8 hours 28 minutes
hello and welcome to another application of the minor attack framework discussion.
Today. We're going to get into a case study for discovery.
And so, in this case, study were really just going to touch on a tool of the trade and give you an idea. Some of the things that are out there that a threat, actor or even a standard user could just get and use with no license, no need to pay for anything. Just a simple download,
and it really robust and awesome tool to use. Whether your network administrator,
whether you're penetration tester, a security analyst, a on auditor looking to validate some system information,
I want to introduce you to the power of in map. And so if this is your first time hearing about in map, unfortunately, this is not, ah, full fledged course on in map. We're not going to get into nitty gritty details. I'm just going to give you an idea
of how to particular scripts within In Meant can provide some pretty awesome information about systems.
And so one of those is going to be the S and B een um users for a numerator. Users on the script output is simply what I got from the map site,
but it gives you the following results. And so it will do the enumeration of users. It provides you with the account information. It's got this system name over here, and then it's got another account here. It gives you a bit of a description about the account,
any password flags on the account like that. It does not expire in both of these cases. This one says Password, is not required.
It looks for this one also doesn't expire, and it's a normal user account.
And so just by running this one script, if we were able to, we could also see a number of the other accounts
that were involved here as well as it would have gotten into descriptions down below. So this is a great bit of output. If I were a threat, actor and I got on some Super user's computer and they happened to have in map already on it. One. It's awesome because I've got an administrative account, but to I can run some scripts straight from in map
and potentially get details. If I don't already have my scripts
there and ready to roll.
Another example of this is OS Discovery, which can be done within mapas. Well, now it can be hit or miss, but it is the S and B O s discovery script,
and it outputs things like the server version
the service pack information, Which is great, because if I need to know
what particular exploits would be available for this, I can go straight to the
type of operating system the service pack installed. It looks like there's some additional information here that may be pertinent
to me, understanding what's going on here like that. There may be some SQL information going on, or there may be SQL 2008 running on this system so further, helping me to narrow down what this system could be, what the value of the system is
now. The system time here is old because again, I got this from the site. But I'll have the name of the system, the domain information I've got version, information, service pack information. All of this is pertinent
to helping me to understand what I could potentially do to that system to get further access or whether or not the system would be of value to me.
Now, this is just one of many tools and so I encourage you. If you've never heard of in mapping, you're interested in learning more. I believe you can just do a quick Google search for and map in their site. They've got a full pdf version of their manual going through all the different things that it can do and its capabilities. And there are also full fledged courses here on Sai Buri
that could assist you in getting very, very detailed in some of the use cases
for in Mount. So what That amount I want to thank you for your time today, and I look forward to seeing you again soon.