1
00:00:00,150 --> 00:00:01,850
Hello everybody and welcome back.

2
00:00:02,080 --> 00:00:07,950
And this is the last part of the printing section where we will cover two tools which are basically

3
00:00:07,950 --> 00:00:11,990
almost the same but there are slight differences between them.

4
00:00:12,090 --> 00:00:13,970
The first one it is called the.

5
00:00:14,040 --> 00:00:20,070
So if we just type here on your people you will notice that nothing will happen since we didn't specify

6
00:00:20,160 --> 00:00:21,480
any upset.

7
00:00:21,540 --> 00:00:24,270
But for more information we will just take your take.

8
00:00:24,270 --> 00:00:30,090
Does this help to provide us with the simple usage of this comment.

9
00:00:30,130 --> 00:00:32,990
Now you can use any website for this view.

10
00:00:33,030 --> 00:00:34,380
It is basically not legal.

11
00:00:34,380 --> 00:00:42,030
This is just a tool not to scan the DNS deck basically stands for Domain Internet copper and with it

12
00:00:42,030 --> 00:00:49,530
you can basically try one of the attacks which is called The Zone transfer now zone transfer.

13
00:00:49,530 --> 00:00:57,550
It is basically it uses the replication for primary and secondary DNS servers in order to be synchronized.

14
00:00:57,750 --> 00:01:04,530
Basically the secondary server for example ask for data for zone from primary server in primary server

15
00:01:04,560 --> 00:01:09,050
answers with copy of database which is IP addresses and name of hosts.

16
00:01:09,210 --> 00:01:16,020
Now from configuration of the DNS can potentially allow anyone to request to request a zone transfer.

17
00:01:16,020 --> 00:01:21,570
So with this tool we will try out the zone transfer on some of the bigger web sites which of course

18
00:01:21,660 --> 00:01:22,750
won't work.

19
00:01:22,800 --> 00:01:29,640
But on the smaller ones it could possibly be mis configuration in the DNS so that these don't transfer

20
00:01:29,730 --> 00:01:40,240
is enabled now zone transfer is happening all DP on Port 53 and not over UDP at the port of it three

21
00:01:40,260 --> 00:01:41,540
for the DNS.

22
00:01:41,550 --> 00:01:48,960
So if you just type here like Google Netcom you will notice that it would give us a bunch of the informations

23
00:01:49,500 --> 00:01:51,710
about the Google dot com.

24
00:01:51,750 --> 00:01:56,830
So for example as we could see this is the DNS query right here.

25
00:01:57,090 --> 00:02:06,640
The and is right here stands for named server and you can see that there are four of them the A basically

26
00:02:06,640 --> 00:02:14,770
represents the IP address the one a stands for the IP for IP address and for a stands for the IP B6

27
00:02:14,860 --> 00:02:22,440
IP address we can see of some of the other options which is the server that it used to query which is

28
00:02:22,500 --> 00:02:30,780
our own router on port if the three as you can see the usual DNS port will be port three or UDP and

29
00:02:30,780 --> 00:02:33,000
by router IP address is 192.

30
00:02:33,010 --> 00:02:34,880
That 168 that one that one.

31
00:02:36,960 --> 00:02:44,220
We can see that the one query we got one answer authority for which is these four servers right here

32
00:02:45,540 --> 00:02:53,370
an additional nine I believe is referring to this one right here even though there is eight once but

33
00:02:53,380 --> 00:02:59,140
these are basically the same servers just with a different IP address not different IP address different

34
00:02:59,140 --> 00:03:00,210
format of IP address.

35
00:03:00,220 --> 00:03:07,400
This one is as you said IP before and this one right here is by P6 IP address so that is the basic use

36
00:03:07,400 --> 00:03:08,710
of the command.

37
00:03:08,750 --> 00:03:12,140
You can you you can use it to find out some of the information about the domain.

38
00:03:12,590 --> 00:03:19,940
But if you for example want to try out the zone transfer you can do it like this for example.

39
00:03:19,940 --> 00:03:27,200
So just type your dick and then you type your a exe as R which stands for the zone transfer.

40
00:03:27,230 --> 00:03:35,960
Now we can use for example Facebook dot com and we can use the other server for example a dot unless

41
00:03:36,640 --> 00:03:38,650
the Facebook dot com.

42
00:03:39,380 --> 00:03:44,900
And if we try to type this right here you will not destroy a few seconds it will basically prompt us

43
00:03:44,900 --> 00:03:48,860
with some transfer failed since the Facebook.

44
00:03:49,730 --> 00:03:58,720
Since Facebook didn't miss configure the DNS so do some transfer tech cannot be done on Facebook.

45
00:03:58,860 --> 00:04:04,650
Now there may be other smaller sites it could be possibly vulnerable to the same transfer attack but

46
00:04:04,710 --> 00:04:06,480
we won't be trying to find them at the moment.

47
00:04:06,480 --> 00:04:12,240
This is just one of the tools that you can use in order to find out if it is vulnerable.

48
00:04:12,270 --> 00:04:19,320
But let me just show you another tool right here which is called Leon's DNS enum which is also installed

49
00:04:19,320 --> 00:04:21,100
in the clinics.

50
00:04:21,150 --> 00:04:30,250
So basically it is the same as the Digg tool is a free type right here DNS venom and Google dot com.

51
00:04:30,960 --> 00:04:36,990
It will provide us with similar information as we can see hosts address Google dot com which is a sense

52
00:04:36,990 --> 00:04:44,360
for the IP before and then it will print us the IP address the IP before address of Google dot com.

53
00:04:44,820 --> 00:04:50,340
And right here it is trying to find out somebody's named servers of Google as we saw before.

54
00:04:50,340 --> 00:04:51,540
There should be four of them

55
00:04:54,880 --> 00:04:56,560
now this might take a few seconds.

56
00:04:57,730 --> 00:05:02,320
And sometimes it's actually just times out in my time out right now.

57
00:05:02,340 --> 00:05:08,660
But we'll see in a few seconds I will come back when this finishes so we can see it finished right here

58
00:05:08,660 --> 00:05:12,910
and it says the eagle dot com and its record where it failed.

59
00:05:12,920 --> 00:05:16,150
It turned out so we won't be trying that anymore.

60
00:05:16,220 --> 00:05:21,560
I just want to show you that you can use that tool as well if you want to but that would be it for e-book

61
00:05:21,650 --> 00:05:22,780
printing section.

62
00:05:23,060 --> 00:05:25,430
So let us just recap what we covered.

63
00:05:25,430 --> 00:05:31,480
We covered some of the tools that we use to gather as much information as we can about our targets.

64
00:05:31,490 --> 00:05:37,970
So for example these two we covered in order together some of the information from their server or their

65
00:05:37,970 --> 00:05:38,570
DNS.

66
00:05:38,600 --> 00:05:44,390
And basically we also tried one of the attacks which is on transport which of course didn't work on

67
00:05:44,390 --> 00:05:51,290
Facebook but as he said it might work on some of the other Web sites and we also covered these.

68
00:05:51,300 --> 00:05:52,450
Who is.

69
00:05:52,690 --> 00:05:54,760
We also covered the shutdown Web site.

70
00:05:54,760 --> 00:06:01,540
We covered the harvester in this lecture or in the previous lecture where I showed you that it sometimes

71
00:06:01,570 --> 00:06:02,680
can't actually work.

72
00:06:02,710 --> 00:06:06,120
So we gather some of the e-mails from it.

73
00:06:06,210 --> 00:06:10,270
We also covered the NICTA which is a big mental.

74
00:06:10,320 --> 00:06:15,060
You should search more about it if you want to it might be useful later on.

75
00:06:15,060 --> 00:06:18,800
So that would be about it for the foot printing section.

76
00:06:19,050 --> 00:06:27,360
And with this section we basically finished the beginner section and we enter the Intermediate section

77
00:06:27,450 --> 00:06:35,400
where we will start off with creating our wearable machine which we will use in order to run our scans

78
00:06:35,460 --> 00:06:41,170
and attacks since it is not legal for us to attack our machine that we do not own.

79
00:06:41,220 --> 00:06:44,750
We will create a virtual machine which we can attack.

80
00:06:44,940 --> 00:06:50,040
Now you might have heard of that little machine is called that is portable and I will show you in the

81
00:06:50,100 --> 00:06:52,230
next tutorial how to install it.

82
00:06:52,230 --> 00:06:57,560
And basically we will start covering one of the bigger tools in the clinics.

83
00:06:57,570 --> 00:07:04,090
And one of the tools that you will lose a lot which is called The and but more about that in the scanning

84
00:07:04,090 --> 00:07:07,780
section and I hope I will see you there.

85
00:07:07,780 --> 00:07:08,200
Take care.