphical side of things
  • 00:26:55 as you may not always have access to
  • 00:26:58 that either but it's important to know
  • 00:27:01 what tools that you have in front of you
  • 00:27:02 and there are even tools like Wireshark
  • 00:27:06 in here so very very useful pretty much
  • 00:27:11 a little bit of everything that you can
  • 00:27:13 imagine so just you know take some time
  • 00:27:18 and go through the tools and if you're
  • 00:27:20 becoming a pen tester you're working on
  • 00:27:22 it you know just just you know look at a
  • 00:27:25 tool and do some research on it say you
  • 00:27:27 want to know what this Mac changer is it
  • 00:27:30 might be obvious it might not be obvious
  • 00:27:32 right so maybe you go google what Mac
  • 00:27:35 changer does how to use it what the
  • 00:27:37 syntax is and then you play around with
  • 00:27:39 that take a new tool every day figure
  • 00:27:41 out something that you can do with it
  • 00:27:43 how to use it what it does but so Kali
  • 00:27:46 Linux is a distribution full of useful
  • 00:27:50 tools and it it you know for a base OS
  • 00:27:55 it's fantastic
  • 00:27:56 and this is why so many people in the
  • 00:27:58 industry just download this install it
  • 00:28:00 and they're ready to go you know we
  • 00:28:03 talked about in a previous video how
  • 00:28:05 there are other OS Azure there are
  • 00:28:07 people out there that like to just do
  • 00:28:08 their their base install and you can see
  • 00:28:10 that there's bloat layer here if you
  • 00:28:13 want to call it that right like there's
  • 00:28:14 forensic tools and maybe you'll never do
  • 00:28:16 any forensics in your life and you don't
  • 00:28:19 need all this installed in your system
  • 00:28:20 so if you're a type of person that is
  • 00:28:23 you know it doesn't want this extra
  • 00:28:26 stuff this extra software on your system
  • 00:28:29 okay then maybe you do start moving
  • 00:28:31 towards that custom build eventually in
  • 00:28:33 your career you say hey I want I want to
  • 00:28:37 learn all these things first and then
  • 00:28:38 once I learned what tools I really like
  • 00:28:40 then maybe you moved to your own
  • 00:28:41 distribution that you create yourself
  • 00:28:42 and you spin that up every time instead
  • 00:28:45 of having all these tools built in but
  • 00:28:47 as a base OS as something that you can
  • 00:28:50 learn from and start with this is why
  • 00:28:52 I've chosen Kali and this is why we're
  • 00:28:54 gonna learn it today so let's go ahead
  • 00:28:57 from here what we're gonna do is we're
  • 00:28:59 gonna dive right into the terminal so
  • 00:29:01 let's just open this terminal and then
  • 00:29:03 we're gonna fullscreen it and move on to
  • 00:29:05 the next video so from here on out what
  • 00:29:09 we're gonna be doing is we're gonna be
  • 00:29:10 living in this terminal I'm going to
  • 00:29:13 back away from the graphical side of
  • 00:29:16 things and really just get your hands
  • 00:29:20 dirty in the terminal make you feel
  • 00:29:23 comfortable if you've never used Linux
  • 00:29:25 before this is perfect for you so I'm
  • 00:29:27 gonna give you the the pentester
  • 00:29:30 perspective on why we're doing a lot of
  • 00:29:32 these things some of these commands are
  • 00:29:34 going to be the same commands regardless
  • 00:29:36 if it's on a Kali Linux machine or if
  • 00:29:39 it's on another distribution of Linux so
  • 00:29:42 you'll be able to take a lot of these
  • 00:29:43 commands and just use Linux and another
  • 00:29:46 system as well so if you're interested
  • 00:29:48 in pen testing if you're interested in
  • 00:29:50 Linux this is where we really get into
  • 00:29:52 the meat of the course and it should get
  • 00:29:54 interesting for you so I will catch you
  • 00:29:56 over the next video when we're gonna
  • 00:29:58 start talking about how to navigate the
  • 00:30:00 file system and get comfortable with
  • 00:30:01 that all right on to navigating the file
  • 00:30:05 system so first let's talk about some of
  • 00:30:07 the commands we're going to learn today
  • 00:30:09 so we're gonna learn about PWD which is
  • 00:30:13 present working directory we're gonna
  • 00:30:15 learn about CD which is how we change
  • 00:30:17 directories we're gonna learn about LS
  • 00:30:21 which is going to be listing the files
  • 00:30:23 in a folder or in a directory and we're
  • 00:30:26 also going to talk about how to find
  • 00:30:27 some hidden folders with LS we'll talk
  • 00:30:31 about how to make a directory and to
  • 00:30:33 remove a directory we're going to talk
  • 00:30:35 about copying removing moving and
  • 00:30:38 locating files we'll talk about
  • 00:30:41 something called update DB and how that
  • 00:30:44 pertains to locating files we'll talk
  • 00:30:48 about the password and how to change our
  • 00:30:50 password and we'll talk about an
  • 00:30:52 important command called man so by the
  • 00:30:55 end of this first lesson you should be
  • 00:30:57 pretty comfortable with all of these
  • 00:30:59 commands it may seem a little daunting
  • 00:31:00 but they all kind of play in with each
  • 00:31:02 other again please make sure to take
  • 00:31:05 notes you've got cherry tree built in
  • 00:31:07 you can also use keep note or even just
  • 00:31:10 a notepad in front of you that'll help
  • 00:31:12 with the experience and also maybe
  • 00:31:14 watching the video more than once will
  • 00:31:16 help with the experience as well so
  • 00:31:18 let's go ahead and dive right into the
  • 00:31:19 command line so now our first lesson in
  • 00:31:23 Linux terminology is going to be
  • 00:31:26 navigating the filesystem so if you're a
  • 00:31:29 Windows user you're used to navigating
  • 00:31:32 your filesystem probably through folders
  • 00:31:34 through a GUI so a graphical user
  • 00:31:36 interface well in Linux we can do that
  • 00:31:39 but the majority of time we're going to
  • 00:31:41 live in this terminal here so we really
  • 00:31:44 need to know how to get around so the
  • 00:31:47 first thing we can do here is we can say
  • 00:31:49 hey where are we at
  • 00:31:51 and that's PWD so that stands for
  • 00:31:54 present working directory so you type
  • 00:31:56 that in you hit enter and it says okay
  • 00:32:00 we're in the root folder so we know that
  • 00:32:03 we're in the root folder but how do we
  • 00:32:06 get out of the root folder we can use a
  • 00:32:08 command called
  • 00:32:10 CD and that stands for change directory
  • 00:32:12 so if we want to change directory
  • 00:32:15 backwards we just type in two dots here
  • 00:32:19 and now we can say ok where we are
  • 00:32:23 so we're in a slash so we're just in a
  • 00:32:28 home folder here or just they are
  • 00:32:30 generic slash folder right so what we
  • 00:32:34 can do is well how do we know can we go
  • 00:32:37 backwards from here let's keep trying so
  • 00:32:39 we do PWD again no we can this is our
  • 00:32:43 base folder right so you have to think
  • 00:32:45 of this as the the lowest you can go so
  • 00:32:50 now how do we move around how do we know
  • 00:32:52 how to go forwards again well we don't
  • 00:32:55 know what's in our directories right so
  • 00:32:58 we're sitting in this the slash folder
  • 00:33:00 and how do we look around so there's a
  • 00:33:05 command called LS that lists everything
  • 00:33:08 that's in the folder so if we say LS we
  • 00:33:13 kind of see this color-coordinated here
  • 00:33:15 and the color coordination it just
  • 00:33:17 depends on if it's a folder if the
  • 00:33:19 folders read/write you know there's
  • 00:33:21 permission settings which we're going to
  • 00:33:23 get into later but the majority of these
  • 00:33:25 here are folders okay well we know we
  • 00:33:28 just came out of route so we can go back
  • 00:33:29 into route now how do we do that so we
  • 00:33:33 can say change directory route and we
  • 00:33:37 can actually hit tab to autocomplete I
  • 00:33:39 don't know if you caught that but
  • 00:33:41 there's no are any folder besides route
  • 00:33:43 so that our I can just hit tab and it
  • 00:33:46 should type it out for me oh I lied
  • 00:33:48 there is a run in here somewhere but
  • 00:33:49 it's hidden we're gonna cover that soon
  • 00:33:52 as well so our Oh hit tab autocomplete
  • 00:33:56 can change directory into route so let's
  • 00:33:59 LS and route and see what's in here okay
  • 00:34:02 this is more like our home folder right
  • 00:34:04 so we've got desktop documents downloads
  • 00:34:06 this is kind of what applies to the root
  • 00:34:09 user so what if we're sitting in this
  • 00:34:13 root folder here and we wanted to access
  • 00:34:16 instead this Etsy folder well could we
  • 00:34:20 do the same Etsy command here well I'm
  • 00:34:22 hitting tab and nothing's happening well
  • 00:34:25 because Etsy doesn't belong in this area
  • 00:34:28 right but if we put a forward slash in
  • 00:34:31 front of it because this is the base and
  • 00:34:34 then we hit Etsy they
  • 00:34:37 now we can navigate to the Etsy folder
  • 00:34:39 and we can actually double tab and see
  • 00:34:41 what's all in the Etsy folder like an LS
  • 00:34:43 say no another way to do that is if we
  • 00:34:47 wanted to LS what's in the Etsy folder
  • 00:34:49 without navigating to it we get this
  • 00:34:51 type ls' Etsy and you can see everything
  • 00:34:54 that's in here so there's some some
  • 00:34:58 tricks that we can do right so we don't
  • 00:35:00 have to actually navigate to the folder
  • 00:35:02 to know what's in there
  • 00:35:03 again if we LS and we want to know
  • 00:35:08 what's sitting in videos or even let's
  • 00:35:11 say what's sitting in desktop for our
  • 00:35:12 folder well if we start typing desktop
  • 00:35:15 and hit tab we can't do that either
  • 00:35:17 because everything in Linux is case
  • 00:35:19 sensitive so if we start typing desktop
  • 00:35:22 and then hit tab now we can LS and see
  • 00:35:25 what's in there so our vmware came with
  • 00:35:28 a couple of shell scripts here that are
  • 00:35:30 automatically placed on our desktop if
  • 00:35:32 we wanted to confirm that you can see
  • 00:35:34 that they're both right here so as of
  • 00:35:39 right now we are just sitting in our
  • 00:35:41 route home folder and we know how to
  • 00:35:44 navigate around so if we wanted to go to
  • 00:35:46 desktop we could we could hit LS now and
  • 00:35:49 see what's in there if we wanted to go
  • 00:35:51 backwards we could okay now we're back
  • 00:35:54 in our our root folder and you can also
  • 00:35:57 tell where you're at your present
  • 00:35:59 working directory sits right here right
  • 00:36:01 so this little a tilde is actually your
  • 00:36:04 home folder and you can see that we're
  • 00:36:06 in desktop so if we wanted to go back
  • 00:36:08 into our desktop instead of typing say
  • 00:36:13 you wanted to go to music from your
  • 00:36:14 desktop instead of going route music
  • 00:36:17 which will work you could also just say
  • 00:36:20 I want to go music and that'll put you
  • 00:36:26 there as well and notice you don't need
  • 00:36:28 the leading forward slash when you use
  • 00:36:30 the ax tilde so just some couple
  • 00:36:32 interesting trick so that you'll kind of
  • 00:36:34 pick up along the way
  • 00:36:36 tab is definitely gonna be your best
  • 00:36:37 friend if you run into something with
  • 00:36:40 multiple options say you're trying to CD
  • 00:36:43 and you say I want to go my desktop and
  • 00:36:45 you're tabbing it's not working you can
  • 00:36:46 hit double tab and then it'll show you
  • 00:36:49 okay well there's
  • 00:36:50 desktop documents downloads those are
  • 00:36:52 your three options that start with a D
  • 00:36:54 so now you kind of have an idea as to
  • 00:36:57 how to kind of move around but let's do
  • 00:37:01 a little bit more so what if we want to
  • 00:37:04 make our own folder well there's
  • 00:37:06 something called make directory mkdir so
  • 00:37:10 if we say make directory and we'll say
  • 00:37:13 I'm just gonna use my name Heat it's now
  • 00:37:16 hopefully LS we can see that this heat
  • 00:37:20 folder is now here we can go into the
  • 00:37:22 heat folder and there should be nothing
  • 00:37:25 in it right so we can go back and we can
  • 00:37:29 also get rid of the heat folder remove
  • 00:37:31 directory Heath if it LS again it's gone
  • 00:37:35 so now what else can we do well we can
  • 00:37:41 also look for hidden folders so we can
  • 00:37:43 say LS and – la and we can look for
  • 00:37:47 hidden files and folders here remember
  • 00:37:49 the color coordination so this dot cache
  • 00:37:54 right that in theory is a hidden folder
  • 00:37:56 so if we say CD cache we can go into
  • 00:38:00 there we LS and there's actually some
  • 00:38:02 some information in there but when you
  • 00:38:04 saw it originally you didn't see that
  • 00:38:06 we're going to cover more on this I just
  • 00:38:08 kind of want to show you that trick as
  • 00:38:10 you see over on the left side there's
  • 00:38:12 file permissions and properties so be
  • 00:38:15 aware that just because it looks like
  • 00:38:17 something's not there doesn't mean it's
  • 00:38:18 not there it might just actually be
  • 00:38:20 hidden similar to Windows where you have
  • 00:38:22 hidden files and folders so just a quick
  • 00:38:25 trick to show you that so another thing
  • 00:38:28 we can do so let's go back and don't
  • 00:38:34 worry about what I'm doing here you're
  • 00:38:36 going to cover these commands in a
  • 00:38:37 little bit I'm just gonna echo hi and
  • 00:38:41 we're gonna put that in a test dot text
  • 00:38:45 folder so now if we LS you can see that
  • 00:38:49 test dot text is here so if we want to
  • 00:38:53 actually copy this file we can copy this
  • 00:38:56 file to another location so we can say
  • 00:38:59 hey I've got this test text but I
  • 00:39:02 actually want to move it
  • 00:39:03 to downloads and if we go LS to
  • 00:39:09 downloads you could see that test SOT X
  • 00:39:13 is actually sitting in there and if we
  • 00:39:16 wanted to remove it we can just say
  • 00:39:18 remove from downloads or test that text
  • 00:39:23 actually sorry remove downloads test X
  • 00:39:27 we don't have to transition into that
  • 00:39:29 directory if we don't want to so another
  • 00:39:32 trick say we want to see now that it's
  • 00:39:33 gone and we want to LS but we want to
  • 00:39:36 keep typing this out if you hit the up
  • 00:39:38 arrow now you can just see your old
  • 00:39:41 commands so if you keep typing a command
  • 00:39:43 over and over you can see what's going
  • 00:39:45 on so LS shows that there's nothing in
  • 00:39:48 downloads now we were able to
  • 00:39:49 successfully remove that file so another
  • 00:39:53 thing that we can do is we can actually
  • 00:39:54 move so say we wanted to move test text
  • 00:39:58 and we wanted to put that into downloads
  • 00:40:01 okay now if we LS test text is now gone
  • 00:40:06 from this folder because we've moved it
  • 00:40:09 we haven't made a copy we've actually
  • 00:40:10 physically moved it away so now if we LS
  • 00:40:13 actually let's just tab up you can see
  • 00:40:16 that test text is now in there and I'm
  • 00:40:19 going to remove that here okay and now
  • 00:40:23 the last thing I want to show you is the
  • 00:40:26 locate feature so if we wanted to locate
  • 00:40:29 a file say I wanted to locate Bosch
  • 00:40:34 let's see so we're looking for a file
  • 00:40:38 and we're gonna get more specific along
  • 00:40:39 the way but if you type in locate you
  • 00:40:42 can kind of look through a system to see
  • 00:40:44 if you can find it now I'm looking for
  • 00:40:47 say any type of bin bash or bin our bash
  • 00:40:51 that's fine that's really what I wanted
  • 00:40:52 but it shows you everything with bash in
  • 00:40:55 it now this might not work right away
  • 00:40:58 what you might need to do is update the
  • 00:41:01 database so you type in update DB it
  • 00:41:04 updates everything for you and then you
  • 00:41:06 can use locate again so it has to build
  • 00:41:08 that database of the information that
  • 00:41:10 it's finding in order to locate what
  • 00:41:13 you're searching for so make sure that
  • 00:41:14 you use update DB sort of frequently
  • 00:41:17 okay so two more things I want to show
  • 00:41:19 you and then we'll close out this video
  • 00:41:21 and move on to the next one so an
  • 00:41:24 important thing you want to do with your
  • 00:41:26 new account is we're using a default
  • 00:41:28 password and that's not very secure so
  • 00:41:30 to change a password for our user we can
  • 00:41:34 just type in PA sswd and
  • 00:41:38 now it's going to ask us for do password
  • 00:41:41 so instead of using tor we can use
  • 00:41:43 something else I'm going to type in the
  • 00:41:46 very secure password as my password for
  • 00:41:49 an example here but if you plan on using
  • 00:41:51 this machine for future reference you
  • 00:41:54 can type in a secure password and kind
  • 00:41:57 of keep it so lastly I want to show you
  • 00:42:00 is something called man so man pages man
  • 00:42:04 pages are your instructions for any
  • 00:42:07 command that you're running most
  • 00:42:08 commands come with a man page so let's
  • 00:42:11 say we want to look at LS we can say man
  • 00:42:13 LS and then it's going to give us all
  • 00:42:16 this information here about LS so if you
  • 00:42:20 see it says LS is list directory
  • 00:42:22 contents awesome and then it gives you
  • 00:42:25 what options we can do well we can do a
  • 00:42:28 – a for all which you saw earlier and
  • 00:42:31 you can kind of scroll through here and
  • 00:42:33 just see exactly what it has to offer
  • 00:42:36 and that's kind of it so when you go
  • 00:42:40 through here you can kind of you know if
  • 00:42:43 you're struggling to like you know
  • 00:42:44 there's a command in there but you're
  • 00:42:46 not sure exactly what the command is you
  • 00:42:48 can type in man and search it and
  • 00:42:50 sometimes you can do LS I don't know if
  • 00:42:52 this is going to work but – Josh help
  • 00:42:54 and you get some information as well it
  • 00:42:56 doesn't provide you the full man pages
  • 00:42:58 but it provides you something pretty
  • 00:43:00 close so that's kind of just your way
  • 00:43:03 around if you ever get stuck something
  • 00:43:05 to look for okay so that's it for this
  • 00:43:09 lesson next we're gonna move on to users
  • 00:43:11 and privileges how to add users and how
  • 00:43:13 to how to change some pseudos and some
  • 00:43:18 modifications to our file permissions so
  • 00:43:21 until next time my name is Heath Adams
  • 00:43:23 and I thank you for joining me alright
  • 00:43:26 now let's talk about users and their
  • 00:43:28 privileges
  • 00:43:29 so what are we going to learn in this
  • 00:43:31 lesson we'll do a quick user privilege
  • 00:43:34 overview from there we're going to talk
  • 00:43:37 about the chmod command which is the
  • 00:43:39 change mode command that's going to let
  • 00:43:42 us change the permissions on a file or
  • 00:43:45 directory we're also going to talk about
  • 00:43:48 how we're going to add a user with the
  • 00:43:50 add user command from there we're going
  • 00:43:53 to take a look at a couple of important
  • 00:43:55 files one is the Etsy password file and
  • 00:43:58 the other is the Etsy shadow file so the
  • 00:44:01 Etsy password file is not actually where
  • 00:44:04 the passwords are stored on a machine
  • 00:44:06 that is the Etsy shadow file which
  • 00:44:08 stores the hashes but the Etsy password
  • 00:44:11 file does store it where the users what
  • 00:44:14 users are on the machine and you can
  • 00:44:16 correlate that to the shadow file so
  • 00:44:18 we'll talk about those in more detail
  • 00:44:20 and their importance to pen testing very
  • 00:44:23 very important and then we're going to
  • 00:44:25 talk about su which is the switch user
  • 00:44:28 command and finally we'll talk about
  • 00:44:30 sudo which is a command that allows you
  • 00:44:33 to elevate your privileges on a Linux
  • 00:44:36 machine so let's go ahead and dive right
  • 00:44:39 into our lesson ok so now we're going to
  • 00:44:42 cover users and privileges so in the
  • 00:44:45 last video we touched a little bit on
  • 00:44:47 privileges with our LS la and we touched
  • 00:44:51 a little bit on users by changing the
  • 00:44:53 password of our root account so now
  • 00:44:55 we'll cover a few more commands
  • 00:44:57 regarding those so if we look again at
  • 00:45:00 LS la you could see all this crazy
  • 00:45:07 jumbled wordage over here right so it
  • 00:45:11 actually means something so we look at
  • 00:45:14 the first line here if we see a dash
  • 00:45:17 like this a hyphen that means with the
  • 00:45:20 file if we see a de that means it's
  • 00:45:22 actually a directory and then you see
  • 00:45:25 our W and X so our W and X actually
  • 00:45:28 means read/write/execute
  • 00:45:30 it's the permission settings that this
  • 00:45:33 particular group has now there are three
  • 00:45:36 groups here there's the first second and
  • 00:45:40 then your third right here right so your
  • 00:45:43 first
  • 00:45:44 right here is the owner of the file so
  • 00:45:49 it looks like the owner of the file has
  • 00:45:51 full read/write execution right and then
  • 00:45:55 the next set of three here is actually
  • 00:45:58 the permissions for the members of the
  • 00:46:00 group that owned the file so this is a
  • 00:46:03 group ownership as opposed to actual
  • 00:46:05 ownership here so for the people that
  • 00:46:08 are in the group that has access to this
  • 00:46:10 file they can only read and execute they
  • 00:46:12 can't write to it now for the last one
  • 00:46:15 this is just all their users so any
  • 00:46:18 common user here you can actually just
  • 00:46:21 read and execute they can't write the
  • 00:46:22 document so that comes into play
  • 00:46:25 especially when we get into penetration
  • 00:46:27 testing because with penetration testing
  • 00:46:29 we're looking to have full access right
  • 00:46:32 so we're always going to be looking for
  • 00:46:34 that folder that has full read/write
  • 00:46:36 typically if we look at temp that's our
  • 00:46:39 temp folder a lot of times you see the
  • 00:46:42 temp folder has full read/write/execute
  • 00:46:44 so when we're doing penetration testing
  • 00:46:47 we're trying to upload some sort of
  • 00:46:48 exploit we might actually upload it into
  • 00:46:51 the temp folder because that's where we
  • 00:46:53 can execute those those files however we
  • 00:46:56 could also be looking for other full
  • 00:46:58 read/write/execute files where we need
  • 00:47:01 to modify them and give us root access
  • 00:47:04 to a system so it's all about insecure
  • 00:47:07 configurations and we're going to cover
  • 00:47:10 that more once we get into the actual
  • 00:47:12 penetration testing part of the course
  • 00:47:14 so for the linux essentials part of the
  • 00:47:17 course all we need to worry about is
  • 00:47:19 these file permissions another important
  • 00:47:21 feature of that is if we were to create
  • 00:47:23 a script our scripts not gonna be able
  • 00:47:25 to run until it has full access so how
  • 00:47:28 do we change access here so let's make a
  • 00:47:31 file I'm just going to make will just
  • 00:47:35 echo another text document right so
  • 00:47:38 we'll just say hello and actually I type
  • 00:47:42 that in backwards so hello and we'll
  • 00:47:45 call it hello text so if we LS here by
  • 00:47:54 default we only have read write and then
  • 00:47:57 read access for everybody else meaning
  • 00:47:59 if we wanted to read it we could say cat
  • 00:48:01 which we're going to get into later cat
  • 00:48:04 hello Tex it just says hello so what can
  • 00:48:08 we do here well we can use something
  • 00:48:10 called change mode in changing mode is
  • 00:48:13 CH LOD and we have a couple options here
  • 00:48:17 so we can do a plus right and we could
  • 00:48:21 say well we want read write execute or
  • 00:48:24 we just want execute but another way I
  • 00:48:29 like doing it is you have a number
  • 00:48:32 feature so the one you really need to
  • 00:48:35 know is all sevens sevens gives you full
  • 00:48:39 rewrite access across the board so if we
  • 00:48:43 say chmod 777 hello dot text now we LS
  • 00:48:48 la and you notice that hello dot Tex
  • 00:48:52 turns green that means it is full
  • 00:48:54 rewrite and here you go we've got the
  • 00:48:57 dash here saying it's a file and we got
  • 00:48:59 read write execute across the board so
  • 00:49:02 this is how we change file permissions
  • 00:49:04 you don't need to necessarily know about
  • 00:49:06 the other numbers in terms of
  • 00:49:08 penetration testing it becomes more in
  • 00:49:10 terms of configuration and security
  • 00:49:13 management of files if you were to get
  • 00:49:14 down that path so to stay on the easiest
  • 00:49:17 path just remember 777 or + X will work
  • 00:49:20 as well so changing the mode is is
  • 00:49:24 critical and we're going to cover it
  • 00:49:25 time and time again throughout the
  • 00:49:26 course once we get a little bit deeper
  • 00:49:29 so a couple more things we need to talk
  • 00:49:32 about say we wanted to add a new user
  • 00:49:35 well there's a feature called add user
  • 00:49:38 so we say add user and one or two names
  • 00:49:43 is allowed so we need to add user say
  • 00:49:45 John ok so it made something for John
  • 00:49:49 let's give him a password give them a
  • 00:49:52 password again and we'll just hit enter
  • 00:49:56 for the defaults it's all correct ok so
  • 00:49:59 we now have a user named John and we can
  • 00:50:04 confirm that we can actually cat the at
  • 00:50:07 the password file here and you see down
  • 00:50:12 at the very bottom we have this user
  • 00:50:13 John so this Etsy password file you're
  • 00:50:17 going to become very familiar with
  • 00:50:18 because it shows you all the users now
  • 00:50:21 this will there's a lot of times where
  • 00:50:23 you're doing penetration testing you're
  • 00:50:24 gonna have access to this Etsy passer
  • 00:50:26 file because it doesn't provide the
  • 00:50:28 password anymore
  • 00:50:29 it used to a long time ago passwords are
  • 00:50:32 now in the shadow file so you actually
  • 00:50:34 have a little bit of access and
  • 00:50:36 information disclosure here at the hands
  • 00:50:39 of poor configuration so you see that
  • 00:50:42 I've created a user John well that gives
  • 00:50:44 us a little bit for information say
  • 00:50:46 there's SSH on a machine or something
  • 00:50:47 else we can use that username of John to
  • 00:50:50 try to break into the machine so we'll
  • 00:50:52 cover that again later
  • 00:50:54 but if we wanted to see what the SC
  • 00:50:57 shadow file looks like
  • 00:50:59 now we come in here and you've got these
  • 00:51:03 these jumbled stuff here right so it's
  • 00:51:07 just a hashing format so what we're
  • 00:51:10 doing is we can actually use a tool like
  • 00:51:13 hash cat to break this down and crack
  • 00:51:17 these passwords now a password of
  • 00:51:19 password will be very easy but just know
  • 00:51:22 that if you have access to the SC shadow
  • 00:51:24 file you have a good chance of cracking
  • 00:51:27 a password depending on your
  • 00:51:28 capabilities and depending on the
  • 00:51:30 strength of the password that'll allow
  • 00:51:32 you access to a machine so something to
  • 00:51:34 think about there ok so now we have our
  • 00:51:37 user John let's go ahead and switch to
  • 00:51:40 him so we can use something called su
  • 00:51:43 which stands for switch user and we'll
  • 00:51:45 say switch user John ok so it
  • 00:51:48 automatically gave us John here let's
  • 00:51:50 see if we could switch back to root ok
  • 00:51:53 we can't just switch back to root
  • 00:51:54 because we need roots password right so
  • 00:51:58 we can type in password and that works
  • 00:52:00 but if we didn't know the password then
  • 00:52:02 we'd be stuck on John we are able to
  • 00:52:04 access John because we were already root
  • 00:52:06 so this comes into play in terms of
  • 00:52:10 users so let's go back to John here now
  • 00:52:15 if your user you have to be able to do
  • 00:52:17 certain things you need permission to do
  • 00:52:20 certain things
  • 00:52:21 should say right so root has full access
  • 00:52:23 and permission to do everything but John
  • 00:52:25 we just created John John doesn't have
  • 00:52:27 any sort of access so if we wanted to if
  • 00:52:31 we wanted to change the password say we
  • 00:52:33 want to change the password for for rude
  • 00:52:35 I can't modify the password information
  • 00:52:39 because I don't have that kind of access
  • 00:52:41 now there is something called the sudo
  • 00:52:44 which would provide John that access if
  • 00:52:47 we gave it to him so it's called a
  • 00:52:49 pseudo verse file and basically anybody
  • 00:52:52 in that sudoers file can change
  • 00:52:55 permissions given if they are a pseudo
  • 00:52:58 user right so we would type in sudo
  • 00:53:00 password root and it's going to ask for
  • 00:53:05 the password for John but you're gonna
  • 00:53:08 notice hey John's not in the pseudo or
  • 00:53:10 is file John can't do this so John has
  • 00:53:13 base permissions right and we're gonna
  • 00:53:15 counter that a lot of times in
  • 00:53:17 penetration testing where if we get in
  • 00:53:18 we'll get something called lower
  • 00:53:20 privilege and we'll get an account like
  • 00:53:23 John and we're gonna try to escalate in
  • 00:53:25 the root but we just can't do it you
  • 00:53:26 know the chances of doing a doing that
  • 00:53:29 and having a John in a pseudo horse file
  • 00:53:32 is just not high it's possible but it's
  • 00:53:34 not likely so for now just know that if
  • 00:53:38 you want a user other than root to have
  • 00:53:40 access to file permissions you need to
  • 00:53:42 have them in the su doors file that
  • 00:53:44 becomes useful too and penetration
  • 00:53:45 testing because you can look at the
  • 00:53:47 sewers file if you have access to see
  • 00:53:49 what users have sudo privileges okay so
  • 00:53:53 that is it for this lesson in the next
  • 00:53:55 lesson we're going to be covering
  • 00:53:56 Network commands and moving on gradually
  • 00:53:59 towards scripting so let's go ahead and
  • 00:54:02 get there and I will see when we get
  • 00:54:04 over there alright so now we're going to
  • 00:54:06 be covering common network commands
  • 00:54:09 before we dive into the commands we're
  • 00:54:12 gonna learn I'm gonna go on a tiny bit
  • 00:54:14 of a rant here so if you are not
  • 00:54:17 familiar with networking now is the time
  • 00:54:20 to become familiar with networking there
  • 00:54:22 are two things I think that a person
  • 00:54:25 needs before they really can dive into
  • 00:54:27 pen testing and that is Linux experience
  • 00:54:29 which you are gaining some linux
  • 00:54:32 experience now because most pen testing
  • 00:54:34 is done
  • 00:54:35 Linux and the other thing is to have a
  • 00:54:38 good network foundation so if you're
  • 00:54:40 looking at these commands here and I say
  • 00:54:43 ifconfig which if you're a Windows user
  • 00:54:45 and you hear IP config you know what
  • 00:54:48 that is okay that's basically the same
  • 00:54:50 thing if you know what ping is if you
  • 00:54:52 know what ARP is netstat route those
  • 00:54:55 should all be pretty familiar where you
  • 00:54:58 can guess what those are if you do not
  • 00:55:01 know what these commands are you might
  • 00:55:03 want to brush up on your networking as
  • 00:55:06 well because the better you are and
  • 00:55:08 networking the better you're gonna be
  • 00:55:09 when it comes to pen testing because
  • 00:55:11 you're gonna have to navigate around
  • 00:55:13 networks you're gonna have to understand
  • 00:55:15 where you are at in a network your going
  • 00:55:18 to need it for basic troubleshooting as
  • 00:55:20 well so just to understand these
  • 00:55:22 commands to be very important but what
  • 00:55:25 we're gonna be doing here is we're going
  • 00:55:26 to be taking common Network commands
  • 00:55:29 that we're gonna be running as a pen
  • 00:55:30 tester and we're just gonna apply those
  • 00:55:33 to their version in Linux some of these
  • 00:55:36 may be familiar to you some may be new
  • 00:55:38 to you but we're talking here ifconfig
  • 00:55:41 which is just going to show us some
  • 00:55:43 information very similar to IP config in
  • 00:55:45 Windows where we'll see our ipv4 ipv6 if
  • 00:55:49 we have it information our MAC address
  • 00:55:51 things along those lines our subnet mask
  • 00:55:55 etc the iw config is the wireless
  • 00:55:58 adapter version of that ping is a ping
  • 00:56:02 command where we talk over ICMP and we
  • 00:56:05 try to communicate to another machine to
  • 00:56:08 see if it's alive and responding back to
  • 00:56:10 us we've got the ARP command which just
  • 00:56:13 maps IP addresses to MAC addresses and
  • 00:56:16 we've got netstat which is just a
  • 00:56:20 command line tool that's going to allow
  • 00:56:22 us to display all connections and
  • 00:56:25 listening ports and then finally we've
  • 00:56:28 got route which displays our routing
  • 00:56:30 table so we'll go ahead and take a
  • 00:56:32 little bit of a deep dive into those in
  • 00:56:34 this next lesson and hopefully this is a
  • 00:56:37 refresher for you so again if not then
  • 00:56:40 you should be looking into some
  • 00:56:41 networking studies as well okay so let's
  • 00:56:46 go ahead and dive right in okay
  • 00:56:48 so now let's cover network commands so
  • 00:56:51 the first command I want to cover is
  • 00:56:53 ifconfig so you may be familiar with the
  • 00:56:57 Windows version of this which is IP
  • 00:56:59 config and they pretty much do the same
  • 00:57:01 thing so it shows you here your
  • 00:57:05 different interface types and the IP
  • 00:57:08 address associated with them so each 0
  • 00:57:11 here Ethernet 0 has an IP address of
  • 00:57:16 192.168.1 32.16 4 you can see the
  • 00:57:20 netmask the broadcast address and you
  • 00:57:23 can see the MAC address as well and we
  • 00:57:26 also have a loopback address here now if
  • 00:57:30 your machine has a wireless adapter or
  • 00:57:32 at some point you want to do wireless
  • 00:57:34 penetration testing you're going to need
  • 00:57:37 iw config and you should not expect to
  • 00:57:41 see anything on this at the moment
  • 00:57:42 unless you're using a laptop then you
  • 00:57:45 actually might see a configuration down
  • 00:57:47 here for it if you would see something
  • 00:57:49 under iw config you would see like a W
  • 00:57:51 LAN 1 wlan0 something along those lines
  • 00:57:55 ok and another common command that what
  • 00:57:58 you're gonna see is gonna be the ping
  • 00:58:00 command so we can just type in ping and
  • 00:58:04 the address that we're trying to talk to
  • 00:58:06 so for example I'm gonna try to ping my
  • 00:58:10 home router and I get talking back so if
  • 00:58:17 I tried to ping something that wasn't in
  • 00:58:19 my network like a 16.1 you're gonna see
  • 00:58:22 the results change so with ping here
  • 00:58:25 ping is going to be endless until we hit
  • 00:58:29 something like control C to stop it
  • 00:58:31 it'll ping forever so I'm going to hit
  • 00:58:34 control C again and kind of show you the
  • 00:58:37 difference so you see that we attempted
  • 00:58:39 to ping here and we got replies we got
  • 00:58:42 information back well that's good that
  • 00:58:46 means we're talking to the other machine
  • 00:58:47 it says hey are you there it says yeah
  • 00:58:49 I'm there and we try to ping this
  • 00:58:51 machine here but this machine's not
  • 00:58:53 talking back it could mean that the
  • 00:58:55 machine is not on the network or that
  • 00:58:57 the machine is just blocking ICMP
  • 00:58:59 traffic ICMP is a
  • 00:59:02 their word for ping so moving on to the
  • 00:59:04 next command I want to show you ARP so
  • 00:59:08 the best way I like to type in is ARP
  • 00:59:11 with a switch of a and ARP is just going
  • 00:59:16 to show you MAC addresses that it talks
  • 00:59:20 to and the IP address actually I said
  • 00:59:24 that backwards it's going to show you
  • 00:59:25 the IP address it talks to and the MAC
  • 00:59:27 address associated with it so if an IP
  • 00:59:31 address reaches out say 192 168 15.1
  • 00:59:36 talked out to this machine it's gonna
  • 00:59:39 say okay hey who are you it's gonna send
  • 00:59:42 a broadcast message you're Alex and say
  • 00:59:43 who has this IP address and then the IP
  • 00:59:46 address will respond it says hey I do
  • 00:59:48 and this is my MAC address so ARP is
  • 00:59:50 just a way of associating IP addresses
  • 00:59:52 with MAC addresses and once you know
  • 00:59:57 that you can also look at net stat so
  • 01:00:00 net stat – ano is another one of my
  • 01:00:04 favorite commands and this shows you
  • 01:00:07 just the active connections that are
  • 01:00:08 running on your machine so if we scroll
  • 01:00:10 way up and you can just kind of see
  • 01:00:17 what's open and what's talking here
  • 01:00:21 where this really comes in handy on a
  • 01:00:23 penetration test is to see if a machine
  • 01:00:27 is talking to somebody else
  • 01:00:29 same thing with ARP you want to know
  • 01:00:31 what that machine is associated with
  • 01:00:33 and is it talking to something on a port
  • 01:00:37 so this is more just internal right now
  • 01:00:40 but it's still good to know so for
  • 01:00:42 example if I were to open up a Firefox
  • 01:00:44 page and connect out to the Internet
  • 01:00:46 then I went and I did a net stat again I
  • 01:00:49 would see information about that port
  • 01:00:51 being open and and that I am going out
  • 01:00:55 with it so just kind of keep that in
  • 01:00:59 mind these are not commands that you
  • 01:01:01 really need to know in depth right now
  • 01:01:04 networking does come into play when you
  • 01:01:07 are doing penetration testing but we're
  • 01:01:09 gonna cover these commands time and time
  • 01:01:11 and again I just wanted to give you a
  • 01:01:13 very brief introduction to them okay in
  • 01:01:18 the last command that I have for you
  • 01:01:20 today is route so if you type in a route
  • 01:01:23 that's gonna print your routing table in
  • 01:01:25 the routing table is important because
  • 01:01:28 it tells you where your traffic exits
  • 01:01:32 essentially so for this VM my traffic is
  • 01:01:36 exiting on 192 168 1 3 4.0 so any
  • 01:01:42 traffic goes out of this 0 to 0 to 0
  • 01:01:44 that's 0 gateway in this range right so
  • 01:01:48 when it goes out this gateway it's doing
  • 01:01:52 NAT so network address translation and
  • 01:01:55 it's running off my computer so the best
  • 01:01:57 examples aren't here but it's important
  • 01:01:59 to know route as well because there
  • 01:02:02 could be a machine that you're attacking
  • 01:02:03 that has multiple routes so you might
  • 01:02:06 see a 134 and a 1:35 because it has a
  • 01:02:09 dual home NIC the meaning it has two
  • 01:02:12 NICs inside of it so it's actually
  • 01:02:14 talking to a completely different
  • 01:02:15 network that you didn't know existed so
  • 01:02:17 you might have been attacking one
  • 01:02:19 network on the 134 range and then 135
  • 01:02:22 just out there and this computer can
  • 01:02:24 talk to both and until that point you
  • 01:02:26 had no idea and that's the idea of
  • 01:02:29 called pivoting when you switch a
  • 01:02:30 network from one to the other but you're
  • 01:02:33 using a machine so that's it for this
  • 01:02:35 lesson in the next lesson we're gonna
  • 01:02:37 talk about viewing creating and editing
  • 01:02:39 files
  • 01:02:41 okay so viewing creating and editing
  • 01:02:43 files this section sounds exactly like
  • 01:02:47 what it is we're going to talk about how
  • 01:02:49 to view create and edit files mainly
  • 01:02:52 we're just going to be showing how to
  • 01:02:54 create quick text documents but we'll
  • 01:02:56 teach you commands that will allow you
  • 01:02:58 to do further in the future as you will
  • 01:03:01 see as we get further in the course and
  • 01:03:02 get into scripting so let's go ahead and
  • 01:03:05 take a look at some of the commands that
  • 01:03:06 we're going to be learning so some of
  • 01:03:09 the commands that we're gonna learn
  • 01:03:10 we're gonna learn the echo command which
  • 01:03:13 echoes what we write right back out to
  • 01:03:16 the terminal we're going to look at the
  • 01:03:18 cat command which is going to print out
  • 01:03:21 a document for us it's similar to type
  • 01:03:24 in Windows
  • 01:03:26 we'll talk about replacing verse
  • 01:03:28 appending and which which function does
  • 01:03:31 which and how to do it we're going to
  • 01:03:33 talk about the touch command which can
  • 01:03:36 be used to create a file on the fly
  • 01:03:39 we'll talk about Nano which is a text
  • 01:03:43 editor that's built into the terminal
  • 01:03:45 and then we're going to talk about G at
  • 01:03:47 it which is also a text editor but it is
  • 01:03:50 a GUI text editor so we do get a little
  • 01:03:53 bit of GUI in this lesson so let's go
  • 01:03:56 ahead and dive right in okay so this is
  • 01:03:59 my second time recording this video the
  • 01:04:02 first time I forgot to turn my
  • 01:04:04 microphone on and performed for my cat
  • 01:04:07 so she approved of it let's see if you
  • 01:04:09 approve of it the second time around now
  • 01:04:11 that I have a little bit of practice so
  • 01:04:13 we're going to be talking today is we're
  • 01:04:15 talking about viewing creating and
  • 01:04:17 editing files so I've already showed you
  • 01:04:19 the echo command if you recall we used
  • 01:04:22 echo to create a file right we've
  • 01:04:26 created a hello Tex and we can just echo
  • 01:04:29 hello out to the terminal we could say
  • 01:04:31 echo hello and I'll say hello back so
  • 01:04:35 what we can do with echo is we can use
  • 01:04:37 it to write to a file so if we were to
  • 01:04:41 say echo hey and then we write it – hey
  • 01:04:47 dot txt well we can look and see that
  • 01:04:53 hey dot txt is here and you can see my
  • 01:04:56 files from the previous one so I'm
  • 01:04:59 trying to come with more ways of saying
  • 01:05:01 hello but we're going to use hey dot
  • 01:05:05 text here so if we cat hey dot Tex
  • 01:05:09 hey all cat does is print out to the
  • 01:05:11 screen what is in a file it says hey
  • 01:05:15 okay so let's say we want to append cat
  • 01:05:19 or we want to append hey dot txt well we
  • 01:05:22 can tab up here what if we just say hey
  • 01:05:25 again we've got this greater than symbol
  • 01:05:28 here and we're just putting it into the
  • 01:05:31 haida text file well that didn't work we
  • 01:05:36 didn't append it we actually overrode it
  • 01:05:38 so
  • 01:05:40 what if what can we use to actually over
  • 01:05:44 upend this here what we can do is we
  • 01:05:47 could say hey again again right just to
  • 01:05:50 give us something different and we can
  • 01:05:52 add a second greater than symbol here so
  • 01:05:56 now if we cat the file you can see that
  • 01:06:00 we actually append it to the end of it
  • 01:06:01 so this becomes incredibly useful when
  • 01:06:05 we are either adding stuff to a list say
  • 01:06:08 we're gathering IP addresses and we just
  • 01:06:10 want to combine our lists or when we're
  • 01:06:13 creating a series of commands and we're
  • 01:06:16 going to use those commands to send all
  • 01:06:18 at once we're going to cover that later
  • 01:06:20 when we're talking about file transfers
  • 01:06:21 in the penetration testing section where
  • 01:06:24 we use a set of commands like this on a
  • 01:06:27 Windows machine to actually transfer
  • 01:06:29 files via FTP it's just so much easier
  • 01:06:31 than typing them all in one by one we
  • 01:06:34 can create a little document and run the
  • 01:06:36 document so this becomes useful when we
  • 01:06:39 have a series of commands and for other
  • 01:06:42 reasons as well as you'll learn as you
  • 01:06:43 go on in your Linux career so we've
  • 01:06:47 talked about echo and we've talked about
  • 01:06:49 cat so let's talk about some other ways
  • 01:06:51 to create a file we can use something
  • 01:06:54 called touch and to say new file that
  • 01:06:56 tags and if we LS you could see that new
  • 01:07:01 file about Texas here but if we cat new
  • 01:07:04 file there's nothing in there because we
  • 01:07:07 haven't put anything in there yet
  • 01:07:08 so there's a few things that we can do
  • 01:07:10 we could use echo and append the file
  • 01:07:12 right we could also use a tool called
  • 01:07:15 Nano now Nano is a terminal text editor
  • 01:07:18 there are other terminal text editors
  • 01:07:20 like VY and vim I don't prefer those
  • 01:07:23 personally I like Nano the most some
  • 01:07:25 people have their preferences so I
  • 01:07:27 encourage you to play around with any of
  • 01:07:29 them as you wish by and them are the
  • 01:07:31 other two but for this course we're
  • 01:07:34 going to be using Nano so if I say Nano
  • 01:07:37 new file text I could type whatever I
  • 01:07:40 want in here and we're going to be using
  • 01:07:45 Nano a lot to create scripts to create
  • 01:07:49 Python scripts and to edit shell code
  • 01:07:53 as we get into a little bit of exploit
  • 01:07:56 development so I'm gonna hit control X
  • 01:07:58 I'm gonna hit Y for saving and then
  • 01:08:02 we'll save it to new file dot txt if we
  • 01:08:06 cap this
  • 01:08:07 now it says hey I could type whatever I
  • 01:08:09 want in here so that's one way of
  • 01:08:11 editing it another way of editing it is
  • 01:08:13 using a graphical interface so we can
  • 01:08:16 use G at it and say new file and if you
  • 01:08:21 don't like using a terminal you're more
  • 01:08:24 than welcome to use G edit here just
  • 01:08:27 type in a new line here and save it and
  • 01:08:29 I I like using G edit it's a lot cleaner
  • 01:08:32 cuz I can you know highlight and delete
  • 01:08:34 I don't have to use my keyboard and
  • 01:08:36 navigate around like I do in the
  • 01:08:38 terminal so if you have the option to
  • 01:08:40 use G edit for sure but sometimes you're
  • 01:08:42 gonna be on another machine that's not
  • 01:08:44 your own or it's headless and doesn't
  • 01:08:46 have a GUI that you're gonna have to use
  • 01:08:48 now so get comfortable using bolt so we
  • 01:08:51 save this let's go ahead and cat it out
  • 01:08:54 and see what happens
  • 01:08:55 okay you can see that the new line is in
  • 01:08:57 there so really that's the overview that
  • 01:09:00 I wanted to cover so just know that you
  • 01:09:03 can create files pretty much using echo
  • 01:09:06 touch I and actually you can create
  • 01:09:10 files using nano as well if you say Nano
  • 01:09:12 this is new text I'll just say hello
  • 01:09:16 control X save it you LS you can see
  • 01:09:21 this is new Texas right here so you can
  • 01:09:26 use all of these tools in different ways
  • 01:09:29 to create files it's completely up to
  • 01:09:31 you how you want to do it personally
  • 01:09:33 what I'm creating a file I use Nano and
  • 01:09:36 I just create a new shell script Python
  • 01:09:38 script a text document that way you
  • 01:09:42 could also do it using G edit as well so
  • 01:09:45 just know that we're going to be using
  • 01:09:47 these a lot and try to get comfortable
  • 01:09:49 with these and from here we're going to
  • 01:09:51 be moving into controlling Kali services
  • 01:09:53 so we're just gonna briefly talk about
  • 01:09:55 what services you need running on boot
  • 01:09:57 and how to do that alright in this video
  • 01:10:01 we're going to be talking about starting
  • 01:10:02 and stopping kali services let's go
  • 01:10:05 ahead and just take a quick look at the
  • 01:10:06 commands we're going to
  • 01:10:08 so not a lot of commands in this video
  • 01:10:10 only two we're going to talk about the
  • 01:10:12 service command and the system CTL
  • 01:10:15 commands so the service command deals
  • 01:10:17 with services it's going to allow us to
  • 01:10:20 start and stop services on the fly and
  • 01:10:22 the systemctl command is going to allow
  • 01:10:25 us to enable or disable services so that
  • 01:10:28 they load up on boot or do not load up
  • 01:10:31 on boot so let's talk a little bit more
  • 01:10:33 about services and look at how these
  • 01:10:36 commands can be useful for pen testing
  • 01:10:39 all right so let's talk about starting
  • 01:10:41 and stopping services so when we're in
  • 01:10:44 Cali there are a couple different ways
  • 01:10:46 that we can start and stop services and
  • 01:10:49 when I talk about a service I'm talking
  • 01:10:51 about something like a web server or SSH
  • 01:10:55 or maybe a sequel database so when we
  • 01:10:58 cover this video today I'm going to show
  • 01:11:00 you a few different services and how to
  • 01:11:02 start them and stop them I'll show you
  • 01:11:05 how to start them permanently on boot
  • 01:11:07 and we'll talk about which services are
  • 01:11:11 important to keep on boot which services
  • 01:11:14 are important to to start when you feel
  • 01:11:15 like that just starting them or when you
  • 01:11:17 need them etc so let's start with our
  • 01:11:20 first service which is going to be
  • 01:11:22 Apache – now Apache – is a web server so
  • 01:11:26 let's go ahead and do a proof-of-concept
  • 01:11:28 first let's start with a command that we
  • 01:11:30 learned in an earlier video which is
  • 01:11:32 ifconfig I'm gonna grab our ipv4 address
  • 01:11:37 right here
  • 01:11:38 and I just want to copy this I want to
  • 01:11:41 go out to a web browser over here and
  • 01:11:45 we're just gonna paste this address now
  • 01:11:50 you'll notice that it says it's unable
  • 01:11:51 to connect this is expected here we are
  • 01:11:54 not running a web server now let's go
  • 01:11:57 back in here and let's just say service
  • 01:12:01 Apache to start ok looks like it went
  • 01:12:10 through let's go ahead and hit enter
  • 01:12:11 again and now you can see that Apache to
  • 01:12:13 Debbie and default page has been loaded
  • 01:12:16 so what has changed well when we boot
  • 01:12:20 our machine this apache2 service is not
  • 01:12:22 running by default so if we want to run
  • 01:12:25 a web page then we actually have to
  • 01:12:28 start up the service for it to work as
  • 01:12:30 you just saw here now you can see that
  • 01:12:33 if we want to add files or replace files
  • 01:12:35 here well we're going to have to edit
  • 01:12:38 the bar ww HTML folder so if we come out
  • 01:12:42 here and we go into other locations
  • 01:12:45 computer and then we go into our bar
  • 01:12:50 ww HTML you'll see that the index.html
  • 01:12:55 page is here so if we actually wanted to
  • 01:12:57 maybe host a malicious web page and have
  • 01:13:00 it point back to us this is one way we
  • 01:13:02 might do it right here if we want to
  • 01:13:04 serve up some files say we have
  • 01:13:06 something that we want to upload to a
  • 01:13:08 machine that might be malicious or you
  • 01:13:11 know a file that we want to transfer to
  • 01:13:13 somebody else or download on another
  • 01:13:15 computer it doesn't have to be malicious
  • 01:13:16 we could host that file in this folder
  • 01:13:18 here now that is fine this is one way to
  • 01:13:22 do it right you could put your files all
  • 01:13:24 in one location but you know yeah it's
  • 01:13:28 not my favorite way it was my favorite
  • 01:13:30 way when I first got started there is a
  • 01:13:32 much easier way now and I will show you
  • 01:13:34 how to do that so let's go ahead and
  • 01:13:37 type LS you'll see we have no documents
  • 01:13:41 here so I'm just going to echo hello
  • 01:13:45 into hello text and then have that hello
  • 01:13:49 text here now what we can actually do is
  • 01:13:52 we can spin up a web server so we can
  • 01:13:55 just say Python – M for a module and say
  • 01:14:00 simple HTTP server you can auto tab it
  • 01:14:04 and then say 80 for the port Oh 80 is
  • 01:14:08 already in use so let's just give it 80
  • 01:14:10 80 80s and use from the Apache server at
  • 01:14:12 the moment so instead let's look at what
  • 01:14:16 happens so let's just call it out at
  • 01:14:18 8080 and you can see here that I can go
  • 01:14:22 to this hello dot text and actually get
  • 01:14:24 the file I have information in real time
  • 01:14:26 whether or not that file was captured
  • 01:14:28 and overall this
  • 01:14:30 just a webserver that's so easy to spin
  • 01:14:32 up I can put it in the directory that I
  • 01:14:33 wanted to so if I wanted to serve my
  • 01:14:36 desktop folder I would navigate to
  • 01:14:38 desktop and then spin this this Python
  • 01:14:40 module up I don't have to put everything
  • 01:14:42 into a var WW folder and it just makes
  • 01:14:46 life really really simple so just proof
  • 01:14:49 of concept we can do a service Apache to
  • 01:14:53 stop and we can come back and make sure
  • 01:14:57 that that web server has been stopped by
  • 01:14:59 going here
  • 01:15:00 and refreshing now you can see that it's
  • 01:15:04 gone we can CD into something like
  • 01:15:07 downloads we say LS there's nothing in
  • 01:15:10 here so we can tab up a couple times and
  • 01:15:15 just serve up port 80 now because you
  • 01:15:17 can see it's not in use anymore and come
  • 01:15:20 back here refresh you can see there's
  • 01:15:23 nothing in the directory listing because
  • 01:15:26 there's nothing in the folder so this is
  • 01:15:29 just an easy way to spin up a web server
  • 01:15:31 I think it's much easier than Apache –
  • 01:15:33 I'm showing you both because they like
  • 01:15:36 to give alternatives but using Python
  • 01:15:38 moving forward is a great great feature
  • 01:15:41 my challenge to you is to look up how to
  • 01:15:44 spin up a FTP server with Python so I
  • 01:15:48 won't get redundant here I do have
  • 01:15:50 future lessons and other courses that
  • 01:15:53 talk about this but if you want to
  • 01:15:54 challenge yourself to figure out how to
  • 01:15:57 spin up an FTP server that's my
  • 01:15:58 challenge to you there's a module out
  • 01:16:00 there that you can download quite easily
  • 01:16:01 and spin up your own FTP server so let's
  • 01:16:05 go ahead and ctrl C we're going to close
  • 01:16:07 out of this and now let's talk about
  • 01:16:10 spinning up a service permanently so
  • 01:16:13 let's say that we just had the Apache
  • 01:16:15 tube running and then we rebooted the
  • 01:16:16 machine when we reboot our machine
  • 01:16:19 Apache 2 is not going to be online
  • 01:16:21 because we're only doing a service start
  • 01:16:23 it only holds during this session once
  • 01:16:25 we reboot that session is gone that
  • 01:16:28 service is gone so if we want to keep
  • 01:16:30 something online the entire time what we
  • 01:16:33 can do is use systemctl so we can say
  • 01:16:37 system CTL enable or disable if you want
  • 01:16:43 to disable something and for example we
  • 01:16:45 could say SSH now I'm not going to hit
  • 01:16:47 enter here this is just an example well
  • 01:16:49 let's say that we wanted to have an SSH
  • 01:16:51 available on our machine so we can SSH
  • 01:16:54 into it we are opening up SSH for this
  • 01:16:57 feature here ok let's say that we want
  • 01:17:01 to have a server and this is one I do
  • 01:17:04 want you to hit enter in so this is
  • 01:17:06 going to be a database right this is a
  • 01:17:08 PostgreSQL so we're going to say
  • 01:17:11 systemctl enable PostgreSQL
  • 01:17:14 and we have enabled that so now we
  • 01:17:17 reboot this PostgreSQL will load every
  • 01:17:19 single time now why is this important
  • 01:17:22 well this is important because it's
  • 01:17:25 going to allow us to run Metasploit and
  • 01:17:27 have the PostgreSQL database running
  • 01:17:30 when we boot so it doesn't have to take
  • 01:17:33 the extra time to load it if we come
  • 01:17:35 over here and we just click on the
  • 01:17:36 Metasploit framework now PostgreSQL is
  • 01:17:39 working and it says database already
  • 01:17:41 started so it's already configured it's
  • 01:17:43 gonna skip initialization it's going to
  • 01:17:45 go ahead and get right into it so it
  • 01:17:47 just saves us a little bit of time mat
  • 01:17:48 is full you can take some time to to run
  • 01:17:51 and I think that if you continue on I
  • 01:17:54 know if you continue on with being a pen
  • 01:17:56 tester you're definitely going to be
  • 01:17:57 using Metasploit quite a bit so this is
  • 01:18:00 just one feature that if you're gonna be
  • 01:18:01 using it it doesn't hurt to have it
  • 01:18:03 enabled on your system boot now if you
  • 01:18:06 feel that you want to have Apache to on
  • 01:18:09 boot you can go ahead and do the same
  • 01:18:11 thing with the system enable systemctl
  • 01:18:13 enable but the only one that I recommend
  • 01:18:16 putting on is this system CTL PostgreSQL
  • 01:18:20 okay so that is it for this video in the
  • 01:18:24 next video we're going to be talking
  • 01:18:25 about installing how to install things
  • 01:18:29 from github and how to install using
  • 01:18:31 apt-get so let's go ahead and move right
  • 01:18:34 into that video alright welcome to the
  • 01:18:38 pen ultimate video we are going to be
  • 01:18:41 focusing on installing and updating
  • 01:18:43 tools so let's look at our agenda so
  • 01:18:47 what are we going to learn we're gonna
  • 01:18:48 learn how to install updates for Kali so
  • 01:18:52 we're gonna learn how to install updates
  • 01:18:53 using a tool called apt-get and we're
  • 01:18:56 also going to learn how to install tools
  • 01:18:58 using apt-get specifically we're going
  • 01:19:01 to be installing a tool today called git
  • 01:19:04 we're going to be using git than to
  • 01:19:06 clone from a website so sometimes when
  • 01:19:10 we have a tool that we want it's not
  • 01:19:11 always in apt-get it's not in the
  • 01:19:14 repository so we're gonna actually have
  • 01:19:16 to use github and maybe use a tool
  • 01:19:18 called git to download tools or other
  • 01:19:22 items from github but this is just going
  • 01:19:24 to be one example but it's a very very
  • 01:19:26 common example that
  • 01:19:28 you may have to do as a pen tester so
  • 01:19:31 let's dive in and take a look at how we
  • 01:19:33 can use these commands to install tools
  • 01:19:35 and update tools okay so one of the
  • 01:19:39 important things you need to know is how
  • 01:19:42 to not only install files on your
  • 01:19:45 computer but also how to install updates
  • 01:19:49 on your computer so for Kali since this
  • 01:19:52 is a debian base we're going to use
  • 01:19:53 something called apt-get and the first
  • 01:19:55 thing I'm going to show you is how to
  • 01:19:57 install updates so the common way to do
  • 01:20:00 this if you don't use the GUI and you
  • 01:20:01 want to use terminal is apt-get update
  • 01:20:05 and then we'll do and half get upgrade
  • 01:20:11 let's go ahead and just hit enter on
  • 01:20:13 this and let's explain what it's doing
  • 01:20:17 so the first command here is saying
  • 01:20:19 apt-get update so what we're doing is
  • 01:20:22 we're looking through packages now these
  • 01:20:24 packages are predefined their
  • 01:20:25 repositories and what it does is it says
  • 01:20:29 ok I'm going to check packages here for
  • 01:20:31 updates and it went through
  • 01:20:33 looks like they use archived Linux due
  • 01:20:35 to ITU they check these packages here
  • 01:20:38 and they update the packages and then
  • 01:20:42 once they update the packages they run
  • 01:20:44 this command so basically the and
  • 01:20:46 command is your gonna do something as
  • 01:20:48 well right so first we're gonna update
  • 01:20:51 and then we're going to upgrade so based
  • 01:20:55 on what's in these packages it's gonna
  • 01:20:57 say ok well we know the following
  • 01:21:00 packages were automatically installed
  • 01:21:02 and no longer required so all these
  • 01:21:04 things right here they're gonna be
  • 01:21:06 removed and then the following packages
  • 01:21:10 have been kept back ok they're fine
  • 01:21:12 they're not going to uninstall those and
  • 01:21:15 then we have the following packages that
  • 01:21:17 are gonna be upgraded ok so it's a long
  • 01:21:20 list that needs updating and then you
  • 01:21:22 come in here and you say ok well it
  • 01:21:26 needs 252 megabytes of additional disk
  • 01:21:28 space to continue you could hit enter
  • 01:21:31 for yes and they'll automatically start
  • 01:21:33 upgrading so if you want to update your
  • 01:21:36 machine to its newest and best form you
  • 01:21:39 can go ahead and do that I'm
  • 01:21:41 go ahead and just hit no on this guy
  • 01:21:44 okay and now it's also important to know
  • 01:21:47 how to install files so I'm going to
  • 01:21:50 show you two different ways one way is
  • 01:21:52 through apt-get similar to what we just
  • 01:21:54 did and the other way is going to be
  • 01:21:56 through git itself so let's go ahead and
  • 01:22:00 install git we're going to use apt-get
  • 01:22:02 to install git so it'll look something
  • 01:22:04 like this we'll just say apt-get install
  • 01:22:08 git and we'll hit yes on this and
  • 01:22:13 another way to do this is to add a dash
  • 01:22:16 Y at the end of this so you'd say app –
  • 01:22:19 git install git – y and that'll
  • 01:22:22 automatically say yes if you just want
  • 01:22:24 to accept whatever is coming out for you
  • 01:22:26 you go ahead and just hit YES on that
  • 01:22:28 and it may take a minute for these to
  • 01:22:30 install while this is installing let's
  • 01:22:33 go ahead and talk about what get does so
  • 01:22:37 git works with github so when we talk
  • 01:22:40 about github we're talking about a lot
  • 01:22:43 of people update their projects their
  • 01:22:47 code their frameworks onto github
  • 01:22:49 especially in the penetration testing /
  • 01:22:53 hacking community it's often that you're
  • 01:22:56 gonna find some cool tools that are out
  • 01:22:57 there than are installed on Kali Linux
  • 01:23:00 can't be found through apt-get and you
  • 01:23:03 have to actually download them from
  • 01:23:05 github so it's very important to know
  • 01:23:07 how to use git and it's very very simple
  • 01:23:10 so we're on a page like this
  • 01:23:13 this is Vale framework it's a very
  • 01:23:14 popular tool in penetration testing in
  • 01:23:17 malware analysis as well so say we
  • 01:23:22 wanted to install this well there's a
  • 01:23:23 couple things we could do the first
  • 01:23:26 thing we could do is always read the
  • 01:23:28 directions and see what they recommend
  • 01:23:30 there is a quick install here and if you
  • 01:23:33 look they have a app install veil here
  • 01:23:37 with the – why so that will work or you
  • 01:23:40 can use gits install where you have to
  • 01:23:43 install get first okay and then we do a
  • 01:23:46 git clone and we run the configuration
  • 01:23:49 setup so that's what we're gonna do here
  • 01:23:52 we're going to install veil just for the
  • 01:23:54 fun of it just
  • 01:23:55 you can kind of get used to how to use
  • 01:23:57 github how to use git and go from there
  • 01:24:00 so let's go ahead and just alt-tab back
  • 01:24:03 over it looks like we have it we can
  • 01:24:05 check it by typing git and hitting tab
  • 01:24:07 okay so git is here and we're just going
  • 01:24:12 to hit space we know the command is
  • 01:24:14 clone and while it provides it for us
  • 01:24:17 down here it says hey get cloned copied
  • 01:24:20 this the other place you can do it is
  • 01:24:22 right here where it says clone or
  • 01:24:25 download you just copy this bad boy
  • 01:24:27 right here we'll alt tab back over to
  • 01:24:30 our terminal and just hit paste okay and
  • 01:24:35 this is going to install in the
  • 01:24:37 directory that you choose so I just put
  • 01:24:39 it in this root folder here and actually
  • 01:24:43 our our home folder I should say and
  • 01:24:45 it's installed right here the folder is
  • 01:24:47 Vale right here typically when I install
  • 01:24:51 things I like to put them in the opt
  • 01:24:53 folder so here CD opt but since I went
  • 01:24:56 ahead and downloaded here let's just go
  • 01:24:58 ahead for an example purpose if you do
  • 01:25:00 want to install to opt you're more than
  • 01:25:01 welcome you can move the folder there as
  • 01:25:03 well
  • 01:25:04 so what we're going to do is we're gonna
  • 01:25:06 see the into Vale and then we'll hit LS
  • 01:25:10 now remember there were instructions so
  • 01:25:13 let's go ahead and look at what those
  • 01:25:15 instructions were these instructions
  • 01:25:18 said you're gonna run dot forward slash
  • 01:25:20 config setup that Sh force silence let's
  • 01:25:25 go ahead and just copy this guy we'll
  • 01:25:28 come back in here and we'll hit paste
  • 01:25:30 and it's just going to run out of this
  • 01:25:32 config folder setup that Sh and now it's
  • 01:25:36 installing so we could have easily
  • 01:25:40 installed this with app – git which if
  • 01:25:44 you look look what it's doing it's
  • 01:25:46 actually rolling through the packages
  • 01:25:47 here and it's updating the repositories
  • 01:25:50 right at these packages and then it's
  • 01:25:52 going to go ahead and download what it
  • 01:25:55 needs so it's running apt-get anyway if
  • 01:25:58 you see updating apt it's installing the
  • 01:26:01 dependencies so the easier way the quick
  • 01:26:03 way which you suggested was to do it
  • 01:26:05 through there and it's
  • 01:26:06 right they don't always have the
  • 01:26:09 installed packages in apt-get so that's
  • 01:26:13 why I wanted to show you the github
  • 01:26:15 version of it so you can go ahead and
  • 01:26:17 let this install let's just go ahead and
  • 01:26:19 recap quickly what we just did
  • 01:26:21 so we used we used apt-get update and
  • 01:26:25 upgrade to install updates in our system
  • 01:26:29 we used git clone to be able to download
  • 01:26:33 packages and clone packages off of
  • 01:26:36 github and we used apt-get to be able to
  • 01:26:41 download git itself so that's really it
  • 01:26:44 for this lesson what I do encourage you
  • 01:26:46 to do is go through the man pages of git
  • 01:26:50 and go through the man pages of apt-get
  • 01:26:52 because you're also able to remove
  • 01:26:55 programs update specific programs etc so
  • 01:26:59 this lesson really just wanted to
  • 01:27:01 introduce you to the basics of
  • 01:27:03 downloading an updating for your system
  • 01:27:05 I encourage you to learn how to remove
  • 01:27:08 files as well as a little bit of
  • 01:27:09 homework for yourself so thank you for
  • 01:27:12 joining me and I will catch you over in
  • 01:27:14 the next lesson alright welcome to the
  • 01:27:17 last lesson video so in this video we
  • 01:27:21 are going to be scripting with bash now
  • 01:27:24 this may seem a little overwhelming at
  • 01:27:27 first what we're going to be doing is
  • 01:27:28 building out a ping sweeper script it's
  • 01:27:32 going to be pretty basic and what I want
  • 01:27:35 you to do is maybe just watch this video
  • 01:27:37 once and then the second time through
  • 01:27:40 really try to follow along with it take
  • 01:27:44 notes etc I think first time watched
  • 01:27:47 through you know just to get the
  • 01:27:48 concepts understand what I'm doing and
  • 01:27:50 then the second time really really get
  • 01:27:53 hands-on with it and I think that'll be
  • 01:27:55 probably the best way to learn but if
  • 01:27:57 you have a different learning style
  • 01:27:58 please do go ahead and try that as well
  • 01:28:00 the only thing I could say is don't let
  • 01:28:02 this intimidate you hopefully by the
  • 01:28:04 time the videos over with you will have
  • 01:28:06 a pretty good understanding on a basic
  • 01:28:09 scripting and how scripting can really
  • 01:28:11 be beneficial and improve our timing
  • 01:28:14 improve automation etc so let's go ahead
  • 01:28:17 and quickly talk about some of the
  • 01:28:18 things are going to learn
  • 01:28:19 in this video okay so some of the
  • 01:28:22 commands and items are going to learn
  • 01:28:24 we're going to talk about grep which is
  • 01:28:26 going to allow us to narrow down some
  • 01:28:29 results we're also going to talk about
  • 01:28:31 cut and TR both of those are also going
  • 01:28:35 to help us narrow down some results so
  • 01:28:38 basically we're going to start with a
  • 01:28:39 ping that we're going to send out and
  • 01:28:41 we're going to want to gather
  • 01:28:43 information back that says that ping was
  • 01:28:46 valid so we want to know any computer
  • 01:28:48 that responded to us well how are we
  • 01:28:50 going to do that well we need to
  • 01:28:52 identify what a valid ping looks like
  • 01:28:56 we're going to use grep to to kind of
  • 01:28:58 narrow down a string or a sentence or
  • 01:28:59 something that identifies with a
  • 01:29:01 positive ping and then we're going to
  • 01:29:04 cut out everything we don't want and use
  • 01:29:06 TR as well to cut some things out that
  • 01:29:08 we don't want so we're going to put this
  • 01:29:11 into a script when it's all said and
  • 01:29:13 done and we're also going to be talking
  • 01:29:16 about the usage of for loops and their
  • 01:29:18 importance not only with using them in
  • 01:29:21 this script but how we can use simple
  • 01:29:23 one-liners to do everyday things for us
  • 01:29:27 so I'll show you at the end of the video
  • 01:29:29 how we're going to use like a end map
  • 01:29:32 and use a for loop with n map to run
  • 01:29:35 through an end map script so stay tuned
  • 01:29:38 through the video again if you are a
  • 01:29:41 hands-on learner maybe first time
  • 01:29:44 through you you try hands on but my
  • 01:29:46 recommendation here is to just sit back
  • 01:29:48 watch the video understand what's going
  • 01:29:50 on second time really follow along with
  • 01:29:53 it take notes and get the most that you
  • 01:29:55 can know this lesson so let's go ahead
  • 01:29:58 and get started alright so now we're
  • 01:30:01 going to be covering bash scripting so
  • 01:30:03 the first thing we're going to need to
  • 01:30:05 cover before we get into writing our
  • 01:30:06 scripts is how to narrow down results
  • 01:30:08 and we say narrowing down results what
  • 01:30:12 we're saying is for given a block of
  • 01:30:14 text and we want to extract some
  • 01:30:16 information from that block of text how
  • 01:30:18 are we going to do that so that's what
  • 01:30:20 we're gonna cover in this lesson
  • 01:30:22 okay so let's go ahead and get started
  • 01:30:25 what we're going to be doing today is
  • 01:30:27 narrowing down a ping result so if we
  • 01:30:30 come into here and we need to ping an IP
  • 01:30:33 address within our system so I'm going
  • 01:30:36 to be pinging 192.168.1.1 you're going
  • 01:30:42 to see that it returns a 64 bytes from
  • 01:30:47 that address so it looks like we're
  • 01:30:49 getting a response I'm going to hit
  • 01:30:50 control-c here so if you remember from
  • 01:30:53 the networking section we actually get a
  • 01:30:56 response
  • 01:30:58 unlimited until we cancel it right like
  • 01:31:00 we just controlled see here from ping so
  • 01:31:02 there's another thing that we can do if
  • 01:31:04 we only want to send one packet and see
  • 01:31:06 if it's alive or not we can do a dash C
  • 01:31:09 of one so we're just going to do that so
  • 01:31:12 that's a count of one we're sending one
  • 01:31:14 packet over if we set ten it would send
  • 01:31:16 ten packets over if that makes sense
  • 01:31:18 so now what we're going to do is we're
  • 01:31:20 going to put this into a text file so if
  • 01:31:23 you remember from previous video we just
  • 01:31:25 use this little caret here and I'm going
  • 01:31:27 to call this IP dot text okay and if we
  • 01:31:31 cat IP dot text you'll see the same
  • 01:31:35 results there so now what we're going to
  • 01:31:37 want to do is we're going to want to
  • 01:31:39 narrow this down what do I want to
  • 01:31:41 extract from here well I want to extract
  • 01:31:43 this IP address and it'll make more
  • 01:31:46 sense when we get into the scripting
  • 01:31:47 part but what we're going to do is we're
  • 01:31:49 going to get out specifically of this
  • 01:31:51 this IP address from this line now what
  • 01:31:55 we're interested in actually is a
  • 01:31:57 returned IP address that has a valid
  • 01:32:02 response right so if I were to tech or
  • 01:32:04 if I were to enter in here say 15.99 Dov
  • 01:32:13 what it looks like when it doesn't get a
  • 01:32:15 response back it just kind of lingers
  • 01:32:17 and then we hit ctrl C and it says zero
  • 01:32:21 ping statistics right nothing was was
  • 01:32:23 received back so what we see when we get
  • 01:32:27 a response back as we see 64 bytes when
  • 01:32:31 there's no response back we don't have
  • 01:32:33 any bytes so if we're doing a sweep
  • 01:32:35 through a network which we're going
  • 01:32:36 to be doing later we need to be able to
  • 01:32:38 narrow down these results so if we're
  • 01:32:41 sending say 192.168.1.1 all the way
  • 01:32:46 through to 55 and we want to see who
  • 01:32:49 responds back and then take that list
  • 01:32:51 and narrow it down to the IP addresses
  • 01:32:52 which is exactly we're going to be doing
  • 01:32:54 we need to know how to narrow that down
  • 01:32:58 so what we're going to be narrowing down
  • 01:33:00 on specifically is the 64 bytes so let's
  • 01:33:04 tab up a couple times to this cat IP
  • 01:33:06 address and we're going to do a pipe and
  • 01:33:09 the pipe just means we're going to add
  • 01:33:10 an additional command here so the
  • 01:33:13 additional command we're going to do is
  • 01:33:14 called grep grep is going to grab any
  • 01:33:17 line with what you specify so let's
  • 01:33:19 specify 64 bytes and see what happens
  • 01:33:23 see now if you noticed we had all of
  • 01:33:25 these lines before and now what grep is
  • 01:33:29 doing is grep is taking only the lines
  • 01:33:31 that contains 64 bytes so again a valid
  • 01:33:35 response so we have 64 bytes here and we
  • 01:33:39 have achieved a response so what we're
  • 01:33:43 going to do now is we're going to narrow
  • 01:33:46 this down some more okay we've got this
  • 01:33:48 line here but again we're still trying
  • 01:33:50 to extract this IP address so how can we
  • 01:33:53 do that well there is a tool called cut
  • 01:33:56 so if we tap up again we do another pipe
  • 01:33:59 because they're sending a new command
  • 01:34:01 we're gonna say cut and cut syntax looks
  • 01:34:04 like this and I'll explain it once I
  • 01:34:06 type it out here okay so we have cut and
  • 01:34:11 then this – D that's a delimiter so the
  • 01:34:15 delimiter is what we're going to be
  • 01:34:17 cutting on so we're giving a delimiter
  • 01:34:19 of a space meaning here's a space here's
  • 01:34:24 a space here's a space so we're going to
  • 01:34:26 be cutting on these spaces and then we
  • 01:34:29 give a field we say okay what field we
  • 01:34:32 want to retrieve back from this cut okay
  • 01:34:34 we want field four if you look one two
  • 01:34:38 three four and the fourth field is our
  • 01:34:42 IP address so it's gonna say okay I'm
  • 01:34:44 gonna cut on this space I'm gonna cut on
  • 01:34:46 this space I'm gonna cut on this space
  • 01:34:48 and then I'm going to take it right here
  • 01:34:50 now if we identified Phil five we would
  • 01:34:53 be taking this if we identified Phil
  • 01:34:55 three we'd be taking from so let's go
  • 01:34:58 ahead and just hit enter and see what
  • 01:34:59 that looks like okay so now we are
  • 01:35:03 narrowed down even more but there's an
  • 01:35:06 issue here if we were to try to send
  • 01:35:08 this IP address we would have this
  • 01:35:11 little colon here attached on to it and
  • 01:35:13 you can't ping with that IP address so
  • 01:35:15 we're going to be doing a sweep or
  • 01:35:16 narrowing down this list then we're
  • 01:35:18 gonna actually need to remove this guy
  • 01:35:20 here so let's take a look at how we do
  • 01:35:23 that so if we tab up again and again
  • 01:35:26 we're going to add a pipe now we're
  • 01:35:28 going to use a command called TR and TR
  • 01:35:31 just means translate what we're going to
  • 01:35:33 be doing is another delimiter so – D
  • 01:35:36 there and we're going to be taking out
  • 01:35:38 that colon so it should look something
  • 01:35:40 like this if we hit enter now you can
  • 01:35:43 see that that colon has been removed
  • 01:35:44 okay now let's talk about how we can use
  • 01:35:47 this information to write out a script
  • 01:35:49 we're going to start with a basic script
  • 01:35:51 and we can add upon it as we go so I've
  • 01:35:54 gone ahead and written out a script but
  • 01:35:56 we're going to talk about it very slowly
  • 01:35:58 so you can actually look at it and copy
  • 01:36:00 it down so what we're going to do is go
  • 01:36:03 ahead and say G edit and I call this IP
  • 01:36:06 sweep SH so go ahead and do the same or
  • 01:36:09 something similar and hit enter so let's
  • 01:36:13 take a look at this script so at the
  • 01:36:17 very top here we have to declare what
  • 01:36:19 we're doing so we're going to give a
  • 01:36:20 hash bang and we do this with any
  • 01:36:22 scripting language so if we this or
  • 01:36:24 Python we'd be entering Python here but
  • 01:36:26 this is bash so we're going to be doing
  • 01:36:28 a forward slash bin forward slash bash
  • 01:36:30 that declares that we're running a bash
  • 01:36:32 script and the dot sh also indicates
  • 01:36:35 that were running a bash script so I
  • 01:36:37 want you to ignore this line here in
  • 01:36:40 this line here for now let's talk about
  • 01:36:41 this line this should look very very
  • 01:36:43 familiar so what we're doing in this
  • 01:36:45 line we are saying we're gonna ping with
  • 01:36:49 a count of 1 which we talked about and
  • 01:36:50 then we're gonna do something here we've
  • 01:36:53 got a dollar sign 1 and a dollar sign IP
  • 01:36:55 let's just ignore that for now okay so
  • 01:36:59 we're going to go ahead and do the rest
  • 01:37:01 that should look familiar
  • 01:37:02 we're gonna say we're going to grab 64
  • 01:37:04 by
  • 01:37:04 we're going to cut the delimiter of a
  • 01:37:06 space feel before and then we're going
  • 01:37:09 to do a translate right and take off
  • 01:37:12 that little bit at the end okay I added
  • 01:37:14 an ampersand here at the end so an
  • 01:37:17 ampersand allows us to do threading so
  • 01:37:19 that's exactly why it's in there if we
  • 01:37:21 didn't we'd have to let the process go
  • 01:37:23 one IP at a time and we'll talk about
  • 01:37:25 that in a second as well so let's talk
  • 01:37:28 about this four line so a four loop is
  • 01:37:32 what we're actually running here and the
  • 01:37:34 loop is saying I want to do an IP
  • 01:37:37 address
  • 01:37:37 we're just declaring a variable here you
  • 01:37:39 can call it whatever you want we're
  • 01:37:41 saying hey for this IP in a sequence of
  • 01:37:43 1 through 254 we're gonna do something
  • 01:37:46 and that do is a pain so what this means
  • 01:37:49 is for IP and if we think about it in
  • 01:37:52 sequence 1 thru 254 what it's saying is
  • 01:37:54 1 2 3 4 all the way up to 254 ok so
  • 01:37:59 think about it this way if we say 4 1 in
  • 01:38:02 this ping sweep we're gonna do that
  • 01:38:06 right so we're gonna say 4 1 4 2 4 3 all
  • 01:38:11 the way through 254 that's what this
  • 01:38:13 loop is doing so it's a very very simple
  • 01:38:15 loop now IP is replaced down here at the
  • 01:38:20 very end
  • 01:38:21 now we're also calling out this dollar
  • 01:38:23 sign 1
  • 01:38:24 now this dollar sign one is user input
  • 01:38:27 so we're gonna actually do something
  • 01:38:29 this is called IP sweep right so we're
  • 01:38:33 gonna have to call out this IP sweep
  • 01:38:35 something like this dot SH and then
  • 01:38:38 we're gonna have to give out some
  • 01:38:40 information it's going to request
  • 01:38:42 information if we don't provide it it
  • 01:38:44 won't know how to ping so what we're
  • 01:38:45 gonna do is we're gonna say the first
  • 01:38:47 three octets of our home network so if
  • 01:38:51 yours is 192.168.1 like mine is then you
  • 01:38:56 just enter 192.168.1 now we could also
  • 01:39:01 for simplicity just hard code this so we
  • 01:39:05 can say 192.168.1.2
  • 01:39:10 it would be fine we don't have to build
  • 01:39:13 this in the only reason we're not hard
  • 01:39:15 coding it is because you can do multiple
  • 01:39:18 pink sleeves this can be a pink sleep
  • 01:39:20 script for you in the future if you're
  • 01:39:22 on a different network or you just want
  • 01:39:23 to write something out really quick
  • 01:39:24 dollar sign one works perfect but if you
  • 01:39:28 want to leave it a hard-coded like this
  • 01:39:29 it'll also work so let's go ahead and
  • 01:39:32 just delete this out I'm going to put
  • 01:39:35 this into dollar sign one again
  • 01:39:37 to have a proof of concept and then we
  • 01:39:41 are going to run this so all we do here
  • 01:39:44 at the end is declare done if we didn't
  • 01:39:47 run this with an ampersand here we would
  • 01:39:49 have to add a semicolon similar to this
  • 01:39:52 but because we are having an ampersand
  • 01:39:55 we can actually get rid of that and just
  • 01:39:57 put that back just for some syntax
  • 01:40:00 clarity here okay so let's go ahead and
  • 01:40:02 save this and remember for my lesson
  • 01:40:08 we're going to have to change the mode
  • 01:40:09 of our script because it's not
  • 01:40:11 executable by default so we're going to
  • 01:40:13 do a plus X here and then we're gonna
  • 01:40:15 call out IP sleep Sh
  • 01:40:17 we can LS and make sure it's green
  • 01:40:19 here's IP sleepy Sh and then we'll do a
  • 01:40:23 dot /ip sweep to SH and I'm not going to
  • 01:40:26 enter anything in I just want to show up
  • 01:40:27 with a concept so see it ran through
  • 01:40:29 every single number here in threading
  • 01:40:31 and name or service not know because we
  • 01:40:35 didn't provide an IP address so what we
  • 01:40:37 can do here is we need to provide that
  • 01:40:39 IP address one six eight dot one hit
  • 01:40:42 enter okay and it pulls back some
  • 01:40:45 information so what we can do with this
  • 01:40:48 information let's write this out to a
  • 01:40:50 file so let's just call this IP list dot
  • 01:40:55 text something like this okay it's done
  • 01:40:58 now let's just cat out the IP list text
  • 01:41:02 okay now we have an IP list of the IPS
  • 01:41:06 in our network that we just swept right
  • 01:41:08 and we can use this information later on
  • 01:41:11 but before we go into that I do want to
  • 01:41:13 go back and just improve our script a
  • 01:41:15 very very tiny bit so let's go ahead and
  • 01:41:17 just tab up a couple times so we get to
  • 01:41:20 our G edit
  • 01:41:21 and let me show you how we can improve
  • 01:41:23 this script it doesn't have to be overly
  • 01:41:26 complicated what we can do is we can say
  • 01:41:29 something like this we can come in here
  • 01:41:33 and give an if statement so an if is
  • 01:41:36 conditional right we're going to say if
  • 01:41:37 this exists then do something and if it
  • 01:41:40 doesn't exist do something else so we're
  • 01:41:42 going to say if dollar sign one is equal
  • 01:41:47 to nothing we're just going to give it
  • 01:41:50 blank space here and then we're going to
  • 01:41:54 say then we want to do something so what
  • 01:41:57 are we going to do we can echo out
  • 01:42:00 something similar – you forgot an IP
  • 01:42:05 address and then echo out what you need
  • 01:42:10 to do like syntax dot slash ping sweet
  • 01:42:17 or IP sweet is what we call this IP
  • 01:42:20 sweep that Sh and then IP or we can even
  • 01:42:27 write it out an example right
  • 01:42:29 like something like that so that way our
  • 01:42:32 user if they're using it we wrote this
  • 01:42:34 for somebody else they know what we're
  • 01:42:35 talking about and at the very end we
  • 01:42:38 just need to write if backwards we'll
  • 01:42:40 put a Fi
  • 01:42:41 so what this is saying is if this is not
  • 01:42:44 then echo here right we're gonna echo
  • 01:42:46 these and then we need to add one other
  • 01:42:49 thing here which is it else let's go
  • 01:42:52 ahead and hit enter just to space it out
  • 01:42:53 a little bit so if we have no dollar
  • 01:42:58 sign one declared right if we have
  • 01:42:59 nothing entered in we're gonna say echo
  • 01:43:02 you forgot an IP address and syntax here
  • 01:43:04 if we do have something in dollar sign
  • 01:43:06 one okay well we're gonna do something
  • 01:43:08 else we're gonna do our ping sleep and
  • 01:43:10 that's it
  • 01:43:13 so this is very similar and modified
  • 01:43:16 from Georgia Weidman's that I've got a
  • 01:43:18 long time ago so full credit goes to her
  • 01:43:20 for this little script it was very very
  • 01:43:23 easy to learn and it's also very easy to
  • 01:43:26 teach so let's go ahead and just run
  • 01:43:28 this one more time we're gonna say IP
  • 01:43:30 sweep – Sh
  • 01:43:33 and look what happens now it says you
  • 01:43:35 forgot an IP address now we can declare
  • 01:43:37 a number in there or anything and the
  • 01:43:39 scripts not perfect right we're
  • 01:43:40 expecting three octets and we could give
  • 01:43:43 it a one and it's still gonna do
  • 01:43:46 something like that which isn't correct
  • 01:43:48 right so we need to be able to to modify
  • 01:43:53 this down more but that gets really
  • 01:43:54 advanced scripting into declaring that
  • 01:43:56 needs to be three octets and if you
  • 01:43:57 don't provide those then what and that
  • 01:44:00 just gets more advanced so we really
  • 01:44:02 just need to know
  • 01:44:03 hey what we're doing here very basic
  • 01:44:05 script for ourselves and something to
  • 01:44:07 remember
  • 01:44:08 okay so let's clear our screen last
  • 01:44:11 thing I want to show you so we've been
  • 01:44:13 able to write a script out but we can
  • 01:44:16 also do looping in one line and this is
  • 01:44:19 where it becomes kind of fun so we have
  • 01:44:22 this IP list right we did cat IP list X
  • 01:44:26 now let's say we've got this IP list
  • 01:44:29 together and we want to do an nmap scan
  • 01:44:31 on all of these IPs
  • 01:44:33 now we could just say and map and type
  • 01:44:38 in the syntax you want and the IP
  • 01:44:40 address of it for every single one of
  • 01:44:42 these starting to have and let that
  • 01:44:44 happen or you could do something in a
  • 01:44:46 for loop so we can write the same for
  • 01:44:49 loop that we did before we're going to
  • 01:44:52 say for IP and then we're going to do is
  • 01:44:55 we're going to write a dollar sign and
  • 01:44:56 we're going to cat the IP list dot txt
  • 01:45:01 so all it does is it's bringing out this
  • 01:45:03 list that we have here and it's saying
  • 01:45:05 okay for this IP this IP this IP etc
  • 01:45:07 we're going to run through all of these
  • 01:45:08 that's what the loop does right okay
  • 01:45:11 we're gonna do our semi colon and then
  • 01:45:13 we're going to tell it to do something
  • 01:45:14 right so what do we want to do okay
  • 01:45:17 let's run it in map script so we're
  • 01:45:19 gonna say do and map and we'll ping or
  • 01:45:23 we'll do a port port 80 on all these and
  • 01:45:28 we'll say stealth scan that on port 80
  • 01:45:30 and we'll do t-44a
  • 01:45:33 speed and that should be it so then we
  • 01:45:37 can do done like this and let it run
  • 01:45:41 through one at a time we can also do the
  • 01:45:44 ampersand and let it run multiples like
  • 01:45:46 the
  • 01:45:47 we could hit enter and see what that
  • 01:45:49 does but I also forgot one thing here
  • 01:45:52 forgot to declare the IP address so
  • 01:45:55 let's talk about it real quick so we've
  • 01:45:57 got a very very simple one-liner and
  • 01:45:59 you're gonna see one-liners a lot if you
  • 01:46:01 get into ethical hacking and just allows
  • 01:46:04 us to do things quickly and scripted so
  • 01:46:06 we got four IP address in this list so
  • 01:46:09 every IP in this list we're going to
  • 01:46:11 loop through when we do that loop we're
  • 01:46:13 gonna do and map we're gonna do a quick
  • 01:46:15 stealth scan a port 80 T 4 and we're
  • 01:46:19 gonna say declare the IP address if
  • 01:46:21 you're not comfortable to end map that's
  • 01:46:22 okay this is purely an example and
  • 01:46:24 something you will see in your career I
  • 01:46:26 will make a scripting video at some
  • 01:46:28 point for nmap and we'll cover and map
  • 01:46:30 more in detail so let's go ahead and
  • 01:46:32 just hit enter okay I messed up my
  • 01:46:34 syntax so what's going on okay so for IP
  • 01:46:40 in just got deleted for IP and cat IP
  • 01:46:45 list let's try this one more time okay
  • 01:46:47 so we just did all these scans seven
  • 01:46:52 scans at once and what we did is you see
  • 01:46:55 these are the processes that are
  • 01:46:56 starting so it started up eight
  • 01:46:57 processes actually not seven and it's
  • 01:47:00 just running through this list doing the
  • 01:47:02 scans and we're gonna go ahead and just
  • 01:47:05 kind of look at it so it says okay on
  • 01:47:08 1.74 is 80 open it's open okay and then
  • 01:47:12 on 254 is 80 open its open and then you
  • 01:47:16 see filter down here or it's not running
  • 01:47:18 filtered filtered same thing so we can
  • 01:47:21 hit control C or hit enter if we're done
  • 01:47:23 and that's pretty much it so what we
  • 01:47:26 just did is we ran AMF scans at one time
  • 01:47:29 instead of having to copy and paste
  • 01:47:31 these so there's just a little bit of
  • 01:47:32 what scripting can do it does get more
  • 01:47:35 advanced but to be able to know a
  • 01:47:37 one-line for loop is really really
  • 01:47:40 important if you go into penetration
  • 01:47:42 testing and it's just important in basic
  • 01:47:46 bash scripting as well so that's really
  • 01:47:49 it for this lesson and that's really it
  • 01:47:50 for this course so I hope you really
  • 01:47:52 learned something from this course if
  • 01:47:54 you did find it valuable please do share
  • 01:47:56 it with others please subscribe if you
  • 01:47:59 haven't please do like the video
  • 01:48:00 word of mouth is the best thing for me
  • 01:48:03 it helps me grow my channel and helps me
  • 01:48:05 give content back to you as I get more
  • 01:48:07 feedback and I grow as a channel so I'm
  • 01:48:11 looking to do more courses in the future
  • 01:48:13 and appreciate you taking time with me
  • 01:48:16 if you like this course and you want to
  • 01:48:18 chat with me check the descriptions down
  • 01:48:20 below I've got a disc or channel we've
  • 01:48:23 got quite a few people in there and I've
  • 01:48:25 also got a Twitter if you want to hit me
  • 01:48:26 up there lastly I do have a patreon if
  • 01:48:30 you felt like this course is valuable
  • 01:48:32 and you would like to support me any
  • 01:48:34 dollar amount goes a long way for me
  • 01:48:36 recording equipment recording software
  • 01:48:40 all that's very expensive and the time
  • 01:48:42 spent on this is also very detailed long
  • 01:48:45 hours so if you want to support me or or
  • 01:48:48 anything a like subscribe etc it goes a
  • 01:48:52 long way I appreciate you taking the
  • 01:48:54 time to watch this course and until the
  • 01:48:56 next one thank you so much for joining
  • 01:48:58 me
  • 01:48:58 alright and now some bonus material so
  • 01:49:02 I'm adding in some additional resources
  • 01:49:04 these are for those of you that want to
  • 01:49:08 continue on you've learned the Linux now
  • 01:49:10 and you're like hey I really want to be
  • 01:49:12 a pen tester I think this is for me I'm
  • 01:49:14 gonna provide you a whole lot of
  • 01:49:16 different resources here so take notes
  • 01:49:18 these are some of the best resources I
  • 01:49:21 can think of for those wanting to get
  • 01:49:23 into the field I'll briefly cover each
  • 01:49:25 of them and then leave you at it to do
  • 01:49:28 your own research and hopefully see you
  • 01:49:30 in the field someday as a pen tester so
  • 01:49:33 let's take a look at some of these
  • 01:49:34 resources
  • 01:49:34 okay so first resource is a shameless
  • 01:49:38 self-promotion and I only do this
  • 01:49:40 because I do think that I'm a valuable
  • 01:49:41 resource I'm trying not to be biased
  • 01:49:44 here but I've got some good good stuff
  • 01:49:46 that's completely free if you are
  • 01:49:48 interested in it so if you come to
  • 01:49:50 youtube.com slash see slash the cyber
  • 01:49:53 mentor you can come to my page here and
  • 01:49:55 you can check out all the videos I have
  • 01:49:57 one video is a day in the life of an
  • 01:50:00 ethical hacker so if you want to know
  • 01:50:02 what it's like to be an ethical hacker
  • 01:50:04 if you're still not sure if this is the
  • 01:50:05 field for you this might be a video for
  • 01:50:08 you to view it talks about the day in
  • 01:50:11 and day out stuff that you might do or
  • 01:50:12 kind of assess
  • 01:50:13 work you might be asked to do and what's
  • 01:50:15 really like to be a an ethical hacker on
  • 01:50:19 top of that I've got another video on
  • 01:50:21 cyber career paths about penetration
  • 01:50:24 testing and ethical hacking so if you're
  • 01:50:26 looking to get into the field and you
  • 01:50:27 want to become a pen tester or ethical
  • 01:50:31 hacker and you're not quite sure where
  • 01:50:33 to go this is probably the better video
  • 01:50:35 for you it kind of talks about all the
  • 01:50:37 knowledge that you'll need for a junior
  • 01:50:39 perspective and really the knowledge
  • 01:50:41 that you'll need to be successful in the
  • 01:50:43 field including certifications etc so if
  • 01:50:46 you're watching this video as an
  • 01:50:48 additional resource this would probably
  • 01:50:49 be additional resource part 2 is a good
  • 01:50:54 way to call it this is the one like
  • 01:50:55 really detail on penetration testing and
  • 01:50:57 ethical hacking on top of that over here
  • 01:51:01 I've got playlists so if you come into
  • 01:51:03 the playlist I've got a few courses most
  • 01:51:06 importantly is our zero to hero course
  • 01:51:09 so if we come to the cyber mentor comm
  • 01:51:12 and you go to courses over here and you
  • 01:51:14 go to zero to hero pentesting you can
  • 01:51:18 find more information on the syllabus so
  • 01:51:21 I put it into lesson plan as well here
  • 01:51:23 but there are let's see eleven episodes
  • 01:51:26 we start with Linux kind of like you've
  • 01:51:29 already learned note keeping some
  • 01:51:31 introduction we do Python for two weeks
  • 01:51:33 we do information-gathering ascent recon
  • 01:51:38 scanning enumeration exploitation we do
  • 01:51:42 internal attacks as well so we'll build
  • 01:51:44 out an Active Directory lab and we'll
  • 01:51:47 learn how to do these internal attacks
  • 01:51:49 that aren't really taught in a lot of
  • 01:51:50 courses and then we'll end it with some
  • 01:51:53 file transfers maintaining access etc
  • 01:51:56 report writing as well and career advice
  • 01:51:58 so this is like my complete course it's
  • 01:52:02 called zero to hero to take somebody
  • 01:52:03 from from a complete zero and bring them
  • 01:52:06 into a hero where they can start doing
  • 01:52:07 some pen testing on their own so again
  • 01:52:10 if your interest in that course you can
  • 01:52:11 come to my website and check it out with
  • 01:52:13 the lessons plan you can just click in
  • 01:52:14 the tab and play the video or on my
  • 01:52:17 youtube channel you can click right on
  • 01:52:18 the playlist and play it from there as
  • 01:52:20 well so leaving the shameless
  • 01:52:23 self-promotion let me talk about some
  • 01:52:25 more cheap alternatives hack
  • 01:52:27 is a great great alternative if you're
  • 01:52:29 just getting started so for hack the box
  • 01:52:31 what it is is it's a series of
  • 01:52:35 vulnerable machines so you could think
  • 01:52:38 of it almost like a game so if you want
  • 01:52:40 to do some hacking this is a great place
  • 01:52:42 to just start practicing and learning
  • 01:52:43 the ropes what we can do is like say we
  • 01:52:48 could pick something on the easy side
  • 01:52:49 you want to look for something like
  • 01:52:51 that's more green right on the left
  • 01:52:53 because that shows easy you would pick a
  • 01:52:55 box like this you would scan against it
  • 01:52:57 and you know if you don't know I'm
  • 01:52:58 talking about that's fine but you would
  • 01:52:59 scan against it and try to find
  • 01:53:00 vulnerabilities and hack it so a really
  • 01:53:03 really great website if you have the VIP
  • 01:53:06 they're starting to move it it's in beta
  • 01:53:08 right now but they have 20 boxes that
  • 01:53:09 you can attack on active side and 20 in
  • 01:53:12 the VIP but to the nice thing about the
  • 01:53:14 VIP is they're about to open up all 97
  • 01:53:17 that I've been retired so they retire
  • 01:53:19 one every week and they bring a new one
  • 01:53:21 in so you gain access it's like $13 a
  • 01:53:24 month this is free completely for your
  • 01:53:26 platform if you don't want it but this
  • 01:53:27 is 13 bucks a month for the VIP access
  • 01:53:30 and you can come in here and do some of
  • 01:53:32 these machines that are super duper easy
  • 01:53:34 and if you click into them they'll have
  • 01:53:36 write-ups for them and they'll also have
  • 01:53:38 video walkthroughs for a lot of these
  • 01:53:40 machines so that's a really really great
  • 01:53:42 stuff right if you have no idea what
  • 01:53:44 you're doing this is a great place to
  • 01:53:46 start because these retired boxes are
  • 01:53:48 boxes that have already been done you
  • 01:53:50 can watch how somebody else did them you
  • 01:53:52 can learn their methodology and this is
  • 01:53:55 really good for just getting the basics
  • 01:53:56 down and understanding you know some
  • 01:53:58 basic hacking same thing here with the
  • 01:54:01 virtual hacking labs it's very similar
  • 01:54:03 they've got a labs they've got a course
  • 01:54:05 and they've got different pricing so you
  • 01:54:07 can try these out if you're interested
  • 01:54:09 in them so they are you know just
  • 01:54:13 alternatives to just practice online
  • 01:54:16 then you've got Voland hub as well
  • 01:54:18 you'll have to search through this and
  • 01:54:19 try to find something that's like
  • 01:54:20 beginner level or Google online which
  • 01:54:22 which are realistic boxes or what what
  • 01:54:25 are good boxes on Bolin hub they've all
  • 01:54:27 had basically you just download the
  • 01:54:28 VMware file and you play it on VMware
  • 01:54:31 and you try to attack the the machine so
  • 01:54:34 you download a machine you try to attack
  • 01:54:36 it and these are intentionally
  • 01:54:38 vulnerable machines all of these right
  • 01:54:40 here on these top
  • 01:54:41 so let's say that that's not really
  • 01:54:44 where you want to start you think maybe
  • 01:54:46 you could use a little bit more
  • 01:54:47 hand-holding and you like a
  • 01:54:49 certification to come behind it I'm
  • 01:54:51 going to show you the top three in my
  • 01:54:54 order that I think for pen testing at
  • 01:54:56 least at a beginner to mid to your level
  • 01:54:57 what the top three are so allure and
  • 01:55:00 security gets number one slot in my mind
  • 01:55:02 if you come into here and you go onto
  • 01:55:05 certifications so they've got a couple
  • 01:55:07 different ones the ECP PT or actually
  • 01:55:10 let's go to courses so the penetration
  • 01:55:13 testing student and the penetration
  • 01:55:14 testing professional the student is for
  • 01:55:17 the beginner the professionals a little
  • 01:55:19 bit more advanced it leaves off for the
  • 01:55:20 beginner ends so if we come in the
  • 01:55:23 student you can see some of the things
  • 01:55:24 that you'll learn so they've got you
  • 01:55:27 know it talks about the preliminary
  • 01:55:29 skills that you might need and teaches
  • 01:55:31 you those it's got some programming and
  • 01:55:33 then just the basics of penetration
  • 01:55:35 testing but it gives you an idea what
  • 01:55:37 it's like on top of that this PTP course
  • 01:55:41 they have is like more in depth more
  • 01:55:44 advanced you start getting into assembly
  • 01:55:46 language and buffer overflows you get
  • 01:55:49 into network pen testing some powershell
  • 01:55:52 linux web app Wi-Fi some ruby four
  • 01:55:56 Metasploit so i think this is really
  • 01:55:58 well-rounded really up-to-date the
  • 01:56:00 downside of this course is that it's not
  • 01:56:03 it's not really well known on the HR
  • 01:56:05 side of things so and then the pricing
  • 01:56:08 can get a little expensive on the elite
  • 01:56:10 side right now it's $1,600 the cheapest
  • 01:56:13 is the 1200 I would at least get the
  • 01:56:15 middle tier but as of right now they're
  • 01:56:18 offering that pts and the PTP if you buy
  • 01:56:21 the PTP they give you the pts for free
  • 01:56:24 but that won't be going on much longer
  • 01:56:26 but you can always hold out for deals
  • 01:56:28 like this as well another resource in a
  • 01:56:31 very very well known resource probably
  • 01:56:34 the best certification in terms of being
  • 01:56:36 known is the OS CP so it starts out at
  • 01:56:40 eight hundred bucks as you can see here
  • 01:56:42 you're probably going to spend more
  • 01:56:43 money than that because that's just 30
  • 01:56:44 days so the nice thing about this is it
  • 01:56:47 comes with labs there's a certain amount
  • 01:56:50 of machines in there that you can try to
  • 01:56:51 hack against sort of like a hack the box
  • 01:56:53 but there's an
  • 01:56:55 so you can you notice attack whatever
  • 01:56:57 you feel like and try to navigate your
  • 01:57:00 way through the network and then when
  • 01:57:02 you are done and you want to test for
  • 01:57:04 the certification you have to actually
  • 01:57:07 hack in an environment of misete number
  • 01:57:10 of machines you have to hack against and
  • 01:57:12 you have to be successful in hacking
  • 01:57:15 those machines to get your certification
  • 01:57:16 so it's considered one of the more
  • 01:57:17 difficult certifications out there to
  • 01:57:20 achieve and you'll see it come up a lot
  • 01:57:22 of times in HR or job applications that
  • 01:57:25 they want this osep so this is something
  • 01:57:28 to look into and consider as well the
  • 01:57:31 cost isn't as bad as the elearn but the
  • 01:57:34 con here is that office and security
  • 01:57:36 courses haven't been updated in five or
  • 01:57:39 so years so you really need to you know
  • 01:57:42 it's kind of the the best of both worlds
  • 01:57:44 if you were able to do both but this one
  • 01:57:46 will get you into more doors this one
  • 01:57:47 will get you a little bit more current
  • 01:57:49 but there are plenty of resources out
  • 01:57:51 there all these tabs I've shown you that
  • 01:57:53 you don't have to spend a ton of money
  • 01:57:54 to get this stuff these are more things
  • 01:57:57 that if you want that certification you
  • 01:57:58 want that that coursework that knowledge
  • 01:58:01 these are great resources all three of
  • 01:58:03 these so last is the G pen now the G pen
  • 01:58:06 is just an exam by itself at seventeen
  • 01:58:10 hundred dollars it is by sans right so
  • 01:58:14 this is showing GE IAC you actually have
  • 01:58:16 to take the corresponding sans course
  • 01:58:18 that goes with it and that course is
  • 01:58:22 upwards of $6,000 so unless you can get
  • 01:58:25 a employer to pay for this and
  • 01:58:27 certification probably not the best but
  • 01:58:30 the thing that I like about sans is that
  • 01:58:32 it stays up to date they are constantly
  • 01:58:35 updating their courses and that they
  • 01:58:38 look good on a resume it's one of those
  • 01:58:41 really high tier high level
  • 01:58:42 certifications and the exam from what I
  • 01:58:46 hear is actually pretty good it's not a
  • 01:58:48 practical exam but it's a fairly good
  • 01:58:50 exam and the nice thing I didn't mention
  • 01:58:52 elearn security is also practical so
  • 01:58:54 this OS CP is practical the ealer and
  • 01:58:56 security exams practical you have to
  • 01:58:58 hack your way through to two pass and
  • 01:59:01 write a report as well this one is a
  • 01:59:04 multiple-choice exam I do believe so
  • 01:59:07 these are
  • 01:59:08 three certifications that you can look
  • 01:59:09 into if you're wanting to go down that
  • 01:59:11 route I would start with the pts if you
  • 01:59:13 can it's dirt cheap you know if I have
  • 01:59:17 to make a recommendation just to make
  • 01:59:18 sure that you're you're really
  • 01:59:19 interested in this if you know for sure
  • 01:59:21 and you want to do that pts PGP combo
  • 01:59:25 this might be a good choice here but
  • 01:59:27 other than that I mean the free
  • 01:59:29 resources like I've got my channel
  • 01:59:31 there's a ton of videos the zero two
  • 01:59:33 here of course is like at least twenty
  • 01:59:35 to thirty hours of material hack the Box
  • 01:59:38 you'll spend a lot of time on there's
  • 01:59:40 plenty of write-ups if you just google
  • 01:59:42 like honestly if we go in here and we
  • 01:59:44 say like apocalypse here if you say that
  • 01:59:48 and you google at with write-up you're
  • 01:59:50 gonna find the right up for this or
  • 01:59:52 you'll find a video for this or some
  • 01:59:53 kind of walkthrough right so you just
  • 01:59:56 want to look through these and try to
  • 01:59:57 try it on your own and then go back and
  • 02:00:00 then watch the write-up and see how you
  • 02:00:01 could have improved if you've got
  • 02:00:03 through it or where you can improve an
  • 02:00:06 enumeration or whatever is you need to
  • 02:00:08 to get better to actually succeed the
  • 02:00:10 next time you try attacking these
  • 02:00:11 machines so that is it you have reached
  • 02:00:15 the end of this course and the end of
  • 02:00:17 the bonus material if you need anything
  • 02:00:20 I provided my contact info again in the
  • 02:00:22 beginning you know I'm at the cyber
  • 02:00:25 mentor on Twitter you can reach me on
  • 02:00:27 youtube as well and I really do thank
  • 02:00:31 you for joining me I look forward to
  • 02:00:33 seeing many of you take the next step
  • 02:00:36 from this Linux if you made it this far
  • 02:00:37 you've already gotten through the
  • 02:00:38 beginner Linux and that's awesome I hope
  • 02:00:40 you take this next step and that you are
  • 02:00:42 intrigued by penetration testing because
  • 02:00:45 we need more people in the field so I
  • 02:00:47 look forward to seeing you guys and
  • 02:00:49 girls come through and hopefully I'll
  • 02:00:52 work with some of you someday so until
  • 02:00:54 next time my name is Heath Adams and I
  • 02:00:57 thank you for joining me