Time
28 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
Hey, everyone is Ken Underhill, Master instructor. A Sigh Berry. In this video, we're gonna talk about scanning and enumeration. Everyone, welcome back to the core. So in the last video we talked about skinning at a very high level, we talked about things like banner grabbing scanning systems, you know, looking, checking for live systems, checking for any type of open ports at all.
00:19
We also talked about n map a little bit, so I talked through a couple of different and map commands.
00:23
And in this video, where actually this is gonna go ahead and use and map to run a couple of scans and just take a look at the output that we get. Now I want to mention again that there's a document and the resource of section you can download is called helpful links. And in that document, excuse me is called helpful information.
00:40
And in that document, I've listed out the end map commands again. It's not an all inclusive list.
00:45
I've also listed out the different links as we go through these modules that I wanted you to take a look at.
00:50
As I mentioned in this video we're gonna be using and maps. So I'm actually gonna be using this cyber a sight, the cyber lab environment to do so. However, if you want to download your own virtual machines, you just need Cali Lennox and my display table, for example, on. Then you could run some and maps scans against those. Are you gonna scrap like a Windows VM? We're not gonna cover any of that in this particular course or in this video.
01:10
But if you want to download your own stuff, you're certainly welcome to do so.
01:14
So for everyone using the cyber environment, I've gotta step by step guide here for you. That kind of walks you through everything.
01:21
First, we're gonna find the lab. We're gonna kind of set things up, and then we'll move into actually using and map at the command command line of lyrics. Callie Linens.
01:30
So, first things first, you should already be logic to the cyber Excite. Most people should be if they're watching this video, and then we're just going to search for the Ethical Hacker, the certified ethical hacker lab. So the easiest way to do that she's type in C E. H and then just searched for that and the search box there, and it's usually they're gonna be the 3rd 1 down. The certified ethical hacker
01:49
ch in parentheses by practice laps. So just go ahead and click on that.
01:52
You're gonna click the launch. But next, and then you'll see a launch item button. That'll be the next thing that we click right there.
01:59
As always, the the step by step guide for these labs. It's in the resource of section and should make sure you download them first. That way you can go through at your own pace
02:09
are some. Once we pull up our lab environment there, the lab we're gonna be looking for is actually gonna be the 3rd 1 down. It's gonna be this implementing scanning techniques lab.
02:19
So it's this one right here. So we're just gonna go ahead and click on that and then select the start button to actually go ahead and launch the lab. Now you'll see that we've got our virtual machines there. We need to turn them on. So if you're not familiar with how they do that, all you have to do is just have your mouths over top and then select the power on option
02:36
now it normally takes just a minute or two to turn those all the way on. Sometimes they'll splash up quickly like that. Other times it might take a minute or so.
02:45
I'm gonna pause video briefly on my end to give them a chance to boot up, and then we'll come back in just a moment.
02:50
All right? So you see in the background there that all of my machines are booted up the way we know that as we see the on buttons here. Now, if yours are not booted up, you're just going to posit video and just wait until they come up. It's generally takes like I said, about a minute or so.
03:02
Um, sometimes it's a little quicker than that, So just be mindful of that. It shouldn't take too long. If it's thinking a long time, you may just want to relaunch the lab.
03:09
Ah, and just see if that kind of refreshes it for you.
03:14
So let's go back to our lab guide here real quick. So we've gone ahead. We found the lab we're looking for here. We've already clipped the start button. We've gone ahead and turn on our virtual machines first thing we're going to do is just go ahead and start our enable our Apache Web service. Essentially. So we're gonna go to the P Lab s a 01 machine. So that's our server as this top machine. Here it is. Going click on the name
03:32
that'll take you to it.
03:36
And then once it pulls up, we're gonna close the server manager window instead. Seven. For us to go toe, click on the exam icon on and then we're just gonna take a look at the i P address of the machine. Now, I've actually listed the I P. Address in the next step on this lab, the next part of this lab. But I just wanted to have you practiced looking for it yourself.
03:54
So let's just close. Server manager window here. We're gonna click on the exam icon, which is orange colored button down at the bottom here.
04:00
That's gonna go ahead and enable our Apache Web service for us. Just take someone or so and you'll see. You know, pull up here in just a second.
04:08
The other thing I'd like to do that. I've found with this lab sometimes if you just want to click the start buttons here at the bottom as well. You'll get a failure on the Tomcat, but that's fine. That doesn't That's irrelevant. But I've found that sometimes you'll get an air message in the lab if you don't do that. So just make sure you click this bottom three, start buttons and just go ahead. Minimize that. Now we're just gonna open a command prompt.
04:28
So this right click there
04:29
and you get in there either Click on command prompt. I'm just old school. I just go to run and then cmd
04:35
and then from here, what is gonna type in I p config
04:42
and that's it. We just want to check the i p address of this machine. So one thing, if you ever see it out there, I think most people are good about this, but I f configures for Lennox. Only I peek of figures for window systems. I've seen some courses out there that will, like mention I p configures for Lennox and, you know, kind of swap them around. But I think maybe that
05:00
the instructor on those is just kind of miss speaking
05:02
Anyways, that that's not relevant here. We just want to make mention of that if you're not familiar with basic networking stuff,
05:09
so we see here we have our I p addresses. 1 92 16801 Again, I've already listed that out for you in the lab guide. So you could just excited that you can also just type exit at the command prompt there if you're not familiar with that, and then we're just gonna go back to our step by step guide here. So we've gone ahead and in part one here, let's move on to part two of our lab.
05:27
As I mentioned, I've already listed out the I P. Address. When you do
05:30
check against its down here and that's the server I p address that we just found.
05:34
So the next step we're gonna do here is we're gonna connect to the Windows 10 machine, So let's go and do that. Now, that's that P lab win 10. This one right here.
05:44
So the way this lab is set up, we have to connect through the Windows 10 machine to the Talia Lennox machine. For those of you that are using your own virtual machines there, you don't actually have to worry about doing that. You can just go ahead and connect to your calendar Lennox machine, and just run the commands from there.
05:59
Now, you know, sometimes in these labs you'll get this weird message where it doesn't go through stuff. Sometimes you may have to reset that particular machine. Other times you'll see it finally pulled up for us there. But sometimes you may have to reset. The machine should just be mindful of that. Sometimes there's a little glitches in these virtual machines, and you just have to kind of just for those
06:17
you'll also see that they'll get It was a little script running in the background there that will splash up briefly, and it should go away in just a second. Once it does, we'll go back to our step by step guide here. Once it does, we're gonna go ahead and click on the V NC viewer icon that's on the desktop here. You kind of see in the Vaca background that orange icon there
06:35
and then by default, it should show us that Callie Lennox I P address. We're just gonna be putting in a password, essentially right. We're gonna click on connect, and then we'll put in this password right here. That is a zero and not a capital O. So just keep be mindful of that as well as we type it in.
06:50
So we've seen that command prompt Windows gone away. Our script is finished running there in the background. We're gonna go ahead. And as I mentioned, double click on the V. NC viewer icon Looks like a little tiger's eye. So just go and double click on that.
07:03
It'll pull up the box here and by default, it should put in the Cali Lennox I p address for us. But if it doesn't, I've got it listed in this step by step guide for you. Just click on the connector button here, Gonna prompt you for a password. Just type in capital P. Lower case A s S W the number zero. So again, remember that zero. Not a capital O
07:23
on the lower case R D
07:25
and then just press okay or just hit. Enter any keyboard there, and that's gonna go ahead and launch to Cali Lennox machine for us,
07:31
it's usually pretty quick about launching. Once it launches, you're gonna notice this air message here that usually happens. Just click the okay button or just X out of that. That's irrelevant for what we're doing in this lab.
07:43
And then your next step is double clicking on this route terminal icon right here that's gonna actually launched a Cali terminal for us
07:50
and you'll see it in the background there. So let's go ahead and go back to our lab guide there. So we've gone through a couple of steps or I just kinda went through him pretty quickly. So if you fell, I went to Fascist Posit Video and just go through step by step here we went ahead and connected to our Callie machine by putting in the password they're using V NC viewer. And now we've gone ahead and double click the Rude Terminal icon.
08:11
So what we're gonna do now is just type in our first and Matt commands. We're just gonna do a quick since can, so we're gonna type in and map the dash Lower case s Capitol lesson in the I. P address. We're gonna put a space in between all of those.
08:24
So what this is going to do when we run it like that? If we don't specify, like a range of ports to run it, Run it against what end map does. It runs a scan against the first you know, 1000 well known ports on, and we're probably not gonna get 1000 ports back, but it runs. It runs it against those to give us a CZ much information as possible. So let's go ahead and just type that command in there.
08:43
So n map space, dash, lower case s capital s space, and then our IP address, which is 102.168 dot 0.1.
08:54
I just press and Turner keyboard there. It's gonna take a moment to run this scan. So we're gonna go ahead and pause a video here and we'll pick things back up in the next video with the rest of the lab. We'll take a look at the results we get
09:07
and you'll actually notices. I was talking there. I wasn't paying attention to the I P address has tweeting in so actually typed in the wrong one there. So let me let me type in the one they're on, and that will be it. So a great way to double check yourself in. Make sure you're not driving in the wrong I p address their eyes to actually just double check yourself before you run the command.
09:26
I was busy talking and not paying attention. So,
09:28
uh, this one should work. Let's go ahead and run that scan there. That should actually work. That's a real I P address in this virtual machine on. And so, like I said, I'm gonna pause a video briefly here and we'll pick things back up in the next video with the actual results of our scan.

Up Next

Scanning and Enumeration with NMAP

In Scanning and Enumeration with NMAP, Ken Underhill gives an overview of scanning and the scanning methodology, which is the process of collecting information on a network using technical tools. Ken Underhill uses an Nmap lab to demonstrate this process. Nmap is a powerful tool used by both attackers and defenders to scan networks.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor