19 hours 55 minutes

Video Transcription

I welcome back to the course. In the last video, we went over a tool called the Harvester, so we were able to use that to get a lot of different data. We could do things like looking at a particular website or gathering email addresses, looking at employees of a company and gather information about them. So a pretty robust tool for what we might need it for
in this lab. We're gonna talk about a tool excuse me website called Showdown, which is a search engine minister, and have her talk to me. Talk about it during this course. Essentially, it's called like the hackers search engine, and what it does is allows you to see potentially vulnerable devices
out there. So including even like coyote devices like a refrigerator or one now.
So the only requirement for this lab is gonna be actually a Web browser. So if you want to do this on your local computer, if you want to do the side of a Cali machine or other virtual machine, if you want to do this side of the cyber relapse, it doesn't matter too much where you do it just as long as you can access the Web browser, and you're good to go.
So step number one here. We're gonna actually go to the website, which helps us a lot. So you can either do a quick Google search for show, Dan, or you could just go to www. Just showed an dot I Oh,
and that will go ahead and pull it up for you.
So Step number two. Very important. You're gonna have to register for an account to be able to do like all the filters that we're gonna click on S O. Go ahead and just do that. Go ahead, pause this video if you need to and get logged in there and registered and everything. And you also will have to verify your email as well. So it takes a little bit of time.
So once you've created and verified your account, then you can actually start searching for devices cause you'll be logged in.
So we're actually just gonna do a search for a Cisco router. So the way we do that as we just come to this little search box up here and you see, I've already searched it, but with his type it in Francisco and then router.
And then either press center is click on this little magnifying glass here. Either one's fine.
It's gonna take a moment or so. And then what is going to do is pull up a list of I P addresses and devices for us.
So we're gonna see devices from all over the world once it pulls up here.
Eun, if it pulls up,
there we go. All right,
so we do see the devices from all over the world. You know, we've got Julie, United States, China, et cetera, et cetera. You know, depending on how many in each spot, there's a there's a whole lot of devices there, So let's get back to our lab document here,
take a look at what we should do next. So numbers four here, we should click on, we're gonna click on a country on the left side, so I'm gonna actually choose the United States. You can choose whatever you want to if you want to look at China or something like that. But I'm gonna choose the US just cause that's where I'm at. So let's go ahead and click on that.
It's gonna take a moment or so, But then it's gonna truncate the data and filter it to exactly what we want.
So we see here we have a lot of different devices in the U. S.
So step number five, we could also, you know, filter it down by the particular city if we wanted to, as well. We can also look for items. I just have a certain top service running, Um, top organizations. Now, that's not generally not gonna be like your actual, like that's hey, that's the target company. But it's gonna be like your cable company. Essentially.
Hey, this is a, you know, a Comcast motive or whatever that
whatever the case might be.
So question number one here Do we see any user names and passwords? So let's click back over here. So in this section here, anywhere do we see any user names and passwords?
All right, So, yes, we do see that somebody's still got a default user name of Cisco on a default password. Francisco. So the answer to this would be yes
and showed. And again, it's a great tool. Find a lot of different types of vulnerable devices and, ah, you know, it really, really helps you, especially in the more advanced
features that allows you to really dive deeply towards particular vulnerable devices for a particular company. So you could really, really get down to the wire here.
So this lab we just went over showdown showed you just a quick query with Cisco router. And then we sorted by our country was in this case that shows the United States in the next lab. We're gonna go over Google hacking. So we're gonna go over the Google hacking database and then also like some of the different commands you might need to know for the certified ethical hacker examination.
And I do want to stress that if you haven't downloaded the
Google hacking commands document, go ahead and do so. That's gonna help. You won t take the axle exam. Now they don't They don't make you, like, go in there on my Google hack, but you will. You may see a few questions on it regarding the commands, and so just make sure you know him, practice him a little bit

Up Next

Penetration Testing and Ethical Hacking

Do you like breaking things or figuring out how things work? Join thousands of professionals who’ve entered the information security field by taking this class. Taking this ethical hacking course will give you the skills needed to become a professional penetration tester and prepare you for industry certifications, like the CEH.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor