WEBVTT

00:00.800 --> 00:01.160
Hello.

00:01.870 --> 00:08.560
Uh, in his lecture, I shall we will, uh, I have installed the Metasploit Framework, which is the

00:08.570 --> 00:10.580
vulnerable Linux, actually.

00:11.030 --> 00:15.620
So in Metasploit exploit, not Metasploit, well, operating system.

00:15.920 --> 00:24.480
So this is the vulnerable operating system that you can find kind of, uh, vulnerable relatives, uh

00:24.590 --> 00:27.740
and, uh, Metasploit designed for exploit.

00:27.740 --> 00:31.520
And so this, uh, operating system is not secure.

00:31.940 --> 00:42.260
So in this lecture, we will um actually try some penetration testing, uh, in this Metasploit here.

00:42.920 --> 00:51.440
So I put and they captured in installation video how, uh, these images below eatable operating systems,

00:51.770 --> 00:55.700
uh, do lots of instance in your virtual machine.

00:56.330 --> 01:02.630
Uh, so let's get started by, um, inputting some commands.

01:03.020 --> 01:07.340
So, uh, we will conduz a person with Metasploit here.

01:07.940 --> 01:10.940
So, uh, all these.

01:11.350 --> 01:20.480
Uh, let's get informed with, uh, in my year clear and map s we uh, we will also do an operating

01:20.480 --> 01:21.740
system determination here.

01:21.740 --> 01:24.320
For this, we have to use sudo command here.

01:24.680 --> 01:26.780
And um, actually.

01:29.230 --> 01:34.540
If confusing, what is our IP address is one and 32, so.

01:38.360 --> 01:38.970
Zero.

01:39.520 --> 01:40.490
Uh, twenty four.

01:40.640 --> 01:43.880
So I will uh, you will learn what this twenty four is.

01:44.080 --> 01:45.590
Uh, so just.

01:47.930 --> 01:56.300
Now, consider this um, this went for that, I am telling up scan from zero to 255.

01:57.830 --> 02:05.920
So, um, this feels kind of, uh, networks in our um, no.

02:07.170 --> 02:17.190
Local area network, so because of that, as you can see here, the netmask is 255.255.255.0 zero,

02:17.520 --> 02:21.330
so this means the zero can change, but these will stay.

02:21.960 --> 02:24.300
So as you can see here, we had.

02:27.930 --> 02:35.760
Tried and my scan here, you can see this is the our vulnerable Metasploit Apple operating system,

02:35.760 --> 02:38.870
as you can see here running on Linux 2.6 point.

02:39.390 --> 02:42.630
Um Horses', which is portable local domain.

02:44.070 --> 02:51.300
Here and this, you can see we have several open ports, which is these ports are basically vulnerable.

02:51.750 --> 02:57.710
So I think as you can see here, this is somebody's assembly, which is has lots of exploits on it.

02:58.320 --> 03:02.220
Um, actually, as you can see, we we have a road show here.

03:02.220 --> 03:04.440
We have a vulnerable mice girl.

03:04.440 --> 03:07.410
Actually, I think this is the vulnerable version of my scale.

03:07.860 --> 03:11.240
Uh, this had this to some kind of exploit or what?

03:11.820 --> 03:15.980
Um, as you can see here, we have we can see, uh, over really.

03:16.070 --> 03:24.630
I see here protocols and we have so many, um, things that has vulnerabilities in it.

03:25.080 --> 03:33.510
So, uh, now we will do these same techniques, uh, using, uh, using massive console.

03:33.510 --> 03:34.560
So let's get started.

03:34.590 --> 03:36.820
It was a console here.

03:36.900 --> 03:39.210
We started our research console here.

03:39.900 --> 03:43.040
Um, actually what you like web service?

03:43.050 --> 03:43.860
Yes.

03:43.890 --> 03:44.610
Actually voice.

03:45.650 --> 03:53.650
Is it because, uh, my savings still actually see the desktop unless, of course so.

03:55.640 --> 03:55.940
Oops!

03:57.630 --> 03:58.260
And yes.

04:00.820 --> 04:02.230
I think it was OK in.

04:03.100 --> 04:03.850
Yes.

04:06.830 --> 04:07.540
It was if.

04:08.590 --> 04:09.250
Very safe.

04:10.000 --> 04:10.390
Yes.

04:13.270 --> 04:17.670
We saw it again as she revealed the A terms, a message.

04:18.310 --> 04:19.330
It's very authentication.

04:20.220 --> 04:23.980
So it's and as you can see it, our massive is started.

04:24.490 --> 04:31.960
So now I will use DB in my comment db nib in map here.

04:32.290 --> 04:40.240
So after that, these we can, um, just put your basics or in parameters here.

04:40.600 --> 04:45.730
So consider this that we are using a tool.

04:46.180 --> 04:48.360
So now see, we will.

04:48.640 --> 04:49.450
You will see it.

04:50.140 --> 04:51.820
As you remember our Metasploit.

04:52.240 --> 04:58.480
Um, we determined that our Metasploit IP address look like Pedraza and fit 135.

04:58.900 --> 05:01.930
So in that amount to two point.

05:05.720 --> 05:11.060
Here now, we are doing actually a port scanning here.

05:11.420 --> 05:19.730
So now, uh, this will tell us that, uh, which port is open and uh, was what this port is working

05:19.730 --> 05:20.030
for?

05:21.200 --> 05:25.550
As you can see here, we have, um, actually.

05:27.100 --> 05:28.090
Ports open.

05:28.550 --> 05:36.060
Uh, there's these ports has, uh, vulnerabilities in it, and we will break this policy.

05:36.460 --> 05:48.580
So, uh, actually here and we can see that we run the B in, uh, d b in here, uh, um, command.

05:49.690 --> 05:59.200
So uh, actually, now I will run this command again, but with p and uh, parameter here, p and parameter.

05:59.500 --> 06:08.710
So what this p m parameter will do, um, is that it may will give us more detailed.

06:09.980 --> 06:10.790
Information.

06:12.080 --> 06:14.800
And we are waiting for it, waiting.

06:15.010 --> 06:20.050
And as you can see, I'm a said British police reports on incorrect results, as you can see here.

06:20.440 --> 06:21.280
Michelle is.

06:22.270 --> 06:26.290
He was pretty similar results, so never mind.

06:26.770 --> 06:35.530
So the first, uh, we had the ping request has um, we had to set the P and switch in the in common,

06:35.530 --> 06:38.980
which denotes no ping scan here.

06:39.670 --> 06:41.200
This means no ping scan.

06:41.650 --> 06:48.360
Uh, we can see we have also defined and uh, essary here, uh, which denotes inversion scan.

06:48.370 --> 06:55.810
So having several servers up and running, we can see that the target has, um, the ports open.

06:56.200 --> 07:02.680
Uh, so as you can see, a report one hundred forty five, uh, open.

07:02.920 --> 07:05.290
So this is the netball's, uh, port.

07:06.310 --> 07:07.450
Uh, so.

07:10.490 --> 07:17.750
In actually in Windows Port 445, mean eternal blue, eternal romance port.

07:18.110 --> 07:24.890
So actually, this port have proven to be very successful against Windows seven and Windows Server.

07:25.370 --> 07:26.130
Um.

07:27.580 --> 07:36.400
To handle the two thousand eight and so on, so in this sport, so this port, um exploits me, this

07:36.400 --> 07:38.620
port exploit named was a tunnel blow.

07:38.620 --> 07:44.760
So you actually it's um made a vulnerable if someone's very vulnerable port and service.

07:44.770 --> 07:54.430
And actually the service was I yeah, I say remember, the service was eternal service and used four

07:54.430 --> 07:58.110
hundred four to five ports or in some Windows versions.

07:58.120 --> 08:00.460
It can't, um, open.

08:00.820 --> 08:01.600
Uh, we did.

08:02.660 --> 08:03.260
So.

08:06.470 --> 08:08.150
And that said so.

08:09.360 --> 08:13.340
But we are, uh, using, uh.

08:13.960 --> 08:18.210
Uh, actually, we are using Metasploit about, uh, as.

08:19.460 --> 08:23.030
Uh, well, a tech machine, Typekit machine now.

08:23.330 --> 08:27.860
So if we used windows, we can hack these this field.

08:27.860 --> 08:33.880
But in Linux case, this is the I know there's no port, so I think this is the vulnerable.

08:34.040 --> 08:39.640
Well, because it's a Metasploit will almost be very attached and all of there are more.

08:39.650 --> 08:42.470
No, so this is the penetration testing.

08:42.590 --> 08:43.010
Um.

08:45.540 --> 08:48.350
Operating system, uh, some.

08:49.590 --> 08:52.960
Signs, we are not sure about the operating system.

08:53.760 --> 08:56.880
We can run in screams so.

09:05.490 --> 09:13.230
So now, actually, we do here, as simple as you can see, this is the assembly, the UH, as well.

09:13.410 --> 09:22.830
But now we will actually run the assembly, the UM script in the map to determine which version is using

09:22.830 --> 09:29.040
this port, actually, which, um, operating system and we and we is using.

09:29.040 --> 09:31.260
So, uh, let's get started.

09:31.290 --> 09:40.740
So, uh, in the here, we will use same command, um, db and map here.

09:41.220 --> 09:42.930
And um.

09:44.470 --> 09:47.980
And we will add here, um, Pete, in.

09:49.270 --> 09:58.180
P and P four hundred forty five is Miss Port 445, because we will scan this and we will scan almost

09:58.510 --> 10:05.300
all of the reports as well, and we will use scripts because now we've allowed the script parameters

10:05.320 --> 10:16.080
script and here we will, uh, use this script that named SMB was discovery SMB, uh, OSS.

10:17.210 --> 10:17.840
Discovery.

10:20.670 --> 10:23.410
Here and we will give.

10:23.700 --> 10:28.260
And we will give an IP address of a machine Typekit machine.

10:28.590 --> 10:33.660
So one hundred ninety one hundred ninety two point sixty eight.

10:35.290 --> 10:38.380
Eight point one hundred thirty five, right?

10:39.220 --> 10:40.690
Yes, this was thirty five.

10:41.020 --> 10:44.140
And after that, uh, just click interface.

10:44.710 --> 10:51.220
And as you can see here, uh, we can get information here.

10:51.220 --> 10:52.300
So let's um.

10:54.180 --> 10:58.080
Well, let's find out at the end of the reports.

10:58.530 --> 11:00.600
To find more information about it.

11:01.850 --> 11:12.020
So this week's 11 port is up for actual I think it's the graphic drivers port for Linux here, as you

11:12.020 --> 11:16.040
can see here, almost we have so many ports in it.