theHarvester Lab

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

2 hours 37 minutes
Video Transcription
Hi, everyone. Welcome back to the course. So in the last video, we wrapped up our discussion on H T Trek
in this video order to cover a tool called the Harvester. So you will need Cali lyrics for this particular lab, and I recommend that you run that inside of a virtual machine.
So the harvester of now the harvester allows you to gather a lot of good information from publicly available sources. So think about things like your search engines are leaving, like showdown, which you covered before eso various public information places and can gather all that data and spit it out back to you.
So let's go ahead and get started. Now, Today we're gonna cover a very high level overview. So we're just gonna run a couple of commands and we'll talk about what we're doing in those commands.
So make sure you want your Callie get log in again. Normally, the password and user name for Callie are gonna be route and tour.
However, he has something different than obviously use your username and password to get loved it.
The next thing we're gonna do is open up a terminal window, so just click of this little black box on the left side here
is gonna open it. Open it up for you.
It might take a moment or so, depending on your connection. Speed. This box is so slightly slower than some of my other one. So you see, it took just a few second.
All right, so now we're gonna do we're gonna take a look at the help file for the Harvester. So all we have to do is type in
the harvester. So again, no space in between those at all.
Put a space afterwards and then to say, dash lower case H. So the harvester space dash lower case H, Then just press and turn to keep work. It's gonna take him over to somebody's gonna pull up the help file for us, and that's gonna show us all the different options we have for commands.
So feel free to take a look a look through those, and see if there's anything you like for our purposes. We really used some of these basic examples.
So the first thing we're gonna do is type this command here. So the harvester space dash, lower case D space and Microsoft dot com Space Dash Lower case L Space 50 Space National case Be space, Google Space Dash lowercase H space statue, Lowercase F
space And then finally, we'll call it test file. One. So whole lot of stuff there.
But let's let's talk about what he's saying. It obviously
the harvester that's the tour using right
The dash D lower case DIF flag allows us to specify the domain, you or the company name that we want to use in the search. In this case, we're using Microsoft dot com
the dash lower case l allows us to limit our searching to whatever number we choose in this case. I've just chosen 50 just so it's a little quicker scan you could do. You know, realistically, I guess about a 1,000,000 if you wanted to. But that would take forever. So, uh, for our purposes, we're just doing 50 to keep things pretty quick.
The dash lower case be allows us to define where we wanted to pull the data from. So in this case, we're just using Google. So Google search results
the dash number case H that allows us to also query the show Dan database. So again, if we find any host
in our search here, it's gonna quarry Those through showed a
And then finally, the dash lower case if allows us to save all this information we're getting as a file. So we're just naming the file test file at one
are. So let's go ahead and run that command now.
So again, the harvester all together
space dash lower case D again were specifying our domain. Put another space and then Microsoft dot com
Another space a dash lower case L
A Space and then the number 50 again we want eliminated just 50
a space a dash lower case be again. We're gonna be specifying where we wanted to pull the information from
We put a space and then Google because that's where we want. We wanted to pull the information from
a space for dash lowercase h against would have run the quarry again showed in
a space a dash, a lowercase f so we can actually put all this information out in the file
and then finally, a space. And then we're gonna name our file test file one.
All right, so once we do that word and go ahead and run that command. It's gonna take a moment or so to actually do the search. You'll see it pulls up search results, and it should be done momentarily.
So while it's doing that in the background there, let's take a look at our first question.
So, question number one,
were you able to see any I P addresses in the output? So, in your output here, do you see any I p addresses? If yes, go ahead and jump those down in your side of things.
So let's take a look here. So on my end, Yes, I do see some I p addresses here. So I see some there.
All right? I also see that it did query a showdown is we wanted so good deal.
So I would normally drop those down there.
All right, So question number 21 other information. Did we find out what other information is displayed here? So we see I p addresses, but what else do you see?
All right. So I see some domain names here. Right? So I see news dot Microsoft dot com and that's associated with 1 92 to 37225141 See support dot Microsoft dot com is associated with 23 7 84 1 57 So I do see some generalized information there.
Let's go back to our lab document
Are So now what we're gonna do, we're to type this next command here. That's actually will wrap up our lab again. This was a very high level overview of the harvester.
So we're going to
the Microsoft dot com dash l 100 dash s 20 Dutch me Google does H Dash F test file too.
So the few changes here from the previous command were kicking it up to 100.
Okay. And then we're gonna start our query at 20. So that's what the Dash s dash lower case s means. It allows us to specify the start over quarry at a certain number. So by de father does the number zero. But here, we're specifying started at number 20. And that's why we've kicked it up to 100 for a search results.
First, let's go ahead and talked. I didn't know.
So we're typing the harvester again. No spaces in between there.
We're gonna do a dash lower case D will specify our domain
which is Microsoft dot com
Space Dash Lower Case Hill To specify how many we want. A limited to were to say 100
another space and then dash Lower Case asked again. We're gonna specify the starting point.
We'll put a space and then the number 20.
We'll put a space national, her case and B so we can specify where we want to get the information from.
And put another space. We're gonna put Google because that's where we want to search.
Then we're gonna add the dash lower case H again. That's to specify that we want Aquarius Showdown database as well.
Put another space a dashing over case calf so we can print all this out in the file and then we'll put a space and we're gonna name the file test file, too,
and then just go ahead and press enter a new keyboard.
And again, just like before, it's gonna take a moment of soda search for us.
So question number three here is gonna be Do you see any domain names in the search results? So when it's done searching, do you see any domain names in the search results?
All right, so I do on my end. So I see is your Microsoft dot com And then, of course, I see that www dot Microsoft dot com
All right, so in this lab, all we did was a very, very high level overview of the harvester. We ran a couple of commands to see what kind of input or excuse me, output. We got back. So we were able to see things like I p addresses as well. It still may names which may be beneficial for us as we progress through our attack.
In the next video, we're gonna cover a tool called Re Kon and G.
Up Next