Hi. Welcome back to the course. In the last video, we talked about a tool called Nick Tow that could be used for foot printing and mostly to find vulnerabilities with websites.
In this video, we're gonna talk about a tool called the Harvester that can also be used for footprint. Now this tools useful for gathering information about, like some domains employee names, e mails, as we mentioned again in the introduction lecture for foot printing. It can also grab things like open ports and banners, et cetera, et cetera.
So it's going to gather the information from different public sources. So regular search engines, like a Google of being Yahoo search, is if everyone, anyone even uses that anymore now and then also, uh, different ones, like showdown as well. So, you know, essentially, again, we talked about that, C quote unquote, the hackers search engine.
So the main requirement for this lab is just gonna be Callie linen. So whether you want to run it locally on your computer, look, I'm doing here inside of a virtual box image or if you're gonna do it inside of the cyber labs, where if you have access to something else, like the school or something, and you just want to do it through there. You just need the Kelly desktop with the terminal access.
So step number one here just launched a Cali machine. If you're not launcher ready and go ahead and get logged in again. The username for Callie is gonna be route, and then the password is gonna be tour T o R.
Ah, step number to open a terminal window, which I actually already have opened here. And then step number three. Once you have the terminal window open, we're gonna go ahead and type the harvester altogether, and then a space and then a dash lower case h. So let's go and do that now. So we're gonna type the harvester
again, all together in all over case and then a space in the dash, lower case age, and then just press enter on your keyboard.
So that's going to just show us to help file for the harvesters. You see, we've got some different types of commands we could do here.
Now, what we're gonna do actually for this lab, we're just gonna grab and use this one here. We're just gonna modify this particular example Command, and we'll talk about what we're doing with this particular command. So
stuntmen are Steven and step number four here.
We're gonna use that example as I mentioned, and we're gonna type in and we're just gonna modify the amount. We're just gonna modify the 550. So let's talk about what we're doing here. So we're attacked. The harvester, Obviously, that's the tool Name? Ah, Space and then a dash and lower case D So D the dash lower case D allows us to specify the domain or company name.
And this example we're gonna use Microsoft dot com
the dash l which is the next one there. So after Microsoft dot com, we have dash lower case L that's used to limit the results. So you'll see here we have that switch right before we put the 50. And so we're gonna limit our results to 50 and not the 500 in the example.
We have another space and then the dash B all over case again. That's you used it to find the data source, and we're gonna use Google as our data source,
and then the dash h just allows us to use the showdown database. Actually, query any discovered owes discovered host. Excuse me.
So let's go ahead. Talk that in. So we're gonna type in
altogether. All one all one word together,
a space and then a dash lower case D again that allows us to specify our domain. We're gonna put a space in the Microsoft dot com.
Another space a dash l, which allows us to limit or searches to 50 which is where we're gonna put another space, are dashing. Be to allow us to specify our data source, which is gonna be Google's. We put his face and then Google
on then another space a dash H
that allows us to basically query the show, Dan search engine and showdown database,
and then just my results dot html.
All right, go ahead and press center. Now, I've actually already run the scan over here. Something's gonna click on that window there. So
must but look back on our lab document and take a look and see what kind of information we might have.
So question number one. Were you able to see any I p addresses at all in the output? So on your underthings. You notice any I p addresses,
All right? Yeah. So I So I do too. I see several of them there. So all you would want to do, basically, just jot a couple of these down. I was asking the question here, you know? So basically, I'm just gonna throw a couple in here, so I've got me come over this way a little bit.
I've got a 102.230 dot 66.167
rookie mistake. Right there, guys. Rookie mistake. Enable editing. There we go. All right. 1 92 That's works a lot better.
So, uh, you know, way like that. You know, we like that feature on Microsoft
products to help protect us from macros. Doesn't do any good we had when we actually have to edit the document. But that's okay.
Eso won 92 to 3 hours. 66167 I just throw another random one down and you guys don't have to follow along with this. Just shot down the couple that you want to grab on. And again, we're just kind of looking at our information here and gather in some information.
So, uh, question number two here. What other information did we find? So take a look at that. What do you see here?
All right. So, yeah, I I see the same thing. I see some different listings for the domain name, so I see you know, windows Microsoft dot com. Support that Microsoft dot com privacy down Microsoft dot com, You know, So I see a lot of different things, and they're also found an email in first up at market on dot com, whatever that is.
So it gives us some good information. Obviously, Microsoft is gonna keep a lot of those things private,
but we could use it on, like a smaller company. And potentially, if they're not security conscious, get gather a lot of information on them. So it is a good tool to use. So in this video, we talked about the harvester. We basically just did a quick scan on Microsoft dot com to see what kind of information we get from them and then also from a showdown
searching inquiry. A door database query.
Yes, we were able to pull some decent information. We got some I p addresses, some domain names. We even got one email address. At least I did on my end. So we got some good information to work with. Moving forward.
So in this video, we just went over the harvester. And the next video, we're gonna talk about showdown. So again, that's the hacker search engine.