Time
7 hours 47 minutes
Difficulty
Advanced
CEU/CPE
10

Video Description

This lesson focuses on information gathering. Participants in this lesson will learn about the following for Linux:

  • Ifconfig
  • Netstat
  • Arp
  • /ect/nsswitch.conf
  • /ect/resolve.conf
  • Ping/traceroute
  • Nmap
  • P0f
  • Tcpdump
  • Tshark

The information gathering unit also discusses the following for a Windows environment: - Ipconfig

  • Netstat
  • Arp
  • Net
  • Nslookup
  • Tracert
  • More net

Video Transcription

00:04
hello and welcome to post exploitation, hacking, persistence and continued access. This is part two gathering information.
00:10
This is specifically the Electra portion of the class. It's designed to be a companion to the actual practical portion,
00:16
a CZ well, as, of course,
00:18
its own stand alone information. For those of you who simply want to read and then try yourself rather than watch someone else run commands.
00:26
Um,
00:27
this video is going to discussing our goals in part to as well a CZ give a quick overview of the tools they're going to be examining
00:36
goals right here are understand what information gathering is and how it's done
00:41
gain an understanding of and familiarity with tools which will be commonly used in this process.
00:47
I know what to look for in a target machine
00:50
in terms of later on. After you've gone through all of this, when you're doing the exploit phase again
00:56
to target a new machine or to kind of work your way through the network, knowing which one you should target and why
01:03
prepare for data? Exfiltration
01:04
uh, which is sort of ah half step in between this and creating persistence
01:11
and, as always, avoid notice avoiding notices. Sort of gonna be primary goal of every section because it's a primary goal of post exploitation in general, whatever you want to do, you want to do it in such a manner is to not get caught.
01:29
Things we're going to explore going to be i f config
01:33
nets that are
01:34
the N s switched out con file the resolve dot com file
01:40
pings Let's trace route Just general ICMP
01:42
Tools and map Prof TCP Dump and T Shark.
01:48
That's obviously for Lennox for Windows. We're going to explore I Peek and Pig Net stat are the net suite, which is different from Net stat. And there's a lot to it.
02:00
Quick glands it and let's look up
02:01
trace rt, which is again icmp Bay stuff. And then ah, more net sweet because really, this this is just a ton of stuff for that.
02:10
Um,
02:12
as I mentioned to slides ago, we won't understand what what information gathering actually is and how it's done.
02:20
So the biggest thing
02:22
about information gathering is that it's it's the point. It's why you're here as a pen tester or whatever you might be doing,
02:29
which again, you know, none of my business. But
02:31
keep in mind the whole Computer Fried Abuse Act. I would recommend doing this legitimately for the right reasons.
02:38
Ah, but information gathering is the point.
02:42
You break into a network to gather information to gain data.
02:46
There may be outside of the tools. I'm going to demonstrate there may be specific data you're after. It's your pen testing against a giant company like target or people or whatever you may be looking for, where they store credit card files or something to that effect.
03:00
Um,
03:01
you may be just looking for passwords to get root access to a source code server. If your pen testing a tech company,
03:08
um, to roll out information for new products, whatever
03:15
information gathering is
03:16
the most important phase
03:19
in that no matter how will you cover your tracks or how persistent your backdoor is, if you're not actually gathering good information, those two things are sort of a waste of your time.
03:29
It was going to be the largest portion of this class,
03:32
partially because, as I mentioned, it's of great importance and partially just because there are a ton of tools and there's a ton of information we're gonna look at most of the information about the way a computer can be configured,
03:45
and we're going to hopefully learn,
03:46
uh, what to look for and what's there.
03:51
So when it comes to information gathering Maur is always better. If there's a command you know of that will give you information That's not in this program, by all means. Run it.
04:00
Um,
04:01
as long as, obviously, it doesn't make too much noise.
04:04
Because in general,
04:06
the more information the better,
04:10
huh?
04:11
So with no further ado, we're gonna go ahead and end this video, and we can jump into the actual information that video is going to be current machine information gathering specifically in linen.

Up Next

Post Exploitation Hacking

In this self-paced online training course, you will cover three main topics: Information Gathering, Backdooring and Covering Steps, how to use system specific tools to get general information, listener shells, metasploit and meterpreter scripting.

Instructed By

Instructor Profile Image
Joe Perry
Senior Technical Instructor at FireEye, Inc
Instructor