Time
2 hours 24 minutes
Difficulty
Beginner
CEU/CPE
3

Video Transcription

00:00
Hey, everyone, welcome back to the course. So in the last video, we went ahead and Randich command with our tools Zen map, which again is just a gooey version of en map. We went ahead and checked the to see if we could find out the operating system of our target, which in this case, our target system was the server or the P Lab D C 01 server, which is the Windows Server 2012.
00:20
And we also checked to see if any ports were open, which again, we were able to see that Yes, they were.
00:25
So, in this video, we're gonna talk about Dana swells finger a couple of commands, and we can run to potentially gain information. Eso dig is a tool, a tool, a slash command that we can use to potentially do. Deanna's don't transfer. So in our lab today, we're not gonna actually be successful at it. And I'll show you where I'll talk about why that is
00:45
in this particular environment.
00:47
But you could potentially use it to do a d. N s own transfer. But that being said, most companies are secured against that. But you may, if you're targeting like a smaller organization as part of a penetration test, you may find that they're They're, uh, Web server may be vulnerable to this type of attack.
01:04
And then we use the finger command where we'll just take a look and see if there's other user accounts on the particular system. So I've left up from the previous lap. I've left that up because most people are just gonna be continuing through. So all you want to do here with the Zen map, it's just minimizes. So this little dash on the top right here just go ahead and click on That
01:21
might take a second or so, but it'll minimize it. And all we want to get to is our command window. Are terminal prompt that we've had open before?
01:27
What you want to do here is you can either close it out or you could just hit the enter key a couple of times and get back to the thing. The prompt there. So you'll see. I'm back there and I'm just gonna type clear and then enter just to clear out that previous command.
01:42
All right, so we're going to do now
01:45
is we're already past all these other steps. So if you continue on with from the previous lab that you're past all these initial steps here of logging into the Windows 10 machine
01:53
opening DNC viewer type in the password connecting to the Cali machine opening the route terminal, we're actually passed all those steps steps one through six. If you continue down from the previous lab, you're good to go. If you haven't, then go ahead and policies for the video and just follow the steps to go through and launch the terminal window that you see in the background right there.
02:14
All right, So if you've positivity, don't come back after you did those steps or if you just continue on from the previous lab and you follow along with the steps that I just did, then we should all be a step number seven right here.
02:25
So we're just gonna go ahead and type in this particular command and again, our attempt, at least, is to try to transfer the zone. As I mentioned already, it should be unsuccessful in this attempt based off the security settings of this lab. But I just want you to understand what we're kind of doing here?
02:42
So let's go ahead and type this command. And here's what we're gonna do this dig a x f our practice
02:49
or i p address at the end here. So let's go and do that now.
02:53
So what is type in dig? So just like we normally do, we'll do a kind of step by step, will type in, dig all over case will put a space,
03:00
and then we're gonna type in a x f r all over case
03:04
a x fr will put another space
03:07
that we're gonna type in practice. So practice with an S
03:13
dash labs dot com.
03:15
So, again, all over case here. So practice
03:19
with an S
03:21
dash labs dot com
03:23
and then finally will put a space. And then we're gonna put our i p address here. So the 102.168 dot 0.1.
03:30
So 192
03:30
168.0
03:35
0.1.
03:37
All right, So once you've talked it and just go ahead and hit the enter key on your keyboard is gonna go ahead and run the command on and you'll see almost immediately it actually failed right on. That's because we. This particular set up is secured against that, so we should get that immediate failure.
03:51
What you normally would see if this was successful is we would actually get some output regarding the Deanna's transfer on that, we were successful.
03:59
So a couple of simple questions. Question number two, we actually just answered. So do you see any of the zone information? Were we able to actually transfer the zone? You'll see in this case that we were not successful in that pond. So we do see some information regarding what we're trying to do with practice that sh labs dot com and then the i p address here.
04:17
Now, what were we were not successful in our attempt?
04:21
And then the first question here what is dig stand for? So I did not mention this. So if you want a possum video on Google it real quick or if you actually know that information, just go ahead and think through what that might stand for.
04:32
All right, so dig stands for domain information, Groper. The name is kind of creepy with the weather of the last part of it there, but basically domain information gropers is what big stands for and again. It's basically used in one capacity releasing the capacity. We would want to use it as a penetration tester for a d. N a stone transfer at least attempting
04:53
to do a Z Deanna Stone transfer.
04:56
All right, so let's move on to the next part of her lap here again, we're gonna be using the finger command in this will wrap up this particular lab.
05:01
So here in our terminal window, this Go ahead and try to clear if you want to and hit Enter or you can just move on with the lab. It's got up to you. I was like this. Clear it out and move on to the next command that I'm gonna be doing.
05:14
So this situation, we're just gonna be stepping in finger space. Dash Chlor Case s space route.
05:21
So it's going detected. And now, So finger
05:25
space dash lower case s
05:28
space route all over. Case.
05:31
All right, So go ahead and run that commander pressing intern a keyboard there. What? We're specifically looking for us to find out if we find any other users loved and besides route, because obviously we specified route and that's our route user there. So you see, in the background there the answer to question number one here. Do we see a any other users logged in?
05:50
If Yes, right. The user name there.
05:53
So we do see that there is a user love in which in this case, is actually route, which again we specified so we could drop that down if we wanted to you. But we see that there's no other users, at least on my end. And you should not have a different results. You should have the exact same result here. You should just see route on. So that's our user now thinking to that along the contest of doing a penetration test.
06:13
This is one command that we could potentially use to see
06:15
if there's other users on the system. So, for example, if we typed in just Finger Dash s,
06:21
we could potentially see if there's other users on the system besides our route user. And you see, in this case that hey, nobody's logged on
06:29
are. So this video, we discovered a couple of simple commands the dig tool or did command as well as the Finger Command and the next video. We're gonna jump into our vulnerability scanning

Up Next

Scanning, Enumeration, and Vulnerabilities

This course covers basic scanning, enumeration, and vulnerability scanning as part of a penetration test.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor