1
00:00:00,450 --> 00:00:06,720
So it's after getting this normal, basically, shall we need to escalate operations before escalating

2
00:00:06,720 --> 00:00:11,450
operations, we need to gather as much information as we can.

3
00:00:11,460 --> 00:00:13,520
So that is called operation.

4
00:00:14,010 --> 00:00:18,260
So first, let's start with finding the computer network that is him.

5
00:00:18,540 --> 00:00:24,630
So we need to take the Hoshino and hit enter, get this computer on which the shell is running on.

6
00:00:25,500 --> 00:00:26,110
So I know.

7
00:00:26,130 --> 00:00:34,440
So you need to find, uh, the user that is running on this computer that is the shell of this user.

8
00:00:35,990 --> 00:00:36,890
That is who I am.

9
00:00:37,790 --> 00:00:44,470
So it says the host name slash user, that is the computer user name.

10
00:00:44,750 --> 00:00:50,200
And you can also see who might slash through the.

11
00:00:50,780 --> 00:00:55,040
So it will diminish the privileges of this user.

12
00:00:56,400 --> 00:01:04,170
And I have this privilege and the description, and so we have only one person that is notification

13
00:01:04,170 --> 00:01:07,260
police, so you can see Lokman memory shut down.

14
00:01:07,560 --> 00:01:08,590
We got shut down.

15
00:01:09,390 --> 00:01:12,900
I mean, these crimes, you cannot change that.

16
00:01:13,530 --> 00:01:14,550
These are disabled.

17
00:01:14,550 --> 00:01:16,040
And there is only one annable.

18
00:01:16,620 --> 00:01:20,160
So you can see like these privileges for this Nekesa.

19
00:01:20,310 --> 00:01:29,340
So another way to find out this username is to say Acho, uh, put the percentage and the user name

20
00:01:29,970 --> 00:01:31,320
and put the percentage.

21
00:01:32,640 --> 00:01:39,330
So if you take this one, I call is a percentage and hit enter your username on this, uh, shell.

22
00:01:40,440 --> 00:01:49,350
So up to now we have found the username and the host name and there is a common cause system info system.

23
00:01:49,350 --> 00:01:55,610
And for that we do so much information then, uh, this is an of the Hoshino.

24
00:01:55,770 --> 00:01:57,770
So let's go and run the system info.

25
00:01:59,370 --> 00:02:02,540
And you can see there is a bunch of information going on.

26
00:02:03,120 --> 00:02:12,870
It also tells us the whole system or system that is pro and number and the version number manufacturable

27
00:02:12,870 --> 00:02:13,320
does.

28
00:02:13,410 --> 00:02:18,270
Of course this is standard workstation and digital only key.

29
00:02:18,270 --> 00:02:25,650
And you can see productivity and what started of this operating system, bootcamps, etc. and model,

30
00:02:26,340 --> 00:02:29,040
uh, architecture of this computer and processor.

31
00:02:31,090 --> 00:02:38,800
And you can see a lot of information, time zone and system language, it's using a physical memory

32
00:02:38,800 --> 00:02:45,570
and watching, etc. So the important thing is to see this domain so workgroup.

33
00:02:45,820 --> 00:02:48,700
So I do not have any domain to this.

34
00:02:49,150 --> 00:02:50,830
It's just one for group.

35
00:02:51,320 --> 00:02:54,720
Uh, and log on to release this one.

36
00:02:54,730 --> 00:02:57,440
That is a computer desktop, this one.

37
00:02:57,850 --> 00:03:05,320
So whenever there is any furniture you need to access using this address that went back to back on desktop

38
00:03:05,320 --> 00:03:10,770
now and again to ashes and fire shells and there are hotfix.

39
00:03:10,770 --> 00:03:15,940
So these hard fixes are small, smart updates that are used to fix any vulnerabilities.

40
00:03:15,950 --> 00:03:21,640
So we see them in the letter using when we got across this WMC.

41
00:03:22,180 --> 00:03:28,390
So you can see these are the hard fixes installed recently and there you can see the network.

42
00:03:28,540 --> 00:03:30,540
So there are seven and I see in.

43
00:03:31,030 --> 00:03:32,880
So these are like what adapters?

44
00:03:32,890 --> 00:03:34,300
I have to use it from here.

45
00:03:34,300 --> 00:03:41,290
And there are some real adapters, as you can see, real family control that the Internet with the controller

46
00:03:41,290 --> 00:03:49,680
and that is a wireless and they're from there unless you get our TerraPass, which are used for we.

47
00:03:50,260 --> 00:03:52,060
That is my favorite submissions.

48
00:03:52,600 --> 00:03:54,930
So these are the basic information.

49
00:03:54,940 --> 00:03:56,620
I can see hyper requirements.

50
00:03:56,890 --> 00:03:57,780
We monitor what?

51
00:03:57,790 --> 00:03:58,320
Extremisms.

52
00:03:58,330 --> 00:03:58,560
Yes.

53
00:03:58,660 --> 00:03:59,590
And virtualization.

54
00:03:59,590 --> 00:04:01,600
And so running the virtual machines.

55
00:04:01,870 --> 00:04:04,060
So to run, what solution should be an.

56
00:04:07,660 --> 00:04:13,040
And that's all for this basic inauguration of this user and the information.

57
00:04:13,540 --> 00:04:21,370
Now let's set out to find users on this computer are the registered users and Internet users.

58
00:04:23,610 --> 00:04:31,950
And you can see administrator and now we can further enumerate this, using to this wiki and this is

59
00:04:32,110 --> 00:04:37,080
this use of traditional tools, and if you don't, you will get some more information about this user

60
00:04:37,530 --> 00:04:41,850
and country vision icon like to experience and personalize it.

61
00:04:41,880 --> 00:04:43,680
So I have said it yesterday.

62
00:04:44,340 --> 00:04:47,730
I just changed the password user matching password.

63
00:04:47,760 --> 00:04:48,210
Yes.

64
00:04:48,780 --> 00:04:50,260
User can change the password.

65
00:04:50,830 --> 00:04:53,470
Not so log on our site.

66
00:04:53,640 --> 00:04:58,910
So any time we can log in and here you can see the important local group memberships.

67
00:04:58,920 --> 00:05:06,420
So this sneaky user is of the group and we set up so you can run any command as the administrator if

68
00:05:06,420 --> 00:05:08,310
you have this GUI like this.

69
00:05:08,310 --> 00:05:11,870
Ah, this is a group of that mistletoes user.

70
00:05:12,690 --> 00:05:14,550
So Grober group memberships.

71
00:05:14,550 --> 00:05:17,710
There are no global group memberships on a local group memberships.

72
00:05:17,720 --> 00:05:18,870
Those administrative group.

73
00:05:19,200 --> 00:05:22,050
And you can also type that users administrator.

74
00:05:28,520 --> 00:05:33,990
So you get almost the same information, but it's hard to come comment that building account for admission

75
00:05:33,990 --> 00:05:34,760
to the computer.

76
00:05:35,030 --> 00:05:38,300
So this is the default account that comes with the industry.

77
00:05:39,950 --> 00:05:44,450
So we can see, I think, shares of.

78
00:05:48,340 --> 00:05:52,070
So next year or next year, so next year.

79
00:05:52,090 --> 00:05:54,040
So this is a guy I just forgot this one.

80
00:05:54,610 --> 00:06:04,360
So to display the R the first year of my computer, you can see the Cedro and after a previous speech

81
00:06:05,380 --> 00:06:06,490
as a differentiator.

82
00:06:06,490 --> 00:06:12,430
And you can see like there and we have seen this, too, in the assembly and operation.

83
00:06:12,460 --> 00:06:14,390
So we have got this APC regular.

84
00:06:14,560 --> 00:06:15,310
We can check out this.

85
00:06:17,290 --> 00:06:21,880
So we we can also get the network information.

86
00:06:22,210 --> 00:06:27,150
So we got the adapters information, the previous command, that is the system info.

87
00:06:27,430 --> 00:06:34,450
But now we are where does the IP config slash our slash argues stuff, all that information.

88
00:06:34,540 --> 00:06:37,680
So let's run with this one and see what's the output.

89
00:06:38,260 --> 00:06:43,680
And you can see we almost got the information, our basic information.

90
00:06:44,260 --> 00:06:45,960
This is quite enough.

91
00:06:46,150 --> 00:06:46,930
I think so.

92
00:06:48,280 --> 00:06:50,890
Uh, but let me take this.

93
00:06:50,890 --> 00:06:52,510
Ah, you know, this IP country.

94
00:06:52,510 --> 00:06:55,560
Great, because we are also use the IP command.

95
00:06:55,570 --> 00:06:57,520
I have configured Linux.

96
00:06:57,940 --> 00:07:05,740
So this is a Wi-Fi IP address and it was before and distribution for and you can also see the Mac address.

97
00:07:05,770 --> 00:07:07,860
We're going to take this out.

98
00:07:15,940 --> 00:07:17,100
Fix I National.

99
00:07:18,360 --> 00:07:26,380
So now we got much more in-depth information about that, so you can see why fight and the smackeroos.

100
00:07:26,400 --> 00:07:32,040
We also got the goal to disrupt the hit civilian areas and configuration.

101
00:07:32,060 --> 00:07:36,300
And I will reassess and I'll watching six, five, four subnet mask.

102
00:07:36,300 --> 00:07:38,240
And these are experts.

103
00:07:38,880 --> 00:07:44,550
So these are the surprises and the hit TV series together at my 021, which is the router.

104
00:07:44,790 --> 00:07:47,180
So you can get the rotors.

105
00:07:47,190 --> 00:07:52,710
Other Pizarro's information from this IP configuration generally in the whole operating system, the

106
00:07:52,710 --> 00:07:55,050
router contains the for the service.

107
00:07:55,380 --> 00:08:00,870
So you could consider this one as a router and you can get the Bluetooth physical address.

108
00:08:01,050 --> 00:08:09,060
Well, so you can see these are the parts that are created for the real world that you just need to

109
00:08:09,060 --> 00:08:10,030
consider those ones.

110
00:08:10,170 --> 00:08:14,250
So all you want to consider is this local Ethernet connection.

111
00:08:14,580 --> 00:08:20,820
I do not have any Ethernet connections, but in some cases, your computer may connect to one network

112
00:08:20,820 --> 00:08:22,350
where Wi-Fi and another network.

113
00:08:22,800 --> 00:08:23,950
Well, where this Ethernet.

114
00:08:23,990 --> 00:08:29,670
So in that case, you can not the IP address of this one and you can enumerate much more or put any

115
00:08:30,300 --> 00:08:36,270
building or any pivot points so that you see about this adapters.

116
00:08:39,550 --> 00:08:48,610
So the next morning, we're going to seize Harpur mindset, that is to help spread the tables.

117
00:08:49,630 --> 00:08:52,750
You can see these are the interfaces afterwards.

118
00:08:53,410 --> 00:09:00,340
So this one this one is the main address because because main and that is the WiFi.

119
00:09:00,580 --> 00:09:05,190
And we have got this subnet IP address, one zero one.

120
00:09:05,200 --> 00:09:07,540
That is the router and it is done.

121
00:09:07,870 --> 00:09:10,690
So we have got this, uh, mackerels out, this one.

122
00:09:11,950 --> 00:09:19,220
And Michael does all this broadcast to see if they can see some other crashes as well.

123
00:09:20,440 --> 00:09:27,570
So in one minute, but there are only two devices that are a router and might this machine.

124
00:09:29,200 --> 00:09:34,310
So you can also print the roads, the default route using the open.

125
00:09:35,650 --> 00:09:40,040
So it will give you the, uh, routing information as well.

126
00:09:40,390 --> 00:09:45,070
So if there is a definite nation, it should go to this interface.

127
00:09:49,950 --> 00:09:54,600
So there are there are there are no matter devices on the say, you cannot.

128
00:09:56,040 --> 00:10:01,830
See, much difference, but when you've been testing this table, this will pop up with more information

129
00:10:01,830 --> 00:10:03,030
and you can clearly understand.

130
00:10:05,620 --> 00:10:14,070
So now what we want to do is we all want to see the firewall rules that are set on which I want a firewall.

131
00:10:16,540 --> 00:10:18,640
I notice its firewall.

132
00:10:24,310 --> 00:10:25,450
By illustrator's.

133
00:10:35,640 --> 00:10:37,760
So I think I just forgot this once.

134
00:10:37,850 --> 00:10:40,800
That's it, that's it firewalled.

135
00:10:49,760 --> 00:10:50,500
Fighters.

136
00:10:55,960 --> 00:10:57,780
Well, it is, and it's not working.

137
00:10:59,150 --> 00:11:02,370
So, all right, I want to fight for.

138
00:11:06,290 --> 00:11:07,930
So let's sit down.

139
00:11:12,870 --> 00:11:19,020
So this is a transfer where the command is not moving on this version of the business, you should use

140
00:11:19,020 --> 00:11:24,600
the net assets at once or for export to you to export.

141
00:11:27,460 --> 00:11:29,490
First, let me take the short.

142
00:11:33,030 --> 00:11:38,730
All right, now I can say show our profiles, let me just show the current profile.

143
00:11:38,730 --> 00:11:39,090
No.

144
00:11:45,180 --> 00:11:50,570
So these are the current federal policy, broken bones.

145
00:11:51,660 --> 00:11:55,530
So I may be changing Dimebon rules.

146
00:11:57,090 --> 00:12:06,060
So so, yeah, in the previous two years we have reversed the GDP of a connection.

147
00:12:06,060 --> 00:12:08,140
We have broken some in one spot and.

148
00:12:09,720 --> 00:12:11,690
So we have broken it.

149
00:12:12,120 --> 00:12:15,710
So it portrayed a range of about 4000 to 5000.

150
00:12:15,720 --> 00:12:18,800
I just I just forgot the range.

151
00:12:18,810 --> 00:12:21,560
So we have broccolis on boats, so that truly isn't.

152
00:12:21,570 --> 00:12:24,360
So this is one rule and this rule isn't broken.

153
00:12:24,360 --> 00:12:24,570
But

154
00:12:27,450 --> 00:12:30,540
sure, it means are profiles.

155
00:12:34,870 --> 00:12:37,560
So these are the providers.

156
00:12:40,300 --> 00:12:42,270
I can see here it can also explode.

157
00:12:43,980 --> 00:12:53,400
So another one thing I need to show is that governments that is used to display the processes and you

158
00:12:53,400 --> 00:12:57,420
can sit here and display are the internal processes.

159
00:12:58,820 --> 00:13:05,640
So these are the are the services that are going on on my computer can see this is zero zero zero.

160
00:13:05,840 --> 00:13:07,550
That is my computer and the port.

161
00:13:07,570 --> 00:13:12,480
No, IronPort, no, there is a reason and I don't want that.

162
00:13:12,950 --> 00:13:14,520
And the police want do it.

163
00:13:14,660 --> 00:13:20,020
So it did not connect to any forwarding address for analysis, other computers and the protocol it's

164
00:13:20,030 --> 00:13:20,420
using your.

165
00:13:21,500 --> 00:13:24,170
Now, this is very interesting services.

166
00:13:24,980 --> 00:13:26,240
No waterland rules.

167
00:13:26,570 --> 00:13:30,590
You fight of the American Clarinex and those Kanfer.

168
00:13:30,590 --> 00:13:33,590
Are these spots wonderful for 14, etc..

169
00:13:33,920 --> 00:13:40,160
So you scan all these spots and note down the results and those results.

170
00:13:40,160 --> 00:13:45,470
Compare those results with these spots with the state only Disney.

171
00:13:46,070 --> 00:13:53,420
And if you found there are any extra passes that are resetting on this computer, that means those services

172
00:13:53,420 --> 00:13:55,150
are Internet services.

173
00:13:56,510 --> 00:13:59,630
So three three zero six, that is already preschool.

174
00:14:00,980 --> 00:14:04,430
So this service may be running as an Internet service.

175
00:14:04,430 --> 00:14:05,660
That is not explicit.

176
00:14:06,290 --> 00:14:09,200
So that's how you find out the business results.

177
00:14:09,530 --> 00:14:13,450
So I'm not going to show you now you do that as it exists.

178
00:14:13,700 --> 00:14:16,280
So if I have, then it's just a simple script.

179
00:14:16,280 --> 00:14:23,600
And scan all the polls from one 265000, six, five, four, three, five, and not on the results and

180
00:14:23,600 --> 00:14:29,770
compare them with these puts on revisioning, but so are the police with this report.

181
00:14:29,790 --> 00:14:38,060
So if there are any extra listening posts on in this table, then these votes are already exposed to

182
00:14:38,060 --> 00:14:38,690
internally.

183
00:14:38,750 --> 00:14:41,830
They are not exposed outside to any other network.

184
00:14:42,110 --> 00:14:48,920
So you can there are some interesting services that may run on the royal commission, like testing of

185
00:14:48,920 --> 00:14:55,420
observer or rather I use Web observer, etc. So those may be implemented already for the internally

186
00:14:55,460 --> 00:14:56,710
for the testing purposes.

187
00:14:56,720 --> 00:14:58,900
So they are not exposed to Alternativa.

188
00:14:59,060 --> 00:15:09,440
So in that case, it's a very important attack for those testing websites are testing services that

189
00:15:09,440 --> 00:15:10,520
are running locally.

190
00:15:11,960 --> 00:15:19,460
So I think that so far this year we have got system information and information and users information

191
00:15:19,460 --> 00:15:24,100
and further information and also Internet services.

192
00:15:24,530 --> 00:15:26,450
So I think this is a basic configuration.

193
00:15:26,450 --> 00:15:32,910
We can just go ahead and run these comments in the basic of a low priority.

194
00:15:33,620 --> 00:15:39,650
These comments will work perfectly because it's a normal share and this does not require any libraries

195
00:15:39,650 --> 00:15:40,600
or any passwords.

196
00:15:41,180 --> 00:15:46,830
So this information can be used for much more enumeration and prescription.