Time
14 hours 43 minutes
Difficulty
Advanced
CEU/CPE
15

Video Transcription

00:01
Hello, everybody. And welcome to the Palace City cars.
00:04
Um, this is episode number four Service Management.
00:09
My name is Alejandro Gina, and I'll be instructive for today's session. The learning operatives of the session is to understand the basic leaning service's and some techniques to manage them, understand the basics out day, and it's that deep process
00:25
and identify how can you use this techniques in your penetration destined process?
00:30
Well, folks, let's get out to business, shall we? You know, in it that the is to manage service is, you know, is one of the most important on one of the most important. But they feel they must use process. You know which fort or creates other processes in Lenox?
00:48
Uh, I need that they is has a configuration directory which holds the information of the service's of demons.
00:56
Ah, being run are executed in your Colleen. It's environment or in your linens environment, for that matter. They need that d is located under day E t. C. Let me just go here and show it to you. Ah,
01:17
uh, you know, it contains all of this which will, you know, our process is executed in your Caroline It's a machine. You know, again, this is the directory which, you know, for most Lennox distributions. But in my in my change in other Lennox is. But, you know,
01:36
generally this is where you can find all these processes Are all this configuration for the processes,
01:42
you know, we can check the existing enough. They need the defile just by typing what I just know,
01:48
using the five man and just type
01:51
go to directory. And I need that. And yeah, it will the phone tell you that it exists
01:57
right there on I will bring, you know, to give you a little more insights of the processes or demons. Legis spring one. You know, for example, of a them de Monix script that contains or holds functions like start stop wrister status.
02:15
You know, um, just just this example. We just bring that
02:21
down.
02:22
You know that the Apache to demon,
02:27
as you can see, it, holds a lot of information off the Apache to process or David, where you can stop and you can stop it. You can started. You can restart it. You could do a lot off configurations in this fat. And in this process,
02:45
by calling or executing this. This is a script you have here. The same goes with other scripts. Like, for example. Shh.
02:57
You will see the same A script here holding maybe different constructions, but at the same, You know, the basics for this thing. The purpose of this curse is is to you just started. Stop it and maybe restart our city's status of this,
03:15
uh um processor demon. You know, we can't just call for example. I said just
03:23
we don't wanna print it anymore. Just once. See, for example, status
03:30
of this, as you can see, is actives running. Because us,
03:36
I actually have Let me just show it to you here with the nets that come in.
03:42
I just wrap it for the poor 22. As you can see, it's actually running here.
03:47
So But what happens if I turn off that? You know,
03:52
um,
03:55
the service
03:57
of this I don't I don't see it anymore in the next statin. What happens if I go here and check the status? Okay, is inactive.
04:06
So as you can see Ah, this is where you can manage the service's and demons being executed in your Callie environment. One thing to note is, though, Is that you can actually
04:21
I mean, what happens if you don't?
04:25
I want to start our stopped. The service is every time you turn on your Cal machine,
04:32
you can let me just start here again.
04:38
And just for the matter off the scars, I will just show to you again. So what? Well, happens if you actually want to create a process or, you know, said it a process to be executed every time you restart or start your Callie machine again.
04:56
I mean, kind of a boot persistence
04:58
capability.
05:00
Well, looking easily do that by using the update. Dash her. See that, deke? Man, let me just type it here for you. Update, you know, gastric. It's either, Ah, lot off commands that start with this, you know, But TV type R. C
05:15
um, this is the first Finally command is for that for. And so then I type shh. And just, you know, enable
05:25
This will just simply be ah said the S h demon or sshh. Process to be, but persistence. Meaning that the next time I restart or start again the process O r. I'm sorry. They're the Kali machine, the S H process or service will be a start
05:44
again.
05:45
And, you know, even if I turn off the machine again the next time I started, I started up the Cali machine. It will start the demon on the S H process for
05:58
this is a special, especially helpful. I'm just disabled here. Just, you know, just chained it were.
06:03
This is especially helpful when you're actually trying to create a backdoor or create our reverse shell for year for your penetration Testing. Maybe you want Thio. You know, you upload your exploit, sending you back river Shal or maybe a buying shell.
06:23
We'll cover that
06:26
in more detail later in the course. But for now, let's just say that you have a process that you already hacked a machine and you don't want to all other word goats into the trash. Whenever this is just this is had been restarted machines that you can just,
06:44
you know, attached your exploits to a process or actually
06:48
greater processes and exploit and said to have a boot persistent. Um, with this command, there are other tools you can use the exact same thing like r c. Calm. Let me Just stop here. I don't have those in stall in this column machine, but just so you know what, that command
07:09
RC Confident. He used it to do the same. I mean, with persistence and you can use Also use This is B dash R c dash com
07:19
to you, thanks to the exact same thing. Needless to say, these treatments can do more stuff and just just say that a bird persistent capability to these processes.
07:32
But, you know, these are the basics. The basic things you can actually do in your service is And you know, this is no example I gave you is too is when you're actually trying to throw you back or send you back a river shell or maybe creating that bind shell.
07:50
But, you know, maybe for some reason you want Thio, you're attacking machine. You went to
07:56
the S H to stay all the time on or maybe the https stay all the time on for Maybe you You executed across I a script in and you're actually waiting for connection for other clients?
08:07
So, uh, if maybe the Calais nixes started for any update, you want to do this update two actually,
08:16
actually. Include,
08:18
You know that has the boot persistent capability for you.
08:24
All right.
08:30
Okay, folks, let's see some post assessment questions. What is the main task? Performed by a need That deep process? Well, it does. This process is to actually fortune or create or manage other
08:48
Lennox processes. As we saw on examples,
08:52
you can actually, you know, started. Stop, restart. Check the status off each of the each of the demons or processes executed in your column. Machine
09:01
name one task performed by the update. The dash R C That Deke man. Well, you can set. You can use that that command to actually set a process or demon to have a good, persistent capability. So every time a machine gets rebooted or restarted, you can start the process. I can, I mean,
09:20
without any manual configuration.
09:22
What will happen if I use the update? Bashar See that d S S H enabled man. Well Ah, simple as it sounds, it will said that the but persistent capability of the s such demon. So the next time you reboot your system the SS H process, our service will be
09:41
executed. Our you know it will be running on your machine.
09:46
Well, in this video we saw the basic task you can perform by modifying or using the need that deep process you can. We also saw the basic tasks you can perform with the command update Dash dash, R C, the D Command
10:03
supplying to materials again. I will highly recommend you to go to these webpage over the wire war games on. It has a lot of commands a lot off. You will have a lot of fun on top of that because these guys made it like kind of a game.
10:20
So you will have to fast levels. And you will have to, you know, execute
10:26
different commands to to achieve what the goal is for each level. So, yeah, go there and you'll see this command and added many other commands that you can use in your Callie environment.
10:37
Looking forward in the next video, we'll see how powerful the bash shell is.
10:43
I will see some examples of them and how you can leverage this.
10:48
The capabilities of the bash in your penetration testing process.
10:52
Well, that's it for today, folks. Thank you for watching, and I hope soon

Up Next

Offensive Penetration Testing

This is a deep course about penetration testing. In this course, you’ll learn from basic to the most advanced and modern techniques to find vulnerabilities through information gathering, create and/or use exploits and be able to escalate privileges in order to test your information systems defenses.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor