1:43
2025-08-01 09:20:57
3:21:34
2025-08-01 09:23:06
3:24:40
2025-08-01 13:02:23
52:46
2025-08-02 09:03:25
4:52:32
2025-08-02 09:56:41
Visit the Kali Linux Intermediate course recordings page
WEBVTT
-->
Can you see it now same thing? Okay, well, you know what?
-->
I don't know what happened to our oh
-->
I I know what's happening
-->
the software is showing the desktop specifically and
-->
I don't seem to can't I can't show you what I want to show you. That's great. It's okay
-->
All right, let me just minimize let's keep going you you almost stop sharing and you continue to share your screen
-->
because i want to see i want to finish you through and get you through everything else and hopefully
-->
you are learning how to create your profiles go ahead and show that one note again i can show the
-->
one note but i don't know what happened to my whole entire desktop i mean i i got the one note right
-->
here there it is you see this yeah you do okay probably have to connect again maybe i don't know
-->
probably have to connect again it probably timed out because we are uh we were on lunch well i was
-->
away i wasn't even on lunch so i probably want to click on connecting yeah um well you click on
-->
connect yep there we go uh-huh and go ahead and allow it okay so let's go where all the steps you
-->
you had before that's what i mean they're gone as soon as he left they all went away
-->
get out of here unless my clipboard is down here no mine's gone too
-->
because let's do it again real quick come on let's say we can do it again real quick that's what we
-->
have no choice but it's gonna all right it'll work out i'll show you you can um i want this
-->
time when we do it i want you to see my screen so we'll do it together so you can probably
-->
minimize your screen and we'll split screens and show it together you know what i mean
-->
now go back to that screen you were on the desktop uh what is it like at the bottom corner you gotta
-->
So my Zoom is on top.
-->
Documentation, users, Wesley, FPS.
-->
How do you use that?
-->
Go back to the, it's whatever it is, it's on the desktop.
-->
There's nowhere else.
-->
Go back to the desktop.
-->
I'm trying.
-->
It's right straight up next to Zoom.
-->
There you go.
-->
So now there's something in there that needs to be minimized so you can see my screen simultaneously
-->
Users Roger Wesley Donna
-->
Documentation
-->
Maybe just stop that maybe it's the green the green arrow to the left. Maybe it's pointing to the right
-->
I'm here if you guys need any help right. How do we get to share both screens now?
-->
okay you are on your current desktop anna uh if you just press escape escape he said that earlier
-->
i did i hit it click it okay that's okay did you i see okay go back to cali linux
-->
intermediate tab the one beside the desktop yeah go to the training room
-->
training all right painting room we're all learning here thank you roger so roger check
-->
this out everything that we typed before is gone uh wait wait wait wait wait that donna
-->
at the top you see the the terminal the number two can you click on that number two uh terminal
-->
at the top of your screen the little black box different desktop so on your screen on the on the
-->
right side right right next to firefox to the right of that is the the little terminal and
-->
the number i don't have an interactive screen anymore oh i did try to click on that okay go
-->
back to the kali desktop the other tab yeah yes sir i just i just clicked interactive oh
-->
no no that's a different go back to one and i see the terminal as there's two terminals there
-->
far right right i'm a far right just before that's left go to the right other right right
-->
there right there click on the first one or actually could have been the one that said pen
-->
testing there you go you have two terminals open so let me close one yes close the first one
-->
all right back to the shadows thanks sir thank you okay now let's go back to that that one note
-->
okay let me move you to the bigger screen because i can't see that
-->
all right let me bring over my one note so we can bang this out
-->
and let's do one of these there we go there we go okay so now we were exploitation we were doing
-->
that then we were going to numerate into the machine and we're going to do so we did ipa and
-->
map now i know why i was where i was so let me pull that back up again that's crazy and this one
-->
right here okay okay almost there we did i know what it is but i just want to find it first
-->
then we did search exploit yeah that was a good feature so go ahead and where it says enumeration
-->
exploitation type search exploit base capital p ro capital ftpd all capital letters pd space capital
-->
d space 1.3.3 c right there there are alternatives to all this stuff so it's just gonna come up in
-->
time go to lessons learned press enter um you know what copy and paste enumeration and exploration
-->
exploitation and put it here seriously yeah you you could have copied the whole thing i could have
-->
typed it by now oh my god let's just type it put it slash exploitation and where it says exploitation
-->
i want you to just type that to um um research no take that out type research
-->
research here yeah the whole thing oh the whole thing out highlight the word exploitation and
-->
then type over that's the fastest way okay now in the commands box right there you're going to type
-->
msf console right here um m the letter m is a michael sf console
-->
um so press enter now i want you to hit the tab key good now type in um search space
-->
pro ftpd 1.3.3 c again because you're doing that within MSF console that's why we indented it same
-->
thing you typed above capital letters and everything enter right and then you're going to type use space
-->
zero enter type options enter set set space our host space was it 10.0.3.16
-->
and press enter show space payloads enter set space payload space number four take that s off
-->
for payloads because we want a one payload no no no put that s back on payloads which one
-->
the one you get payloads here show payloads with an s okay right that way you get to see all of
-->
them and then you're going to set one payload which is number four press enter then type in
-->
options. Press enter. Then we're going to set the L host. And the L host was your personal IP address,
-->
which was 10.0.3.15. Press enter. Then we're going to run it. Are you in a little case letter
-->
run, but run. Okay. Now we're going to press the tab key again. Type who am I? Once it shows you
-->
that your route you're in so now don't do it don't do it uh uh press press enter yes press enter
-->
type cd space forward slash root cd space what forward slash root okay
-->
Okay. Now, that's it. Take that C out. Then backspace up. Backspace. There you go. Put the T back. Now, where it says find my IP. Screenshots. Click in that box. Right there. Now, I want you to, where is the, just click minimize, click minimize right there. Fantastic.
-->
Now, on the left side, oh, there it is. Now, we see that. We got the screen we want. Now,
-->
go back to the one note at the bottom. Click the N at the bottom. That's how you're going to get
-->
back and forth, okay? Click on insert top left next to home. Now, go all the way to the right
-->
to the three dots. Click screen clipping. Fantastic. Now, see where it says IPA and above it says
-->
basically i need you to highlight from the top left to the bottom right corner uh-oh you did
-->
something else yeah let's go what am i clicking screen clipping okay see now it lights my screen
-->
up that's good that's good okay okay highlight from ipa all the way down to the bottom right
-->
start at the top left use your mouse so i'm on the left side because i can't see it you don't
-->
have a mouse is well it's no i don't have a mouse but the thing is my screen's blanked out so i'm
-->
i'm on the left hand side right scroll down a little bit more a little bit more go go go up go
-->
up a little bit more go to the left okay go to the right just turn it on the edge on the inside got it
-->
oh okay go to click on the three dots again top right screen clipping go to that same spot
-->
go above that um maybe it's the program okay wait i'm gonna do the same thing
-->
okay screen clipping we're going back here you should be able to highlight that left click and
-->
drag the whole thing it pulls this back up but i see so that's that's that's something with the
-->
desktop i guess was having so let's do this click on print screen do you have print screen on your
-->
computer i don't have a printer but i have control p um try control p how's that okay right click that
-->
copy it i don't like it but go to your one note paste it it's the photo where's the photo just
-->
probably the one in the middle see that's not the photo so type control z okay good let's let's go
-->
back just go back there's more back to the dots yeah just no no no no no no uh no left click on
-->
that um left click that on unhighlight that it's crazy left left click left click left
-->
can you bring my food i did if you there you go now you did now i see it now i need you to find the
-->
prt str button on your computer usually at the top right someplace print screen yes hit it
-->
now highlight that whole caption okay you printed it but it didn't it didn't get the whole thing
-->
go to your one note so i want you to get above that so you can get there you go go you don't
-->
need that extra space so don't let it go when you do it i want you to get it clean
-->
it's above that's just the one below it hey right here can you give me something to drink
-->
thank you that's my granddaughter she's getting she's bringing me food
-->
yay all right right screen oh come on okay there you go that's what it does by the way
-->
there you go okay keep going to the right you got stuck yeah don't miss anything yeah
-->
there you go let it go now what now let it go and then go to your one note but i'm on the blank
-->
screen um hold on it looks like it didn't capture let me see right click and paste there you go
-->
thank god yay right let's keep going okay now go to the far right and make that wider
-->
far right go back to the one note drag it to the right there you go no no not that one
-->
bring that control z now grab that line outside of that line outside of what not that one the one
-->
outside of it that's the inside line grab the outside line that that that right there yeah
-->
there you go that's fine that's what i was looking for keep going more yeah doesn't go any
-->
on okay that's fine fine at least we had that now click on the screenshot you did
-->
now grab the bottom right corner with the left click and make it smaller
-->
it's smaller go ahead and grab it again no not that not that middle not the middle
-->
the right one you want to keep the dimensions on purpose grab the right one bottom right
-->
same button make it smaller there you go there you go keep going keep going keep going
-->
Stop right there. Now, make that wider. Go to the outside. No, no, no, no. No, no, not that one. Go. Yeah. The line outside of there's only one. But there's only one line. I'm telling you.
-->
no i see it just that's okay make it wider yeah good now make capitalize that l and learned
-->
good highlight that whole top header of just lesson learned yeah the lesson learned go to
-->
the left all the way to the left all of the the tops all the way all the way just the header
-->
not that extra stuff okay you you highlighted extra stuff the august first so just highlight
-->
project two lessons learned how do i undo it okay uh-huh there you go type control b good now type
-->
uh go to home the home tab at the top left next to insert
-->
yes and then go to next you see the star on the right when you see the star go to the one left of
-->
it just go over one two three four five six go to the one left of it that's right go to the one left
-->
go to the one left of it yes that the one left go left go left go left go left right there click
-->
that drop down hit center there you go there you go all right making it pretty now go to um pseudo
-->
net discovery click in the screenshots box make sure you click in the box if you don't click on
-->
the box you're gonna have issues go back to the one note it's very specific click in okay find
-->
target ip screenshots find target ip now let's try this one more time go to insert there's no
-->
reason why this shouldn't be working click on the three dots on the top right click screen clipping
-->
And now I need you.
-->
Wait, wait, wait, wait.
-->
Where is the.
-->
It's above.
-->
Okay, left click.
-->
Just left click.
-->
See how it's highlighted?
-->
We got to get remove the highlights.
-->
Remove that.
-->
Good.
-->
Now, the pseudo ARP scan is the one on the top left.
-->
Do you remember?
-->
Where it says currently scanning all the way down to unknown vendor.
-->
No, that's not it.
-->
The top left.
-->
Like above that.
-->
Left.
-->
You were there just above the one above. Yeah, I mean, I just don't see it because it's so tiny
-->
I don't so do a control shift plus plus plus and make it bigger
-->
Yes, it's the one above it go up not there go to the right there terminal above it
-->
Right there. That's the ARP scan stuff right now. Don't do anything
-->
Stay there click on the one note now three dot screen clipping
-->
highlight that section yes yes you're doing it you're doing it keep going the whole thing
-->
let it go see how that works voila that's so easy yes now see what it says screen clipping
-->
taken on a date yeah you can keep it or not that's up to you but i just say highlight it and take it
-->
out highlight the empty space and everything on up oh god press delete yeah press there's
-->
now press press backspace press backspace to get good now go above it to the screenshots
-->
above that picture put the cursor above that press backspace yes you're getting it
-->
right we're trying to make it perfect trying to make it clean i want you to look good so far from
-->
perfect when it comes from this i hate this stuff so this is fantastic i understand yes i understand
-->
now yeah i need you to click on the image for net discover so click on the image i know but
-->
what box is it going in no i want you to click on the image for net discover click on the image
-->
which is which is above that see above that click the image yes now use the right arrow and press
-->
right no no press the arrow on the keyboard press that no you you clicked off click on the image
-->
again yes use the right arrow and press it one time to the right to the right press okay got it
-->
now hold on let's see here okay we've got a click on it click on the image again
-->
click on image image image right there right here um press enter okay good now hit the down arrow
-->
hit it down hit the down arrow again okay it's not doing it oh i know what above the image click
-->
there okay we're going to do it the opposite way we're going to fix it go to insert and the three
-->
dots screen clipping uh-oh wait we don't have our arp scan so click it again just left click it
-->
just left click it on our go back to the terminal scroll all the way to the top where you got that
-->
arc scan now that's the left side i need you to be on the right terminal
-->
and scroll yeah that's the right scroll all the way to the top because we did our art scan on this
-->
side no stop doing that because you're doing stuff in the bottom go to the bottom right corner
-->
and grab the scroll bar and go to the top mm-hmm i got it let me just okay now i'm highlighting
-->
this scan mm-hmm you're going back to one the art come on now screen clipping oh put the um
-->
yeah screen clipping the three dots screen clipping now you're going to highlight the art
-->
scan in the output and highlight everything that's fun yeah but make sure you grab it on the left so
-->
you can get everything because underneath that you're gonna be cutting stuff off you don't want
-->
to cut anything off there you go there you go get everything underneath underneath go to the go to
-->
the left some you go no you're going too far you're going too far go up go up go up go to
-->
get everything go down to the right a little bit dude oh it's going too far go to don't go past
-->
student look at the scans look at the command go to the right right there right yes let it go got
-->
i just let it go getting the dialogue so i get it i got it i understand now what now
-->
backspace all that other stuff you don't need just press the back just there you go
-->
leave a space in between the two images now copy that first image
-->
that i'm sorry click on the second image click second image right click cut good above that first
-->
image click above that one no stay in the same box we're talking about i'm like yes control v
-->
control v to paste there you go now we cleaned it up now underneath that take that space out
-->
no type ctrl z underneath the second image backspace there you go got it now click inside the
-->
box go back to one note or the terminal like inside what box this one the watch the box you're
-->
already in now click on the end for window now let's find the ping that you did which is right
-->
there on the left oh the ping is on the left you see the ping command and the ip you type
-->
yeah okay so now we need the command and the output and i don't see all that
-->
so left click one time go go back to the command now scroll don't don't do anything uh i didn't
-->
touch it believe me this is what it does scroll down a little bit at the top trying
-->
because we want to see the whole pain command to verify remember you have to prove what you've done
-->
i know but i don't have 45 screens when i'm doing it so i get it i don't know how to
-->
i don't know how it's not moving it is just not moving i know what you want but it's not moving
-->
so okay so hold on click it left look um we're gonna overcome we don't yeah just grab that
-->
grab that bar and go down this doesn't move no click that bar in the middle and make it blue
-->
go to the right bar in the middle you have two terminals go to the middle bar
-->
a little scroll bar in the middle i don't see a middle bar it's all this down here
-->
no no no they'll go to the one in the top right top right so let's pause you have a left and a
-->
right terminal right and they're stacked on top of each other with no divisionary lines
-->
i see the line i'm looking right at it close that you want to put your arrow on it and show me
-->
i was trying to figure out where my arrow was too um um which one is the arrow because i can get
-->
there if i know like uh i mean i know what i'm supposed to do it's just that i it's not moving
-->
and so all this garbage is just stuck together and um it doesn't move look i just tried to move
-->
it this is the scroll bar i know what a scroll bar can you use two fingers and scroll up and
-->
down on it if you have touch screen no because it's microsoft it sucks
-->
well there's the ping right there another thing you could do is just hover over that scroll bar
-->
use your left hand to press the track pad down and use your right hand
-->
to use the and scroll with the right hand can you show me how to move this terminal up
-->
because my screen is just not like i have it it i have three terminals going it seems like
-->
then that's three window panes yeah um three window panes and um the one on top the one
-->
on the top left is stuck to help you out a bit uh press f11 11. well that didn't work uh on the
-->
left side of this uh browser window you see that little green bar with the dots and arrows
-->
it's about the middle of the page but on the left side like this right here no no no the browser
-->
window so further left you should see a little green box there around the middle of the page
-->
to the left the key moves into the left where's the arrow in the zoom yeah click that
-->
the side control bar okay and you see the one that looks like a maximize window it's the middle
-->
button so now you have full this is full screen now you should be able to click into there yeah
-->
Okay, so hover over that scroll bar again, and make sure that it's...
-->
That's fine.
-->
Yeah, just hover over it.
-->
Yeah.
-->
Use your left hand to press down on the trackpad.
-->
You're currently in a mode that will split it around.
-->
You've got to get over that little tiny bar.
-->
When it highlights blue, you're doing well.
-->
You just got to go to the right a little bit.
-->
I just saw it, blue.
-->
It's a sweet spot.
-->
a little bit frustrating i guess yeah and if it's not an active window it just highlights like a
-->
lighter white i don't see the color change at all right here i'm hovering left hand
-->
left hand here's my right yeah and push down pushing and then use your right hand to scroll
-->
the blue but that's the top of the page i've been at the top of the page dr west no scroll down
-->
that is the top of the page no no no no okay now i'm scrolling down there must be a delay
-->
scroll down until you see the scroll down until you see the ping command and the output
-->
look at your commands on the left you see ping 10.0 it's all right there
-->
here it is right good that's good enough right there that's good now click on your one note
-->
but no it's gone this ship oh
-->
okay escape okay go back to that green box
-->
green box you mean my screen share box or no the clipboard on the side
-->
and then click the middle button again yes oh voila got it i know where we're going with this
-->
fantastic now screenshot it yeah i hope to there you go before you're outside the
-->
good now backspace that screen clipping yeah and let's get the f-ping one to put another one
-->
below it right you would have done well if you would have kept that space you could have put
-->
it underneath it yes below it yeah do i need to you need to i can just i can just paste it uh
-->
we'll see no there's nothing you don't have anything highlighted there's no f ping showing
-->
so um go back to the um go back to the terminal i didn't mean screen clipping
-->
left click stay there go back to the terminal now click on now scroll down until you see f
-->
ping type and the output of it being alive and i'm on the left hand side right right underneath
-->
pink you're in the same space you just were in you type f ping underneath make sure you go down
-->
i just saw it you you okay oh i keep keep going down just make sure you see f ping i'll let you
-->
there it is right now go to the one note okay now somehow some way you got to get underneath
-->
that paint okay so let me help you triple left click right there stop don't highlight anything
-->
just go one two three on top of the word screen clipping one two three okay no no put it on top
-->
of the word screen and click left top left left left one one two three press delete thank you
-->
how do i undo that ctrl z z there good so now on the right side of that press enter right side of
-->
that stream ping click there press down go get that f ping and put it underneath it cut that
-->
right click and cut it put it underneath it fantastic now i'm just gotta get a space between
-->
make a space click the one above it and press enter um or space or right click out of it um
-->
okay let's do it together let's let's put you back where you were at the top
-->
above that above that image the top press delete press delete that's done all right now click on
-->
the um press the right arrow press enter okay um okay next time we do it let's try to keep a space
-->
a line in between even every image it's cleaner that way i don't want you to be like where is it
-->
i want you to be able to find it we'll fix that but because i'm not sure whether hit the up arrow
-->
Hit the up arrow again.
-->
Oh, what'd you do?
-->
No, no, no, no, no.
-->
Undo.
-->
Control Z.
-->
Don't do anything extra because I want to make sure we're on the same page.
-->
Hit the up arrow.
-->
Okay, now, what'd you do?
-->
I keep seeing stuff in and out.
-->
Hit the up arrow.
-->
Stay in one place.
-->
Hit the up arrow.
-->
Okay.
-->
Don't do anything.
-->
Hit the down arrow.
-->
Down arrow.
-->
Press space.
-->
Space.
-->
That didn't do anything, huh?
-->
press enter oh you did something else never mind let's forget about it that's a bigger image
-->
click the bigger image press the right arrow is it i know right i had to do that before too
-->
what happens if you hit enter yeah hit enter
-->
the white bars go away okay yeah we got to fix that later we'll we just did it i don't know
-->
that one's a hit the left arrow oh hit the smaller image hit the left arrow it's crazy right
-->
okay how about if we just delete it and do it again i mean that's that's one way
-->
do a do a cut don't delete it leave it no no no no don't don't go back you just you did
-->
something good go back to the go back go back there press enter press enter enter now press
-->
control v control v done yeah thank you we don't let computers beat us okay donna
-->
we always win fantastic good job now click on vulnerability underneath it click on the section
-->
good go to um the one note click one note at the bottom so the terminal opens up again
-->
now we need to look for your first nmap scan and it should be i think on the left side
-->
you may have to scroll down on the top left you went too far look at your very first look for
-->
your very first one your very first one was just nmap space ip address after the f ping good now
-->
make sure you go down and get the entire
-->
thing. You got... No, no, no. Go back.
-->
You can jump too fast. It slipped. It wasn't
-->
me. It wasn't me, but it was.
-->
Make sure you see the entire thing.
-->
Okay. You're going
-->
too far now. You went like three more commands, I think.
-->
So in map...
-->
There it is. Fantastic. Now you can go to
-->
OneNote and screen with it. I get it.
-->
Believe me.
-->
It just takes forever
-->
and a day. Only
-->
because you're new to it.
-->
It's just...
-->
Because I fly through this thing so fast, you go like this.
-->
Yeah, you know, it's just another thing to learn.
-->
That's it.
-->
That's it.
-->
Now, make sure you get all of the commands.
-->
It looks like you copied that one twice.
-->
You only need one.
-->
Yeah.
-->
Remember, I'm trying to teach you something.
-->
When you triple left click, that whole line lines up.
-->
You press backspace or delete, and it's done.
-->
Press enter so you can keep a space in between for future images.
-->
No, I did triple backspace. I did two. I did three clicks in the backspace. There must be
-->
You you you did
-->
Control there you go. Okay now and that's there. No, no, no, no, no, no, no, no, no, no, no. Press
-->
enter
-->
There must be a delay
-->
So we i'm gonna have to speak
-->
I just pressed enter there's something but no you did that's where we want to be
-->
now go to one note and click the image icon at the bottom now go back to the terminal
-->
do i want to click screenshot no no you want to click the one note icon at the bottom which
-->
takes you back to terminal find the second command find the second command you want the
-->
second nmap command that's what you want i want it yes i want the second nmap command
-->
I feel like I'm looking at it. Isn't this it? No, it's at the top
-->
Scroll down to the second command
-->
There it is. I want just there you go. See how you see it
-->
Now at the bottom move that down
-->
No, don't rid of it yet. That's good. I know but that way I can actually see what I'm doing
-->
Okay, now this is the exact reason why we do this at the same time
-->
and that's why we're going to need multiple screens at some point otherwise i'll pull it back up
-->
okay scroll down to your um second in maps command and it starts right there with the
-->
attack capital a scroll down a little bit more to get it clean you want to get it clean
-->
right there okay yes now go to your one note okay put the image you got it where you need to be
-->
insert screen clipping highlight that entire thing right now do your best to not cut off
-->
basic pen testing anymore see at the very top you okay i retake it no no no no i'm just letting you
-->
know now triple left click the word screen clipping taken in the date triple left click
-->
don't highlight it just go one two three that okay now you did some more but but i just when i'm saying
-->
i'm saying now go to the one above it triple left click screen clipping three it takes a while for
-->
it to click up yes i see something's going on three now what that must that looks like two
-->
no no no don't do anything extra we're going to get this we're going oh one no no no no no no no
-->
it didn't work it didn't work it did work because you did it before you did it before
-->
we're going to remember remember press delete remember we don't let the computer beat us
-->
now backspace until you go right back up make it clean yay backspace again right there
-->
okay uh go down to the third command now put the cursor where it needs to be good now um go back to
-->
click on the one note the bottom right corner you have to get it in place before you click screen
-->
clipping there you go go ahead to the one right underneath it yes don't highlight anything just
-->
go back to the one note now screen clipping highlight everything
-->
don't miss a thing keep going down go back up there you go go up you don't need that bottom portion
-->
okay one two three delete good just take out a little extra spacing and you're good
-->
go to the one above it and take out that one space there you go now go back down to the bottom
-->
underneath that image press enter you're where you need to be get the last screenshot you see
-->
the command that you got to get there you go yep that's the command we got to find
-->
you were just there too it looked like i see the the bpn max cat the cat command
-->
is that the one i want yes right here but i gotta move up there you go just scroll down
-->
ever so slowly until you get there that's up go down yes go up a little bit
-->
that's that's not it there right there oh go above that because that's the cat don't have any room
-->
just go up a little right oh okay oh we don't need the cat go above that
-->
we want the command that you type the nmap scan command okay just scroll down a little bit
-->
keep going you passed it but i tell you what this is what we're going to do scroll all the
-->
it down to the bottom oh man i gotta find it now is that is that not it that is not it stop stop stop
-->
stop but it's after that so i want you to remember we did everything in an order you did everything
-->
in an order look at the command before you move i want you to look before you do i'm looking okay
-->
there it is right there do you see it it's on the left i'm looking right there i know but it's like
-->
just go complete so it's um underneath it what is underneath what ah there it is i got it i have
-->
the answer so scroll down just put that in map thing to the top and i'll i'll tell you exactly
-->
what you did scroll down don't highlight we don't highlight your thing okay hold on hold on right
-->
there stop you just had it get the in map thing at the top of the screen and you'll be good
-->
i got it so then do this let's do this it just keeps flipping and as soon as i move it i'm going
-->
to try to help you i have options to show you on the left side press ctrl shift plus plus plus let's
-->
make it bigger control shift plus plus plus plus plus okay now make that thing wider move that
-->
centerpiece to the right yes let's give us some real estate so we can see now i'm looking for
-->
that in map scan that command scroll up until you find it just you gotta go to the right a little
-->
bit there you go click on that yeah yeah go slow till you get there right there stop right here
-->
hold on yes now go to one note now you're gonna highlight scroll down you gotta scroll down get
-->
the spot first right there good now now three dots now screen clipping now i want you to
-->
highlight from the end map scan all the way down to the cat scan scan to the cat scan to the end
-->
of the cat highlight that you got to do the screen clipping first because it's not doing anything
-->
all the way down to go up go up a little bit you're getting that blue let it go good now uh erase
-->
delete that there you go one more again do it again okay um go uh scroll up a little bit and
-->
go to that second section where the commands were back into the end section where the commands were
-->
yeah go back into the the end map section now after bbp end map scan text press enter
-->
and type cat cat cat you got a backspace so you can bring your numbers back space
-->
bp in map scan dot txt the only thing is see your first one you see if um your first command
-->
doesn't have a number one by it so go up top and put one period one period space one period
-->
space. There you go. Fixed. Now, if you study those images line by line, you'll see exactly what
-->
you did. Do you see that? I'm going to give you some more. Go back up. Something didn't look clear
-->
to me. I want to make sure it's clear to you forever. Okay. Right back up. Now, I want you
-->
to grab that line between the nmap scans and the images and make it a little wider so that you can
-->
see all the commands on one line grab that line between the nmap scan and the images correct that
-->
let's straight up and down vertical line the table line make the second column wider go back go back
-->
up don't go anywhere make the second column right there wipe me down there you go keep going keep
-->
going yeah keep going until the whole line is on one line keep going there you go now go to the
-->
left now and bring it to the edge of text bring that same line back to the left bring that same
-->
line back to the left yes just don't um there you go right there a little bit more that's good
-->
that's good but see you see how easier that is to read that's important to me and i think that's
-->
important to you i'll go down to the next section all right now find the search boy outcome hit first
-->
go back did we do that we did it on the right see it on the right right over there
-->
it's at the bottom on the right let me make this bigger so i can see oh my god
-->
there you go you don't copy remember just go to i'm not trying to i'm not trying to
-->
go to one note at the bottom
-->
good hold on left left left make sure you're on top of the the words and not to the left of the
-->
words. It won't work that way. There you go. Now, right-click that image, that search
-->
point image. Click search point. And cut it. Because it doesn't belong there. It belongs
-->
in the column, the row underneath it. Paste it. Control V. Or do that. Clean up your spacing
-->
above it undo undo that control thing okay click on that image and just delete it okay good okay go
-->
to the left and let's see what the next column is in the next row rather msf console we're getting
-->
near the end yay okay go back to the terminal when you get that chance all right we did msf console
-->
on the right make sure you catch it from the beginning where it says msf console
-->
you cannot move this thing underneath search boy you went too far so maybe there go up a little
-->
bit it'll be at the very beginning msf console with the msf6 and there you go right there right there
-->
copy that entire thing notice how the commands are in blue so that's going to be hopefully helpful
-->
to you so you can copy that whole thing starting here i mean i see this you want this blue image
-->
copy click on that left click real quick because you got to get you got to get rid of some stuff
-->
go back to the terminal just click on the one note at the bottom now my pictures our pictures
-->
our videos are in the way you need to move them pictures to the left here it is i got it there
-->
you go now go back you always start with the command okay i understand that fantastic
-->
you just can't maneuver quickly at all go slow well you just did it what happened yeah but it
-->
just popped up again i can't help it oh okay going in make sure you left click and not right click
-->
that'll do something too go to the left you don't need that extra stuff on the right
-->
you don't need that there you go let it go okay stop staying on the edge and get in the middle
-->
of those sentence now left click there you go delete it won't work if you stay on the left edge
-->
okay now keep you know don't don't um what's happening here scroll down i see something wrong
-->
there you go now click on the image and just cut it right click cut it put it down at the bottom
-->
put it where it needs to be i'm gonna need to teach you your shortcuts because they're
-->
much faster control v to paste it okay now look at your look at your list over there
-->
your bullets on the left the next command is what use zero yeah go find it after your next
-->
command is search um pro f whatever next command is what my next command is oh okay yes click on
-->
the one note image icon at the bottom it takes you back and forth like that on one note uh-oh trying
-->
to get back to the terminal oh yeah you close the terminal somehow that's all there it is there you
-->
go there we go click there it goes as long as it's blue fantastic there it is msf search see it
-->
right there yeah now you could possibly get almost so i see the search command and then you got the
-->
use zero see if you can capture both of those at the same time away too wide too wide on the right
-->
can i fix it this way yeah right click it go to crop uh-oh
-->
uh actually i don't see props no i don't see crop um
-->
um yeah so you might have to redo it just redo it just delete click on the image press delete
-->
wait click on the three dots screen clipping okay just get the search void just get the search
-->
void yeah we keep everything clean there you go now input the uh u0 scroll down though when you
-->
get there you can get rid of that little little image click it press delete remember click in the
-->
middle of the sentence not on the edges one two three delete two three delete and you may have
-->
to talk it one two three delete yeah two three delete fantastic let's go get the use command
-->
let's get it let's get her get her done
-->
okay hold on i don't see everything do you i did go back and scroll down a little bit more there you
-->
go there we go keep going okay that was perfect what you just did right that right there good good
-->
good good get all that you want um in fact that's u0 that's export so just get the u0 portion
-->
which is about halfway through the page i mean you gotta do it again that's all now you see how
-->
you can't see u0 i will let that go you can't see okay okay i haven't left it out can i go up
-->
because it's no i can't come up to the top oh but i have it like off so i can start over right
-->
no not because you you're checking the spot right on it versus above it click above it
-->
yeah you click right on it let it go again don't don't even try just delete it off highlight all
-->
that and delete it fast okay we got you zero right we got you zero happening we got you zero
-->
so next one is you got u0 you have options look at your image you got going nowhere
-->
let's see what way okay let's set the our holes right you got options there too
-->
right there set our host show payloads right there good you can get all that in one scoop
-->
all the way down the options again you're starting to get the hang of it yay you get everything
-->
Oh, you're working on it.
-->
Okay.
-->
You're starting to get it.
-->
There's nothing to get.
-->
It's copy and pasting.
-->
You know?
-->
You're learning how to copy and paste.
-->
You're showing people's work.
-->
I certainly am.
-->
This is what every pen tester hates.
-->
It's just that I'm used to OneDrive.
-->
It's just we use something totally different.
-->
Mm-hmm.
-->
So it's just, you know, working out the kinks.
-->
I won't lie to you.
-->
If I can show you about five more different editors
-->
and you'll be stressed out.
-->
So I'm on our host now to payloads.
-->
Now I lost my screen.
-->
Let me see if I can find it.
-->
There we go.
-->
There you go.
-->
All right.
-->
So now we're kind of lost.
-->
Okay, hold on.
-->
Hold on, hold on.
-->
Go back.
-->
Let me see, and then I'll tell you where you should be.
-->
Your last command was set payload for an option.
-->
exploit okay your last commands was set payload for in options yeah so now you
-->
got to go to set the L host so scroll back down get the cursor where it needs
-->
to be put it inside there set payload for right good now go now click on the
-->
the one note the bottom right corner again takes you right back to the
-->
terminal let's scroll hold on right there there you are now i have to go back then go back three
-->
dots screen clipping get her done oh you got a lot of extra stuff in there okay and then let it go
-->
go back to your window or the command prompt scroll all the way down to the bottom get everything
-->
oh you did because it said closed see the sessions closed yes guess what you finished
-->
hallelujah okay now but now this okay wait this one's stuck okay i can't move on notebook
-->
um close it and open it right back up again minimize it or close it actually close it
-->
i heard you say close it you want it completely shut down um won't i lose all my
-->
it stays automatically it should save automatically so close it let's reopen it
-->
find it just by there it is hopefully it'll be blank trust me yeah yeah i'm going to untitled
-->
now click on basic pen test scroll down to the bottom yeah look how pretty that is and you
-->
wanted me to send you mine it's pretty dr west it's beautiful and you did the work
-->
um donna i i i hate to say this but i don't give anybody my notes
-->
i always politely have them do it so they can get that muscle memory
-->
you learned a lot through everything that you did well and everything that you didn't do well
-->
at the first time yes and you know how to overcome it patience and um a little bit of skill here and
-->
there now your lessons learned you got a whole column over there by the way you
-->
see what says this PC notebook name yes go back there put Donna Abbey's Donna
-->
Abbey's cybersecurity portfolio save it share it again what happened just share
-->
it again i don't have share now say what happened to it probably have to go find zoom and then click
-->
on share okay did i lose you i'm still here just don't see you uh sharing the screen yet
-->
i did what happened i don't know i don't see it at all i don't see uh i see there i'm resharing
-->
there you go it's coming up now it's coming up okay so now um okay let's fill in the gaps
-->
you ready i don't know where my cali screen went but yes i'm back to notebook okay now you see the
-->
word objective underneath project looks crazy right so let's fix that and all the words underneath it
-->
two go to the right keep going just until it's right there good perfect let it go okay now um
-->
the command section scroll down in the command section let me see if there's a really long command
-->
there's one there was okay good go back up that's all i need to see scroll back up all the way to
-->
the top okay the word analysis let's make that one word and first is analysis and then i ask
-->
Uh-uh. Scroll back up. Scroll back up.
-->
I don't know where you... I don't know what you're talking about.
-->
So analysis.
-->
Do you see the word analysis?
-->
Oh, way over. You're back to the header.
-->
Yeah, make the header.
-->
Okay, the header.
-->
Make the header make sense.
-->
Yes, sir. I'm here.
-->
Okay.
-->
Okay. Fantastic.
-->
Now, scroll to the left.
-->
Left.
-->
Left.
-->
Here it is.
-->
okay um written permission i want you now objective is first written permission is second
-->
now go to the right okay objective is first written permission you know what it's gonna
-->
be better go back to the left after the word objective put a colon space to learn basic
-->
pen testing and you don't have you can write it like a regular sentence command to learn basic
-->
pen testing commands and planning techniques oh i'm sorry commands comma planning techniques
-->
comma and metasport written permission colon enter one period all right what are the things that we
-->
discuss that you need to know are you asking me yes what are the things that we discuss that i need
-->
to know how about all of them too ambiguous trick question how about um are you talking about when i
-->
go into asking the computer for permissions no i'm talking about if you're talking to if you're
-->
talking if you're doing a pen test in the real world what are the things you need to have what
-->
are the things you need to know if you don't know okay i need a great computer i need some software
-->
and i need to know the ip addresses of the network and i need to know the commands to get there
-->
so what do we call all that stuff that's so just write this down there i mean it's like i know what
-->
the answer is probably i just don't know what you want to hear i don't know what you're go where
-->
you're going so so let me help you we're going to write this out write down rules of engagement
-->
enter okay right click engagement and you can fix it real quick
-->
Okay. Number two is going to be scope of work. Non-disclosure agreement. Well, when you found
-->
out a non-disclosure, do you have it written out by an attorney? Do you have, like, how does your
-->
non-disclosures look in the pen testing world? Yes. Along with your professional liability
-->
insurance, I'm sure you have to have disclosures that are pretty thorough. All right. Do you use
-->
chat gpt you'd use the am right show me your chat gpt i have answers i have answers to it show me
-->
the screen all right i'm here see she pops right up it's beautiful okay i don't see it though can i
-->
see it yeah oh it's on a different computer that means you won't be able to copy and paste it
-->
so um let me share my screen just gotta stop sharing your screen so i can share my screen
-->
Stop sharing gay. Yeah, I'm sharing my screen
-->
All right, here we go
-->
All right, so here we go. Mm-hmm. Look at this right here. I don't see you
-->
You don't see my screen at all
-->
No, there's some you still don't see it. I'm like sharing moving the mouse and everything
-->
Okay, you know
-->
back to zoom yeah yes you see this right here i see what your question was create your list
-->
and input this inside of your um in that section tell me when you're ready i want to show you
-->
something else okay yes sir i'm ready okay i want to show you this i want to put it in the chat for
-->
you. These are some examples of pen test reports. Have you ever seen these before? Okay. The pen test
-->
reports usually are written in a particular fashion where they have a table of contents with
-->
an executive summary, an introduction methodology scope, recommended further tests, threat modeling,
-->
rating methodology. It's really tiny. Is that a little bit better?
-->
Yes. See what I'm saying?
-->
So now I'm going to come back to chat. See how it's broken down?
-->
Yes, sir. You need this
-->
because I need you to know how to write a pen test report.
-->
Look at this right here. Did you see the prompt that I wrote?
-->
And then you can public reports. This will
-->
help you so that when you have to write a pen test report yourself, oh, you have to write a pen test
-->
report on this stuff. You have something to go by. I have confidence in you and faith in you.
-->
You'll do well. The thing is, I need to show you something else. Okay. You move this over here.
-->
the thing is i want you to practice that pen test as much as possible till you get it
-->
and you have all the question yes dr west yes that's so wonderful that i have these commands
-->
now and i know how to actually execute one yay how would you go about using nmaps to
-->
figure out the ip addresses all around you like can you just do a general scan of your environment
-->
you follow those commands you know that this stuff is not fake what we're doing this is all real
-->
so to answer your question look at this right here yeah i'm gonna crack open my power shell
-->
right this is on my host network right now i think i have nmap installed on my computer
-->
let me see ip config right and then my ip address is i guess yes that's how you pull up your ip on
-->
your operating system yes ip config yes my is running that that that is a very real commitment
-->
everything we did was not real it's not a game you have to figure it out but look at this right here
-->
what would you like to do right now remember now you don't want to end map scan somebody else's
-->
stuff in the real world because that's how you would end up wearing an orange jumpsuit
-->
right because i don't have permission written permission not verbal written in writing sanction
-->
right but let's just say but what we can legally do is we can actually pen test into our home
-->
networks to see what's vulnerable and then we can close it so um look at this right here
-->
What is the equivalent of a sudo arp-scan-l on my Windows computer?
-->
Do you understand the question?
-->
Yes.
-->
Press enter.
-->
Arp scan is arpa or get neighbor.
-->
I remember that.
-->
Pingsuite, install nmap.
-->
So I come back here and I do in ARP-A.
-->
Man, I can see all the computers on my network.
-->
The MAC addresses, all this stuff right here.
-->
173-0800, right?
-->
That must be a work computer.
-->
That's one of my virtual machine computers.
-->
Gotcha.
-->
So on the virtual machine, and this is a little bit of a process.
-->
let's just say let's see uh clear right i um i do my pseudo arp dash scan it shows me everything
-->
on my network i have quite a few things on my network because in my virtual machine here
-->
like and this is what i do with my business i teach people pen testing i teach them
-->
how to install sims and sock and incident response i teach them how to do networking
-->
even advanced networking where they can actually install stuff on their home networks
-->
and isolating uh networks um a lot of different flavors we work in security onion all that stuff
-->
windows administration i'm teaching windows as a matter of fact next week
-->
um teaching people how to do active directory and server stuff i have alien vault i have my
-->
home what can the parent do the parent can do everything see it here yeah i got it right there
-->
i also i also have thank you i have a mini eight sock which is this is a red blue team
-->
i teach so this this this attack windows 11 this attack computer can attack whatever it wants to
-->
this computer is a target this server is a target this ubuntu i like how you do that
-->
this make your own target yeah the ubuntu is a sock the pf sensor is a firewall
-->
and i'm trying i'm this machine is attacking these machines um this is what i was trying
-->
show you earlier now we can see some stuff um uh here this is my cyber security portfolio
-->
see here yes sir this is a snapshot of my life things i've done in my career
-->
there's my ai image look at that handsome guy i love that photo well thank you very
-->
down for there dr west hey i did not make it a friend of mine made it for me and i was mad at her
-->
But then I was like, that guy almost looks like me.
-->
You did a good job.
-->
I thought it was nice.
-->
So at the end of the day, what I'm trying to have you do is create all these things so that you can show off to the world what you know how to do.
-->
Right?
-->
The notes you're taking, you're going to be able to show them all the different projects you've done.
-->
I do a lot of things.
-->
See?
-->
Basic pen testing, installing stuff.
-->
you do a lot of things too you already app on um on um chat gpt so there are a suite of tools
-->
for you to do that all fall on this list you just need to understand why you're doing them
-->
why you're doing this stuff sorry to someone announce hey manish i just wanted to check in
-->
that everything is going as expected so um only donna can answer that question
-->
where we had a good day we're um yes we're having a good time and that's top held up wonderfully so
-->
thank you wonderful i was just checking in and making sure so it was great he was a godsend when
-->
we needed him just to be like you know lurking in the silence so thank you thank you very much
-->
no no no it is i will uh i will exit now but yeah you have you are in the right hand thank you so
-->
much bye-bye so so check this out um um do you know how to create hidden documents and be a bad
-->
person um no but i mean well we have done a little bit of um hidden files and linux and
-->
Can find them and I've been looking for my DLL because I have several DLL files. So I did money tag
-->
hidden for Windows and just trying to pull them up, but
-->
Yeah, so that's definitely a Windows thing
-->
But um, I want you to look at this list
-->
We have and I'm gonna put it in the chat. All right, here we go
-->
go too many characters hold on how many i'm gonna take out some words so this thing will fit
-->
and let me go all the way up to i want to show you how to get this stuff
-->
okay take a look at that list right there okay hold on i'm gonna give you a second part
-->
because between today and tomorrow i need to make sure that we get through everything or most
-->
of the stuff on this list we went through and by the way um i don't think we went through but
-->
in kali linux when i click on the dragon you will see all applications you'll see usual applications
-->
such as the reconnaissance commands the resource and development commands initial access all the
-->
way down to service and other tools, forensics, privilege escalation, et cetera. The best
-->
way to learn these commands is to do vulnerable hubs and to actually build walkthroughs yourself
-->
of you doing them and completing some projects and tasks. Let me give you an example. A
-->
student a student asked me a question they said doc do you know what a phishing attack is and my
-->
answer to the question was yeah so now we're looking at each other with an awkward look
-->
and they're like well can you explain it i said i can but you can also google it just as fast
-->
if you really want to know what a phishing attack is this is what i told the student
-->
you have two hours go ahead and build one here's the example i built this fishing attack
-->
i had them build a fishing attack i just guided them through and then we tested it and who are
-->
these people you're teaching dr west is this the marines they're like who gets to pick i mean who
-->
gets to learn that the fishing attacks is that a university what kids are these what students
-->
uh all the above literally including law enforcement intelligence community military
-->
because um nobaprov found me because i own a business and this is what i do i teach people
-->
hands-on cyber and i have a group of them a bunch of interns and everything um you should probably
-->
um if you want to learn more about me um poke around here on my linkedin well i um i know
-->
enough about you to know that you're the guy i want to learn from so thank you well thank you
-->
um the thing i appreciate that like um the thing is though the i try to add context to the content
-->
if that makes sense because organizations are dynamic if they ask you to do a penetration test
-->
You need to know those rules of engagement. You need to understand why you're doing it. When does it need to be done by? How much money is it going to be? What kind of stresses do you have to account for?
-->
um students look for step-by-step stuff and that's not the real world as a sizzle and a sock
-->
um i'm not going to have any steps for you to do incident response per se i'm expecting you to come
-->
in with some experience so this whole thing here is about being able to think your way through the
-->
problem so in your one note and now i'd like for you to share your screen because i want to recap
-->
this really quickly so you can write down these lessons go ahead and share your screen hopefully
-->
this will make sense what we do show me your one note can you see me i see you and i see i'm looking
-->
for that one note okay um highlight the word objective and bold it go back to the left because
-->
i don't see anything in the more it's on a project you mean we're back to this highlight that just
-->
click it once or twice bold do the same thing with written permission i want you to continue to add
-->
to that list because i want you to know what needs to happen now you've you understand the
-->
objective you understand the written permissions you have all the rules of engagement everything
-->
else is signed you're good to go you can start the pen test the first thing you're going to do and i
-->
want you to explain to me this nothing else explain this to me like you're doing it by yourself
-->
you ready i'm ready well um okay so i would go to my vm and um i would uh pull up kelly lennox
-->
and i would type in the commands that i learned but i would have to have a target
-->
so i would need a target and i would need written permission from the target i would need a scope
-->
of engagement i would have to do my disclosures and then to blow it up okay so we'll go from there
-->
we've gotten through all of that um you have your ip address okay you can start the pen test
-->
donna what are you going to do i'm i'm just someone on your team teach me how to do what
-->
i taught you oh well that's probably not going to happen today no it can't that's why i'm here
-->
i want to help each of these commands but i mean it's like i can't like talk without the notes
-->
yeah no read your notes that's what they i want you to go off the notes
-->
tell me what you did tell me what i should do you have it all written
-->
yeah so i'm gonna find the ip address by uh plugging it in ip address and um
-->
Um, so hold on, hold on, hold on, plug it into where a socket. We're going to plug it in.
-->
I'm going to put it. I'm going to plug it into the Cali command line. Okay. Hold on. Let's do this.
-->
This will be even better. I don't want to see your stuff. Go ahead and stop sharing.
-->
Stop sharing your whole screen. Keep your one note open. All right. Stop sharing your whole
-->
screen. Keep your one note open. Stop sharing. Okay. Fantastic. I'm going to share my screen.
-->
right right now i need you to be able to see your notes but i also need you to be able to see my
-->
screen you understand just put your notes on put your notes on one half and watch me type
-->
we are going to do this thing successful all right it is now 256 let me see what you can show me
-->
i showed you how to do basic pen testing today we've i understand objective i understand the
-->
written permission, rules of engagement, the scope. I got that. Now, I know the first thing
-->
you said I need to do is what? What do I type? Your IP address, the IP address that you're
-->
targeting. So now, hold on. You're talking to a real client and you're speaking generic,
-->
but you need to speak to me with specifics. I'm going to be typing. If I typed in what you said,
-->
i type the ip address you're gonna type ip and then the network address ip and then the network
-->
address or one zero point zero point three point one six i'm sorry be specific because i'm already
-->
doing most and i have more questions than i don't know what to do yet tell me what to type
-->
specifically i thought i would tell you the type ip and the address which is 1.0.0.1
-->
the network address i already said it uh-uh look at your look at your i got you i got you this is
-->
good look at your one note literally tell me the screenshot or the bullet what's the first command
-->
i'm supposed to type ipa like that we look for at the address going too fast going too fast you're
-->
not looking at what i'm doing i just i'm playing i can't go back and forth ah make it half the screen
-->
shrink it up you need to do adapt and overcome because you're talking to the client now
-->
and i'm okay so i will get there but will you tell me how to split my screen so i can do this
-->
with you just shrink your window and put it on one half of the screen um just size it i did size it
-->
but it's not that simple without this garbage on here so here here's my here's my let me shrink
-->
it and i'll just i'll do it like okay i'm with you can you see mine i cannot see yours yes i'm
-->
gonna minimize okay i'm gonna do this it's about like the size of you know i mean i need a microscope
-->
but no no no hold on hold on i'm gonna do this i can't see anything can you see can you see what
-->
i'm doing now i can see that you've typed ipa no i'm just making the screen work see how that works
-->
I don't know what you're talking about.
-->
Yeah.
-->
That's what I'm doing.
-->
But I have my notes blocking your screen, Doc.
-->
That's what I'm trying to say.
-->
If you want my notes there.
-->
I didn't split my screen.
-->
I just put them on the screen.
-->
So let's just keep going because this stuff, I mean, we only got an hour.
-->
So let's go.
-->
I'm with you.
-->
I have my notes, and I will read them to you if you want me to.
-->
But I also want you to see my screen because you're the, you're trained.
-->
I'm the client.
-->
I'm looking at it.
-->
Okay.
-->
So now, I also want you to be extremely specific and look at the outputs.
-->
So now, I don't know anything about this thing.
-->
That's the scenario.
-->
I need to do what you did by your notes.
-->
Go ahead and tell me what to do.
-->
Enter in small case, an I, a P, a space, and an A.
-->
Okay.
-->
so then your your next line make a note of the ip address that we're using i entered the i the p
-->
the space and the a what do i do now enter enter okay my ip address is which one the one under
-->
ETH 0
-->
ETH 0
-->
So is this one here
-->
Well that's
-->
Alright hang on I gotta go back
-->
Tell me again
-->
So yours is right here
-->
Right here
-->
So that's my IP address of what machine
-->
Of your machine
-->
Of the
-->
Of your
-->
Machine
-->
Which is my attack machine my Cali machine
-->
Is that what you mean
-->
Yeah, I guess. I don't know.
-->
Yes, it is. This is the attack machine, the Kali Linux machine.
-->
IP address is the same as ipconfig or even this is the old command, ifconfig.
-->
That's what we use in class, ifconfig.
-->
Right. Now, in the real world, we use any and everything.
-->
So I'm going to need you to learn more than one thing.
-->
I understand.
-->
I have config also is old school.
-->
Look at how white it is.
-->
You know, it's black and white.
-->
Whereas the IPA shows the color schema, which everyone seems to like.
-->
Yeah.
-->
Okay, I understand.
-->
I did the IP space A, which is short for what?
-->
Do you know?
-->
The A, I did know.
-->
How do I find it if I don't know?
-->
I don't know.
-->
I thought it was man something.
-->
but i was doing the ip scan right ipa man
-->
now take a look man for manual ip space a i'm trying to find out what ipa means
-->
so i type man ipa and it shows me this information here and an ipa is short for
-->
ip address which is written on your notes yeah so if you look at your notes you'll be able to see
-->
this right we have to find our ip address before we can attack a machine a target machine
-->
okay so that's what we did we found the ip address in linux with ipa or ip address
-->
now what's your next command on your window the next command is to do the pseudo so small case
-->
oh hold it that's not right so the next command is to do is great it's not filled out i just get
-->
you keep telling me that's the last command i type that's why it shows up i don't understand
-->
what you said okay so that don't worry about what you see there that's grayed out that's not
-->
that's the last command i typed so ignore that just tell me the command to type dash scan space
-->
then what enter okay talk to me with confidence you're gonna get it that's what i'm looking for
-->
i want you to tell me what to do okay something's wrong i don't see what i'm looking for right
-->
Can you tell me why I can't see what I'm looking for?
-->
Or what should I be looking for, rather?
-->
Were we supposed to enter a basic Kent testing with the IP number?
-->
So we are looking for the IP address.
-->
What do I need to do so that I can see that?
-->
A network scan.
-->
Okay.
-->
A discovery ping.
-->
How about this?
-->
When you first start this thing, you have to run a particular software first, right?
-->
Called VBOX.
-->
Right, VirtualBox.
-->
Start me off.
-->
What do I do?
-->
Boot up your VirtualBox.
-->
So, okay, here's my VirtualBox, one thing at a time, right?
-->
Because I'm an ignorant client and I don't know.
-->
Okay, now what do I do?
-->
You power up your VM.
-->
Okay.
-->
By hitting start.
-->
I'm powering up, okay?
-->
Close your mouse and your keyboard.
-->
Okay.
-->
It's coming open.
-->
We are doing this whole pen test thing.
-->
So I have to open my virtual box, make sure that VM is started,
-->
and then I have to find my IP address of my Kali Linux machine.
-->
Okay, I understand why I have to do all that, right?
-->
Because I know that this stuff is repeatable for almost every pen test,
-->
so i have to talk it through and get it right i'm i'm knocking on your door
-->
this thing says marlin spike let me minimize that minimize that
-->
okay i got my ip address of my my uh attack machine i'm now looking for the i i'm looking
-->
to see if i can connect to the um target machine so we got a ping so can but before i can ping i
-->
have to find the ip address of the target machine right true how do i find that look at your one
-->
note and just read it and go line by line you know so it's like a ping in the in the
-->
ip address or what did we do before the ping and the ip address i don't know which block that we're
-->
on because we've only covered two start at the top what's the very first command that i told you
-->
to do ip space a and after that underneath that it was ip adder ip address and then the second
-->
section underneath that what section is that is the um i don't have the i don't have the command
-->
it's uh just the ip addresses of the network do you have pseudo net discover in there anywhere
-->
well that's like way down no i don't okay then show me your document maybe we're missing something
-->
can you see it not yet i don't know how to show you there it is on my side um share screen click
-->
on share there you go it's coming open come on okay scroll to the top let me see this thing
-->
we're missing something and go to the left so i can see there you go right there that's what
-->
you're supposed to be reading so don't have to discover okay i want to stop sharing and i want
-->
to share my screen you're going to read from that and look at the images you understand and then the
-->
um as far as the scope goes that's what we need to do and you just probably have to make a little
-->
a lot smaller too whenever you can what am i doing okay um stop sharing so i can share my screen
-->
stop sharing okay somehow some way um i understand it's just that i was reading off the
-->
never mind i was reading off the screenshots and i didn't give the suit on that discover
-->
right but yeah it was a network scan i said we needed a network scan but i didn't see the command
-->
because my screen was so big we need to type in in small case the letters s udo space net net
-->
n-e-t discover one word enter and what does this do again this will show you all the things
-->
connected to the ip address ah okay oh wow i've got this address right here and i'm gonna
-->
right-click it, and split the terminal left and right.
-->
And you just said, if I type sudo arc-scan,
-->
it'll do the same thing.
-->
And much faster, too.
-->
Thank you.
-->
See that right there?
-->
Yes.
-->
I remember you told me earlier that this MAC address was somewhere, right?
-->
Where do I find that MAC address?
-->
Right there.
-->
Mm-mm.
-->
Where do I find that MAC address?
-->
on the network and the net card and how do i get to that through the back door
-->
i don't know ping it when i click on here and i go to settings go to network network
-->
there is the mac address that's how i know that this ip address is correct
-->
you may need to write that down someplace right so you're matching the ip address to the mac address
-->
to verify that it's the same number through the network caption on your vm right i'm matching this
-->
mac address to that network settings mac address and that's how i know the ip address because my
-->
IP address could be totally different from yours, especially if I change some other settings,
-->
which I have to show you after this. Okay. All right. How do I stop this? Because it's still
-->
running. Okay. Okay. Thank you very much. I appreciate that. Now, what do I do? I found
-->
the IP address. Now what? Found the IP address and I'll ping it to see if it's active. How do I
-->
ping it? I don't do this computer stuff. You type in the word P-I-N-G lowercase space and then the IP
-->
address one zero point zero point three point one six enter and it'll keep pinging how do i stop it
-->
q or ctrl c q didn't work ctrl c worked all right is there any other option i can do escape or exit
-->
maybe uh-uh i pinged it i stopped it is there any other way to ping this thing you can ask
-->
ping it how do i do that you type in lower case f p i n g space the same address one zero point
-->
zero point three point one six enter okay so i'm gonna hit the up arrow press the letter control a
-->
and control and then f and then press enter and it says it's alive is that good yes oh okay
-->
all right now um okay so that means i've verified connectivity between ping and fping
-->
and then fping is just the more advanced uh version of ping and it doesn't count forever
-->
okay i understand the difference now what do i do now you're gonna uh use nmap so you're going to
-->
go back to the command prompt line and type in lower case n m a p space and the same ip address
-->
one zero point zero point three point one six and enter okay oh what is that telling me there's a
-->
whole lot of stuff here i don't know what that means it's going to show you the open ports on
-->
that network okay what does this mean starting in map 7.95 that is the latest version of that oh
-->
okay that's the version thanks for explaining that to me and this says the scan report but
-->
there's no latency and it says 997 ports why is that well those are the ones that are closed
-->
so it's scanning the total ports on the network in this case it was a thousand ports 997 were closed
-->
three are showing open fantastic okay so it's actually the first used 1000 ports which could be
-->
any numbers in between okay okay so then from there then i have this mac address okay and i
-->
got this ip okay so i did the nmap scan uh i see these three ports are open so what's my what do
-->
i do next so next you want to type in on your command prompt line lowercase nmap the ip address
-->
That's 10.0.3.16, space, dash, capital A.
-->
Okay.
-->
And enter.
-->
Okay.
-->
What does that dash A mean?
-->
That dash A means that the question.
-->
So I remember you told me something earlier about going to this whole NMAP cheat sheet.
-->
is the list of the list okay i'm gonna type control f tack capital a right following your
-->
instructions right and close this the dash capital to a enter enter oh here it is right here let's
-->
move this over close that all this stuff in a way the dash capital A means enables OS detection
-->
version deception script scanning scanning and tracer route okay I got it that's what it does
-->
because what I noticed is when I did this it gave a lot more information than this first scan so this
-->
dash capital a is a keeper and i see much more information about these different ports it even
-->
gave them a service and the version the service and the version i got a whole bunch of stuff open
-->
oh man it says an apache ubuntu server is open that doesn't sound good okay so what do i do next
-->
so next you want to keep going with this and do another command with nmaps which is a small case
-->
nmap space the ip address 10.0.3.16 space dash capital a space dash p dash or tack i should
-->
start saying tack then why am i doing this i'm doing it but why what is the tack p deck let
-->
me search for it on this cheat sheet you gave me i'm searching i'm searching too hey
-->
Okay, so the TAC-B-TAC causes me to scan all ports.
-->
Yes.
-->
How many ports are there?
-->
65,535.
-->
Okay.
-->
I thought it was 36 because they count zero.
-->
Unless you're on chat, yes.
-->
Okay, just saying.
-->
You're right.
-->
All right, we're learning together, right?
-->
Okay, so I did this, and I scanned all the ports.
-->
i didn't see anything different i still see three ports open should i do next well next you're gonna
-->
want to uh use nmap so back to your prompt line and lowercase nmap space the ip address
-->
one zero point zero point three point one six space tack capital a space tack p
-->
pack space greater than sign and then bp and map scan dot txt all lower case okay enter
-->
Sure. Why am I doing that? Well, because that's going to give you the MAC addresses
-->
and that's going to give you more information. Actually, so when I have this, I already got
-->
the more information, this greater than sign, doesn't that mean like to append the data inside
-->
of a text file yeah because we created that text file and uh now what do i do how do i check it
-->
you're going to use the cat command lowercase with the bp and map scan dot txt file
-->
okay how do i check it are there any other commands to check and see what i have in this
-->
this directory uh ls list it list it oh i see it right there now i can use that cat command right
-->
now you can use the cat command oh so all it did was show me that i took all that information and
-->
put it inside of a file just in case i want to look at it later okay i got it now what do i do
-->
You do something totally different, and you're going to search sploic, all lowercase one word, in your command prompt line.
-->
Before I do that, I'm just curious.
-->
It says port 21 is open, which is FTP.
-->
Port 22 is open, which is SSH.
-->
Port 80, is there a way to access port 80?
-->
Go through the HTTP, the right-click on these properties to look at the page.
-->
Hold on.
-->
I go to HTTP.
-->
How do I get that?
-->
Well, you want to check that port.
-->
So you're just going to open Firefox and plug in the IP address.
-->
okay so 10.0.3.16 and oh i got this you know what we should probably copy this and put it in our
-->
notes too just create a new row right underneath the inmap scan what do you think yeah that way we
-->
won't forget it no i think we should do that since we didn't do that the first time so now that i've
-->
done that now what's that thing you said search for it yeah now we're doing search flight and why
-->
am i doing this again what am i doing you are hang on let me get to the command you are trying to
-->
penetrate that ftp file okay well what am i searching for this for oh you're searching for um
-->
It's P-R-O.
-->
I got it.
-->
I typed it.
-->
Capital P, capital T.
-->
I mean, capital F, capital T, capital P, capital D, space, 1.3.3.3, lower C.
-->
Okay.
-->
I typed that.
-->
Now what?
-->
Enter.
-->
Okay.
-->
Oh.
-->
going to show you that exploit title and you know what medical exploit has to say about it
-->
in the sense that it is a good target or not okay i see that i'm looking at some stuff right here
-->
this is really interesting the first one says compromise the second one says back door
-->
not really sure what all that means yet but i see some stuff um shell codes no results so now
-->
what do I do? Well, now you're going to get back on your console. Okay. And you're going to do
-->
the MSF console, C-O-N-S-O-L-E. Okay. MSF console. I'm typing that in on the right.
-->
And what does that mean? Where am I going? What am I doing? Oh, it says metasploit.com.
-->
that's your shell
-->
2,529 exploits
-->
1302 auxiliary
-->
1431 post
-->
1669 payload
-->
wow this thing looks like a
-->
non-evasion
-->
this is like the hacking kingdom
-->
what do I do now
-->
well you're going to search the
-->
exploit title
-->
from the screenshot above
-->
which is capital P-R-O
-->
capital F-T
-->
pd space 1.3.3 small c okay i just typed in pro ftpd 1.3.c do i press enter or do i have to type
-->
something else press enter press enter okay says unknown what do i do now well what's your
-->
screenshot and your paperwork say i'm looking at it that's a good question it uh i mean so
-->
So I just, so, I mean, we have to look at the matching modules and we have to get to zero.
-->
Well, right now I see.
-->
Command is zero.
-->
Can you see my screen?
-->
Well, I'm looking at my notes, so no.
-->
So minimize that and look at what I type.
-->
Okay.
-->
So now I'm looking at your screen and.
-->
You said I have to search for ProLabs EPD 1.3.C.
-->
I wrote that.
-->
Use zero.
-->
So, capital U-S-E, or U-S-E.
-->
But I got this whole error.
-->
I can't move forward until I fix this error.
-->
Yeah, I see that.
-->
What does your image say?
-->
Let me see it.
-->
Let me look.
-->
Well, you were supposed to write search.
-->
I did search.
-->
Write where?
-->
Search where?
-->
FTPD.
-->
So, let's start over.
-->
You have to go to the command and apply and type in search, all in lowercase.
-->
Oh, I did it.
-->
Okay.
-->
you can't you can't see my screen yes i can now okay i typed in search right here the first time
-->
i didn't type search you said you wanted me to search and said that stuff but you didn't say
-->
type search so my bad my bad i just didn't know we want me to type now usc usc zero zero then what
-->
zero enter enter oh hey it came up with units ftp pro ftp dc in the back door
-->
now what do i do now now we're gonna uh go back to the command prompt and search options
-->
options so you're gonna type in options and enter okay option oh i have a lot of options here
-->
uh c host now we're gonna set the r host okay because this is our host yes so how do i set
-->
our host so you're gonna type in set set space space set capital r h o s t okay space yep and
-->
the ip address one zero point zero point three point one six okay and which what does our host
-->
mean host means um what i know this i know this in metasploit is for the remote host oh okay so
-->
i'm setting the remote host which means that my attack machine is the remote host
-->
okay and i'm trying to get in i said it now what's next now you're gonna ask
-->
for metasploit to show the payloads so you're going to type in show okay space payloads enter
-->
okay show payloads there's eight different payloads actually nine because it starts with zero
-->
wow i can add users i can add users i could do command shell the bind and then you said set payload
-->
four yeah so you're gonna look at payload four okay command unix reverse okay now what do i do
-->
and so did you set the payload payload is set you can't see my screen huh
-->
night well i just quit i can't see the writing it's so small so now you type in options enter
-->
options enter okay and then you're gonna set
-->
got a local host local host yeah which is um the ip address of your attack is the local host
-->
okay how do i set it so you're gonna type in s-c-t s-c-t
-->
base st okay yes your host ip which is one zero point zero point three point one five
-->
that we found during entering the ip command in the beginning ah i remember that the ipa for my
-->
address for my cali lettuce machine with the tack a command so then my attack machine is the local
-->
host your attack machine is the local host and the our host is your target okay a target machine i
-->
got it okay what's next so now you're gonna run over u n okay enter and then you're gonna check
-->
who are you well so you just run and enter and then you're gonna in the command prompt you're
-->
gonna write who am i enter okay it's man it's sending the back door command accepted the first
-->
client connection accepted the second one it echoed this thing here and writing socket a's and b's
-->
reading from socket a's and b's it's matching that b is input command shell one is open oh
-->
who am i it says root yes you want to be the root so then is it over no you have to type in
-->
your command prompt line cd space four space root the four slash like that four would be just the
-->
number four cd four root space cd space root cd space four space root like that yeah that looks
-->
good oh what's wrong with this picture says can't cd the four i thought it was this wrong command
-->
so i'm going to change that okay so it is a um yes so what does this mean now that means that you
-->
have full um control over what's happening on number four okay so that means am i in command
-->
and you can now command it whatever it is okay so i'm now into that machine it looks like
-->
which means that metasploit tool is awesome now i have experience on the command line
-->
i have experience with metasploit i have experience with all these other things
-->
this is really cool let me show you something else the ssh command let me see bandit zero at
-->
at banditoverthewire.labs.com, tag P2220.
-->
I think that's it.
-->
Could not resolve band name over.
-->
OK, that means I got to look it up.
-->
Let's look it up.
-->
Wow.
-->
Let's go here.
-->
Bandit over the wire.
-->
There you go.
-->
All right, let's go here.
-->
and we go to can't read me probably the first one bandit dot labs dot over the wire that work
-->
that's what it is so i come here do the control a thing bandit dot labs dot over the wire dot com
-->
enter could not resolve on the band lab maybe i have to go wrong to bring there okay so i'll do
-->
it from here what i'm trying to show you is how you use ssh ssh e enter see that right there as
-->
long as you know the username the url the port and the password which is bandit zero
-->
you can SSH into any server in the world from your command line.
-->
So you got to crack the password first.
-->
Correct.
-->
And that was what we were doing with basic pen testing one.
-->
More importantly, we were just getting inside of it first.
-->
Basic pen testing two, which we'll do tomorrow,
-->
we're going to crack into some stuff.
-->
We're going to crack some passwords.
-->
We're going to do some stuff that make you go,
-->
So, oh, and what happens is, host name is Gibson.
-->
So, okay.
-->
Hey, I found the password.
-->
The key here is this.
-->
Within Kali Linux, you have all these different tools.
-->
How did that password just pop up?
-->
Because this is one of those labs that I know of online that teaches you how to use SSH.
-->
It teaches you how to use Linux. It teaches you how to do pen testing.
-->
It's a lot like NCL, right? You ever did NCL before?
-->
Oh, yeah. Well, briefly.
-->
OK. Yes. Well, I've been doing it for the past eight to 10 years. I don't know how long it is.
-->
All I know is this is the password to the next level for Bandit 1.
-->
And the key here is, if you know how SSH works, the command, the username, the URL, the port, and then, of course, the password, FTP works very much the same.
-->
That's it.
-->
You can use the FTP command.
-->
Let me see.
-->
I don't remember the last time I used the FTP command on here.
-->
you can use that ftp command into a particular device or server and then now you can transfer
-->
files that's what we're going to do tomorrow there are all of these different tools
-->
and there's this is just one of like two million different ways to get inside of a machine
-->
yes there is a whole the next machine may not be the same it may it may be totally different
-->
we have these things to learn and let me show you this because i'm i just
-->
here are my steps on how to install virtualbox and ultimately how to install cali linux
-->
if you have it in writing you're a rock star if you don't have it in writing yet
-->
we need to make you a rock star you understand what i'm saying so i need another apa report on
-->
how to install the kali os that i did all summer so i can write it how about how about this but
-->
it's just like whatever right here's the thing see this right here and uh-oh here it is installing
-->
and configuring kali linux i just need to make sure you know how to do it you tell me you know
-->
do it you got thumbs up i can show you my vm no no no no i know how to do it can you install
-->
i did the parrot too carrot cali parrot do you have windows do you have ubuntu
-->
and i have fedora i have deleted from uh i had microsoft server 19 11 like we did all the servers
-->
and the windows but it all oh it's just it's just okay so good yeah you have purposely delete them
-->
it's good because they take up a lot of space but you have um network engineering skill
-->
so that's what virtualization is security engineering so um cali linux files and permissions
-->
right let me how does that happen close okay i was trying to figure out how that happened hold
-->
on one second do that again share three share customizing workspaces and panels
-->
on your um so you have one workspace here here's a second a third and a fourth workspace
-->
but we're in workspace one tracking i just want to make sure you knew it if you knew it that's
-->
fantastic there are also the root terminal emulator here powershell terminal you can
-->
also get to root by typing in sudo switch user right and it takes you to root but you don't
-->
have to type sudo all the time you type exit to get out of it the um where's that thing
-->
Come back here
-->
Creating directories and files
-->
This necessary when you're doing Linux pin testing
-->
You may have to see clear
-->
You may have to create a file. There are a variety of ways you could use the echo command the fastest ones to use touch and say
-->
Then in our text, right? I do a list
-->
Dana text is right there
-->
What I want to do from there. Maybe I want to put something in it
-->
um daniela text and she rocks right control d some dog ls yeah this is about the extent of where
-->
we got to in lab is creating text and files so yes i understand fantastic so we create these
-->
things so we can create reverse shells to send to people so that we can penetration test into
-->
their networks we create a bunch of different things to steal things to create back doors
-->
um these are the things that um we need to do finding local files and directories
-->
okay so we do a list we see what's there but if i do a list tag a for all hidden files
-->
it's going to show these directories here that's hidden if i do the the list portion
-->
it'll write it out as such so if you ever want to create something to be hidden touch dot dana
-->
dot txt enter ls and it doesn't show up does the dot dana dot text show up no if i type ls tag al
-->
then she shows up so when we get into a network we want to use this a this um all in the long
-->
list so we can see if there's anything hidden. If you want to hide something from somebody,
-->
that's just one way to do it. Is that cool? Yes. Commands in the man page, which is short for
-->
manual. So whenever you find yourself unsure, just stressed out, man, the command. Man rig.
-->
How does rig work? Oh, that's the random identity generator. Holy smokes. I didn't even know there
-->
was such a thing you know so let me see rig enter brianna burnett and that's where she lives probably
-->
not a real person another rig ida garcia right another rig reina blanchard some pen testers use
-->
these things or they probably have their own schema so that they can keep up with who they are
-->
creating bad authors for or bad um they're creating say backdoor uh usernames so they
-->
can get into a system so whose names are these how is it i mean how is it generating names i mean
-->
it's the rig but what's the directory that's the program they created this random total random
-->
that's why that's why we had to that's why we installed it sudo apt install rig remember when
-->
did that yes but why what do we need a random directory for i i just chose a random um
-->
i just chose a random um command let's just show what you can pull up just to show what you can
-->
install what you can install i understand but look at this though because what your question is
-->
excellent look at this let me move this uh let me i think it's here this is the beauty of research
-->
being the cornerstone for everything we do cyber right what is the justification or what was the
-->
question you asked yeah i said why would you just install random uh well why would you install a
-->
random directory but it was i'll go with this one yeah why would you want to generate random names
-->
random identities and it's just to randomly penetrate somebody do you see the output
-->
a pincessor might install it for social yeah absolutely that's all it is it's not like
-->
okay a mandatory thing it's just a random fake identity i know and if you just send it off
-->
like in a fishing campaign or something you ain't got to worry about it as long as you have your
-->
notes someplace over here look at that random social security number and everything that's
-->
really crazy you understand yes now from here let me grab this and bring it over like this okay
-->
Linux files from permissions and hidden files right of course where we just were I did the list
-->
tag al these are the file permission do you know what these mean I read write read write and change
-->
what do you mean or who has permissions what is it it's saying who has permissions the directory
-->
okay so this is the directory this is read write execute for the user
-->
this is read no write but execution for the group and this is like anybody that happens to get on a
-->
network including hackers they'll have read capability no write capability and executable
-->
capability and all of this is for the root directory so do you know how to change the
-->
permissions for a file. Something that pen testers need to do. So I'm going to go change mod plus x
-->
dot dha dot text. See that? Hit the up arrow twice, press enter. And I just made this an
-->
executable for anybody that happens to touch this file because I did the plus x to make it an
-->
executable. All
-->
all
-->
the user, first three,
-->
the group,
-->
and even anyone else that happens to get on the
-->
network. Did you see how I did that?
-->
But I also don't want that.
-->
So I'm going to remove that thing.
-->
Ah, it's gone.
-->
The last thing we want is to
-->
have all these executable stuff on
-->
our network so Pentepsis can come in here and
-->
manipulate it and do what they want to do.
-->
You understand?
-->
yes all right then we have managing and killing linux processes check this out
-->
this is what's so fun about chat gpt show me real examples of how to bang manage and kill
-->
linux processes got it ps aux shows all running pro so we go right back here
-->
when all the process is running it shows what's root was cali as a pen tester you may have to
-->
shut down a process so you can execute your pen test this is how you search for a specific process
-->
copy i want to search for apache 2 i come in here and i paste it press enter and there it is
-->
and if i wanted to shut down that process then i could right understand the comments
-->
who owns the process a user pid the process id cd cpu usage memory the command used to start it
-->
you can list the hierarchical trees this process is hierarchically excuse me you can use the top
-->
or the htop command for real-time monitoring right so we come and see uh here top boom right
-->
now we're actually monitoring everything going on in the network see how it's flipping around
-->
there are 170 in total one running look at all the stuff that's sleeping
-->
nothing stopped no zombies here's the cpu usage the memory and the swap control c to stop that
-->
and there's htop which you have to install which i already had installed
-->
what's the difference it's colorful if you need to stop a process
-->
how do i install h top right here pseudo apt install h top or just type h top and it's going
-->
to ask you to install it do you see how i'm using google search or research or chat gpt to answer
-->
our questions to give you confidence because one day you won't be talking to me right right i want
-->
you to be able to go you know what i did learn some things because i did them how do you find
-->
a process and kill it so you find it and this is how you kill it you kill that process id number
-->
now be careful when you do that you may expose yourself you don't want to do that in your actual
-->
system here's how you force kill a stubborn process with attack nine command sig kill
-->
you see how this gives you all the information for you to try from there
-->
where is it it is here okay ctrl c to stop that ctrl c is to go to before q
-->
okay just so you know now from there where is it where'd it go here it is
-->
we just went through all of this we either did it or we did some now it's not everything
-->
can you remind me of what question you typed in to chat when you pulled up all those commands
-->
for which one the last one you just did for um psa ux here we go command what was the question
-->
it was exactly that question okay that's not it where is it
-->
it's um all right one of these things is a chat box oh here it is let's say so when i'm
-->
pen testing in real life show me real examples how to manage and kill process that's golden
-->
fantastic we got some gold going from here um we just did h top let's see
-->
I just typed in ATOP.
-->
I don't have it on my computer.
-->
Look at the question it's asking me.
-->
Do I want to install it?
-->
I'm going to say yes, okay?
-->
It's doing something.
-->
That's so easy.
-->
Doing something.
-->
Isn't that wonderful?
-->
And so, I mean, how does Callie know to pick the one with no bugs, no malware,
-->
and the most upgraded version of whatever software you're asking it to download?
-->
Because, you know, if you go to Google and try to pick one, good luck.
-->
yeah um how does cali know cali knows because it's all all that all uh it goes through the
-->
linux foundation before they push it out to the public thank you welcome okay cool you know they
-->
don't just randomly uh just let anything on there control you would think that but i just wondered
-->
what the process was oh wow look at the atop cool right pid sys cpu wow there's a whole lot of detail
-->
in here for all of us to be able to read and this thing is just going we see what's root what's cali
-->
right and if you ever get stuck you can always ask chat uh where is it how do i read um well
-->
let me see about what's the difference between a top and h top right oh a top h top
-->
and top wow he says try b top roger said try b top oh okay there you go i will try that hold on
-->
overview comparison and it's giving you everything you need to hold let me get the b top he's trying
-->
to give me what we call heat right which is something new b talk talk talk yes enter enter
-->
okay it's coming up we're about to get btop not sure what btop is but i'm gonna know what to
-->
happen today then i go to geeks for geeks and i learn it oh no service need to be restarted okay
-->
you talk oh we got a graphical look that's fantastic look at roger see that right there
-->
wow docker oh this is nice i mean like like real nice pro c look at this right here man btop
-->
let me see resource monitor that shows usage and stats for processor memory disk
-->
see how that works i'm gonna cue that tldr btop let me see if they have an entry for it it does
-->
tty mode um using 16 colors and tty friendly graphic symbols started oh man that's nice
-->
we love colors our eyes gravitate to them really well so now check this out um and it's all broken
-->
down for you which is nice let's come back over here oh this right here searching lines and head
-->
tells wc history persistence do you know how to do any of these things really not whoo okay
-->
one two three ctrl c right show me show me show me examples of these there you go head dash in the
-->
number of 10 etsy password it's going to show you the first example what i'm sorry what examples did
-->
we pull up show me example of these but what were these see it hadn't i know i have to catch that
-->
really quick searching lines head and tails word count history so this is going to show you the
-->
first 10 lines of the etsy password and you know what's an etsy password don't you yeah um
-->
um yeah uh we've used that but okay look look look look just showing you i want you to be
-->
confident and know how to find anything you need text file where each line represents a user account
-->
go for password but it no longer stores actual password it just has the password hashes
-->
if you didn't know that hopefully now you know that then when i come back up here
-->
here's the head first 10 lines here's the tail last lines however number you decide of a file
-->
of a direct whatever file really use case tell this the authorization law or off logs
-->
and var logs word count you do this it'll give you an actual count of how many uh lines words
-->
and bytes on this file you already did history we did that right when we know things we're like oh
-->
yeah i know that um but trust me when i say um these things come in handy with almost
-->
any and everything that you'll do in cyber in general you gotta learn them let's see here
-->
before i finish out these some of this information we already did we discussed didn't we rules of
-->
engagement standards we didn't discuss dns and route analysis but that's quick
-->
we did network import scanning we didn't do smb and osin analysis yet vulnerability scanning
-->
web application vulnerability scan i we have way too many things to do
-->
the same thing with the rest of these different here we did like a few of them we did it with in
-->
map we didn't do nse or nick those scans yet but it's coming tomorrow i showed you firewall and ids
-->
evasion but we didn't do it it was on that in map cheat sheet do you remember that yes okay and
-->
And then exploitation.
-->
And we didn't do SQL injection or blind SQL injection or outdated web application, the server takeout.
-->
But let me tell you, this is crazy.
-->
We did discuss penetration testing reports.
-->
We can do more.
-->
Engagement details, that's more.
-->
I'm trying to show you that I'm trying to adhere to what I was requested to do.
-->
and i want to make sure that we know how to do all these different things
-->
oh command line web downloader oh my god these are so many really cool things that you can do so
-->
be scripting and bash have you ever written a bash script yet i might have okay we'll do some
-->
tomorrow it'll be a whole lot of fun which one of these any one of them that you do you want to
-->
learn a little bit more about right now real quick.
-->
Metisploit.
-->
Okay, well, then you already got
-->
that.
-->
I want to know how you
-->
penetrate the network on a phone.
-->
Interestingly, let me show you
-->
this.
-->
There's some legalities with that, by the way.
-->
What's going on?
-->
Do you mind
-->
if we take a break, like 15 minutes?
-->
I got
-->
emergency.
-->
um five o'clock was the time i was told unless you want to finish a little earlier well i mean i'll
-->
i'll wait 15 minutes and we'll finish at five that's fine or what 5 15 or whatever just let me
-->
know okay sure i'll be right back okay yes how are you but you can call me wes okay you know it's
-->
funny i'm actually teaching a pen test class and i'm on camera so i was just doing it uh but all
-->
All right, I'll play nice.
-->
Okay, that's fine.
-->
Okay, I got you.
-->
I hear you all are scrambling.
-->
Yeah, no pressure.
-->
Okay, that sounds like job security.
-->
Sounds like job security, that's a lot of work to do.
-->
And yes, like me, it's like a CETA.
-->
Sounds like us.
-->
Okay. My name is Dr. Wesley Phillips. I am a cybersecurity professional as well for quite a few years. I served in the U.S. Marine Corps in the communications field. I did not want to go into cyber. I went into law enforcement, and my supervisor sent me to NSA after about four years of doing physical security and criminal investigations.
-->
and um when i was at nsa i took the technical surveillance countermeasure program
-->
and i became an executive security agent who know who knew how to do stuff on the computer
-->
you know we didn't even call anything cyber back then aging myself um of uh if you if
-->
were to sum it up i guess you could say back then i was like an advanced threat hunter and
-->
a sock analyst and i was looking for terrorists and bad guys uh that were trying to attack and kill
-->
or harm the or steal information from the president of the united states and then fast
-->
forward from there when i retired from law enforcement i went into education and um i
-->
started teaching it and cyber courses or information system security i think that's what it was called
-->
back then and then i ended up taking over the program and incorporating certifications and
-->
hands-on projects within the schools and then um i don't know after about seven years of that i
-->
became a government contractor and i have held a variety of senior titles i was a stock manager at
-->
dcsa uh i was a cyber program manager of a postal service i was the uh chief security or information
-->
security officer with the big dissa managing the insider threat program i've managed large teams i
-->
think 62 was the largest i've had outside of law enforcement where i managed over 200 people
-->
overseas uh on various uh vip um missions i'll say but um pen testers sock analysts uh forensics
-->
people etc managed quite a few teams i lived through a few breaches that's that thing uh
-->
solar winds was was no joke when it happened and um yeah yeah that's great yeah and um working
-->
with mandiant and trying to clean it up and um just uh uh log for for log for j um all i can say
-->
is uh you know we we all do what we can when we have to deal with all these different things but
-->
i'm also a trainer i um um teach college but i was also teaching people how to do um pen testing and
-->
forensics and incident response how to write policy grc uh even dibble dabble in ai lately
-->
just trying to make sure that project management i'm trying to teach people how to do this stuff for
-->
real versus getting certified just just because you pass the test doesn't mean you actually know
-->
how to do the work um so i guess that's a snapshot of me professionally i have other things i could
-->
to say, but if you have any questions, feel free to ask.
-->
Try.
-->
Try.
-->
That is a fact.
-->
Well, having done that in the past, what we did that was relatively successful, and I say
-->
that with a grain of salt, because there's some people sometimes that just don't want
-->
to do, they want to push back.
-->
We get together in a room.
-->
we document the highlights, what's the goal, and then we brainstorm, we put together a plan of
-->
action, and then we do our best to get our counterparts to execute because it's all one
-->
mission, one fight. Now, that's my Marine Corps model, my law enforcement model. That's how we did
-->
it. In the government organizations that I've worked for, not everybody wants to do the latest
-->
policies. And some people are even willing to retire even before it happens on their watch.
-->
But in my experience, we get together, we got to get together in a room. And I actually don't
-->
really like to talk a lot because then everybody has a whole lot to say, but I write everything
-->
down. And I actually prefer to write it out in front of you. And we will brainstorm and figure
-->
are some ways forward before we decide as a team how to execute. Because if I don't have
-->
some coverage from on top, there's no telling what's going to happen from below. Oh yeah.
-->
I wrote a white paper and an email. I brought Splunk Soar to the insider threat community in
-->
DISA. They had a, they had, I got to watch what I say. But anyway, they had, they were using Splunk
-->
Enterprise. They were not using Splunk Enterprise security. And based on the work that we needed to
-->
do and the, I guess the rest, the threats and the risk that we needed to manage, I was able to
-->
speak to a few friends of mine at splunk um they were talking about buying splunk enterprise security
-->
and i brought them over and i convinced them to write uh to get sore and um the
-->
she was the gs15 but she was in the ses position uh my write-up made sense and um she actually did
-->
it and i don't think a lot of people really wanted to do that but in the end of the day that's what
-->
what we did. And everybody on the team was very happy. And I felt like I did something for once
-->
in my life. I have. I'm just trying to think. Yeah. So even way back in the Secret Service days,
-->
we had some old crazy antiquated equipment, legacy equipment, end of life. I'm talking about,
-->
you know, what is it? Five years? It ended 10 years prior. And then we were still using it.
-->
And we, I spoke to a lot of vendors. We spoke with the teams. We got together. We got the money, got the budget. I ended up spearheading the project myself. We installed a lot of different tools to protect the president of the United States.
-->
um i i can't be specific on what those tools were but they were information um technology related
-->
security related 100 and um we tested stuff in the lab you know we didn't have pre-prod back then
-->
um in fact in the secret service they was like just install it no we had to test it um um we
-->
tested it uh as much as we could we we probably had to test like uh 10 of the agency because
-->
before we could actually deploy it organization-wide.
-->
Thankfully, it worked out.
-->
We didn't have too many problems that we couldn't handle.
-->
And same thing, fast forward,
-->
changing over from a legacy system to a newer system,
-->
it just requires a lot of cooperation.
-->
You're gonna have different departments who have,
-->
well, we can't do that for this reason.
-->
And we can't do that for this reason.
-->
We have to document it all.
-->
We have to get approvals, get thumbs up,
-->
then we have to test it and uh in my experience a lot of people in the government are not exactly
-->
patient with that but um i want to say i probably rolled over at least five or six systems in my
-->
time okay so yes and so i had a lead ism he was an ato or grc guru um he made my life easier i was
-->
so happy that to hire him and then um we we had some resistance from the government because
-->
several of those systems should not have been in place they were end of life for a while and i
-->
hate to say it there were several systems that were not updated or patched um for embarrassing
-->
years where i'm speaking to the ao i was even speaking to oig about it and um in the end of
-->
the day if the government wanted to accept the risk for a particular system because it was
-->
political they just did so the positive stories i have is maybe four systems in these particular
-->
agencies that I'm thinking of that we were able to obtain ATO for. All I can say, it was a really
-->
long process and a unique culture and environment in the places where I worked because no one really
-->
wanted they didn't i don't think a lot of people understood risk management and um how it really
-->
works but um my team and i we were working in emas every day um i ended up training even the
-->
sock analysts to do grc because uh when i came on i um there was no one there to do gr uh iso
-->
work and then um i think within about six months or so i had four people and in that meantime
-->
everyone that was there that claimed to be cyber we all had to sit down and knuckle up and just um
-->
and go through emas and and go through the controls and uh work with the different teams
-->
and accomplish tasks to get systems uh keep systems or get their ato i've never lost an
-->
authority to operate but uh because of falling in the role of acting sizzle i almost did but i never
-->
did sorry for that long answer that sounds complicated gotcha yes well um i i consider
-->
myself to be a people person in general i usually get along with most people that i meet um uh for me
-->
is business first before we decide to earn a, you know, some sort of maybe a friendship or
-->
a true partnership. I'm trying to become his or her partner by documenting what is most important
-->
to you. What can I do? What is it that I need to do to make you happy? And then I document all that
-->
in front of them and then I just get to work. And then hopefully that respect will be earned
-->
even though I have years of experience. Years of experience does not automatically mean that I'm
-->
a right, a good fit for this particular office. But in my experience, if I can document and
-->
understand exactly what this individual needs, especially my supervisor or supervisors and my
-->
peers then we can go a long way especially when i start delivering yes sir okay so um
-->
let's see some places did not have tools believe it or not and i had to
-->
come to the old school uh excel spreadsheets and stuff like that but i've used
-->
microsoft project uh we use jira to display metrics and confluence um um
-->
um i um even traditional powerpoint because i i document everything i mean like i seriously
-->
document everything because i know i've seen too many people in my career get amnesia
-->
and um i'm big on the metrics and documenting what's happening i even create my own little
-->
metrics for my teams uh and i try to make sure that it's going to feed into the overall metrics
-->
for the supervisors so that they can obtain the money they need or get the services or
-->
whatever it is that they require. So it's just metrics because I'm a project management
-->
PMP fellow, but I just need to understand what story do you want to tell?
-->
uh what are the most important things you need and i'll ask questions do you have this do you
-->
have this and then i'll get with the team and put the charge on them i need to see something
-->
in writing solid that that can be presented when going forward because i hate looking like
-->
boo-boo the fool in front of managers and um and in front of all and um i used to brief the
-->
CISO, before I became one myself, every week. After two and a half years of working there,
-->
it felt really good for her to say, she said, Dr. Phillips, here's my personal number. Here's
-->
my personal email. Don't you give it out, but you've earned it. I don't give that stuff out.
-->
It was wonderful because she was a bear to me, but she made me better. Okay. A cybersecurity
-->
Security tactical plan? Yeah. Solar winds. So I was working with the Treasury and I can't
-->
say it was just me, but it was us. And we came up with a lot of plans that were not practiced.
-->
We talk about doing tabletop exercises, these government agencies, and all I have to say
-->
as we talk about it um when the that particular attack happened um we were coming up with some
-->
excellent ideas because the windows network was compromised the really cool thing about us was
-->
that we had a linux network that was totally separate from the windows network so that was a
-->
part of our intentional tactical plan you know if something were to breach and that worked but we
-->
also had other and i i'm i feel like i'm being vague because i can't really say what we did
-->
but we put together now i get this honest from u.s secret service that's all we did my entire career
-->
was if someone comes shooting from this way what are we going to do and what if they come from all
-->
sides what are we going to do um you know for the most part well i'll put it like this knocking off
-->
some wood my protectee always went back home and so did i and my friends but um in in the real world
-->
from a cyber securities perspective um some of these government agencies are different um we like
-->
uh like christopher said we we all think differently and and they don't really want to
-->
always listen but i am naturally a tactical guy um proactive i get it honest from secret service
-->
i am um a martial arts practitioner i get it honestly i have been in four shootings i did
-->
pretty good i got lucky but i also use my skills i have more fist fights you can shake a stick
-->
and i am not a violent person far from it um from cyber security drills i actually teach people how
-->
to build socks in their house trying to be proactive i have wazoo slunk um security onion
-->
in my house and when those knuckleheads in china and pakistan try to get into my house
-->
i could see them coming right and um i have no issues with i actually have chinese friends
-->
and Pakistani friends. But the bad guys, even the American bad guys, they get under my skin.
-->
And I'm big on being proactive. And that's all I want to document and do. Fantastic. Yes.
-->
I think I have. So this is a true to God, honest story is crazy. Have you all heard of Cyberary.it?
-->
I took a Cyberary.IT course with, I can't remember her name, but she was an awesome instructor.
-->
I wrote that on my resume. And when I applied to take the CISSP, they would not let me take
-->
the CISSP because they said, you probably have a job because you put that you have CISSP in your
-->
resume. And I said, no, where'd you get that from? I said, look at my resume. It says certificates.
-->
They gave me a certificate that says CISSP train. And I had a total other section that said
-->
certifications, CISM, et cetera. And ISC Square told me I can never sit for the CISSP.
-->
That's what I said. I have an SSCP, but what I also did was I've been crazy, right? I have
-->
all the other equivalents except for that because they will not let me take it.
-->
Can't make that up. And I tell that story to everyone. So I say, hey, if you finish a badge,
-->
I had a badge too. Don't even put it on your resume. It was crazy. So I'm told that you all
-->
need information by Monday. And I guess within the next two weeks or so, you'll probably hear
-->
something. I think the gentleman who called me gave me quite a bit of information. I think I have
-->
more detailed questions. When or if I am actually selected, I'll just come up with the questions of
-->
what exactly is it that you need? What can I do to give you what you want? How is the team? What's
-->
the culture like so i don't really have any overview questions right now um i'll just tell
-->
you this uh i work hard i play hard too but i work really hard um if you want uh someone to
-->
come in there and um get some results i feel like i'm your huckleberry i'll do what i can and then
-->
some so that's all that's my declaration if i'm selected i am tracking um i had been i was a cedar
-->
so it's a short story when i was hired i was hired as the cedar for the sizzle
-->
in dissa within three months he uh resigned his position and then i became the acting
-->
sizzle. Uh, I was a contractor and I was doing that job for two years and change. Um, I know
-->
more than I'm saying, but, um, uh, it felt really good to get so many people on my side and say,
-->
man, you are just doing the job. Um, they were, um, it was very unique. So, um, uh, I love the
-->
fact that even after he left, he called me and said, how are things going? I hear you're doing
-->
a great job. Yeah. I thank you very much because those are definitely big shoes to fill.
-->
There's no question. And I'm also grateful for Ms. Landro. She is the CISO at DCSA. I learned so
-->
much from her, the lady who I've earned her personal phone number and all that stuff.
-->
So anyway, I know you probably have some great applicants, but I feel like I'm a decent contender and I'm definitely looking forward to this opportunity and possibly even working with the teams and working with you, too.
-->
Y'all seem sharp already. Thank you. You, too. Now take care. Hey, Roger, you still there?
-->
Yeah, I'm still here. I am so sorry.
-->
Right. I actually had an emergency that happened, and I just finished taking care of it.
-->
Oh.
-->
I could see that she was looking not so happy.
-->
Oh, no.
-->
But what do you think about today?
-->
Well, it was – well, let's just stop the recording if it's recording.
-->
Okay. How do I do that? Just close it out?
-->
Go back to the training room.
-->
I'm here.
-->
And is the red button still pulsing or –
-->
in the bottom of the earth.
-->
It is.