Part 3 - Discovering Services

Video Activity

A key step in pentesting is discovering services. By knowing what services are running on a target, we can then dig further into uncovering potential vulnerabilities to exploit. In this video, Dean discusses the services command and demonstrates how it can be utilized to uncover vital info about a target such as its ports and the protocols running ...

Join over 3 million cybersecurity professionals advancing their career

Sign up with

Required fields are marked with an *

or

Sign up with Google

Sign up with Apple

Sign up with Microsoft

View all SSO options

Already have an account? Sign In »

Course

Time

5 hours 38 minutes

Difficulty

Intermediate

Video Description

A key step in pentesting is discovering services. By knowing what services are running on a target, we can then dig further into uncovering potential vulnerabilities to exploit. In this video, Dean discusses the services command and demonstrates how it can be utilized to uncover vital info about a target such as its ports and the protocols running on them along with their state.

Video Transcription

00:04

all right. So if I want to go further into looking at FTP, for instance, I can run

00:09

Thea Service's command

00:12

and notice that I can

00:15

used the I'll go back to the help screen. But I can specify the port

00:21

that I'm interested in.

00:23

This is just a way to correlate information, right? So I know FTP runs on Port 21

00:31

so I can say show me everything that's running on poor 21.

00:35

If I wanted to search for a different way, I concerned by the name I can search by the

00:40

by the port number by the protocol. I can also narrow this down by specifying columns. Maybe I Maybe I don't care about the the host because I already know that

00:50

I just want the port

00:52

pro

00:55

and state.

00:58

Now I see that poor 20 one's open on this.

01:00

I guess Host gets provided by default. But

01:03

there's the pork. There's a protocol, and the current state

01:08

I could do the same thing for something like sshh, right. That should be

01:14

Port 22.

01:17

So there's my SS age information

01:19

and

01:19

as before, I can

01:23

Onley display looks. I could only display those columns, which

01:27

I'm interested in port protocol of State. Maybe I don't care about this info information, although that certainly is useful to know which specific version open. Sssh! I'm running. There might be vulnerabilities there.

Up Next

Part 1 - Login Attempt

Part 2 - VNC Scanner

Part 4 - WMAP Scan

Part 5.1 - Nessus

Instructed By

Dean Pompilio

CEO of SteppingStone Solutions

Similar Content

Metasploitable

This assessment is designed to validate students understanding of the Metasploit framework. These challenges will ...

Metasploit Skill Assessment

Metasploit Skill Assessment

One of the largest penetration tools out there, Metasploit is a penetration testing platform that ...

Advanced Penetration Testing

Advanced Penetration Testing

The Advanced Penetration Testing course teaches the cyber attack lifecycle from the perspective of an ...

15CEUs