Time
14 hours 43 minutes
Difficulty
Advanced
CEU/CPE
15

Video Transcription

00:01
Hello, everybody. And welcome to the episode number five off the icy beakers. Bushell
00:07
My name is Alejandro Gonna and I'll be your instructor for today's session.
00:11
The Learning Operatives of Decision is to understand some well known bash commands created understand some bash script and be able to create your own scripts are to be used in your penetration testing process.
00:26
So let's get a starter.
00:29
Okay, so let me clear. Here. Um well, you can run bash script from the terminal or about actually executed at Bash File. For example, the most basic commands the Cookman, which will just bring whatever you passed to, you know, today. Actual command. So, for example, Hello.
00:50
Ah, Sai Berry
00:52
World.
00:54
And you know nothing. Friends here used to actually bring that. Let's create that in a bash file or, you know, bash script first will use the Nano Tech center. You can use any other Richard like them. Boom would use Nano for these sessions.
01:14
Eso basically the basic command as to let me just remove
01:19
and created, you know, again nothing that actually they decide they want the file doesn't exist. The bash file, I mean and so created with Nano.
01:33
Ah, and you know, we'll tell him that whatever we seen this file, it will be executed with the bash
01:45
and, you know, just echo on.
01:49
Hello, Sy Berry.
01:53
We exit, we save it. And you know, we will do use now ch mode to assign permissions. Seon Schmo, Disa commanders, You know, uh,
02:05
its uses symbolic permissions. Ah, to assign into the user you know, which we're using right now, as you can see its root. You know, you could be using any other user
02:16
to the group itself and any other command. I'm sorry, user process demon. Whatever is running in your Kali environment. So three type of you noticed Reset of permissions for your user, for the group and for any other entity or command, or I'm sorry. User processor demon
02:35
being executed in your car. The environment. Um and you can use three different numbers to assign from permissions. For example, if you use the number four, you will be assigning rate permissions.
02:47
If you use the number two, you will be assigning right permissions and use. If you use the number one, you will be assigning execute permissions.
02:55
Ah, but what happens if you want to assign all of them. Well, geek is, just perform an addition and, you know, four plus two plus one and will be seven. And you will be assigning all the permission. So, for example, for this specific, um, let me just
03:13
show it to you here, Savory. He doesn't have execute permissions or any other permissions at all. Um,
03:19
but what happens if I want to sign execute permissions to all of the users or I want to sign all the provisions to all the users? All the groups and any other brasses are application. Are user being executed in your Carly environment? Well, I can simply just type
03:39
th mode 777 Remember, the 1st 1 is for the user. The 2nd 1 is for the group and the 3rd 1 eyes for any other process or divan. Our user in the Kylie environment.
03:54
So, in this case, thesis
03:58
bus, ex script, I will. You know, everybody will have right, right and execute permissions over this cyber a script.
04:05
And if we type unless again, as you can see, it's now green indicating that it can be executed.
04:13
Um, so just executed Reno
04:17
and you will just print Hello, Cy Berry. As we just input a simple recommend. Eso
04:25
Let's see, you know, how can introduce loops in due in this bash script. First of all, let's start with the most simple A little Pikus, which is
04:39
we erased that here,
04:41
which is the wild loop, for example. That's just start the variable end, which is equal to one. And then we can just type
04:49
while.
04:51
Well, this, um the variable end
04:58
is the land
05:01
equals five or the is five.
05:04
Ah, we just do here. I'm sorry
05:09
and just type echo
05:12
Cy Berry
05:15
and
05:15
times
05:17
and we just another and increment that by one
05:23
equals
05:28
m plus one.
05:30
And we've done
05:32
we exit was safe. And since he already has executed provisions by anybody
05:39
with type it and we're running and as you can see five times, nothing fancy here,
05:44
um, you let's see, How can this be done
05:47
by the way
05:49
Four loop
05:51
and we just erase everything here and Ford open parenthesis.
05:58
Counter
06:00
eyes equals five.
06:04
Connor
06:06
scraping there, Sarah
06:10
and counter meaning my dash dash.
06:15
We closed parenthesis. We do something here, which isn't. This case is print the number
06:28
and we're done and just print.
06:30
If so, we can leave a space in between.
06:38
Okay,
06:39
that's executed. And
06:42
54321
06:44
That's it.
06:46
Ah,
06:47
let's see. Well, that's two ways. You can use loops in a bash
06:56
script. You can actually use any other you know, loops. Or maybe you can actually, you know, use a combination of both or ah, loop in other loops to create any other test. You may 1. Uh, but let's see, we can actually get an input from from the
07:15
command line from the terminal.
07:17
So let me just again here and eliminate all of this. And let's start with simple echo. Sorry.
07:29
Cantered your name
07:32
and we receive name
07:35
and echo.
07:39
Well, come,
07:41
you know,
07:43
wait up
07:45
up another Seth parenthesis. And here we type,
07:48
um,
07:49
name
07:53
and to the cyber very
07:57
class.
08:00
We save it, and we ran it. Entered your name.
08:03
Welcome. 100 to the cyber class. A simple is that you know, you can also use, uh, let me just eliminate this.
08:13
You can also use if statements or you can actually Yeah. You can actually use Eva's statement and combine it with an and logic or off or logic. I'm sorry.
08:24
Um, let's just
08:26
let me just give you a single example again. We'll be reading a username.
08:35
A great name,
08:37
time sort of user in,
08:41
um,
08:43
enter password re bus work.
08:48
And, you know, if let's start the if statement here,
08:54
I'm sorry.
08:56
Let me just copy that. Because the lead with a lefty.
09:05
So in this case,
09:07
if user name is equals at mean and
09:11
password is equal secret on then Bali user, otherwise invalid user,
09:18
the gym save here
09:20
executed, entered, uh,
09:22
that mean
09:24
secret, then valley users, if I put something else,
09:33
involve the user. So as you can see, you can use an if statement while getting input from the terminal. So it's a simple is that
09:41
you can apply the same logic while using the order statement. Or you can also use cases statements just like any other programming language mean it. Maybe you don't want to use several. If so, you want to use a case statement, you can also do that on the bashes script.
09:58
Uh, you know, Bash script can read common line arguments like any other again Any other programming language. Let me just give you another example here have Could we do that? I mean, other than just typing read
10:16
may just give you an example of that echo on total arguments,
10:24
and we read number of arguments
10:28
being best
10:31
co. Um,
10:33
first
10:35
argument is equals
10:39
number one, which is will be the first argument echo, you know, just to give you an example. Second,
10:46
our human equal, I'm sorry
10:48
equals to second and a man and a simple is that
10:54
we save it were executed, and I didn't buy any arguments of zero arguments. But, for example, all the Han Drew.
11:01
Yeah,
11:03
and two arguments. A simple is that, As you can see, this is a really powerful tool you can use. I mean, I get that you can use any other tools to perform your task, but you can also, uh, you know,
11:18
use other tools inside off a bashes script.
11:22
Let me just give you an example. A really useful example. I mean, this may be short, but, you know, you can introduce any other tools or are humans you want.
11:33
I'm sorry,
11:35
but then he just raised that here.
11:39
And let's start. If so, first of all, I will like to know if the user is actually typing any input. If it's not Woods show and accept an exception. Not an exception, but a message.
11:54
If
11:56
the top, the input or the length of the input is actually zero.
12:01
So I will actually praying the message. Just end. Ah, Echo. Sorry.
12:11
You ever
12:16
you have to enter a ballot. Sssh! Surfer.
12:22
And he will exit
12:26
otherwise.
12:30
Echo.
12:33
Oh,
12:33
sorry.
12:37
The D N s being used,
12:39
uh,
12:41
by the server
12:43
is
12:46
and we executed command. Remember? With that, we saw the command that we saw out earlier in the curse that we can actually ah, pass any specific a man or to tell sshh not to love give specifically but to actually look in
13:03
Get the command. And this just showed showers the output of that command.
13:07
So
13:09
I was looking into the, uh
13:11
shh over
13:13
that. These were once type
13:16
I p comfy
13:18
dash all
13:20
and then read that I'll put two at the n s
13:24
and close A ve.
13:26
Let's see what happens
13:28
as such, ever. You have to enter a ballad. Shh! Server getting Intersil. It's just entered a plea of my Windows server.
13:41
And since you know I said she needs a buzzword. I just
13:46
We'll take the bus here. Oh, there you have a d n a suffix connection specific. The NSF ICS Indian. A server.
13:54
Ah, some using a virtualized environment. The DNC issue? No,
13:58
the he provide I provide, sir. But, you know, in this case, in another case, you might be,
14:05
uh do my want to type
14:07
any other man. Or maybe you were just wants to connect to and specific machine enough. As you can see, you can do it, everyone. Ah, unabashed script. You have the capability of doing that. And maybe you just want a piece that you can use tools like, um, Adle decay or, ah, seed or sad.
14:28
Any other tool to actually grab this output and put it in a more useful way Or any other command actually just wants to look in an ***.
14:37
You know, you can imagine just let your imagination fly.
14:41
Yeah. You know, if you don't want a past, you know what a pass a pass award itself, or you want to pass it on the script, you can use tools like as such passed. I didn't use it here because I just wanted to show you a real simple example. But you can use sssh past two positive possible through the common line. And you don't want to, you know, type it
15:01
and you do any any other menial stuff you can just,
15:05
you know, use that tool.
15:09
Ah, What? It's Nana will. No, no, it's a text editor you can use. You can use Beam or any other text editor. You may 1 banana is one of them.
15:20
What task is performed by the CH mode 777 and file command. We'll remember that we talk about it. Ah, ch mode is a tool or a command you can use to assign permissions to a specific file. 777 is just the addition. You know, four plus two plus one.
15:39
Ah, four means that you're given re permissions to means you're It means that your ribbon given right permissions
15:48
and one means that you're giving execute permissions.
15:52
So the addition of these three permissions gives gives you seven and the 1st 7 is for the user. The 2nd 7 is for the group and this thirst sevens for any other process
16:04
application user being, you know, that is actually injure Callie or injure leanings environment.
16:12
Can you actually use loops and ifs a statement in a bash script? Yeah, actually bash. You know, when your programming and bash you can use several of the other logic or any other other commands that you can use an air of you other programming language, like a python pearl, Java
16:32
Z plus plus or whatever,
16:34
but yeah, you can use that.
16:37
Uh, in this video, we saw the basic task you can perform with bash commands and bash scripts.
16:45
Ah, we also have to use the power word of the bath script in your penetration testing process. I mean, you can use any other commands we saw example with the S S H man. But you can use any other command you want. Maybe Dudley, get Thio Donnell out and specific file. I know.
17:03
Let your imagination flights at the end. That's what penetration testing is all about.
17:08
Ah, supplemental materials again over the war over the wire war games. You will see these a lot because in the first, when you're starting to penetration, testing path or your career, you have to be very familiar with the basic commands you can execute um,
17:29
in your leanest environment. I mean, I'm I will do that. I will do my best to show you the most use ones or the most common ones.
17:37
But believe me, there's tons off other commands you can actually execute or use in your penetration testing world.
17:45
Looking forward in the next video, we'll see some scenarios implementing several techniques that we have covered so far, like
17:53
bashes, scripts and, you know, leading service's leanings commence. We'll see a combination off them, and we'll see how king we actually use that in a penetration testing process.
18:07
Well, that's it for today, folks. I hope you enjoyed the video and hope to see you soon.

Up Next

Offensive Penetration Testing

This is a deep course about penetration testing. In this course, you’ll learn from basic to the most advanced and modern techniques to find vulnerabilities through information gathering, create and/or use exploits and be able to escalate privileges in order to test your information systems defenses.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor