1
00:00:00,240 --> 00:00:03,440
OK so now let's cover network commands.

2
00:00:03,600 --> 00:00:10,080
So the first command I want to cover is i f config so you may be familiar with the Windows version of

3
00:00:10,080 --> 00:00:14,770
this which is IP config and they pretty much do the same thing.

4
00:00:14,850 --> 00:00:21,900
So it shows you hear your different interface types and the IP address associated with them.

5
00:00:21,960 --> 00:00:31,770
So each zero here either net zero has an IP address of 1 9 2 1 6 8 1 3 2 1 6 4.

6
00:00:31,770 --> 00:00:37,390
You can see the net mask the broadcast address and you can see the MAC address as well.

7
00:00:38,070 --> 00:00:41,790
And we also have a loop back address here.

8
00:00:41,800 --> 00:00:48,250
Now if your machine has a wireless adapter or at some point you want to do wireless penetration testing

9
00:00:48,400 --> 00:00:55,450
you're going to need a W config and you should not expect to see anything on this at the moment unless

10
00:00:55,450 --> 00:01:00,910
you're using a laptop then you actually might see a configuration down here for it if you would see

11
00:01:00,910 --> 00:01:02,520
something underwriter you can flag.

12
00:01:02,530 --> 00:01:08,080
You would see like a W lan one w land zero something along those lines.

13
00:01:08,110 --> 00:01:08,430
OK.

14
00:01:08,440 --> 00:01:14,980
And another common command that we're gonna see is gonna be the ping command so we can just type in

15
00:01:14,980 --> 00:01:19,180
ping and the address that we're trying to talk to.

16
00:01:19,180 --> 00:01:28,460
So for example I'm going to try to paying my home router and I get talking back.

17
00:01:28,620 --> 00:01:34,590
So if I tried to ping something that wasn't in my network like a 16 down one you're going to see the

18
00:01:34,590 --> 00:01:36,660
results change.

19
00:01:36,660 --> 00:01:43,310
So with ping here ping is going to be endless until we hit something like control C to stop it.

20
00:01:43,360 --> 00:01:49,750
It'll ping forever so I'm going to control C again and kind of show you the difference.

21
00:01:50,520 --> 00:01:56,810
So you see that we attempted to ping here and we got replies We got information back.

22
00:01:56,820 --> 00:01:58,130
Well that's good.

23
00:01:58,180 --> 00:02:01,040
That means we're talking to the other machine and says Hey are you there.

24
00:02:01,040 --> 00:02:06,510
It says Yeah I'm there and we try to ping this machine here but this machine's not talking back.

25
00:02:06,510 --> 00:02:12,430
It could mean that the machine is on the network or that the machine is just blocking ICMP traffic.

26
00:02:12,510 --> 00:02:15,460
Icmp is a another word for ping.

27
00:02:15,540 --> 00:02:17,560
So moving on to the next command.

28
00:02:17,940 --> 00:02:24,750
I want to show you ARP so the best way I like to type in is ARP with a switch of a

29
00:02:27,640 --> 00:02:35,590
and ARP is just going to show you mac addresses that it talks to and the IP address.

30
00:02:35,740 --> 00:02:40,690
Actually I said that backwards is going to show you the IP address it talks to and the MAC address associated

31
00:02:40,690 --> 00:02:41,960
with it.

32
00:02:41,980 --> 00:02:51,820
So if an IP address reaches out say 1 9 2 1 6 8 15 that one talked out to this machine it's going to

33
00:02:51,820 --> 00:02:53,500
say OK hey Who are you.

34
00:02:53,490 --> 00:02:57,130
It's to get a broadcast message out and say who has this IP address.

35
00:02:57,310 --> 00:03:00,300
And then the IP address will respond and says Hey I do.

36
00:03:00,310 --> 00:03:02,170
And this is my mac address.

37
00:03:02,170 --> 00:03:10,260
So ARP is just a way of associating IP addresses with mac addresses and once you know that you can also

38
00:03:10,260 --> 00:03:11,840
look at net stack.

39
00:03:12,120 --> 00:03:20,340
So net stat dash AML is another one of my favorite commands and this shows you just the active connections

40
00:03:20,340 --> 00:03:22,140
that are running on your machine.

41
00:03:22,200 --> 00:03:23,490
So if you scroll way up

42
00:03:27,450 --> 00:03:35,730
and you can just kind of see what's open and what's talking here where this really comes in handy on

43
00:03:35,730 --> 00:03:41,520
a penetration test is to see if a machine is talking to somebody else.

44
00:03:41,520 --> 00:03:42,930
Same thing with AAP.

45
00:03:42,960 --> 00:03:46,010
You want to know what that machine is associated with.

46
00:03:46,170 --> 00:03:49,710
And is it talking to something on a port.

47
00:03:49,740 --> 00:03:53,580
So this is more just internal right now but it's still good to know.

48
00:03:53,610 --> 00:03:59,850
So for example if I were to open up a Firefox page and connect out to the internet then I went and I

49
00:03:59,910 --> 00:04:05,330
did a net debt again I would see information about that port being open and.

50
00:04:06,070 --> 00:04:07,800
And that I am going out with it.

51
00:04:08,340 --> 00:04:12,340
So just kind of keep that in mind.

52
00:04:12,380 --> 00:04:16,470
These are not commands that you really need to know in depth right now.

53
00:04:16,580 --> 00:04:20,880
Networking does come into play when you are doing penetration testing.

54
00:04:21,000 --> 00:04:23,650
But we're going to cover these commands time and time and again.

55
00:04:23,660 --> 00:04:31,940
I just wanted to give you a very brief introduction to them OK in the last command that I have for you

56
00:04:31,940 --> 00:04:34,100
today is rude.

57
00:04:34,170 --> 00:04:39,660
So if you type in a route that's going to print your routing table in the routing table is important

58
00:04:39,690 --> 00:04:45,630
because it tells you where your traffic exits essentially.

59
00:04:45,630 --> 00:04:52,140
So for this VM my traffic is exiting on 1 9 2 1 6 8 1 3 4 0.

60
00:04:53,520 --> 00:04:59,730
So any traffic goes out of this 0 0 0 0 gateway in this range right.

61
00:05:00,450 --> 00:05:07,830
So when it goes out this gateway it's doing not so network address translation and it's running off

62
00:05:07,830 --> 00:05:08,490
my computer.

63
00:05:08,490 --> 00:05:14,730
So the best examples aren't here but it's important to know route as well because there could be a machine

64
00:05:14,730 --> 00:05:21,240
that you're attacking that has multiple rounds so you might see a 134 and a thirty five because it has

65
00:05:21,240 --> 00:05:25,320
a dual home Nick the meaning it has to nicks inside of it.

66
00:05:25,320 --> 00:05:29,390
So it's actually talking to a completely different network that you didn't know existed.

67
00:05:29,460 --> 00:05:34,680
So you might have been attacking one network and the one thirty four range and then one thirty five

68
00:05:34,680 --> 00:05:37,080
just out there and this computer can talk to both.

69
00:05:37,080 --> 00:05:39,870
And until that point you had no idea.

70
00:05:39,870 --> 00:05:44,690
And that's the idea of called pivoting when you switch a network from one to the other.

71
00:05:44,720 --> 00:05:46,160
But you're using a machine.

72
00:05:46,380 --> 00:05:51,570
So that's it for this lesson and the next lesson we're going to talk about viewing creating and editing

73
00:05:51,570 --> 00:05:52,020
files.