2 hours 37 minutes
Hi, everyone. Welcome back to the course. So in the last video, we talked about open source intelligence and we talked about some of the tools that will be using throughout this course.
In this video, we're gonna use NS. Look up. So, inside of Microsoft Windows, there's a tool named in its look up. We're gonna go ahead and run that at the command line and we'll see what kind of input we get back on our particular target. In this case, our target is gonna beat Microsoft dot com, which is what we use throughout most of this course.
Now, I've also in the lab document here, which again is available for download on the supplemental resource is Section. I've listed a link to where Microsoft has a helpful page where you can find more information about Ennis, look of commands. She'll be able to see the broad spectrum of commands in that particular document.
Now, we're not gonna be covered. All those in this lab will just cover a couple of the commands and take a look at what those air telling us. But again, you can use that. It's a resource for if you want to do further study on in its look up
now, since we're using a tool in Windows, obviously as a requirement of this lab unity of Windows operating system. So whether that's in a virtual machine like I'm doing with Windows 10 or if you're running it on your local computer inside your windows, that's perfectly fine as well.
Some of the steps in this lab I do want to mention that someone steps in this lab made very based off, in particular a version of Windows and specifically the steps that may very are pulling up a command prompt window. So in most cases, and most versions of Windows, you would go to the start menu through a search type command or just select the command prompt window, and it would open up for you.
But again, that specific steps you're going very based off your version of Windows.
Now I've designed the lab guide here around Windows 10 which is a good video, OS said. I'm using, but you know, you just want to adjust it based off your particular version of Windows.
All right, enough talking. Let's go ahead and get started here.
So from your Windows desktop screen. We're gonna go ahead and launch our command prop windows I mentioned.
So what I'm gonna do here on Windows 10 is I'm gonna right click at the very bottom left here. It looks like four little boxes. And I mentioned that in the document here.
So we're just gonna right click on the start menu there and then go to run.
We're gonna type in C M D. You see, it's already in there, but I'm gonna just type it in anyways. Then either click okay or just pressure and to enter on your keyboard. You'll see it'll open up the command prompt window for us.
I'm just gonna maximize that a little bit, just a little easier to read for everyone
and actually will probably go ahead and change the font size too, because I think it's gonna be easier to read. So let me actually back up. In case you're not familiar with changing the fine size, I don't have this in a step by step, but what you would do in the command prompt here, Just right. Click on the bar up here s o again. If I minimize that this is a top bar the command prompt window.
So if you just right click on that
and go two properties, it's gonna give you some options as far as the text. So I'm gonna go to the font, and I'm gonna go to the size and increase that. Now, Of course, you can change your font and all that good stuff. I don't worry about that, but I'm gonna go to say 20 or so, just to make it a little easier to read.
So once you change that, you'll actually want to go ahead and relaunch the command prompt window. So same steps as before. We just right click, Go to command.
Poppin cmd press enter,
and it's a little bigger now, so it makes it just a little easier to read.
All right, let's go back to our lab document.
So we've gone ahead and open our command prompt window. Now we're moving on to step number six. So step six here. We're gonna type in this command right here. So, anise, look up space and in the question mark. Now we're gonna press the enter key after we do that.
So let's go and do that now. So and it's look up
must face in a question mark
in his press. Enter. So all we're seeing there is just a brief little help. Menu kind of shows us the syntax of what Dennis look up would need to be. But again, it's not. It's not an in depth help menu, meaning that doesn't show you all the different switches, etcetera. So that's partially why I linked that document for everyone. So that way, if you want to play around with this, look up,
you'll have enough resources to do so.
All right, let's go back to our lab document.
So we went ahead and did Step six. We were able to pull up that many help menu for us.
Now we're on to step seven here, so we're gonna actually run a command against Marcus off dot com. So what is gonna run? And it's look up and then Microsoft dot com,
specifically what we're looking for us if there's any output. So pay attention to those couple of questions. I'll be asking those in just a moment.
So let's go ahead and type this. Since we're gonna type in anise, look up
a space and then Microsoft dot com so No. Www. Here. We're just type in Microsoft dot com.
Let us press center in the keyboard.
All right, So you see, we get some output back, so let's take a look at those couple of questions.
Yes, We see. Question number one here. Do you see any information in the output regarding the local V. N s server and Gateway? So your local D n a server in Gateway. Do you see any information on that?
All right, so for me, I do. Right. So I see right up in here, I'm actually using Comcast for my router. And so this is actually the default gateway for that particular router.
So, yes, I do see my information in on your end of things. You should see that as well.
You won't specifically see Comcast in you unless you're using them. But you'll see your local Deanna's router and sees me, your local gateway and everything.
So the next question here question over to Do you see any information on our target company? So in the south, put Do we see any information about Microsoft dot com?
All right, if you answered Yes, you are correct. So again, we see some I p addresses down here. When we see our Microsoft dot com right there,
let's go back to our lab document.
So the next thing we're gonna do is we're gonna type in these commands right here. So we're gonna do Ennis, look up to basically Director Command prompt. You know, we want to use that. It's look up. We'll hit. Enter there weren't set type A
enter and then Microsoft dot com. So what this is going to do is basically just mapped the domain name. So Microsoft dot com it's gonna show us the i p addresses associated with that.
So let's go and do that now swirling type in and it's look up. First
All right. Now you'll see that Give us back our default gateway and everything. But then it changes a command prompt line right here. You know, it's just a narrow, so that way we know we're in the correct spot.
So now what if I'd been set
and then no space, no spaces at all here, We're just gonna do the equal sign in a lower case. A.
Now we're gonna press enter again. Again. It looks like nothing happened, but something did. And now we're just gonna type in Microsoft dot com
and then just press enter on your keyboard and what we should seize. We should see information back. So you'll notice that the information is similar to what we had seen before, right? There's a little difference as faras where the I P addresses are listed at. So, for example, here we have $13. 77 appear. It's the top one at 13 got 77.
But in any event, we're actually getting that information back.
All right? So question number three
what I p addresses. Do you actually see so on your on your paperwork there, just go ahead and jot down those different I p addresses. Just so you have those.
Now, if you were doing a real penetration test, you would just wanna grab those enthronement of separate file. So that way is your collecting data. It's all of one spot for you.
All right. Our last step of this particular lab just looking to see if we could find any information about the public mail server. Now I've listed the Ennis look up as he starting step here. However, you don't actually need it. If you've continued the laugh from this point,
If you were back at the original command prompt. So the C users, etcetera, etcetera, than you would want to type in endless Look up to redirect the command prompt and know that you want to use and this look up. But since we're already inside of the tool, we should be able to just type set type mx and then Microsoft dot com.
So let's go ahead and do that. Now we're just gonna typeset space type.
And then again, no spaces here so equals
in the lower case Camp X.
We're gonna press enter on a keyboard,
and then we're gonna put our domain so again, Microsoft dot com
and then just press an enter again.
All right, so you'll see that we get you some information back. So let's take a look at that last question we had in this lab.
So what kind of information do you see that we get back? So after we talked that command in what do we see?
All right, so we got to see the default gateway again, and you'll see that with many of the command you're gonna run, so that's not really what we cared about. But what we did care about was down here.
So we don't get a lot of information back from the server. A ce faras the mail exchange information. But we do see that. Okay, well, here's the u R L that my Microsoft's use in. We see the MX preferences 10. So it gives us some very basic information
again. When you're targeting a large company, a lot of these things are more secure.
Um, but there's many avenues to get into those companies.
All right, so in this video, we just went over a very brief introduction to Ennis. Look up. We ran a couple of commands and see what kind of output we got. We also wanted to see if my putting in Microsoft dot com would give us back in the i p address information. And as we could see, we got five I p addresses back. Whether or not those are actually valid for anything useful, we don't know
recent footprints stage. We don't know that stuff, but it is information that we did. We were able to gather and that we may potentially use for things later on.
All right, so in the next video, we're gonna talk about who is so it sze. Basically, you're our website. We're going to We're gonna talk about who is well, actually run a search with it.