نص YouTube:
Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 1)

لا حاجة لمشاهدة الفيديو بالكامل — احصل على النص الكامل وابحث عن الكلمات وانسخ بنقرة واحدة.

AutoDub

افهم فيديوهات YouTube الأجنبية

دبلجة YouTube غامرة باللغة العربية

تجاوز حواجز اللغة واستمتع بمحتوى عالمي عالي الجودة

استخدم مجاناً

نص الفيديو

ملخص الفيديو

Summary

Core Theme

This content is an introductory segment of a comprehensive ethical hacking course, focusing on foundational knowledge and practical setup for aspiring penetration testers. It covers essential cybersecurity concepts, tool installation, and basic Linux commands necessary for the course.

Mind Map

انقر للتوسيع

انقر لاستعراض خريطة الذهن التفاعلية الكاملة

hello and welcome to this 15 hour

edition of the Practical ethical hacking

course my name is Heath Adams and I'm

going to be your instructor for the

entirety of this course okay quick edit

so you might be looking at the YouTube

video and seeing that it's only seven

plus hours that is because YouTube

recently implemented a rule that we can

no longer have videos over 12 hours so I

had to split this into two parts I had

to add this edit in and go back and

re-render everything so this is

officially part one and we'll go through

part one and then I'll have a link in

the description below for part two so

without further Ado let's Jump Right In

A really quick who am I again my name is

Heath Adams and I am the CEO of TCM

security we are a cyber security

consulting firm and an educational

institution on a day-to-day basis we

primarily focus on what's called ethical

hacking that is where companies hire us

to try to hack into them to find

vulnerabilities and let them know of any

security issues they may have before the

bad people find those on their own that

could be breaking into a network a web

application wireless network mobile

applications thick client applications

Etc I can even be breaking into a

building which is called physical pen

testing there's a lot of different types

of hacking out there we're going to

cover quite a bit of that in this course

now hacking is such an interesting field

because you don't have to necessarily

come from an I.T background I'm actually

a former accountant and I just fell in

love with hacking and I know people from

all different walks of life we have

somebody that works for us that used to

be a mayor I've seen doctors I've seen

pharmacists I've seen all different

kinds of weird backgrounds come into

ethical hacking so if you're watching

this and you really don't have an I.T

background a formal one that's okay as

long as you have some basic computer

knowledge some basic networking

knowledge that's all you really need to

succeed in this course we're going to

hold your hand the entire way through

and make sure that you get and

understand everything that's presented

in front of you in terms of the

qualifications I've listed my hacker

certifications that's not all the

certifications but those are the ones

that are relevant maybe make me an

expert whatever I've also listed my

social media if you want to follow me on

LinkedIn or follow the company on

Twitter follow me on YouTube I would

love if you just hit subscribe right now

before we even get started or you want

to wait till the end that's perfectly

fine as well we're making our way to a

million subscribers and you could be a

part of that and I would absolutely love

it if you did

we also have some sites we have our

Consulting site which is just

tcm-tech.com we've got the academy which

I'll show you here in a second we also

have certifications site now before we

dive into things you might say to

yourself this course seems familiar and

that's because it might be last year we

released a ethical hacking course in 12

hours this year it's up to 15 hours last

year that total of you has got 3 million

views in 11 months which is great it

hasn't even been a full year yet and we

taught quite a bit of lessons in here

you can see all the different lessons we

taught in here so you might say hey

what's the difference between this

12-hour course and the 15-hour course

while there's quite a few differences

three hours to be exact but even with

the three hours of time difference we

went through a lot of this in for

example in the Kali Linux section that's

been completely redone the python

section has been completely redone so a

lot of these videos and tools and ideas

have been brought in into 2023

methodologies so not only are there

three hours more but a lot of the videos

and content have been recreated for 2023

specifically to make sure that this is

up to date and fresh so you're getting a

brand new courses this is the latest and greatest

greatest

now this course is actually an extension

of a 25 hour it's pretty close to 27

hours now of materials that is on our

TCM Security Academy website and this is

the only time I'm going to try to sell

you on anything throughout the entirety

of this 15 hours so I just ask for one

minute of your time

this course takes the first half the 15

hours takes the first half of what's in

here if we scroll down to the curriculum

we actually have all the first half here

you'll see this if you actually came to

the website it's the exact same thing

you're getting in this course this goes

all the way through the Capstone and the

buffer overflows here and that is a

great stopping point we'll go to the

Capstone we'll go through it it's a

great Midway point to test your skills

if you get through the Midway point and

you say hey I really like this I want to

get the rest of the course we have even

more stuff in here we have active

directory which is one of my favorite

things to pen test against and I would

say it's the best part of the entire

course we teach that we cover quite a

bit of this all this is on active

directory right here we cover more post

exploitation we cover web app pen

testing application pen testing we get

into a little bit of Wireless testing

and legal documents and all that fun

stuff so the 15 hours that's here it's a

great great resource it gets you started

if you love it you love our instruction

you want more this course is 29.99 all

of our courses in fact on the academy if

we go over here they're all 29.99 so if

you're interested we have an all access

pass that gives you access to everything

we've got courses on Linux python we've

got courses on privilege escalation osin

external pen testing all different kinds

of stuff in here if you're interested in

that I just encourage you to check out

the website you don't have to buy

anything this is completely 100 free if

you just want to stick with the 15 hours

last but not least this course does lead

to what is a certification we have a

certification called the pmpt it's the

Practical Network penetration testing

certification I'll link it down in the

description below it's a one-of-a-kind

certification you go through you try to

hack an organization you write a report

you present a debrief and the good thing

about this is it gets you job ready for

the field so if you can get through this

certification you actually go look for

the pmpt on LinkedIn or indeed you're

going to find this on job postings so

this course 15 hours of this is part of

a 50 hour curriculum that we have and so

if you feel that hey I really am

interested in this field and maybe I

want a certification consider looking at

the pmpt as well and that's really it

we're gonna end here salesmanships over

please enjoy this 15 hours if you do

please like comment subscribe all that

fun YouTube stuff let's go ahead and

jump right into this course I'm so

excited to teach you in this 2023 day Edition

all right I hate PowerPoints but I love

this template I don't know what's so

cool about it it's all the colors I

think so welcome to a day in the life of

an ethical hacker 2022 edition let's

talk about a pen tester's day to day and

I'm going to highlight this at a very

high level so what we do is we roll out

of bed hopefully we wake up in the

morning and we kick off our day and now

our day can be performing an assessment

and we're going to talk about the

different assessment types that are out

there it could be writing a report it

could be giving a debrief or a

collection of the three when we perform

an assessment we're talking about

different types of pen testing or

ethical hacking and we're going to cover

the most common types we'll talk about

some other types as well once we perform

our assessment we need to write a report

we deliver a report to our client that

report then gets digested and eventually

we give them a debrief if they want one

and we talk about our findings and so

we'll cover this whole process from

start to finish let's talk about the

different types of Assessments that we

could perform as an ethical hacker now

the first type of assessment I want to

talk about is what is called an external

network pen test and one of the

questions that we ask people when we're

doing phone screens and baselines on

interviews is we say hey can you tell me

what an external pen test is versus an

internal pen test and honestly I would

say at least half the people get the

answer wrong so make sure you're paying

attention and you take notes because

this may come up on an interview now an

external pen test is probably the most

common type of pen test that we perform

if you just got hired as a penetration

tester and you're brand new to the

industry it's likely they're going to

start you out doing external network pen

tests these pen tests are the most

straightforward and something that a

junior could take on and work through

and build up some experience and or

confidence as they go through their

process so an external pen test is

looking at an organization's security

from the outside this could to be us

trying to hack in from our mom's

basement or from another country or

whatever it might be whatever scenario

plays out in your head that's what it

could be you're trying to hack in from

the outside the methodology for external

pen tests focuses heavily on what's

called open source intelligence

gathering or oh send we're trying to

gather as much Intel and data about an

organization who are their employees

what is their email format have they

ever been involved in a breach can we

find out what passwords were in those

breaches can we collect data and then

use it against that organization to

reach a login panel or breach the VPN or

get into an area where we otherwise

would not be allowed into now why do we

focus so much on open source

intelligence well because this is an

external assessment you have to think

about the internet as a whole there are

Bots scanning the internet 24 7. if you

don't believe me try putting up an SSH

server or something similar and leave it

up for 24 hours and see how many login

attempts you get on that server it's a

lot Bots are scanning all the time so

what does that mean for us well that

means that if we do vulnerability

scanning and we find something that is

incredibly dangerous

well somebody's probably already found

that as well so the chances of us

finding something like remote code

execution where we can land on a machine

externally without doing a lot of work

it's pretty low usually organizations

have their external networks buttoned up

from a patching perspective so what

we're really looking at is the Intel

that we can gather where are the login

panels who are the users and how can we

use that against the organization now

this is the most common type of pen test

that organizations do in my opinion for

two reasons the main reason is that a

lot of compliance organizations dictate

that an external network pen test must

be performed annually that is not true

for the rest of the pen test though some

compliance organizations might dictate

other pen tests the external is by far

the most common the other side of this

is external pen tests tend to be a

little bit cheaper than the rest of the

assessments depending on the size and

scope of the engagement and a lot of

organizations like to dip their toes in

the water before going and doing more

assessments with a security firm so they

might test you out and say hey let's do

an external pen test we'll see how it

goes we like you we'll hire you for more

stuff so between those two reasons we

see a lot of external network pen tests

more so than anything else in my opinion

now these pen tests tend to last around

32 to 40 hours on average though if you

have a very large engagement that can go

a lot longer or if you have a very small

company and you're looking at one IP

address or five IP addresses and 10

employees it's probably not going to

take you 32 hours to do that pen test

maybe somewhere in the 8 to 16 hour

range we then tend to add another 8 to

16 hours for report writing and we'll

touch base on report writing towards the

end of this video so moving on is what

is called an internal Network pen test

this is assessing an organization's

security from the inside of the network

this means that we somehow breached the

perimeter perhaps we sent a phishing

email and somebody opened our email

clicked on our link and now we're inside

the network or maybe we broke into the

building and left a dropbox behind

whatever scenario in your head you want

to play as well you can do that what we

do on our end is we typically send a

laptop out to the client the client

plugs that laptop in and we are able to

remote into that laptop and perform a

network assessment as if we were sitting

inside the office this is why a lot of

work nowadays is remote because we don't

have to be on site anymore to do

internal pen tests now the methodology

for an internal penetration test focuses

heavily on active directory now if you

don't know what active directory attacks

are you absolutely need to learn those

in order to be a successful internal

penetration tester and it's one of those

things that a majority of the

organizations that are out there use so

I believe the statement that I read once

was 95 or 99 don't quote me on this by

the way of the Fortune 500 companies use

active directory in their environments

and I honestly think that this number is

way closer to 99 than anything else

every single internal pen test I've ever

done with the exception of one client

one very small client has always been on

active directory so you need to

understand active directory methodology

in order to perform an internal Network

pen test these typically last 32 to 40

hours though they can run a lot longer

again depending on the size and the

scope they don't typically run shorter

though I have seen them run 16 to 24

hours if the network is very small but

there is a checklist that we have to run

through that is usually in the 32 to 40

hour range and just like external pen

tests we tack on another 8 to 16 hours

for report writing now the third type of

assessment I wanted to talk about is a

web application pen test this is

probably the second most common I wanted

to group the external and the internal

pen test together but you have to think

about networks nowadays versus web

applications there are websites

everywhere there are more websites than

there are networks if we're just

counting websites to business networks

there probably are more web sites to

home networks as well though I'm not

entirely sure of that I would argue that

the answer is probably way more websites

than home networks so with that there's

a lot of attack surface that's out there

so organizations will come to us and

they'll say hey we need a web

application pen test this can be

dictated Again by compliance perhaps

stakeholders want to see this or maybe

the client is very interested in the

security of the application and wants to

make sure that it is very secure before

they launch their application now the

methodology focuses heavily on web-based

attacks obviously and the owas testing

guidelines so oauth stands for the open

web application security project you've

never heard of it Google it it's a great

resource they have testing guidelines

for not just web application but mobile

as well they have how to test how to

defend how to prevent all kinds of great

things and we follow their testing

guidelines pretty exclusively if you're

ever going to be a pen tester and you

want a pen test against web apps you you

for sure need to know what the owas top

10 attacks are because you will be asked

those in an interview now these

engagements last typically 32 to 40

hours and that is pretty much the

minimum we have a very thorough

checklist that we have to go through

when we're doing a web app pen test and

I would say it pushes closer to 40 hours

than anything else unless it were a very

very small and specific web application

they're almost always in the 32 to 40

hour range with another 8 to 16 hours

for report writing another Common

Assessment that we are asked to perform

as pen testers is what's known as a

wireless pen test or a wireless network

pen test and we're assessing an

organization's wireless network security

so the methodology will vary depending

on what type of wireless network is

being used for example if they're using

a guest Network we might log on to the

guest Network and test segmentation can

a guest access internal resources or is

the network properly segmented if

they're using a pre-share key which is

what's common in most household and we

might test that pre-share key for

password strength and see how strong the

pre-shared key is and how strong the

password is if they're using

enterprise-based network then we open

ourselves up to a variety of new attacks

as well so our methodology really

changes depending on what is being used

now Wireless pen testing is fairly

straightforward you can look up the

methodology online find blog posts about

it you just need a wireless network

adapter that you can honestly pick up

for 30 to 50 dollars at most and I'll

leave a link in the description below to

my favorite wireless network adapter but

you can just pick one that is compatible

with your machine and that will work and

do packet injection it's honestly where

a lot of hackers start this is where I

got my start before I ever learned about

real pen testing or anything I went and

bought a cheap wireless adapter and I

started just hacking my own network and

some devices that I had laying around at

the house and I learned how to hack

wireless pretty quick so it's one of

those things that kind of gets you

excited it and gets you into the hacking

mindset and kind of teaches you some of

the wireless assessments that are out

there and I think it's pretty fun as

well now these typically last about four

to eight hours per SSID so if we're

testing two ssids we're probably looking

in the 8 to 16 hour range and then

typically another two to four hours for

report writing all right the last thing

I want to touch on in terms of

Assessments that we do quite a bit are

physical pen tests and social

engineering assessments so when we're

doing a physical pen test we're

assessing an organization's physical security

security

and our methodology is going to depend

on the tasks and goals that are at hand

that are given to us by the client so if

we're doing a physical pen test we are

going on site and we're trying to break

into the building that can be through

cloning badges that can be through

social engineering that can be through

picking locks there's a lot of different

scenarios that are at hand there now

that methodology again depends on what

we're up against and it also depends on

the client's goal the client might say

hey we want to see if you can just even

get in the building or they might say

hey I want you to get in the building

and find our server closet and take a

picture of yourself in our server closet

we want to see if you can make it there

so there's typically some goal behind

why you're breaking into a building but

it is legal breaking and entering and

it's pretty fun and pretty exciting if

that's your jam and there's a lot of

social engineering involved in that so

it's very very fun engagement to do the

other side of this is pure social

engineering and what I mean by that is

doing something like a phishing campaign

against an organization and we might

actually do a phishing campaign in

combination with an external pen test so

we might combine those together though

often they're left apart we might do

something like a fishing campaign where

we call people and we say hey I'm from

I.T can you give me your password or I

just sent you a code to your account can

you give me the code that I just sent

you we might do a smishing campaign

where we send text messages and see if

anybody responds back to us there's a

lot of different social engineering

that's out there and we have different

campaigns that we can run in different

engagements depending again on the

client's need now the great thing about

this is social engineering and physical

pen testing offer a lot of learning

opportunities and training opportunities

for example when we do physical pen

tests we wear cameras on our hip and we

record everything that we do not just

for our liability but also for teaching

end users at the end of the day we'll

cut that video have a Lessons Learned

here's the good things they did here's

the bad things they did and they can

walk away with a way to improve moving

forward the weakest element of any

organization is going to be the human

you can have a great environment great

policy security everything set up and

all it takes is one really nice person

to hold the door open for you and that

can lead to catastrophic events so

social engineering again is a very

important part of security and it's one

of my favorite things to assess when I'm

doing this type of work now again these

can last anywhere from 16 to 40 hours

maybe even more depending on the

engagement that you're on plus another

four to eight hours for report writing

again maybe more depending on the scope

of the engagement that you're working

now these aren't the only assessments

there are other assessments that we

might perform as a pen tester these tend

to get a little bit more specialized and

you might have to take additional

training in order to learn this type of

stuff but these are things that we

perform at work and you may end up

performing as well so we have mobile

penetration testing it's a lot like web

application penetration testing in the

sense that you're testing against an

application except it's on a mobile

device so iOS or Android and then

there's specific methodology and

techniques related to those operating

systems you may have iot or Internet of

Things penetration testing and somebody

might send you something like one time

we got sent over a pressure cooker that

was a wireless pressure cooker and they

wanted it pen tested so we had a lot of

fun doing that there's red team

engagements which are kind of sort of

like pen testing but not really what I

say pen testing I think of banging at

the front door where red teaming is

trying to sneak in in whatever creative

way you can so a red team engagement

might say hey we want you to hack our

company you've got a month or six months

or a year and we don't want to hear you

we don't want to see you we don't want

to know about it just let us know if you

can hack into us in these types of

engagements the methodology can be

anything depending on what is allowed in

scope usually it's pretty open in the

scope I've heard a red team sending

people to the client location and they

might even live there for a little bit

they might befriend some of the

employees try to become buddy buddy

learn some internal Secrets maybe get a

password slip them a thumb drive they

might do all kinds of social engineering

engagements it's very very custom and

unique to the client and Depends again

on the scope which is usually pretty

wide and what they can and can't do so

red team engagements are pretty awesome

but they're also incredibly stealthy

where pen testing is very time Limited

in the sense that we might only have a

weak engagement we're going to know the

IP addresses we're going to know our

scope and we're going to have a set

defined limitation in front of us where

red team doesn't have that as much now a

purple team engagement is something that

you might do tabletop exercises and

things like that where you as a red

teamer or being offensive and working

with a blue team or defensive you work

together and that makes purple and in

that sense you might tabletop and say

hey I just ran this attack do you see me

in your network I just ran this other

attack do you see me and you try to

establish a Baseline and you can see Hey

where's the detection at where is the

detection weak and how can we improve

detection mechanisms within the network

it's usually a bit of a more mature

process an organization that's never

gone through a pen test before likely

isn't just going to jump right into a

purple team engagement but it is

something that more mature organizations

do in order to improve their baselines

and improve their detection mechanisms

internally now I've covered just a

handful of the different types of pen

testing engagements that you can work on

there's car hacking there's airplane

hacking there's scada hacking there's

all kinds of really cool stuff out there

that you can do I discovered the most

common items but you can absolutely

specialize if that's something that

you're interested in now with all the

fun of getting to do assessment work

there comes the downside of report

writing and debriefing I actually enjoy

doing both and in order to be a

successful consultant you really need to

be a three-headed person in a sense you

have to be really good at technical

abilities you have to be really good at

report writing and communicating

effectively not just to a technical

audience but to a non-technical audience

and you also have to be good with

presentation skills in the sense that

you need to present your findings to a

technical and non-technical audience so

with report writing we typically deliver

a report within a week after the

engagement now that report should be

high level and Technical so we have

what's called an executive summary for

non-technical people think about a CEO

who might not be a technical person if

they're going to read the report it

should still be Crystal Clear what the

issues were and how they should be fixed

and that's what the executive summary is

now we have a technical findings section

and that's for the people doing the work

maybe the security engineer the network

engineer or the web app developer

depending on who you're working with it

can digest the findings they can say hey

here's what they found here's what tools

they use here's how they were able to do

it and here are the recommendations for

remediation now recommendations should

be incredibly clear you should have high

level recommendations like hey patch

this and you should have technical

recommendations as well that says hey go

to this website here's how you would

install this patch etc etc so depending

on your audience you want to make sure

that you're communicating effectively to

both of them and for a lot of new pen

testers this can be an incredible

struggle it's one of those things that

you write a report you get beat up on it

in the QA process and you just get

better over time and it's just something

that is kind of passed down and you

learn as you go so don't be worried if

you're not great at report writing just

make sure that you understand that if

you're going to do this job you will

have to write reports and you will have

to get better at it as you go last but

not least is the debrief process now a

debrief walks your clients through your

report findings and again this should be

non-technical and Technical as well you

may be sitting in a room with a CEO and

a network engineer you might be sitting

in front of all technical people you

might be sitting in front of all c-level

non-technical people so you need to make

sure that when you are presenting your

findings that you can explain it at a

high level and a technical level as well

I've seen many people struggle with this

all right I've had I've been in one

situation I remember that I was in a

debrief with a co-worker of mine this

was years ago and he was very much

struggling to communicate he was giving

very technical in-depth details about

what he was Finding and the CEO kept

stopping him and saying I don't

understand what you're saying so we had

to do a little bit of translation

because he really wasn't great at the

debrief process yet he was still fairly

new and it's one of those things that if

you're going to be an effective

consultant you need to be able to do both

both

now the debrief is important because it

also gives the opportunity for your

client to ask any questions about the

findings that you have and address any

concerns as well so maybe there's a

finding that they want to challenge or

they want more information on it gives

them the opportunity to do that because

when we give them the initial report the

report is a draft after the debrief or

if they choose to not have a debrief we

finalize that report so the debrief is

the last opportunity the client has to

understand what you're presenting to

them and to ask any questions or address

any concerns so it's a very very

important process alright hopefully that

was informative for you if you're

looking to become a pen tester you

should know at a high level what these

different types of assessments are and

you should know what you're getting

yourself into because a lot of people

think oh it's fun and games I just get

to go hack things and yes that's a lot

of the job but a lot of the job is also

doing report writing and doing debriefs

in front of our clients so if you're not

strong with report writing or if you're

not strong with your presentation skill

cells you may have some time on The

Struggle Bus before you get decent at it

alright so make sure that you know

coming into that that those are things

that you're going to have to be doing

and that you're comfortable doing those

so before we begin in this course and we

really start to dive in it's important

to cover one of the topics that I'm

going to harp on the most which is

effective no keeping if you're going to

be successful in your career and you're

going to be successful in this course

you really need to take good notes now

in this first video I'm going to show

you what my notebook kind of looks like

not only for my personal notebook but as

a notebook for an assessment and how I

might take notes for an assessment and

then I'll also show you some note

keeping applications that I prefer or

I've heard students prefer in the second

video we're going to cover how to

install one of the applications and

another cool application used for taking

screenshots so let's take a look at my

notebook first

so here is my notebook and actually

let's click over here so this is my

notebook and you can see it's really

long it's got all kinds of stuff in here

and it's just something that I build

upon this one in particular is actually

only geared towards active directory so

I have a few different notebooks this

one is active directory and it's

actually a few different courses that

I've taken in the past that I've kind of

put together and then just for

assessment work etc I just kind of have

a little cheat sheet here so I wanted to

show you this one in particular because

these were built off of courses and

you're going to be working through a

course so kind of just get an idea of

how maybe to structure it so here you

can see I structured it and I've got

different modules here where okay module

one might have had this email macro

fundamentals module two two here has all

these different uh components to them

right and we have we have our notes then

we have child notes and even sub

children to those child notes and I'll

show you how to create that here in a

second but let's say for example

enumeration which is one of the most

important things that you're going to

cover in hacking and we take a look at

enumeration you don't have to understand

what any of this means here but you

could see if I want to look at a domain

and I want to get the current domain

that I'm on here's the command I run and

here is a picture of what it looks like

and here's what comes back when you run

that command that's great that's what I

want to see and I have a whole list of

commands for all these in here right so

if I'm confused on a assessment and I

want to go and

find a command that I'm not sure of I

can go to my little cheat sheet here now

again this is really long so you have to

create your notes the way it really

helps you for a course I think it's good

to write it all out step by step like

this and then go back and make a cheat

sheet I don't need this pictures anymore

I've been doing this for a while so

maybe I just say hey get current domain

is get net domain and then I say hey

okay get object of another domain here's

an example of it I don't need the

pictures because it makes it really long

but as an example and over time you

learn with the pictures as well at least

so let's build from that

here is an example of an actual

assessment that I did for a client and

you can see how I did this now I did an

external internal and web application

assessment for this client and these

were the findings now I'm only going to

show you what is Master obfuscated

already or doesn't reveal client

information but as you can see here one

example is on the internal they had

something called SMB signing disabled

you don't need to worry about it but

here in my picture I've got a nice

picture the picture has highlighted it

says Hey message shining disable that

signifies SMB signings disabled and it

has the IP address so we identified the

machine and we give proof of concept

that this SMB signing is disabled here

another example

ms-17010 these are both internal

exploits that you're going to encounter

in this course here's one I check this

machine it says hey this Target's not

patched now this is one I didn't exploit

but it shows that it's actually

vulnerable to this attack so these are a

couple screenshots that I'll put now

your notes could be different than mine

how I organize is I take a screenshot I

put it in here and then I make sure that

I have at least the IP address and the

screenshot for reference because I'll

remember it but if you need to go in

here and take detailed notes that's

absolutely fine as well you always want

good notes for your assessments because

you never know if a client's going to

come back in six months or even a year

and say hey what was that one thing that

you did here and if you go back to your

notes you say oh you know I did this and

some people get down really into the

weeds they have dates times everything

for step by step what they do on an

assessment and that's completely up to

you and how well you take your notes

this is kind of how I lay it out and

then you see the green check marks next

to it I add those green check marks when

I'm doing my report so as I'm building

my report out and I cover something in

the report I'll just go ahead and right

click and I'll change the note icon to a

check mark meaning that I've written

that part of the report for that finding

and we just kind of go through over time

so with that being said I do want to

show you some decent applications the

one that I'm using here and that you see

is called keep note now I run on Windows

as a base so keep note.org that's how

you get keep note it is for Linux it is

for Mac OS X but this is totally a

preference thing me I prefer I've been

using it for a long time some people

don't like it okay so I'm going to offer

some Alternatives as well

cherry tree comes built into Kali Linux

as you're going to see here in just a

little bit worth looking at worth trying

seeing if you like it one note's another

example if you use Microsoft and if

you're a Mac User a lot of students have

told me that Joplin is really good now

I've never used this but I keep hearing

great things about it so what I'm going

to do is I'm going to put all of these

into the course resources and you'll be

able to look at them download them

decide on your own now you're not

limited to these four no keeping

applications by any means feel free to

use whatever you like to take notes if

you want pen and paper that's great as

well and so just make sure that you're

taking good notes and we're gonna we're

gonna harp on this throughout the entire

course over and over and over again so

make sure you're taking good notes so

from here what we're going to do is

we're going to install keep note in the

next video and we're going to install an

awesome tool called greenshot I'm going

to show you what greenshot does and why

it's so cool and I can cannot live on

any assessment without it so let's catch

you over in the next video when we work

alright so in that example in the last

video we talked about using keep note so

if you go to Google and you type in keep

note all you got to do is come here and

keep noteworks on Windows Linux and Mac

OS X so

great great tool the only issue with

this tool is it has not been updated in

a long time some people find issue with

that if you're one of those people I'm

actually not you can use other tools

OneNote is an option

cherry tree is also an option you can

also find other options out there for

you if you have a favorite note-taking

tool already that's absolutely fine as

well just make sure to take good notes

especially during this course and make

the most of it learn all the things that

you can and incorporate that so I will

show you quickly how to install keep

note here and another thing note too is

while we do this is cherry tree is

available on Cali Linux we're going to

install Kali Linux here very soon so

once we install Kali Linux and we get

into the introductory Linux and we

explore it I'll show you a little bit

more of cherry tree and what that looks

like and we'll talk pros and cons of

cherry tree when we get there so here we

go if you are on Windows you can follow

along or you download your appropriate

one here depending if you're on Linux or

if you need Mac as well so I'm going to

go ahead and install the exe and I'm

just going to actually run this

we're just going to say yes

and I'm going to say next next install

and that's it that I mean it's it's that

quick and then we just launch Keep note

and here you go we've got keep note so

the other tool the really cool tool that

I love this one is called Green shot now

this is a screenshot capturing tool so

let's go to downloads here on greenshot

if you are running on something other

than Windows you're going or Windows or

Mac so basically Linux you're going to

need a different tool the recommended

tool that I've heard out there is called

Flame shot

f-l-a-m-e though I have no experience

with it

I've heard it is identical to Green shot

so here I'm going to download the latest

stable I'm going to select run yes

yes okay

okay

accept the agreement give away our firstborn

firstborn

next next next place it however you want

I'm just going to next through

everything and I'm going to start green

shot with Windows start that is my

preference I love this tool again

so it's finished all right let's take a

look at it so it should be running let's

start greenshot now

okay now you see it running down here on

the bottom okay let's let's go let's

open up a web page let's say we want to

take a screenshot of something now you

just hit your print screen button

and this nice cursor gets brought up

here and let's say we wanted to take

this downloads part right here we're

just going to capture this

and now we have choices we can just save

the image that we just grabbed

or my favorite is that we can actually

just open an image editor right so let's

open this in their image editor look at

this okay so here's the picture we just

grabbed right on top of this really

great tools let me show you two that I

use always so I come into effects I put

a border on it let's say that you have

like a Kali Linux and Kali Linux if

you've never used it has a black

terminal it's really nasty so let's

imagine here that it's black it's nasty

when it comes to reporting so let's

imagine that we're in this situation and

we're writing a report and we've got

this black background similar to this

well you can see what I just did I just

inverted it and I do this for all of my

reports I invert the Cali background so

that way it's white and that way it

looks nice on a report and when we get

into the reporting you'll kind of see

what that looks like but I like a nice

clean background it saves on ink as well

if they were to print it and it's just

nice and neat when you give it to a

client so I always invert my images if I

need to you've got the black border here

another thing is let's say you want to

point something out you saw in my keep

note notebook that I had a highlight you

can just click that button up here and

just highlight something like right here

great another tool that's in here is

this officegate so let's say that

there's like a password or something

really sensitive in here that that you

don't want the client to see or you

don't want to be reveal on a final

report you can do that and then you can

just like up the pixel size on this and

make it really blurry you know

um so it's a really really great tool

and then when you're done you can copy

it to your clipboard you can save the

file I just usually like copy this and

if I want to go paste it like you know

make a new notebook or whatever I'll

just paste it in my keep note and just

kind of go from there so again fantastic

tool awesome to use if I had two

recommendations for your note keeping

it's keep note and green shot if I had

to make one recommendation of the two

it's absolutely green shot you can be

flexible on your note keeping tool so

again hopefully this helps you again

again please do take good notes of this

course you're going to find yourself

wanting to know hey what was that

command I ran again and because we're

going to go through so much stuff by the

time this is all said and done that

you're gonna want to remember it so

please take good notes so from here

let's go ahead and move on into our

networking refresher and we'll catch you

hello everyone and welcome to this

section on networking so this section is

titled networking refresher meaning that

some of you might have a networking

background and if you're looking at this

list that's on the screen and you go

down the list and you say yep I know all

those you can feel free to skip this

section if you've taken some of these in

the past and you just might want a

little bit of a refresher on them then

this section is for you we're going to

cover these topics not totally in depth

but we're going to use it as a way to

brush up and then we'll hit on

networking again when we get into

introductory Linux so if you are

unfamiliar with things like TCP UDP in

the three-way handshake or if you're

subnetting is a little shaky or you

don't know what the OSI model is chances

are you should probably stick around and

just click through this series watch it

and build that Foundation remember we

talked about one of the core foundations

of pen testing being a strong networking background

background

this is a good way to build it up

remember what you might have forgotten

and go from there so let's go ahead and

just jump right into the first video

what's up everybody so I'm gonna preface

this video really quick with that it is

raining pretty hard here so if the

soothing sounds of the rain put you to

sleep during this video and you can hear

it I'm very very sorry but the show must

go on so what we're going to be doing

today is we're going to be talking about

IP addresses now if you've ever used a

computer before and you're any anywhat

familiar with it you probably know what

an IP address is but I want to take this

a little bit deeper in in theory on why

we use IP addresses what types of IP

addresses are out there and talk more

about protocols and how IP addresses are

actually designed and made up

so I'm here in a Cali terminal and I'm

just going to type in a simple command

and that command is ifconfig now if

you've used Linux before this might be

familiar to you if you used windows it's

similar to ipconfig all I'm trying to do

is bring up my IP address so what we can

see here is that we have an IP address

which is our inet this is my IP address

here I also have another IP address this

inet 6. this is what's called an IPv6

address so we've got this inet which is

considered an ipv4 in this inet 6 which

is considered an IPv6 now you can notice

right away that there's two different

types of notations for these this inet

here is in a decimal notation and the

IPv6 is in a hexadecimal notation we'll

get to the importance of that in just a

second so when it comes to IP addresses

this looks probably pretty familiar to

us this is an IP address this is how we

communicate we communicate over layer

three and you're going to hear me

talking about layers repeatedly

throughout the course or at least

throughout this part of the course so

that we can get familiar with how we're

actually doing this so I want you to be

familiar with troubleshooting these

layers and these layers all refer to

something called The OSI model so when

we we talk about layers we think about

the OSI model and I'll introduce the OSI

model here in a few videos and it should

all click once I introduce the OSI model

so if I brought in the OSI model up

front it might be boring might not make

sense so I'm going to introduce the OSI

model near the end and you're going to

say hey yeah that all makes sense so

what we've got here is we've got this

ipv4 address and this is the most

commonly used format that we use today

right we use ipv4 for mostly everything

and again this is in that decimal

notation so when we see this decimal

notation it's just a realistically a

bunch of ones and zeros that are put

together so that we have this human

readable format

realistically all we're seeing here with

192 this first this first section here

this first octet is actually just a

bunch of ones and zeros it's eight bits

so we've got a range of eight ones and

zeros here we've got another eight here

eight here and eight here so when it's

all said and done this inet or this ipv4

is made up of 32 bits eight plus eight

plus eight plus eight here and which

equals four bytes so another way to

think about that is to think about it as

say something like this one two three

four five six seven eight period period

okay that is one section there so we've

got eight ones that can make up this and

then we'd have another eight

Etc not gonna be the dead horse here but

I do want to give you guys another

example so if we go into our

applications and we go to a text editor

really quick

so the way this looks is something like

this we start with a number like 128 I'm

gonna try to space this out as best as

possible and all I like to do is think

of 128 as my base and this will make a

lot more sense when we get into

subdending so please if you're confused

by this don't worry this is all Theory

right now when we get into subnetting

and we get Hands-On it'll make a lot

more sense I promise you

so let's say we have ones and zeros here

if we have a one for each of these sections

sections

and I'm going to space this out again as

best as possible it's not pretty but if

we have a one for all these this equals

255 why does this equal 255 will you

take this and all these numbers add up

one plus two plus four plus eight all

this adds up to 255. so let's say if we

didn't have all the ones and zeros we

had just

someone's enabled

like these last three here okay well

this would equal seven

because we have four plus two plus one

equals seven so our first number or

whatever number this applied to in the

octet would be seven so if we had

7.7.7.7 it would just be this numbers

repeating over and over these numbers

repeating over and over right so uh be

zero zero zero zero one one one dot zero

zero zero zero one one one

and so forth so this is kind of what it

looks like behind the scenes because

again a computer is just ones and zeros

we're all binary so what we're going to

do is we're going to close this out

we're going to talk a little bit of

other Theory when it comes to this and

why inet or IPv6 and why ipv4 so let's

close this and let's talk about ipv4

so I'm going to bring up a calculator

and with ipv4 we have these 32 bits so

what we can do is we could take two

to the 30 second power

and this is the possible amount of IAP

addresses that we could have so we have

somewhere in the four billion range of

IP addresses well spoiler alert we don't

have only four billion people on earth

right we're up to seven something

billion at this point and all these IEP

address spaces are gone so ipv4 has been

around since 1981. nobody thought we

were ever going to use all these

addresses uh computers weren't really a

thing who knew that we were going to

want all these addresses and you know uh

these companies started buying them up

and they started buying them up in large

chunks and then they sold those to isps

and then isps sell those to you and so

these IP addresses have been gone for a

very very long time and uh chances are

when you when you have an IP address and

you get this ipv4 you're only going to

get one if your corporation you might

buy it more but we've run out of IP

address space there's just not enough to

go around so the theory is okay let's

come up with something different let's

come up with IPv6 now this hexadecimal

mole is actually in 128 bits which makes

things just a little bit longer and adds

quite a bit so let's take this 2 to the

128 power

and we get a number that I cannot tell

you how to say not even going to try but

I can guarantee you that in our lifetime

we will never use this address space

so we've come up with a solution of IPv6

but nobody really uses it IPv6 is just a

thing that's that's there but when we we

get IPv6 addresses a sign but still to

this day everybody's using ipv4 well how

how is that possible if we're using ipv4

but we're out of address space well

think about this we're using something

called nat which is Network address

translation now let's think about your

network so you might have a cell phone

or computer or multiple devices my

network has at least 20 devices on it

I've got I've got cameras I've got

multiple cell phones Smart TVs

everything that connects to my internet

gets an IP address

and that's 20 IP addresses right there

right so let's say I have 20 devices

that's 20 IP addresses am I taking up 20

IP addresses out of that 4 billion no

we're actually using something called

Network address translation or it's

called nat for short and we'll talk

about this again when we we set up our

actual lab but

with Nat what we're doing is we're

assigned these private IP address spaces

192.168.57.139 now if you've ever seen a

IP address before and you've been on a

network good chances are it probably

started with 192 or maybe it started

with a 10 dot or something along those

lines and that's because those are

private IP addresses so anything that

starts with 192.168 is not an IP address

that is going to be out in the uh the

interwebs it is going to be an IP

address that is only known to you these

are called private IP addresses so

because we use these private IP

addresses we can pass them out through

what is called a public IP address now

to make better use of this let's go out

to Firefox and I've already got a tab open

open

so I went to Google and I just said

private IP addresses and I clicked the

second image here because I think it's a

great image so if we look at this there

are classes of IP addresses private IP

addresses now there is a Class D and E

we're not going to worry about those The

Big Three are class A B and C if you

know these you are good to go uh so if

we look at class C this is what the most

common household and small business use

so we see it starts with the

192.168.0.0 so the 192 168 are constant

if you see a 192.168 address you can

guarantee yourself that that is a

private IP address space and then we

have the range of changing this number

between 0 and 255 and this number

between 0 and 255. Y 0 to 255 well

that'll all make sense when we get into

subnetting but what that allows us to do

is have a large number of networks here

and a small amount of hosts but for a a

regular user like you or I uh or a small business

business

254 hosts is pretty good I mean I'm only

using like 20 in my household so the

most common household is probably using

this 192 address

but what about a big big business right

something huge

okay well they might use a 10 address

because a 10 address frees you up to

anything after this 10 is private so 10.1

10.1

10.1.1.1 whatever you want to put in

here up to 255 on each octet

makes for a small amount of networks but

a large amount of hosts okay and don't

worry about the host versus Network

thing again subnetting we'll talk about

that it'll all make sense

but just imagine the amount of amount of

host that you can put in here with this

wide range so because of this you'll see

larger corporations using 10 addresses

you'll also see a lot of Corporations

even small businesses using 10 addresses

the the matter of fact is as long as you

have this private IP address you're good

to communicate across your network so

any IP address outside of these and the

loopback here are free game for the

public address space they're probably

already owned and you purchase those or

rent those really from your ISP your

internet service provider so going back

to this thought we have a class C

address my Network's Class C 192 168 57

139 here so it falls into that class C

I've got all these devices on this

192.168 network all these devices are

talking out of one IP address that is my

public IP address that is what I rent

from my ISP and all this network traffic

goes out one IP so this is how we have

achieved or solved the issue of running

out of address space without having to

use IPv6 not that there's anything wrong

with IPv6 uh it's it's not pretty I mean

it's way easier to type this stuff in

than it would be to type something like

this in

um but at the same time this is how

we've solved it we've we're able to

still use ipv4 in mostly all networks

and we are able to communicate out with

this quote unquote IEP address shortage

so hopefully that makes sense we're

going to build upon these Concepts again

ipv4 IPv6 IP addresses are layer 3

protocols Layer Three is a router so

when we Route traffic we route via an IP

address so we're going to build upon

that as well as we go in hopefully this

is all just a refresher to you so that

is it for this video I'll go ahead and

all right so we're going to move down a

layer here and talk about Layer Two so

remember ipv4 IPv6 IP address is just a

whole that is layer three we're talking

about routing here in Layer Two we're

going to be talking about a Mac address

or a physical address now Mac stands for

media access control and that is

identified here in our ifconfig as this

ether here so we can think of this as

our physical address and a way that we

communicate when we are using switches

switches communicate over this physical

address this is kind of how they know

what device is what so what we say here

is if we have a device say you just

built a computer and you're installing

your network interface card or your Nick

you're going to plug that in and you're

going to have a MAC address for that

Nick your cell phone that's going to

have a MAC address anything that's using

a network interface is going to have a

MAC address so these Mac addresses are

important because they utilize layer 2

or switching and they are how we

communicate over switches now there's

something to be noted briefly about Mac

addresses now Mac addresses have

identifiers so as you can see here this

Mac address

has six different pairs of two right

and what we can do is we could take the

first three pairs

and we can just copy this

and we can go out and we can try to put

it into a MAC address lookup now for

this one this is just going to be VMware

I'm not sure if it's actually going to

come up but I'm going to go ahead and

paste it and see what happens

and you can see that the vendor actually

shows up as VMware so the first three

pairs here are identifiers and we can

identify what we're up against if you've

ever looked in your house and you've

looked at your network and you you're

trying to find a device and you see the

IP address but the IP address doesn't

really help you identify it you might

see something along the lines of a MAC

address because your your home device

say your your router might also be

what's called a layer two slash layer 3

device meaning it's doing switching and

routing for you and it'll also know the

MAC address of that device so you can

take the first three pairs here put

those into the Google machine and see if

you can identify what the device is so

if I was unsure this didn't have a host

name or device name and I could just

reach out and say okay well let me let

me look these up maybe it'll give me an

ink link it's not going to tell me the

exact device but if I know it's it's

running VMware then I could say oh you

know that's my host machine running or

if it's related to like Texas

Instruments or something maybe I know

that device in my house so this is just

a quick way to look up devices and know

about them the other option or other

thing that you need to know here is just

that again Mac addresses layer two

related to switching I'm just trying to

repeat this and get this into your head

so that's all we need to know from this

lesson and we're going to go ahead and

all right so now we're moving into layer

four which is the transport layer of the

OSI model

and we're going to talk about what is

TCP and what is UDP so we'll type that

in here TCP versus UDP so TCP is what is

known as the transmission control

protocol and you could think of that as

a connection oriented protocol and we

also have UDP which is the user datagram

protocol and this is a connection less

protocol so when we have these two

protocols one is best suited when it

comes to high reliability that's TCP TCP

is connection oriented we want to make a

connection we need High reliability so

you can think of something like a

website which is HTTP or https or you

can think of something like SSH or FTP

the file transfer protocol those all

utilize TCP when you think about UDP you

might think about something like a

streaming service that's connectionless

or DNS is connectionless or our voice

over IP is connectionless and when this

comes into the importance of scanning

scanning is super important we're going

to be scanning both TCP and UDP as a

penetration tester and don't worry about

scanning right now when we get into the

scanning section this will make a lot

more sense

but we need to know what TCP and udpr

and Define them broadly so the most commonly

commonly

we commonly use protocol that you're

going to be scanning is going to be TCP

now TCP works on what is called a

three-way handshake now if we look at

the three-way handshake it's going to

look something like this we're going to

first send out a sin packet

and then we're going to receive back a

sin act packet

and finally we're going to send an act

packet now how does this work now you

could think of this as an interaction so

let's say you have a friend or a

neighbor and you go to your neighbor and

you say hello that's a sin now sinach is

going to be the response it's going to

say hey sin I acknowledge you that's

your neighbor waving hello back and then

you know you are good to go start a

conversation so that's the

acknowledgment now when we think about

this in the terms of ports now Port is a

item that can be open on a machine it's

a way to communicate with certain protocols for example if you think about

protocols for example if you think about HTTP that's over Port 80. if you think

HTTP that's over Port 80. if you think about https that's over Port 443 there's

about https that's over Port 443 there's a lot of different protocols and there

a lot of different protocols and there are 65 000 plus ports that can utilize

are 65 000 plus ports that can utilize these protocols so everything related

these protocols so everything related here is has to do with these ports

here is has to do with these ports now let's say that you want to connect

now let's say that you want to connect to Port 443 on a website you're going to

to Port 443 on a website you're going to send out a sin packet to that website

send out a sin packet to that website you're going to say hey I want to

you're going to say hey I want to connect to you on Port 443 and if 443 is

connect to you on Port 443 and if 443 is open and available for connection

open and available for connection they're going to say hey you can go

they're going to say hey you can go ahead and connect to me and when you

ahead and connect to me and when you want to actually establish that

want to actually establish that connection you're going to send that

connection you're going to send that acknowledgment packet back now let's

acknowledgment packet back now let's make more sense of this let's go ahead

make more sense of this let's go ahead and open up a tool called Wireshark so

and open up a tool called Wireshark so this is built into Kali Linux I'm just

this is built into Kali Linux I'm just going to type in Wireshark and I'm going

going to type in Wireshark and I'm going to provide an ampersand here just so I

to provide an ampersand here just so I have shell access if I need it in the

have shell access if I need it in the background

background and all I'm going to do is capture

and all I'm going to do is capture packet data so this is going to be

packet data so this is going to be listening in on my Nic and it's going to

listening in on my Nic and it's going to say hey what's he doing let's capture

say hey what's he doing let's capture all that data so we're going to capture

all that data so we're going to capture that I'm going to start a capture here

that I'm going to start a capture here you're going to start to see a bunch of

you're going to start to see a bunch of traffic coming through you can see the

traffic coming through you can see the different protocols here you can see UDP

different protocols here you can see UDP is coming through right now but we're

is coming through right now but we're going to go establish a TCP connection

going to go establish a TCP connection so let's go out to the world wide web

so let's go out to the world wide web and I've got Google up I'm just going to

and I've got Google up I'm just going to refresh Google you're going to see a lot

refresh Google you're going to see a lot of traffic start coming through so I'm

of traffic start coming through so I'm going to go ahead and just stop this

going to go ahead and just stop this right here

right here look at all the data packets that get

look at all the data packets that get sent when you're using your computer

sent when you're using your computer this is what's going on in the

this is what's going on in the background you don't even think about it

background you don't even think about it so we could see some sin synacts there

so we could see some sin synacts there those are in the gray let's see if we

those are in the gray let's see if we could find a good one okay so here is

could find a good one okay so here is one right here

one right here um so what we're gonna do actually let's

um so what we're gonna do actually let's find a better one so we're going to come

find a better one so we're going to come down to

down to here and we're going to say okay

here and we're going to say okay so here we are we're our source IP this

so here we are we're our source IP this is 192.168 5739 we're going out to

is 192.168 5739 we're going out to destination of 74 125 21 155 we're

destination of 74 125 21 155 we're saying hey I've got this port here I

saying hey I've got this port here I want to connect to your Port so Port 443

want to connect to your Port so Port 443 this is a web page we're sending a sin

this is a web page we're sending a sin packet

packet if that port is open and available for

if that port is open and available for connection and communication what's

connection and communication what's going to happen back is that IP address

going to happen back is that IP address is going to say hey here I am I'll allow

is going to say hey here I am I'll allow you to connect on this port and if we

you to connect on this port and if we make that final connection we're going

make that final connection we're going to go ahead and send the ACT packet back

to go ahead and send the ACT packet back which is right here it's going to say

which is right here it's going to say ack so that is the three-way handshake

ack so that is the three-way handshake please do remember this is going to come

please do remember this is going to come back into play when we get into scanning

back into play when we get into scanning and we'll talk about Stealth scanning

and we'll talk about Stealth scanning and how we modify the three-way

and how we modify the three-way handshake to actually do some scanning

handshake to actually do some scanning so that is it for this lesson I will

so that is it for this lesson I will catch you over in the next one

all right so before we go into the OSI model I do want to talk about some

model I do want to talk about some common ports and protocols since this is

common ports and protocols since this is a refresher most of these should be

a refresher most of these should be pretty familiar to you I'm going to run

pretty familiar to you I'm going to run through them pretty quickly and just

through them pretty quickly and just talk about them briefly on each of these

talk about them briefly on each of these common ports and the reason I've listed

common ports and the reason I've listed these is because there are things that

these is because there are things that we'll see quite often as a penetration

we'll see quite often as a penetration tester and it's just something that as

tester and it's just something that as we're going through the course if one of

we're going through the course if one of these show up it's something that just

these show up it's something that just rings a bell and you see you see a scan

rings a bell and you see you see a scan it comes back and you see Port 21 you

it comes back and you see Port 21 you just think ah yes FTP or you see Port 80

just think ah yes FTP or you see Port 80 you think ah yes HTTP so you got to

you think ah yes HTTP so you got to start training your mind to memorize

start training your mind to memorize these ports so when we get into our

these ports so when we get into our scanning which again we haven't covered

scanning which again we haven't covered scanning but when we get there and we

scanning but when we get there and we see what ports are open on a machine

see what ports are open on a machine we're going to be able to have these

we're going to be able to have these common ports memorized so on the TCP

common ports memorized so on the TCP side we've got FTP FTP is the file

side we've got FTP FTP is the file transfer protocol you're going to see

transfer protocol you're going to see this in some assessments you're going to

this in some assessments you're going to see this a lot when we do something

see this a lot when we do something called Capture the Flag or we run

called Capture the Flag or we run through some test machines you'll see

through some test machines you'll see FTP open quite a bit so FTP file

FTP open quite a bit so FTP file transfer protocol all that means is we

transfer protocol all that means is we can log into this server we can put a

can log into this server we can put a file or we can get a file off the server

file or we can get a file off the server now SSH and telnet kind of play hand in

now SSH and telnet kind of play hand in hand telnet is the ability to log into a

hand telnet is the ability to log into a machine remotely now SSH does the same

machine remotely now SSH does the same thing the only difference is SSH is the

thing the only difference is SSH is the encrypted version of that so with telnet

encrypted version of that so with telnet you are in clear text and with SSH you

you are in clear text and with SSH you are encrypted now SMTP POP3 and IMAP all

are encrypted now SMTP POP3 and IMAP all relate to mail we're not going to worry

relate to mail we're not going to worry too much about mail in this course but

too much about mail in this course but you might see it come back up at some

you might see it come back up at some point so just remember your 25 110 and

point so just remember your 25 110 and 143

143 DNS so DNS is a way to resolve IP

DNS so DNS is a way to resolve IP addresses to names and we could take a

addresses to names and we could take a quick look at that if we go back to our

quick look at that if we go back to our Kali machine and say we're at Google

Kali machine and say we're at Google here we've got Google up but the

here we've got Google up but the computer doesn't really know what Google

computer doesn't really know what Google is the computer is just using nice text

is the computer is just using nice text like google.com for us to humans what's

like google.com for us to humans what's going on on the back end is Google

going on on the back end is Google actually resolves to an IP address

actually resolves to an IP address now the IP address is how the computer

now the IP address is how the computer knows to get back and forth

knows to get back and forth because we don't want to sit there and

because we don't want to sit there and type in IP addresses this DNS or domain

type in IP addresses this DNS or domain name system has been implemented for us

name system has been implemented for us so we type in google.com on the back end

so we type in google.com on the back end it knows hey I want to go out to

it knows hey I want to go out to 17179 10 22 34 whatever it is in in

17179 10 22 34 whatever it is in in reality but this is just a quick way for

reality but this is just a quick way for the computer to relate to a human and

the computer to relate to a human and the human to you know have easily

the human to you know have easily readable access to some of this stuff so

readable access to some of this stuff so going back to our PowerPoint

going back to our PowerPoint we have HTTP and https that is a website

we have HTTP and https that is a website just what you saw there mostly

just what you saw there mostly everything is on 443 now or https the

everything is on 443 now or https the HTTP on Port 80 you'll see sometimes

HTTP on Port 80 you'll see sometimes remember that is the non-secure version

remember that is the non-secure version of the protocol so https is encrypted

of the protocol so https is encrypted HTTP is not encrypted and not secure

HTTP is not encrypted and not secure so lastly SMB ports 139 and 445.

so lastly SMB ports 139 and 445. originally it was just 139 in the later

originally it was just 139 in the later versions of Windows they put on 445

versions of Windows they put on 445 you're going to see these ports a lot

you're going to see these ports a lot this is probably the most common Port

this is probably the most common Port you're going to see as a pen tester

you're going to see as a pen tester these relate to file shares you might

these relate to file shares you might also hear this called Samba so there are

also hear this called Samba so there are a few names for it but when you think of

a few names for it but when you think of SMB and you see 139 or 445 think of file

SMB and you see 139 or 445 think of file shares and as a pen tester perspective

shares and as a pen tester perspective you got to think about all the crazy

you got to think about all the crazy exploits we've had regarding SMB the

exploits we've had regarding SMB the most recent one as of this course was

most recent one as of this course was the wannacry virus right so you have the

the wannacry virus right so you have the wannacry virus it's also known as

wannacry virus it's also known as Eternal blue was what it was built off

Eternal blue was what it was built off of or

of or ms17010 was the official term of that

ms17010 was the official term of that exploit that exploit utilized an SMB

exploit that exploit utilized an SMB exploit to navigate through networks so

exploit to navigate through networks so it became very vicious very quick

it became very vicious very quick because SMB is open so frequently on

because SMB is open so frequently on networks now on the UDP side we also

networks now on the UDP side we also have DNS over here DNS is both atcp and

have DNS over here DNS is both atcp and UDP protocol we also have DHCP

UDP protocol we also have DHCP now when it comes to IP addresses DHCP

now when it comes to IP addresses DHCP Associates you with an IP address kind

Associates you with an IP address kind of at random now you could have the

of at random now you could have the opposite of that is what is a static IP

opposite of that is what is a static IP address so with DHCP you plug into your

address so with DHCP you plug into your network say your home network and the

network say your home network and the internet just fires up guess what

internet just fires up guess what probably DHCP on the back end it just

probably DHCP on the back end it just picks a number between a range says hey

picks a number between a range says hey here's your IP address I'm going to let

here's your IP address I'm going to let you lease that out for eight hours or a

you lease that out for eight hours or a day or a week or however long the timing

day or a week or however long the timing is set for and that IP address is yours

is set for and that IP address is yours now the opposite of that again is static

now the opposite of that again is static so you could say hey I want a static IP

so you could say hey I want a static IP address and anytime I plug in with this

address and anytime I plug in with this specific computer go ahead and give it

specific computer go ahead and give it this IP address so how are we going to

this IP address so how are we going to know that most likely the MAC address

know that most likely the MAC address right so from Layer Two it's going to

right so from Layer Two it's going to know layer 3 and how to assign it so

know layer 3 and how to assign it so again DHCP should be pretty familiar to

again DHCP should be pretty familiar to you we've also got tftp on Port 69 which

you we've also got tftp on Port 69 which is the trivial FTP and it utilizes UDP

is the trivial FTP and it utilizes UDP instead of TCP and we also have SNMP

instead of TCP and we also have SNMP which is the simple Network management

which is the simple Network management protocol so you will encounter SNMP

protocol so you will encounter SNMP occasionally on networks not always but

occasionally on networks not always but when we do encounter it there may be

when we do encounter it there may be some information to be gathered

some information to be gathered especially if there are strings being

especially if there are strings being used that are Community or public

used that are Community or public strings and we'll worry about that when

strings and we'll worry about that when we we encounter it but you'll probably

we we encounter it but you'll probably see it again in this course

see it again in this course so that is it in this video we're going

so that is it in this video we're going to go ahead and move on to the OSI model

to go ahead and move on to the OSI model and tie all this together then we'll get

and tie all this together then we'll get into a little bit of subnetting and

into a little bit of subnetting and we'll end this with a refresher on

we'll end this with a refresher on networking a final final video on

networking a final final video on networking so I'll see you over in the

networking so I'll see you over in the next video

all right so this whole time we've been talking we've been talking about

talking we've been talking about networking and I've been throwing terms

networking and I've been throwing terms at you and I every time I throw a term

at you and I every time I throw a term at you I try to use the respective layer

at you I try to use the respective layer for it so you've heard me say layer two

for it so you've heard me say layer two layer three layer four and those all

layer three layer four and those all correspond with what is called The OSI

correspond with what is called The OSI model now if you're ever in a network

model now if you're ever in a network interview or if you're ever talking to

interview or if you're ever talking to somebody who has experience in

somebody who has experience in networking or even if you're on the help

networking or even if you're on the help desk or taking tickets knowing the OSI

desk or taking tickets knowing the OSI model is incredibly helpful and people

model is incredibly helpful and people will just throw layers at you especially

will just throw layers at you especially the people who have been in the field

the people who have been in the field for quite some time might just say Layer

for quite some time might just say Layer Two instead of a switch or they might

Two instead of a switch or they might say layer three instead of a router so

say layer three instead of a router so I'm going to discuss the OSI model

I'm going to discuss the OSI model really quickly give you a mnemonic on

really quickly give you a mnemonic on how to remember it and just talk about

how to remember it and just talk about some of the concepts within it and how

some of the concepts within it and how to troubleshoot down it as well so

to troubleshoot down it as well so I picked this up from Keith Barker a

I picked this up from Keith Barker a long time ago great trainer by the way

long time ago great trainer by the way and this is the mnemonic so we're gonna

and this is the mnemonic so we're gonna go p d n t s

go p d n t s p a

p a and this stands in my head for please do

and this stands in my head for please do not throw sausage pizza away

not throw sausage pizza away again that is please do not throw

again that is please do not throw sausage pizza away so I'm gonna put

sausage pizza away so I'm gonna put numbers corresponding to the layers in

numbers corresponding to the layers in front of it here

front of it here and we're gonna go ahead and type these

and we're gonna go ahead and type these out one by one so on the first layer

out one by one so on the first layer here we've got what is called the

here we've got what is called the physical layer

physical layer and you could think of your physical

and you could think of your physical layer as like data cables

layer as like data cables or like your cat 6 cables

or like your cat 6 cables stuff like that something you might you

stuff like that something you might you might plug in right that is the physical

might plug in right that is the physical layer and we've already talked about

layer and we've already talked about Layer Two quite a bit Layer Two is the

Layer Two quite a bit Layer Two is the data layer and that is our switching

data layer and that is our switching right and also our Mac addresses

right and also our Mac addresses going down the list we've got the

going down the list we've got the network layer which is IP addresses

network layer which is IP addresses also routing

the fourth layer is the transport layer which is TCP UDP which we have talked

which is TCP UDP which we have talked about as well

about as well and the last few so the session layer

and the last few so the session layer we've got the session layer which is

we've got the session layer which is just session management you don't really

just session management you don't really have to worry too much about this one

have to worry too much about this one six is the presentation layer now this

six is the presentation layer now this should be familiar to you because think

should be familiar to you because think about WMV

about WMV jpeg movie files that's what your

jpeg movie files that's what your presentation layer is so media and then

presentation layer is so media and then lastly we've got the application layer

lastly we've got the application layer which is like HTTP SMTP your

which is like HTTP SMTP your applications that you utilize right

applications that you utilize right so we've got this laid out here and you

so we've got this laid out here and you might be asking why is this important

might be asking why is this important well again when we say something like my

well again when we say something like my home router is a layer 2 3. so that

home router is a layer 2 3. so that means it does it does switching and it

means it does it does switching and it does routing right you might think of

does routing right you might think of this in another way as well you might be

this in another way as well you might be asked to troubleshoot and something to

asked to troubleshoot and something to talk about too with the with the OSI

talk about too with the with the OSI model is when we receive data we receive

model is when we receive data we receive data down this physical layer all the

data down this physical layer all the way down to the application when we

way down to the application when we transmit data it goes out the

transmit data it goes out the application layer down to the physical

application layer down to the physical when we're troubleshooting this it is

when we're troubleshooting this it is always best to start with the physical

always best to start with the physical and go down to the application Level

and go down to the application Level okay so say you get a your working help

okay so say you get a your working help desk and you get a phone call and

desk and you get a phone call and somebody says you know my internet's not

somebody says you know my internet's not working help me

working help me well what's the first thing you're going

well what's the first thing you're going to do are you going to ask them

to do are you going to ask them application Level questions yeah

application Level questions yeah probably not you might say hey can you

probably not you might say hey can you look at the back of the computer do you

look at the back of the computer do you see a uh the cable plugged in

see a uh the cable plugged in oh the cable's plugged in okay well uh

oh the cable's plugged in okay well uh do you do you see the the where the

do you do you see the the where the cables plugged in is there a blinking

cables plugged in is there a blinking light is that blinking light green by

light is that blinking light green by chance okay we're checking the Nick

chance okay we're checking the Nick right and then we might ask them to you

right and then we might ask them to you know do they have an IP address what's

know do they have an IP address what's going on uh all the way down and then we

going on uh all the way down and then we troubleshoot all the way down to layer

troubleshoot all the way down to layer seven so we wouldn't start on layer

seven so we wouldn't start on layer seven right we would start from the

seven right we would start from the basics and move down so it's important

basics and move down so it's important to know this this isn't a help desk

to know this this isn't a help desk course by any means but it's super

course by any means but it's super important to know this especially if

important to know this especially if it's been a while since you've seen this

it's been a while since you've seen this network stuff or even if this is new to

network stuff or even if this is new to you that the osm model is commonly

you that the osm model is commonly referred to even as a pen tester I get

referred to even as a pen tester I get all kinds of layer two layer three talk

all kinds of layer two layer three talk and you will be sitting in meetings with

and you will be sitting in meetings with network Engineers with people who are

network Engineers with people who are very very smart about this stuff and

very very smart about this stuff and they're going to throw all this lingo at

they're going to throw all this lingo at you so if you know this lingo really

you so if you know this lingo really really benefits you or else you're just

really benefits you or else you're just gonna sit there and wonder what the heck

gonna sit there and wonder what the heck they're talking about so hopefully the

they're talking about so hopefully the this is a quick informative method for

this is a quick informative method for you and again remember

you and again remember please do not throw sausage pizza away

please do not throw sausage pizza away that's the easiest way that I remember

that's the easiest way that I remember it you can make up your own mnemonics if

it you can make up your own mnemonics if you want people have other things as

you want people have other things as well if you've got a if you got a

well if you've got a if you got a favorite mnemonic please feel free to

favorite mnemonic please feel free to comment down below and tell me your

comment down below and tell me your mnemonic as well so I'd love to hear

mnemonic as well so I'd love to hear some of these other ones so let's go

some of these other ones so let's go ahead and move on into subnetting and

ahead and move on into subnetting and then we'll uh we'll start moving into

then we'll uh we'll start moving into other fun parts of the course

let's talk about subnetting so subnetting is important in networking

subnetting is important in networking you hear about it all the time you hear

you hear about it all the time you hear even people perhaps freaking out I know

even people perhaps freaking out I know I freaked out when I heard that I had to

I freaked out when I heard that I had to do it for exams like Network Plus or

do it for exams like Network Plus or CCNA and I feel like there are a lot of

CCNA and I feel like there are a lot of complicated methods out there for

complicated methods out there for submitting but there was a method that

submitting but there was a method that was shown to me middle of my career and

was shown to me middle of my career and it just blew my mind it's really really

it just blew my mind it's really really fast subnetting method and I really want

fast subnetting method and I really want to break down for you what subnetting is

to break down for you what subnetting is why we do it and then show you the

why we do it and then show you the methodology behind it so if we want to

methodology behind it so if we want to talk about subnetting if we just come in

talk about subnetting if we just come in here and just do an ifconfig

here and just do an ifconfig and we look at our IP address right we

and we look at our IP address right we have our inet which is our ipv4 and you

have our inet which is our ipv4 and you can see here too we have this net mask

can see here too we have this net mask this is also known as a subnet mask or a

this is also known as a subnet mask or a subnet and it just says 255-255-255.0

really tell us a lot if we don't know much about it but this is what a subnet

much about it but this is what a subnet looks like and we can think of subnets

looks like and we can think of subnets in ones and zeros it's all bit right so

in ones and zeros it's all bit right so we've got eight bits here just like an

we've got eight bits here just like an IP address ipv4 same thing 8 Bits 8 Bits

IP address ipv4 same thing 8 Bits 8 Bits 8 Bits and another eight bits and we've

8 Bits and another eight bits and we've got ones and zeros if all the ones are

got ones and zeros if all the ones are switched on we've got 255 if none of the

switched on we've got 255 if none of the ones are switched on we've got zero and

ones are switched on we've got zero and depending on how those ones and zeros

depending on how those ones and zeros are switched on or off determines a lot

are switched on or off determines a lot of things for us and that's why this net

of things for us and that's why this net mask is important now attached to your

mask is important now attached to your resources for this course I've created

resources for this course I've created an Excel sheet that I think will be

an Excel sheet that I think will be useful so if we look at the Excel sheet

useful so if we look at the Excel sheet here is the Cyber mentors subnetting

here is the Cyber mentors subnetting sheet and let's talk through this it

sheet and let's talk through this it looks like a bunch of numbers and it

looks like a bunch of numbers and it might look crazy for you and we're going

might look crazy for you and we're going to talk about how this breaks down how

to talk about how this breaks down how the bits break down and then how I would

the bits break down and then how I would write this shorthanded for an exam or a

write this shorthanded for an exam or a test or just something that I do on a

test or just something that I do on a day-to-day basis

day-to-day basis so first let's talk about the bit so

so first let's talk about the bit so come to the bits tab here and we have

come to the bits tab here and we have our eight bits right we can count this

our eight bits right we can count this across and there's eight here on the

across and there's eight here on the count you can see that and it starts

count you can see that and it starts with 128 and descends down to one you

with 128 and descends down to one you just keep cutting it in half right so

just keep cutting it in half right so 128 64 32 16 8 whatever what's more

128 64 32 16 8 whatever what's more important is why we get to these numbers

important is why we get to these numbers so if we have a 1 switched on here it

so if we have a 1 switched on here it adds to the value when all the ones are

adds to the value when all the ones are switched on it equals to 255 you see all

switched on it equals to 255 you see all the ones switched on here if we were to

the ones switched on here if we were to highlight over all this come down to the

highlight over all this come down to the sum you see the sum is 255 that's all

sum you see the sum is 255 that's all this formula is doing here

this formula is doing here so if we were to come through and you

so if we were to come through and you see all the zeros here nothing's flipped

see all the zeros here nothing's flipped on to actually turn any value on here

on to actually turn any value on here how this actually works is the switch

how this actually works is the switch has to be on in order right so if we

has to be on in order right so if we were to switch on another bit we'd have

were to switch on another bit we'd have to switch it on here

to switch it on here and we'd have to switch another one on

and we'd have to switch another one on here we couldn't just come down here and

here we couldn't just come down here and switch it on here it wouldn't make sense

switch it on here it wouldn't make sense it doesn't work that way not with

it doesn't work that way not with subnetting so we're going to take these

subnetting so we're going to take these back off and just show zeros again but

back off and just show zeros again but you see how the values change if for

you see how the values change if for example we had this network and you saw

example we had this network and you saw the default and I'm showing you the

the default and I'm showing you the 255-255-2550 the standard here because

255-255-2550 the standard here because that is what's known as a slash 24

that is what's known as a slash 24 Network that's very very common

Network that's very very common and it's very common because it's used

and it's very common because it's used mostly in household and small businesses

mostly in household and small businesses and it's done this way because of the

and it's done this way because of the amount of hosts that it allows now if we

amount of hosts that it allows now if we talk about the host you can see that I

talk about the host you can see that I have here 2 to the eighth power

have here 2 to the eighth power why do I have that well we actually go

why do I have that well we actually go by how many bits are switched off or how

by how many bits are switched off or how many hosts are available to us so if a

many hosts are available to us so if a host here or a bit was switched on then

host here or a bit was switched on then we lose the amount of hosts we have

we lose the amount of hosts we have available to us and this subnet gets

available to us and this subnet gets smaller and smaller now don't worry too

smaller and smaller now don't worry too much about the ones and zeros it's going

much about the ones and zeros it's going to make a lot more sense when we stop

to make a lot more sense when we stop talking in these binary terms I just

talking in these binary terms I just kind of want to break down the math

kind of want to break down the math behind it first before we make it really

behind it first before we make it really really simplistic so again we've we're

really simplistic so again we've we're talking about what's called the slash 24

talking about what's called the slash 24 or whack 24 Network and it's so standard

or whack 24 Network and it's so standard because of the host again 256. think of

because of the host again 256. think of all the devices in your house you have

all the devices in your house you have cell phones you probably have computers

cell phones you probably have computers you might have like a Roku or Amazon

you might have like a Roku or Amazon Fire or something along those lines you

Fire or something along those lines you might have Smart TVs or smart watches or

might have Smart TVs or smart watches or something that connects to the internet

something that connects to the internet well again they're all connecting

well again they're all connecting through Nat right and going out but the

through Nat right and going out but the amount of hosts that you can have on

amount of hosts that you can have on your private Network really depends on

your private Network really depends on the subnet mask and how you set it so we

the subnet mask and how you set it so we have this class C that you saw before

have this class C that you saw before the

the 192.168.1 or dot zero or however you

192.168.1 or dot zero or however you want to have it right well it allows us

want to have it right well it allows us to have 256 when we have a subnet of

to have 256 when we have a subnet of Slash 24 so that's very common for a

Slash 24 so that's very common for a household it's also common for a small

household it's also common for a small business maybe there's a printer some

business maybe there's a printer some few devices in there but they're never

few devices in there but they're never going to get over this 256 hose okay so

going to get over this 256 hose okay so when we come to the subnet cheat sheet

when we come to the subnet cheat sheet let's break this down a little bit

let's break this down a little bit differently

differently so we have our host here let's start

so we have our host here let's start with the slash 24 we just were and you

with the slash 24 we just were and you saw that there is 256 available hosts as

saw that there is 256 available hosts as we start turning off bits

we start turning off bits okay we turn off a bit here we turn off

okay we turn off a bit here we turn off a bit keep going down the list the hosts

a bit keep going down the list the hosts start getting bigger and that just

start getting bigger and that just corresponds here we have a slash 24 and

corresponds here we have a slash 24 and the only reason I'm saying 24 is I'm

the only reason I'm saying 24 is I'm counting the ones across right so we've

counting the ones across right so we've got 24 bits switched on if we had 23

got 24 bits switched on if we had 23 okay it gets bigger and bigger and

okay it gets bigger and bigger and bigger

bigger now

now let's stay away from the ones and zeros

let's stay away from the ones and zeros I think it's a little bit complicated

I think it's a little bit complicated the better way to think about this is to

the better way to think about this is to look at the subnet Mass down here and

look at the subnet Mass down here and I'm going to replicate this and then

I'm going to replicate this and then we're going to come back to it so what I

we're going to come back to it so what I do here is we can have a possibility of

do here is we can have a possibility of 32 bits switched on right so I'm just

32 bits switched on right so I'm just making a new tab and I'm just going to

making a new tab and I'm just going to go over here and I'm going to hit

go over here and I'm going to hit control and drag this across until it

control and drag this across until it hits eight

hits eight okay and then I'm gonna do the same

okay and then I'm gonna do the same thing with nine I'm gonna drag it across

thing with nine I'm gonna drag it across all I'm doing is just making really

all I'm doing is just making really quickly 32 placeholders

quickly 32 placeholders and I'm just emulating here

and I'm just emulating here if we had the possibility of

if we had the possibility of 32 different switched on bits so imagine

32 different switched on bits so imagine one bit is switched on imagine all 32

one bit is switched on imagine all 32 bits are switched on that's the

bits are switched on that's the possibilities here right so always for

possibilities here right so always for sure we're going to have an amount of

sure we're going to have an amount of host and we're gonna have a subnet mask

host and we're gonna have a subnet mask okay so we'll just call it subnet there

okay so we'll just call it subnet there we always start here

we always start here with 128 just like the bits that you saw

with 128 just like the bits that you saw you saw the 128 start on the bits let's

you saw the 128 start on the bits let's just start also with 128. now as you saw

just start also with 128. now as you saw every bit that's switched on remember

every bit that's switched on remember when we switch a bit on over here

when we switch a bit on over here it starts decreasing so we're going to

it starts decreasing so we're going to decrease for the bits that are switched

decrease for the bits that are switched on 64 32 16 8

on 64 32 16 8 4 2 1. you come over here and what I

4 2 1. you come over here and what I like to actually do is I like to just

like to actually do is I like to just add these numbers together and you can

add these numbers together and you can see 128 and 64 is 192.

see 128 and 64 is 192. and then you can add these two together

and then you can add these two together so you get 192 32 you just add diagonals

so you get 192 32 you just add diagonals the way I I actually always do it so 224

the way I I actually always do it so 224 240 248

240 248 252 254 and 255. now what does that

252 254 and 255. now what does that correspond to it corresponds to the

correspond to it corresponds to the possibilities of the bits being flipped

possibilities of the bits being flipped on right so this looks just like what

on right so this looks just like what you see here

you see here same deal and if you had a one

same deal and if you had a one underneath of it okay then you got 128

underneath of it okay then you got 128 if you've got another one underneath of

if you've got another one underneath of it well guess what you've got 128 plus

it well guess what you've got 128 plus 64 which is 192. and this number keeps

64 which is 192. and this number keeps growing why is this important this is

growing why is this important this is still all ones and zeros right well

still all ones and zeros right well let's start thinking about it

let's start thinking about it if we have a slash 24 Network we've got

if we have a slash 24 Network we've got 24 bits turned on

24 bits turned on our subnet mask is

our subnet mask is 255.255.255.0

255.255.0.0 why where are these changes coming from let me show you this

coming from let me show you this okay for a slash eight I'm just tying

okay for a slash eight I'm just tying this into just this right here well this

this into just this right here well this is coming from the number of bits that

is coming from the number of bits that are turned on

are turned on eight bits turned on we've got two five

eight bits turned on we've got two five five and the rest are zeros you got

five and the rest are zeros you got another eight bits turned on two five

another eight bits turned on two five five two five five the rest are zeros

five two five five the rest are zeros come down to the slash 24 which is that

come down to the slash 24 which is that really common subnet that you see and

really common subnet that you see and you've got two five five two five five

you've got two five five two five five two five five zero now this is very

two five five zero now this is very common okay let's go back to the cheat

common okay let's go back to the cheat sheet now

sheet now and you can see that I've got X as a

and you can see that I've got X as a placeholder in the subnet so what I'm

placeholder in the subnet so what I'm saying here is you look at this list and

saying here is you look at this list and you say I've got a slash one well for

you say I've got a slash one well for this whole area here from one to eight

this whole area here from one to eight the placeholder is going to hold in

the placeholder is going to hold in place of this x so for a slash one if

place of this x so for a slash one if I've got 128 then guess what it's going

I've got 128 then guess what it's going to become

to become 128.0.0.0 because that's how it would be

128.0.0.0 because that's how it would be and if you were turned on just one bit

and if you were turned on just one bit here and made all of these zeros guess

here and made all of these zeros guess what just the 128 would be on the rest

what just the 128 would be on the rest would be zeros okay if we had a slash 14

would be zeros okay if we had a slash 14 okay so 255's automatically flipped on

okay so 255's automatically flipped on you have a slash eight already you've

you have a slash eight already you've passed through it okay so you're

passed through it okay so you're starting on the second iteration here

starting on the second iteration here slash 14 corresponds down here to 252 so

slash 14 corresponds down here to 252 so you'd have a 255.252.0.0

so all this is is placeholders let's go back to the sheet here

back to the sheet here so I make this quick and dirty list this

so I make this quick and dirty list this is what I write out when I'm just

is what I write out when I'm just writing out something quick for an exam

writing out something quick for an exam I'll write out one through thirty two

I'll write out one through thirty two I'll put the host here and I'll put the

I'll put the host here and I'll put the subnet here so again if we know that

subnet here so again if we know that once we cross through 8 16 24 32 that

once we cross through 8 16 24 32 that has a two five five in front of it

has a two five five in front of it all we've got to do then is we'll say

all we've got to do then is we'll say slash 27 well we've come through three

slash 27 well we've come through three columns then I know for sure that we've

columns then I know for sure that we've got

255.255.255.something right you see the slash 27 you come down here the subnet

slash 27 you come down here the subnet would be 224.

would be 224. say 28 okay two five five two five five

say 28 okay two five five two five five two five five look at the 28 you've got

two five five look at the 28 you've got a DOT 240.

a DOT 240. and this is gonna be confusing this is

and this is gonna be confusing this is subnetting is not necessarily easy once

subnetting is not necessarily easy once you get the chart down it makes a lot

you get the chart down it makes a lot more sense so let's start piecing some

more sense so let's start piecing some more things together when I say that

more things together when I say that I've got host now the host I'm showing

I've got host now the host I'm showing you only correspond to these first rows

you only correspond to these first rows but it's very common or very useful just

but it's very common or very useful just to know this number right off the bat

to know this number right off the bat now if you look at the cheat sheet what

now if you look at the cheat sheet what you can do here is you just know that

you can do here is you just know that you start with a one or you start with

you start with a one or you start with the 128 you go down but every time you

the 128 you go down but every time you go up you're doubling and why are we

go up you're doubling and why are we doubling do you remember from the bits

doubling do you remember from the bits part

part every time a bit is turned off so as we

every time a bit is turned off so as we go up a number

go up a number we take it to the next power so we've

we take it to the next power so we've got eight bits turned off we take two to

got eight bits turned off we take two to the eighth power it's 256. well

the eighth power it's 256. well here you go look

here you go look come through here 256 we go to the ninth

come through here 256 we go to the ninth power 512 to the 10th power 10 24 it

power 512 to the 10th power 10 24 it just keeps doubling okay that's all you

just keeps doubling okay that's all you got to think about in your mind is it

got to think about in your mind is it keeps doubling so on an exam for example

keeps doubling so on an exam for example you might have something like what how

you might have something like what how many hosts could be potentially in a

many hosts could be potentially in a slash 20 Network and you come to your

slash 20 Network and you come to your cheat sheet that you made or you have in

cheat sheet that you made or you have in your head and you say well 496 and then

your head and you say well 496 and then we'll get to this in a minute but we

we'll get to this in a minute but we have to subtract two so 494 potential

have to subtract two so 494 potential and why is this all important what do we

and why is this all important what do we even care about any of this why am I

even care about any of this why am I rambling on well you need to know based

rambling on well you need to know based on the network okay the slash 24 is

on the network okay the slash 24 is great for a small office home network

great for a small office home network however you want to have it but what if

however you want to have it but what if you're a large Enterprise

you're a large Enterprise maybe you have thousands of devices okay

maybe you have thousands of devices okay maybe you want a slash 16 Network that

maybe you want a slash 16 Network that might make more sense for you or you

might make more sense for you or you even see some with a slash 8 Network it

even see some with a slash 8 Network it just depends on how big the company is

just depends on how big the company is the larger the company the greater

the larger the company the greater chance that you're going to see that

chance that you're going to see that they're not using slash 24 or they could

they're not using slash 24 or they could even have subnetted segments of their

even have subnetted segments of their Network where say they have just

Network where say they have just telephones and they've got 500 employees

telephones and they've got 500 employees and 500 telephones they might just have

and 500 telephones they might just have one slash 23 Network for nothing but

one slash 23 Network for nothing but telephones because that's the amount of

telephones because that's the amount of hosts that fit in there

hosts that fit in there so what we're after with subnetting is

so what we're after with subnetting is how many hosts can we fit and what is

how many hosts can we fit and what is the mask that's behind it so those are

the mask that's behind it so those are questions you might be asked in the exam

questions you might be asked in the exam and these are questions that you're just

and these are questions that you're just going to see and when you're given

going to see and when you're given addresses say you're doing a pen test

addresses say you're doing a pen test for a client you might be given

for a client you might be given something like this you might be given

something like this you might be given IP address it's

IP address it's 192.168.1.0 24. okay and immediately in

192.168.1.0 24. okay and immediately in your head you're like oh slash 24 that's

your head you're like oh slash 24 that's standard there could be up to 256 hosts

standard there could be up to 256 hosts or 254 hosts or devices in this network

or 254 hosts or devices in this network but if they gave you something like 192

but if they gave you something like 192 168 1.0 20. then you might look at your

168 1.0 20. then you might look at your little chart and say

little chart and say 4094 hosts remember we're going to

4094 hosts remember we're going to subtract two four thousand ninety four

subtract two four thousand ninety four hosts in this network now I know if I'm

hosts in this network now I know if I'm scanning this I'm up against a lot more

scanning this I'm up against a lot more devices potentially than I am in this

devices potentially than I am in this okay so when a client gives you your

okay so when a client gives you your subnets they might just write it out

subnets they might just write it out like this and depending how big your

like this and depending how big your client is might depend on how big their

client is might depend on how big their subnets are for you for example I just

subnets are for you for example I just pen tested a client that was a slash 16

pen tested a client that was a slash 16 all the way across and it looks

all the way across and it looks something like

something like 10.1.0.0 16.

10.1.0.0 16. okay and your subnet mask for that would

okay and your subnet mask for that would be something like two five five two five

be something like two five five two five five zero dot zero and how does this

five zero dot zero and how does this come into play well every time you have

come into play well every time you have a two five five that number's locked in

a two five five that number's locked in place that's another way to think about

place that's another way to think about this so that 10 is always locked down

this so that 10 is always locked down this one is always locked down the rest

this one is always locked down the rest of the bits are fair game meaning we

of the bits are fair game meaning we could have

10.1.1.0.1.2.3 we could actually have a zero here

zero here 0.1.2.3.4 and that's how this number for

0.1.2.3.4 and that's how this number for like a slash 16 gets so big because you

like a slash 16 gets so big because you have 10.1.0.0

through 255 on the possibilities which equals 256 hosts okay for one range you

equals 256 hosts okay for one range you get 256. well imagine you have to do

get 256. well imagine you have to do that 255 other times right and that

that 255 other times right and that number gets substantially bigger here

number gets substantially bigger here and then if you were to have a slash

and then if you were to have a slash eight then of course it gets bigger and

eight then of course it gets bigger and bigger so what you need to realize are a

bigger so what you need to realize are a few things here

few things here we have these addresses and you see the

we have these addresses and you see the slash one slash a again we call them wax

slash one slash a again we call them wax whack 24 is going to be very common I

whack 24 is going to be very common I would say wax 16 is probably your next

would say wax 16 is probably your next common you might see some weird cemented

common you might see some weird cemented networks like this subnetted networks

networks like this subnetted networks like this but typically it's slash 24

like this but typically it's slash 24 16. now

16. now your network ID is typically what is

your network ID is typically what is known as your first address and your

known as your first address and your broadcast ID is known as your last

broadcast ID is known as your last address this is not always the case but

address this is not always the case but it is very common and let me log back

it is very common and let me log back into this Cali machine here and I'll

into this Cali machine here and I'll show you

show you so we have our IP address 192 168 57.139

so we have our IP address 192 168 57.139 and we've got a net mask of

and we've got a net mask of 255-255-2550 what does that tell you

255-255-2550 what does that tell you from what we just learned that tells you

from what we just learned that tells you we have a slash 24 Network okay this is

we have a slash 24 Network okay this is a common Network there are potentially

a common Network there are potentially 250 for hosts why have I keep saying

250 for hosts why have I keep saying that why do I keep subtracting true well

that why do I keep subtracting true well we've got a network ID and a broadcast

we've got a network ID and a broadcast ID or broadcast IP here well what we

ID or broadcast IP here well what we need to know

need to know is we are DOT 139 we could be anywhere

is we are DOT 139 we could be anywhere from dot 1.254 within this network

from dot 1.254 within this network that's our 254 possibilities this zero

that's our 254 possibilities this zero means we have the flexibility to be any

means we have the flexibility to be any IP address range from 1 to 254. usually

IP address range from 1 to 254. usually usually a DOT zero for this IP here and

usually a DOT zero for this IP here and a DOT 255 make up your network ID and

a DOT 255 make up your network ID and your broadcast IP okay usually so if we

your broadcast IP okay usually so if we were to say something along the lines of

were to say something along the lines of let's go back to this Excel document and

let's go back to this Excel document and we were to say something along the lines

we were to say something along the lines of this let's say that we have a slash

of this let's say that we have a slash 24 Network

24 Network and we want to know how many hosts

and we want to know how many hosts we want to know how what our network ID

we want to know how what our network ID is

is and what our broadcast ideas or IAP is

and what our broadcast ideas or IAP is okay

okay we would say okay and we'll we'll give

we would say okay and we'll we'll give it one more we'll say it's a slash 24

it one more we'll say it's a slash 24 and the IP starts with

and the IP starts with 192.168.1 DOT

192.168.1 DOT zero okay or we can even write it like

zero okay or we can even write it like this 192 168 1.0 24 delete this and

this 192 168 1.0 24 delete this and we'll say what's our subnet mask

we'll say what's our subnet mask what's our host what's our Network

what's our host what's our Network what's our broadcast so subnet you come

what's our broadcast so subnet you come to your cheat sheet you say Okay slash

to your cheat sheet you say Okay slash 24 I already know that I need to be

24 I already know that I need to be filling in this area here on the X so

filling in this area here on the X so I'm just going to come in 255 255 what's

I'm just going to come in 255 255 what's the X well we know to come down this row

the X well we know to come down this row 255 here

255 here dot zero

dot zero okay and then we've got hosts I'm just

okay and then we've got hosts I'm just going to expand this a little bit we've

going to expand this a little bit we've got the host okay hosts are right here

got the host okay hosts are right here 256 hosts potentially 254 though because

256 hosts potentially 254 though because we always subtract 2 from the host total

we always subtract 2 from the host total so our network ID is usually the first

so our network ID is usually the first address available to us which is

address available to us which is 192.1681.0 the broadcast is

192.1681.0 the broadcast is 192.168.1.255 meaning available to us is

192.168.1.255 meaning available to us is anything from dot 1 to Dot 254.

anything from dot 1 to Dot 254. let's take a look at something else

let's take a look at something else that's uh a basic example let's do like

that's uh a basic example let's do like a slash 28. let's say we got

192.168.1.0 28. now what

now what well you've got 16 hosts here

well you've got 16 hosts here okay so our subnet is then going to fill

okay so our subnet is then going to fill in two five five two five five two five

in two five five two five five two five five dot X right because we're in this

five dot X right because we're in this row

row slash 28 says it's going to be a 240

slash 28 says it's going to be a 240 when we drop down to the subnet mask

when we drop down to the subnet mask I'm going to make this a little bigger

I'm going to make this a little bigger how many hosts 16 minus two we have 14

how many hosts 16 minus two we have 14 hoes

hoes okay so the first non-host would be a

okay so the first non-host would be a 192.168.1.0 again still the same thing

192.168.1.0 again still the same thing first first address

first first address last address is going to be what

last address is going to be what 192.168.1.15.

does that make sense 0 to 15 is 16 addresses usable space is 14 because we

addresses usable space is 14 because we take out the network and the broadcast

take out the network and the broadcast now you could see something like this

now you could see something like this and then guess what you're segmented so

and then guess what you're segmented so because you're only using this little

because you're only using this little bit of space you can then in turn have

bit of space you can then in turn have something like this

something like this 192.168.1.16 28.

192.168.1.16 28. and then it starts the same way your

and then it starts the same way your subnet mask is actually the same because

subnet mask is actually the same because you're using a slash 28 you come through

you're using a slash 28 you come through you can just copy and paste that the

you can just copy and paste that the hosts are still the same what changes

hosts are still the same what changes here

here well your first address 102.168.1.16

and then your last address which is 192.168.1.31

so because this is smaller on the slash 28 side

28 side we can actually have multiple networks

we can actually have multiple networks within like say a DOT

1.0.1.16.1.32 you get a multiple little networks here with only a small amount

networks here with only a small amount of hosts so maybe you have just a few

of hosts so maybe you have just a few servers in this range and you have like

servers in this range and you have like servers

servers um a b and c they go in a slash 28 and

um a b and c they go in a slash 28 and then you have another one of servers DC

then you have another one of servers DC and e or d d e and f however you want to

and e or d d e and f however you want to say it and you have more in that range

say it and you have more in that range okay so you can subnet this out into

okay so you can subnet this out into different things and when we see subnets

different things and when we see subnets we see all kinds of stuff we can see

we see all kinds of stuff we can see phones servers user computers Wireless

phones servers user computers Wireless all different sort of things some

all different sort of things some companies get really specific with their

companies get really specific with their subnetting now let's try one more let's

subnetting now let's try one more let's say we have a slash 23. now I want to

say we have a slash 23. now I want to put in

put in 192.168.1.0 23 but that would be wrong

192.168.1.0 23 but that would be wrong why would this be wrong this is actually

why would this be wrong this is actually going to be a zero and I'll show you why

going to be a zero and I'll show you why in a second

in a second so we're no longer locking in the this

so we're no longer locking in the this this number anymore right when we get

this number anymore right when we get below the slash 24 of the 255 all the

below the slash 24 of the 255 all the way across for three of them guess what

way across for three of them guess what we're now have the ability to change

we're now have the ability to change this number other than what's locked in

this number other than what's locked in so let's do a DOT zero we'll talk about

so let's do a DOT zero we'll talk about why let's hit enter here so the subnet

why let's hit enter here so the subnet on a slash 23 well we're going to do a

on a slash 23 well we're going to do a 254 which is going to be the placeholder

254 which is going to be the placeholder of the X here we're going to come in and

of the X here we're going to come in and say 255-255-254.0

and now again we're not locked in so remember this 255 would lock in this dot

remember this 255 would lock in this dot one that doesn't happen anymore so we've

one that doesn't happen anymore so we've got 255 255 254.0 we're actually going

got 255 255 254.0 we're actually going to start at zero here and we're going to

to start at zero here and we're going to say the number of hosts that are

say the number of hosts that are possible

possible it's 510 okay 512 minus two we'll say

it's 510 okay 512 minus two we'll say our network ID is

our network ID is 192.168.0.0 and our broadcast would then

192.168.0.0 and our broadcast would then be 192.168.1.255.

why okay so we have the possibility now that we're spanning two ranges we've got

that we're spanning two ranges we've got 510 hosts in this network okay and we

510 hosts in this network okay and we have the ability to go between zero and

have the ability to go between zero and one we've got two options now zero and

one we've got two options now zero and one so if we were to say another network

one so if we were to say another network if we wanted to get to like a two we'd

if we wanted to get to like a two we'd actually have to say

actually have to say 192.168.2.0 23 it would be the same

192.168.2.0 23 it would be the same subnet mask

subnet mask same number of hosts but then this would

same number of hosts but then this would be 192.168.2.0

again there's 500 510 possible hosts in between this right because you got to

between this right because you got to think dot

think dot 0.1.0.2.0.3 all the way through 254 and

0.1.0.2.0.3 all the way through 254 and again 1.1 1.2 all the way through 254.

again 1.1 1.2 all the way through 254. so that equals 510. once you've hit that

so that equals 510. once you've hit that maximum that 1.255 then guess what you

maximum that 1.255 then guess what you start at 2 you have a whole new network

start at 2 you have a whole new network here just like these smaller segments

here just like these smaller segments you get whole new networks on the bigger

you get whole new networks on the bigger side as well so what you need to know is

side as well so what you need to know is that when I if I were to put something

that when I if I were to put something like a 192.168.1.0.23

that would have fallen into line with the one and the zero in our actual

the one and the zero in our actual network ID still would have been 0.0 and

network ID still would have been 0.0 and a 1.255 would have been the broadcast

a 1.255 would have been the broadcast here and you can double check this

here and you can double check this anytime you're confused you can double

anytime you're confused you can double check your cider notation so I'm going

check your cider notation so I'm going to bring over a website that I will show

to bring over a website that I will show you here and this is just an IP

you here and this is just an IP addressing guide It's called

addressing guide It's called ipaddressguide.com you bring this over

ipaddressguide.com you bring this over and you scroll down just a little bit

and you scroll down just a little bit and I just put in

and I just put in 192.168.1.0 23 and you can see that it

192.168.1.0 23 and you can see that it actually corrects me and says the first

actually corrects me and says the first bit is

bit is 192.168.0.0 the last one's

192.168.0.0 the last one's 192.1681.255 total host is 5 12 minus

192.1681.255 total host is 5 12 minus two shows you that again first IP last

two shows you that again first IP last IP you got your net mask very easy to

IP you got your net mask very easy to use a cider calculator here or an IP

use a cider calculator here or an IP range to convert to cider as well so

range to convert to cider as well so very useful calculators but if you're

very useful calculators but if you're not allowed to use these for like an

not allowed to use these for like an exam purpose or something along those

exam purpose or something along those lines then using the cheat sheet that

lines then using the cheat sheet that I've shown you is super useful now what

I've shown you is super useful now what I want to do is I want to try three more

I want to do is I want to try three more subnets okay I'm going to write these

subnets okay I'm going to write these out I'm going to say

192.168.1.0 26 and

192.168.1.0 27. I want you to solve these for me tell me the subnet mask the

these for me tell me the subnet mask the host Network and broadcast

host Network and broadcast and with that being said this again is a

and with that being said this again is a very complicated topic I did not pick

very complicated topic I did not pick this up the first time or the second

this up the first time or the second time that I got it if you're running

time that I got it if you're running confused right now perfectly normal you

confused right now perfectly normal you can go back and watch this video again

can go back and watch this video again try to pick up more topics try to

try to pick up more topics try to understand it maybe I'm not the right

understand it maybe I'm not the right instructor for this either I do

instructor for this either I do recommend looking at other resources to

recommend looking at other resources to completely fill in your knowledge Gap if

completely fill in your knowledge Gap if there is one that exists another

there is one that exists another resource that I'll link down is what is

resource that I'll link down is what is called seven second subnetting it is

called seven second subnetting it is very useful a lot of students have

very useful a lot of students have recommended it to me I'm going to push

recommended it to me I'm going to push it forward as well so go ahead and try

it forward as well so go ahead and try to solve this understand that what

to solve this understand that what you're after here is just understanding

you're after here is just understanding what a subnet is okay when you see

what a subnet is okay when you see something like this if a client sends

something like this if a client sends you

you 192.1681.024 you're gonna say hey okay I

192.1681.024 you're gonna say hey okay I know that there's probably 254 hosts in

know that there's probably 254 hosts in that Network and I know what I'm working

that Network and I know what I'm working with if you see this

with if you see this 255.255.255.0 again you know that you're

255.255.255.0 again you know that you're working with a slash 24 Network very

working with a slash 24 Network very standard stuff that's what we're after I

standard stuff that's what we're after I don't expect you to ever memorize this I

don't expect you to ever memorize this I don't have this memorized like I don't

don't have this memorized like I don't come in here and say you know a slash 18

come in here and say you know a slash 18 is a two five five two five five 192.0

is a two five five two five five 192.0 Network and it's got 16 384 hosts I

Network and it's got 16 384 hosts I don't do that okay I have a cheat sheet

don't do that okay I have a cheat sheet I'll use a website if I need to for the

I'll use a website if I need to for the most part what you need to understand is

most part what you need to understand is two 254 hosts for a slash 24 if that

two 254 hosts for a slash 24 if that number has gone up to like a slash 28

number has gone up to like a slash 28 you know you're dealing with less if

you know you're dealing with less if that number is lower like a slash 16 you

that number is lower like a slash 16 you know you're doing with a bigger Network

know you're doing with a bigger Network that's really what it comes down to

that's really what it comes down to unless you are working in networking and

unless you are working in networking and then these become more important but as

then these become more important but as a pen tester understanding how to read

a pen tester understanding how to read this understanding what the subnet is

this understanding what the subnet is and just identifying it with very basic

and just identifying it with very basic measures this is extremely useful so I

measures this is extremely useful so I will catch you over in the next video

will catch you over in the next video when we talk about solving these

when we talk about solving these challenges and hopefully we got them all

challenges and hopefully we got them all right so I'll see you over there in the

right so I'll see you over there in the next one

foreign so let's solve this challenge together

so let's solve this challenge together shall we

shall we 've got a

've got a 192.168.00 22 why did I write this out

192.168.00 22 why did I write this out this way well similar to the slash 23.

this way well similar to the slash 23. so if we come to a slash 22 we see that

so if we come to a slash 22 we see that there are

there are 1024 hosts which means we have a

1024 hosts which means we have a possibility of 1022 right and all we

possibility of 1022 right and all we need to do is fill in the blank on the X

need to do is fill in the blank on the X so

so 255.255 dot 252.0

we come across we know our first IP here or ID is

IP here or ID is 192.1680.0 first address possible now if

192.1680.0 first address possible now if we think about this we can kind of do

we think about this we can kind of do this mentally in our head we can think

this mentally in our head we can think okay there's probably 250 or so hosts in

okay there's probably 250 or so hosts in a network and we've got a thousand or so

a network and we've got a thousand or so hosts here well that's going to be about

hosts here well that's going to be about four right four ranges because we got a

four right four ranges because we got a thousand divided by 250 so I'm going to

thousand divided by 250 so I'm going to go ahead and go 0 1 2 3. that's four

go ahead and go 0 1 2 3. that's four total we'd say

192.168.3.255. and hopefully that math makes sense again zero

makes sense again zero dot 0.1 through 254

dot 0.1 through 254 .1.1 through

.1.1 through 254.2.1 through

254.2.1 through 254.3.1 through 254. that equals about

254.3.1 through 254. that equals about 1022 hosts okay actually I lied to you

1022 hosts okay actually I lied to you the only two we're taking off are 0 and

the only two we're taking off are 0 and 255 you actually have dot zero through

255 you actually have dot zero through 255 1.0 through 255 all the way we're

255 1.0 through 255 all the way we're only subtracting these two so if you do

only subtracting these two so if you do that math that will add up to 10 22.

that math that will add up to 10 22. okay so a slash 26 we've got a

255.255.255.192 fill in the blanks fill in the X's 64 hosts we got 62 in reality

in the X's 64 hosts we got 62 in reality and we're gonna say 192. 168.1.0

and we're gonna say 192. 168.1.0 and 192.168.1.63.

again if we wanted to create a second Network we could start here with a

Network we could start here with a 64-26 and we would start with 64 as the

64-26 and we would start with 64 as the network ID and then 127 as the broadcast

network ID and then 127 as the broadcast and lastly

255.255.255.224 for a slash 27. we've got 30 potential hosts

we've got 30 potential hosts because we got 32 minus 2. 192 168.1.0

because we got 32 minus 2. 192 168.1.0 and then we're going to do 192.168.1.31.

same thing here if we wanted to create a second Network we could we could say

192.168.1.32-27 and then this would start at 32 and this one would end at

start at 32 and this one would end at 63. we can make however many networks

63. we can make however many networks within that four to eight I think eight

within that four to eight I think eight eight different segmented networks with

eight different segmented networks with the Slash 27.

the Slash 27. so that is it again as I said last video

so that is it again as I said last video this can be confusing and all we're

this can be confusing and all we're taking away here is identifying what the

taking away here is identifying what the cider notation looks like identifying

cider notation looks like identifying the base that to me is slash 24 being

the base that to me is slash 24 being the most common what you'll see

the most common what you'll see understanding what a subnet mask is and

understanding what a subnet mask is and why it's important especially in

why it's important especially in relation to hosts and the number of

relation to hosts and the number of devices that you can have on a network

devices that you can have on a network and why you might see something like a

and why you might see something like a slash 28 or a slash 23 or more commonly

slash 28 or a slash 23 or more commonly something like a slash 16. so understand

something like a slash 16. so understand again that slash 24 as you see a bigger

again that slash 24 as you see a bigger number there or you see even you know

number there or you see even you know something other than 3 255s in a row

something other than 3 255s in a row understand the number of hosts are

understand the number of hosts are getting smaller the last 255s you see on

getting smaller the last 255s you see on your screen the number is getting bigger

your screen the number is getting bigger for the number of hosts okay and just

for the number of hosts okay and just understand how to read this that's all

understand how to read this that's all you need to take away again I'm going to

you need to take away again I'm going to provide additional resources as I

provide additional resources as I provide in the last video go review them

provide in the last video go review them if you don't understand them you can

if you don't understand them you can always come to the Discord Channel you

always come to the Discord Channel you can always ask q a questions this is not

can always ask q a questions this is not an easy topic to pick up but it is a

an easy topic to pick up but it is a topic that I had to show you as part of

topic that I had to show you as part of networking

all right so in order to be successful in this course we are going to be

in this course we are going to be utilizing what is called a virtual

utilizing what is called a virtual machine now virtual machines are known

machine now virtual machines are known as VMS for short and a VM is just a

as VMS for short and a VM is just a machine on top of a machine and to give

machine on top of a machine and to give you an example I'm actually running this

you an example I'm actually running this Windows 10 instance that you see here

Windows 10 instance that you see here on top of my Windows 10 instance so here

on top of my Windows 10 instance so here you can see if I scroll up that I have a

you can see if I scroll up that I have a Windows 10 machine I also have a Linux

Windows 10 machine I also have a Linux machine sitting here if I were to

machine sitting here if I were to demaximize this you can see that I'm

demaximize this you can see that I'm actually running here a Windows machine

actually running here a Windows machine in the back this is my wife and I and

in the back this is my wife and I and you come through here we just blow it

you come through here we just blow it back up and we're back inside of our

back up and we're back inside of our machine so a virtual machine is just a

machine so a virtual machine is just a machine inside of a machine so what

machine inside of a machine so what we're going to be doing is we're going

we're going to be doing is we're going to be utilizing this to build out Labs

to be utilizing this to build out Labs that way we don't have to actually have

that way we don't have to actually have a bunch of Hardware we can just use this

a bunch of Hardware we can just use this for our our course and run what we need

for our our course and run what we need to on top of our own machine already now

to on top of our own machine already now this can get resource intensive so if

this can get resource intensive so if you are only utilizing something like

you are only utilizing something like eight gigabytes of RAM then you might

eight gigabytes of RAM then you might have some issues with this but you can

have some issues with this but you can still follow along when we get into the

still follow along when we get into the active directory portion you might run

active directory portion you might run into issues if you do not have at least

into issues if you do not have at least 16 gigabytes of RAM to utilize but we'll

16 gigabytes of RAM to utilize but we'll worry about that when we we get there

worry about that when we we get there there's still plenty of ways to follow

there's still plenty of ways to follow along throughout this whole course so

along throughout this whole course so another thing to note is that I use VMS

another thing to note is that I use VMS every single day this machine that you

every single day this machine that you see here is actually my day-to-day pen

see here is actually my day-to-day pen testing machine so I run a Kali Linux

testing machine so I run a Kali Linux instance on top of my Windows machine

instance on top of my Windows machine and utilize that to do penetration

and utilize that to do penetration testing so I'm going to demonstrate that

testing so I'm going to demonstrate that to you and how we're going to build out

to you and how we're going to build out our Labs with that and a lot of us in

our Labs with that and a lot of us in the industry run through VMS as opposed

the industry run through VMS as opposed to running it directly on metal or on a

to running it directly on metal or on a machine

machine so in order to utilize virtual machines

so in order to utilize virtual machines we first need some sort of virtual

we first need some sort of virtual machine software to play these so there

machine software to play these so there are two different ways that we can do

are two different ways that we can do this if you are on a Windows machine or

this if you are on a Windows machine or a Linux machine you can utilize VMware

a Linux machine you can utilize VMware Workstation player now if you type in

Workstation player now if you type in VMware Workstation player in Google the

VMware Workstation player in Google the first one here that says download VMware

first one here that says download VMware Workstation player you just click on

Workstation player you just click on that

that and if you are in a Mac environment

and if you are in a Mac environment you're going to be utilizing Oracle

you're going to be utilizing Oracle virtualbox so if you type in Oracle

virtualbox so if you type in Oracle virtualbox you come here and you go to

virtualbox you come here and you go to downloads

downloads you have your option there as well so in

you have your option there as well so in this course I will be using VMware

this course I will be using VMware Workstation player I'm going to be

Workstation player I'm going to be running it on top of Windows if you are

running it on top of Windows if you are using Mac that is absolutely fine you're

using Mac that is absolutely fine you're going to be following along just the

going to be following along just the same all you need to be able to do is

same all you need to be able to do is follow the same instructions that I give

follow the same instructions that I give you and you will be a-okay so if you

you and you will be a-okay so if you scroll down here you can see try

scroll down here you can see try workstation player for windows or try a

workstation player for windows or try a workstation player for Linux go ahead

workstation player for Linux go ahead and just select download now

and just select download now that should bring up a download and go

that should bring up a download and go ahead and save it

ahead and save it if you're doing virtualbox go ahead and

if you're doing virtualbox go ahead and download for OS X I will download the

download for OS X I will download the windows version just so that we can uh

windows version just so that we can uh we can see what that looks like as well

we can see what that looks like as well so I'll save both of these

so I'll save both of these so let's view our downloads and we've

so let's view our downloads and we've got VMware Workstation player here

got VMware Workstation player here I'm going to go ahead and open this one

I'm going to go ahead and open this one and we're going to install this

and this will be very point and click so next accept the agreement possibly

so next accept the agreement possibly give away our first child uh yeah we

give away our first child uh yeah we should go ahead and install the enhanced

should go ahead and install the enhanced keyboard driver while we have this

and then we don't need to enjoy join any Improvement programs or check for

Improvement programs or check for product update that's okay we will

product update that's okay we will install desktop start menu you check

install desktop start menu you check check your preferences as you like it

check your preferences as you like it I'm just going to install this

I'm just going to install this and this should just finish here in just

and this should just finish here in just a second

okay then you'll be brought to this screen once everything's done it should

screen once everything's done it should take about a minute or two and we're

take about a minute or two and we're going to go ahead and hit finish

going to go ahead and hit finish and it's going to want a restart to take

and it's going to want a restart to take effect you can go ahead and restart your

effect you can go ahead and restart your system I'm going to say no right now

system I'm going to say no right now let's go ahead and install virtualbox if

let's go ahead and install virtualbox if you are a Mac User

you are a Mac User we'll hit next

we'll hit next here

here next and yes and install

next and yes and install except

except and again vary point and click with the

and again vary point and click with the installation

installation select install and any options that do

select install and any options that do pop up

pop up and then we can start Oracle VM if we

and then we can start Oracle VM if we want let's go ahead and just start that

want let's go ahead and just start that this is what Oracle VM looks like

this is what Oracle VM looks like and let's see if we can start the VMware

and let's see if we can start the VMware Player here even though we need to

Player here even though we need to restart

and this is what VMware Workstation player looks like so here you can see

player looks like so here you can see that we have virtual machines we can

that we have virtual machines we can create new virtual machines open ones

create new virtual machines open ones Etc we'll get into that in the next

Etc we'll get into that in the next video so again if you are using Windows

video so again if you are using Windows or Linux this is probably what your view

or Linux this is probably what your view is going to look like for the rest of

is going to look like for the rest of the time if you are using Oracle on a

the time if you are using Oracle on a Mac this is what your view is going to

Mac this is what your view is going to look like another site Pro tip here is

look like another site Pro tip here is that I am using workstation Pro and I

that I am using workstation Pro and I might utilize this in some instances

might utilize this in some instances throughout the course other instances

throughout the course other instances I'll be utilizing the workstation player

I'll be utilizing the workstation player they are not much of a difference

they are not much of a difference especially in the beginning when we get

especially in the beginning when we get into the active directory portion it

into the active directory portion it might actually be worth it for you all

might actually be worth it for you all to download the VMware Pro trial because

to download the VMware Pro trial because the trial is 30 days and you can utilize

the trial is 30 days and you can utilize that to get through some sections and

that to get through some sections and actually have nice little Windows here

actually have nice little Windows here to to be clean and just have a pro

to to be clean and just have a pro Edition you can do everything that I'm

Edition you can do everything that I'm going to show you in the course on the

going to show you in the course on the player it just is that you have to open

player it just is that you have to open if you want to run more than one machine

if you want to run more than one machine you you'll just have to reopen the

you you'll just have to reopen the VMware Workstation player several times

VMware Workstation player several times to run multiple machines but that's okay

to run multiple machines but that's okay it just won't look like this nice clean

it just won't look like this nice clean layout where you could transfer between

layout where you could transfer between machines like I can do just here

machines like I can do just here so with that being said let's go ahead

so with that being said let's go ahead and move on to the next video we're

and move on to the next video we're going to be installing Kali Linux onto

going to be installing Kali Linux onto our VMware Workstation player

now that we've installed VMware or virtualbox we need to install Linux

virtualbox we need to install Linux we're going to be using a version of

we're going to be using a version of Linux called Kali Linux throughout this

Linux called Kali Linux throughout this course

course this version of Linux is a Debian based

this version of Linux is a Debian based distribution which is geared towards

distribution which is geared towards ethical hacking and penetration testing

ethical hacking and penetration testing so it's a special version of Linux that

so it's a special version of Linux that allows us to have all the tools in one

allows us to have all the tools in one place that will allow us to hack without

place that will allow us to hack without having to download these tools and

having to download these tools and install them on our own custom Linux

install them on our own custom Linux distribution so it's all kind of nicely

distribution so it's all kind of nicely built into one package

built into one package so if you go out to Google and you type

so if you go out to Google and you type in Kali Linux download you should see

in Kali Linux download you should see this link I'll put the link in the

this link I'll put the link in the description below as well but you should

description below as well but you should just be able to go to get Cali right

just be able to go to get Cali right here

here and you're going to be presented with a

and you're going to be presented with a couple of options here we're going to be

couple of options here we're going to be using a virtual machine in this course

using a virtual machine in this course so we're just going to go ahead and

so we're just going to go ahead and click on this virtual machine option

click on this virtual machine option and that's going to take us down just a

and that's going to take us down just a little bit here what you're going to do

little bit here what you're going to do is you're going to download the

is you're going to download the respective version that you need so if

respective version that you need so if you need VMware you download VMware

you need VMware you download VMware you're using virtualbox go ahead and

you're using virtualbox go ahead and download the virtualbox one

download the virtualbox one now they have a direct download which is

now they have a direct download which is a 7-Zip and they also have a torrent if

a 7-Zip and they also have a torrent if you know how to torrent

you know how to torrent what you're going to do is go ahead and

what you're going to do is go ahead and download the file that you need and

download the file that you need and while you're doing that if you do choose

while you're doing that if you do choose to download directly you're also going

to download directly you're also going to need a tool called 7-Zip or a way to

to need a tool called 7-Zip or a way to unzip this file so go ahead and start

unzip this file so go ahead and start your download while it's downloading

your download while it's downloading let's also go ahead and navigate to

let's also go ahead and navigate to 7-Zip so if you go to Google and you

7-Zip so if you go to Google and you look at 7-Zip you'll see this page here

look at 7-Zip you'll see this page here comes up you just go to download in here

comes up you just go to download in here you're going to download the file that

you're going to download the file that is for your respective system so here

is for your respective system so here I'm using Windows on 64-bit I would

I'm using Windows on 64-bit I would download this executable right here now

download this executable right here now if you're running on Linux here's where

if you're running on Linux here's where you download Linux if you're running on

you download Linux if you're running on Mac OS here's where you download for Mac

Mac OS here's where you download for Mac OS very straightforward I've already got

OS very straightforward I've already got this installed but what you need to do

this installed but what you need to do is just download this and literally

is just download this and literally click next through it make sure you get

click next through it make sure you get it installed

it installed go ahead and pause the video once that

go ahead and pause the video once that is installed 7zip that is and once you

is installed 7zip that is and once you have the actual Cali image downloaded go

have the actual Cali image downloaded go ahead and unpause the video I'll be here

ahead and unpause the video I'll be here waiting for you

waiting for you okay so your next step should look

okay so your next step should look something like this

something like this you have your 7-Zip file open you should

you have your 7-Zip file open you should see a folder located in there and the

see a folder located in there and the easiest thing is to just drag and drop

easiest thing is to just drag and drop this you can also right click and

this you can also right click and extract if you know where you want to

extract if you know where you want to extract it I created a folder called

extract it I created a folder called Cali I'm just going to grab this and I'm

Cali I'm just going to grab this and I'm going to drag it over and it's going to

going to drag it over and it's going to take a minute here just a few seconds

take a minute here just a few seconds honestly to unzip the file size of this

honestly to unzip the file size of this one at least for the VMware version is

one at least for the VMware version is around 11 gigabytes or 11 gigabytes

around 11 gigabytes or 11 gigabytes exactly unzip so make sure you have the

exactly unzip so make sure you have the space on your hard drive in order to do

space on your hard drive in order to do this

this now once you have it unzipped you can go

now once you have it unzipped you can go ahead and just double click in here

ahead and just double click in here you'll see a bunch of files if you have

you'll see a bunch of files if you have VMware installed you can actually just

VMware installed you can actually just double click on this vmx file and that

double click on this vmx file and that should open things up for you I'm just

should open things up for you I'm just going to show you the other way around

going to show you the other way around doing this as well

doing this as well so with VMware Workstation player open

so with VMware Workstation player open what you're going to want to do is go to

what you're going to want to do is go to open a virtual machine

and in the folder that you have you should see this vmx file as well again

should see this vmx file as well again you could double click it or you could

you could double click it or you could just open it through this what's going

just open it through this what's going to happen is it's going to open that

to happen is it's going to open that file here and you're going to want to

file here and you're going to want to edit this virtual machine settings once

edit this virtual machine settings once you have it loaded click on edit virtual

you have it loaded click on edit virtual machine settings

machine settings and in here we're going to want to First

and in here we're going to want to First change the amount of ram that we have

change the amount of ram that we have now this is dependent on your system if

now this is dependent on your system if you have like eight gigs of RAM or maybe

you have like eight gigs of RAM or maybe even 16 gigs of RAM you might want to

even 16 gigs of RAM you might want to try leaving it at 2 at first I'm going

try leaving it at 2 at first I'm going to bump mine up to four gigs which is

to bump mine up to four gigs which is 40.96 and I have a 128 gigs of RAM so I

40.96 and I have a 128 gigs of RAM so I have more than enough space to allocate

have more than enough space to allocate for this but if you again if you're on

for this but if you again if you're on like eight gigs of RAM probably not the

like eight gigs of RAM probably not the best idea to Jack this up Beyond two

best idea to Jack this up Beyond two honestly I would try it at one maybe two

honestly I would try it at one maybe two see how it works the other thing you're

see how it works the other thing you're going to make sure of is that you're

going to make sure of is that you're running on Nat Network so if you click

running on Nat Network so if you click on network adapter make sure that it

on network adapter make sure that it says Nat and that's selected once that's

says Nat and that's selected once that's selected go ahead and hit OK

selected go ahead and hit OK and then you're just going to hit play

and then you're just going to hit play Virtual Machine

Virtual Machine when it asks you what to do just say I

when it asks you what to do just say I copied it

copied it now from here it's going to take a

now from here it's going to take a minute for this to load you can just let

minute for this to load you can just let this run through it'll boot on its own

this run through it'll boot on its own once you are presented with the login

once you are presented with the login screen go ahead and unpause the video

screen go ahead and unpause the video but until then pause and I'll meet you

but until then pause and I'll meet you back when you're at the login screen

okay I'm at the login screen I'm going to make this a little bit bigger just so

to make this a little bit bigger just so we can see

we can see and from here what I'm going to do is

and from here what I'm going to do is I'm just going to type in the username

I'm just going to type in the username of Cali k-a-l-i and the password of Cali

of Cali k-a-l-i and the password of Cali k-a-l-i

k-a-l-i hit enter

and if you see this screen congratulations you have successfully

congratulations you have successfully installed the Kali Linux and you now

installed the Kali Linux and you now have it up and running

have it up and running in later videos we're going to cover

in later videos we're going to cover what we're going to be doing and how to

what we're going to be doing and how to use this and how to use Linux and all

use this and how to use Linux and all this but for now pat yourself on the

this but for now pat yourself on the back you've got Linux installed and

back you've got Linux installed and we're going to pause here and move on to

we're going to pause here and move on to the next video

okay so this video pertains to some updates we need to make to virtualbox

updates we need to make to virtualbox for quality of life so if you're not

for quality of life so if you're not using virtualbox you can go ahead and

using virtualbox you can go ahead and skip this video if you are Buckle in we

skip this video if you are Buckle in we just need to do a couple of quick

just need to do a couple of quick updates and then we should be good for

updates and then we should be good for the rest of the course

the rest of the course so go ahead and go out to Google and

so go ahead and go out to Google and Google virtualbox extension pack what

Google virtualbox extension pack what it's going to bring up is just the

it's going to bring up is just the downloads page of virtualbox so we're

downloads page of virtualbox so we're going to want to go here

going to want to go here and on this page if you look kind of

and on this page if you look kind of towards the middle you'll see that there

towards the middle you'll see that there is a virtual box extension pack here

is a virtual box extension pack here we're going to just click all supported

we're going to just click all supported platforms and that will automatically

platforms and that will automatically download the file that we need

download the file that we need so once that is downloaded and pause if

so once that is downloaded and pause if you need to go ahead and open virtualbox

you need to go ahead and open virtualbox and you can come in here and up at the

and you can come in here and up at the top we're going to go ahead and click on

top we're going to go ahead and click on preferences

preferences and from here we are interested in

and from here we are interested in extensions see extensions right here go

extensions see extensions right here go ahead and click on that there's a little

ahead and click on that there's a little plus sign we're going to go ahead and

plus sign we're going to go ahead and click on that

click on that and then you should have your downloads

and then you should have your downloads right here so we're going to take the

right here so we're going to take the downloads and just go ahead and install

downloads and just go ahead and install that hit install

that hit install read this give away your firstborn

read this give away your firstborn accept all the terms and you should be

accept all the terms and you should be good very quick install okay

good very quick install okay the second thing we need to do is we

the second thing we need to do is we need to come to the one tab appear above

need to come to the one tab appear above which is Network

which is Network we're going to go ahead and hit the

we're going to go ahead and hit the network button or this add button and

network button or this add button and we're going to add what is called a Nat

we're going to add what is called a Nat Network

Network okay and we're going to come in here and

okay and we're going to come in here and we're going to double click

we're going to double click and you can go ahead and keep these

and you can go ahead and keep these defaults I'm going to actually change

defaults I'm going to actually change them to

192.168.57.0 because that's what's going to be used through the rest of the

to be used through the rest of the course and that is what the cider

course and that is what the cider notation of my Cali machine and my key

notation of my Cali machine and my key Optics which you'll see later Etc all

Optics which you'll see later Etc all fell into this 57.0 so we're going to go

fell into this 57.0 so we're going to go ahead and keep it on this Nat Network

ahead and keep it on this Nat Network make sure you support the hcp go ahead

make sure you support the hcp go ahead and just hit OK hit OK

and just hit OK hit OK and then for a machine and make sure any

and then for a machine and make sure any machine that you use again any machine

machine that you use again any machine that you use in this course make sure

that you use in this course make sure you set it to Nat network if you're

you set it to Nat network if you're using virtualbox so you can come in here

using virtualbox so you can come in here click on a machine like this mail

click on a machine like this mail machine I have here you can just click

machine I have here you can just click on that settings go to network and then

on that settings go to network and then you can go ahead and just go to Nat

you can go ahead and just go to Nat Network all right and that name right

Network all right and that name right here you see name that Network that's

here you see name that Network that's all we're going to use that'll

all we're going to use that'll automatically set it up so when you have

automatically set it up so when you have a Cali machine running later and you

a Cali machine running later and you have kiopteryx or another box running or

have kiopteryx or another box running or even when we build out an active

even when we build out an active directory lab you need to make sure that

directory lab you need to make sure that you're running that net Network so that

you're running that net Network so that all the machines are on the same subnet

all the machines are on the same subnet if you don't you might run into a

if you don't you might run into a situation where the same IP comes up for

situation where the same IP comes up for the same machine and then they're

the same machine and then they're conflicting with each other or you get

conflicting with each other or you get on different networks and some weird

on different networks and some weird stuff happens so make sure again that

stuff happens so make sure again that it's imperative that you're setting that

it's imperative that you're setting that net Network for every single machine

net Network for every single machine that you're setting up so with that said

that you're setting up so with that said we're going to go ahead and move on to

we're going to go ahead and move on to the next video in this section

the first thing I'd like to do before we get started with any commands or

get started with any commands or anything like that is just take a look

anything like that is just take a look around Kali Linux and kind of

around Kali Linux and kind of demonstrate why a pen tester or ethical

demonstrate why a pen tester or ethical hacker might use this distribution of 1x

hacker might use this distribution of 1x now throughout the course as stated in

now throughout the course as stated in the last video you might see a different

the last video you might see a different version of this pop up as I recorded

version of this pop up as I recorded videos on some of the older versions

videos on some of the older versions everything should still work just as is

everything should still work just as is you just might see a different look and

you just might see a different look and feel to some of the Cali interface but

feel to some of the Cali interface but all the commands I'm going to show you

all the commands I'm going to show you everything that we do is going to be the

everything that we do is going to be the same so let's take a look and just

same so let's take a look and just explore Kali Linux just for a bit so if

explore Kali Linux just for a bit so if we come up here into the corner and we

we come up here into the corner and we just click on the little Cali logo you

just click on the little Cali logo you can see that we have nice things broken

can see that we have nice things broken out for us so we've got these favorites

out for us so we've got these favorites up here which we have our terminal which

up here which we have our terminal which we're going to be living in essentially

we're going to be living in essentially we've got a text editor we've got a web

we've got a text editor we've got a web browser which is basically Firefox we've

browser which is basically Firefox we've got some other tool down here docs Etc

got some other tool down here docs Etc the other thing that we can come scroll

the other thing that we can come scroll through is we can see that we have

through is we can see that we have different applications in here if we

different applications in here if we look at the different sections these

look at the different sections these kind of go in order which we haven't

kind of go in order which we haven't covered quite yet but in the order of

covered quite yet but in the order of how a hack might go down so information

how a hack might go down so information gathering is usually the first step you

gathering is usually the first step you can come in here look through this and

can come in here look through this and here's a bunch of tools related to

here's a bunch of tools related to information gathering you can even click

information gathering you can even click into these and go deeper if you wanted

into these and go deeper if you wanted to related to specific things so DNS or

to related to specific things so DNS or SMB or open source intelligence

SMB or open source intelligence all of this that's in here this is just

all of this that's in here this is just built in tools so let's say we're coming

built in tools so let's say we're coming in here we want to do a wireless attack

in here we want to do a wireless attack well we go to wireless Stacks got a

well we go to wireless Stacks got a bunch of tools already built in so Kali

bunch of tools already built in so Kali Linux is just essentially a ethical

Linux is just essentially a ethical hacking distribution of Linux and it's

hacking distribution of Linux and it's built on Debian so if you've ever used

built on Debian so if you've ever used something like Ubuntu or anything along

something like Ubuntu or anything along those lines of a Debian distribution

those lines of a Debian distribution this is all going to feel really

this is all going to feel really familiar to you with just a bunch of

familiar to you with just a bunch of tools built in on top of it so fairly

tools built in on top of it so fairly straightforward they do have some nice

straightforward they do have some nice Tools in here you can come through and

Tools in here you can come through and utilize these a lot of this is already

utilize these a lot of this is already built in and we're going to take a look

built in and we're going to take a look at that as we go okay so the next thing

at that as we go okay so the next thing that we're going to do is and throughout

that we're going to do is and throughout the rest of this course is start looking

the rest of this course is start looking at the terminal so if you come up here

at the terminal so if you come up here you'll see that we have a terminal now

you'll see that we have a terminal now mostly everything that we do is going to

mostly everything that we do is going to be done in this terminal here now this

be done in this terminal here now this is almost like accessing the command

is almost like accessing the command line so if you're using a command line

line so if you're using a command line like in Windows for example if you've

like in Windows for example if you've ever used a command line if not that's

ever used a command line if not that's okay but we do a lot of this from this

okay but we do a lot of this from this interface as opposed to maybe utilizing

interface as opposed to maybe utilizing a GUI bass interface where if we clicked

a GUI bass interface where if we clicked a folder this might look more familiar

a folder this might look more familiar to you if you're a Windows or Mac User

to you if you're a Windows or Mac User you come in here you have this kind of

you come in here you have this kind of area yeah yeah we can do that and

area yeah yeah we can do that and sometimes we'll utilize this but a lot

sometimes we'll utilize this but a lot of times we're going to be living right

of times we're going to be living right here okay so as we move forward we're

here okay so as we move forward we're going to start talking about this

going to start talking about this command line how we can utilize it and

command line how we can utilize it and use it to our advantage and then we'll

use it to our advantage and then we'll do some tips and tricks and hopefully

do some tips and tricks and hopefully learn some pretty neat stuff as we go so

learn some pretty neat stuff as we go so in the next video I'm going going to

in the next video I'm going going to cover the sudo feature which I think is

cover the sudo feature which I think is important it's something that was

important it's something that was brought in now originally we had

brought in now originally we had something called a root permission and

something called a root permission and we'll talk about that that has changed

we'll talk about that that has changed since 2020.1 moving forward so we're

since 2020.1 moving forward so we're introducing that into this course and

introducing that into this course and we'll talk options that you have so

we'll talk options that you have so let's go ahead and move to the next

let's go ahead and move to the next video where we talk about the sudo

video where we talk about the sudo feature

all right so before we look at any commands or learn any command line we

commands or learn any command line we have to talk about sudo Sudo is very

have to talk about sudo Sudo is very important and what had happened

important and what had happened previously was that in the earlier

previously was that in the earlier versions of Kali Linux we ran as a user

versions of Kali Linux we ran as a user called root root is the ultimate user

called root root is the ultimate user you could think of it as the

you could think of it as the administrator of the machine now we're

administrator of the machine now we're running as a user called Cali so we

running as a user called Cali so we don't have root privileges directly this

don't have root privileges directly this is as an improved security feature

is as an improved security feature because we should be running only

because we should be running only certain commands when we need to as the

certain commands when we need to as the root user

root user so what we're going to see is we're

so what we're going to see is we're going to see how we can run commands as

going to see how we can run commands as an elevated privilege and we're going to

an elevated privilege and we're going to do that with sudo which stands for super

do that with sudo which stands for super user do they just kind of shortened it

user do they just kind of shortened it so we just have sudo now okay now with

so we just have sudo now okay now with sudo what we're doing is we're saying

sudo what we're doing is we're saying Hey I want to run a command elevated I

Hey I want to run a command elevated I want to run this as a higher user in

want to run this as a higher user in this instance we can say I want to run

this instance we can say I want to run the command as root why is that

the command as root why is that important well let's take a look at an

important well let's take a look at an example let's say that I wanted to look

example let's say that I wanted to look at a very sensitive file now one

at a very sensitive file now one sensitive file in our system is the Etsy

sensitive file in our system is the Etsy Shadow file you can see cat

Shadow file you can see cat Etsy like this Etsy Shadow and you don't

Etsy like this Etsy Shadow and you don't have to follow along right now you don't

have to follow along right now you don't have to really understand what's going

have to really understand what's going on if you've never seen Linux all I'm

on if you've never seen Linux all I'm doing is saying hey I want to print out

doing is saying hey I want to print out this file I want to look at it okay and

this file I want to look at it okay and for here I can't see it it says

for here I can't see it it says permission denied you don't have the

permission denied you don't have the access to see this file that's a good

access to see this file that's a good thing but if I was the root user or

thing but if I was the root user or somebody that had elevated privileges I

somebody that had elevated privileges I could see it so I could say sudo

could see it so I could say sudo cat

cat Etsy Shadow like this

Etsy Shadow like this okay and it's going to say what is your

okay and it's going to say what is your password for Cali I'm gonna go ahead and

password for Cali I'm gonna go ahead and say Cali k-a-l-i

say Cali k-a-l-i hit enter

hit enter and now I can see that I have access to

and now I can see that I have access to this file and this file is very

this file and this file is very sensitive we'll talk about this later on

sensitive we'll talk about this later on in the course but sensitive file okay so

in the course but sensitive file okay so when we're looking at it I ran that

when we're looking at it I ran that command specifically as the root user as

command specifically as the root user as the root user I'm able to see okay this

the root user I'm able to see okay this file now

file now why or what's going on here well we're

why or what's going on here well we're running that specific Command right and

running that specific Command right and we're still staying as Cali we're doing

we're still staying as Cali we're doing this in a kind of one-off scenario so

this in a kind of one-off scenario so there will be times where something that

there will be times where something that you run in this course might require

you run in this course might require sudo or you can run the command without

sudo or you can run the command without sudo but you notice something doesn't

sudo but you notice something doesn't work so best practice for this is saying

work so best practice for this is saying hey let's go ahead and just run mostly

hey let's go ahead and just run mostly everything that I'm showing you

everything that I'm showing you command-wise in this course that's not

command-wise in this course that's not best practice overall usually you should

best practice overall usually you should run things just as a regular user if you

run things just as a regular user if you get permissions blocked then run it as

get permissions blocked then run it as pseudo as necessary now the other thing

pseudo as necessary now the other thing to point out and we'll talk about this

to point out and we'll talk about this again in later on in the course but why

again in later on in the course but why can we do this is because this user is

can we do this is because this user is part of what's called a pseudors file

part of what's called a pseudors file meaning we can have this permission not

meaning we can have this permission not any user can come in here say we made a

any user can come in here say we made a new user and we just called the user

new user and we just called the user John we can't just take John and just go

John we can't just take John and just go ahead and then just run these commands

ahead and then just run these commands as root no John has to have the

as root no John has to have the permission to do this so you can think

permission to do this so you can think of Cali as being an administrator but

of Cali as being an administrator but only when we utilize that access or that

only when we utilize that access or that privilege okay the other thing I want to

privilege okay the other thing I want to show you though is that we can switch

show you though is that we can switch over to root if we want to we can come

over to root if we want to we can come in here and we can say sudo switch user

in here and we can say sudo switch user Dash just like that and then I'll put us

Dash just like that and then I'll put us into root now you can see okay we're

into root now you can see okay we're running root at Cali and that's only for

running root at Cali and that's only for this instance

this instance you can if you want I'm not going to

you can if you want I'm not going to demonstrate how to do this but you can

demonstrate how to do this but you can if you want change the root password log

if you want change the root password log out and log back in as root and run

out and log back in as root and run through this course as root again that's

through this course as root again that's not best security practice but that

not best security practice but that feature is available to you if you are a

feature is available to you if you are a Linux user that is comfortable with

Linux user that is comfortable with Linux comfortable with running as root

Linux comfortable with running as root and you want the easy path otherwise I

and you want the easy path otherwise I highly recommend just staying as Cali

highly recommend just staying as Cali running as pseudo privileges as you need

running as pseudo privileges as you need it and then moving forward but this is a

it and then moving forward but this is a quick way to switch into root if you

quick way to switch into root if you need to sometimes even running sudo

need to sometimes even running sudo causes some issues so switching to root

causes some issues so switching to root to run a command is Okay what we can do

to run a command is Okay what we can do here too is the demonstration is we can

here too is the demonstration is we can go file new tab and look at a new

go file new tab and look at a new instance and you'll see that this

instance and you'll see that this instance of root is only good for this

instance of root is only good for this tab here once we start a new tab we're

tab here once we start a new tab we're going to be brought back right back to

going to be brought back right back to Cali Cali you can see that from the Top

Cali Cali you can see that from the Top Line in the tab as well so just keep

Line in the tab as well so just keep note of this when you're running

note of this when you're running commands in this course if you see

commands in this course if you see something again try running it with sudo

something again try running it with sudo if it's not working or if it says access

if it's not working or if it says access denied then you know hey I need to run

denied then you know hey I need to run sudo very very very important okay I'm

sudo very very very important okay I'm trying to drive that in into your brains

trying to drive that in into your brains right now so from here we're going to

right now so from here we're going to move on we're going to start looking at

move on we're going to start looking at how to navigate around the file system

how to navigate around the file system taking a look at everything from a

taking a look at everything from a bigger picture and diving into terminal

bigger picture and diving into terminal so I will see you over in the next video

now we're going to take a look at the Linux terminal and if you're a user of a

Linux terminal and if you're a user of a regular computer like Windows or even

regular computer like Windows or even Mac OS you are probably used to using

Mac OS you are probably used to using what is called a GUI or a graphical user

what is called a GUI or a graphical user interface

interface and we can do this with our version of

and we can do this with our version of Linux we can come in here and if we want

Linux we can come in here and if we want to like go to folders We can absolutely

to like go to folders We can absolutely open this and go to folders we've got

open this and go to folders we've got the ability to go to Firefox we've got

the ability to go to Firefox we've got all of our Tools in here that we want to

all of our Tools in here that we want to use or look at and we have a graphical

use or look at and we have a graphical user interface

user interface however a lot of our time is going to be

however a lot of our time is going to be spent on the command line and using a

spent on the command line and using a terminal so it's very important that we

terminal so it's very important that we learn how to use a terminal in Linux

learn how to use a terminal in Linux so looking at our terminal here we can

so looking at our terminal here we can see a few things before we even get

see a few things before we even get started

started the first thing is that we have a Cali

the first thing is that we have a Cali at Cali

at Cali what does that mean well the first

what does that mean well the first instance here is Cali that is your user

instance here is Cali that is your user so remember when we first logged in we

so remember when we first logged in we logged in as Cali and that is our user

logged in as Cali and that is our user so if we ever switch over to root we'll

so if we ever switch over to root we'll see root here the second part of this is

see root here the second part of this is our hostname so our computer name

our hostname so our computer name happens to also be Cali if you change

happens to also be Cali if you change your host name you could say whatever

your host name you could say whatever you wanted to say here

you wanted to say here the last little part of this is this

the last little part of this is this attilda this is actually the directory

attilda this is actually the directory that you are currently in so this is a

that you are currently in so this is a quick way to say what user am I what

quick way to say what user am I what workstation am I on and what directory

workstation am I on and what directory am I in

am I in now we can take a look at what directory

now we can take a look at what directory we are in with the PWD command and that

we are in with the PWD command and that stands for print working directory and

stands for print working directory and in this instance you can see we are in

in this instance you can see we are in the home forward slash Cali folder and

the home forward slash Cali folder and that is the equivalent of being in the

that is the equivalent of being in the attilda so if you see the Attila that

attilda so if you see the Attila that just means you are in your users home

just means you are in your users home folder so if we were a root user we

folder so if we were a root user we would actually be in the forward slash

would actually be in the forward slash root folder as opposed to the home Cali

root folder as opposed to the home Cali folder so the attilda means something

folder so the attilda means something different for every user that you're on

different for every user that you're on the next thing we're going to look at is

the next thing we're going to look at is the change directory feature so imagine

the change directory feature so imagine that we are in our folder here so if we

that we are in our folder here so if we go to like I don't know our desktop

go to like I don't know our desktop and we're sitting in our Cali folder

and we're sitting in our Cali folder this is really what we're looking at so

this is really what we're looking at so we're looking at Cali right here and we

we're looking at Cali right here and we want to get out of this Cali folder and

want to get out of this Cali folder and change into another folder say like I

change into another folder say like I don't know downloads for example if we

don't know downloads for example if we go into downloads it's very easy to

go into downloads it's very easy to click into but how do we navigate around

click into but how do we navigate around on the terminal I'm going to show you

on the terminal I'm going to show you how to do that so the first thing we're

how to do that so the first thing we're going to do is use the CD command that

going to do is use the CD command that stands for change directory now if we do

stands for change directory now if we do change directory dot dot that says I

change directory dot dot that says I want to go backwards so if I do that

want to go backwards so if I do that now you can see that we are in the

now you can see that we are in the forward slash home folder but we can

forward slash home folder but we can also do a PWD print the working

also do a PWD print the working directory and you can see that we are in

directory and you can see that we are in the home folder

the home folder now can we go any further back well

now can we go any further back well let's try CD dot dot again

let's try CD dot dot again and now you can see we are at a forward

and now you can see we are at a forward slash if we do a PWD we are at a forward

slash if we do a PWD we are at a forward slash and one more time I'm going to CD

slash and one more time I'm going to CD dot dot and see if anything happens

dot dot and see if anything happens nothing happens here we cannot change

nothing happens here we cannot change any further we are in what is called our

any further we are in what is called our base directory so if you see a forward

base directory so if you see a forward slash think of that as the base folder

slash think of that as the base folder you cannot go any further back from that

you cannot go any further back from that now I'm going to clear my screen if you

now I'm going to clear my screen if you want to clear your screen you just hit

want to clear your screen you just hit Ctrl l

Ctrl l like that and that'll clear the screen

like that and that'll clear the screen and from here we are going to look at

and from here we are going to look at what is in our base folder and to do

what is in our base folder and to do that we can use a tool called list which

that we can use a tool called list which is LS

is LS so from here we can see different colors

so from here we can see different colors and different things and we can tell

and different things and we can tell based on the colors though these color

based on the colors though these color schemes are not the greatest in the

schemes are not the greatest in the newest Kali Linux we could still see

newest Kali Linux we could still see like hey this darker version of Blue is

like hey this darker version of Blue is actually a folder where some of these

actually a folder where some of these other things are actually files we don't

other things are actually files we don't have to worry too much about that right

have to worry too much about that right now but we just came out of the home

now but we just came out of the home folder so we can see here that we have a

folder so we can see here that we have a bunch of files and folders and let's say

bunch of files and folders and let's say we want to go back to the home folder

we want to go back to the home folder well we can see the home

well we can see the home and I'm going to start typing H and I'm

and I'm going to start typing H and I'm just going to hit Tab and because

just going to hit Tab and because there's nothing else in here with an H

there's nothing else in here with an H we don't have to worry too much it will

we don't have to worry too much it will just auto-complete to the home folder

just auto-complete to the home folder now for example if there's a bunch of

now for example if there's a bunch of L's I'm going to back up really quick

L's I'm going to back up really quick before I hit enter

before I hit enter if I wanted to try something that has

if I wanted to try something that has multiple items in here if I tried the L

multiple items in here if I tried the L and I hit tab you're going to see that

and I hit tab you're going to see that there's going to be a lot of options for

there's going to be a lot of options for me to go through and depending on what

me to go through and depending on what you have is when you can auto complete

you have is when you can auto complete so if I start typing l o it should know

so if I start typing l o it should know that there's only one Lo and I can Tab

that there's only one Lo and I can Tab and autocomplete the rest so you just

and autocomplete the rest so you just have to be able to get to a point where

have to be able to get to a point where you can Tab out or if you know the first

you can Tab out or if you know the first letter of the file that you're looking

letter of the file that you're looking for you can hit tab on that and you can

for you can hit tab on that and you can see okay here's where I need to be or

see okay here's where I need to be or here's what I can look at with

here's what I can look at with everything that starts with that letter

everything that starts with that letter I'm going to delete this and we're going

I'm going to delete this and we're going to CD back into home

to CD back into home we're going to LS to list the contents

we're going to LS to list the contents of home which is just our Cali folder so

of home which is just our Cali folder so I'm going to CD into Cali

and if I LS from here you can see that I have our desktop documents downloads

have our desktop documents downloads similar to what we saw in the graphical

similar to what we saw in the graphical user interface when we were in the

user interface when we were in the folder now we can see it from our

folder now we can see it from our terminal now before we go diving deeper

terminal now before we go diving deeper into these folders

into these folders something that I want to look at is what

something that I want to look at is what if I wanted to get to this Etsy folder

if I wanted to get to this Etsy folder over here so there's this Etsy folder

over here so there's this Etsy folder that was in our base

that was in our base now if I try to CD into Etsy from here

now if I try to CD into Etsy from here nothing's going to work I'm tabbing

nothing's going to work I'm tabbing nothing works if I try CD Etsy it's

nothing works if I try CD Etsy it's going to say I can't find it

going to say I can't find it so what does that mean well when we

so what does that mean well when we change directories we can only change

change directories we can only change directories from the folders that we

directories from the folders that we have available to us so I can only

have available to us so I can only change directories into these folders by

change directories into these folders by using that sort of nomenclature however

using that sort of nomenclature however if I can provide a full directory or a

if I can provide a full directory or a full path then I can CD from any folder

full path then I can CD from any folder that I'm in so if I go CD forward slash

that I'm in so if I go CD forward slash because remember we have the base here

because remember we have the base here well then I can say forward slash

well then I can say forward slash ET start typing that out and guess what

ET start typing that out and guess what I get Etsy here and if I wanted to dive

I get Etsy here and if I wanted to dive deeper into what folders are in there I

deeper into what folders are in there I could hit Tab and I could see all the

could hit Tab and I could see all the folders that are available in the Etsy

folders that are available in the Etsy folder to complete my task now if I hit

folder to complete my task now if I hit enter

enter I will be brought into the Etsy folder

I will be brought into the Etsy folder and similarly I can hit LS and see all

and similarly I can hit LS and see all the files and folders that are in here

the files and folders that are in here now let's just CD here and I'm going to

now let's just CD here and I'm going to use the attilda and that's going to get

use the attilda and that's going to get us back to our home folder

us back to our home folder I'm going to control L to clear screen

I'm going to control L to clear screen and then I'm going to LS again you're

and then I'm going to LS again you're going to see we're back where we just

going to see we're back where we just were

were now in this case what if I wanted to

now in this case what if I wanted to list the files of the Etsy folder well

list the files of the Etsy folder well it's the same thing I could do LS

it's the same thing I could do LS forward slash Etsy

forward slash Etsy and that will list all the files as if I

and that will list all the files as if I were sitting in that folder so just know

were sitting in that folder so just know that you can list folders and files you

that you can list folders and files you can change directories from being it

can change directories from being it within another directory it doesn't have

within another directory it doesn't have to be in that same up and down tree that

to be in that same up and down tree that I was showing you there's a lot more

I was showing you there's a lot more robustness to these commands same thing

robustness to these commands same thing if we LS in here we could take a look at

if we LS in here we could take a look at the folders and we don't have to change

the folders and we don't have to change the directory to see what's in these

the directory to see what's in these folders We can just LS desktop for

folders We can just LS desktop for example and start Auto tab completing

example and start Auto tab completing there's nothing in there I do have

there's nothing in there I do have something in the downloads folder just

something in the downloads folder just because I changed my picture I put our

because I changed my picture I put our TCM security logo in there so I have

TCM security logo in there so I have that in the downloads folder but it's

that in the downloads folder but it's completely normal not to have anything

completely normal not to have anything in your desktop or downloads when you

in your desktop or downloads when you first install Cali and again we can

first install Cali and again we can achieve the same thing by seeding into

achieve the same thing by seeding into downloads and then hitting LS

downloads and then hitting LS you have the same object here as you saw

you have the same object here as you saw before except we're just now in that

before except we're just now in that folder so you have to declare the folder

folder so you have to declare the folder or be within the folder to see the

or be within the folder to see the contents okay now let's go ahead and CD

contents okay now let's go ahead and CD back to the base folder you could CD dot

back to the base folder you could CD dot dot or just use the attilda I'm going to

dot or just use the attilda I'm going to clear my screen

clear my screen and from here we want to talk about

and from here we want to talk about making a directory so let's make a

making a directory so let's make a directory I'm going to make a directory

directory I'm going to make a directory called Heath you can just use your first

called Heath you can just use your first name if you want

name if you want and then when you LS in here

and then when you LS in here you can see now that the heath directory

you can see now that the heath directory is here

is here and I could see the end of that heat

and I could see the end of that heat directory I can LS in that directory and

directory I can LS in that directory and there's not going to be anything in

there's not going to be anything in there

there so I'm going to go ahead and backup one

so I'm going to go ahead and backup one and now I'm going to show you how to

and now I'm going to show you how to remove a directory or remove a folder so

remove a directory or remove a folder so you say rmdir

you say rmdir and you're going to go ahead and just

and you're going to go ahead and just say he

say he and that will remove that these commands

and that will remove that these commands work exactly the same as everything else

work exactly the same as everything else if I wanted to make a directory in the

if I wanted to make a directory in the base folder I could totally make dur

base folder I could totally make dur forward slash eat if I wanted to and I

forward slash eat if I wanted to and I could also remove that from here so

could also remove that from here so again it doesn't matter exactly where

again it doesn't matter exactly where you're at as long as you're using full

you're at as long as you're using full file path

file path okay so I've cleared my screen and now I

okay so I've cleared my screen and now I want to run LS

want to run LS and you see in LS that we just have a

and you see in LS that we just have a bunch of folders that's not entirely

bunch of folders that's not entirely true

true what we're going to do is we're going to

what we're going to do is we're going to do an ls-la

do an ls-la and I like to think of this as list all

and I like to think of this as list all but really it stands for long all

but really it stands for long all and if we hit enter you can see that

and if we hit enter you can see that there's a bunch of new files in here and

there's a bunch of new files in here and folders actually so from this we can see

folders actually so from this we can see that we have

that we have a like a bash history we've got uh dot

a like a bash history we've got uh dot Java folder anything with a DOT is

Java folder anything with a DOT is considered a hidden file we won't see

considered a hidden file we won't see that when we're using the ls command we

that when we're using the ls command we actually have to do a dash La command

actually have to do a dash La command and this is a great time to actually

and this is a great time to actually take a look at what these sub commands

take a look at what these sub commands are and how are some ways that we can

are and how are some ways that we can identify what these things mean so I'm

identify what these things mean so I'm going to show you a website first and I

going to show you a website first and I think this website is awesome we can go

think this website is awesome we can go to something like explain shell.com so

to something like explain shell.com so it is

it is explain shell you can see it

explain shell you can see it autocompleting up there but explain

autocompleting up there but explain shell.com

shell.com and if you came in here and you wanted

and if you came in here and you wanted to take a look let me make this a little

to take a look let me make this a little bit bigger if you wanted to take a look

bit bigger if you wanted to take a look at like ls-la you could say okay explain

at like ls-la you could say okay explain this to me

this to me and it'll tell you okay the first part

and it'll tell you okay the first part is LS that means list directory contents

is LS that means list directory contents remember I called it the list command

remember I called it the list command that's what it is now what does that La

that's what it is now what does that La do well the L you hover over it says use

do well the L you hover over it says use long listing format and the a says use

long listing format and the a says use all okay so do not ignore entries

all okay so do not ignore entries starting with a DOT which is what we're

starting with a DOT which is what we're looking for and the long listing just

looking for and the long listing just gives us more detail gives us these file

gives us more detail gives us these file permissions which we'll get into a

permissions which we'll get into a little bit later and who owns it and

little bit later and who owns it and what the file size is the directory

what the file size is the directory Etc et cetera we'll get down into that

Etc et cetera we'll get down into that in just a few videos

in just a few videos we can also use what are called Man

we can also use what are called Man pages I'm going to control L again if we

pages I'm going to control L again if we do man LS man stands for manual so man

do man LS man stands for manual so man LS we can see in here that LS means list

LS we can see in here that LS means list directory contents great Dash a stands

directory contents great Dash a stands for all do not ignore entry starting

for all do not ignore entry starting with the period same thing as we saw

with the period same thing as we saw before we could scroll down look for the

before we could scroll down look for the L portion of this and we'll see that we

L portion of this and we'll see that we have used a long listing format you can

have used a long listing format you can hit Q to quit this

hit Q to quit this so if you don't have internet access for

so if you don't have internet access for example you can use the Man pages I like

example you can use the Man pages I like using explain shell.com I think it's

using explain shell.com I think it's pretty awesome but man works very quick

pretty awesome but man works very quick and from the terminal you don't have to

and from the terminal you don't have to leave or do anything another thing that

leave or do anything another thing that you can do is LS dash dash help

you can do is LS dash dash help and that will give you similar to The

and that will give you similar to The Man pages though not as old detail I

Man pages though not as old detail I guess is the best way to say it and you

guess is the best way to say it and you come in here and you can see the same

come in here and you can see the same kind of switches and commands that were

kind of switches and commands that were in here so dash dash help works for a

in here so dash dash help works for a lot of commands it's one of those that

lot of commands it's one of those that you should know and you should try if

you should know and you should try if you have any questions about what you're

you have any questions about what you're trying to do it's a great resource so if

trying to do it's a great resource so if we LS la

we LS la we can CD into one of these hidden

we can CD into one of these hidden folders like we can CD into dot cache

folders like we can CD into dot cache for example

for example and we just LS that you can see that

and we just LS that you can see that there's actually stuff in the cache in

there's actually stuff in the cache in here so we're not going to get into this

here so we're not going to get into this I just want to show you that hidden

I just want to show you that hidden files and folders do exist so if you're

files and folders do exist so if you're looking for something especially pen

looking for something especially pen test related something might be hidden

test related something might be hidden if you're on a Linux machine you might

if you're on a Linux machine you might need to do ls-la to see a hidden file

need to do ls-la to see a hidden file and they're incredibly easy to see as

and they're incredibly easy to see as you can see for yourself let's go ahead

you can see for yourself let's go ahead and CD back to our home folder and from

and CD back to our home folder and from here I'm going to show you a couple of

here I'm going to show you a couple of things that we're going to explain later

things that we're going to explain later on but I just kind of want to get you

on but I just kind of want to get you familiar with it the first thing I want

familiar with it the first thing I want to show you is the echo command if we go

to show you is the echo command if we go Echo and we use a single apostrophe and

Echo and we use a single apostrophe and we say hi like this that's just going to

we say hi like this that's just going to Echo out to the screen we'll get into

Echo out to the screen we'll get into the echo command a little bit later on

the echo command a little bit later on in the course what we're doing here is

in the course what we're doing here is we're going to Echo this into a file so

we're going to Echo this into a file so I'm going to say hi and then I'm going

I'm going to say hi and then I'm going to put that file I'm going to use this

to put that file I'm going to use this greater than symbol and that's going to

greater than symbol and that's going to be a region Direction operator and I'm

be a region Direction operator and I'm going to say hey just go ahead and make

going to say hey just go ahead and make a file called test.txt

a file called test.txt and while you don't need to know this

and while you don't need to know this yet if I ran Cat on this on test.txt

yet if I ran Cat on this on test.txt you'll see that it prints back out High

you'll see that it prints back out High okay so I just want to have this file

okay so I just want to have this file here that we created and what we're

here that we created and what we're going to do is we're going to just

going to do is we're going to just quickly LS we're going to see that it's

quickly LS we're going to see that it's there you can see that there are color

there you can see that there are color differences for files and folders again

differences for files and folders again and the reason we're making this in this

and the reason we're making this in this video is I want to show you the copy

video is I want to show you the copy command so if we run copy on this we

command so if we run copy on this we could say copy test.txt what I want to

could say copy test.txt what I want to do is I want to copy this into the

do is I want to copy this into the downloads folder so I can just say copy

downloads folder so I can just say copy test.txt into downloads

test.txt into downloads if we LS we'll see that test.text is

if we LS we'll see that test.text is here we're making a copy if we LS

here we're making a copy if we LS downloads we can see that test.text is

downloads we can see that test.text is actually in there as well

actually in there as well so similar with the remove directory we

so similar with the remove directory we can use the RM command and what we're

can use the RM command and what we're going to do is remove that file and

going to do is remove that file and again we don't have to be in the

again we don't have to be in the directory to remove it we can call the

directory to remove it we can call the directory path and then test.text

directory path and then test.text if we hit LS on downloads again we can

if we hit LS on downloads again we can just go ahead and hit enter and you're

just go ahead and hit enter and you're going to see that there is no test.txt

going to see that there is no test.txt in there anymore but if we LS here

in there anymore but if we LS here you'll see that test.text does exist so

you'll see that test.text does exist so I'm going to go ahead and control l

I'm going to go ahead and control l the opposite of this is the move command

the opposite of this is the move command now if I move test.txt and I put that

now if I move test.txt and I put that into downloads

into downloads if I LS now

if I LS now you're going to see that there is no

you're going to see that there is no test.txt in here why is that well if we

test.txt in here why is that well if we LS downloads you're gonna see that we

LS downloads you're gonna see that we moved it so remember copy leaves an

moved it so remember copy leaves an original version wherever you copied

original version wherever you copied from move completely moves it so the CP

from move completely moves it so the CP and the MV commands are what you need to

and the MV commands are what you need to know there now while we're on this what

know there now while we're on this what we're going to do is we're going to look

we're going to do is we're going to look at a command called locate so locate's

at a command called locate so locate's pretty awesome if we did locate and say

pretty awesome if we did locate and say I wanted to find out where that

I wanted to find out where that test.text file is I could do locate

test.text file is I could do locate test.text and we're probably not going

test.text and we're probably not going to get anything back quite yet now if

to get anything back quite yet now if we're looking through this none of these

we're looking through this none of these files are where we're at so there are

files are where we're at so there are some test.text files on this machine but

some test.text files on this machine but we're not seeing the one that we created

we're not seeing the one that we created so say that we created a file we can't

so say that we created a file we can't remember where we put it and we just

remember where we put it and we just want to go search for it and find it

want to go search for it and find it what we can do is we can say update DB

what we can do is we can say update DB and you're going to see that we actually

and you're going to see that we actually get a denied why are we getting

get a denied why are we getting permission denied well this comes back

permission denied well this comes back to sudo so let's go ahead and sudo

to sudo so let's go ahead and sudo update

update DB

DB you're going to enter in your sudo

you're going to enter in your sudo password

password it's going to update the database and

it's going to update the database and now if we do locate test.txt and you can

now if we do locate test.txt and you can just when you see a screen like this by

just when you see a screen like this by the way where it's kind of semi-gray if

the way where it's kind of semi-gray if you just hit the right arrow that will

you just hit the right arrow that will go ahead and autocomplete because it

go ahead and autocomplete because it remembers your last command

remembers your last command you can hit that

you can hit that and you can now see that the first entry

and you can now see that the first entry in here is home Cali downloads test.text

in here is home Cali downloads test.text so now the database is updated and it

so now the database is updated and it finds it one other thing to mention I

finds it one other thing to mention I just talked about Auto completing with

just talked about Auto completing with the right arrow if you hit the up Arrow

the right arrow if you hit the up Arrow you can go through your previous

you can go through your previous commands you can see all the commands

commands you can see all the commands that I've been running through so we can

that I've been running through so we can also use the down arrow to scroll back

also use the down arrow to scroll back down through those commands so say I

down through those commands so say I wanted to run that locate test.txt

wanted to run that locate test.txt command again instead of typing it out I

command again instead of typing it out I just hit the up arrow and then I hit

just hit the up arrow and then I hit enter easy breezy okay so we're gonna go

enter easy breezy okay so we're gonna go ahead and remove downloads test.txt

ahead and remove downloads test.txt and now that file should be gone we can

and now that file should be gone we can LS one more time into downloads just to

LS one more time into downloads just to make sure and you can see that PCM

make sure and you can see that PCM security finals the only thing that's in

security finals the only thing that's in there

there one other thing to point out that I just

one other thing to point out that I just noticed actually is

noticed actually is these files are case sensitive and the

these files are case sensitive and the folders are case sensitive so if I try

folders are case sensitive so if I try to CD into downloads

to CD into downloads it's not going to work because downloads

it's not going to work because downloads doesn't exist so if I CD into downloads

doesn't exist so if I CD into downloads I could spell

I could spell then you can see that I actually get

then you can see that I actually get into the downloads folder so note that

into the downloads folder so note that it's case sensitive autocomplete if I go

it's case sensitive autocomplete if I go back we'll do a pretty decent job at

back we'll do a pretty decent job at trying on newer versions of Cali that is

trying on newer versions of Cali that is if I hit do for example and then I tab

if I hit do for example and then I tab it'll realize that I'm trying to get to

it'll realize that I'm trying to get to downloads so the last thing I'm going to

downloads so the last thing I'm going to show you is the password command and

show you is the password command and that is p-a-s-swd

that is p-a-s-swd we are going to be good security

we are going to be good security engineers and change our password we're

engineers and change our password we're going to make it a strong password

going to make it a strong password because we're good security engineers

because we're good security engineers I am going to be the bad security

I am going to be the bad security engineer and make my password password

engineer and make my password password and I'm doing that because later on the

and I'm doing that because later on the course will talk about cracking Linux

course will talk about cracking Linux passwords and we're going to use my bad

passwords and we're going to use my bad password as an example so here we're

password as an example so here we're going to type our current password Kali

going to type our current password Kali is a terrible password by the way and

is a terrible password by the way and we're going to go ahead and type in our

we're going to go ahead and type in our new password you can make your password

new password you can make your password whatever you want I'm making mine

whatever you want I'm making mine password and now we have updated

password and now we have updated successfully and we have finished all

successfully and we have finished all the commands that we need to know for

the commands that we need to know for this video I'll go ahead and see you in

this video I'll go ahead and see you in the next lesson

now we're going to talk about users and privileges

privileges so in the last video we learned about

so in the last video we learned about ls-la so I am in my home folder which is

ls-la so I am in my home folder which is the attilda here and all I'm going to do

the attilda here and all I'm going to do is just say ls-la

is just say ls-la I'm going to hit enter

I'm going to hit enter and we're going to see a bunch of stuff

and we're going to see a bunch of stuff over here on the left hand side we've

over here on the left hand side we've got this we've got the details kind of

got this we've got the details kind of of ownership we've got some file size in

of ownership we've got some file size in here and we'll talk about all of this

here and we'll talk about all of this but we do ls-la we're getting so much

but we do ls-la we're getting so much more information than whether or not a

more information than whether or not a file is hidden which is kind of the

file is hidden which is kind of the purpose we looked at it for last time

purpose we looked at it for last time but now we can take it and look at it

but now we can take it and look at it from a different scope or a lens we can

from a different scope or a lens we can see that we have this column here the

see that we have this column here the First Column now the First Column tells

First Column now the First Column tells us something interesting

us something interesting it first tells us whether or not we are

it first tells us whether or not we are looking at a file or a directory so if

looking at a file or a directory so if we see a d here we are seeing that this

we see a d here we are seeing that this is a directory note that these are also

is a directory note that these are also color coded right so we have blue for

color coded right so we have blue for directories it looks like and then white

directories it looks like and then white ear or files and then we also have links

ear or files and then we also have links which we're not going to get into much

which we're not going to get into much right now but a link looks like it's a

right now but a link looks like it's a lighter blue

lighter blue so we have the indicator here first it

so we have the indicator here first it says okay it's either a d or maybe a

says okay it's either a d or maybe a dash or an L there are other settings

dash or an L there are other settings that could be here but for now this is

that could be here but for now this is all we need to worry about the next set

all we need to worry about the next set of things that we're going to look at

of things that we're going to look at are these rwx's or our blank x what does

are these rwx's or our blank x what does that all mean well rwx means read write

that all mean well rwx means read write execute when we're missing one of those

execute when we're missing one of those like a dash here that just means we have

like a dash here that just means we have a read and execute and there are

a read and execute and there are actually three groups that we're looking

actually three groups that we're looking at here so we have the first group which

at here so we have the first group which is the owner of our file so this first

is the owner of our file so this first group says read write execute for the

group says read write execute for the owner of this file and if we look at the

owner of this file and if we look at the owner of the file we can actually see

owner of the file we can actually see that the owner is going to be Cali well

that the owner is going to be Cali well in this instance it's the directory but

in this instance it's the directory but here we're looking at Cali you can see

here we're looking at Cali you can see that one of these has root listed but in

that one of these has root listed but in this instance or since we're using the

this instance or since we're using the Cali user and we're in our home folder

Cali user and we're in our home folder we're looking at mostly Cali being the

we're looking at mostly Cali being the file owner for this

file owner for this the next one we're going to look at is

the next one we're going to look at is we're going to say okay group membership

we're going to say okay group membership so anybody that is a part of this group

so anybody that is a part of this group what do they get ownership to or what do

what do they get ownership to or what do they get to do with this directory or

they get to do with this directory or this file well anybody in this group can

this file well anybody in this group can read or execute but they cannot write to

read or execute but they cannot write to this directory or file and lastly we

this directory or file and lastly we have the third setting which is all

have the third setting which is all other users what can all other users do

other users what can all other users do all of the users can read and execute

all of the users can read and execute but they cannot write here and we don't

but they cannot write here and we don't have anything in here besides this link

have anything in here besides this link that is read write execute we don't have

that is read write execute we don't have a world read write execute in this

a world read write execute in this folder and that's okay

folder and that's okay this does come into play when we're

this does come into play when we're doing penetration testing however when

doing penetration testing however when we want to find some sort of file that

we want to find some sort of file that has read write access or read write

has read write access or read write execute access if we have full access

execute access if we have full access that is ideal especially if there are

that is ideal especially if there are some sensitive files that we're not

some sensitive files that we're not supposed to see or maybe were

supposed to see or maybe were misconfigured or if we need somewhere to

misconfigured or if we need somewhere to write to on the disk for example if I

write to on the disk for example if I clear the screen here and we do an ls-la

clear the screen here and we do an ls-la of the temp folder

we could see that temp actually has read write execute privileges throughout this

write execute privileges throughout this is a great place when we're doing pen

is a great place when we're doing pen testing and we're working on a Linux

testing and we're working on a Linux machine that if we need to come drop a

machine that if we need to come drop a file we know that this temp folder can

file we know that this temp folder can be written to we can write whatever file

be written to we can write whatever file we want and execute these files from

we want and execute these files from here without having to worry about too

here without having to worry about too many permissions so for attacking

many permissions so for attacking machines later on especially as we get

machines later on especially as we get on into the Practical ethical hacking

on into the Practical ethical hacking course you may see me go and use the

course you may see me go and use the temp folder to upload malware or write a

temp folder to upload malware or write a malicious file or something that I can

malicious file or something that I can do from a folder that is read write

do from a folder that is read write executable so let's clear the screen

executable so let's clear the screen again

again now another reason and importance for

now another reason and importance for the read write execute is that if we

the read write execute is that if we write a script we won't be able to

write a script we won't be able to execute that script until we have full

execute that script until we have full access to do so that's going to become

access to do so that's going to become more important as we download files and

more important as we download files and try to run them against machines but

try to run them against machines but even in this little section when we're

even in this little section when we're looking at the bash scripting we're

looking at the bash scripting we're going to need to be able to execute our

going to need to be able to execute our script and we're going to need to be

script and we're going to need to be able to change the permissions on that

able to change the permissions on that let's go ahead and do that here we're

let's go ahead and do that here we're going to create a little text file and

going to create a little text file and just look at the permissions and how

just look at the permissions and how things change

things change so similar to the last video we're going

so similar to the last video we're going to do an echo and we're just going to

to do an echo and we're just going to say hello

say hello and in this we are going to use our

and in this we are going to use our directional operator and we are going to

directional operator and we are going to just put this in a hello.txt file

just put this in a hello.txt file if we ls-la

we can see that hello.txt is in here but look at the permissions that are set

look at the permissions that are set we have read write permissions we don't

we have read write permissions we don't have any execute permissions if this was

have any execute permissions if this was a script or anything that we're trying

a script or anything that we're trying to run the machine will not let us run

to run the machine will not let us run it because we do not have to execute

it because we do not have to execute permissions

permissions same thing here everybody else can only

same thing here everybody else can only read this file they cannot write or

read this file they cannot write or execute this file so we can change the

execute this file so we can change the permissions on this and we can do that

permissions on this and we can do that with the chmod which stands for change

with the chmod which stands for change mode

mode so I'm going to go ahead and clear

so I'm going to go ahead and clear screen again and we can do a CH mod

screen again and we can do a CH mod and there's two different ways to do

and there's two different ways to do this the first way is to do something

this the first way is to do something like a plus sign and then give the

like a plus sign and then give the permissions that you want set for that

permissions that you want set for that file so we could do something like rwx

file so we could do something like rwx that is read write execute if you want

that is read write execute if you want to just read access or read write access

to just read access or read write access or just write access you would put the

or just write access you would put the appropriate lettering there and let's go

appropriate lettering there and let's go ahead and just give this a read write

ahead and just give this a read write execute and I'm going to say hello.txt

execute and I'm going to say hello.txt and hit enter

and hit enter and we're going to go ahead and ls-la

and we're going to go ahead and ls-la again

again and now you can see that the color of

and now you can see that the color of this has changed why it is fully read

this has changed why it is fully read write executable for us as the user

write executable for us as the user okay as the owner I should say

okay as the owner I should say so that's one way of doing it however

so that's one way of doing it however there is another way of doing this as

there is another way of doing this as well we can say chmod

well we can say chmod 777

777 hello.txt hit enter

hello.txt hit enter do an ls-la

do an ls-la and you'll see now that everything has

and you'll see now that everything has read write execute here well what

read write execute here well what changed what is this 777 and why is it

changed what is this 777 and why is it so important

so important okay for that we're going to jump over

okay for that we're going to jump over to PowerPoint for just a second

to PowerPoint for just a second okay so we have different numbers that

okay so we have different numbers that we can set for the CH mod and remember

we can set for the CH mod and remember we did 777 because we gave a seven to

we did 777 because we gave a seven to each group we had the first second and

each group we had the first second and third groups remember that well what

third groups remember that well what does 7 mean well 7 means read write

does 7 mean well 7 means read write execute so for a read permission we get

execute so for a read permission we get four points or a right we get 2 and for

four points or a right we get 2 and for execute we get one so as you can see

execute we get one so as you can see down here we have four plus two plus one

down here we have four plus two plus one that equals seven well if we had no

that equals seven well if we had no permissions that would be zero so we

permissions that would be zero so we could do something like a seven zero

could do something like a seven zero zero you might see something like read

zero you might see something like read only and then you would just give it

only and then you would just give it four four four across the board for

four four four across the board for example or I've seen something like an

example or I've seen something like an SSH pem file and those files require

SSH pem file and those files require specific permissions typically it is six

specific permissions typically it is six four four so that would say that the

four four so that would say that the owner has read write but no execute and

owner has read write but no execute and then the rest of everybody else has just

then the rest of everybody else has just read access to that file so that would

read access to that file so that would be a 644 permission so if you ever

be a 644 permission so if you ever wonder what the permissions mean you can

wonder what the permissions mean you can always refer back to a chart like this

always refer back to a chart like this or quickly Google what do the CH mod

or quickly Google what do the CH mod numbers mean just know if you want to

numbers mean just know if you want to give something full permissions you are

give something full permissions you are going to set 777 across the board and if

going to set 777 across the board and if we're doing hacking or doing penetration

we're doing hacking or doing penetration testing that's often what we're going to

testing that's often what we're going to use with the exception of pem files

use with the exception of pem files where they have to have more restricted

where they have to have more restricted permissions sometimes 644 sometimes

permissions sometimes 644 sometimes actually four zero zero is what I've

actually four zero zero is what I've seen as well from here let's go back to

seen as well from here let's go back to our Cali machine and I'm going to go

our Cali machine and I'm going to go ahead and control L to clear the screen

ahead and control L to clear the screen here we want to take a look at adding a

here we want to take a look at adding a user

user so we're going to do a pseudo

so we're going to do a pseudo add user

add user and you can give whatever username you

and you can give whatever username you want I'm going to just call this user

want I'm going to just call this user John

John it's going to ask for our sudo password

it's going to ask for our sudo password remember we changed our password so make

remember we changed our password so make sure you put in the right password and

sure you put in the right password and now it's going to say okay what password

now it's going to say okay what password do you want to use for John

do you want to use for John I'm going to go ahead and enter that and

I'm going to go ahead and enter that and I'm going to enter it again

and then you could just hit enter through all of this

through all of this and get back to the screen where it says

and get back to the screen where it says Cali at Cali from here we're going to go

Cali at Cali from here we're going to go ahead and switch user and go into John

ahead and switch user and go into John so just do s u John

so just do s u John I'm going to ask for John's password go

I'm going to ask for John's password go ahead and give that password

ahead and give that password and now you can see

and now you can see that we are John at Cali so what is

that we are John at Cali so what is special about John well we've made a new

special about John well we've made a new user and John has some permissions now

user and John has some permissions now if we wanted to cat out like the at the

if we wanted to cat out like the at the password file

password file we can and this is a very common file

we can and this is a very common file that you're going to look at as a pen

that you're going to look at as a pen tester if you come in here the Etsy

tester if you come in here the Etsy password file is important this is

password file is important this is something that we can see a lot of

something that we can see a lot of information about this machine now the

information about this machine now the Etsy password file is called the

Etsy password file is called the password file not because it has our

password file not because it has our password in it but because it used to

password in it but because it used to store our password in it in a very very

store our password in it in a very very long time ago now what is being done is

long time ago now what is being done is they put an X here for a placeholder and

they put an X here for a placeholder and that placeholder is then filled in with

that placeholder is then filled in with the shadow file we'll take a look at

the shadow file we'll take a look at that here in a second so we are using

that here in a second so we are using the cat command and you've seen me use

the cat command and you've seen me use this several times throughout the course

this several times throughout the course we are using that to basically print out

we are using that to basically print out a file so when we print out the file we

a file so when we print out the file we can read the file so from here we're

can read the file so from here we're reading the file and we're saying okay I

reading the file and we're saying okay I see root root is the zero user ID and

see root root is the zero user ID and that is important that's telling us they

that is important that's telling us they are the ultimate user on the machine

are the ultimate user on the machine they are user zero

they are user zero if we scroll way down to the bottom we

if we scroll way down to the bottom we should see some users that were created

should see some users that were created here for example we see Cali Cali's user

here for example we see Cali Cali's user 1000 pretty common we can also see that

1000 pretty common we can also see that John is in use here and John is user

John is in use here and John is user 1001 we could see what type of shell

1001 we could see what type of shell type they're using and what their home

type they're using and what their home folder is as well you could see the zsh

folder is as well you could see the zsh shell type compared to John's bin bash

shell type compared to John's bin bash so they are different shell types and

so they are different shell types and we'll get into those a little later on

we'll get into those a little later on but from here we can also see Roots here

but from here we can also see Roots here we could see the root shell type and we

we could see the root shell type and we can also see what kind of services are

can also see what kind of services are running on this machine so if you want

running on this machine so if you want to find the users I typically look at

to find the users I typically look at root and then I look and scroll all the

root and then I look and scroll all the way to the bottom to see what's been

way to the bottom to see what's been installed besides what's on this machine

installed besides what's on this machine so in here we can see some things like

so in here we can see some things like SSH which is important we know okay this

SSH which is important we know okay this has the capability of running SSH maybe

has the capability of running SSH maybe has an SSH service maybe it has a SQL

has an SSH service maybe it has a SQL service here with the MySQL openvpn so

service here with the MySQL openvpn so it's a little bit of information

it's a little bit of information gathering

gathering if we were to land on a machine for

if we were to land on a machine for example and we're a low-level user with

example and we're a low-level user with no privileges we could start to look at

no privileges we could start to look at who are the other users on the computer

who are the other users on the computer why are they important how can we get a

why are they important how can we get a hold of them where are their files

hold of them where are their files located what kind of services are

located what kind of services are running on this machine this is all part

running on this machine this is all part of the information gathering stage of

of the information gathering stage of ethical hacking and this file leads to a

ethical hacking and this file leads to a lot of clues for us

lot of clues for us now clearing the screen let's say I want

now clearing the screen let's say I want to view the shadow file the shadow file

to view the shadow file the shadow file is the file that contains the password

is the file that contains the password hashes for this machine

hashes for this machine I'm going to go ahead and try to type in

I'm going to go ahead and try to type in cat

remission denied okay maybe I need to use sudo

let's try it here enter our password oh John is not in the suitors file this

oh John is not in the suitors file this is also called the Sue doers file and

is also called the Sue doers file and you can also call sudo Sudo depends on

you can also call sudo Sudo depends on your nomenclature and how you pronounce

your nomenclature and how you pronounce it I'm a pseudo person so from here I'm

it I'm a pseudo person so from here I'm going to go ahead and control L we're

going to go ahead and control L we're going to switch user back into Cali and

going to switch user back into Cali and we're gonna take a look at some stuff so

we're gonna take a look at some stuff so if I go switch user

if I go switch user Cali it's going to ask me for the

Cali it's going to ask me for the password I'm gonna enter our password in

password I'm gonna enter our password in and first thing I want to show you the

and first thing I want to show you the shadow file before we move on to the

shadow file before we move on to the sudoers file so if we go pseudo cat

sudoers file so if we go pseudo cat let's see Shadow I think this is

let's see Shadow I think this is important to see

important to see you can come in here and remember how I

you can come in here and remember how I said with a hash that this is set here

said with a hash that this is set here so our root password has not been set

so our root password has not been set there's no hash in here and this is

there's no hash in here and this is security best practice we don't really

security best practice we don't really want to have a root password unless we

want to have a root password unless we absolutely need to in this instance we

absolutely need to in this instance we might just want to have certain users

might just want to have certain users that can Elevate into root and then if

that can Elevate into root and then if logging is enabled we can then see from

logging is enabled we can then see from our logs who access that root account at

our logs who access that root account at what time you really don't want to have

what time you really don't want to have a root password where anybody can just

a root password where anybody can just log in with a known password because

then that eliminates some accountability so best practice would say hey if we

so best practice would say hey if we have a Linux machine you get all regular

have a Linux machine you get all regular user accounts and then if you want to

user accounts and then if you want to run something as an elevated privilege

run something as an elevated privilege you're going to do that with your

you're going to do that with your account and then use sudo for that

account and then use sudo for that but looking down here we can see the

but looking down here we can see the hashes for this computer okay and what's

hashes for this computer okay and what's interesting actually is Cali and John

interesting actually is Cali and John have the same password but they have

have the same password but they have different hashes and that is sort of

different hashes and that is sort of unique if you saw this in a Windows

unique if you saw this in a Windows machine if the password was the same on

machine if the password was the same on the local machine you would see the

the local machine you would see the exact same hash and that is a clear

exact same hash and that is a clear indicator that password reuse is in play

indicator that password reuse is in play but here it's not so the hashing

but here it's not so the hashing algorithm that's being used is a little

algorithm that's being used is a little bit different and it's generating

bit different and it's generating different hashes even though the

different hashes even though the password is the same regardless the

password is the same regardless the password for both of these accounts is

password for both of these accounts is password and that's very weak and can

password and that's very weak and can easily be cracked as we'll find out

easily be cracked as we'll find out later on okay now on to the Sue doers

later on okay now on to the Sue doers file what we're going to do is we're

file what we're going to do is we're going to do a pseudo cat and we're going

going to do a pseudo cat and we're going to look at

to look at Etsy

Etsy sudoers just like that and I might have

sudoers just like that and I might have typed that a little fast so I'm going to

typed that a little fast so I'm going to go ahead and scroll back up for a second

go ahead and scroll back up for a second pseudo cat

pseudo cat Etsy sudoers

Etsy sudoers okay just like that it should Auto tab

okay just like that it should Auto tab complete and from there we're gonna go

complete and from there we're gonna go in here and we're going to look at who

in here and we're going to look at who has what privileges

has what privileges well if you see allow members of a group

well if you see allow members of a group pseudo to execute any command and you

pseudo to execute any command and you see percent pseudo so it's calling sudo

see percent pseudo so it's calling sudo from somewhere else sometimes we can

from somewhere else sometimes we can just include users in here we could say

just include users in here we could say hey the user Cali I want to do these

hey the user Cali I want to do these things instead this is saying hey

things instead this is saying hey anybody a part of this group I want to

anybody a part of this group I want to be able to do whatever they want they

be able to do whatever they want they can execute any commands like they were

can execute any commands like they were the root user essentially

the root user essentially so with that what we're going to do is

so with that what we're going to do is we're going to take a look at who is in

we're going to take a look at who is in that percent pseudo group and we can do

that percent pseudo group and we can do that by using the grep command

that by using the grep command so we can say grep and we're going to

so we can say grep and we're going to get really familiar with grep in The

get really familiar with grep in The Bash scripting video but basically think

Bash scripting video but basically think of grep as pulling out a specific string

of grep as pulling out a specific string or element out of a file or some

or element out of a file or some contents that you want to see it's a

contents that you want to see it's a great way to narrow down specifics and

great way to narrow down specifics and pull down only the information that you

pull down only the information that you want and we're going to get really

want and we're going to get really familiar with it here in a couple videos

familiar with it here in a couple videos so we're going to say grep and then

so we're going to say grep and then we're going to say sudo just like this

we're going to say sudo just like this and we're going to do that from Etsy

and we're going to do that from Etsy group

okay and it says who has a pseudo privilege here all we see is Cali so our

privilege here all we see is Cali so our user has pseudo privilege if we wanted

user has pseudo privilege if we wanted to give privileges to John we'd have to

to give privileges to John we'd have to add John to the pseudo group in the Etsy

add John to the pseudo group in the Etsy group or we could add John specifically

group or we could add John specifically to the sudoers file and give him

to the sudoers file and give him specific permissions as well and as we

specific permissions as well and as we move on in the course and we get into

move on in the course and we get into privilege escalation and if you ever go

privilege escalation and if you ever go into more of the privilege escalation

into more of the privilege escalation courses that we have you'll see that we

courses that we have you'll see that we look at pseudo-privileges immediately

look at pseudo-privileges immediately when we get onto a machine by doing

when we get onto a machine by doing something like sudo-l and we'll take a

something like sudo-l and we'll take a look at those and say okay what commands

look at those and say okay what commands can I run and in this instance we could

can I run and in this instance we could see okay all commands can be run here

see okay all commands can be run here but sometimes that's not the case

but sometimes that's not the case sometimes we can only run one specific

sometimes we can only run one specific command or maybe John for example we

command or maybe John for example we want John to be able to run python

want John to be able to run python because John's a developer so John can

because John's a developer so John can run python with pseudo privileges but

run python with pseudo privileges but cannot run anything else so something to

cannot run anything else so something to think about depending on the individual

think about depending on the individual and who we want to give permissions to

and who we want to give permissions to on that machine they might not have

on that machine they might not have privileges to access everything as sudo

privileges to access everything as sudo they can actually be limited in what

they can actually be limited in what they can run as well so that is it for

they can run as well so that is it for this video I'm going to go ahead and

this video I'm going to go ahead and catch you in the next one

now we're going to touch on networking commands that are relevant to

commands that are relevant to penetration testing and relevant to this

penetration testing and relevant to this course

course so the first thing that we're going to

so the first thing that we're going to do is we're going to use the IP Command

do is we're going to use the IP Command and that is IPA

and that is IPA IPA lists all is the way I like to think

IPA lists all is the way I like to think about it and you can see here that we

about it and you can see here that we have a loopback address and we have our

have a loopback address and we have our eth0 this is our ethernet address

eth0 this is our ethernet address and you can see that we have an IP

and you can see that we have an IP address here ipv4 of

address here ipv4 of 192.168.138140 we are on a slash 24

192.168.138140 we are on a slash 24 subnet and here is our broadcast address

subnet and here is our broadcast address here we can also see our IPv6 here which

here we can also see our IPv6 here which is nice and we can see our Mac address

is nice and we can see our Mac address here

here so we can also look at this through the

so we can also look at this through the i f config command

and that will show us the same things here's ethernet zero here is the

here's ethernet zero here is the loopback all the same information here

loopback all the same information here ifconfig is the old school way of doing

ifconfig is the old school way of doing it IPA is the newer way of doing it IPA

it IPA is the newer way of doing it IPA is nice and colorful if I'm being honest

is nice and colorful if I'm being honest I still use ifconfig because I like the

I still use ifconfig because I like the old school way of doing things but IPA

old school way of doing things but IPA is the new way of doing things and in

is the new way of doing things and in some instances I have config requires

some instances I have config requires sudo to even run or may no longer be on

sudo to even run or may no longer be on a machine but in some instances IP is

a machine but in some instances IP is not a machine depending on what type of

not a machine depending on what type of machine you're on and what you access

machine you're on and what you access you may need either one of these so it's

you may need either one of these so it's great to show you both

great to show you both now while the IPA does all

now while the IPA does all if only shows the ethernet connection so

if only shows the ethernet connection so the hardwired connections if we want to

the hardwired connections if we want to see wireless connections we need to do

see wireless connections we need to do IW config

IW config and in this instance you're going to see

and in this instance you're going to see down here that we have no wireless

down here that we have no wireless connections right now when we get into

connections right now when we get into Wireless hacking we'll see that we have

Wireless hacking we'll see that we have connections established and we'll use

connections established and we'll use the IW config command but just know for

the IW config command but just know for now that it's for wireless and if you

now that it's for wireless and if you ever need to use it that's what it's for

ever need to use it that's what it's for let's clear our screen and the next

let's clear our screen and the next thing I want to cover is the ipn and n

thing I want to cover is the ipn and n stands for neighbor the alternative to

stands for neighbor the alternative to this is the ARP Dash a

this is the ARP Dash a okay what is ARP if you do not know what

okay what is ARP if you do not know what ARP is that is the address resolution

ARP is that is the address resolution protocol this comes from your networking

protocol this comes from your networking if you are not familiar with networking

if you are not familiar with networking then you may need to go study up on a

then you may need to go study up on a little bit of this now ARP says what IP

little bit of this now ARP says what IP address is associated with what Mac

address is associated with what Mac address and what happens is a broadcast

address and what happens is a broadcast message goes out when we are trying to

message goes out when we are trying to identify an IP address and a MAC address

identify an IP address and a MAC address so broadcast goes out and it says who

so broadcast goes out and it says who has this IP address and whoever has the

has this IP address and whoever has the IP address will come back and it'll say

IP address will come back and it'll say hey that's me I have that IP address and

hey that's me I have that IP address and here is my Mac address so now you can

here is my Mac address so now you can associate my Mac address with this IP

associate my Mac address with this IP address

address and it is a way to identify these two

and it is a way to identify these two items together and link them up so again

items together and link them up so again in this instance we can use the IAP

in this instance we can use the IAP command or the old ARP command now the

command or the old ARP command now the IP Command is a little bit prettier and

IP Command is a little bit prettier and a little bit more colorful I think

a little bit more colorful I think easier to read in my opinion but either

easier to read in my opinion but either will work in this situation

will work in this situation another IP Command that we're going to

another IP Command that we're going to want to run and know is the IPR command

want to run and know is the IPR command now R stands for route you could also

now R stands for route you could also type in route

type in route and you'll get similar feedback here so

and you'll get similar feedback here so what we're looking at is what is called

what we're looking at is what is called a routing table we want to know where

a routing table we want to know where our traffic is routing and here you can

our traffic is routing and here you can see on either one of these that we're

see on either one of these that we're routing through

routing through 192.168.138.0 we have an open Gateway we

192.168.138.0 we have an open Gateway we can see the Gateway here is

can see the Gateway here is 138.2 we can see our mask here and we

138.2 we can see our mask here and we can find all that information out up

can find all that information out up here as well so it's important to know

here as well so it's important to know the routing and what's going on

the routing and what's going on especially if you are in a network or

especially if you are in a network or example where you might have multiple

example where you might have multiple routes say if we come in and we say oh

routes say if we come in and we say oh IPA okay we're on the

IPA okay we're on the 192.168.138 network but we just try to

192.168.138 network but we just try to connect to only the machines on this

connect to only the machines on this network we see a slash 24 we think okay

network we see a slash 24 we think okay well I know a slash 24 has 255 potential

well I know a slash 24 has 255 potential IEP addresses and I'm going to go ahead

IEP addresses and I'm going to go ahead and just stick to scanning that subnet

and just stick to scanning that subnet and looking for those IPS on that subnet

and looking for those IPS on that subnet well if you looked at the routing table

well if you looked at the routing table you might actually see that there's a

you might actually see that there's a 137 in here or 136 or maybe a 10 dot IP

137 in here or 136 or maybe a 10 dot IP address or something different than what

address or something different than what you have here maybe you have the ability

you have here maybe you have the ability to talk to other networks even though

to talk to other networks even though you're on this one slash 24 Network

you're on this one slash 24 Network very important to look at the routing

very important to look at the routing table it's also important because in

table it's also important because in real life pen tests we have been on a

real life pen tests we have been on a quote unquote segmented Network and in

quote unquote segmented Network and in reality it really wasn't a segmented

reality it really wasn't a segmented Network there just wasn't a route to

Network there just wasn't a route to that Network so they said that we were

that Network so they said that we were isolated and we couldn't access anything

isolated and we couldn't access anything and all we had to do was say okay we're

and all we had to do was say okay we're going to go add that Network to our

going to go add that Network to our routing table and what do you know we

routing table and what do you know we were able to scan and connect to the

were able to scan and connect to the network so being able to know your

network so being able to know your routing table being able to understand

routing table being able to understand what a route is and how to add routes

what a route is and how to add routes how to remove routes can become

how to remove routes can become important as well these are things that

important as well these are things that you should already know from General

you should already know from General networking I'm showing you the commands

networking I'm showing you the commands here for basic routing and how to

here for basic routing and how to display the routing tables

display the routing tables if you need further information on

if you need further information on routing tables you should go look that

routing tables you should go look that up and research that before continuing

up and research that before continuing on with the ethical hacking course okay

on with the ethical hacking course okay last command I want to get through that

last command I want to get through that is the Ping command so I'm going to do

is the Ping command so I'm going to do an ifconfig again and in this instance

an ifconfig again and in this instance I'm just going to Ping

I'm just going to Ping 192.168.138 and I believe earlier I saw

192.168.138 and I believe earlier I saw a DOT 2 was my Gateway so I'm going to

a DOT 2 was my Gateway so I'm going to go ahead and just hit enter that should

go ahead and just hit enter that should talk back to me and it does now if you

talk back to me and it does now if you are a Windows user and you've ever used

are a Windows user and you've ever used ping before it will only send four

ping before it will only send four packets out so it'll check four times

packets out so it'll check four times as you can see here we are getting more

as you can see here we are getting more than four packets sent we are sending

than four packets sent we are sending indefinitely and I'm going to go ahead

indefinitely and I'm going to go ahead and just hit Ctrl C and stop that we are

and just hit Ctrl C and stop that we are definitely seeing that we're getting

definitely seeing that we're getting responses back now there is a way to

responses back now there is a way to limit the amount that we send in the

limit the amount that we send in the amount of traffic that we're sending but

amount of traffic that we're sending but basically what we're doing with the Ping

basically what we're doing with the Ping command is we're saying hey are you

command is we're saying hey are you there are you alive can you respond to

there are you alive can you respond to me let me know you're there so I asked

me let me know you're there so I asked the machine at this IP address to

the machine at this IP address to respond and tell me yes I am here now

respond and tell me yes I am here now this is called

this is called icmp traffic not all machines permit

icmp traffic not all machines permit icmp traffic just because we ping a

icmp traffic just because we ping a machine and it does not respond does not

machine and it does not respond does not mean that it's not online okay there are

mean that it's not online okay there are machines that have icmp disabled and

machines that have icmp disabled and will not respond to Ping requests but

will not respond to Ping requests but ping is a quick way to see if a machine

ping is a quick way to see if a machine is online and typically by default ping

is online and typically by default ping or icmp is enabled on most machine means

or icmp is enabled on most machine means just as a further example we can ping a

just as a further example we can ping a machine that we do not believe to be

machine that we do not believe to be alive so I'm going to change this to a

alive so I'm going to change this to a three I don't think there's a three on

three I don't think there's a three on my network

my network and you're gonna see it's going to try

and you're gonna see it's going to try to send data and it's just going to get

to send data and it's just going to get stuck here and say host unreachable

stuck here and say host unreachable now again that could potentially mean

now again that could potentially mean that that host is not there or it could

that that host is not there or it could potentially mean that the host has icmp

potentially mean that the host has icmp disabled but we're going to be using

disabled but we're going to be using ping sweeping to identify host in our

ping sweeping to identify host in our Network and we'll do that here in just a

Network and we'll do that here in just a couple of videos but I wanted you to get

couple of videos but I wanted you to get familiar with the Ping command if you

familiar with the Ping command if you weren't familiar already

weren't familiar already now there are some commands in this

now there are some commands in this video that we did not talk about for

video that we did not talk about for example the netstat command now the

example the netstat command now the netsack command is used to identify what

netsack command is used to identify what open ports and services are there we'll

open ports and services are there we'll take a look at that more later on but

take a look at that more later on but just know that that command exists and

just know that that command exists and that we're going to do due diligence on

that we're going to do due diligence on a command later so any of you that are

a command later so any of you that are watching that have networking background

watching that have networking background or like hey you didn't show netstat

or like hey you didn't show netstat that's so important you're correct it's

that's so important you're correct it's coming later on in the course so that's

coming later on in the course so that's it for this video we're going to go

it for this video we're going to go ahead and move on to the next one

let's now talk about viewing creating and editing files and we've done a

and editing files and we've done a little bit of this in the course already

little bit of this in the course already you've seen me do something like Echo

you've seen me do something like Echo hello and remember that prints out to

hello and remember that prints out to the screen

the screen and we could just Echo that again like a

and we could just Echo that again like a hello and put that into a file and

hello and put that into a file and you've seen me do that we'll just call

you've seen me do that we'll just call this one hey.txt

this one hey.txt and if we LS we should see hey.txt right

and if we LS we should see hey.txt right here

here if we do a cat

if we do a cat a DOT txt we should print out to the

a DOT txt we should print out to the screen hello

screen hello all these should be pretty familiar to

all these should be pretty familiar to you

you so let's build upon this let's talk

so let's build upon this let's talk about how we can append to this and

about how we can append to this and overwrite these files in different ways

overwrite these files in different ways that we can actually create and edit

that we can actually create and edit files I'm going to clear the screen here

files I'm going to clear the screen here now what if I wanted to add to this file

now what if I wanted to add to this file and I'm just tapping up by the way what

and I'm just tapping up by the way what if I want to say hello again

if I want to say hello again so I want to say Echo hello again into

so I want to say Echo hello again into this hey.txt file that already exists

this hey.txt file that already exists what do we think is going to happen here

what do we think is going to happen here so I'm going to go ahead and hit enter

so I'm going to go ahead and hit enter and then I'm going to cut out the

and then I'm going to cut out the hey.txt

hey.txt well now it says hello again it used to

well now it says hello again it used to say hello well that is because when we

say hello well that is because when we use one greater than symbol like this

use one greater than symbol like this what's going to happen is that

what's going to happen is that overwrites the file

overwrites the file so if we tab up and if we go over and we

so if we tab up and if we go over and we just write hey again again just for fun

just write hey again again just for fun and let's add a second one of these so

and let's add a second one of these so now there should be two of these greater

now there should be two of these greater than symbols we hit enter we cat out

than symbols we hit enter we cat out a DOT dxt

a DOT dxt and now you can see it says hello again

and now you can see it says hello again and hello again again

and hello again again why do we care why are we doing this

why do we care why are we doing this well when we are using

well when we are using scripting for example and we want to

scripting for example and we want to Loop through a bunch of information and

Loop through a bunch of information and we want to add that information to a

we want to add that information to a file we might use something like this

file we might use something like this where if we're Gathering say i p

where if we're Gathering say i p addresses this is foreshadowing by the

addresses this is foreshadowing by the way if they were gathering IP addresses

way if they were gathering IP addresses and we are wanting to put them all in a

and we are wanting to put them all in a file we're going to need to use

file we're going to need to use something like a double greater than in

something like a double greater than in order to not overwrite the file with one

order to not overwrite the file with one IP address we want to list all the IP

IP address we want to list all the IP addresses in the file

addresses in the file so you're going to see that when we get

so you're going to see that when we get into the bash scripting of this section

into the bash scripting of this section let's clear our screen another way that

let's clear our screen another way that we can make a new file is just to say

we can make a new file is just to say touch

touch new file.txt

new file.txt and if we LS you can see that new

and if we LS you can see that new file.txt is here we can cat out new

file.txt is here we can cat out new file.txt

file.txt [Music]

[Music] and nothing is going to be in there

and nothing is going to be in there because we didn't tell it to do anything

because we didn't tell it to do anything we just said touch which creates a file

we just said touch which creates a file so we can use a different type of Editor

so we can use a different type of Editor to try and edit this and save the file

to try and edit this and save the file now there are a few editors that we can

now there are a few editors that we can use within our terminal so we can use

use within our terminal so we can use something called Nano which is my

something called Nano which is my personal favorite

personal favorite you may hear other people talk about VI

you may hear other people talk about VI in Vim you may hear lots of jokes about

in Vim you may hear lots of jokes about quitting them and how it's impossible to

quitting them and how it's impossible to quit them and for that reason honestly

quit them and for that reason honestly because of the complications and because

because of the complications and because I like Simplicity I just use Nano so we

I like Simplicity I just use Nano so we can Nano new file

can Nano new file and in here you can type whatever you

and in here you can type whatever you want I'm going to literally say I can

want I'm going to literally say I can type whatever I want in here

and now I'm going to hit Ctrl X and throughout this course you're going to

throughout this course you're going to actually see me

actually see me use Nano quite a bit and we're going to

use Nano quite a bit and we're going to use it for updating files and Shell Code

use it for updating files and Shell Code and it's beneficial if we log into a

and it's beneficial if we log into a machine remotely for example and we

machine remotely for example and we won't have the ability to have a

won't have the ability to have a graphical user interface type notepad

graphical user interface type notepad which I'm going to show you here in a

which I'm going to show you here in a second we might not have the luxury of

second we might not have the luxury of having something like that we might have

having something like that we might have to use Nano or Bim or in in terminal

to use Nano or Bim or in in terminal text editor so we're going to go ahead

text editor so we're going to go ahead and hit Ctrl X here I'm going to hit Y

and hit Ctrl X here I'm going to hit Y which is going to say yes I want to save

which is going to say yes I want to save this file and then I'm going to hit

this file and then I'm going to hit enter

enter and now if I cut out newfile.txt

and now if I cut out newfile.txt you can see it says I can type whatever

you can see it says I can type whatever I want in here

I want in here lastly we're going to look at a

lastly we're going to look at a graphical notepad so we're going to use

graphical notepad so we're going to use mouse pad we can type in mouse pad

mouse pad we can type in mouse pad and we can just say new file dot txt

and we can just say new file dot txt just like we created and hidden here you

just like we created and hidden here you can see that it says I can type whatever

can see that it says I can type whatever I want in here and that's true I can

I want in here and that's true I can also modify it's just like a notepad if

also modify it's just like a notepad if you had on Windows machine or if you've

you had on Windows machine or if you've used leafpad or any sort of notepad type

used leafpad or any sort of notepad type material this one's just called mouse

material this one's just called mouse pad so we can control s and save and

pad so we can control s and save and then just exit out if we cat out our new

then just exit out if we cat out our new file again you can see I can also modify

file again you can see I can also modify now throughout this course you might see

now throughout this course you might see me use a tool called G edit it is not

me use a tool called G edit it is not installed on this machine yet though we

installed on this machine yet though we are making updates to the course we will

are making updates to the course we will be using G edit anytime you see me use G

be using G edit anytime you see me use G edit feel free to use mouse pad instead

edit feel free to use mouse pad instead of G edit it's become deprecated

of G edit it's become deprecated offensive security got rid of it in Kali

offensive security got rid of it in Kali Linux and now if you go hit G edit it'll

Linux and now if you go hit G edit it'll say it's not found but you can install

say it's not found but you can install it we're not going to do that right now

it we're not going to do that right now but when we install Tools in a upcoming

but when we install Tools in a upcoming video you will be able to install that

video you will be able to install that with one of the tools that we're running

with one of the tools that we're running so anyway just note that we're going to

so anyway just note that we're going to be using mouse pad instead of G edit

be using mouse pad instead of G edit because it's the new and latest and

because it's the new and latest and greatest

greatest one last thing with Nano or any of these

one last thing with Nano or any of these tools

tools you can make a brand new file so you can

you can make a brand new file so you can say like brand new file.txt and then you

say like brand new file.txt and then you can type whatever in here and control X

can type whatever in here and control X hit Y hit enter and then you can cat out

hit Y hit enter and then you can cat out brand new file and guess what it's there

brand new file and guess what it's there so the file doesn't have to be existing

so the file doesn't have to be existing to use Nano or existing to use mouse pad

to use Nano or existing to use mouse pad you can create new files with these

you can create new files with these commands as well

commands as well so that is it for this video I'm gonna

so that is it for this video I'm gonna go ahead and catch you in the next one

another topic we need to talk about is starting and stopping services

starting and stopping services we may have a service like a web server

we may have a service like a web server or SSH or maybe SQL or some sort of

or SSH or maybe SQL or some sort of database that we need to start while

database that we need to start while we're already running Cali or we might

we're already running Cali or we might want to start a service on boot every

want to start a service on boot every single time that our computer loads if

single time that our computer loads if you've ever used Windows this is similar

you've ever used Windows this is similar to installing a program and then having

to installing a program and then having that boot up on launch it's kind of the

that boot up on launch it's kind of the same thing here if we're installing

same thing here if we're installing something we want that service to start

something we want that service to start on launch we have to tell our machine to

on launch we have to tell our machine to do that so we're going to look at how to

do that so we're going to look at how to start a service and how to have a

start a service and how to have a service start on launch so the first

service start on launch so the first service that we're going to look at is

service that we're going to look at is the Apache service and this is what I

the Apache service and this is what I used to use when I first started out as

used to use when I first started out as an ethical hacker and the reason is is

an ethical hacker and the reason is is that we can spin up our own web server

that we can spin up our own web server fairly easily and host malicious data or

fairly easily and host malicious data or files or things that we might want to

files or things that we might want to access or might want somebody else to

access or might want somebody else to access so before we run that command I

access so before we run that command I do want to do a proof of concept so

do want to do a proof of concept so let's do an ifconfig

let's do an ifconfig and we're going to grab our IP address

and we're going to grab our IP address here I'm going to copy this

here I'm going to copy this and then I want to open up Firefox

and then I want to open up Firefox from within Firefox I'm going to go

from within Firefox I'm going to go ahead and try to navigate to that IP

ahead and try to navigate to that IP address

address and you're going to see that it says

and you're going to see that it says it's unable to connect this is exactly

it's unable to connect this is exactly what we expected

what we expected so now what we're going to do is we're

so now what we're going to do is we're going to come in here and we're going to

going to come in here and we're going to say sudo service

say sudo service Apache to

Apache to start

start we hit enter it's going to ask for our

we hit enter it's going to ask for our sudo password

and then we have no confirmation of anything so let's go ahead and come in

anything so let's go ahead and come in back into the browser

back into the browser and we're going to refresh

and we're going to refresh and let's take away the https and now

and let's take away the https and now you can see that this is here on Port

you can see that this is here on Port 80. so we are actually on HTTP not https

80. so we are actually on HTTP not https and we have an Apache server running now

and we have an Apache server running now now let's say we wanted to stop this

now let's say we wanted to stop this service we could we can go in here and

service we could we can go in here and say sudo service Apache to stop and

say sudo service Apache to stop and before we do that I want to show you

before we do that I want to show you something so if we come back into the

something so if we come back into the Apache 2 I'm going to make this a little

Apache 2 I'm going to make this a little bit bigger

bit bigger you could see that our files are located

you could see that our files are located in the VAR

in the VAR www.html folder and what that is if we

www.html folder and what that is if we come to our home folder here

come to our home folder here and we just go to file system

and we just go to file system we scroll down and go to bar

we scroll down and go to bar and then we go to www

and then we go to www .html all I'm doing is going to the same

.html all I'm doing is going to the same location here

location here why I'm doing this is this is where if I

why I'm doing this is this is where if I wanted to host like a picture or a file

wanted to host like a picture or a file or malware I could put that in here this

or malware I could put that in here this index.html is the same index page that's

index.html is the same index page that's loaded here like if I open that that's

loaded here like if I open that that's literally the same page that's being

literally the same page that's being hosted you're seeing it here from a file

hosted you're seeing it here from a file format but now if I go back you can see

format but now if I go back you can see I'm hosting it at this IP address so if

I'm hosting it at this IP address so if I wanted to host something malicious I

I wanted to host something malicious I could do that now in order to stop the

could do that now in order to stop the service all we have to do is say stop

service all we have to do is say stop hit enter then we come back and we

hit enter then we come back and we refresh this page

refresh this page you can see that we're now again unable

you can see that we're now again unable to connect

to connect now I did mention the beginning of this

now I did mention the beginning of this video that this was my favorite way to

video that this was my favorite way to host malicious stuff or just host files

host malicious stuff or just host files for whatever purpose now that has

for whatever purpose now that has changed

changed I now use Python to do this so we can

I now use Python to do this so we can create a file let's go ahead and just

create a file let's go ahead and just say Echo hello and we're going to do

say Echo hello and we're going to do [Music]

[Music] hello.txt

hello.txt so if we LS we can see that we've got a

so if we LS we can see that we've got a bunch of stuff in here

bunch of stuff in here um hello.txt being one of them so what

um hello.txt being one of them so what I'm going to do is I'm going to spin up

I'm going to do is I'm going to spin up a web server on the fly with python so

a web server on the fly with python so I'm going to say python three

I'm going to say python three Dash m http.server

and then I'm going to give it port 80. now what we're saying is we want to run

now what we're saying is we want to run the module HTTP server and we're going

the module HTTP server and we're going to run Port 80 here you can put whatever

to run Port 80 here you can put whatever Port you want

Port you want and you can see now it says hey it's

and you can see now it says hey it's hosting up HTTP on Port 80 and what's

hosting up HTTP on Port 80 and what's going to happen is any file within the

going to happen is any file within the directory that I'm in is going to now be

directory that I'm in is going to now be hosted so you can see that I'm hosting

hosted so you can see that I'm hosting all this stuff here pretty awesome it's

all this stuff here pretty awesome it's a quick way to host up a web server

a quick way to host up a web server without having to start and stop

without having to start and stop services and you can on the fly from

services and you can on the fly from within a folder just start a web server

within a folder just start a web server so I think this is the cooler and better

so I think this is the cooler and better way to do it so I wanted to show you how

way to do it so I wanted to show you how to start a service but also that python

to start a service but also that python has some robust capabilities as well if

has some robust capabilities as well if you follow into the python section we'll

you follow into the python section we'll cover how to run an FTP server as well

cover how to run an FTP server as well which is also fun stuff so I'm going to

which is also fun stuff so I'm going to hit Ctrl C which is going to again shut

hit Ctrl C which is going to again shut down the server if I come here refresh

down the server if I come here refresh you'll see that it's now shut down

you'll see that it's now shut down and we can go ahead and talk about one

and we can go ahead and talk about one more thing before we go so let's say

more thing before we go so let's say that we wanted a service to start when

that we wanted a service to start when we started our machine well for that

we started our machine well for that we're going to use the system CTL

we're going to use the system CTL command system CTL

command system CTL and we can say enable if we wanted to

and we can say enable if we wanted to for example enable SSH we can come in

for example enable SSH we can come in here and just enable SSH and we just hit

here and just enable SSH and we just hit enter on this

enter on this and now you can see that it's enabled so

and now you can see that it's enabled so when we restart the computer SSH will

when we restart the computer SSH will always be enabled for us now I'm going

always be enabled for us now I'm going to disable that this isn't like security

to disable that this isn't like security best practice

and now you can see that we have disabled it and we're good to go so if

disabled it and we're good to go so if you ever have a service that you want to

you ever have a service that you want to run you just need to figure out the name

run you just need to figure out the name of the service and enable that and there

of the service and enable that and there may be times that you want things to run

may be times that you want things to run like historically I have ran SSH with it

like historically I have ran SSH with it enabled or I used to run the Apache 2

enabled or I used to run the Apache 2 server so I didn't have to spin it up

server so I didn't have to spin it up every time I just had a place to go

every time I just had a place to go immediately host that but your mileage

immediately host that but your mileage may vary depending on what it is you

may vary depending on what it is you want to run but knowing these commands

want to run but knowing these commands is important in case you need to start

is important in case you need to start or stop a service maybe restart a

or stop a service maybe restart a service same thing with enabling a

service same thing with enabling a service at boot up or disabling a

service at boot up or disabling a service at boot up so that's it for this

service at boot up so that's it for this video I'll go ahead and see you over in

video I'll go ahead and see you over in the next one

now let's talk about installing and updating tools

updating tools so the first thing that we're going to

so the first thing that we're going to do for Mark command line is we're going

do for Mark command line is we're going to look at how we would update our

to look at how we would update our current machine so just like other

current machine so just like other operating systems Linux machines require

operating systems Linux machines require updates as well and patching can be best

updates as well and patching can be best practice

practice so in order to update and upgrade our

so in order to update and upgrade our machine we're going to use the sudo

machine we're going to use the sudo command

command and we're going to say apt apt

and we're going to say apt apt and then we're going to say update and

and then we're going to say update and upgrade just like that so make sure you

upgrade just like that so make sure you use two Ampersand symbols here we're

use two Ampersand symbols here we're going to do two commands we're going to

going to do two commands we're going to say first I want you to update second I

say first I want you to update second I want you to upgrade

want you to upgrade well why are we doing this why are we

well why are we doing this why are we running two commands in the first place

running two commands in the first place well what we do when we actually install

well what we do when we actually install items on our Cali machine we are going

items on our Cali machine we are going out to what are called repositories and

out to what are called repositories and we're looking through packages and the

we're looking through packages and the update command is going out to the known

update command is going out to the known repositories and it is updating those

repositories and it is updating those repositories and then it's going to look

repositories and then it's going to look at those repositories and say okay what

at those repositories and say okay what needs upgraded here so what tools have

needs upgraded here so what tools have upgrades or updates available for them

upgrades or updates available for them that we need so if we run this command

that we need so if we run this command you're going to see that it's going to

you're going to see that it's going to go through these repositories you can

go through these repositories you can see it going through these Cali rolling

see it going through these Cali rolling and release AMD 64 packages and contents

and release AMD 64 packages and contents etc etc it'll take some time as it goes

etc etc it'll take some time as it goes through and it updates these

through and it updates these repositories it's going to find what

repositories it's going to find what programs we need and it'll provide it in

programs we need and it'll provide it in a list now what you can see is it's

a list now what you can see is it's asking us are you rude so this is a

asking us are you rude so this is a lesson here sometimes we have to be the

lesson here sometimes we have to be the root user we can't be just a pseudo user

root user we can't be just a pseudo user to run the command so what we're going

to run the command so what we're going to do in this instance is we're going to

to do in this instance is we're going to sudo switch user into root now we're

sudo switch user into root now we're root and we're going to run that command

root and we're going to run that command again we're going to say apt update

again we're going to say apt update and apt upgrade

okay and it's going to run through this and then it should provide us with a

and then it should provide us with a list of what we're going to install

list of what we're going to install which if we scroll back up to the top

which if we scroll back up to the top you can see that it says hey these

you can see that it says hey these packages were automatically installed

packages were automatically installed and no longer required and it says we

and no longer required and it says we can use the APT Auto remove command to

can use the APT Auto remove command to do that it's saying here are the brand

do that it's saying here are the brand new packages that need to be installed

new packages that need to be installed and then here are the packages that are

and then here are the packages that are going to be upgraded so these are

going to be upgraded so these are already installed such as like Apache 2

already installed such as like Apache 2 has some updates that are required and

has some updates that are required and it's going to go through and install all

it's going to go through and install all these now when you scroll down to the

these now when you scroll down to the bottom it's going to say you need 801

bottom it's going to say you need 801 megabytes and yours might be different

megabytes and yours might be different depending on when you watch this video

depending on when you watch this video it's going to say do you want to

it's going to say do you want to continue this operation

continue this operation in this instance I'm going to say no

in this instance I'm going to say no and the reason that I'm going to say no

and the reason that I'm going to say no is because updating on Kali Linux can

is because updating on Kali Linux can break things you should always have

break things you should always have almost two copies of your Linux right

almost two copies of your Linux right you should take a backup copy before you

you should take a backup copy before you ever make an update and there are some

ever make an update and there are some limitations on being able to make

limitations on being able to make backups depending on if you're using

backups depending on if you're using VMware or virtualbox and we're not going

VMware or virtualbox and we're not going to get into that right now but just know

to get into that right now but just know that tools can easily get broken by

that tools can easily get broken by pushing updates and we'll talk about a

pushing updates and we'll talk about a tool that you can use that is up to date

tool that you can use that is up to date and kind of makes your Cali the latest

and kind of makes your Cali the latest and greatest without breaking anything

and greatest without breaking anything even the current version of Cali right

even the current version of Cali right now 2022.2 not all the tools work out of

now 2022.2 not all the tools work out of the box as the way they should

the box as the way they should we'll talk about that in just a little

we'll talk about that in just a little bit so let's say that you wanted to

bit so let's say that you wanted to install a tool we're just going to go

install a tool we're just going to go grab one as an example so let's say that

grab one as an example so let's say that there was a tool you wanted to install

there was a tool you wanted to install like this cron Damon common I'm just

like this cron Damon common I'm just going to copy that

going to copy that you could come in here and you could say

you could come in here and you could say apt install Ron Damon common like this

apt install Ron Damon common like this hit enter and it's going to say oh you

hit enter and it's going to say oh you want to install this just hit yes and it

want to install this just hit yes and it will install and it will also upgrade

will install and it will also upgrade this cron package here I'm not going to

this cron package here I'm not going to do that but just know that you can also

do that but just know that you can also install applications as a one-time thing

install applications as a one-time thing if they're a part of the repository that

if they're a part of the repository that you have we're not going to get into

you have we're not going to get into updating repositories and adding manual

updating repositories and adding manual repositories we don't need to know that

repositories we don't need to know that at this point in our Linux careers we

at this point in our Linux careers we just need to understand that we're going

just need to understand that we're going out to repository and we can download

out to repository and we can download those items or packages based on what is

those items or packages based on what is in the repository so updating the

in the repository so updating the repository is always good and then we

repository is always good and then we checked for upgrades available to our

checked for upgrades available to our packages

packages in this instance we're not going to do

in this instance we're not going to do any updating or upgrading but there may

any updating or upgrading but there may be a time where we need to install a

be a time where we need to install a specific tool we go out to the web and

specific tool we go out to the web and we have to grab a tool and it says Hey

we have to grab a tool and it says Hey run this app install command this is

run this app install command this is what it's going to be doing this is how

what it's going to be doing this is how we would install something if we need to

we would install something if we need to now the next thing that we're going to

now the next thing that we're going to look at is we're going to look at the

look at is we're going to look at the get command

get command and git is a tool that runs with GitHub

and git is a tool that runs with GitHub I'm going to open up a new Firefox and

I'm going to open up a new Firefox and I'm going to make this a little bit

I'm going to make this a little bit bigger we're going to go to GitHub

bigger we're going to go to GitHub actually let's just go to Google we're

actually let's just go to Google we're going to go to Google

going to go to Google and a lot of times in our ethical

and a lot of times in our ethical hacking careers we're going to be

hacking careers we're going to be searching for tools we're going to come

searching for tools we're going to come out here and we're going to say oh I

out here and we're going to say oh I really want to find a tool maybe that

really want to find a tool maybe that does brute force Office 365 and then I

does brute force Office 365 and then I might say something like GitHub and you

might say something like GitHub and you can see it's already starting to

can see it's already starting to fill out and we might go find something

fill out and we might go find something like okay there's this Daft hack tool we

like okay there's this Daft hack tool we might click on that and we come in here

might click on that and we come in here and it might tell you how to install

and it might tell you how to install this well this is Powershell so that's

this well this is Powershell so that's not a great example uh we might come

not a great example uh we might come into here we might say okay here's one

into here we might say okay here's one how to install so you go through and

how to install so you go through and it'll say here's the usage on how to use

it'll say here's the usage on how to use this and sometimes we'll give you

this and sometimes we'll give you installation instructions but a lot of

installation instructions but a lot of times all you will need to do is you'll

times all you will need to do is you'll need to come in here and just download

need to come in here and just download the code to install the file so I'm

the code to install the file so I'm going to show you a tool that we're

going to show you a tool that we're going to install and run we go to Google

going to install and run we go to Google and we search for hemp my Cali

and we search for hemp my Cali just like that you're going to see that

just like that you're going to see that we can click in here and this tool is

we can click in here and this tool is available to us to download now

available to us to download now one way to look at a tool and see if it

one way to look at a tool and see if it has any relevancy on GitHub is to look

has any relevancy on GitHub is to look up at the number of stars that it has in

up at the number of stars that it has in the forks that it has

the forks that it has anything with like 700 stars like this

anything with like 700 stars like this is pretty reputable and you also should

is pretty reputable and you also should look at when it was last updated you can

look at when it was last updated you can see that this was last updated last

see that this was last updated last month now full disclosure DeWalt

month now full disclosure DeWalt actually works for TCM security and is a

actually works for TCM security and is a fantastic person if you never got to

fantastic person if you never got to interact with DeWalt he is somebody that

interact with DeWalt he is somebody that is awesome and a great resource he built

is awesome and a great resource he built this out because there were so many

this out because there were so many issues with Kali Linux and the tools

issues with Kali Linux and the tools that were coming freshly installed like

that were coming freshly installed like in 2022.2 don't always work in the way

in 2022.2 don't always work in the way that we intend them to work so a lot of

that we intend them to work so a lot of tools are broken some things need

tools are broken some things need downgraded and there's a lot of options

downgraded and there's a lot of options in here that can tell you hey here's

in here that can tell you hey here's what we can fix like we can fix

what we can fix like we can fix different missing issues that are going

different missing issues that are going on or we can fix go laying or fix impack

on or we can fix go laying or fix impack it and you don't have to worry about

it and you don't have to worry about what any of that means right now until

what any of that means right now until we get into pen testing but this is

we get into pen testing but this is something that we actually do install

something that we actually do install and run when we build out our lab

and run when we build out our lab machines or we build out our machines

machines or we build out our machines for even hacking on clients this is such

for even hacking on clients this is such a well done tool and he tells you in

a well done tool and he tells you in here how to install it he says hey get

here how to install it he says hey get clone right here off of this address we

clone right here off of this address we can also come up here we can go to the

can also come up here we can go to the code and we can just copy we say copy my

code and we can just copy we say copy my Cali right here and then we'll come in

Cali right here and then we'll come in and we can just say get clone

and we can just say get clone actually let's switch user I'm sorry

actually let's switch user I'm sorry let's sudo or let's switch user back to

let's sudo or let's switch user back to Cali

Cali and we'll enter here and then what I

and we'll enter here and then what I like to do when I install tools is I

like to do when I install tools is I like to install them into the op folder

like to install them into the op folder the opt folder so from here we're going

the opt folder so from here we're going to run get clone

to run get clone paste that

actually we're going to run sudo get clone I apologize

clone I apologize and then enter your password

and now if we look in here we should have Pimp My Cali which we do so if we

have Pimp My Cali which we do so if we CD to Pimp My Cali

CD to Pimp My Cali and now we LS we can see that we have

and now we LS we can see that we have the pimp mycali.sh script if you come

the pimp mycali.sh script if you come back into the website it will tell you

back into the website it will tell you how to run and operate this any decent

how to run and operate this any decent GitHub will say hey here's how you run

GitHub will say hey here's how you run this script so it says hey just run sudo

this script so it says hey just run sudo hit my Cali this is for a new Cali VM

hit my Cali this is for a new Cali VM you just need to run menu option n we're

you just need to run menu option n we're going to copy this and paste it

going to copy this and paste it and then we're gonna run it

and then we're gonna run it so now this tells you what do you want

so now this tells you what do you want to do well here's all the different

to do well here's all the different options N is a new VM setup run this

options N is a new VM setup run this option as your first time running Pimp

option as your first time running Pimp My Cali okay so that's going to fix all

My Cali okay so that's going to fix all the things for you I'm going to go ahead

the things for you I'm going to go ahead and hit n and let this run it's going to

and hit n and let this run it's going to go out and fetch some stuff from

go out and fetch some stuff from repositories and it's running apt update

repositories and it's running apt update and now it's going to install certain

and now it's going to install certain tools and packages and uninstall certain

tools and packages and uninstall certain tools and packages as you can see it's

tools and packages as you can see it's rolling through here so go ahead and let

rolling through here so go ahead and let this run I'm going to pause the video

this run I'm going to pause the video here for a second and then meet me back

here for a second and then meet me back when you're at the next screen where you

when you're at the next screen where you can actually enter in any sort of

can actually enter in any sort of command

command okay so it's been about five minutes and

okay so it's been about five minutes and we get to this page here and you can see

we get to this page here and you can see that it's asking us if we want to run

that it's asking us if we want to run root login installation it explains that

root login installation it explains that in Cali 2019 point x the default user

in Cali 2019 point x the default user used to be root which we talked about

used to be root which we talked about early on in this course and now that

early on in this course and now that they've switched it to Cali which is

they've switched it to Cali which is what we've been using now do we want to

what we've been using now do we want to re-enable the ability to log in as root

re-enable the ability to log in as root in Cali in this instance I'm going to

in Cali in this instance I'm going to choose yes however

choose yes however you need to make sure that you are

you need to make sure that you are comfortable and capable of running as

comfortable and capable of running as root

root in Linux if you do not feel comfortable

in Linux if you do not feel comfortable stick with running as Cali you're going

stick with running as Cali you're going to see me throughout the course as we

to see me throughout the course as we get into the ethical hacking section

get into the ethical hacking section running as root just know that there may

running as root just know that there may be times where you might need to use

be times where you might need to use sudo or you may need to switch user into

sudo or you may need to switch user into root as you saw me do with upgrading

root as you saw me do with upgrading packages just a few minutes ago that may

packages just a few minutes ago that may be required so if you're understanding

be required so if you're understanding of that you can hit no on this screen

of that you can hit no on this screen and that's perfectly okay security best

and that's perfectly okay security best practice to just to hit no I'm going to

practice to just to hit no I'm going to hit yes because I feel comfortable

hit yes because I feel comfortable running as root I'm the only user on

running as root I'm the only user on this machine and I don't have any

this machine and I don't have any accountability or repudiation to worry

accountability or repudiation to worry about so I'm going to give a new

about so I'm going to give a new password for this

and I'm going to enter it again and now it's going to ask if we want to

and now it's going to ask if we want to copy everything over from our Cali

copy everything over from our Cali folder into our root folder I'm going to

folder into our root folder I'm going to say no

and now it's going to continue on installing so we're going to let this

installing so we're going to let this run again go ahead and pause the video

run again go ahead and pause the video if you need to and then we'll meet you

if you need to and then we'll meet you back when this is all said and done

back when this is all said and done okay and when everything is said and

okay and when everything is said and done which it took about 10 minutes to

done which it took about 10 minutes to get through all that you should get to

get through all that you should get to this all done happy hacking screen right

this all done happy hacking screen right here and everything should be installed

here and everything should be installed for you if you chose to go the root

for you if you chose to go the root route that's a weird thing to say if you

route that's a weird thing to say if you chose to go the root route you can log

chose to go the root route you can log out and log back in as root and begin

out and log back in as root and begin using Linux as root otherwise you can

using Linux as root otherwise you can continue on with this lesson using Cali

continue on with this lesson using Cali as your main user so we're going to go

as your main user so we're going to go ahead and move on to the next video

last video in the section and this is going to be one of my favorites so what

going to be one of my favorites so what we're going to be talking about is

we're going to be talking about is scripting with bash I'm going to show

scripting with bash I'm going to show you some cool tricks that we can do to

you some cool tricks that we can do to kind of narrow down some of the results

kind of narrow down some of the results that we get and then I'm going to show

that we get and then I'm going to show you how you can automate some of that

you how you can automate some of that process and we'll take that and even

process and we'll take that and even write out some for loops and one line

write out some for loops and one line Loops which this might not make any

Loops which this might not make any sense right now and that's absolutely

sense right now and that's absolutely okay but by the time the video is done

okay but by the time the video is done hopefully it does so the first thing I

hopefully it does so the first thing I want to show you is I want to show you

want to show you is I want to show you how we're going to write a ping sweep so

how we're going to write a ping sweep so we're going to write a pink sweeper

we're going to write a pink sweeper basically we're going to go out and say

basically we're going to go out and say I want to Ping a device if that device

I want to Ping a device if that device is alive go ahead and show me that

is alive go ahead and show me that result and we're going to sweep an

result and we're going to sweep an entire network

entire network so what we're going to do first is we're

so what we're going to do first is we're going to identify a device that's alive

going to identify a device that's alive so we can test this out and then build

so we can test this out and then build upon that so you can go ahead and type

upon that so you can go ahead and type in ifconfig

in ifconfig and then just hit enter

and then just hit enter now my ethernet here is on a netted

now my ethernet here is on a netted Network so I'm running through a

Network so I'm running through a different IP address subnet here so this

different IP address subnet here so this one is 192.168 57 150 my actual IP

one is 192.168 57 150 my actual IP address is on a dot four dot X here so

address is on a dot four dot X here so I'm going to for this example I'm going

I'm going to for this example I'm going to be pinging

192.168.4.29 however and you can see here's the Ping that we're getting back

here's the Ping that we're getting back however if you are unsure of a IP

however if you are unsure of a IP address in your house that is active or

address in your house that is active or your Subnet in your house that's okay

your Subnet in your house that's okay you can just run 57.1 for this example

you can just run 57.1 for this example you might not get a lot of return

you might not get a lot of return results however you might only get one

results however you might only get one or two when we do this sweep so I advise

or two when we do this sweep so I advise you to figure out what your IP address

you to figure out what your IP address is that's a good challenge anyway and if

is that's a good challenge anyway and if you are familiar with networking which

you are familiar with networking which you should be at this point then you

you should be at this point then you should be able to determine the IP

should be able to determine the IP address of your home network but if you

address of your home network but if you do not do that then you can use 57.1 or

do not do that then you can use 57.1 or whatever your IP address is here on this

whatever your IP address is here on this third octet so that will also work if

third octet so that will also work if you see that

you see that all right so I'm going to clear this now

all right so I'm going to clear this now what are we noticing when we're pinging

what are we noticing when we're pinging we're pinging this address and we're

we're pinging this address and we're getting some data back now if we ping an

getting some data back now if we ping an active address you can see that we get

active address you can see that we get okay 64 bytes from 192 1684.29 it's

okay 64 bytes from 192 1684.29 it's saying it's active we're getting details

saying it's active we're getting details back if we were to Ping something let me

back if we were to Ping something let me do like 41.

do like 41. where we just don't get any data back

where we just don't get any data back okay and let's try this one more time

okay and let's try this one more time let's try this a different way let's do

let's try this a different way let's do like a count of one dash C of one we'll

like a count of one dash C of one we'll do a count of one

do a count of one it's going to try to send one packet

it's going to try to send one packet over and see if it works nothing's

over and see if it works nothing's happening right it's trying to transmit

happening right it's trying to transmit that packet you could see that it's

that packet you could see that it's getting zero received here where here is

getting zero received here where here is getting four received no data is coming

getting four received no data is coming back it's just not doing anything for us

back it's just not doing anything for us so the thing that we can identify here

so the thing that we can identify here is what's the big difference if we look

is what's the big difference if we look at line one and two versus line one and

at line one and two versus line one and two what are we seeing when we get data

two what are we seeing when we get data back well the big difference here is

back well the big difference here is we're well two of them I guess we see

we're well two of them I guess we see that we get this response right that's a

that we get this response right that's a big difference and then down here it'll

big difference and then down here it'll say hey we received some packets if it's

say hey we received some packets if it's not zero now the easy way to do this is

not zero now the easy way to do this is to look at a line that says hey we

to look at a line that says hey we receive data which is this line here

receive data which is this line here okay now what I want to do is I want to

okay now what I want to do is I want to narrow this down just a little bit what

narrow this down just a little bit what we're going to say is we're just going

we're going to say is we're just going to do a ping of one time so I'm going to

to do a ping of one time so I'm going to clear this I'm going to bring it back to

clear this I'm going to bring it back to this like this

this like this I'm gonna do a count of one

I'm gonna do a count of one and that should just ping once and

and that should just ping once and that's perfect we don't need to Ping

that's perfect we don't need to Ping endlessly we just want to make sure we

endlessly we just want to make sure we can ping once and then we're done okay

can ping once and then we're done okay and then from here I'm gonna put this

and then from here I'm gonna put this into a text file I'm just going to call

into a text file I'm just going to call this ip.txt just like that

this ip.txt just like that so when I cat out ip.txt

so when I cat out ip.txt now you can see that I have this file

now you can see that I have this file it's stored I don't have to run the

it's stored I don't have to run the command again we're good to go so what

command again we're good to go so what we're going to do now is we can take

we're going to do now is we can take this and then we can start Gathering

this and then we can start Gathering data based off of what we see here

data based off of what we see here so what I want to do

so what I want to do is I want to just extract this one line

is I want to just extract this one line here the 64 bytes from 192

here the 64 bytes from 192 168.4.29 and the best way to do that is

168.4.29 and the best way to do that is with a command called grep so grep is

with a command called grep so grep is going to look for a specific term or

going to look for a specific term or phrase and we can do that and it's going

phrase and we can do that and it's going to pull down any line that has that term

to pull down any line that has that term or phrase so if I say grep here and then

or phrase so if I say grep here and then I just put in quotation 64 bytes like

I just put in quotation 64 bytes like this

this now when I cut out this all I'm pulling

now when I cut out this all I'm pulling down is this line and it's even

down is this line and it's even highlighting it for us it's saying

highlighting it for us it's saying here's the line that we see 64 bytes

here's the line that we see 64 bytes from 192.168 Okay so we've extracted

from 192.168 Okay so we've extracted just the one line and why am I

just the one line and why am I extracting this line well if we're

extracting this line well if we're building out a ping sweeper what I want

building out a ping sweeper what I want to do is I want to sweep every single IP

to do is I want to sweep every single IP within a specific subnet so say this dot

within a specific subnet so say this dot four right I want to Ping

four right I want to Ping 4.1.2.3 all the way through 254 255. I

4.1.2.3 all the way through 254 255. I want to see if I can get through all the

want to see if I can get through all the IP addresses in a subnet so what we're

IP addresses in a subnet so what we're going to do is we're going to Ping every

going to do is we're going to Ping every single one of them and say hey are you

single one of them and say hey are you you up are you there and we're going to

you up are you there and we're going to do it with a count of one and we're

do it with a count of one and we're going to say are you there okay and if

going to say are you there okay and if they're there they're going to say yeah

they're there they're going to say yeah I'm here 64 bytes here's my response and

I'm here 64 bytes here's my response and it's going to say 64 bytes from this IP

it's going to say 64 bytes from this IP address so we want to extract the IP

address so we want to extract the IP addresses to say yeah we're alive that's

addresses to say yeah we're alive that's basically our goal here so when we run

basically our goal here so when we run this on a bigger scale which is what

this on a bigger scale which is what we're going to do we're going to need to

we're going to do we're going to need to grep out this information and extract

grep out this information and extract this information to where we only just

this information to where we only just get the IP address back

get the IP address back okay so what we're going to do now is

okay so what we're going to do now is we're going to start narrowing down and

we're going to start narrowing down and grabbing this IP address and then I'm

grabbing this IP address and then I'm going to show you how we're going to

going to show you how we're going to take this all in one instance and run it

take this all in one instance and run it and then extract IP addresses so from

and then extract IP addresses so from here what I want to do is I want to do

here what I want to do is I want to do another command so every time we pipe

another command so every time we pipe we're saying hey run this command then

we're saying hey run this command then with that command run this command then

with that command run this command then also run this command too so we're going

also run this command too so we're going to keep running this command on top of

to keep running this command on top of this to narrow things down so here's

this to narrow things down so here's what we're doing here we're going to run

what we're doing here we're going to run a command called cut

a command called cut and with cut we're going to say I want

and with cut we're going to say I want to cut something out of this we need to

to cut something out of this we need to provide it what is called a delimiter so

provide it what is called a delimiter so we do a Dash D like this

we do a Dash D like this and the delimiter I'm going to use is a

and the delimiter I'm going to use is a space

space and then I'm going to say Dash f for

and then I'm going to say Dash f for field and then I'm going to say 4.

field and then I'm going to say 4. okay what is this doing well it's saying

okay what is this doing well it's saying Hey I want to cut this line that you're

Hey I want to cut this line that you're getting back on a space so the delimiter

getting back on a space so the delimiter is a space so here's a space Here's a

is a space so here's a space Here's a space Here's a space and it says I want

space Here's a space and it says I want to count up to 4 to grab that data so

to count up to 4 to grab that data so one two three four right here so if we

one two three four right here so if we say 4 here like this we hit enter we're

say 4 here like this we hit enter we're grabbing that specific IP address

grabbing that specific IP address because we're doing it by spaces if we

because we're doing it by spaces if we did it on three what do you think we're

did it on three what do you think we're going to grab we're going to grab the

going to grab we're going to grab the word from so you can see here's from so

word from so you can see here's from so what I want to do is grab the IP so

what I want to do is grab the IP so we're going to use this cut just like

we're going to use this cut just like this use our delimiter and then get to

this use our delimiter and then get to the correct field position that we want

the correct field position that we want to grab the IP address

to grab the IP address all right so we've got the IP address

all right so we've got the IP address now there's only one thing wrong here

now there's only one thing wrong here with this IP address is that there is a

with this IP address is that there is a little colon on the end of it we just

little colon on the end of it we just want this without a colon at all we want

want this without a colon at all we want it just like this now there's a couple

it just like this now there's a couple ways we can do this we could use

ways we can do this we could use something called said said it's a little

something called said said it's a little bit complicated and a little bit

bit complicated and a little bit Advanced I would say for where we're at

Advanced I would say for where we're at right now

right now um so I'd rather teach you an easier way

um so I'd rather teach you an easier way to do this and that is called translate

to do this and that is called translate so with translate all we're going to do

so with translate all we're going to do is we're going to do one more pipe like

is we're going to do one more pipe like this and we're just going to say TR for

this and we're just going to say TR for translate a Dash D for a delimiter again

translate a Dash D for a delimiter again and then we're going to say we want to

and then we're going to say we want to get rid of this

get rid of this and that's it we're just getting rid of

and that's it we're just getting rid of this okay so if we run this one more

this okay so if we run this one more time

time now you can see that we've successfully

now you can see that we've successfully extracted this IP address out that's our

extracted this IP address out that's our goal that's all we wanted to do

goal that's all we wanted to do now how can we apply this to something

now how can we apply this to something bigger how can we make this part of a

bigger how can we make this part of a bigger script that is the question and

bigger script that is the question and we're going to do that so what I want

we're going to do that so what I want you to do is I just want you to copy

you to do is I just want you to copy this okay copy this entire line

this okay copy this entire line and we're going to go into a mouse pad

and we're going to go into a mouse pad so let's copy the selection and I'm

so let's copy the selection and I'm going to clear my screen I'm just going

going to clear my screen I'm just going to say mouse pad

to say mouse pad and we're going to call this ipsweep.sh

okay so this is going to be a bash script

script and I'm going to make this bigger

and I'm going to make this bigger and the first thing we're going to do

and the first thing we're going to do with our bash script is we have to

with our bash script is we have to declare that it's a batch script we're

declare that it's a batch script we're going to say hash bang right here

going to say hash bang right here shebang is what we'd call this forward

shebang is what we'd call this forward slash bin forward slash bash this allows

slash bin forward slash bash this allows the machine to know when we run this

the machine to know when we run this this allows bash to know hey we're

this allows bash to know hey we're calling this here's the location to bash

calling this here's the location to bash this is what we're running with the

this is what we're running with the script you're also going to see this

script you're also going to see this when we we use python as well you'll see

when we we use python as well you'll see the the Declaration hip here at the top

the the Declaration hip here at the top or when we're calling this out so I'm

or when we're calling this out so I'm going to go ahead and control s and save

going to go ahead and control s and save this that'll add some nice color to this

this that'll add some nice color to this so when we're coding this out we get to

so when we're coding this out we get to see in color I like that a lot I'm going

see in color I like that a lot I'm going to actually make this a little bit

to actually make this a little bit smaller and then make this like this

smaller and then make this like this here so we can get the whole picture

here so we can get the whole picture okay so what I want to do is I want to

okay so what I want to do is I want to paste in what we just wrote so I'm just

paste in what we just wrote so I'm just going to control V here and paste that

going to control V here and paste that in

in so

so we don't need to do a cat of an IP

we don't need to do a cat of an IP address here

address here in this instance instead we're going to

in this instance instead we're going to change this back we're going to Ping

change this back we're going to Ping remember we want to Ping every device in

remember we want to Ping every device in the network so we want to Ping say if

the network so we want to Ping say if we're pinging 192 1684 dot X okay we

we're pinging 192 1684 dot X okay we want to Ping that and we can leave this

want to Ping that and we can leave this like this for now don't worry about

like this for now don't worry about changing anything here this is just

changing anything here this is just going to be a placeholder we're going to

going to be a placeholder we're going to do a little bit of extra

do a little bit of extra syntax here to make this work so we're

syntax here to make this work so we're going to write what is called a for Loop

going to write what is called a for Loop so we're going to say 4 and I'll explain

so we're going to say 4 and I'll explain what this does here in a second you're

what this does here in a second you're also going to see this again when we get

also going to see this again when we get into python encoding and so you'll be

into python encoding and so you'll be able to understand more and more about

able to understand more and more about loops and what for Loops are while Loops

loops and what for Loops are while Loops Etc they're very very useful and very

Etc they're very very useful and very common in coding and scripting so I'm

common in coding and scripting so I'm going to say 4 IP in and then I'm going

going to say 4 IP in and then I'm going to say sequence

to say sequence 1 through 254.

1 through 254. now

now very important this character here is

very important this character here is not an apostrophe okay this is not an

not an apostrophe okay this is not an apostrophe

apostrophe this is the little line I don't know

this is the little line I don't know what it's called it's above the attilda

what it's called it's above the attilda next to your escape button on your

next to your escape button on your keyboard so it's this right here okay

keyboard so it's this right here okay it's like a backwards apostrophe almost

it's like a backwards apostrophe almost I'm sure there's a term for it I just

I'm sure there's a term for it I just don't know it uh so you come in here and

don't know it uh so you come in here and you say okay four IP address in sequence

you say okay four IP address in sequence one through 254 and I'm going to explain

one through 254 and I'm going to explain what all this does in a second I want

what all this does in a second I want you just to type this out for now I want

you just to type this out for now I want you to say do

you to say do all right and then I want you to come

all right and then I want you to come down here

down here and we're going to say Ampersand on this

and we're going to say Ampersand on this line and we're going to say done I'm

line and we're going to say done I'm going to explain what all this means

going to explain what all this means okay so this is a loop that we've just

okay so this is a loop that we've just created

created what we're saying is for the IP address

what we're saying is for the IP address and we're just declaring this this could

and we're just declaring this this could be Bob if you wanted to we're just I'm

be Bob if you wanted to we're just I'm just making it a name or a term that's

just making it a name or a term that's easy for us to remember so we're going

easy for us to remember so we're going to say for IP but if you want to call

to say for IP but if you want to call this Bob call Bob for IP in sequence 1

this Bob call Bob for IP in sequence 1 through 254. so what sequence is doing

through 254. so what sequence is doing is it's saying Hey I want to count

is it's saying Hey I want to count everything from 1 to 254. so one two

everything from 1 to 254. so one two three four five six seven eight all the

three four five six seven eight all the way to 254. this for Loop means I'm

way to 254. this for Loop means I'm going to do this every single time so

going to do this every single time so for IP in one for ipn2 for ipn3 we're

for IP in one for ipn2 for ipn3 we're going to run this command until we're

going to run this command until we're done so until this sequence has run up

done so until this sequence has run up 255 times it's done

255 times it's done okay and now we're going to say I want

okay and now we're going to say I want to do a count of

to do a count of dollar sign IP

dollar sign IP so what we're saying here is for IP in

so what we're saying here is for IP in sequence 1 through 254 go ahead and do a

sequence 1 through 254 go ahead and do a ping Dash C for a count of one 192.1684

ping Dash C for a count of one 192.1684 254 and here we're going to say dot

254 and here we're going to say dot 1.2.3 every time this Loops over and

1.2.3 every time this Loops over and over and over it's going to be

over and over it's going to be incrementing that number through this

incrementing that number through this sequence that's all we're doing this is

sequence that's all we're doing this is a basic Loop okay so we're going to keep

a basic Loop okay so we're going to keep going through and through and through

going through and through and through now this will work if you plugged in

now this will work if you plugged in your hard-coded IP address here this

your hard-coded IP address here this will absolutely work now we can improve

will absolutely work now we can improve this just a little bit if we want to so

this just a little bit if we want to so what's going on here is what we're going

what's going on here is what we're going to say is if we wanted to run this we

to say is if we wanted to run this we would just do dot forward slash and then

would just do dot forward slash and then I P Suite okay and this would work

I P Suite okay and this would work that's fine but we can make this a

that's fine but we can make this a little bit better from a coding

little bit better from a coding perspective we can come in here and we

perspective we can come in here and we can give this a dollar sign one

can give this a dollar sign one and that means argument one so what

and that means argument one so what we're saying here is I want to give an

we're saying here is I want to give an argument instead so if you want to be

argument instead so if you want to be technical this first dot forward slash

technical this first dot forward slash ipsweep.sh that is argument zero so you

ipsweep.sh that is argument zero so you can consider this dollar sign zero

can consider this dollar sign zero argument one would be what you type

argument one would be what you type after that so this would be argument one

after that so this would be argument one argument two

argument two Etc so in this case what we can do is we

Etc so in this case what we can do is we could say I want to run

could say I want to run 192.1684 like this and this will run the

192.1684 like this and this will run the dot 1.2.3 after it so you provide the

dot 1.2.3 after it so you provide the argument it places that here in argument

argument it places that here in argument one and then it does the rest for you so

one and then it does the rest for you so this way you can specify your network

this way you can specify your network and if you wanted to Ping multiple

and if you wanted to Ping multiple networks you don't have to come back in

networks you don't have to come back in here and keep changing this it just

here and keep changing this it just works so super easy this is a great

works so super easy this is a great little script for a slash 24 type subnet

little script for a slash 24 type subnet okay

okay okay so let's go ahead and try running

okay so let's go ahead and try running this really quick I'm going to just

this really quick I'm going to just control s save this I'm going to close

control s save this I'm going to close it we're going to do a CH mod plus X on

it we're going to do a CH mod plus X on ipsweep if it'll allow us to we might

ipsweep if it'll allow us to we might have to do a

have to do a okay let's do LS La real quick make sure

okay let's do LS La real quick make sure it worked

it worked it sure did okay so here's what we're

it sure did okay so here's what we're gonna do we're going to run the ipsweep

gonna do we're going to run the ipsweep and we're going to say

and we're going to say 192.168 you just put in your IP here I'm

192.168 you just put in your IP here I'm going to run that all right

going to run that all right and you can see all the devices that are

and you can see all the devices that are coming back within my network here

coming back within my network here I'm going to go ahead and hit Ctrl C

I'm going to go ahead and hit Ctrl C cancel this out

cancel this out and so this is grabbing all the

and so this is grabbing all the different devices in my network now

different devices in my network now that's great

that's great that works out really well but what we

that works out really well but what we can do is improve this what if I typed

can do is improve this what if I typed in a what if I didn't type anything at

in a what if I didn't type anything at all what if I just hit enter here now

all what if I just hit enter here now I'm just getting all kinds of pings

I'm just getting all kinds of pings unknown and it's going off of some of

unknown and it's going off of some of the stuff I was doing before but it just

the stuff I was doing before but it just causes all kinds of issues and errors

causes all kinds of issues and errors right so you can see I'm trying to hit

right so you can see I'm trying to hit Ctrl C it's it's taking its time to

Ctrl C it's it's taking its time to Break

Break um here we get issues because we're not

um here we get issues because we're not we're just allowing any sort of argument

we're just allowing any sort of argument here what we need to do is we need to

here what we need to do is we need to fix this up just a little bit so what we

fix this up just a little bit so what we can say is we can come back in here and

can say is we can come back in here and just go mouse pad ipsweep.sh

and come in here and let's add a little bit extra oh and I also left this in

bit extra oh and I also left this in here don't leave this in here that's why

here don't leave this in here that's why that was running twice

that was running twice um okay so what we're doing here is we

um okay so what we're doing here is we need to add in a statement what we're

need to add in a statement what we're going to do is we're going to add in a

going to do is we're going to add in a if statement if statements are

if statement if statements are conditions we're saying hey if this

conditions we're saying hey if this condition is met do something for us if

condition is met do something for us if it's not met then go ahead and do

it's not met then go ahead and do something else all right so we're going

something else all right so we're going to say

to say if

if and we're gonna just put in here dollar

and we're gonna just put in here dollar sign one

sign one is equal to nothing

is equal to nothing then we're gonna go ahead and just say

then we're gonna go ahead and just say then

then Echo

Echo you forgot and IP address

Echo syntax something like this we'll just

syntax something like this we'll just say

say IP

IP sweep.sh and we'll go

sweep.sh and we'll go 192.1684 like that

192.1684 like that okay

okay and then if we did do this correctly

and then if we did do this correctly if we do have an argument inside of

if we do have an argument inside of argument one then we're going to say

argument one then we're going to say else do all of this here

else do all of this here and be done and then we're going to end

and be done and then we're going to end our if statement with f i

our if statement with f i now this script or this resemblance of

now this script or this resemblance of this script is not one of my own by the

this script is not one of my own by the way this is goes credit to something

way this is goes credit to something I've modified over time but the original

I've modified over time but the original credit definitely goes to Georgia

credit definitely goes to Georgia Weidman I remember seeing this in her

Weidman I remember seeing this in her course a long long time ago when I was

course a long long time ago when I was first getting started and she did a

first getting started and she did a great job of teaching this this is just

great job of teaching this this is just a modification of this script so I just

a modification of this script so I just want to make sure that all credit goes

want to make sure that all credit goes to her but looking at this let's break

to her but looking at this let's break this down really quick before we run

this down really quick before we run this again we've got an if statement we

this again we've got an if statement we said if

said if argument one doesn't equal anything then

argument one doesn't equal anything then you're gonna Echo back out and say hey

you're gonna Echo back out and say hey you forgot an IP address here's the

you forgot an IP address here's the syntax

syntax if it does include something then we're

if it does include something then we're gonna go ahead and come in here and say

gonna go ahead and come in here and say let's run our for statement our for Loop

let's run our for statement our for Loop and run through it and then we're going

and run through it and then we're going to end our if here

to end our if here the only thing that I'm doing uniquely

the only thing that I'm doing uniquely here is I'm including this Ampersand

here is I'm including this Ampersand which is going to run this command

which is going to run this command um multiple times at once this is a good

um multiple times at once this is a good way to explain it basically we have a

way to explain it basically we have a couple ways of doing this we could say

couple ways of doing this we could say like this so we could put a command here

like this so we could put a command here and this will run one at a time it'll

and this will run one at a time it'll say okay four one four two four three

say okay four one four two four three this allows multiple instances of this

this allows multiple instances of this Loop to run at once and just speeds

Loop to run at once and just speeds things up I can show you the difference

things up I can show you the difference between that so I'm going to go ahead

between that so I'm going to go ahead and just Ctrl s save this

and just Ctrl s save this I'm going to go ahead and just run this

I'm going to go ahead and just run this script real quick now let's try running

script real quick now let's try running it with without anything here

it with without anything here okay now look it says you forgot an IP

okay now look it says you forgot an IP address so look we did that correctly

address so look we did that correctly now let's go ahead and add the 192.168.4

now let's go ahead and add the 192.168.4 run it and you can see okay it's

run it and you can see okay it's sweeping but it's taking its sweet time

sweeping but it's taking its sweet time especially for the IP addresses that are

especially for the IP addresses that are going to hang like

going to hang like um like if I don't have a DOT two or dot

um like if I don't have a DOT two or dot three it's going to take a while so I'm

three it's going to take a while so I'm going to control C and get out of this

going to control C and get out of this if it'll let me and it looks like it's

if it'll let me and it looks like it's actually going to hang so what we can do

actually going to hang so what we can do is we can come back in I'm going to open

is we can come back in I'm going to open a new tab real quick just while that's

a new tab real quick just while that's waiting and I'm just going to say mouse

waiting and I'm just going to say mouse pad and we're just going to go back into

pad and we're just going to go back into ipsweep dot sh fits in this folder there

ipsweep dot sh fits in this folder there we go okay

we go okay so from here I'm going to change this

so from here I'm going to change this back to the Ampersand and I'm going to

back to the Ampersand and I'm going to save it I just want you to see the

save it I just want you to see the difference really quick and why I run it

difference really quick and why I run it like this so ipsweep

.sh192168.4 you can see it's picking everything up really fast all right what

everything up really fast all right what I can do now is I can run this and then

I can do now is I can run this and then store this into like ips.txt something

store this into like ips.txt something like that just like found IP addresses

like that just like found IP addresses okay so now if I cat IPS dot txt I have

okay so now if I cat IPS dot txt I have all the IP addresses I just found and I

all the IP addresses I just found and I found them that fast

found them that fast versus this which may still be going and

versus this which may still be going and it is and I can't even kill I'm just

it is and I can't even kill I'm just going to close this out okay so this is

going to close this out okay so this is the big difference there with that

the big difference there with that Ampersand and the speed what it is

Ampersand and the speed what it is capable of doing so

capable of doing so with all that being said we could take

with all that being said we could take this and do one more thing so I want to

this and do one more thing so I want to show you how we can utilize a one-liner

show you how we can utilize a one-liner these are called one line statements in

these are called one line statements in um in bash and we can do similar to what

um in bash and we can do similar to what we just did and accomplish that in this

we just did and accomplish that in this command line so now we have an IP

command line so now we have an IP address we have a list of IP addresses

address we have a list of IP addresses let's say that we want to run nmap now

let's say that we want to run nmap now we haven't gotten to nmap yet you don't

we haven't gotten to nmap yet you don't need to really know about it just know

need to really know about it just know that it is a tool that allows us to go

that it is a tool that allows us to go out and do Port scanning okay so

out and do Port scanning okay so typically we would just say something

typically we would just say something like nmap and we might do something like

like nmap and we might do something like uh Dash T4 Dash a dash p dash like this

uh Dash T4 Dash a dash p dash like this this is just saying I want to run a map

this is just saying I want to run a map scan I want to look at everything and I

scan I want to look at everything and I want to scan all ports this is just an

want to scan all ports this is just an example you can just run mmap IP address

example you can just run mmap IP address like this and that would be fine too

like this and that would be fine too like we could just go 192.168 4.29 and

like we could just go 192.168 4.29 and we'll do a quick M map scan okay but

we'll do a quick M map scan okay but what we can't do here is we can't just

what we can't do here is we can't just say hey I want to run uh well we could

say hey I want to run uh well we could we could say I want to run nmap for

we could say I want to run nmap for everything in dot zero 24.

everything in dot zero 24. the issue is it's going to take time

the issue is it's going to take time looking and finding what IP addresses

looking and finding what IP addresses are valid here if we have a list we can

are valid here if we have a list we can automate this process quite a bit we can

automate this process quite a bit we can just come in here and we can say

just come in here and we can say something a little bit different we can

something a little bit different we can say hey for IP we're using the same kind

say hey for IP we're using the same kind of syntax in dollar sign and we're going

of syntax in dollar sign and we're going to put parentheses here we're going to

to put parentheses here we're going to say cat

say cat and then we're going to say ips.txt

and then we're going to say ips.txt and then we're just going to do this

and then we're just going to do this we're going to say do and map

we're going to say do and map dollar sign IP and then again we have

dollar sign IP and then again we have the option of doing done or we can do

the option of doing done or we can do Ampersand done just like this okay I'm

Ampersand done just like this okay I'm just going to do done here as an example

just going to do done here as an example and just show you so this is really easy

and just show you so this is really easy we're saying hey for every IP address in

we're saying hey for every IP address in this list and all we're doing is we're

this list and all we're doing is we're cutting out this IP list that we just

cutting out this IP list that we just had so it's going to take the first IP

had so it's going to take the first IP then run the M Maps again it's going to

then run the M Maps again it's going to come back run the next one so until this

come back run the next one so until this list is completely done it's going to

list is completely done it's going to keep going through this Loop that's all

keep going through this Loop that's all it is a simple Loop then we're going to

it is a simple Loop then we're going to say done it's going to take that IP

say done it's going to take that IP address it's going to start scanning it

address it's going to start scanning it it's going to go through and hopefully

it's going to go through and hopefully find information and go in a loop so

find information and go in a loop so this is a quick way to automate some of

this is a quick way to automate some of this process I actually do this with a

this process I actually do this with a lot of my scripts where I will do some

lot of my scripts where I will do some probing see if anything is out there

probing see if anything is out there that's alive put it into an IP file and

that's alive put it into an IP file and you're going to see this later in the

you're going to see this later in the course and then nmap scan that

course and then nmap scan that so think about this hopefully this gets

so think about this hopefully this gets your wheels spinning on what you can do

your wheels spinning on what you can do to really start scripting some of this

to really start scripting some of this stuff out and this is going to be the

stuff out and this is going to be the first time you get your hands dirty with

first time you get your hands dirty with scripting we're going to go on again

scripting we're going to go on again with this and we're going to get more

with this and we're going to get more advanced as we go but this should be a

advanced as we go but this should be a good introductory lesson to you on how

good introductory lesson to you on how we can build a simple tool and automate

we can build a simple tool and automate a lot of this process fairly easily with

a lot of this process fairly easily with just a little bit of command line syntax

just a little bit of command line syntax so we're going to go ahead and move on

so we're going to go ahead and move on to the next section and I will see you

to the next section and I will see you over there

welcome to this module on python so if you've never used python before or even

you've never used python before or even heard of python before python is a

heard of python before python is a coding and scripting language it is

coding and scripting language it is commonly used in ethical hacking and

commonly used in ethical hacking and it's commonly used all around the world

it's commonly used all around the world it is actually considered one of the

it is actually considered one of the best beginner languages to start with if

best beginner languages to start with if you've never learned coding before so

you've never learned coding before so that's exactly what we're going to do

that's exactly what we're going to do we're going to cover some of the basics

we're going to cover some of the basics of python so we'll cover everything you

of python so we'll cover everything you see on this screen here strings math

see on this screen here strings math functions we're going to get into

functions we're going to get into conditional statements and looping we'll

conditional statements and looping we'll get into some more advanced items and

get into some more advanced items and eventually we're going to build our own

eventually we're going to build our own tools so we're going to be building a

tools so we're going to be building a port scanner at the end of the lesson

port scanner at the end of the lesson and then when we get into the exploit

and then when we get into the exploit development section of this course we're

development section of this course we're going to use Python again to write our

going to use Python again to write our own exploits so it's going to be used

own exploits so it's going to be used throughout the course you're going to

throughout the course you're going to see it again as a ethical hacker as well

see it again as a ethical hacker as well well you're going to go on to websites

well you're going to go on to websites and you might need to download python

and you might need to download python code or something to utilize against a

code or something to utilize against a host or a client and it's just going to

host or a client and it's just going to be frequently seen for you so very

be frequently seen for you so very important topic to cover especially for

important topic to cover especially for the foundations one very big thing to

the foundations one very big thing to point out you do not have to be a

point out you do not have to be a developer to be successful in

developer to be successful in penetration testing the important thing

penetration testing the important thing is that you understand what you're

is that you understand what you're seeing and understand how to read code

seeing and understand how to read code if when you come away from this module

if when you come away from this module you have a better understanding on how

you have a better understanding on how to read what you are seeing in code

to read what you are seeing in code you'll be much better off by no means do

you'll be much better off by no means do you have to be a developer I am still to

you have to be a developer I am still to this day nowhere near a developer level

this day nowhere near a developer level and I'm very very successful in what I

and I'm very very successful in what I do you don't have to be a developer so

do you don't have to be a developer so the big takeaway here is to take very

the big takeaway here is to take very good notes understand what you're seeing

good notes understand what you're seeing if you need to watch a video multiple

if you need to watch a video multiple times in this section absolutely okay

times in this section absolutely okay just make sure you understand everything

just make sure you understand everything in front of you and understand that the

in front of you and understand that the lessons are going to build upon each

lessons are going to build upon each other and it should all come together in

other and it should all come together in the end and you're going to get to see

the end and you're going to get to see it over and over through the course

it over and over through the course especially in the exploit development

especially in the exploit development section where we write our own python

section where we write our own python script so I look forward to teaching you

script so I look forward to teaching you this module on Python and look forward

this module on Python and look forward to seeing you in the next video

okay on to our first lesson the first thing that we're going to cover is going

thing that we're going to cover is going to be strings

to be strings and in order to do that I'm going to go

and in order to do that I'm going to go ahead and make a directory on my Linux

ahead and make a directory on my Linux machine you can make a folder in your

machine you can make a folder in your Mac or your Windows machine if you're

Mac or your Windows machine if you're using those operating systems I'm just

using those operating systems I'm just going to go in here and just say make

going to go in here and just say make dirt Python and then I'm going to go

dirt Python and then I'm going to go ahead and go into that directory

ahead and go into that directory so from here I'm going to go ahead and

so from here I'm going to go ahead and make my first script so I'm going to

make my first script so I'm going to clear my screen with Ctrl l

clear my screen with Ctrl l and I'm going to say mouse pad

and I'm going to say mouse pad and I'm just going to call this script

and I'm just going to call this script first dot pi and I'm going to give it

first dot pi and I'm going to give it the Ampersand here at the end that's

the Ampersand here at the end that's just going to allow me to open up this

just going to allow me to open up this process of mouse pad and also have the

process of mouse pad and also have the terminal available to me when I need it

terminal available to me when I need it so you'll see why I do that here in a

so you'll see why I do that here in a little bit now if you're not on Linux

little bit now if you're not on Linux that's okay you can use something like

that's okay you can use something like notepad plus plus or code runner for Mac

notepad plus plus or code runner for Mac which we showed earlier in this course

which we showed earlier in this course so from here what I'm going to do is I'm

so from here what I'm going to do is I'm going to go ahead and enter in a shebang

going to go ahead and enter in a shebang which is a hash an exclamation forward

which is a hash an exclamation forward slash bin or slash python3

slash bin or slash python3 and this is important for Linux here

and this is important for Linux here because we are calling out the directory

because we are calling out the directory if you are familiar with Linux What's

if you are familiar with Linux What's Happening Here is we have two options we

Happening Here is we have two options we can come in here and we can say

can come in here and we can say python3 and we can say first.pi and

python3 and we can say first.pi and that'll execute our script or in theory

that'll execute our script or in theory we can come in here we can just do a DOT

we can come in here we can just do a DOT forward slash first dot pi and run it

forward slash first dot pi and run it that way if we run it like this our

that way if we run it like this our script will not know where to go unless

script will not know where to go unless we declare that so up here we're giving

we declare that so up here we're giving the shebang forward slash bin forward

the shebang forward slash bin forward slash python3 that is where python3 is

slash python3 that is where python3 is located in this machine so it will come

located in this machine so it will come up here and it will look for this first

up here and it will look for this first and say okay I'm going to execute this

and say okay I'm going to execute this based on python 3. so that is a little

based on python 3. so that is a little bit of a Linux Nuance here and something

bit of a Linux Nuance here and something you should know in case you are ever

you should know in case you are ever coding in Linux or an environment that

coding in Linux or an environment that is similar like Unix which Macs do run

is similar like Unix which Macs do run off of so from here if you've ever taken

off of so from here if you've ever taken a coding class the first thing you do in

a coding class the first thing you do in every single coding class is what is

every single coding class is what is known as hello world so we're going to

known as hello world so we're going to print out hello world and print it to

print out hello world and print it to our terminal so in order to do that

our terminal so in order to do that we're going to go ahead and do some

we're going to go ahead and do some thing like this we're going to say print

thing like this we're going to say print and then we'll do a parenthesis and

and then we'll do a parenthesis and we'll say hello

I'm gonna go ahead and save this and if we run this and I'm going to run

and if we run this and I'm going to run this with python3 if we run this python3

this with python3 if we run this python3 first.pi

first.pi you'll see that it says hello world

you'll see that it says hello world now one thing that we can do in here

now one thing that we can do in here is good practice for being a developer

is good practice for being a developer is add some notes in so we're going to

is add some notes in so we're going to add a comment in here we're going to do

add a comment in here we're going to do a

a #or a pound symbol and we're just going

#or a pound symbol and we're just going to say print string

to say print string now when we run this again this isn't

now when we run this again this isn't going to print out comments are just for

going to print out comments are just for us inside of the script and I can prove

us inside of the script and I can prove that to you by Saving this and running

that to you by Saving this and running it again you'll see all we have in here

it again you'll see all we have in here is Hello World perfect

is Hello World perfect so comments

so comments with a hash are just meant for whoever

with a hash are just meant for whoever is reading your script or your code and

is reading your script or your code and that could be you or

that could be you or bad scenario but what if you get hit by

bad scenario but what if you get hit by a bus tomorrow you're the main developer

a bus tomorrow you're the main developer and nobody knows how to read your code

and nobody knows how to read your code because you didn't leave any comments

because you didn't leave any comments that'd be very bad so good coding

that'd be very bad so good coding practice suggests to leave good comments

practice suggests to leave good comments and make sure that people can come in

and make sure that people can come in and read your code and understand what

and read your code and understand what is going on in here so we're going to

is going on in here so we're going to add comments along the way so that way

add comments along the way so that way we understand what we're doing and

we understand what we're doing and practice good habits as well so what

practice good habits as well so what you're seeing here is what's called a

you're seeing here is what's called a string you're seeing a string in

string you're seeing a string in quotations and you can see a string

quotations and you can see a string printed out

printed out with single quotes as well so we can

with single quotes as well so we can just do hello world

just do hello world I'll add the exclamation for consistency

I'll add the exclamation for consistency and if we save this and print this

and if we save this and print this you'll see that it also prints

you'll see that it also prints hello world

hello world so it really doesn't matter if you have

so it really doesn't matter if you have single quotes or double quotes until we

single quotes or double quotes until we get into more advanced strings and we'll

get into more advanced strings and we'll talk about those a little bit later on

talk about those a little bit later on in the course but for now just know that

in the course but for now just know that you can use single quotes or double

you can use single quotes or double quotes when printing out a string

quotes when printing out a string another thing that we can do with

another thing that we can do with strings is print on multiple lines so if

strings is print on multiple lines so if we say print

we say print and we do triple quotes like this we say

and we do triple quotes like this we say this string runs and then we hit enter

this string runs and then we hit enter multiple lines with an exclamation and

multiple lines with an exclamation and and add in three more double quotes

and add in three more double quotes there and close this off

there and close this off we can add a note here as well that says

we can add a note here as well that says triple quote for multi-line

triple quote for multi-line and if we save this with Ctrl s and we

and if we save this with Ctrl s and we run this again

run this again you're going to see this string runs

you're going to see this string runs multiple lines awesome another thing

multiple lines awesome another thing that we can do is concatenate strings so

that we can do is concatenate strings so we can print out something like

we can print out something like this string

this string is and now we're going to add a space at

is and now we're going to add a space at the end of it make sure you have a space

the end of it make sure you have a space right here

right here we're going to do a plus sign and then

we're going to do a plus sign and then we're going to say awesome

we're going to say awesome just like that and we can say we can

just like that and we can say we can also concat innate

also concat innate it's always hard for me to spell that so

it's always hard for me to spell that so what's going to happen here is it's

what's going to happen here is it's going to take this string

going to take this string plus this string when it prints out so

plus this string when it prints out so the reason we have a space is it's got

the reason we have a space is it's got to have the space because there's no

to have the space because there's no space here and this will just add a

space here and this will just add a space for us even though in our heads we

space for us even though in our heads we might want it to so we're going to go

might want it to so we're going to go ahead and save this print it out one

ahead and save this print it out one more time

more time and you can see that it concatenated and

and you can see that it concatenated and said this string is awesome

said this string is awesome now one last thing

now one last thing we can also print out a new line so we

we can also print out a new line so we can just do something like this

can just do something like this and we can use a single quote this time

and we can use a single quote this time just to do a proof of concept do a

just to do a proof of concept do a backslash n like this

backslash n like this and this will print out a new line

and this will print out a new line and we'll get familiar with that later

and we'll get familiar with that later on as we get into functions we'll write

on as we get into functions we'll write our own function to make a new line but

our own function to make a new line but for now if we wanted to add another line

for now if we wanted to add another line we could and then we can just print

we could and then we can just print test that new line out

and let's see if it actually gave us a line printed in between this

line printed in between this concatenation and this new print

concatenation and this new print statement here let's go ahead and save

statement here let's go ahead and save that

that print it and you can see there is a line

print it and you can see there is a line here so the backslash n will print out a

here so the backslash n will print out a new line for us

new line for us and that is all we need to know for

and that is all we need to know for basic string so we're going to go ahead

basic string so we're going to go ahead and move on to math you can go ahead and

and move on to math you can go ahead and leave this open we're going to run

leave this open we're going to run through this as we go and then you'll

through this as we go and then you'll have a long script which will also make

have a long script which will also make for very good notes let's go ahead and

for very good notes let's go ahead and move on to math

move on to math so math

so math python actually has a built-in math

python actually has a built-in math interpreter

interpreter so we can do a bunch of fun stuff with

so we can do a bunch of fun stuff with python and with math that's

python and with math that's automatically built in so I'm going to

automatically built in so I'm going to go ahead and just call this section math

go ahead and just call this section math and if you want to like keep track of

and if you want to like keep track of sections you can come up here and just

sections you can come up here and just call this strings

call this strings and just capitalize it like that and

and just capitalize it like that and then that way we kind of have an idea of

then that way we kind of have an idea of where we're at you can even add an extra

where we're at you can even add an extra line here if we want to so from here

line here if we want to so from here let's go ahead and play around with math

let's go ahead and play around with math just a little bit so if I wanted to do a

just a little bit so if I wanted to do a print of 50 plus 50

print of 50 plus 50 we can definitely add

we can definitely add we can also subtract so if you want to

we can also subtract so if you want to do 50 minus 50 you could do that

do 50 minus 50 you could do that and I'll give you some time to catch up

and I'll give you some time to catch up here in just a second

here in just a second I'm just going to do a few print

I'm just going to do a few print statements then we'll take a look at

statements then we'll take a look at them and then we'll move on to some more

them and then we'll move on to some more math as well we can also do 50 times 50.

math as well we can also do 50 times 50. and we'll just use the little star or

and we'll just use the little star or the asterisks we'll just say multiply

the asterisks we'll just say multiply and we'll also do 50 divided by 50.

and we'll also do 50 divided by 50. we'll just say divide

so if we save that you could take a second to catch up you could see we are

second to catch up you could see we are just doing Simple Math here we should

just doing Simple Math here we should expect 100 we should expect zero we

expect 100 we should expect zero we should expect one here and 2500 if my

should expect one here and 2500 if my math is mental math is correct so I'm

math is mental math is correct so I'm going to go ahead and print this out

okay we've got 100 0 2500 and 1.0 so this 1.0 is a little bit different this

this 1.0 is a little bit different this is what's known as a float everything

is what's known as a float everything else that is come out so far is just an

else that is come out so far is just an integer and we'll talk a little bit

integer and we'll talk a little bit about that here in just a few minutes

about that here in just a few minutes but know that integers are on the left

but know that integers are on the left hand side and if we don't have a decimal

hand side and if we don't have a decimal point here we're looking at integers and

point here we're looking at integers and on the right hand side when we see

on the right hand side when we see anything on the right hand side of the

anything on the right hand side of the decimal we're looking at what is called

decimal we're looking at what is called a float and that becomes very important

a float and that becomes very important depending on when we need it

depending on when we need it for now we're going to keep worrying

for now we're going to keep worrying about math we'll get into integers and

about math we'll get into integers and floats in just a little bit

floats in just a little bit so another thing that math built into

so another thing that math built into python can do

python can do is it can do PEMDAS if you've never

is it can do PEMDAS if you've never heard of PEMDAS please excuse my dear

heard of PEMDAS please excuse my dear Aunt Sally so parentheses exponents

Aunt Sally so parentheses exponents multiply divide add subtract

multiply divide add subtract you may have had it something different

you may have had it something different within your educational experience but

within your educational experience but it will do that for you so if you do 50

it will do that for you so if you do 50 plus 50 minus 50

plus 50 minus 50 times 50 divided by 50.

times 50 divided by 50. it will give you the answer

it will give you the answer I don't know that Mental Math off hand

I don't know that Mental Math off hand another thing that we can do are

another thing that we can do are exponents so we can print say 50 to the

exponents so we can print say 50 to the second power which is same thing as 50

second power which is same thing as 50 times 50 which would be 2500 as well and

times 50 which would be 2500 as well and we can get exponents out of this

we can get exponents out of this and we'll actually go ahead and save

and we'll actually go ahead and save this and run this here because the next

this and run this here because the next step I want to be able to lay out

step I want to be able to lay out clearly

clearly you can see that we have successfully

you can see that we have successfully done the math here and did it for us

done the math here and did it for us awesome and it also did the exponent for

awesome and it also did the exponent for us as well

us as well so now a couple weird things with the

so now a couple weird things with the vision so you saw the 1.0 before

vision so you saw the 1.0 before well we have a few things that we can do

well we have a few things that we can do for example the 50 divided by 6 but

for example the 50 divided by 6 but using a percentage sign is what's called

using a percentage sign is what's called a medullo

a medullo and that it just takes what is left over

and that it just takes what is left over so 50 divided by 6 is not divisible

so 50 divided by 6 is not divisible there is a leftover so if we print that

there is a leftover so if we print that you'll see we get a leftover of two

you'll see we get a leftover of two which makes sense because 6 goes into 58

which makes sense because 6 goes into 58 times 6 times 8 is 48 and then we have 2

times 6 times 8 is 48 and then we have 2 left over so if we want to know what the

left over so if we want to know what the remainder is we can use a percentage

remainder is we can use a percentage sign here

sign here we can also do something like 50 divided

we can also do something like 50 divided by 6 like we saw earlier and this will

by 6 like we saw earlier and this will have division with remainder

have division with remainder so we can say or or float

so we can say or or float we'll save that and take a look at that

we'll save that and take a look at that really quick

you can see we get 8.3 and then it rounds up eventually to a four

and lastly what if we wanted no remainder so if we just did 50 divided

remainder so if we just did 50 divided by 6

by 6 we say no remainder

we say no remainder we could do this and we should get

we could do this and we should get eight here

eight here so depending on the situation and what

so depending on the situation and what we want we might want a situation where

we want we might want a situation where we only want the integer

we only want the integer or we only might want what's left over

or we only might want what's left over or perhaps we actually want the whole

or perhaps we actually want the whole number of what's being divided so there

number of what's being divided so there are a few different ways to divide with

are a few different ways to divide with math in Python and it's good to know all

math in Python and it's good to know all of them depending on the situation that

of them depending on the situation that you run into so for now just take notes

you run into so for now just take notes on this and know that there are a few

on this and know that there are a few ways to do math and division and you can

ways to do math and division and you can do PEMDAS and exponents and all kinds of

do PEMDAS and exponents and all kinds of fun stuff and this is just scratching

fun stuff and this is just scratching the surface of math with python

the surface of math with python so that's it for this lesson we're going

so that's it for this lesson we're going to go ahead and move on to the next one

to go ahead and move on to the next one which is going to start covering

which is going to start covering variables and methods

so I'm going to come in here and I'm just going to

call this section variables and methods and if we want to make our script a

and if we want to make our script a little bit clean we can just come in

little bit clean we can just come in here and copy this new line

here and copy this new line it'll be a lot easier once we write a

it'll be a lot easier once we write a function for this but we haven't gotten

function for this but we haven't gotten there quite yet so we're going to print

there quite yet so we're going to print out this new line and that way when we

out this new line and that way when we print this out

print this out you can see that we have kind of gaps in

you can see that we have kind of gaps in between the sections that we're working

between the sections that we're working on

on so now we're going to work on variables

so now we're going to work on variables and methods

and methods so variables

so variables variable means something can vary it can

variable means something can vary it can change and we're going to look at that

change and we're going to look at that here in a second so if we have something

here in a second so if we have something like quote and we make quote equal to

like quote and we make quote equal to All is fair in Love and War

All is fair in Love and War and this is what this is a string we are

and this is what this is a string we are storing the string inside of this

storing the string inside of this variable

variable called quote

called quote and we can just come in here now we can

and we can just come in here now we can print out whoa

print out whoa and if we do that we should get this

and if we do that we should get this returned back to us

returned back to us you can see all is fair and Love and War

you can see all is fair and Love and War if we didn't print this just go ahead

if we didn't print this just go ahead actually we'll just comment this out

actually we'll just comment this out this is a great way to test the script

this is a great way to test the script if we just save this now with a comment

if we just save this now with a comment and we hit enter there's nothing here we

and we hit enter there's nothing here we haven't given it any instructions to

haven't given it any instructions to actually print out so now we can print

actually print out so now we can print this out and it's printing whatever is

this out and it's printing whatever is stored inside of that variable in this

stored inside of that variable in this instance we have a string stored in

instance we have a string stored in there

there now when we talk about methods

now when we talk about methods methods are just functions that are

methods are just functions that are available for a given object now you

available for a given object now you could think of functions as something

could think of functions as something built in to python that allows us to do

built in to python that allows us to do something and it'll make sense here when

something and it'll make sense here when we get into using methods so we have

we get into using methods so we have this quote All is fair in Love and War

this quote All is fair in Love and War well what if we wanted to print this in

well what if we wanted to print this in a few different ways well we can use

a few different ways well we can use methods to do that for example we can

methods to do that for example we can print quote in uppercase and just do

print quote in uppercase and just do upper like that

upper like that and this is going to make it all

and this is going to make it all uppercase because we're giving it this

uppercase because we're giving it this period upper and then open close

period upper and then open close parentheses right here and that is

parentheses right here and that is allowing us to use that method so we can

allowing us to use that method so we can say uppercase

say uppercase and we can also print in lowercase if we

and we can also print in lowercase if we do lower

and just for one more we can also do print

print and we'll say quote dot title

and we'll say quote dot title and this is what's known as title cakes

and this is what's known as title cakes and title case will capitalize every

and title case will capitalize every single letter like it is the title uh in

single letter like it is the title uh in this instance here we're going to get

this instance here we're going to get like the a capitalize which wouldn't

like the a capitalize which wouldn't really be true in a title but still just

really be true in a title but still just know that title case is meant to

know that title case is meant to capitalize every first letter within

capitalize every first letter within your string or your sentence in this

your string or your sentence in this case we're going to call this lowercase

case we're going to call this lowercase here

here okay so let's go ahead and save this and

okay so let's go ahead and save this and we're going to print this out

and you can see the differences that we have we have it here

have we have it here in its normal quote and then we have it

in its normal quote and then we have it in uppercase all lowercase and then

in uppercase all lowercase and then every single first letter capitalized

every single first letter capitalized perfect these are methods these are just

perfect these are methods these are just a small example methods we're going to

a small example methods we're going to get into more a little bit later

get into more a little bit later here's another example what if we wanted

here's another example what if we wanted to print the length of quote

to print the length of quote let's say we wanted to know how many

let's say we wanted to know how many characters were within this sentence so

characters were within this sentence so this is going to count the characters

this is going to count the characters and this will also count spaces so we're

and this will also count spaces so we're trying to get a total count of what's

trying to get a total count of what's going on inside this string we print

going on inside this string we print that you'll see that we get 28 return so

that you'll see that we get 28 return so if you want to check that you can go

if you want to check that you can go count every single character within here

count every single character within here and you'll get the length of that and

and you'll get the length of that and that could become important as you're

that could become important as you're doing python later on and this is just

doing python later on and this is just yet another example of a method now

yet another example of a method now let's go back to looking at variables

let's go back to looking at variables and why they're called variables

and why they're called variables so let's say that we have a variable of

so let's say that we have a variable of a name and in this instance I'm going to

a name and in this instance I'm going to use my name and I'm going to make it a

use my name and I'm going to make it a string

string and I'm going to use my age

and I'm going to use my age I am 33 and

I am 33 and here we're going to say string just so

here we're going to say string just so we can make sure we notate the

we can make sure we notate the differences this is an INT or an integer

differences this is an INT or an integer and we're also going to give a GPA let's

and we're also going to give a GPA let's say I went to school I'm going to use

say I went to school I'm going to use the American grading system let's say I

the American grading system let's say I had a 3.7 GPA

had a 3.7 GPA and this is what's known as a float

and this is what's known as a float and that has a decimal so make sure you

and that has a decimal so make sure you notate that

notate that so if we print these out if we print out

so if we print these out if we print out the integer of age

the integer of age that'll still print

that'll still print 33.

33. what if we print out the integer of

what if we print out the integer of 30.1 save that

30.1 save that take a look

take a look and you'll see that we just get

and you'll see that we just get 30.

30. all right

all right and you can see that this rounded down

and you can see that this rounded down again integer just the first number just

again integer just the first number just what's on the left side of the decimal

what's on the left side of the decimal point

point doesn't care about the right side what

doesn't care about the right side what if we printed integer

if we printed integer of 30.9

will it round will it round

will it round no

no so if we save that

so if we save that and we print again you'll see it's still

and we print again you'll see it's still 30. it doesn't care what's on the right

30. it doesn't care what's on the right side of the number it's only going to

side of the number it's only going to take what the integer is so anytime you

take what the integer is so anytime you print an integer you're only going to

print an integer you're only going to get the first or what's on the left hand

get the first or what's on the left hand side of the decimal point so make sure

side of the decimal point so make sure you know that

you know that now a few cool things that we can do

now a few cool things that we can do let's say that we wanted to print

let's say that we wanted to print something like this if we print

something like this if we print my name is with a space

my name is with a space and then we'll do plus name

and then we'll do plus name and we'll say

and we'll say space again and I

space again and I m space

m space age

age Plus

Plus space years old make sure you have your

space years old make sure you have your spacing in there properly that way you

spacing in there properly that way you can account for the spaces before and

can account for the spaces before and after these variables but what are we

after these variables but what are we doing here we are concatenating

doing here we are concatenating variables now if I try to run this I'm

variables now if I try to run this I'm actually going to get an error if I run

actually going to get an error if I run it

it we're getting a type error and this is a

we're getting a type error and this is a great example by the way of

great example by the way of understanding what python is telling you

understanding what python is telling you I get emails all the time from students

I get emails all the time from students saying I don't understand why my script

saying I don't understand why my script isn't working and the first thing I'll

isn't working and the first thing I'll ask them is I will say did you read the

ask them is I will say did you read the output of the error because it tells you

output of the error because it tells you it says Hey on line 44 by control tab

it says Hey on line 44 by control tab look this is line 44 it tells you where

look this is line 44 it tells you where your mistake is and then it also says it

your mistake is and then it also says it only concatenate string not int to

only concatenate string not int to string so if you didn't know what this

string so if you didn't know what this meant and maybe you don't you can copy

meant and maybe you don't you can copy this go to Google and search it and I

this go to Google and search it and I promise you somebody will have had this

promise you somebody will have had this error before

error before as much as if we wish to be special uh

as much as if we wish to be special uh there's not in many situations that will

there's not in many situations that will come up where there hasn't been this

come up where there hasn't been this error or an issue that we run into that

error or an issue that we run into that somebody hasn't already had before so

somebody hasn't already had before so with that in mind

with that in mind we can fix this so it's saying that it

we can fix this so it's saying that it can only concatenate strings not

can only concatenate strings not integers well name is a string but age

integers well name is a string but age is an integer so we need to make in this

is an integer so we need to make in this situation age or string so what we're

situation age or string so what we're going to do is just say Str like this

going to do is just say Str like this and give it like that

and give it like that and now if we print this save it print

and now if we print this save it print it

it you can see my name is Heath and I am 33

you can see my name is Heath and I am 33 years old perfect

years old perfect now what happens if I am a year older

now what happens if I am a year older well I could take age and do something

well I could take age and do something like plus equals one

like plus equals one something like that

something like that and if I print age now hopefully

and if I print age now hopefully we are seeing 34. you could see 34. now

we are seeing 34. you could see 34. now this is what comes into play this is a

this is what comes into play this is a variable variables can change

variable variables can change at this point in the script we Define

at this point in the script we Define that we are 33 and as we run through it

that we are 33 and as we run through it I am still 33 when I print this

I am still 33 when I print this statement out however I've had a

statement out however I've had a birthday now age has increased by one

birthday now age has increased by one printing age out now will say that I'm

printing age out now will say that I'm 34.

34. so variables can change variables can

so variables can change variables can store different numbers at different

store different numbers at different times that's why they are called

times that's why they are called variables because they vary now

variables because they vary now we could also do something like birthday

we could also do something like birthday and set birthday equal to one and I

and set birthday equal to one and I could say age plus equals birthday

could say age plus equals birthday and then print days and guess what now

and then print days and guess what now it's going to return

it's going to return 35.

35. so just know that you can store a number

so just know that you can store a number within a variable we've shown that

within a variable we've shown that before already we can add two integers

before already we can add two integers together and we can print them out so

together and we can print them out so we're adding those together and it's

we're adding those together and it's taking that total and adding that to age

taking that total and adding that to age and now

and now it's saying we're 35 years old

it's saying we're 35 years old so that is it for this lesson we're

so that is it for this lesson we're going to go ahead and move on to

going to go ahead and move on to functions and fix this new line issue

functions and fix this new line issue that we've had plus write some pretty

that we've had plus write some pretty cool stuff out and build some other cool

cool stuff out and build some other cool functions out as well so I'll go ahead

functions out as well so I'll go ahead and see you over in the next lesson

and see you over in the next lesson all right moving on to functions so

all right moving on to functions so let's go ahead and print out a new line

let's go ahead and print out a new line really quick

and we're going to call this functions now I like to think of functions as many

now I like to think of functions as many programs what they are is an organized

programs what they are is an organized block of code that you define and then

block of code that you define and then you can call it later instead of

you can call it later instead of repeatedly typing the code out

repeatedly typing the code out so we're going to take a look at some

so we're going to take a look at some examples of that

examples of that so let's go ahead and write a function

so let's go ahead and write a function so let's do a Define Def and that's how

so let's do a Define Def and that's how we start a function and in this one I'm

we start a function and in this one I'm going to say who am I

going to say who am I and I'm going to do closed parentheses

and I'm going to do closed parentheses and here we're going to say

and here we're going to say this is a function without parameters

this is a function without parameters and we'll talk about that here in just a

and we'll talk about that here in just a little bit

little bit now indentation is incredibly important

now indentation is incredibly important in Python if we do not indent we will

in Python if we do not indent we will throw an error here and you're going to

throw an error here and you're going to see a lot of situations where

see a lot of situations where indentation becomes incredibly important

indentation becomes incredibly important it's one of the most important things in

it's one of the most important things in python python does not have a lot of

python python does not have a lot of rules that apply to it but indentation

rules that apply to it but indentation is one of them that you must follow so

is one of them that you must follow so we're going to go ahead and hit the tab

we're going to go ahead and hit the tab to indent and I'm going to say my name

to indent and I'm going to say my name is Heath

and this is what is known as a local variable we'll talk about that here in a

variable we'll talk about that here in a second as well

second as well age is equal to 30.

age is equal to 30. and we're going to go ahead and print

and we're going to go ahead and print same thing we did before we can actually

same thing we did before we can actually just kind of copy this up here we'll say

just kind of copy this up here we'll say my name is

my name is just like this okay copy all that paste

just like this okay copy all that paste it and then

it and then add the closed parentheses there I'll

add the closed parentheses there I'll let you catch up

let you catch up and then we can just call down here

and then we can just call down here who am I

so what's going on in here well we have a function that we're

well we have a function that we're defining we're calling it who am I

defining we're calling it who am I and it has no parameters we'll get into

and it has no parameters we'll get into parameters here in just a second

parameters here in just a second now we're giving it some items within

now we're giving it some items within this in this instance what we're doing

this in this instance what we're doing is we're giving this local variables

is we're giving this local variables we're saying hey

we're saying hey in this instance when we have a variable

in this instance when we have a variable of name it's going to be Heat and the

of name it's going to be Heat and the age is going to be 30.

age is going to be 30. well whatever is stored in here is only

well whatever is stored in here is only stored within the function

stored within the function that's why this is a local variable if

that's why this is a local variable if we print

we print age

age as well we'll see that so we know that

as well we'll see that so we know that age was 35 we called age over here is 30

age was 35 we called age over here is 30 and let's see what happens first of all

and let's see what happens first of all we called our function here we said who

we called our function here we said who am I called that and all it does is run

am I called that and all it does is run our mini program our mini program says

our mini program our mini program says hey I'm going to print out

hey I'm going to print out these variables into this string here

these variables into this string here okay and that's exactly what it did but

okay and that's exactly what it did but when we printed age again you could see

when we printed age again you could see that we're actually still 35 so this

that we're actually still 35 so this variable or the variables that are

variable or the variables that are within a function are local and do not

within a function are local and do not apply outside of the function so make

apply outside of the function so make sure to remember that okay so I'm going

sure to remember that okay so I'm going to delete this print statement we don't

to delete this print statement we don't need it

need it and we're going to write some more

and we're going to write some more functions so let's do one where we add

functions so let's do one where we add some parameters

some parameters so we're going to do add 100

so we're going to do add 100 and we're going to give this a parameter

and we're going to give this a parameter of num n-u-m and that's just going to

of num n-u-m and that's just going to stand for number

stand for number okay we're going to indent make sure we

okay we're going to indent make sure we indent and all we're going to do is

indent and all we're going to do is print num Plus 100.

print num Plus 100. so when we call our function we say add

so when we call our function we say add 100

100 just like last time

just like last time this time we have to actually give it

this time we have to actually give it what is called an argument so our

what is called an argument so our argument goes with our parameter here

argument goes with our parameter here when we're calling it so our argument is

when we're calling it so our argument is going to be a hundred and when we print

going to be a hundred and when we print this out this is going to be 200

this out this is going to be 200 hopefully so we'll save this

hopefully so we'll save this run it

run it you can see that we got 200 because

you can see that we got 200 because we're doing print 100 plus 100. that's

we're doing print 100 plus 100. that's all we're doing is this mini program

all we're doing is this mini program okay let's try another one let's say we

okay let's try another one let's say we want to have multiple parameters

want to have multiple parameters let's do Define

add and we're just going to add X and Y this one's going to be easy we're just

this one's going to be easy we're just going to say print

going to say print X Plus y

X Plus y and now we can add whatever we want so

and now we can add whatever we want so let's add Seven and Seven

let's add Seven and Seven and one will take the place of X the

and one will take the place of X the other one will take the place of Y

other one will take the place of Y X Plus y 7 plus 7 should be 14. let's go

X Plus y 7 plus 7 should be 14. let's go ahead and run that

ahead and run that you'll see we get 14 here beautiful

you'll see we get 14 here beautiful all right let's make it a little bit

all right let's make it a little bit more complicated then

more complicated then all right let's try adding in here

all right let's try adding in here another function this time we're going

another function this time we're going to do multiply we're going to do X and Y

to do multiply we're going to do X and Y again

again and instead of doing a print I want to

and instead of doing a print I want to show you something a little bit

show you something a little bit different let's say we just return

different let's say we just return X

X times y

times y and now in this instance

and now in this instance if we multiply

7 times 7 do we get 49

do we get 49 we don't

we don't okay

okay there's a reason for this this is just

there's a reason for this this is just calling back so when this is saying

calling back so when this is saying return this isn't saying print remember

return this isn't saying print remember this says print this is going to return

this says print this is going to return x times y so we can call this here this

x times y so we can call this here this function and it knows that this function

function and it knows that this function is equal to 49 and perhaps we can put

is equal to 49 and perhaps we can put that into something else like we could

that into something else like we could put that maybe into a variable or

put that maybe into a variable or whatever it is we might want to do with

whatever it is we might want to do with it however if we wanted to return to the

it however if we wanted to return to the screen we actually have to call that so

screen we actually have to call that so sometimes we're going to actually store

sometimes we're going to actually store something instead of printing it we do a

something instead of printing it we do a lot of printing in Python tutorials just

lot of printing in Python tutorials just so that you can see it on the screen and

so that you can see it on the screen and make sure that you're seeing what you're

make sure that you're seeing what you're doing and that everything's printing out

doing and that everything's printing out okay so that's why we're doing this but

okay so that's why we're doing this but please understand that the return option

please understand that the return option does exist and is used quite frequently

does exist and is used quite frequently so I'm going to save this

so I'm going to save this and run this you can see now that we get

and run this you can see now that we get 49. perfect

49. perfect okay two more

okay two more let's say we want to do a square root

let's say we want to do a square root okay so let's define square root

okay so let's define square root and we're just going to give it one

and we're just going to give it one parameter

parameter and in this instance we're going to

and in this instance we're going to print out the square root so we're going

print out the square root so we're going to take X

to take X and a square root an exponent format is

and a square root an exponent format is just to

just to the power of 0.5

the power of 0.5 that's all we're doing and we can test

that's all we're doing and we can test that theory by doing something like

that theory by doing something like square root

square root of 64.

which we should return as 8 because 8 times 8 is 64. so if we save that

times 8 is 64. so if we save that come in here print it and you can see we

come in here print it and you can see we get a float of 8.0

get a float of 8.0 now I told you we would create our own

now I told you we would create our own function for a new line and we're going

function for a new line and we're going to do just that

to do just that let's go ahead and Define new line

let's go ahead and Define new line and we could call this like new line if

and we could call this like new line if we wanted to or whatever but I think to

we wanted to or whatever but I think to make it simple as long as we understand

make it simple as long as we understand what it is we can make comments and

what it is we can make comments and notes in here if we wanted to we could

notes in here if we wanted to we could just say defined NL

just say defined NL and then we can just say that when we do

and then we can just say that when we do that we're just going to print out

our n for our new line and then we call a new line we'll get

and then we call a new line we'll get one very simple so we can just even say

one very simple so we can just even say in here

in here new line okay so now we know and we save

new line okay so now we know and we save that and we can print it

that and we can print it you'll see it

you'll see it it's here but we really don't have

it's here but we really don't have anything after it to really show it but

anything after it to really show it but we do have that space there

we do have that space there so that is it for this lesson I'll go

so that is it for this lesson I'll go ahead and see you over in the next one

ahead and see you over in the next one next up we're going to learn about

next up we're going to learn about Boolean expressions and also relational

Boolean expressions and also relational and Boolean operators

and Boolean operators so let's go ahead and type in here

so let's go ahead and type in here Boolean expressions

Boolean expressions and when we think of these we can just

and when we think of these we can just think that this as true or false

think that this as true or false that's really what it is

that's really what it is so from here let's do a few variables so

so from here let's do a few variables so we could set Bowl one equal to true

we could set Bowl one equal to true we're just going to say hey this

we're just going to say hey this variable is true

variable is true bull 2 we could set equal to three times

bull 2 we could set equal to three times three

three is equal to 9. so the double equals

is equal to 9. so the double equals means that something is equal to

means that something is equal to something so we have three times three

something so we have three times three that's nine equal equal that means that

that's nine equal equal that means that equals nine do not confuse that with

equals nine do not confuse that with setting up your variable this is saying

setting up your variable this is saying hey my variable is equal to this but

hey my variable is equal to this but this is saying this is equal to this

this is saying this is equal to this number okay and that is a true statement

number okay and that is a true statement we could also say Bool 3 and make that

we could also say Bool 3 and make that false

false or we can give it a statement that makes

or we can give it a statement that makes it false so something like 3 times 3

it false so something like 3 times 3 does not equal nine exclamation equals

does not equal nine exclamation equals means does not equal nine

means does not equal nine now if we print it out

now if we print it out bull one bull two bull three ample four

bull one bull two bull three ample four just like that

just like that and save it

and save it and if we come

and if we come in here you'll see that it says true

in here you'll see that it says true true false false

true false false again Boolean Expressions is something

again Boolean Expressions is something true is something false

true is something false why do we need to know this well we need

why do we need to know this well we need to know if something is true

to know if something is true then we might want to continue on or if

then we might want to continue on or if something is false we might want to do

something is false we might want to do something and we'll get into that when

something and we'll get into that when we get into conditional statements like

we get into conditional statements like if something is true then go ahead and

if something is true then go ahead and do this if something is false do this or

do this if something is false do this or there's something called while Loops

there's something called while Loops which will allow us to continue as long

which will allow us to continue as long as something is true we're going to get

as something is true we're going to get there when we get to conditional

there when we get to conditional statements as well or looping I should

statements as well or looping I should say and we'll talk about that but that

say and we'll talk about that but that is why we might want to know these

is why we might want to know these things among other stuff we might want

things among other stuff we might want to know if something's true or set that

to know if something's true or set that parameter or that variable to True until

parameter or that variable to True until it becomes false

it becomes false etc etc so right now just understand

etc etc so right now just understand that Boolean expressions are true or

that Boolean expressions are true or false and we're going to come in here

false and we're going to come in here and we're going to print

and we're going to print and we're going to say type

and we're going to say type and we're going to do Bowl One

and we're going to do Bowl One okay and this will tell us now this is a

okay and this will tell us now this is a nice thing so if we come in here and say

nice thing so if we come in here and say type it'll give us the class this class

type it'll give us the class this class is Boolean awesome and another example

is Boolean awesome and another example of that is if we say like Rule 5 is

of that is if we say like Rule 5 is equal to true and we print the type so

equal to true and we print the type so if you see true and you're like I wonder

if you see true and you're like I wonder what that is is that Boolean or is it

what that is is that Boolean or is it actually just a string we come in here

actually just a string we come in here and say pull five let's save that

and say pull five let's save that save that there and then you should see

save that there and then you should see that that class is actually a string

that that class is actually a string here so you can check with the type to

here so you can check with the type to see what is this okay so the type

see what is this okay so the type feature is very nice and we can see that

feature is very nice and we can see that we are dealing with a Boolean here and

we are dealing with a Boolean here and this one is actually a straight so

this one is actually a straight so please note that if you put it in

please note that if you put it in quotations that makes the string

quotations that makes the string you leave it like this that makes it a

you leave it like this that makes it a Boolean expression

Boolean expression let's go ahead and make a new line

let's go ahead and make a new line and we're going to talk about

and we're going to talk about relational

relational and Boolean operators

okay so we can think of that as let's make a

so we can think of that as let's make a variable here we say

variable here we say greater than

we say 7 is greater than 5. well that would be true

would be true and we are using an operator here so the

and we are using an operator here so the operator is the greater than sign

operator is the greater than sign we're also using a Boolean expression

we're also using a Boolean expression because it's going to result in a true

because it's going to result in a true return if we were to print that out

return if we were to print that out now we can do a few other things we can

now we can do a few other things we can say like less than

say like less than is equal to 5 is less than seven we can

is equal to 5 is less than seven we can do greater than

do greater than or equal to

or equal to which would be 7 is greater than or

which would be 7 is greater than or equal to seven that's true

equal to seven that's true we can also do less than or equal to

we can also do less than or equal to and in that case we can do 7 is less

and in that case we can do 7 is less than or equal to seven which is also

than or equal to seven which is also true

true so all of these statements here are true

so all of these statements here are true now we can get into some other type of

now we can get into some other type of operators and statements here what if we

operators and statements here what if we did

did and so let's just call this test and

and so let's just call this test and we're going to do test and

we're going to do test and we say 7 is greater than five well

we say 7 is greater than five well that's true

that's true and

and 5 is less than seven that's also true

5 is less than seven that's also true both statements are true thus this is

both statements are true thus this is true

true do another one

do another one test and two

test and two and for some students this does take a

and for some students this does take a little bit to get your head wrapped

little bit to get your head wrapped around I'm going to provide a table for

around I'm going to provide a table for you here just in a second but just

you here just in a second but just follow along and I'll explain this as we

follow along and I'll explain this as we go let's say we have 7 is greater than

go let's say we have 7 is greater than five

five and

and five is greater than seven

five is greater than seven all right let me fix that syntax five is

all right let me fix that syntax five is greater than seven this now becomes

greater than seven this now becomes false

false why well seven is greater than five

why well seven is greater than five and 5 is greater than seven that's not

and 5 is greater than seven that's not true so because it's not true because

true so because it's not true because all statements are not true

all statements are not true this becomes false

this becomes false there's an alternative to this what if

there's an alternative to this what if we had an or we said or so 7 is greater

we had an or we said or so 7 is greater than 5 or

than 5 or 5 is less than seven well both

5 is less than seven well both statements are true thus this is true

statements are true thus this is true but we can have the same situation as

but we can have the same situation as before where we have 7 is greater than 5

before where we have 7 is greater than 5 or 5 is greater than seven and guess

or 5 is greater than seven and guess what this statement is actually true

what this statement is actually true because all we need is one condition to

because all we need is one condition to be true for this to be true so in this

be true for this to be true so in this situation this is true

situation this is true or if this is true then the whole thing

or if this is true then the whole thing becomes true

becomes true so just because this is false this would

so just because this is false this would also have to be false for this to be

also have to be false for this to be false

false hopefully that makes sense one other

hopefully that makes sense one other thing here before I show you the cool

thing here before I show you the cool little table is we could do test not so

little table is we could do test not so if we said something was not true

if we said something was not true guess what that becomes false

guess what that becomes false same thing if we said it was not false

same thing if we said it was not false then it's true not is just the opposite

then it's true not is just the opposite so not true in this situation is false

so not true in this situation is false now if we go out to the internet

now if we go out to the internet and we go to Google

and we go to Google we could come in here and we can just

we could come in here and we can just search something like python truth table

search something like python truth table and if we go to images we should be able

and if we go to images we should be able to find one that works out pretty well

to find one that works out pretty well in our favor here's a good example right

in our favor here's a good example right here

here so if you ever take a coding class you

so if you ever take a coding class you might be quizzed on this

might be quizzed on this this will tell you truth tables right

this will tell you truth tables right here so if it's not false it's true it's

here so if it's not false it's true it's not true it's false we can look at or

not true it's false we can look at or statements so true or false is true the

statements so true or false is true the only situation and or statement becomes

only situation and or statement becomes false is when both are false now the and

false is when both are false now the and we looked at that if it's true and false

we looked at that if it's true and false it's false if it's false and true or

it's false if it's false and true or false and false it's still False only

false and false it's still False only situation for and where it can be true

situation for and where it can be true is when both are true there's also not

is when both are true there's also not or not and

or not and there is does not equal or equals so

there is does not equal or equals so it's good to know these types of Truth

it's good to know these types of Truth tables and you can come and just again

tables and you can come and just again Google python truth table and come look

Google python truth table and come look at this pretty straightforward once you

at this pretty straightforward once you get the hang of it but it's completely

get the hang of it but it's completely okay for right now for it to be

okay for right now for it to be confusing just wanted you to know that

confusing just wanted you to know that these are out there and exist in case

these are out there and exist in case you are a little bit confused by this

you are a little bit confused by this lesson

lesson so we're going to go ahead and move on

so we're going to go ahead and move on to the next lesson which is going to

to the next lesson which is going to cover conditional statements

cover conditional statements okay we'll come in here we'll do a new

okay we'll come in here we'll do a new line

line and we'll just say conditional

and we'll just say conditional statements

statements and we can think of this as if then

and we can think of this as if then or if then else or if else either way

or if then else or if else either way you want to write this this is fine

you want to write this this is fine so think about this

so think about this if you go to the store and you want to

if you go to the store and you want to buy a drink and that drink is two

buy a drink and that drink is two dollars

dollars if you have two dollars or more you can

if you have two dollars or more you can buy the drink

buy the drink if you do not have two dollars you will

if you do not have two dollars you will not be able to buy the drink

not be able to buy the drink so let's take a look at that

so let's take a look at that so if we write a function and we call it

so if we write a function and we call it Define drink

Define drink and we give it a parameter of money we

and we give it a parameter of money we come in here and we say if

come in here and we say if money

money is greater than or equal to two

is greater than or equal to two then we're going to return

then we're going to return look at the indentation again

look at the indentation again we need an indent here after our

we need an indent here after our function and we need an indent after our

function and we need an indent after our if statement so make sure you're

if statement so make sure you're indenting correctly

indenting correctly return you

return you got yourself a drink

got yourself a drink and here we come back we can say else

and here we come back we can say else we're going to return

kind of like Seinfeld no soup for you all right so if we come in here and we

all right so if we come in here and we print drink

print drink of three meaning we had three dollars at

of three meaning we had three dollars at the time and we print drink of one

the time and we print drink of one meaning we had one dollar at the time

meaning we had one dollar at the time we're gonna have two different results

we're gonna have two different results if we have two or more dollars we're

if we have two or more dollars we're going to return you've got yourself a

going to return you've got yourself a drink otherwise if we have less than two

drink otherwise if we have less than two dollars we're gonna say no drink for you

dollars we're gonna say no drink for you let's save that

you've got yourself a drink when we print out three dollars because we had

print out three dollars because we had enough money here you can see with one

enough money here you can see with one dollar we did not have enough money thus

dollar we did not have enough money thus no drink or us

no drink or us okay let's take a look at a little bit

okay let's take a look at a little bit more of a complicated one we're gonna

more of a complicated one we're gonna come in here we're gonna say Define now

come in here we're gonna say Define now I'm going to make this alcoholic

I'm going to make this alcoholic beverages if you do not drink that's

beverages if you do not drink that's okay you can just follow along still you

okay you can just follow along still you can change it into whatever you want to

can change it into whatever you want to be I think this is a good example

be I think this is a good example because we have a couple parameters and

because we have a couple parameters and we can use those to make different sort

we can use those to make different sort of conditional statements so let's

of conditional statements so let's define alcohol

define alcohol now in the United States

now in the United States we have two things that we need in order

we have two things that we need in order to purchase alcohol one we have to be

to purchase alcohol one we have to be old enough

old enough we also have to have enough money

we also have to have enough money similar to the drink before that was

similar to the drink before that was non-alcoholic we assume

non-alcoholic we assume well we have to actually be old enough

well we have to actually be old enough to purchase the strength in the United

to purchase the strength in the United States you have to be 21. so if

our age is greater than or equal to 21. they put a space here by the way sorry

and look the and is coming into play money

look the and is coming into play money is greater than or equal to five

we're getting a drink all right

all right now we're gonna say else if

now we're gonna say else if because there's a few situations that we

because there's a few situations that we can be in there's actually four

can be in there's actually four situations here so we're going to say

situations here so we're going to say e-l-i-f which stands for else if

e-l-i-f which stands for else if what happens if our age is greater than

what happens if our age is greater than or equal to 21

or equal to 21 and we don't have enough money so we say

and we don't have enough money so we say money is less than five

money is less than five well in that situation we're going to

well in that situation we're going to return

return come back with more money

okay and then what if we have another situation where we say

situation where we say age is less than 21.

age is less than 21. and we actually have money

and we actually have money we're just an underage person trying to

we're just an underage person trying to buy a drink and we say five dollars

buy a drink and we say five dollars well we're gonna return

nice try kid and then lastly if we have no monies and

and then lastly if we have no monies and we're not old enough well then we can

we're not old enough well then we can just return something like your

just return something like your too young

too young and two poor

and two poor yay and then let's try these out so

yay and then let's try these out so we've got these different situations

we've got these different situations here again if we have our age and money

here again if we have our age and money we meet both criteria we're getting a

we meet both criteria we're getting a drink

drink otherwise if we meet the age but no

otherwise if we meet the age but no money let's come back with more money we

money let's come back with more money we don't meet the age but we have the money

don't meet the age but we have the money nice try kid and then lastly if you

nice try kid and then lastly if you don't have the money and you're not old

don't have the money and you're not old enough you're gonna be too young and too

enough you're gonna be too young and too poor so we're gonna print out a few

poor so we're gonna print out a few different

different statements here of this function so

statements here of this function so let's give it 21 and 5.

let's give it 21 and 5. we'll print alcohol again of 21 and 4.

we'll print alcohol again of 21 and 4. friends alcohol of 20 and 5.

friends alcohol of 20 and 5. and these should all meet different

and these should all meet different criteria alcohol of 20 and 4.

criteria alcohol of 20 and 4. so we should expect to get these in

so we should expect to get these in order we meet what we need here we don't

order we meet what we need here we don't we don't we don't different criteria for

we don't we don't different criteria for each of these we'll save this go ahead

each of these we'll save this go ahead and run this

and you can see it says no drink for you actually that's the last one uh we're

actually that's the last one uh we're getting a drink come back with more

getting a drink come back with more money nice try kid and you're too young

money nice try kid and you're too young and too poor

and too poor so you can see that we can make

so you can see that we can make conditional statements based on

conditional statements based on everything that we're starting to put

everything that we're starting to put together here we have now used a

together here we have now used a function we've used multiple parameters

function we've used multiple parameters we've used the conditional statement

we've used the conditional statement we've used relational operators

we've used relational operators okay we've got the Boolean right this is

okay we've got the Boolean right this is true and true we're returning something

true and true we're returning something this is

this is true and true in this situation then

true and true in this situation then we're going to return something else so

we're going to return something else so we have different situations that can

we have different situations that can come back

come back so we need to meet those criteria and

so we need to meet those criteria and we're starting to use that look we're

we're starting to use that look we're using the return instead of the print

using the return instead of the print feature there's a bunch of different

feature there's a bunch of different things that we're doing here that's all

things that we're doing here that's all starting to tie in and hopefully that's

starting to tie in and hopefully that's starting to make sense why we do things

starting to make sense why we do things we're starting to build upon it and it's

we're starting to build upon it and it's starting to get a little bit more fun

starting to get a little bit more fun so from here we're going to go ahead and

so from here we're going to go ahead and move on to lists and move on with our

move on to lists and move on with our journey into python so I'll see you in

journey into python so I'll see you in the next lesson

the next lesson let's move on to lists so let's go ahead

let's move on to lists so let's go ahead and do our new line

and do our new line and we'll call it lists

and we'll call it lists and the best way to think of lists in my

and the best way to think of lists in my opinion is that they have brackets

opinion is that they have brackets something like this

something like this now lists are data structures they are

now lists are data structures they are changeable we can reorder them they are

changeable we can reorder them they are basically just a group of elements

basically just a group of elements now everything within a list is called

now everything within a list is called an item and as I mentioned the best way

an item and as I mentioned the best way to think about lists is that they have

to think about lists is that they have brackets just like a string might have

brackets just like a string might have quotes around it lists will have

quotes around it lists will have brackets around it

brackets around it now again we need to remember these are

now again we need to remember these are changeable we'll talk about something

changeable we'll talk about something here in a little bit that is not

here in a little bit that is not changeable which is called the Tuple now

changeable which is called the Tuple now here

here let's go ahead and declare a list we're

let's go ahead and declare a list we're going to say movies and I'm just going

going to say movies and I'm just going to list out some movies that I like

to list out some movies that I like and we can do a bracket and I can say

and we can do a bracket and I can say when Harry

when Harry Met Sally we'll just give these as

Met Sally we'll just give these as strings

strings I like The Hangover

I like The Hangover and I like

and I like The Perks of Being a Wallflower now you

The Perks of Being a Wallflower now you can add whatever you like here and my

can add whatever you like here and my hangover here by the way that I have to

hangover here by the way that I have to hang over here my hangover on the line

hang over here my hangover on the line here is just because my notepad here is

here is just because my notepad here is not wide enough if I made it wider it

not wide enough if I made it wider it would actually just continue on so a

would actually just continue on so a don't confuse this if I hit enter you'll

don't confuse this if I hit enter you'll see it goes to 148 so my wrapping does

see it goes to 148 so my wrapping does not mean I went into a new line

not mean I went into a new line and lastly we'll just say The Exorcist

and we'll close the list off with a close bracket

close bracket so if I wanted to print

so if I wanted to print the first movie in the list

the first movie in the list I wanted to print When Harry Met Sally

I wanted to print When Harry Met Sally I come in here and I print movies and I

I come in here and I print movies and I wanted to say one do we think that would

wanted to say one do we think that would print the first item in the list go

print the first item in the list go ahead and hit save print

ahead and hit save print and you're going to see that it actually

and you're going to see that it actually prints The Hangover so what am I doing

prints The Hangover so what am I doing here I am calling an index

here I am calling an index and our index actually starts with the

and our index actually starts with the number zero so when we look at an index

number zero so when we look at an index we need to think of it as 0 1 2 3.

we need to think of it as 0 1 2 3. always count starting with zero not one

always count starting with zero not one otherwise you can return the wrong

otherwise you can return the wrong numbers and this can get very confusing

numbers and this can get very confusing let's make sure we add no to this

let's make sure we add no to this Returns the second

Returns the second item in the list okay we're looking at

item in the list okay we're looking at the second item with the index of one if

the second item with the index of one if we printed

we printed for example movies and we gave it zero

for example movies and we gave it zero then we would see that this will return

then we would see that this will return the first item in the list

the first item in the list okay we'll save that take a look real

okay we'll save that take a look real quick

quick you could see that the first item is

you could see that the first item is When Harry Met Sally and that's exactly

When Harry Met Sally and that's exactly what we're getting returned which is

what we're getting returned which is what we want

what we want now let's look at a few tricks to

now let's look at a few tricks to splicing an index or indices uh we can

splicing an index or indices uh we can say something like print movies and if

say something like print movies and if we printed movies one to three what

we printed movies one to three what would happen here

would happen here well what's gonna happen is it's going

well what's gonna happen is it's going to return

to return the first

the first item given

item given so this is going to be index number one

so this is going to be index number one which is item two so first I should say

which is item two so first I should say first index number given

first index number given right until

right until the last number given it's not going to

the last number given it's not going to include the last number

include the last number well let's even say but not include the

well let's even say but not include the last number

last number so

so no it's a lot it's just printed out take

no it's a lot it's just printed out take a look so one to three will print The

a look so one to three will print The Hangover starting at one and The Perks

Hangover starting at one and The Perks of Being a Wallflower which is two it

of Being a Wallflower which is two it will not print three

will not print three okay so make sure you understand if you

okay so make sure you understand if you go one to three you're only going to

go one to three you're only going to include two items three items

include two items three items now you can also do one to four which

now you can also do one to four which would print all of those

would print all of those if you wanted to print everything from

if you wanted to print everything from the beginning of a number so say we've

the beginning of a number so say we've wanted to print movies one and we wanted

wanted to print movies one and we wanted to go all the way to the end we could

to go all the way to the end we could just do something like this

just do something like this so you can start from a certain point in

so you can start from a certain point in index print The Hangover versus Being a

index print The Hangover versus Being a Wallflower The Exorcist and we're

Wallflower The Exorcist and we're skipping When Harry Met Sally because

skipping When Harry Met Sally because we're not stirring at zero

we're not stirring at zero okay

okay we could also do in the opposite of that

we could also do in the opposite of that movies

movies and remember if we go to one it's not

and remember if we go to one it's not going to include one it's only going to

going to include one it's only going to include

include the first item here everything before so

the first item here everything before so When Harry Met Sally everything up until

When Harry Met Sally everything up until this point is another way to think about

this point is another way to think about it

it okay so we wanted to print two items

okay so we wanted to print two items we'd actually have to add a second or

we'd actually have to add a second or put the number two here and that would

put the number two here and that would include The Hangover that's what we

include The Hangover that's what we wanted to do

wanted to do now another thing that we can do is if

now another thing that we can do is if we wanted to print the very last item

we wanted to print the very last item we could do a movies

we could do a movies negative one and you don't need to

negative one and you don't need to commit All This to Memory right now

commit All This to Memory right now especially if you're not working with

especially if you're not working with lists but if you ever do work with lists

lists but if you ever do work with lists you need to pull specific items down

you need to pull specific items down from the list this becomes very

from the list this becomes very important so important to know that

important so important to know that indexes or indices exist you start at

indexes or indices exist you start at zero and then you move forward and then

zero and then you move forward and then the way that you can spice these just

the way that you can spice these just depends on how you call these now this

depends on how you call these now this will return last item in list we save

will return last item in list we save that

that take a look

take a look you'll see It'll return The Exorcist

you'll see It'll return The Exorcist here

here now we can apply methods to lists just

now we can apply methods to lists just like printing length of movies

like printing length of movies we'll print count the items in the list

we'll print count the items in the list right and the list and we'll save that

right and the list and we'll save that just take a quick look

I never close this sorry so you can see it tells you your mistakes and even I

it tells you your mistakes and even I make mistakes come in here try it again

make mistakes come in here try it again you can see that we have four items

you can see that we have four items within our list

within our list all right so and that is true we have

all right so and that is true we have four items in the list

four items in the list we can also

we can also add to the list so we can use something

add to the list so we can use something like movies dot append we'll add to

like movies dot append we'll add to lists and if we wanted to add the movie

lists and if we wanted to add the movie Jaws we could

Jaws we could and if we printed movies you'll see

and if we printed movies you'll see that this appends to the end of the list

that this appends to the end of the list let's go ahead and save that

and you'll see now that Jaws is here at the end

the end now we could also insert a movie into

now we could also insert a movie into the list so if we did movies dot insert

the list so if we did movies dot insert and we wanted to put in a specific spot

and we wanted to put in a specific spot so say we want to put it in index two we

so say we want to put it in index two we could say two and then we could give it

could say two and then we could give it a movie Hustle the movie I just watched

a movie Hustle the movie I just watched recently and really liked and we can

recently and really liked and we can come in here and print movies now we

come in here and print movies now we save that

save that you can see that we can actually insert

you can see that we can actually insert hustle here into position two on the

hustle here into position two on the index so pretty neat

index so pretty neat now we can also remove movies we did

now we can also remove movies we did movies.pop

movies.pop come in here and that will remove

so if we come in here add a print statement

come in here add a print statement really quick save that and then print

really quick save that and then print this out

this out you'll see that Jaws is now gone

we can also specify specific spots we want to remove so if we want to remove

want to remove so if we want to remove index 0 we could and then this will

index 0 we could and then this will remove

remove the first item

the first item print movies

print movies save

save go ahead

go ahead and When Harry Met Sally is now gone

and When Harry Met Sally is now gone from our list

from our list we can also combine two lists so if we

we can also combine two lists so if we come in here and let's say that my wife

come in here and let's say that my wife has favorite movies and she definitely

has favorite movies and she definitely does

does and we'll just go with a couple of her

and we'll just go with a couple of her favorite movies she likes

favorite movies she likes Just Go With It

Just Go With It and she also likes 50 First Dates

and she also likes 50 First Dates come in here and close that off well we

come in here and close that off well we can combine movies let's say we wanted

can combine movies let's say we wanted to know our favorite movies

to know our favorite movies what we can do we can combine lists I

what we can do we can combine lists I should say come in here and I could say

should say come in here and I could say I want to add movies plus

I want to add movies plus Amber movies

Amber movies and I can print

and I can print our favorite

our favorite movies and then I have now combined

movies and then I have now combined lists let's go ahead and take a look at

lists let's go ahead and take a look at that hopefully I did it right

that hopefully I did it right and you can see now the hangover hustle

and you can see now the hangover hustle perks a big Wildfire Exorcist just go

perks a big Wildfire Exorcist just go with the 50 First Dates you could also

with the 50 First Dates you could also just come in here if you copied this by

just come in here if you copied this by the way

the way and just pasted this you don't have to

and just pasted this you don't have to put it into a variable you could totally

put it into a variable you could totally do it like that but I think storing in

do it like that but I think storing in variables is a better practice so I'm

variables is a better practice so I'm going to go ahead and just Ctrl Z here

going to go ahead and just Ctrl Z here and

and one more thing so we can also have what

one more thing so we can also have what are called 2D lists

are called 2D lists so two dimensional lists so let's say

so two dimensional lists so let's say for example we have grades

for example we have grades and we have a list of grades and we're

and we have a list of grades and we're going to say that

going to say that inside this list we have Bob and his

inside this list we have Bob and his grade is an 82.

grade is an 82. and then we have

and then we have Alice

and she has a 90.

a 90. okay and then we've got Jeff

okay and then we've got Jeff 's not doing so hot Jeff's got a 73.

's not doing so hot Jeff's got a 73. okay

okay and let's say we wanted to pull down

and let's say we wanted to pull down Bob's grade we could make a variable

Bob's grade we could make a variable like it's called Bob's grade

like it's called Bob's grade and we could set that to grades and then

and we could set that to grades and then do something like zero one like this and

do something like zero one like this and what are we doing here well we're saying

what are we doing here well we're saying I want to pull from the first index

I want to pull from the first index okay index one or zero right

okay index one or zero right first index 0 1 2 so I'm pulling from

first index 0 1 2 so I'm pulling from zero

zero and within that I want to pull the

and within that I want to pull the second item which is this zero one so we

second item which is this zero one so we have a two dimensional index here and if

have a two dimensional index here and if we went ahead and printed

we went ahead and printed Bob's grade you can see now we save this

we get an 82. well that's correct what if we screwed

well that's correct what if we screwed up Bob's grade and we wanted to fix it

up Bob's grade and we wanted to fix it well we could also do something like

well we could also do something like grades 0 1 just kind of like we called

grades 0 1 just kind of like we called and we could just set it equal to 83

and we could just set it equal to 83 maybe it wasn't 83.

maybe it wasn't 83. okay we come in here and we print out

okay we come in here and we print out grades

grades you should see that this has changed so

you should see that this has changed so let's go ahead and print this you can

let's go ahead and print this you can see now Bob has an 83. so we can modify

see now Bob has an 83. so we can modify our 2D lists as well

our 2D lists as well so that is it for list remember lists

so that is it for list remember lists have brackets lists are data structures

have brackets lists are data structures we can change lists as you saw we were

we can change lists as you saw we were able to append pop insert remove okay we

able to append pop insert remove okay we can modify many different ways we're

can modify many different ways we're going to move on here in a second to

going to move on here in a second to what are called tuples and tuples cannot

what are called tuples and tuples cannot be changed even though they look very

be changed even though they look very much like lists they are different so

much like lists they are different so I'll go ahead and see you over in the

I'll go ahead and see you over in the next lesson when we cover duples

next lesson when we cover duples okay let's talk about tuples very

okay let's talk about tuples very quickly and then we're gonna move on so

quickly and then we're gonna move on so do a new line

do a new line say tuples

say tuples and these are like lists but they do not

and these are like lists but they do not change we'll say do not change

change we'll say do not change and then they get parentheses as opposed

and then they get parentheses as opposed to getting brackets

to getting brackets okay so we might want to have something

okay so we might want to have something that doesn't change and when something

that doesn't change and when something can't change we say that they are not

can't change we say that they are not mutable

mutable m-u-t-a-b-l-e they're not mutable so

m-u-t-a-b-l-e they're not mutable so that means that they're immutable and

that means that they're immutable and tuples are immutable meaning we can't

tuples are immutable meaning we can't change them so we think of list list

change them so we think of list list mutable tuples not mutable or immutable

mutable tuples not mutable or immutable so if we have a tuple of grades we can

so if we have a tuple of grades we can say something like grades are equal to a

say something like grades are equal to a b

b see this is the American grading system

see this is the American grading system d

d and F

and F coming here if we did something like

coming here if we did something like grades.pop like we saw before

grades.pop like we saw before or grades dot append something like that

or grades dot append something like that neither of these are not going to work

neither of these are not going to work or neither of these will work I should

or neither of these will work I should say proper English what's going to

say proper English what's going to happen is they're not mutable we can't

happen is they're not mutable we can't change them once we have this and we

change them once we have this and we store it it does not change so if we

store it it does not change so if we want something that is like a list but

want something that is like a list but we don't want it to change it's better

we don't want it to change it's better to use a tuple we can set something in

to use a tuple we can set something in stone like our grade letterings and then

stone like our grade letterings and then we can call those when we need to we can

we can call those when we need to we can just say something like print grades

just say something like print grades and give it a one

and give it a one and save it and we should get a B back

and save it and we should get a B back okay and we get a B back so that's it

okay and we get a B back so that's it just know the difference between tuples

just know the difference between tuples and lists and that tuples do not change

and lists and that tuples do not change but they are very similar in how they

but they are very similar in how they can function and there are pros and cons

can function and there are pros and cons to each of those

to each of those so we're gonna go ahead and move on to

so we're gonna go ahead and move on to the next lesson which is going to be

the next lesson which is going to be looping

looping okay so let's come in here make a new

okay so let's come in here make a new line

line and we're going to call this looping

and we're going to call this looping so we're going to talk about two

so we're going to talk about two different types of Loops the first type

different types of Loops the first type of loop that we're going to talk about

of loop that we're going to talk about is what's called a for Loop

is what's called a for Loop and four Loops are start to finish of an

and four Loops are start to finish of an iterate

iterate and here's what a loop looks like and

and here's what a loop looks like and we'll take a look so let's go ahead and

we'll take a look so let's go ahead and get a list we're going to say vegetables

get a list we're going to say vegetables and you can put whatever vegetables you

and you can put whatever vegetables you want in here I'm going to go with a

want in here I'm going to go with a cucumber

cucumber I'll do some spinach

I'll do some spinach and then we'll do some cabbage as well

and then we'll do some cabbage as well and now what we're gonna do is we're

and now what we're gonna do is we're gonna come in here and we're going to

gonna come in here and we're going to write a four Loop we're going to say 4 x

write a four Loop we're going to say 4 x and x could be whatever you want it to

and x could be whatever you want it to be you could say for veggies

be you could say for veggies it could be whatever you want to call it

it could be whatever you want to call it in this instance I'm just going to call

in this instance I'm just going to call it X

it X in vegetables

in vegetables the 4X in this list

the 4X in this list we're going to go ahead and print out

we're going to go ahead and print out so what do you think this is going to do

so what do you think this is going to do all this is going to do is just Loop

all this is going to do is just Loop through the iterates start to finish up

through the iterates start to finish up and iterate so it's going to say

and iterate so it's going to say cucumber spinach cabbage go ahead and

cucumber spinach cabbage go ahead and give it a go save it print it

give it a go save it print it cucumber spinach cabbage all we did was

cucumber spinach cabbage all we did was go through a list iterate through it

go through a list iterate through it until we reached the end of the list and

until we reached the end of the list and then it stopped so that is a for Loop

then it stopped so that is a for Loop another good example of a loop if you

another good example of a loop if you want to think about it might be trying

want to think about it might be trying to Ping an IEP address like a 192 168

to Ping an IEP address like a 192 168 1.1 or maybe you have 1.x maybe there's

1.1 or maybe you have 1.x maybe there's a whole slew of ips that you want to

a whole slew of ips that you want to Ping maybe it's one through 254. okay if

Ping maybe it's one through 254. okay if you wanted to Ping all of those you

you wanted to Ping all of those you might want to do something like a 4X in

might want to do something like a 4X in IP and where IP is just equal to like a

IP and where IP is just equal to like a sequence like say IP is like a sequence

sequence like say IP is like a sequence of one to 254 and don't worry about this

of one to 254 and don't worry about this I'm just logically writing this out so

I'm just logically writing this out so if you say IPS 1 to 254 for x and IEP

if you say IPS 1 to 254 for x and IEP and then you want to do something you

and then you want to do something you might want to like Ping

192.168.1.x and then X will be one then two then three then four okay so you

two then three then four okay so you could write something like this for a

could write something like this for a pink sweeper again it's the start to

pink sweeper again it's the start to finish of an iterate one through two

finish of an iterate one through two fifty four with a stop at 254 when the

fifty four with a stop at 254 when the iterate is done now another example of

iterate is done now another example of this or another example of a loop is

this or another example of a loop is what we call a while loop let me say

what we call a while loop let me say wall loops

wall loops these execute as long

these execute as long as true

as true I should probably capitalize true so

I should probably capitalize true so that way it makes sense that we're

that way it makes sense that we're talking booleans so let's think about

talking booleans so let's think about this situation what about we set I equal

this situation what about we set I equal to one so we've got a variable of I

to one so we've got a variable of I equal to one

equal to one while I is less than 10.

while I is less than 10. we're going to go ahead and print out I

we're going to go ahead and print out I and then we're going to say I Plus

and then we're going to say I Plus equals 1.

equals 1. so what's going to happen

so what's going to happen well while I is less than 10

well while I is less than 10 . so right now I is equal to 1 1 is less

. so right now I is equal to 1 1 is less than 10 that is true we're going to go

than 10 that is true we're going to go ahead and print I increase the value of

ahead and print I increase the value of I by 1. so the next time it Loops

I by 1. so the next time it Loops through it's going to be 2 and it's

through it's going to be 2 and it's going to continue on until this is no

going to continue on until this is no longer true so if we save this this

longer true so if we save this this should print out one through nine

should print out one through nine because we're not looking for 10 just

because we're not looking for 10 just one through nine so we're going to say

one through nine so we're going to say that hit enter one two three four five

that hit enter one two three four five six seven eight nine and it looks like

six seven eight nine and it looks like the loop actually did its job so again

the loop actually did its job so again we have two types of Loops all we need

we have two types of Loops all we need to know about right now is we have a

to know about right now is we have a start to finish of an iterate that's the

start to finish of an iterate that's the for Loop a little while loop executes as

for Loop a little while loop executes as long as true we may see these later on

long as true we may see these later on as we do our project work so keep these

as we do our project work so keep these in mind as we go on through the course

in mind as we go on through the course so from here we're going to go ahead and

so from here we're going to go ahead and move on to Advanced strings so I'll see

move on to Advanced strings so I'll see you over in the next lesson

you over in the next lesson okay let's take a look at some Advanced

okay let's take a look at some Advanced strings so if we come in here

strings so if we come in here again we do a new line

again we do a new line go ahead and enter Advanced strings

go ahead and enter Advanced strings and let's create a variable of my name

and let's create a variable of my name I'm going to say my name is Heath

I'm going to say my name is Heath now let's say we wanted to print

now let's say we wanted to print my name and we wanted to grab the first

my name and we wanted to grab the first letter of my name how do you think we

letter of my name how do you think we might do that

might do that well if you're saying index of 0 you are

well if you're saying index of 0 you are absolutely correct

absolutely correct and we can say in here first letter

and we can say in here first letter what about printing the last letter of

what about printing the last letter of my name

my name well if you say negative one you have

well if you say negative one you have remembered your index lessons great job

remembered your index lessons great job that's going to be the last letter

that's going to be the last letter we can save this and we can go ahead and

we can save this and we can go ahead and print

and if I made this a string that would be very helpful go ahead and save this

be very helpful go ahead and save this you can see that we get the capital H

you can see that we get the capital H and the lowercase H here because my name

and the lowercase H here because my name starts with an h and ends with an H

starts with an h and ends with an H so another thing to note about strings

so another thing to note about strings much like tuples they are also immutable

much like tuples they are also immutable you cannot change a string we cannot

you cannot change a string we cannot modify the string we can join strings we

modify the string we can join strings we could split strings and we'll talk about

could split strings and we'll talk about that here in a second but once I have

that here in a second but once I have set this variable in this string this

set this variable in this string this string is here forever I can always

string is here forever I can always change the value of this variable but

change the value of this variable but you cannot change this string so again

you cannot change this string so again strings are immutable

strings are immutable now let's go ahead and say we have a

now let's go ahead and say we have a sentence

sentence we give that

we give that something like this is a sentence

something like this is a sentence if I can type today

if I can type today and we print out sentence

with something like this what do we think that's going to look

what do we think that's going to look like let's save this print it

like let's save this print it you can see that we get this what are we

you can see that we get this what are we doing well we're just grabbing this

doing well we're just grabbing this first word however we have the benefit

first word however we have the benefit of knowing what the first word is and

of knowing what the first word is and how long it is so we went 0 1 2 3.

how long it is so we went 0 1 2 3. remember we stopped at four so we grab

remember we stopped at four so we grab the word this

the word this well what if we were in a situation

well what if we were in a situation where we didn't know what the word was

where we didn't know what the word was or how long the first word was we could

or how long the first word was we could use something like a delimiter so we

use something like a delimiter so we could say print

could say print we could do sentence dot split

we could do sentence dot split and if we do a DOT split we can just do

and if we do a DOT split we can just do it like this and then this is a

it like this and then this is a delimiter and a delimiter says we're

delimiter and a delimiter says we're going to take something and we're going

going to take something and we're going to split based on that now the default

to split based on that now the default delimiter in Python if we just give it a

delimiter in Python if we just give it a split is a space

split is a space if we save this

if we save this come in here

come in here this is a sentence now look at it it's

this is a sentence now look at it it's in a list we could pull the first item

in a list we could pull the first item if we wanted to and know the first word

if we wanted to and know the first word instead of having to split it like this

instead of having to split it like this or pull it out like that

or pull it out like that so

so we could do something like this as well

we could do something like this as well this is just a proof of concept that's a

this is just a proof of concept that's a little bit fun we go sentence

little bit fun we go sentence split

split and we say that is equal to sentence

and we say that is equal to sentence dot split

dot split okay and then we also create another

okay and then we also create another variable we call that sentence join and

variable we call that sentence join and we say that is equal to

we say that is equal to space we're giving it a delimiter to

space we're giving it a delimiter to join on actually we're telling you what

join on actually we're telling you what to add in between the different words

to add in between the different words that we're pulling out so we're adding a

that we're pulling out so we're adding a space here and we're going to say join

space here and we're going to say join sentence split like this

sentence split like this and if we print out

and if we print out sentence join what do you think we're

sentence join what do you think we're gonna actually have happen here let's

gonna actually have happen here let's save it

save it guess what this is a sentence so all we

guess what this is a sentence so all we did was deconstruct this sentence based

did was deconstruct this sentence based on the delimiter it came out to this is

on the delimiter it came out to this is a sentence and then we joined it back

a sentence and then we joined it back together with a space so every one of

together with a space so every one of those got a space in between and that's

those got a space in between and that's it so that's just a Nifty little way to

it so that's just a Nifty little way to show you that splitting and joining is

show you that splitting and joining is possible and again this is still

possible and again this is still immutable even though we're messing

immutable even though we're messing around with the strings the strings are

around with the strings the strings are immutable let's take a look at a few

immutable let's take a look at a few other things here

other things here I mentioned in the beginning of the

I mentioned in the beginning of the first lesson when we were talking about

first lesson when we were talking about strings initially that we might have

strings initially that we might have different ways of using single quotes

different ways of using single quotes and double quotes and think about this

and double quotes and think about this like what if we had a situation of quote

like what if we had a situation of quote and we wanted to say something like he

and we wanted to say something like he said

said give me all your money

give me all your money well with this situation what are we

well with this situation what are we gonna do what if we wanted to add quotes

gonna do what if we wanted to add quotes here and say give me all your money we

here and say give me all your money we do that because that is a quote well

do that because that is a quote well looks like it's kind of messed up we're

looks like it's kind of messed up we're not seeing it in green it kind of looks

not seeing it in green it kind of looks funny what we can do in this situation

funny what we can do in this situation is we can use single quotes if we wanted

is we can use single quotes if we wanted to

to or we could flip this around by the way

or we could flip this around by the way we could use single quotes on the

we could use single quotes on the outside and then double quotes on the

outside and then double quotes on the inside if we wanted to use double quotes

inside if we wanted to use double quotes here and I could save this so let's

here and I could save this so let's print out quote just to show you and

print out quote just to show you and then we can save this

another thing that we can do though is we can say something like quote

and then we can just do he said and we can do character escaping so we can do

can do character escaping so we can do give me all your money like this

give me all your money like this and now python knows that everything

and now python knows that everything within these escaped characters

within these escaped characters is ignoring it's ignoring this double

is ignoring it's ignoring this double quote here and ignoring this double

quote here and ignoring this double quote here so we're escaping that and

quote here so we're escaping that and then we can print it

then we can print it and hopefully we did this right go ahead

and hopefully we did this right go ahead and print

and print you can see now it says he said give me

you can see now it says he said give me all your money in double quotes while we

all your money in double quotes while we also use double quotes on the outside so

also use double quotes on the outside so we can use character escaping if we want

we can use character escaping if we want to just know that we'll have to use this

to just know that we'll have to use this backslash in front of each of the

backslash in front of each of the characters that we want to escape okay

characters that we want to escape okay let's take a few more examples here so

let's take a few more examples here so if we say

if we say something like a variable of too much

something like a variable of too much space what happens in the situation

space what happens in the situation where we have

where we have like you can just add as much space as

like you can just add as much space as you want in here it doesn't really

you want in here it doesn't really matter we have a string with a lot of

matter we have a string with a lot of space in there well we can strip this

space in there well we can strip this out we can print too much space and then

out we can print too much space and then we can do a DOT strip

we can do a DOT strip and the strip is going to take the

and the strip is going to take the delimiter of a space as default

delimiter of a space as default and that will also strip this out you

and that will also strip this out you can see there's just hello there nothing

can see there's just hello there nothing else so that's kind of nice

else so that's kind of nice few more items what if we have the

few more items what if we have the letter of a

letter of a and we have the word

and we have the word of

of Apple

Apple okay

okay well what if we wanted to know something

well what if we wanted to know something like this let's actually go up a little

like this let's actually go up a little bit

bit and let's say we wanted to know like

and let's say we wanted to know like print

print a and Apple

a and Apple okay what is this going to return

okay what is this going to return go ahead and if I could type sorry

go ahead and if I could type sorry and this is going to return something

and this is going to return something let's go ahead and save that

let's go ahead and save that that's going to return true

that's going to return true so we'll just say true

so we'll just say true now if we print

now if we print a in apple

you're going to see that this is going to return false

to return false save this

save this y

y well this here is a lowercase a and that

well this here is a lowercase a and that does not exist with an apple so even

does not exist with an apple so even though we're looking for a specific

though we're looking for a specific letter Within A Word we have to match

letter Within A Word we have to match case sensitivity in order for that to

case sensitivity in order for that to return true so if we wanted to know if

return true so if we wanted to know if the letter A was in the word apple and

the letter A was in the word apple and we weren't concerned about case

we weren't concerned about case sensitivity then what do we do in that

sensitivity then what do we do in that situation

situation well this brings something up that we

well this brings something up that we did a little bit early on which is using

did a little bit early on which is using lowercase remember the lowercase method

lowercase remember the lowercase method we can say print

we can say print and then we can come in here and say

and then we can come in here and say letter dot lower you could also do upper

letter dot lower you could also do upper if you wanted to but what we're doing is

if you wanted to but what we're doing is we're converting all of this to

we're converting all of this to lowercase so this is not going to be a

lowercase so this is not going to be a lowercase a and then we could say in

lowercase a and then we could say in word dot lower

word dot lower and we can just say this is an improved

and we can just say this is an improved way of doing this

way of doing this so if we print that out we save this

so if we print that out we save this this should come back as true

this should come back as true so think about when you're trying to

so think about when you're trying to match a word or a string or anything and

match a word or a string or anything and if somebody came in and you were

if somebody came in and you were expecting like I don't know like think

expecting like I don't know like think about school and we're thinking about uh

about school and we're thinking about uh a word maybe like

a word maybe like Manhattan I don't know and somebody

Manhattan I don't know and somebody types in

types in Manhattan like this

Manhattan like this okay we still want to be able to accept

okay we still want to be able to accept that answer is true even though they may

that answer is true even though they may have screwed up a little bit on the

have screwed up a little bit on the punctuation now there could be instances

punctuation now there could be instances where we want a capitalized letter and

where we want a capitalized letter and it has to be very specific in that case

it has to be very specific in that case this kind of syntax works but if we're

this kind of syntax works but if we're looking to just accept an answer like

looking to just accept an answer like Manhattan for Manhattan then we might

Manhattan for Manhattan then we might want to consider using lowercase or

want to consider using lowercase or uppercase in that situation just to

uppercase in that situation just to match those words or letters or whatever

match those words or letters or whatever it might be

it might be so one more thing let's look at what is

so one more thing let's look at what is called string formatting so if we do

called string formatting so if we do something like movie we'll pick the

something like movie we'll pick the hangover again

hangover again we say The Hangover you can pick

we say The Hangover you can pick whatever movie you want here there's a

whatever movie you want here there's a few ways that we can print this out

few ways that we can print this out remember we concatenated early on and we

remember we concatenated early on and we said like print

said like print we did something like my favorite movie

we did something like my favorite movie [Music]

[Music] is space

is space plus

plus you know movie something like that right

you know movie something like that right well we can actually write this in a

well we can actually write this in a certain way that is a little bit easier

certain way that is a little bit easier so there's a few things that we can do

so there's a few things that we can do for example we can do my favorite movie

for example we can do my favorite movie is add a couple brackets in here like

is add a couple brackets in here like that

that and then we can add

and then we can add period at the end just because we're

period at the end just because we're going to close our sentence we'll say

going to close our sentence we'll say dot format

dot format and we'll say movie and close that off

and we'll say movie and close that off that's one way of doing it

that's one way of doing it if we save that

if we save that it's a my favorite movie is The Hangover

it's a my favorite movie is The Hangover okay this is called using the string

okay this is called using the string format method now what we can do there's

format method now what we can do there's another type of method we can use is we

another type of method we can use is we could say print my favorite movie is

could say print my favorite movie is percent s

percent s and we say

and we say percent really

percent really just like this

just like this save that

save that this is using percent formatting and

this is using percent formatting and look the same thing happens I just

look the same thing happens I just forgot my period in there

forgot my period in there so no big deal

so no big deal lastly if we print out

lastly if we print out an F in the front this is called an F

an F in the front this is called an F string or what's known as a string

string or what's known as a string literal we can do my favorite movie is

literal we can do my favorite movie is and then just do a movie like this

and then just do a movie like this super easy

super easy and we have moved off of using the

and we have moved off of using the format method and the percent method

format method and the percent method into this F string or string literal let

into this F string or string literal let me come in here we save this

me come in here we save this tab up print and you can see my favorite

tab up print and you can see my favorite movie is The Hangover that worked out

movie is The Hangover that worked out perfectly well you can use any of these

perfectly well you can use any of these to format but just know that the F

to format but just know that the F strings are the latest and the greatest

strings are the latest and the greatest way of doing it in Python 3.

way of doing it in Python 3. so that is it for this lesson we're

so that is it for this lesson we're going to go ahead and move on to

going to go ahead and move on to dictionaries

dictionaries okay so we'll add new lines in here

okay so we'll add new lines in here and we'll say dictionaries

and we'll say dictionaries and we could think of these as key value

and we could think of these as key value pairs

and also think of these with the curly braces like this so we've seen lists

braces like this so we've seen lists like that we've seen tuples now we can

like that we've seen tuples now we can think of dictionaries with the curly

think of dictionaries with the curly braces

braces so let's go ahead and we're going to put

so let's go ahead and we're going to put some drinks and again I'm going to use

some drinks and again I'm going to use alcoholic beverages you do not have to

alcoholic beverages you do not have to do that you can use whatever drinks and

do that you can use whatever drinks and prices in here that you want but we're

prices in here that you want but we're going to have a key value pair so our

going to have a key value pair so our key is going to be the drink so first

key is going to be the drink so first drink I'm going to pick up is a White

drink I'm going to pick up is a White Russian

Russian and the value is going to be seven let's

and the value is going to be seven let's say that a White Russian costs seven

say that a White Russian costs seven dollars

dollars if we do an Old Fashioned

if we do an Old Fashioned we're going to say that this costs ten

we're going to say that this costs ten dollars

dollars and we'll do one more we'll do a lemon

and we'll do one more we'll do a lemon drop and we'll just say that this costs

drop and we'll just say that this costs eight dollars

eight dollars okay and we can make a note here to

okay and we can make a note here to ourselves that drink is the key

ourselves that drink is the key price is the value remember key value

price is the value remember key value pairs key value

pairs key value all right so we've got our drinks we can

all right so we've got our drinks we can print our drinks

print our drinks save this go ahead print

save this go ahead print and you can see we print out our

and you can see we print out our dictionary here

dictionary here now

now let's give it another example

let's give it another example let's say that we have employees

let's say that we have employees and this could be a good example so we

and this could be a good example so we say we have employees and I really like

say we have employees and I really like the show Bob's Burgers so I'm going to

the show Bob's Burgers so I'm going to use Bob's Burgers here as an example

use Bob's Burgers here as an example let's say we have different departments

let's say we have different departments we've got the finance department

we've got the finance department and in the finance department

and in the finance department we actually have a list of people what

we actually have a list of people what if we've got we've got Bob oops we've

if we've got we've got Bob oops we've got Linda

got Linda and we've got Tina

and we've got Tina all in finance

all in finance we can also have another department

we can also have another department let's have it

let's have it so again that's the key

so again that's the key and the value is going to be this list

and the value is going to be this list that we're putting in there so Gene

that we're putting in there so Gene Louise

Louise and we'll throw our Teddy in there as

and we'll throw our Teddy in there as well

well and that one and let's do one more we'll

and that one and let's do one more we'll do HR

do HR so HR and we'll put in here

so HR and we'll put in here Jimmy Jr

Jimmy Jr and we'll also put in Mort

and we'll also put in Mort again you can put whatever you want in

again you can put whatever you want in here and if you need to pause if you're

here and if you need to pause if you're trying to follow line for line word for

trying to follow line for line word for word you need to pause and type this out

word you need to pause and type this out feel free to do that

feel free to do that I'm gonna go ahead and print out our

I'm gonna go ahead and print out our employees just to show this make sure I

employees just to show this make sure I type this all right because this is a

type this all right because this is a lot of syntax

lot of syntax and we've got Finance it and HR looks

and we've got Finance it and HR looks like we did a great job awesome

like we did a great job awesome so let's say I wanted to add a new key

so let's say I wanted to add a new key value pair I could do that in a couple

value pair I could do that in a couple of different ways we can do something

of different ways we can do something like employees

like employees and we can just say something like we

and we can just say something like we want to add a legal department

want to add a legal department all right and in the legal department

all right and in the legal department we're gonna have

we're gonna have just one person we'll just have Mr frond

just one person we'll just have Mr frond he's our legal team

he's our legal team okay we'll just say it adds new e value

okay we'll just say it adds new e value pair

pair save that actually let's print employees

save that actually let's print employees so that way we can actually

so that way we can actually verify save

verify save print

print and you can see legal ads Mr frond so we

and you can see legal ads Mr frond so we are adding to the end of our dictionary

are adding to the end of our dictionary just like we added to the end of our

just like we added to the end of our list everything gets appended to the end

list everything gets appended to the end unless we specify otherwise

unless we specify otherwise let's go ahead and come in here another

let's go ahead and come in here another way that we can do this is we can say

way that we can do this is we can say something like employees

something like employees dot update

dot update and we can say something like give it a

and we can say something like give it a sales department

sales department and in the sales department we'll have

and in the sales department we'll have Andy

Andy we'll have Ollie

close that off we're also going to have to close off

we're also going to have to close off our curly braces and we'll close off our

our curly braces and we'll close off our parentheses and if you have a decent

parentheses and if you have a decent notepad it'll show you where your items

notepad it'll show you where your items are so that way you know you're closing

are so that way you know you're closing things off correctly so we've got three

things off correctly so we've got three different types of syntax going on there

different types of syntax going on there and it sometimes can be hard to read so

and it sometimes can be hard to read so here we could say adds new key value

here we could say adds new key value pair as well

pair as well so just another way of doing it we can

so just another way of doing it we can print employees and we'll see that

print employees and we'll see that Annie and Ollie should be added provided

Annie and Ollie should be added provided we typed everything correct which we did

we typed everything correct which we did so here's sales with Andy and Ollie

so here's sales with Andy and Ollie okay one more thing let's say that we

okay one more thing let's say that we wanted to update

wanted to update something in our dictionary we're going

something in our dictionary we're going to go ahead and update a value we're

to go ahead and update a value we're going to go back to drinks for this one

going to go back to drinks for this one let's say that inflation has happened

let's say that inflation has happened which it has and with inflation the

which it has and with inflation the price of a white russian has now gone up

price of a white russian has now gone up from Seven dollars to eight dollars we

from Seven dollars to eight dollars we can do something like that print drinks

can do something like that print drinks and you should see

and you should see that hopefully this has been updated

that hopefully this has been updated to eight dollars which it was seven

to eight dollars which it was seven before now it's eight perfect

before now it's eight perfect we can also grab the value of that so if

we can also grab the value of that so if we wanted to do something like print

we wanted to do something like print drinks dot get and then we do white

drinks dot get and then we do white Russian

Russian totally do something like this

totally do something like this and save and hopefully it will return

and save and hopefully it will return eight

eight and it does

and it does so that is it for this lesson we're

so that is it for this lesson we're going to go ahead and move into a new

going to go ahead and move into a new file here in the next video so let's go

file here in the next video so let's go ahead and save this and close this and

ahead and save this and close this and we'll prepare for the next video so I'll

we'll prepare for the next video so I'll catch you over in the next lesson

okay so I wanted to talk about importing we're going to talk about importing

we're going to talk about importing modules so I wanted to make a new file

modules so I wanted to make a new file for this let's just call this mouse pad

for this let's just call this mouse pad importing dot Pi or whatever you want to

importing dot Pi or whatever you want to call it and I'm going to do the

call it and I'm going to do the Ampersand here and again if you're using

Ampersand here and again if you're using Windows or Mac just make sure you create

Windows or Mac just make sure you create a new file for this

a new file for this I'm going to go in here and I'm going to

I'm going to go in here and I'm going to add my shebang like before

add my shebang like before I'm going to declare bin Python 3 and

I'm going to declare bin Python 3 and save this

save this and now we're going to go ahead and talk

and now we're going to go ahead and talk about importing so

about importing so importing let's type this importing

importing let's type this importing and we'll say importing is important

and we'll say importing is important now modules exist within python that are

now modules exist within python that are built in but not available to us without

built in but not available to us without importing them so like you saw us being

importing them so like you saw us being able to do math but we could import a

able to do math but we could import a more robust module of math and then use

more robust module of math and then use that to do more advanced calculations

that to do more advanced calculations outside of adding subtracting exponents

outside of adding subtracting exponents Etc in this instance we're going to talk

Etc in this instance we're going to talk about a couple of different Imports that

about a couple of different Imports that we can do and that you're going to see

we can do and that you're going to see again as we get into some of our

again as we get into some of our Hands-On stuff and we build out some

Hands-On stuff and we build out some projects

projects for example we might want to import

for example we might want to import something called CIS now let's say if we

something called CIS now let's say if we tried to print out sys dot version and

tried to print out sys dot version and we'll just save this and then we're

we'll just save this and then we're going to Python 3 importing dot pi

going to Python 3 importing dot pi and you're going to see that I get an

and you're going to see that I get an error back that says CIS is not defined

error back that says CIS is not defined name says not defined okay well CIS is

name says not defined okay well CIS is something that we're going to use quite

something that we're going to use quite often in Python you're going to see it

often in Python you're going to see it imported quite a bit and it does a lot

imported quite a bit and it does a lot of different unique items like it does

of different unique items like it does something called ARG V for example which

something called ARG V for example which we'll use as an example later on but if

we'll use as an example later on but if we want to specify a an amount of

we want to specify a an amount of arguments say we're trying to run uh

arguments say we're trying to run uh Python 3 we're going to do a port

Python 3 we're going to do a port scanner later so we'll just say

scanner later so we'll just say portscanner.pi and we need to supply an

portscanner.pi and we need to supply an IP address here right and this is

IP address here right and this is argument zero this is argument one so if

argument zero this is argument one so if we Supply no argument one then we're

we Supply no argument one then we're going to throw an error it's going to be

going to throw an error it's going to be an if else statement and that's going to

an if else statement and that's going to use something called RV now we'll get

use something called RV now we'll get into that later but that's very

into that later but that's very important it's a part of CIS another

important it's a part of CIS another part of CIS is doing something like the

part of CIS is doing something like the version type of python that we're used

version type of python that we're used using or another thing is the sys dot

using or another thing is the sys dot exit which you'll see later on as well

exit which you'll see later on as well which is going to allow us to gracefully

which is going to allow us to gracefully exit

exit when we encounter an error we tell the

when we encounter an error we tell the script to exit or whatever we're doing

script to exit or whatever we're doing so we might need to import something

so we might need to import something like sis or another one is OS which is

like sis or another one is OS which is very common to be imported as well so

very common to be imported as well so let's talk about importing

let's talk about importing in order to import we can say something

in order to import we can say something like import sys just like this and we

like import sys just like this and we can just say this is for system

can just say this is for system functions and parameters

functions and parameters save that

save that and let's go ahead and just print this

and let's go ahead and just print this now and see what happens

now and see what happens you can see now that sys has been

you can see now that sys has been imported even though it wasn't built in

imported even though it wasn't built in automatically we can import it and you

automatically we can import it and you can see now it tells us hey we are

can see now it tells us hey we are running on version 3.10.5 of python and

running on version 3.10.5 of python and it was downloaded on June 8th 2022 or

it was downloaded on June 8th 2022 or built on June 8th of 2022 so

built on June 8th of 2022 so from here let's go ahead and import

from here let's go ahead and import something else let's go ahead and import

something else let's go ahead and import date time

date time and we can import from something so I

and we can import from something so I know this is going to be confusing but

know this is going to be confusing but we can import specifics from a module so

we can import specifics from a module so we're just importing the date time

we're just importing the date time feature from date time even though

feature from date time even though they're named the same just know that we

they're named the same just know that we can import specifics we don't have to

can import specifics we don't have to import the whole thing even though we

import the whole thing even though we totally could just import the whole

totally could just import the whole thing as well so here

thing as well so here for example we can say print

for example we can say print date time dot now like this and you know

date time dot now like this and you know what this is going to do it's going to

what this is going to do it's going to tell you what the date and the time is

tell you what the date and the time is and I apologize this is backwards this

and I apologize this is backwards this is it's from date time import date time

is it's from date time import date time so again your syntax will tell you where

so again your syntax will tell you where it's wrong

it's wrong and it is perfectly normal to make

and it is perfectly normal to make mistakes I leave these in the video so

mistakes I leave these in the video so that you see that I am human too and

that you see that I am human too and it's completely normal to make mistakes

it's completely normal to make mistakes like this so go ahead and do your script

like this so go ahead and do your script now and you'll see that it gives the

now and you'll see that it gives the date and the time so right now it is

date and the time so right now it is July 6th and it is two o'clock in the

July 6th and it is two o'clock in the morning

morning I am a night owl

I am a night owl now one other thing that we can do is we

now one other thing that we can do is we can come in here and we can

can come in here and we can from daytime import date time

from daytime import date time and we can also give this an alias we

and we can also give this an alias we can say as

can say as DT what if we don't want to write date

DT what if we don't want to write date time out we just want to do DT just like

time out we just want to do DT just like we didn't want to write new line out we

we didn't want to write new line out we did NL same kind of concept so we can

did NL same kind of concept so we can just say import with alias

just say import with alias and instead of saying date time.now we

and instead of saying date time.now we could just say DT dot now save that

could just say DT dot now save that go ahead and print it

go ahead and print it you can see it still works so absolutely

you can see it still works so absolutely the same thing we're just giving an

the same thing we're just giving an alias making it a little bit easier to

alias making it a little bit easier to run okay so that is it for this video

run okay so that is it for this video let's go ahead and close this out and

let's go ahead and close this out and then I'm going to meet you in the next

then I'm going to meet you in the next video we're going to talk about sockets

video we're going to talk about sockets before we get into building out a port

before we get into building out a port scanner so I'll catch you over in the

scanner so I'll catch you over in the next video

next video okay so let's make a new file and we're

okay so let's make a new file and we're going to call this s dot pi

going to call this s dot pi and again create this however you want

and again create this however you want to if you're using Linux you can follow

to if you're using Linux you can follow along like this or just create a new

along like this or just create a new file in Linux or Windows

file in Linux or Windows again we're going to shebang this up

again we're going to shebang this up here I'm going to give this a bin python

here I'm going to give this a bin python 3. now this is an incredibly necessary

3. now this is an incredibly necessary if you're running on Windows or Mac but

if you're running on Windows or Mac but this is just best practice for me this

this is just best practice for me this is the location of my python even though

is the location of my python even though I'm not actually calling it I am calling

I'm not actually calling it I am calling it with python3 so this isn't incredibly

it with python3 so this isn't incredibly relevant as long as you're using python

relevant as long as you're using python 3. now we are going to deal with sockets

3. now we are going to deal with sockets oh sockets

oh sockets now sockets

now sockets are what can be used to connect two

are what can be used to connect two nodes together so we're going to use

nodes together so we're going to use this to connect to Ports and IP

this to connect to Ports and IP addresses if you're unfamiliar with

addresses if you're unfamiliar with computer networking that's okay but what

computer networking that's okay but what we're looking for is a port and we're

we're looking for is a port and we're going to look for that port on an IP

going to look for that port on an IP address and on that IP address that that

address and on that IP address that that port is open we're going to make a

port is open we're going to make a connection to this

connection to this we're going to build a port scanner in

we're going to build a port scanner in the next video or in later on in the

the next video or in later on in the lesson and you'll see this in action

lesson and you'll see this in action right now I just want you to notate

right now I just want you to notate understand what we're doing and then I'm

understand what we're doing and then I'm going to demonstrate an example that you

going to demonstrate an example that you do not have to follow along with and you

do not have to follow along with and you might not be able to follow along with

might not be able to follow along with so that's okay but just know that

so that's okay but just know that sockets are used to make a connection

sockets are used to make a connection between ports and IEP addresses and

between ports and IEP addresses and you'll see that here very shortly so you

you'll see that here very shortly so you do not name this by the way socket.pi if

do not name this by the way socket.pi if for some reason you came in here and you

for some reason you came in here and you named this socket.pi this will break

named this socket.pi this will break python because we are going to

python because we are going to import socket so make sure that you come

import socket so make sure that you come in here and you rename this if you named

in here and you rename this if you named it socket.pi it's very easy to do that

it socket.pi it's very easy to do that but that will break the socket dot Pi

but that will break the socket dot Pi which is but we're importing here

which is but we're importing here so with this we're going to set a couple

so with this we're going to set a couple of variables we're going to say host is

of variables we're going to say host is equal to 127.0.0.1

and this is our loopback address or our home address if you're not familiar with

home address if you're not familiar with computer networking I do recommend that

computer networking I do recommend that you go take a class on computer

you go take a class on computer networking because it will become very

networking because it will become very important as you get into python

important as you get into python development especially if you ever work

development especially if you ever work with nodes of any sort so other thing is

with nodes of any sort so other thing is ports so we have ports on our machine

ports so we have ports on our machine that we can connect to we're going to be

that we can connect to we're going to be using TCP uh if you do not know what TCP

using TCP uh if you do not know what TCP is or what the ports are that's okay you

is or what the ports are that's okay you can still follow along but know that

can still follow along but know that there are 65 535 available ports some

there are 65 535 available ports some ports are very common in what they use

ports are very common in what they use like Port 80 for example is a web server

like Port 80 for example is a web server over HTTP you have 443 which is https 21

over HTTP you have 443 which is https 21 is FTP there's a lot of common ports and

is FTP there's a lot of common ports and protocols that are out there we're going

protocols that are out there we're going to pick a non-standard port non-common

to pick a non-standard port non-common we're just going to say 7777 so what I'm

we're just going to say 7777 so what I'm going to tell this to do is I want to

going to tell this to do is I want to tell this to reach out to this host

tell this to reach out to this host which is just going to be us for this

which is just going to be us for this example and this port I want to make a

example and this port I want to make a connection on this port now I'm going to

connection on this port now I'm going to give a variable of s

give a variable of s and this is going to be a very long

and this is going to be a very long statement so if you say socket dot

statement so if you say socket dot socket I'm going to type this out and

socket I'm going to type this out and I'm going to explain everything okay so

I'm going to explain everything okay so socket

socket dot AF init

dot AF init then we're going to say socket

then we're going to say socket dot sock stream

and then just for your notes AF init is ipv4

AF init is ipv4 sock stream

sock stream is a port

is a port so we're giving it this s because we are

so we're giving it this s because we are not wanting to type this whole long

not wanting to type this whole long thing out all the time we're just

thing out all the time we're just shortening this what we're going to do

shortening this what we're going to do is we're going out to make a connection

is we're going out to make a connection to this AFI net which is ipv4 IP address

to this AFI net which is ipv4 IP address which is what this is and we're going to

which is what this is and we're going to also make a connection on a port which

also make a connection on a port which is our sock stream we're going to give

is our sock stream we're going to give it this port so we're going to say that

it this port so we're going to say that by doing s dot connect

by doing s dot connect and we're going to come in here and this

and we're going to come in here and this is going to be a tuple so we're actually

is going to be a tuple so we're actually going to use

going to use double parentheses here oh support

double parentheses here oh support okay and we could come in here by the

okay and we could come in here by the way and we could just put in one two

way and we could just put in one two seven zero zero one instead of using a

seven zero zero one instead of using a variable but I like to use variables

variable but I like to use variables because it's best practice but you could

because it's best practice but you could hard code this in if you wanted to but

hard code this in if you wanted to but here I just like using the variables

here I just like using the variables easier to change especially if you're

easier to change especially if you're coming in here and you're writing in a

coming in here and you're writing in a bunch of host Port calls so the variable

bunch of host Port calls so the variable is easy just to have in one place as

is easy just to have in one place as opposed to hard coding this

opposed to hard coding this okay so I'm going to go ahead and save

okay so I'm going to go ahead and save this this is where I do not expect you

this this is where I do not expect you to follow along because you might not

to follow along because you might not have the architecture behind it now as I

have the architecture behind it now as I stated in the beginning of this video I

stated in the beginning of this video I am an ethical hacker by trade which

am an ethical hacker by trade which means that this version of Cali that

means that this version of Cali that I've been running on her this version of

I've been running on her this version of Linux that I've been running on is

Linux that I've been running on is actually Cali Linux

actually Cali Linux and

and in Kali Linux we have a bunch of tools

in Kali Linux we have a bunch of tools available to us for pen testing and

available to us for pen testing and ethical hacking one of those tools is a

ethical hacking one of those tools is a tool called netcat now netcat is NC and

tool called netcat now netcat is NC and basically what it does is allows us to

basically what it does is allows us to connect to open ports or establish a

connect to open ports or establish a listener on an open port so what I'm

listener on an open port so what I'm going to do is actually I'm going to

going to do is actually I'm going to open up a new tab here make this bigger

open up a new tab here make this bigger and then I'm going to run this here

and then I'm going to run this here just understand if you've never used

just understand if you've never used netcat before that's fine I'm just

netcat before that's fine I'm just opening up a listener on a port that's

opening up a listener on a port that's all just worry about the L and the P for

all just worry about the L and the P for now listen on Port 7777 anybody makes a

now listen on Port 7777 anybody makes a connection on that Port we're listening

connection on that Port we're listening so we are going to connect to ourselves

so we are going to connect to ourselves because we wrote the script out to

because we wrote the script out to 127001 which is us and all we're going

127001 which is us and all we're going to do is python3 s dot pi

to do is python3 s dot pi hit enter nothing's going to happen we

hit enter nothing's going to happen we don't have any print statements anything

don't have any print statements anything crazy

crazy but you can see that a connection was

but you can see that a connection was made from one two seven zero zero one to

made from one two seven zero zero one to one two seven zero zero one and it made

one two seven zero zero one and it made a connection on this port and we

a connection on this port and we connected on the other side on this

connected on the other side on this other Port here which don't worry about

other Port here which don't worry about that too much if you're not familiar

that too much if you're not familiar with networking that's absolutely okay

with networking that's absolutely okay but there has to be two or it's being

but there has to be two or it's being connected

connected um one on one side one on the other so

um one on one side one on the other so here we made that connection we didn't

here we made that connection we didn't tell this to do anything else we just

tell this to do anything else we just said hey go out listen for this

said hey go out listen for this connection we made a connection we

connection we made a connection we established it we did our job we used

established it we did our job we used our socket and we are good to go here we

our socket and we are good to go here we close the connection because there was

close the connection because there was nothing no instructions given or

nothing no instructions given or anything else and that's all we needed

anything else and that's all we needed so what we're going to do now is we're

so what we're going to do now is we're going to in the next video build out

going to in the next video build out what I call a terrible Port scanner and

what I call a terrible Port scanner and we'll talk about why it's terrible but

we'll talk about why it's terrible but we're going to tie everything we've

we're going to tie everything we've learned so far together and build

learned so far together and build something out that is actually usable

something out that is actually usable with python so I've been throwing all

with python so I've been throwing all these lessons and terms and everything

these lessons and terms and everything out to you now we're going to apply that

out to you now we're going to apply that you're going to see how we can use that

you're going to see how we can use that all together and I'm very excited so

all together and I'm very excited so I'll catch you over in the next lesson

I'll catch you over in the next lesson when we start building out a port

when we start building out a port scanner

scanner it is time to create our first project

it is time to create our first project and this project is going to be building

and this project is going to be building out a terrible Port scanner and so let's

out a terrible Port scanner and so let's go ahead and create a new file I'm going

go ahead and create a new file I'm going to call this scanner.pi

give it the Ampersand here if you're on Linux

Linux and then we're just going to call this

in python3 save it get the pretty colors going

going and what we are going to do is we are

and what we are going to do is we are going to create a scanner that is going

going to create a scanner that is going to be something like this we're going to

to be something like this we're going to type in python3

type in python3 scanner.pi and then we're going to say

scanner.pi and then we're going to say IP address we want to provide an IEP

IP address we want to provide an IEP address and then it's going to go out

address and then it's going to go out and do Port scanning on the IP address

and do Port scanning on the IP address so hopefully we can build that out for

so hopefully we can build that out for now let's go ahead and import a couple

now let's go ahead and import a couple of things I should say a few things

of things I should say a few things we're going to import

we're going to import CIS talked about CIS

CIS talked about CIS I'm going to import socket talked about

I'm going to import socket talked about socket and from

socket and from date time we're going to go ahead and

date time we're going to go ahead and import

import date time so none of this should be new

date time so none of this should be new to you

to you so

so first thing that we're going to need to

first thing that we're going to need to do is Define our Target so we need to

do is Define our Target so we need to set up an if statement I'm just going to

set up an if statement I'm just going to say Define our Target

say Define our Target and what I want to say is if

and what I want to say is if the length of CIS ARG V and I'll explain

the length of CIS ARG V and I'll explain this in a second is equal to 2

this in a second is equal to 2 then we're going to set a Target

then we're going to set a Target variable Target is going to be equal to

variable Target is going to be equal to socket dot get host by name

socket dot get host by name and we're going to say sys dot ARG V1

and all this is going to do is Translate hostname to ipv4 all right

hostname to ipv4 all right let me make the else statements I'm

let me make the else statements I'm going to come back I'm going to explain

going to come back I'm going to explain everything okay so if we do else

everything okay so if we do else we're going to print out

we're going to print out invalid amount of arguments

and also print out syntax

syntax Python 3 scanner

Python 3 scanner dot pi

dot pi IP address

something like that okay go ahead and close that off okay

go ahead and close that off okay so we're taking a method of length and

so we're taking a method of length and we're saying CIS dot ARG V we spoke a

we're saying CIS dot ARG V we spoke a little bit about argb in the importing

little bit about argb in the importing section

section RV is going to be the amount of

RV is going to be the amount of arguments that we are giving so when we

arguments that we are giving so when we come in here and we type in python3

come in here and we type in python3 okay our first argument argument zero in

okay our first argument argument zero in theory is going to be scanner.pi

theory is going to be scanner.pi the second argument or second index

the second argument or second index index of one is going to be the IP

index of one is going to be the IP address that we give so 192.168 1.1 or

address that we give so 192.168 1.1 or whatever it might be

whatever it might be so we need to have two arguments if we

so we need to have two arguments if we have a third argument it's going to

have a third argument it's going to break if we don't have a second argument

break if we don't have a second argument it's going to break if we just type in

it's going to break if we just type in scanner.pi it'll break if we type in an

scanner.pi it'll break if we type in an IP address

IP address like 1.1 and then we type in something

like 1.1 and then we type in something here

here it's going to break because there's too

it's going to break because there's too many arguments so if it doesn't meet

many arguments so if it doesn't meet this specific length

this specific length then what we're going to do is print out

then what we're going to do is print out invalid amount of arguments

invalid amount of arguments here's the syntax give somebody some

here's the syntax give somebody some some help here

some help here if it does meet the length then what

if it does meet the length then what we're going to do is we're going to set

we're going to do is we're going to set our Target equal to socket dot get host

our Target equal to socket dot get host by name

by name and all this is saying is we're going to

and all this is saying is we're going to get host by name of CIS arcv1 that's our

get host by name of CIS arcv1 that's our IP address now this is going to

IP address now this is going to translate a hostname to an ipv4 so in

translate a hostname to an ipv4 so in case

case for example if you did

for example if you did python3scanner dot pi and you had a host

python3scanner dot pi and you had a host name like I have a host in my house

name like I have a host in my house called Punisher like if I gave it

called Punisher like if I gave it Punisher and my DNS knew internally that

Punisher and my DNS knew internally that that translated to a specific IP address

that translated to a specific IP address in my network that's fine this will

in my network that's fine this will translate

translate okay easy enough but we could also just

okay easy enough but we could also just give it an IP address so that's what

give it an IP address so that's what we're looking for here I highly

we're looking for here I highly recommend for this example using an IP

recommend for this example using an IP address

address in previous lessons when I've taught

in previous lessons when I've taught this before somebody has tried typing in

this before somebody has tried typing in a host name and it doesn't always go as

a host name and it doesn't always go as planned though we will talk about adding

planned though we will talk about adding error exceptions for that here in a

error exceptions for that here in a little bit so right now all we need to

little bit so right now all we need to know is we're trying to set this up with

know is we're trying to set this up with these arguments now this is not the best

these arguments now this is not the best logic this is something that will work

logic this is something that will work for our needs because we are building

for our needs because we are building this out but if we're building it out

this out but if we're building it out for somebody else this logic's not great

for somebody else this logic's not great and this is why I call this a crappy

and this is why I call this a crappy Port scanner is because it's not the

Port scanner is because it's not the best we're only doing it for proof of

best we're only doing it for proof of concept and to learn what we've learned

concept and to learn what we've learned so far but think about this in another

so far but think about this in another way think about if we're running two

way think about if we're running two arguments well I could give this an

arguments well I could give this an argument what if I if I come here and I

argument what if I if I come here and I say python3scanner dot pi and I give it

say python3scanner dot pi and I give it the second argument

the second argument but I give it like

but I give it like 192.1 or something like that well that's

192.1 or something like that well that's not a host name it's not going to

not a host name it's not going to translate to anything that's also not

translate to anything that's also not really an IP address so we should really

really an IP address so we should really add some other statements in here to say

add some other statements in here to say hey it needs to be a valid IP address it

hey it needs to be a valid IP address it needs to be like have four octets like

needs to be like have four octets like we expect and if we really wanted to get

we expect and if we really wanted to get critical about this we can make sure

critical about this we can make sure that it is a valid IP address because I

that it is a valid IP address because I P addresses can serve like 256. whatever

P addresses can serve like 256. whatever so we could say it must be between like

so we could say it must be between like you know each octet must be between 1

you know each octet must be between 1 and 254 and get really refined with that

and 254 and get really refined with that and say hey that's not a valid IP

and say hey that's not a valid IP address thus we're not going to scan

address thus we're not going to scan this but we don't have to worry about

this but we don't have to worry about that right now I'm just saying the logic

that right now I'm just saying the logic behind it we need to start thinking

behind it we need to start thinking about well how can a user break this we

about well how can a user break this we know how to run it but if we gave this

know how to run it but if we gave this to somebody else how would they run it

to somebody else how would they run it and how could they break it or how could

and how could they break it or how could they typo some something so these are

they typo some something so these are things to think about as we go

things to think about as we go so for now we've added this in we've got

so for now we've added this in we've got this in here we could test this if we

this in here we could test this if we just save it we come in here and we just

just save it we come in here and we just say Python 3 scanner dot Pi we don't

say Python 3 scanner dot Pi we don't give in any arguments you'll see that it

give in any arguments you'll see that it says invalid amount of arguments

says invalid amount of arguments python3scanner.pi is the syntax perfect

python3scanner.pi is the syntax perfect don't give it an argument right now

don't give it an argument right now because it's going to break if you don't

because it's going to break if you don't have DNS translating properly so

have DNS translating properly so from here let's go ahead and add a

from here let's go ahead and add a pretty Banner so just add a pretty

pretty Banner so just add a pretty Banner

Banner and all I'm going to do is do a print

and all I'm going to do is do a print command

command and I'm going to just do a bunch of

and I'm going to just do a bunch of dashes this is not really going to be

dashes this is not really going to be that pretty of a banner but it's still

that pretty of a banner but it's still going to be a banner and so when this

going to be a banner and so when this kicks off if if we've got a valid IP

kicks off if if we've got a valid IP that we're going to be scanning

that we're going to be scanning we're just going to do scanning Target

we're just going to do scanning Target and then we'll just do a space and you

and then we'll just do a space and you could just do a concatenation here of

could just do a concatenation here of plus Target you could do F string if you

plus Target you could do F string if you want completely up to you on how you

want completely up to you on how you want to do this so we just do scanning

want to do this so we just do scanning Target plus Target this will say what

Target plus Target this will say what the IP address is we can do like

the IP address is we can do like scanning Target

scanning Target of that something along those lines and

of that something along those lines and then we could say print

then we could say print time started

time started and then we can give this something like

and then we can give this something like a string

a string so we want to give plus a string of

so we want to give plus a string of date time dot now remember we can't

date time dot now remember we can't concatenate numbers and strings

concatenate numbers and strings so we're going to go ahead and do this

so we're going to go ahead and do this and then we'll just print out

and then we'll just print out this one more time

okay I'm going to save this let's go ahead and try running this with

let's go ahead and try running this with like

like I don't know 192 168 1.1

I don't know 192 168 1.1 okay

okay so this is what we get

so this is what we get we can see that we have scanning Target

we can see that we have scanning Target okay scan Target 192.168 1.1 here's the

okay scan Target 192.168 1.1 here's the time that it started perfect we've got a

time that it started perfect we've got a pretty Banner set up

pretty Banner set up so now let's actually start making it do

so now let's actually start making it do something

something so we're going to use what is called the

so we're going to use what is called the try command we're going to try something

try command we're going to try something and if it works perfect if it doesn't

and if it works perfect if it doesn't we're going to have exceptions for that

we're going to have exceptions for that so here's what we're going to do we're

so here's what we're going to do we're going to say try

going to say try or we're going to do a for Loop

or we're going to do a for Loop port in range remember we talked about a

port in range remember we talked about a range earlier we talked about well what

range earlier we talked about well what about a 4ip in range of 1 through 254.

about a 4ip in range of 1 through 254. we're doing the same concept here now

we're doing the same concept here now we're just giving it a range now there

we're just giving it a range now there are 65 535 potential ports

are 65 535 potential ports I'm not going to force you to scan all

I'm not going to force you to scan all those if you want to you can come in

those if you want to you can come in here and say 65 535 this is not threaded

here and say 65 535 this is not threaded we are not doing any sort of

we are not doing any sort of speed runs here this is could

speed runs here this is could potentially be a slow Port scanner so it

potentially be a slow Port scanner so it is best in my opinion to do like a port

is best in my opinion to do like a port scan between 50 and 85.

scan between 50 and 85. and the reason I do this is because

and the reason I do this is because we're going to scan or attempt to scan

we're going to scan or attempt to scan our home router and usually DNS is open

our home router and usually DNS is open on that and usually Port 80s open on

on that and usually Port 80s open on that so I'm trying to look and see if we

that so I'm trying to look and see if we can find a couple ports that might be

can find a couple ports that might be open

open so for port in this range what we're

so for port in this range what we're going to do is we're going to set our s

going to do is we're going to set our s equal to that lovely socket dot socket

equal to that lovely socket dot socket socket dot AF inet

socket dot AF inet and socket dot sock underscore stream

and socket dot sock underscore stream just like that

just like that and then we're also going to come in

and then we're also going to come in here and we're going to do a socket

here and we're going to do a socket dot set default

dot set default timeout to one

timeout to one so if it responds back or doesn't

so if it responds back or doesn't respond back within a second we're just

respond back within a second we're just going to move on we don't want to stick

going to move on we don't want to stick to scanning a port waiting waiting

to scanning a port waiting waiting waiting for not to respond back to us

waiting for not to respond back to us and then the script takes long and

and then the script takes long and longer and longer so we just want to

longer and longer so we just want to make sure that we set our default

make sure that we set our default timeout to one there and then what we're

timeout to one there and then what we're going to do is we're going to go ahead

going to do is we're going to go ahead and

and set a variable result

set a variable result and result is going to equal to

and result is going to equal to s dot connect

s dot connect underscore ex and I'll explain all this

underscore ex and I'll explain all this in a second

in a second Target import

Target import all right

all right so what this is doing here actually let

so what this is doing here actually let me type out the rest and then we'll go

me type out the rest and then we'll go back we're going to say if result is

back we're going to say if result is equal to zero

equal to zero we're going to print out

we're going to print out port

port we can do

is open so now we can come in here we can do a format Port if we want to you

can do a format Port if we want to you could use an F string here if you want

could use an F string here if you want to so we can just use an F string

to so we can just use an F string I'm just showing you examples but you

I'm just showing you examples but you can say port and just do an F in front

can say port and just do an F in front of this

okay Port whatever is open and then we're going to close the connection

all right let's read through this make sure we understand what's going on

sure we understand what's going on so we're gonna do a for Loop for a port

so we're gonna do a for Loop for a port in the range of 50 to 85 so we're going

in the range of 50 to 85 so we're going to start with 50 and 51 then 52 go

to start with 50 and 51 then 52 go through that process we are setting a

through that process we are setting a variable

variable of s equal to this because we're going

of s equal to this because we're going to gather the ipv4 address and we're

to gather the ipv4 address and we're going to gather the port that we're

going to gather the port that we're trying to connect to

trying to connect to now our ipv4 address here's our Tuple

now our ipv4 address here's our Tuple right here we are saying I want to

right here we are saying I want to connect on Target and Port Target is

connect on Target and Port Target is going to be supplied by us we're going

going to be supplied by us we're going to use rb1

to use rb1 so we're going to supply the IP address

so we're going to supply the IP address and the port is going to be this range

and the port is going to be this range here

here so for port in range we're declaring

so for port in range we're declaring Port here now this s.connect underscore

Port here now this s.connect underscore EX

EX this is an error indicator

this is an error indicator so if a port is open the error result

so if a port is open the error result returns zero

returns zero if a port is closed it returns a one so

if a port is closed it returns a one so if the result is a zero we're going to

if the result is a zero we're going to say hey this port was open

say hey this port was open if it's not it's going to close out and

if it's not it's going to close out and we're going to close this then we're

we're going to close this then we're going to go back to the loop and come

going to go back to the loop and come through and try it again so we're going

through and try it again so we're going to close out our socket connection on

to close out our socket connection on that Port come back try 51 52

that Port come back try 51 52 etc etc

etc etc now before we run this there are some

now before we run this there are some exceptions that we need to consider

exceptions that we need to consider so the first one we're going to try this

so the first one we're going to try this but we need exceptions so accept

but we need exceptions so accept what if we have a keyboard interrupt so

what if we have a keyboard interrupt so we'll say keyboard interrupt

we'll say keyboard interrupt and

and that just means what if we hit Ctrl C

that just means what if we hit Ctrl C while this is running we can stop this

while this is running we can stop this on our own so we're providing an

on our own so we're providing an exception of a keyboard interrupt and

exception of a keyboard interrupt and we're going to say exiting program on a

we're going to say exiting program on a new line

and then we're going to assist exit remember I talked about sysexit and

remember I talked about sysexit and we're going to allow us to exit

we're going to allow us to exit gracefully

gracefully we can also do an exception of a socket

we can also do an exception of a socket dot gai error

dot gai error now this

now this is what happens when the hostname does

is what happens when the hostname does not resolve so what if we say hostname

not resolve so what if we say hostname could not be resolved

could not be resolved so if we typed in a bunch of

so if we typed in a bunch of Mumble jumbo up here we say like Python

Mumble jumbo up here we say like Python 3

3 scanner dot pi

scanner dot pi and we just typed in something and that

and we just typed in something and that doesn't resolve to an IP address well

doesn't resolve to an IP address well guess what this is going to throw an

guess what this is going to throw an error now

error now and we can exit

we got to cover all of our bases lastly what if we have a socket dot

lastly what if we have a socket dot error so we have an error when we're

error so we have an error when we're doing this and we print out

doing this and we print out hey we could not connect to the server

hey we could not connect to the server just it's just not online what if we try

just it's just not online what if we try to connect to an IP address and it

to connect to an IP address and it doesn't talk back to us

doesn't talk back to us but not connect to the server

but not connect to the server so something to think about there again

so something to think about there again we'll assist dot exit

we'll assist dot exit so let's go ahead and save this

so let's go ahead and save this now you're going to need to run this

now you're going to need to run this against something so I'm going to show

against something so I'm going to show you an example of mine okay so in order

you an example of mine okay so in order to run this we need an IP address now if

to run this we need an IP address now if I type in ifconfig I'm actually on a

I type in ifconfig I'm actually on a virtual machine right now so

virtual machine right now so 192.168.138.140 is not my true IP

192.168.138.140 is not my true IP address

address I'm actually going to bring up my

I'm actually going to bring up my Windows machine that I'm on

Windows machine that I'm on and you can see here that I have a

and you can see here that I have a default gateway of

default gateway of 192.168.4.1 so make sure you know your

192.168.4.1 so make sure you know your gateway or what your router's IP address

gateway or what your router's IP address or that you have a machine that you can

or that you have a machine that you can scan that you know might have a port of

scan that you know might have a port of 53 or 80 open or you need to modify your

53 or 80 open or you need to modify your script to make sure that you can scan

script to make sure that you can scan for something but I'm going to go ahead

for something but I'm going to go ahead and scan my 4.1 because it should have

and scan my 4.1 because it should have some stuff open so if I do a Python 3

some stuff open so if I do a Python 3 scanner.pi I'm going to come in here and

scanner.pi I'm going to come in here and just do a 4.1

just do a 4.1 and I hit enter this could take some

and I hit enter this could take some time so what I'm going to do is I'm

time so what I'm going to do is I'm going to let this sit here actually it's

going to let this sit here actually it's already it's zooming through uh you can

already it's zooming through uh you can see it found Port 53 pretty quick

see it found Port 53 pretty quick um and then this might take time to find

um and then this might take time to find Port 80 if Port 80 is open but basically

Port 80 if Port 80 is open but basically what it's going to go through is go

what it's going to go through is go through 450 51 52 53 all the way through

through 450 51 52 53 all the way through the process and has that one second

the process and has that one second timeout as it goes through and checks

timeout as it goes through and checks each and every one of these ports so it

each and every one of these ports so it should take maybe up to a minute for

should take maybe up to a minute for this to work so I'm going to go ahead

this to work so I'm going to go ahead and pause right here looks like we're

and pause right here looks like we're almost done actually or 80 came back as

almost done actually or 80 came back as open too no need to pause it finished

open too no need to pause it finished while I was yapping so you can see I

while I was yapping so you can see I came back and said 453 is open port 80

came back and said 453 is open port 80 is open so our script worked

is open so our script worked it took forever to scan these ports but

it took forever to scan these ports but it is working so we were able to build

it is working so we were able to build out let's go back and look at this this

out let's go back and look at this this is awesome we were able to build out a

is awesome we were able to build out a port scanner that came in here and

port scanner that came in here and within two hours you now have the

within two hours you now have the knowledge to build out a basic Port

knowledge to build out a basic Port scanner you didn't think you would be

scanner you didn't think you would be able to do that well here you are look

able to do that well here you are look at you

at you you're awesome okay so we were able to

you're awesome okay so we were able to give it an argument

give it an argument we set our if conditional statement make

we set our if conditional statement make sure the length of the argument was two

sure the length of the argument was two valid otherwise we have an else here we

valid otherwise we have an else here we made a little pretty Banner we imported

made a little pretty Banner we imported some stuff got that all working we did a

some stuff got that all working we did a try statement which really was just a

try statement which really was just a for Loop in here and we had some logic

for Loop in here and we had some logic based on conditions that would happen

based on conditions that would happen within this for Loop we had a for Loop

within this for Loop we had a for Loop and an if statement together we used a F

and an if statement together we used a F string to print this out pretty cool

string to print this out pretty cool came through we had some exceptions as

came through we had some exceptions as well for example like the keyboard

well for example like the keyboard interrupt just as to show you if I come

interrupt just as to show you if I come and run this again if I wanted to stop

and run this again if I wanted to stop this scan in the middle of it I could

this scan in the middle of it I could just hit Ctrl C and it'll say hey

just hit Ctrl C and it'll say hey exiting program and that's exactly what

exiting program and that's exactly what we told it to do we could say in here it

we told it to do we could say in here it says exiting program so that's the

says exiting program so that's the keyboard interrupt same thing we had

keyboard interrupt same thing we had exceptions for not being able to connect

exceptions for not being able to connect or we had the hostname could not resolve

or we had the hostname could not resolve we would also have those sorts of things

we would also have those sorts of things as well so you could test out those

as well so you could test out those errors see if they work for you but

errors see if they work for you but other than that we built a scanner so

other than that we built a scanner so this is Project number one we're gonna

this is Project number one we're gonna go ahead and move on to learning a

go ahead and move on to learning a little bit more Python and then we'll go

little bit more Python and then we'll go ahead and get into some more Project

ahead and get into some more Project work so I'll see you over in the next

work so I'll see you over in the next video

video now we're going to take a look at

now we're going to take a look at accepting user input in our program and

accepting user input in our program and then how we can manipulate data with

then how we can manipulate data with that input

that input so let's go ahead and make a new file

so let's go ahead and make a new file I'm going to just say mouse pad and

I'm going to just say mouse pad and we'll call this input dot pi

we'll call this input dot pi and I'm going to bring this over we'll

and I'm going to bring this over we'll give this the shebang

give this the shebang then python3 here

then python3 here save it get the pretty colors

save it get the pretty colors and in order to take input in Python all

and in order to take input in Python all we actually need to do is just use input

we actually need to do is just use input something like this so we could say like

something like this so we could say like enter your name for input like this and

enter your name for input like this and put a space and we'll need to put this

put a space and we'll need to put this into a variable so if we come into the

into a variable so if we come into the front of this and we just say name is

front of this and we just say name is equal to

equal to we could do something like that and then

we could do something like that and then we can just print out like

we can just print out like hello

hello and give a space

and give a space do name

do name and then

and then we'll add an exclamation at the end or a

we'll add an exclamation at the end or a period at the end doesn't really matter

period at the end doesn't really matter and then we can just come in here and

and then we can just come in here and save that

save that and if we run this

close this out I forgot to add an ampersands we'll do that real quick and

ampersands we'll do that real quick and if we run this now we just say python3

if we run this now we just say python3 and we say input

and we say input dot Pi let's say enter your name I'll

dot Pi let's say enter your name I'll just say Heath

just say Heath and you can see it says hello Heath

and you can see it says hello Heath we can add upon this we can say like

we can add upon this we can say like what's your favorite drink so if we just

what's your favorite drink so if we just make a variable and we call it drink and

make a variable and we call it drink and we do input and say what's your favorite

we do input and say what's your favorite drink

drink and do a question mark something like

and do a question mark something like that

that we can come in here and then just add

we can come in here and then just add upon this if we want we can just say

upon this if we want we can just say have a space

have a space plus drink

plus drink less period

less period all right and it should say welcome

all right and it should say welcome Heath have a and then whatever drink we

Heath have a and then whatever drink we put in here so if we save this come back

put in here so if we save this come back and run it

and run it okay I'm gonna put Heath as my name and

okay I'm gonna put Heath as my name and then

then White Russian is my favorite drink

White Russian is my favorite drink and it says hello Heath have a White

and it says hello Heath have a White Russian so we can easily accept input

Russian so we can easily accept input like this

like this so let's think about if we wanted to

so let's think about if we wanted to build out a calculator I'm going to go

build out a calculator I'm going to go ahead and delete this what if we wanted

ahead and delete this what if we wanted to take input and make a mini calculator

to take input and make a mini calculator we could definitely do that

we could definitely do that so what if we had two numbers and we've

so what if we had two numbers and we've been taking X and Y so if we said X is

been taking X and Y so if we said X is equal to input

equal to input and we'll just say

and we'll just say give me a number

give me a number and then we'll do something like that

and then we'll do something like that and then we can also do y and also make

and then we can also do y and also make that input

that input give me yet another number

give me yet another number you put whatever you want here by the

you put whatever you want here by the way

way and if we do something like print

and if we do something like print X Plus y

X Plus y and we do that let's save it and let's

and we do that let's save it and let's see what happens here so I'm going to

see what happens here so I'm going to print this out

print this out we'll give a number we'll do three and

we'll give a number we'll do three and then we'll do two

then we'll do two and it gave us 32. why is it doing that

and it gave us 32. why is it doing that well what it's doing is it is taking

well what it's doing is it is taking these and giving this to us as a string

these and giving this to us as a string so we need to either do an integer here

so we need to either do an integer here and put this in an INT or we need to

and put this in an INT or we need to take this as a float so if we think

take this as a float so if we think about this from the past if we want to

about this from the past if we want to only take integers we can but if

only take integers we can but if somebody were to put in like 8.7 or some

somebody were to put in like 8.7 or some number here and they gave that to us

number here and they gave that to us well we would only take the eight and we

well we would only take the eight and we would leave off the 0.7 so I think if

would leave off the 0.7 so I think if we're building out a calculator it's

we're building out a calculator it's better to use floats so we can just come

better to use floats so we can just come in here and say float and we'll put this

in here and say float and we'll put this all in parentheses and then we'll do the

all in parentheses and then we'll do the same thing right here

so now when we come in here and we'd save this and run this again what should

save this and run this again what should happen is this should work properly so

happen is this should work properly so if we did like three

if we did like three and then 3.2

and then 3.2 you'll see that we get 6.2 which is

you'll see that we get 6.2 which is proper that's awesome

proper that's awesome well what if we wanted to build this out

well what if we wanted to build this out further

further we could make this into a situational

we could make this into a situational thing what if we not only wanted to do

thing what if we not only wanted to do an addition but what if we wanted to

an addition but what if we wanted to allow the user to say I want to add or

allow the user to say I want to add or subtract or divide or multiply or maybe

subtract or divide or multiply or maybe use an exponent we could do that so what

use an exponent we could do that so what if we added another variable and we just

if we added another variable and we just called this o for operator and we just

called this o for operator and we just took that input and we just said

took that input and we just said something along the lines of input

something along the lines of input give me an operator

give me an operator right and maybe we put this in the

right and maybe we put this in the middle here so that way we're not just

middle here so that way we're not just getting two numbers maybe we want to

getting two numbers maybe we want to take that and we want to say something

take that and we want to say something like this so that way you'll say give me

like this so that way you'll say give me your number give me an operator and then

your number give me an operator and then give me another number and we'll print

give me another number and we'll print that out so

that out so now let's think about how we want this

now let's think about how we want this to flow if we want this to work with a

to flow if we want this to work with a addition like we already have we might

addition like we already have we might want to come in here and just say

want to come in here and just say something like if o

something like if o or operator is equal to a plus sign

or operator is equal to a plus sign well then

well then we'll come in and just print out X Plus

we'll come in and just print out X Plus y

y remember the indentation is important

remember the indentation is important here

here else if or L if

else if or L if o is equal to a minus

o is equal to a minus guess what we're going to print x minus

guess what we're going to print x minus y

y and we can continue on here

and we can continue on here else if o is equal to

division we'll divide and then we'll multiply as well so x

and then we'll multiply as well so x divided by y

divided by y else if o is equal to

else if o is equal to multiply here

multiply here we'll go ahead and multiply that

we'll go ahead and multiply that let's throw in an exponent for good

let's throw in an exponent for good measure

measure so let's do L if o is equal to an

so let's do L if o is equal to an exponent so that's two

exponent so that's two asterisk there and then we'll just print

asterisk there and then we'll just print out

out X

X times y so we've got a mini little

times y so we've got a mini little calculator here and we need to end this

calculator here and we need to end this with

with an else statement so what if we take

an else statement so what if we take input that doesn't belong here if it

input that doesn't belong here if it doesn't match one of these operators

doesn't match one of these operators then we can just print something like

then we can just print something like unknown operator

unknown operator all right and period there save that and

all right and period there save that and this should work so let's go ahead and

this should work so let's go ahead and give this a try what if we come in here

give this a try what if we come in here we just say

we just say give me a number we'll do three and

give me a number we'll do three and let's say we want to multiply and we'll

let's say we want to multiply and we'll do by three

do by three and we get a 9 we can do it again we can

and we get a 9 we can do it again we can try something like

try something like we'll do uh four and this time we'll do

we'll do uh four and this time we'll do an exponent we'll do four

an exponent we'll do four so four to the fourth power is 256. so

so four to the fourth power is 256. so we have just quite easily built out a

we have just quite easily built out a little calculator that we take input

little calculator that we take input from a user and then utilize that to

from a user and then utilize that to calculate that expression given what is

calculate that expression given what is given to us by the user now let's think

given to us by the user now let's think of something else here just as an aside

of something else here just as an aside what if something is written differently

what if something is written differently like when I think of math with python

like when I think of math with python yes we think of two asterisks as an

yes we think of two asterisks as an exponent but what if we had a situation

exponent but what if we had a situation where we wanted to maybe use the up

where we wanted to maybe use the up Arrow or the carrot symbol which is how

Arrow or the carrot symbol which is how I've commonly seen it used online for

I've commonly seen it used online for Math and exponents well we could do

Math and exponents well we could do something like or

something like or o is equal to

o is equal to the up

the up Arrow like that and what if we save that

Arrow like that and what if we save that and ran this now

and ran this now and if we gave a 4 to the up Arrow of 4

and if we gave a 4 to the up Arrow of 4 guess what we still get 256 so we can

guess what we still get 256 so we can use our statement like that here our and

use our statement like that here our and or or other operators that we have

or or other operators that we have learned along the way so start thinking

learned along the way so start thinking about it like that as we start to piece

about it like that as we start to piece these things together we're starting to

these things together we're starting to build out little projects and we can use

build out little projects and we can use some of the logic that we have already

some of the logic that we have already learned throughout this course so that's

learned throughout this course so that's it for this lesson we're going to go

it for this lesson we're going to go ahead and move on to the next one

ahead and move on to the next one okay now we're going to talk about

okay now we're going to talk about reading and writing files using python

reading and writing files using python so let's go ahead and make a new file

so let's go ahead and make a new file I'm just going to mouse pad and we're

I'm just going to mouse pad and we're going to call this file months Dot txt

going to call this file months Dot txt and in here let's go ahead and just type

and in here let's go ahead and just type out the month so we'll do January

out the month so we'll do January February March

February March April if I could type May June July

April if I could type May June July August September October November

August September October November and December

and December if you need to take a break and catch up

if you need to take a break and catch up go ahead and do that

go ahead and do that save this and once you have it saved go

save this and once you have it saved go ahead and close the file out

ahead and close the file out so let's go ahead and create a new

so let's go ahead and create a new python file so call this mouse pad and I

python file so call this mouse pad and I think we'll just call this read write

think we'll just call this read write dot pi

dot pi it'll do an ampersand here

it'll do an ampersand here and for this what we're going to do is

and for this what we're going to do is we're going to go ahead and look at how

we're going to go ahead and look at how we can read and write files so the way

we can read and write files so the way that we do that is with the open command

that we do that is with the open command so we'll say something like open and

so we'll say something like open and with open and actually let's add the

with open and actually let's add the shebang up here really quick in python3

shebang up here really quick in python3 save it and with the open command we can

save it and with the open command we can say something like open

say something like open months.txt

and I need to add this here so if we open months.txt what we need to

so if we open months.txt what we need to do with this or what we typically do

do with this or what we typically do with this is we store this within a

with this is we store this within a variable so we might just call this

variable so we might just call this months equals open months.txt and if we

months equals open months.txt and if we want to read that file we can come in

want to read that file we can come in here and just print out months and

here and just print out months and you'll see what this does here in a

you'll see what this does here in a second now best practice says to also

second now best practice says to also close this out anytime we open this so

close this out anytime we open this so I'm going to go ahead and just add some

I'm going to go ahead and just add some lines in here because we're going to add

lines in here because we're going to add some more stuff to this but we can just

some more stuff to this but we can just do months Dot close

do months Dot close and we'll save this let's go ahead and

and we'll save this let's go ahead and run and see what happens here so if we

run and see what happens here so if we do Python 3

do Python 3 read write.pi

read write.pi you'll see we get this information back

you'll see we get this information back let me move this so it's readable and

let me move this so it's readable and what this tells us is hey this is the

what this tells us is hey this is the name of the file

name of the file we're in a certain mode in this mode

we're in a certain mode in this mode currently is read mode and we get the

currently is read mode and we get the default encoding here of utf-8

default encoding here of utf-8 so we're getting information back we're

so we're getting information back we're not actually reading the file that we

not actually reading the file that we wrote so

wrote so um some of the information that we can

um some of the information that we can get by the way we can come in here and

get by the way we can come in here and we can say it to ourselves well

we can say it to ourselves well is this file readable so we have mode

is this file readable so we have mode equals R and this is one way to check it

equals R and this is one way to check it there's a couple ways that we can check

there's a couple ways that we can check it as well we can print out

it as well we can print out month dot mode and that will tell us

month dot mode and that will tell us what mode we're in we can also print out

what mode we're in we can also print out months.readable and that should give us

months.readable and that should give us a Boolean statement whether that is true

a Boolean statement whether that is true or false so if we come in here and we

or false so if we come in here and we save this

save this and we do this again

and we do this again you'll see that we get months we print

you'll see that we get months we print that out we get the whole shebang here

that out we get the whole shebang here and we get the uh mode is equal to R

and we get the uh mode is equal to R which is readable you can see if we

which is readable you can see if we print out the mode we can also see it's

print out the mode we can also see it's readable or if we do months readable we

readable or if we do months readable we can see that it is readable so we have

can see that it is readable so we have the ability here to actually print this

the ability here to actually print this out and read this file

out and read this file so how do we do that well let's go ahead

so how do we do that well let's go ahead and delete these two lines

and we can just come in here and do month dot read

month dot read if we do that what happens here let's

if we do that what happens here let's save it print this out

save it print this out and you can see that it reads through

and you can see that it reads through every single iteration January all the

every single iteration January all the way through December perfect so we just

way through December perfect so we just read a file and we closed out

read a file and we closed out working as intended if we wanted to read

working as intended if we wanted to read this line by line we could we can do

this line by line we could we can do months.readline like this and if we save

months.readline like this and if we save that in print

that in print we will read literally one line if we

we will read literally one line if we wanted to read a second line we could

wanted to read a second line we could copy this and we could paste this and

copy this and we could paste this and save it and come in here and guess what

save it and come in here and guess what we'll get January and February this time

we'll get January and February this time so if we want to read this we have to

so if we want to read this we have to read line by line now if we wanted to

read line by line now if we wanted to read all the lines at once we could do

read all the lines at once we could do that

that in a different way we could do that with

in a different way we could do that with read lines

read lines and this will print out an empty array

and this will print out an empty array or a list here actually and what you'll

or a list here actually and what you'll see is we get January a new line

see is we get January a new line February new line March Etc so we put

February new line March Etc so we put this into a list and now if we try to

this into a list and now if we try to actually run this again let's actually

actually run this again let's actually tab over we tried to run this twice look

tab over we tried to run this twice look what happens

what happens I'm going to print this and save this

so we have the first list here and then we have a second list here the second

we have a second list here the second list is empty

list is empty well that's because we've actually

well that's because we've actually already read this so we read through it

already read this so we read through it here first and then it's empty the next

here first and then it's empty the next time we try to read it so if we wanted

time we try to read it so if we wanted to read it again what we need to do is

to read it again what we need to do is actually use what is called the seek

actually use what is called the seek method we can come in here and say

method we can come in here and say months.seek

months.seek do zero like that to go back to the very

do zero like that to go back to the very first line

first line and print out again

and print out again and now you can see we actually printed

and now you can see we actually printed this out twice so that works out well

this out twice so that works out well we also have the ability to put this

we also have the ability to put this into a for Loop to read through every

into a for Loop to read through every iteration of the line so if we wanted to

iteration of the line so if we wanted to do something like

do something like four month in months we could just print

four month in months we could just print out month

out month all right and that should iterate

all right and that should iterate through everything in here so save that

through everything in here so save that print this

print this and you can see that it indeed does

and you can see that it indeed does print through everything

print through everything we can also add the dot strip at the end

we can also add the dot strip at the end of this

save that print and you can see that we strip out

print and you can see that we strip out any of the new lines that are in there

any of the new lines that are in there so you saw we got some spacing in here

so you saw we got some spacing in here it's a little funky so if we came

it's a little funky so if we came through and we just added the dot strip

through and we just added the dot strip that makes our for Loop a little bit

that makes our for Loop a little bit better so again remember what we're

better so again remember what we're defining here is whatever we want we can

defining here is whatever we want we can call this for X in months make this an X

call this for X in months make this an X and it's the same thing but logically

and it's the same thing but logically it's just easy to call this month in

it's just easy to call this month in month and then we can just print those

month and then we can just print those out so we can iterate through this so so

out so we can iterate through this so so far up until this point all we've done

far up until this point all we've done is been able to read a file what if we

is been able to read a file what if we want to write to a file or append to a

want to write to a file or append to a file well we can do that as well so if

file well we can do that as well so if we wanted to

we wanted to for instance open a file let's open a

for instance open a file let's open a new file let's do something we haven't

new file let's do something we haven't created yet let's do days of the week so

created yet let's do days of the week so let's do open days and if we try to do

let's do open days and if we try to do this let's change months to days

this let's change months to days and we're going to change days to close

and we're going to change days to close and we're just going to leave this open

and we're just going to leave this open right here so we have our best practice

right here so we have our best practice now if we try to run this with an open

now if we try to run this with an open days.txt uh we're not going to be able

days.txt uh we're not going to be able to do that because currently we're just

to do that because currently we're just in read mode so we want to be able to

in read mode so we want to be able to turn over and put ourselves into write

turn over and put ourselves into write mode in order to do that we can just do

mode in order to do that we can just do a w if we wanted to check that out we

a w if we wanted to check that out we could just do print days.mode like we

could just do print days.mode like we saw before make sure we are actually

saw before make sure we are actually operating in right mode so if we save

operating in right mode so if we save this

this you'll see that we are in right mode so

you'll see that we are in right mode so we're good to go you could also just

we're good to go you could also just again delete this save

again delete this save and print out days apologies you print

and print out days apologies you print out days save that you'll be able to see

out days save that you'll be able to see that we are also in write mode so both

that we are also in write mode so both of these work

of these work now let's write to a file so we've got

now let's write to a file so we've got days let's go ahead and

days let's go ahead and write to that so we can do something

write to that so we can do something like

like days oops days dot right

days oops days dot right and let's say we wanted to put Monday

and let's say we wanted to put Monday into days save that

into days save that close it

close it and if we go ahead and execute that

and if we go ahead and execute that nothing happens but if we go ahead and

nothing happens but if we go ahead and cat out days.txt

cat out days.txt you'll see that Monday has been put into

you'll see that Monday has been put into days.txt perfect so now what if we

days.txt perfect so now what if we wanted to continue on with this let's

wanted to continue on with this let's put Tuesday in there and we're going to

put Tuesday in there and we're going to need a new line so let's go ahead and do

need a new line so let's go ahead and do a new line with that and we'll do

a new line with that and we'll do Tuesday and hopefully when we write this

Tuesday and hopefully when we write this out we'll see Monday and Tuesday so

out we'll see Monday and Tuesday so let's save that

let's save that print this

print this sorry let's run the script and then

sorry let's run the script and then print this

print this and you'll see we have the new line in

and you'll see we have the new line in there and we have Tuesday but we

there and we have Tuesday but we actually overwrote it we don't we don't

actually overwrote it we don't we don't have Monday anymore

have Monday anymore so what's happening here is we're

so what's happening here is we're actually writing to a file which is

actually writing to a file which is overwriting the file we're not appending

overwriting the file we're not appending to the file so if we wanted to append to

to the file so if we wanted to append to the file what we need to do is change

the file what we need to do is change this W to an a

this W to an a and we can come in here and we can write

and we can come in here and we can write in Wednesday if we wanted to

in Wednesday if we wanted to save this

save this and now let's run this and run that and

and now let's run this and run that and now you can see we have Tuesday and

now you can see we have Tuesday and Wednesday so understand the difference

Wednesday so understand the difference between R being read

between R being read W being right which overwrites and a

W being right which overwrites and a being append which allows us to append a

being append which allows us to append a file instead of overwriting a file

file instead of overwriting a file so that is it for this lesson I'll go

so that is it for this lesson I'll go ahead and see you over in the next one

ahead and see you over in the next one all right let's talk about classes and

all right let's talk about classes and objects

objects so python is what is known as an object

so python is what is known as an object oriented programming language so pretty

oriented programming language so pretty much everything in Python is an object

much everything in Python is an object and we can use what is called a class to

and we can use what is called a class to be what is like an object Constructor

be what is like an object Constructor and we can use that to help create

and we can use that to help create objects and this is a little bit easier

objects and this is a little bit easier to explain once we actually demonstrate

to explain once we actually demonstrate this so we're going to create a couple

this so we're going to create a couple of files in this lesson and the first

of files in this lesson and the first thing that we're going to do is we're

thing that we're going to do is we're going to do a mouse pad and I am going

going to do a mouse pad and I am going to create a file called

to create a file called employees dot pi

and in this we're going to go ahead and declare class

declare class I'm going to save this here so let's do

I'm going to save this here so let's do class employees save it

class employees save it and we're going to go ahead and hit

and we're going to go ahead and hit enter and just tab over

enter and just tab over and we're going to do this

and we're going to do this Define and two underscores

Define and two underscores i n i t or init two underscores again

i n i t or init two underscores again and we're gonna put some parameters

and we're gonna put some parameters inside of this function and we'll talk

inside of this function and we'll talk about what the init function is here in

about what the init function is here in a second let's go ahead and let's think

a second let's go ahead and let's think about having employees so the first

about having employees so the first parameter we're going to Define is

parameter we're going to Define is called self

called self and then for our employees we might want

and then for our employees we might want to know the employee's name

to know the employee's name we might want to know what department

we might want to know what department they work in

they work in we might want to know their role in that

we might want to know their role in that department

department their salary

their salary and maybe the years that they've been

and maybe the years that they've been employed so we'll do years underscore

employed so we'll do years underscore employed

employed and just like a function We'll add the

and just like a function We'll add the colon here at the end

colon here at the end and we're going to go ahead and tab and

and we're going to go ahead and tab and then we're going to Define all of this

then we're going to Define all of this so let's go ahead and say self

so let's go ahead and say self dot name is equal to name so we're

dot name is equal to name so we're creating methods here which you'll see

creating methods here which you'll see us use in just a bit we're going to do

us use in just a bit we're going to do self.department

self.department equals Department

equals Department and you should get the gist at this

and you should get the gist at this point self.roll is equal to roll

point self.roll is equal to roll self. salary is equal to salary

self. salary is equal to salary self

self dot years employed is equal to years

dot years employed is equal to years employed

okay so let's save that so all classes have a function called the init function

have a function called the init function and this is always executed when the

and this is always executed when the class is being initiated

class is being initiated so we're going to use this init function

so we're going to use this init function to assign values to object properties

to assign values to object properties so what we're doing here is we're

so what we're doing here is we're creating these parameters within this

creating these parameters within this function and we're also building out

function and we're also building out methods that we can use once we import

methods that we can use once we import this class so let's go ahead and close

this class so let's go ahead and close this out and we're going to open up

this out and we're going to open up another mouse pad and we'll just call

another mouse pad and we'll just call this something like our employees dot Pi

this something like our employees dot Pi you can call whatever you want and I'm

you can call whatever you want and I'm going to go ahead and do my shebang at

going to go ahead and do my shebang at the top we'll do bin python3

the top we'll do bin python3 save that and from here I want to

save that and from here I want to actually import the class that we just

actually import the class that we just built so what I'm going to do is I'm

built so what I'm going to do is I'm going to import this and we're going to

going to import this and we're going to say from employees

import employees

employees all right and we can make a couple of

all right and we can make a couple of employees here so let's set a variable

employees here so let's set a variable of E1 for employee one and we'll just do

of E1 for employee one and we'll just do employees

employees and I'm going to stick with the Bob's

and I'm going to stick with the Bob's Burgers theme from earlier we'll just

Burgers theme from earlier we'll just say we've got Bob remember we we're

say we've got Bob remember we we're declaring Bob's name

declaring Bob's name his department will say he works in

his department will say he works in sales

sales will say that his role within the

will say that his role within the department is the director of sales

department is the director of sales and we'll say his salary is a hundred

and we'll say his salary is a hundred thousand dollars a year

thousand dollars a year and that he has been employed for 20

and that he has been employed for 20 years

years and we'll do another employee

and we'll do another employee and we'll say that this employee is

and we'll say that this employee is Linda

Linda she is an executive

she is the Chief Information officer or the CIO

the CIO she makes a hundred and fifty thousand

she makes a hundred and fifty thousand dollars a year and she has been with the

dollars a year and she has been with the organization for 10 years

organization for 10 years so we can do some stuff with this we can

so we can do some stuff with this we can go and say like print

go and say like print E1 dot name

E1 dot name let's save this make sure everything

let's save this make sure everything works

works coming here actually let me close and

coming here actually let me close and reopen this because I forgot my

reopen this because I forgot my Ampersand on this

Ampersand on this and we'll come back and now we'll go

and we'll come back and now we'll go ahead and do python3 our employees and

ahead and do python3 our employees and you'll see that print e1.name is pulling

you'll see that print e1.name is pulling down Bob so we're using the name method

down Bob so we're using the name method that we created with our class so we

that we created with our class so we Define that within that class so now we

Define that within that class so now we have the ability to pull down

have the ability to pull down information based on the class that we

information based on the class that we built so we can also do something like

built so we can also do something like print E2 dot roll and we should get that

print E2 dot roll and we should get that role printed out for us so if we see E2

role printed out for us so if we see E2 roll we're getting that she is a CIO so

roll we're getting that she is a CIO so that is accurate statement here let's

that is accurate statement here let's see if we could open both of these let's

see if we could open both of these let's open also

open also employees.pi and we have both of these

employees.pi and we have both of these here now so it's a little bit easier to

here now so it's a little bit easier to see we've got our function our init

see we've got our function our init function here and we have all of our

function here and we have all of our methods that we've defined now we can

methods that we've defined now we can build upon this within this class so

build upon this within this class so let's say if we wanted to make another

let's say if we wanted to make another function if we wanted to say something

function if we wanted to say something like Define

like Define eligible for retirement

eligible for retirement and we just said self in here as the

and we just said self in here as the parameter what if we said something like

parameter what if we said something like if

if self dot years employed

self dot years employed is greater than or equal to 20.

is greater than or equal to 20. then we return true because if the

then we return true because if the person has worked with us for 20 years

person has worked with us for 20 years then they are eligible for retirement

then they are eligible for retirement otherwise if they haven't then they

otherwise if they haven't then they haven't earned their retirement yet so

haven't earned their retirement yet so we can look at an employee and see how

we can look at an employee and see how long they've worked with us and we can

long they've worked with us and we can save this here and then we can come in

save this here and then we can come in here we can do something like print

here we can do something like print and we'll say E1

and we'll say E1 and we'll ask if they are eligible for

and we'll ask if they are eligible for retirement

retirement okay

okay save this print this out and you'll see

save this print this out and you'll see that Bob is indeed eligible for

that Bob is indeed eligible for retirement because he has been with the

retirement because he has been with the company at least 20 years which is what

company at least 20 years which is what we put here within the class

we put here within the class so just know what we're doing is we're

so just know what we're doing is we're building out our own class and we're

building out our own class and we're able to Define

able to Define these functions and these parameters and

these functions and these parameters and these help us with creating our objects

these help us with creating our objects that we're using over here so we've got

that we're using over here so we've got our classes and then we've got our

our classes and then we've got our objects so this can get really robust

objects so this can get really robust very quick and we'll build out a project

very quick and we'll build out a project to look at that here in the next lesson

to look at that here in the next lesson and that way we can tie this all

and that way we can tie this all together but this is a very important

together but this is a very important part of programming and this is very

part of programming and this is very much a one-on-one class so we're just

much a one-on-one class so we're just skimming the surface on what this is but

skimming the surface on what this is but this is actually incredibly useful when

this is actually incredibly useful when we start building out classes like this

we start building out classes like this to help with other things that we're

to help with other things that we're writing and pulling information from so

writing and pulling information from so that's it for this lesson we're going to

that's it for this lesson we're going to go ahead and move on to the next one

go ahead and move on to the next one we have reached the final project in

we have reached the final project in this course and this is going to tie

this course and this is going to tie everything together that we have learned

everything together that we have learned thus far

thus far so I am a bit of a sneaker head which

so I am a bit of a sneaker head which means I really like shoes and so what

means I really like shoes and so what we're going to do is we're going to

we're going to do is we're going to build a budget app using classes and

build a budget app using classes and objects and we're going to see what

objects and we're going to see what shoes we can afford based on how much

shoes we can afford based on how much money we have

money we have so we're going to go ahead and start

so we're going to go ahead and start with the class and we're going to just

with the class and we're going to just make a new file we'll do mouse pad and

make a new file we'll do mouse pad and we'll call this shoes I can type shoes

we'll call this shoes I can type shoes dot pi

dot pi open that up

open that up and we'll also open up a new window as

and we'll also open up a new window as well or just a new tab here and we'll

well or just a new tab here and we'll write in both of these so uh for this

write in both of these so uh for this one we're going to go ahead and just

one we're going to go ahead and just define a class of shoes

define a class of shoes and I'm going to go ahead and just save

and I'm going to go ahead and just save that so I see the colors

that so I see the colors and here we're going to Define our init

and here we're going to Define our init statement

statement and we're going to just say self

and we're going to just say self and then we're going to have a name

and then we're going to have a name our name of our shoe and the price of

our name of our shoe and the price of our shoes

our shoes and within this we're just going to

and within this we're just going to Define

Define self.name equals name this should all

self.name equals name this should all look familiar so far and self dot price

look familiar so far and self dot price is equal to price

is equal to price what we're going to do with the price

what we're going to do with the price because we'll run into an instance where

because we'll run into an instance where this is going to be taken potentially as

this is going to be taken potentially as a string we're going to go ahead and

a string we're going to go ahead and just give this a flow we want to make

just give this a flow we want to make sure that we are assuming this is going

sure that we are assuming this is going to be a float of a price here

to be a float of a price here let's go ahead and Define a few more

let's go ahead and Define a few more things so I want to define a budget

things so I want to define a budget check

check and I want to make sure that we have the

and I want to make sure that we have the budget here so what we're going to do in

budget here so what we're going to do in this instance is we're just going to say

this instance is we're just going to say self and then we'll also add in budget

self and then we'll also add in budget here

here and we'll come in here and we'll do a

and we'll come in here and we'll do a check first we want to make sure that we

check first we want to make sure that we are given an integer or a float here

are given an integer or a float here when we are asked for the budget so we

when we are asked for the budget so we can say something like if not

can say something like if not is instance and what this means is we're

is instance and what this means is we're saying if this type is not what we're

saying if this type is not what we're specifying here then we're going to go

specifying here then we're going to go ahead and reject this and close out of

ahead and reject this and close out of the application so the is instance looks

the application so the is instance looks for our type and returns a True Value

for our type and returns a True Value but if we say is not true then that's

but if we say is not true then that's false remember our truth tables and thus

false remember our truth tables and thus becomes invalid and closes the app so

becomes invalid and closes the app so what's going to happen is we're going to

what's going to happen is we're going to say budget

say budget and we're also going to look whether

and we're also going to look whether budget is going to be an INT or a float

budget is going to be an INT or a float and if it is not one of those two things

and if it is not one of those two things we're going to go ahead and print out

we're going to go ahead and print out invalid entry

invalid entry please enter a number something along

please enter a number something along those lines and then we'll exit the

those lines and then we'll exit the application

application so let's say that we have a budget and

so let's say that we have a budget and we want to also know how much money is

we want to also know how much money is left over if we buy the shoes so we can

left over if we buy the shoes so we can define something like change or what

define something like change or what change is left over and we could say

change is left over and we could say something like self Budget on this as

something like self Budget on this as well

well and we can just return

and we can just return our budget

our budget minus ourself dot price

minus ourself dot price so remember we declared self.price up

so remember we declared self.price up here now we're calling it we're just

here now we're calling it we're just saying Hey I want to return the value of

saying Hey I want to return the value of the budget that we have minus the cost

the budget that we have minus the cost of the item that we're purchasing

okay only a couple more things and we'll be done with our class here so we also

be done with our class here so we also need to purchase it right so let's

need to purchase it right so let's define buy and we're going to do self

define buy and we're going to do self budget again

and here we're going to do a self dot Budget Check

and what we'll say is if our budget is greater than or equal to self.price

is greater than or equal to self.price then we're going to print out

we'll do a F string here and we'll just say U and cop sum and then we'll do

say U and cop sum and then we'll do self.name

self.name so the name that we'll provide here this

so the name that we'll provide here this will all make sense once we tie it all

will all make sense once we tie it all together

together okay and then if our budget is equal to

okay and then if our budget is equal to the self.price then we're gonna just say

the self.price then we're gonna just say print out

print out you

you have exactly enough money for these

have exactly enough money for these shoes

shoes otherwise

we can do else now we could go through this whole thing and and give a

this whole thing and and give a statement and say well what if we had no

statement and say well what if we had no money or what if we didn't have enough

money or what if we didn't have enough money but in this instance we're just

money but in this instance we're just gonna print out the situation of

gonna print out the situation of you can

you can buy these shoes and have we have a

buy these shoes and have we have a dollar sign here

dollar sign here we'll say self

we'll say self dot change

dot change and we'll give a budget left over

and we'll give a budget left over so

left over just like this all right and then when we exit the

all right and then when we exit the application we can say something like

application we can say something like exit

exit and we'll just give a statement thanks

and we'll just give a statement thanks for using our shoe budget app

for using our shoe budget app now this might not make any sense yet

now this might not make any sense yet and that's okay let me make this a

and that's okay let me make this a little bit bigger

little bit bigger and so what we're doing here is we're

and so what we're doing here is we're defining our init and in our init we

defining our init and in our init we have a name which is going to be the

have a name which is going to be the name of the shoe

name of the shoe and price which give me the price of the

and price which give me the price of the shoe so self.name is equal to name

shoe so self.name is equal to name self.price is going to be a float

self.price is going to be a float because we're expecting

because we're expecting potentially it could be our price of our

potentially it could be our price of our shoe could be 2.99 or 100.99 it might

shoe could be 2.99 or 100.99 it might not just be a perfect number so we want

not just be a perfect number so we want to use a float

to use a float we have our budget check here we're just

we have our budget check here we're just checking the is instance we could in

checking the is instance we could in theory add to this budget check and make

theory add to this budget check and make sure we have enough funding before we

sure we have enough funding before we come down and do the purchase would

come down and do the purchase would probably be the logical way to do this

probably be the logical way to do this but in this instance we're just using

but in this instance we're just using really beginner logic and we're just

really beginner logic and we're just coming through and we're just saying hey

coming through and we're just saying hey if this instance isn't an integer or a

if this instance isn't an integer or a float like somebody types in a string

float like somebody types in a string then we're just going to go ahead and

then we're just going to go ahead and reject this we we don't want any we have

reject this we we don't want any we have no interest if this is no integer or

no interest if this is no integer or float here

float here then we're going to Define our change so

then we're going to Define our change so if we have uh money left over like if we

if we have uh money left over like if we have budget minus the price of the shoe

have budget minus the price of the shoe then we're going to go ahead and give

then we're going to go ahead and give some money back

some money back um and then we're gonna buy the shoe as

um and then we're gonna buy the shoe as well so we're gonna have our buy option

well so we're gonna have our buy option as long as our budget is greater than

as long as our budget is greater than the price of the shoe we can buy that

the price of the shoe we can buy that shoe

shoe and if the budget is equal to the price

and if the budget is equal to the price then we have enough money if it's not

then we have enough money if it's not then we'll actually have some money left

then we'll actually have some money left over here

over here um unless it's the instance of not

um unless it's the instance of not having enough money and then it'll just

having enough money and then it'll just exit the application because we haven't

exit the application because we haven't told it to do anything else and then

told it to do anything else and then it'll also thank us for using the shoe

it'll also thank us for using the shoe app so that's part one we have defined

app so that's part one we have defined the class now could we build this out

the class now could we build this out all in one thing yes we could just write

all in one thing yes we could just write a script out for this we could code this

a script out for this we could code this and make it into one easy script but

and make it into one easy script but what this will do is allow us

what this will do is allow us flexibility this is where object

flexibility this is where object oriented programming comes into play

oriented programming comes into play because we don't have to continue to

because we don't have to continue to repeat ourself and what we're following

repeat ourself and what we're following is what is called the dry approach the

is what is called the dry approach the don't repeat yourself approach and so

don't repeat yourself approach and so what we're doing is maintaining

what we're doing is maintaining everything in a class here and then

everything in a class here and then we'll call that class and make it very

we'll call that class and make it very easy on us instead of having one crazy

easy on us instead of having one crazy long script that is potentially

long script that is potentially repetitive and a lot more difficult to

repetitive and a lot more difficult to go through so here we're gonna just

go through so here we're gonna just open this up and I'm going to call out a

open this up and I'm going to call out a shebang I'm Ben python3 I'm Gonna Save

shebang I'm Ben python3 I'm Gonna Save this and I'm going to call this

this and I'm going to call this uh shoe purchase

uh shoe purchase dot pi

dot pi save that

save that now

now we're going to import from our class

we're going to import from our class that we made so from shoes import shoes

and let's define a few variables so let's say low is equal to

let's say low is equal to choose and for the low price shoes we're

choose and for the low price shoes we're just going to say we can buy some and

just going to say we can buy some and ones and we can buy those for 30 dollars

ones and we can buy those for 30 dollars uh for medium price shoes maybe we can

uh for medium price shoes maybe we can purchase some Air Force Ones

purchase some Air Force Ones and for those maybe they're a hundred

and for those maybe they're a hundred and twenty dollars

and twenty dollars and then for the high price shoes maybe

and then for the high price shoes maybe we're interested in purchasing

we're interested in purchasing some off-whites

and those might run us for a hundred dollars

dollars and from here what we're gonna do is

and from here what we're gonna do is we're going to do a try statement

we're going to do a try statement remember we've done a try statement

remember we've done a try statement before and we're going to say try

before and we're going to say try and we're going to say shoe budget

is equal to a float of an input we're going to ask for an

of an input we're going to ask for an input here so this is all tying together

input here so this is all tying together we'll say what is your shoe budget

we'll say what is your shoe budget do a question mark there

do a question mark there tie this together and then

tie this together and then we're going to do an exception so if we

we're going to do an exception so if we have a value error

have a value error meaning we don't get a number back

meaning we don't get a number back similar to what we were doing previously

similar to what we were doing previously if we don't get a number back here we're

if we don't get a number back here we're going to say please enter a number

now we can come in here and say

we can come in here and say for shoes in

for shoes in and then we can just give this high

and then we can just give this high medium low like this

medium low like this we can do a shoes dot by

we can do a shoes dot by and remember we came out with this by

and remember we came out with this by Method over in our class here so we're

Method over in our class here so we're doing a shoes dot by I'm gonna go and

doing a shoes dot by I'm gonna go and check all this for us and we're going to

check all this for us and we're going to say

say to budget

to budget so we're going to take the input of shoe

so we're going to take the input of shoe budget what's the value here we'll take

budget what's the value here we'll take that we'll come in here and we'll see

that we'll come in here and we'll see what our budget is if it is greater than

what our budget is if it is greater than or equal to the price of the shoe we're

or equal to the price of the shoe we're defining our name of the shoe and our

defining our name of the shoe and our price of the shoe from our parameters

price of the shoe from our parameters that we defined up here name and price

that we defined up here name and price so we're saying hey our the name and the

so we're saying hey our the name and the price so is the price of the shoe

price so is the price of the shoe is it at least the amount of our budget

is it at least the amount of our budget and if it is we can buy that and we'll

and if it is we can buy that and we'll check in the highest order and then go

check in the highest order and then go in the lowest order if you flip these

in the lowest order if you flip these and you put in 400 we just keep telling

and you put in 400 we just keep telling you that you can only buy the low price

you that you can only buy the low price shoe so you need to make sure it's in

shoe so you need to make sure it's in the highest to the lowest order in this

the highest to the lowest order in this this example and so it'll check do we

this example and so it'll check do we have enough money to buy the 400 pair of

have enough money to buy the 400 pair of shoes no okay and then do we have enough

shoes no okay and then do we have enough money to buy the 120 pair of shoes no do

money to buy the 120 pair of shoes no do we have enough money to buy the 30 pair

we have enough money to buy the 30 pair of shoes so we'll go through that and

of shoes so we'll go through that and iterate in this Loop to see what we can

iterate in this Loop to see what we can or can't buy so let's go ahead and save

or can't buy so let's go ahead and save this

this and we'll save shoes.pi and I'm going to

and we'll save shoes.pi and I'm going to go ahead and run this hopefully I have

go ahead and run this hopefully I have no typos I will do shoe budget

no typos I will do shoe budget shoe purchase sorry and run this and I

shoe purchase sorry and run this and I do have a typo and so if I come back in

do have a typo and so if I come back in here

here I forgot to close off my F string so let

I forgot to close off my F string so let me save that

me save that now let's try this

now let's try this what is our shoe budget let's give it a

what is our shoe budget let's give it a few different options if we said our

few different options if we said our shoe budget was thirty dollars exactly

shoe budget was thirty dollars exactly well it's going to say that we can cop

well it's going to say that we can cop some air some and ones sorry and we have

some air some and ones sorry and we have exactly enough money for these shoes

exactly enough money for these shoes thanks for using the shoe app uh what if

thanks for using the shoe app uh what if we had 31 dollars

we had 31 dollars well we could still cop some and ones

well we could still cop some and ones and then we can buy these shoes and have

and then we can buy these shoes and have one dollar left over all right what if

one dollar left over all right what if we had 450 dollars

we had 450 dollars well we can buy the off-whites and we

well we can buy the off-whites and we can buy those and have fifty dollars

can buy those and have fifty dollars left over for our budget

left over for our budget so hopefully this makes sense I know

so hopefully this makes sense I know this is a lot of information and this

this is a lot of information and this again is just a one-on-one course so

again is just a one-on-one course so we're just kind of

we're just kind of dabbling in the object oriented

dabbling in the object oriented programming and if you continue on with

programming and if you continue on with python from here and you start getting

python from here and you start getting into more complex material then you

into more complex material then you could build upon what you're learning

could build upon what you're learning here so

here so try to think of something that you might

try to think of something that you might want to script out like this or write

want to script out like this or write out like this and think of the logic

out like this and think of the logic behind it I highly recommend going and

behind it I highly recommend going and doing coding challenges or programming

doing coding challenges or programming challenges and try to increase the logic

challenges and try to increase the logic and the ideas behind what you're trying

and the ideas behind what you're trying to build and that just takes practice

to build and that just takes practice all this takes practice it's one thing

all this takes practice it's one thing to watch and follow along with somebody

to watch and follow along with somebody it's a whole nother game to go out and

it's a whole nother game to go out and do this yourself so start thinking of

do this yourself so start thinking of some things that you want to build

some things that you want to build really use your Google skills look at

really use your Google skills look at stack Overflow and look at some Googling

stack Overflow and look at some Googling and some redditing and just try to piece

and some redditing and just try to piece together the logic that you have in what

together the logic that you have in what you want to build so highly recommend

you want to build so highly recommend building upon this this is a great

building upon this this is a great language learn and very flexible and I

language learn and very flexible and I hope that you continue on with this

okay before we get hands on I have to give you a little bit of Death by

give you a little bit of Death by PowerPoint but it's for good reason

PowerPoint but it's for good reason so we need to introduce the five stages

so we need to introduce the five stages of ethical hacking these are the five

of ethical hacking these are the five stages that you will go through on every

stages that you will go through on every assessment

assessment so before we do that let's first make a

so before we do that let's first make a big note from here on we are moving into

big note from here on we are moving into the ethical hacking portion of our

the ethical hacking portion of our course we're going to learn malicious

course we're going to learn malicious things

things please only use the information learned

please only use the information learned in this course for ethical purposes do

in this course for ethical purposes do not attack your neighbors do not attack

not attack your neighbors do not attack anybody that you do not have explicit

anybody that you do not have explicit permission to do so

permission to do so you can and will get into trouble for

you can and will get into trouble for doing that so with that out of the way

doing that so with that out of the way let's talk briefly about the five stages

let's talk briefly about the five stages of ethical hacking

of ethical hacking so

so we start up at the top and we actually

we start up at the top and we actually start with what is called reconnaissance

start with what is called reconnaissance the stage is also known as information

the stage is also known as information gathering and there are two different

gathering and there are two different types there's active and passive now

types there's active and passive now passive is saying like going out to

passive is saying like going out to Google and searching for somebody say

Google and searching for somebody say you're giving a client and you want to

you're giving a client and you want to look at their Google you want to look at

look at their Google you want to look at LinkedIn you might be looking for I

LinkedIn you might be looking for I don't know a picture of their badge or

don't know a picture of their badge or an employee's name or maybe an

an employee's name or maybe an employee's Twitter page

employee's Twitter page that's all passive you're not actually

that's all passive you're not actually going out to the company's website and

going out to the company's website and doing anything active against it now

doing anything active against it now active reconnaissance kind of falls into

active reconnaissance kind of falls into place with the second phase which is

place with the second phase which is scanning an enumeration now that is

scanning an enumeration now that is active that is where we go out and we

active that is where we go out and we take tools such as nmap and nessus and

take tools such as nmap and nessus and nicto and you've never heard of any of

nicto and you've never heard of any of those that's fine but we take those and

those that's fine but we take those and we scan actively against a client now

we scan actively against a client now what we're looking for are open ports

what we're looking for are open ports vulnerabilities different items and with

vulnerabilities different items and with what Returns on these results when we do

what Returns on these results when we do this scanning we also perform what is

this scanning we also perform what is called enumeration enumeration is just

called enumeration enumeration is just looking at items and digging into them

looking at items and digging into them to see if we can find anything of value

to see if we can find anything of value say that there is a web server running

say that there is a web server running on Port 80 we see Port 80 is open and

on Port 80 we see Port 80 is open and it's running something like Apache 1.2

it's running something like Apache 1.2 which would be really really outdated we

which would be really really outdated we would go out to Google and we would say

would go out to Google and we would say Google do you know if Apache 1.2 2 has

Google do you know if Apache 1.2 2 has any X place for it and we would do

any X place for it and we would do research that's the enumeration portion

research that's the enumeration portion of it so once we do our information

of it so once we do our information gathering we do our scanning enumeration

gathering we do our scanning enumeration then we move into the gaining access

then we move into the gaining access portion

portion this is also known as exploitation we

this is also known as exploitation we will run an exploit against the client

will run an exploit against the client or against the vulnerable service or

or against the vulnerable service or whatever it may be to try to gain access

whatever it may be to try to gain access into a machine or into a network into an

into a machine or into a network into an environment Etc once we have that access

environment Etc once we have that access the process starts to repeat we do

the process starts to repeat we do scanning and enumeration again and we

scanning and enumeration again and we also want to maintain that access right

also want to maintain that access right so if we were to get kicked out okay or

so if we were to get kicked out okay or a user shuts down their computer how do

a user shuts down their computer how do we maintain that access so when they

we maintain that access so when they turn their computer back on we still

turn their computer back on we still have access to it and then lastly there

have access to it and then lastly there is the covering tracks you want to

is the covering tracks you want to delete any logs that you may leave

delete any logs that you may leave behind you want to delete any kind of

behind you want to delete any kind of malware that you upload which is more

malware that you upload which is more important as a pen tester any accounts

important as a pen tester any accounts that you create for any reason you want

that you create for any reason you want to delete those as well you really just

to delete those as well you really just want to clean up it's a good way of

want to clean up it's a good way of putting it covering tracks is the more

putting it covering tracks is the more hacker way of putting it but as a

hacker way of putting it but as a penetration tester you really just want

penetration tester you really just want to clean up so we're going to go heavily

to clean up so we're going to go heavily through steps one through three in this

through steps one through three in this course we'll also cover four and five

course we'll also cover four and five briefly but the process in methodology

briefly but the process in methodology never changes regardless if you're doing

never changes regardless if you're doing network if you're doing web app or if

network if you're doing web app or if you're doing a different type of

you're doing a different type of assessment it's all similar in this five

assessment it's all similar in this five stages of hacking the tools might change

stages of hacking the tools might change the attack methods might change but the

the attack methods might change but the overall methodology is always the same

overall methodology is always the same so that's how we're also going to

so that's how we're also going to structure this course we're going to go

structure this course we're going to go in first and we're going to talk about

in first and we're going to talk about information gathering and reconnaissance

information gathering and reconnaissance then we're going to move into scanning

then we're going to move into scanning enumeration and then we'll start with

enumeration and then we'll start with exploitation and do that repeatedly

exploitation and do that repeatedly until we get it inside of our heads and

until we get it inside of our heads and our it feels almost second nature right

our it feels almost second nature right once we have all that done we'll do some

once we have all that done we'll do some practice boxes you know give it a go see

practice boxes you know give it a go see how we do we'll move into the internal

how we do we'll move into the internal side of things with active directory

side of things with active directory we'll start working with our web

we'll start working with our web applications and our wireless and we

applications and our wireless and we will touch on the maintaining access and

will touch on the maintaining access and covering tracks but you're going to see

covering tracks but you're going to see this methodology over and over and you

this methodology over and over and you might also get this question on an

might also get this question on an interview you know to describe the five

interview you know to describe the five stages so it's important to know these

stages so it's important to know these it's just something that every ethical

it's just something that every ethical hacker can rattle off pretty quickly so

hacker can rattle off pretty quickly so have this written down think about it

have this written down think about it keep your wheels spinning and let's go

keep your wheels spinning and let's go ahead and move on to our first section

ahead and move on to our first section which is going to be information gather

which is going to be information gather ring slash reconnaissance so in some

ring slash reconnaissance so in some Cool Tools some Google Foo and just what

Cool Tools some Google Foo and just what kind of information we can actually

kind of information we can actually gather on a potential client

so in this section we are going to be talking about information gathering and

talking about information gathering and all the information gathering we're

all the information gathering we're going to do in this section is going to

going to do in this section is going to be passive so I'm calling this passive

be passive so I'm calling this passive Recon or passive reconnaissance I wanted

Recon or passive reconnaissance I wanted to give a brief overview of what we're

to give a brief overview of what we're going to be covering and talk about some

going to be covering and talk about some high level topics before we get into the

high level topics before we get into the weeds and really dive into our Target

weeds and really dive into our Target so let's talk about the different types

so let's talk about the different types of passive Recon so on the physical or

of passive Recon so on the physical or social sides physical meaning actually

social sides physical meaning actually going on site and maybe doing a physical

going on site and maybe doing a physical engagement or the social engineering

engagement or the social engineering aspect of maybe doing a phishing

aspect of maybe doing a phishing assessment or even including in a

assessment or even including in a physical engagement or a bishing

physical engagement or a bishing assessment just gathering this

assessment just gathering this information from the physical social

information from the physical social aspect is incredibly useful so we have

aspect is incredibly useful so we have location information so we might utilize

location information so we might utilize something like satellite images or often

something like satellite images or often will go on site and do drone

will go on site and do drone reconnaissance where we fly a drone

reconnaissance where we fly a drone around and try to gain information and

around and try to gain information and what we're really after with these

what we're really after with these images of this drone Recon is we're

images of this drone Recon is we're trying to find out hey what is the

trying to find out hey what is the building layout look like are there

building layout look like are there badge readers are there break areas does

badge readers are there break areas does security exist do they have somebody

security exist do they have somebody posted out up front can you just walk

posted out up front can you just walk right in the door what does their

right in the door what does their fencing look like are are there areas

fencing look like are are there areas where they're just leaving the doors

where they're just leaving the doors propped open where do people go out and

propped open where do people go out and smoke in these break areas because those

smoke in these break areas because those are good place to just walk up to

are good place to just walk up to somebody light up a cigarette even if

somebody light up a cigarette even if you don't smoke and to start a

you don't smoke and to start a conversation and then tailgate right in

conversation and then tailgate right in with them into the building now the

with them into the building now the other aspect of this is the job

other aspect of this is the job information so we might be looking for

information so we might be looking for employees online I might want to know

employees online I might want to know somebody's name job title phone number

somebody's name job title phone number who their manager is I try to get a good

who their manager is I try to get a good idea of what people look like so if I

idea of what people look like so if I see them on site I have a good idea who

see them on site I have a good idea who they are I also look for pictures so I

they are I also look for pictures so I cannot tell you how many times a badge

cannot tell you how many times a badge photo is posted on LinkedIn or somebody

photo is posted on LinkedIn or somebody posted on Twitter you can see all the

posted on Twitter you can see all the memes out there about people posting

memes out there about people posting their photos at work and it's bad it

their photos at work and it's bad it happens all the time I see it to this

happens all the time I see it to this day so we're looking for badge photos

day so we're looking for badge photos I'm looking for desk photos computer

I'm looking for desk photos computer photos I had a situation one where

photos I had a situation one where somebody took a picture of her watching

somebody took a picture of her watching a game at work she was watching a

a game at work she was watching a basketball game at work and the

basketball game at work and the basketball game was on her computer and

basketball game was on her computer and on her screen there it showed all the

on her screen there it showed all the different tools that they utilized at

different tools that they utilized at work she had a work application open in

work she had a work application open in this photo there was a desk in the

this photo there was a desk in the background you can see different things

background you can see different things and it just gives us information and

and it just gives us information and that's really what we're after what kind

that's really what we're after what kind of information can We Gather now this

of information can We Gather now this course is not a course on physical or

course is not a course on physical or social so I kind of wanted to give a

social so I kind of wanted to give a high level of what to expect we won't

high level of what to expect we won't really be doing a whole lot of this in

really be doing a whole lot of this in this course with this type of

this course with this type of information gathering but these are the

information gathering but these are the things that you should be looking for so

things that you should be looking for so if you are tasked with the physical

if you are tasked with the physical assessment do go out there and look for

assessment do go out there and look for satellite images try to get a good feel

satellite images try to get a good feel of the building layout and also try to

of the building layout and also try to get a feel for who the employees are who

get a feel for who the employees are who maybe the it manager is in case you're

maybe the it manager is in case you're going to say you know I work for it they

going to say you know I work for it they might ask you who your manager is you

might ask you who your manager is you might need to know those names and of

might need to know those names and of course look for pictures if you can find

course look for pictures if you can find a good badge photo and what that looks

a good badge photo and what that looks like you can make a fake Badge go on

like you can make a fake Badge go on site and you'll be way more passable

site and you'll be way more passable with that badge but sometimes they don't

with that badge but sometimes they don't even look it can be drawn in crayon so

even look it can be drawn in crayon so from there let's go ahead and talk about

from there let's go ahead and talk about what we will be doing a lot of which is

what we will be doing a lot of which is the web in host

the web in host so when you get a web or a host

so when you get a web or a host assessment the first thing you really

assessment the first thing you really should do is what is called Target

should do is what is called Target validation so we're going to be

validation so we're going to be targeting something on bug crowds we're

targeting something on bug crowds we're not really going to focus on this but

not really going to focus on this but what we're going to do in the real world

what we're going to do in the real world is we would validate the Target now

is we would validate the Target now there are situations where a client will

there are situations where a client will give you an IP address or a website and

give you an IP address or a website and they might they might fudge it right

they might they might fudge it right they might accidentally fat finger it

they might accidentally fat finger it put uh the wrong number put the wrong

put uh the wrong number put the wrong letter in the website and then guess

letter in the website and then guess what you're off attacking somebody

what you're off attacking somebody else's website and they're if you're a

else's website and they're if you're a podcast listener there's a good Dark Net

podcast listener there's a good Dark Net Diaries episode on this if you don't

Diaries episode on this if you don't listen to darknet Diaries go check it

listen to darknet Diaries go check it out there's a great episode with a guy

out there's a great episode with a guy named Rob Fuller AKA mubix and he talks

named Rob Fuller AKA mubix and he talks about getting the wrong

about getting the wrong IP address on an assessment and

IP address on an assessment and attacking the wrong people and actually

attacking the wrong people and actually gaining access to that machine which is

gaining access to that machine which is a really really big big screw up on both

a really really big big screw up on both parts right so you should always

parts right so you should always validate your targets on top of this

validate your targets on top of this when we're doing our web and our host on

when we're doing our web and our host on the website we're going to look for

the website we're going to look for subdomains and we'll talk more about

subdomains and we'll talk more about that as we get into it but we can do

that as we get into it but we can do that with Google we can do that with

that with Google we can do that with nmap sublister there's so many different

nmap sublister there's so many different tools that we can use and we'll cover

tools that we can use and we'll cover some of the tools and how to do it get a

some of the tools and how to do it get a little deep into that as well especially

little deep into that as well especially as we get into the website of things

as we get into the website of things there's fingerprinting we need to know

there's fingerprinting we need to know what's running on a website or what's

what's running on a website or what's running on a host what kind of services

running on a host what kind of services are out there are they running a web

are out there are they running a web server what's that web server is it IAS

server what's that web server is it IAS is it Apache what version is it right

is it Apache what version is it right are they running what ports are open on

are they running what ports are open on their machines oh they have FTP open

their machines oh they have FTP open what version of FTP is open so we need

what version of FTP is open so we need to fingerprint machines and kind of

to fingerprint machines and kind of understand but on the passive side we're

understand but on the passive side we're not touching any machine right so we're

not touching any machine right so we're not going to be doing much scanning

not going to be doing much scanning against a host we just have to utilize

against a host we just have to utilize what kind of information might already

what kind of information might already be out there so if we go out to a

be out there so if we go out to a website it's on the border of active but

website it's on the border of active but as long as we're not scanning it in my

as long as we're not scanning it in my book it's still passive so we'll do we

book it's still passive so we'll do we will cover some of the passive slash

will cover some of the passive slash active side in this section and then

active side in this section and then when we get into scanning we'll get way

when we get into scanning we'll get way more active with it

more active with it lastly we're going to hit heavy

lastly we're going to hit heavy especially in the beginning on data

especially in the beginning on data breaches data breaches are the most

breaches data breaches are the most common way when we're doing an external

common way when we're doing an external assessment that we get into networks

assessment that we get into networks absolutely by far when we talk about

absolutely by far when we talk about data breaches we're talking about

data breaches we're talking about breached incidents from the past that

breached incidents from the past that have leaked data again these are like

have leaked data again these are like Home Depot Equifax LinkedIn all kinds of

Home Depot Equifax LinkedIn all kinds of breaches that are out there that have

breaches that are out there that have had credentials dumped and then those

had credentials dumped and then those credentials become available to us

credentials become available to us eventually and we try to utilize those

eventually and we try to utilize those to gain access or at least utilize the

to gain access or at least utilize the usernames to gain access nowadays most

usernames to gain access nowadays most the time there's not going to be an easy

the time there's not going to be an easy just scan find something vulnerable and

just scan find something vulnerable and exploit it on the external side of the

exploit it on the external side of the house so we're looking for these data

house so we're looking for these data breaches and this information that we

breaches and this information that we can gather and this is why information

can gather and this is why information gathering and then enumeration and

gathering and then enumeration and scanning most important by far the

scanning most important by far the better scanning enumeration that you can

better scanning enumeration that you can do and the better information gather you

do and the better information gather you can do the better hacker you're going to

can do the better hacker you're going to be and the better you're going to be at

be and the better you're going to be at your job so take these first two

your job so take these first two sections really serious so we're gonna

sections really serious so we're gonna start in with identifying what our

start in with identifying what our Target's going to be for this part of

Target's going to be for this part of the section and then we're going to go

the section and then we're going to go ahead and start talking about data

ahead and start talking about data breaches and why they're important and

breaches and why they're important and go deeper into that and then we'll go

go deeper into that and then we'll go off some of these tools that you see

off some of these tools that you see here on this list and really dive into

here on this list and really dive into those so I will look forward to seeing

those so I will look forward to seeing you in the next video when we identify

you in the next video when we identify our Target and get some information

our Target and get some information gathering started

all right before we begin doing our reconnaissance we have to

doing our reconnaissance we have to establish a client to attack so for this

establish a client to attack so for this course we're going to be utilizing a

course we're going to be utilizing a client out of bug crowd if you've never

client out of bug crowd if you've never heard of bug crowd bug crowd is a public

heard of bug crowd bug crowd is a public bug Bounty program what that means is

bug Bounty program what that means is there are programs on the website that

there are programs on the website that will allow you to attack them and if you

will allow you to attack them and if you find a bug against the program you're

find a bug against the program you're able to submit it and potentially get

able to submit it and potentially get money for it so you are able to hack

money for it so you are able to hack these programs publicly as they are part

these programs publicly as they are part of this program now the program we're

of this program now the program we're going to be attacking is Tesla so Tesla

going to be attacking is Tesla so Tesla is part of bug crowd now please do note

is part of bug crowd now please do note please double check when you're watching

please double check when you're watching this course as some time may have passed

this course as some time may have passed Tesla might no longer be part of this

Tesla might no longer be part of this bug Bounty program so it's very critical

bug Bounty program so it's very critical to make sure that you are still within

to make sure that you are still within scope before you attack if for some

scope before you attack if for some reason Tesla is no longer in scope just

reason Tesla is no longer in scope just go ahead and pick a new client and do

go ahead and pick a new client and do information gathering on them you don't

information gathering on them you don't have to pick Tesla when we're doing this

have to pick Tesla when we're doing this you can just do it to follow along with

you can just do it to follow along with me but you're also welcome to pick any

me but you're also welcome to pick any program you want so if you go to

program you want so if you go to bugcrowd.com and we go to programs

bugcrowd.com and we go to programs I will show you where Tesla exists now

I will show you where Tesla exists now you can see here that they have all

you can see here that they have all different types of programs in here and

different types of programs in here and if I were to scroll down and

if I were to scroll down and continuously I could find more and more

continuously I could find more and more and more there are hundreds of programs

and more there are hundreds of programs involved all kinds of names digital

involved all kinds of names digital ocean OCTA really big names Pinterest

ocean OCTA really big names Pinterest altacian

altacian anything that you can imagine probably

anything that you can imagine probably has a bug program if it's a reputable

has a bug program if it's a reputable okay any of the big names most likely

okay any of the big names most likely have a bug program especially if they're

have a bug program especially if they're reputable so here you could see what's

reputable so here you could see what's based on reward what's based on charity

based on reward what's based on charity and what's based on points only that's

and what's based on points only that's how the bug bounties are rewarded some

how the bug bounties are rewarded some of them are not all cash some of them

of them are not all cash some of them are just for points and for Kudos and

are just for points and for Kudos and the other ones are for charity I'm going

the other ones are for charity I'm going to go ahead and just search Tesla and

to go ahead and just search Tesla and when I do that you can see here that

when I do that you can see here that Tesla comes up

Tesla comes up now this is your first lesson into Rules

now this is your first lesson into Rules of Engagement and we're going to talk

of Engagement and we're going to talk about Rules of Engagement later but it's

about Rules of Engagement later but it's super important to read the program

super important to read the program details that you see here and what we

details that you see here and what we really need to do is we need to scroll

really need to do is we need to scroll through and make sure that we stay in

through and make sure that we stay in Scope when we're doing this so we have a

Scope when we're doing this so we have a wild card here so this means that any

wild card here so this means that any subdomain inside of tesla.com is fair

subdomain inside of tesla.com is fair game tesla.cn Tesla Motors Etc what is

game tesla.cn Tesla Motors Etc what is more important is that we stay within

more important is that we stay within this out of scope so we don't want to

this out of scope so we don't want to attack

attack shop.eu.testalmotors.com or energy

shop.eu.testalmotors.com or energy support.tesla.com it says you can report

support.tesla.com it says you can report vulnerabilities to bug Bounty for this

vulnerabilities to bug Bounty for this one any domains from Acquisitions such

one any domains from Acquisitions such as Maxwell so we have to stay within

as Maxwell so we have to stay within Tesla and there's a few more sites we're

Tesla and there's a few more sites we're not going to worry too much about that

not going to worry too much about that when we get into the web app portion of

when we get into the web app portion of the course we're going to talk about way

the course we're going to talk about way more detail on the numerating web

more detail on the numerating web applications and go into that so for now

applications and go into that so for now what we're going to do is we're just

what we're going to do is we're just going to focus on information gathering

going to focus on information gathering what kind of information can We Gather

what kind of information can We Gather from this client so again I'm setting my

from this client so again I'm setting my target to Tesla if you pick another

target to Tesla if you pick another Tesla or another client just make sure

Tesla or another client just make sure you stay in scope of that client so from

you stay in scope of that client so from here we're going to move on to our first

here we're going to move on to our first video and get our information gathering

video and get our information gathering started

welcome to the email ocean section we're going to talk about discovering

we're going to talk about discovering email addresses and this is something

email addresses and this is something that I do on a weekly basis so I'm going

that I do on a weekly basis so I'm going to show you the most common tools that I

to show you the most common tools that I use to actually look up email addresses

use to actually look up email addresses and try to find people and what you can

and try to find people and what you can do to kind of verify email addresses so

do to kind of verify email addresses so I'll show you some of my favorite tools

I'll show you some of my favorite tools and Concepts and this is something that

and Concepts and this is something that I do because not only for oh sent and

I do because not only for oh sent and doing it for investigative type work but

doing it for investigative type work but think about sales if I'm trying to find

think about sales if I'm trying to find a lead or I'm trying to find multiple

a lead or I'm trying to find multiple leads within an organization I have to

leads within an organization I have to figure out where the emails are who the

figure out where the emails are who the people I'm trying to email are so maybe

people I'm trying to email are so maybe I'll Google them and say who is the CSO

I'll Google them and say who is the CSO or chief information security officer

or chief information security officer for this company and I might find that

for this company and I might find that it's Bob Jones and we go look up Bob

it's Bob Jones and we go look up Bob Jones and we say okay well how do I get

Jones and we say okay well how do I get Bob Jones's contact information can I

Bob Jones's contact information can I find it via Google maybe maybe it's out

find it via Google maybe maybe it's out there in the public but maybe we have to

there in the public but maybe we have to dig a Little Deeper maybe we have to

dig a Little Deeper maybe we have to kind of do some guesstimation and see if

kind of do some guesstimation and see if we can figure it out so that's what

we can figure it out so that's what we're going to do today is is look at

we're going to do today is is look at the email addresses formats and try to

the email addresses formats and try to determine if we can find some emails so

determine if we can find some emails so let's go ahead and move over to the Kali

let's go ahead and move over to the Kali Linux machine that I've got

Linux machine that I've got and the first website is one of my

and the first website is one of my favorites so hunter.io you just come to

favorites so hunter.io you just come to hunter.io you get like 50 or 100 free

hunter.io you get like 50 or 100 free searches a month I don't remember what

searches a month I don't remember what it is it's it's a fair amount uh you can

it is it's it's a fair amount uh you can come here and basically just type in a

come here and basically just type in a company name so like say I want to type

company name so like say I want to type in TCM security

in TCM security tcm-sec and you can see TCM security

tcm-sec and you can see TCM security here we get one result on the email

here we get one result on the email address so we'll click it and see what

address so we'll click it and see what happens here

happens here uh and looks like we have like an info

uh and looks like we have like an info at

at tcm-asect.com it tells us hey there's

tcm-asect.com it tells us hey there's five sources that identify this so we

five sources that identify this so we see

see tcm-sec.com there's an about blog so

tcm-sec.com there's an about blog so this is where they're finding it okay

this is where they're finding it okay um a better example maybe a something

um a better example maybe a something that has more users like Tesla Tesla has

that has more users like Tesla Tesla has 468 users if we come in here and we look

468 users if we come in here and we look well we can see that they have a pattern

well we can see that they have a pattern identified here so their pattern they're

identified here so their pattern they're identifying is first initial

identifying is first initial last name at tesla.com and that's really

last name at tesla.com and that's really what we want to see and then we can

what we want to see and then we can gather email addresses here if we want

gather email addresses here if we want but say like we knew Bob Jones again

but say like we knew Bob Jones again going back to that example Bob Jones so

going back to that example Bob Jones so maybe Bob Jones works at Tesla maybe his

maybe Bob Jones works at Tesla maybe his email would be B Jones at tesla.com so

email would be B Jones at tesla.com so it's something to think about now we can

it's something to think about now we can sign up and get actual information here

you should be able to sign up with a Gmail account sometimes this does not

Gmail account sometimes this does not work depending on the country that you

work depending on the country that you are in so be cognizant you might have to

are in so be cognizant you might have to use a different email address but I just

use a different email address but I just tried signing up with a Gmail account

tried signing up with a Gmail account that I have on here and it worked just

that I have on here and it worked just fine so I'm going to go ahead and try to

fine so I'm going to go ahead and try to log in I'm going to sign in with Google

with what's already here and just now I'm logged in so we can go back now and

I'm logged in so we can go back now and try searching Tesla again

try searching Tesla again and you'll see that the results actually

and you'll see that the results actually come back

come back so we get information here now we get

so we get information here now we get let me make this a little bit bigger we

let me make this a little bit bigger we get information as to okay here's the

get information as to okay here's the vice president this is the vice

vice president this is the vice president's email address uh project

president's email address uh project development manager maybe you want to

development manager maybe you want to talk to somebody in Human Resources so

talk to somebody in Human Resources so you can click here and go to human

you can click here and go to human resources and then here are the

resources and then here are the different Human Resources

different Human Resources emails that are here so and then the

emails that are here so and then the sources that they found these email

sources that they found these email addresses so this isn't a particular

addresses so this isn't a particular person in HR but it's still Human

person in HR but it's still Human Resources email addresses so this looks

Resources email addresses so this looks like it's probably for Hong Kong this is

like it's probably for Hong Kong this is for Berlin this is gigafactory so they

for Berlin this is gigafactory so they have different email addresses based on

have different email addresses based on where they are now if you looked up TCM

where they are now if you looked up TCM security here you're really not going to

security here you're really not going to find much on us because we don't have a

find much on us because we don't have a ton of email addresses out there but I

ton of email addresses out there but I think that we can find more in other

think that we can find more in other ways now so we only get so many uses

ways now so we only get so many uses here we'll just keep thinking about this

here we'll just keep thinking about this as we move forward so 100.io great great

as we move forward so 100.io great great resource they have plugins if you want

resource they have plugins if you want them I I think it's fantastic place to

them I I think it's fantastic place to look

look phonebook.cz is the next resource I want

phonebook.cz is the next resource I want to show you this one is fantastic let's

to show you this one is fantastic let's start with

start with tcm-sec.com and see so we're gonna go

tcm-sec.com and see so we're gonna go tcm-sec.com and we're going to search

tcm-sec.com and we're going to search email addresses here so they do domains

email addresses here so they do domains and URLs as well which I think is

and URLs as well which I think is awesome but let's just search for email

awesome but let's just search for email address see if anything comes back no no

address see if anything comes back no no results okay that's okay let's try Tesla

and see what comes back there okay a lot more

okay a lot more so we get uh quite a few email addresses

so we get uh quite a few email addresses we could see Elon Musk all over the

we could see Elon Musk all over the place we've got Elon Dash musk Elon

place we've got Elon Dash musk Elon we've got emusks over here and we get a

we've got emusks over here and we get a ton of emails look at this so what's

ton of emails look at this so what's nice about this is we can sit here and

nice about this is we can sit here and try to identify what the possible email

try to identify what the possible email addresses are so again first initial

addresses are so again first initial last name looks like it's showing up

last name looks like it's showing up quite a bit outside of maybe like the

quite a bit outside of maybe like the Elon musks of the world we're getting a

Elon musks of the world we're getting a bunch of uh mostly first initial last

bunch of uh mostly first initial last names in here so I think that's pretty

names in here so I think that's pretty spot on with this uh the other thing

spot on with this uh the other thing that we can do is we could utilize this

that we can do is we could utilize this list say we're we're trying to do

list say we're we're trying to do something called credential stuffing

something called credential stuffing which we'll talk about in the next

which we'll talk about in the next section actually when we talk about

section actually when we talk about breach credentials uh but say we're

breach credentials uh but say we're trying to gather a bunch of usernames

trying to gather a bunch of usernames and test and see if we can log in with

and test and see if we can log in with those usernames anywhere or maybe

those usernames anywhere or maybe password spraying not so much uh the

password spraying not so much uh the credential stuffing but password

credential stuffing but password spraying where we take all these

spraying where we take all these usernames and we just throw it at a

usernames and we just throw it at a login form and say Hey Summer 2020

exclamation point you know see if that logs into any of these accounts and you

logs into any of these accounts and you would be surprised it happens quite a

would be surprised it happens quite a bit so you know these are this is

bit so you know these are this is valuable information even if we don't

valuable information even if we don't know exactly maybe we're not just

know exactly maybe we're not just hunting for one email maybe we're

hunting for one email maybe we're hunting for an entire domain this is a

hunting for an entire domain this is a great way to get free entire domains

great way to get free entire domains with a quick copy and paste capability

with a quick copy and paste capability like we have the Tesla here we can

like we have the Tesla here we can export the CSV from hunter.io but you

export the CSV from hunter.io but you only get so many results that you can

only get so many results that you can export into a CSV here you get a bunch

export into a CSV here you get a bunch there's no guarantee these are all valid

there's no guarantee these are all valid but they're still it's still information

but they're still it's still information information is what we want this is all

information is what we want this is all we're trying to gather is as much

we're trying to gather is as much information as possible so these are all

information as possible so these are all potential email addresses for tesla.com

potential email addresses for tesla.com I think it's a great great resource

I think it's a great great resource now we could also use something like uh

now we could also use something like uh voila no bear now this one you can get

voila no bear now this one you can get 50 more leads for free I'm not going to

50 more leads for free I'm not going to show you it's the same kind of deal as

show you it's the same kind of deal as 100.io they're showing you how to

100.io they're showing you how to utilize it here basically you can just

utilize it here basically you can just search for people and see to try to find

search for people and see to try to find their email addresses there is one I

their email addresses there is one I want to show you that I do use and I

want to show you that I do use and I have quite a bit of success with and

have quite a bit of success with and that is called clearbit and clearbit has

that is called clearbit and clearbit has to be used in Chrome

to be used in Chrome so I'm going to bring up this here

so I'm going to bring up this here clearbit has to be used in Chrome so you

clearbit has to be used in Chrome so you can download the Chrome extension for

can download the Chrome extension for Clear bit

Clear bit and all you have to do is go to Google

and all you have to do is go to Google let me log in really quick

let me log in really quick and then I'm going to just select the

and then I'm going to just select the free account we get so many searches 100

free account we get so many searches 100 emails a month so basically you're going

emails a month so basically you're going to search for clearbit connect and you

to search for clearbit connect and you would just say hey clearbit connect I'll

would just say hey clearbit connect I'll put a link down below by the way but

put a link down below by the way but clearbit connect is awesome you'll

clearbit connect is awesome you'll you'll see why here in a second once I

you'll see why here in a second once I authorize this

authorize this okay we're gonna come down here

okay we're gonna come down here acknowledge probably give out our

acknowledge probably give out our firstborn and then now we're going to

firstborn and then now we're going to say hey I want to find emails

say hey I want to find emails and here's all different kinds of things

and here's all different kinds of things that we can sit here and search for you

that we can sit here and search for you can see TCM Securities in here these are

can see TCM Securities in here these are some searches that I've done these

some searches that I've done these aren't any clients of mine these are

aren't any clients of mine these are just searches that I've done in the past

just searches that I've done in the past maybe looking for information or looking

maybe looking for information or looking for possible leads or anything so if I

for possible leads or anything so if I come in here and I say hey I want to

come in here and I say hey I want to look for TCM security you could type

look for TCM security you could type that in I'm going to just click on TCM

that in I'm going to just click on TCM security

security and look what it discovered that the

and look what it discovered that the others didn't

others didn't it discovered me

it discovered me okay and if I click on me

okay and if I click on me look it says heat that tcm-sec.com

look it says heat that tcm-sec.com where where did that come from and then

where where did that come from and then look it has my LinkedIn right here as

look it has my LinkedIn right here as well that's amazing that's awesome and

well that's amazing that's awesome and it says here you can email hate just

it says here you can email hate just click this button and then it's also got

click this button and then it's also got rizwan rizwon's on my sales team look

rizwan rizwon's on my sales team look it's got Riz one at tcm-sec.com what

it's got Riz one at tcm-sec.com what does that tell you that tells you that

does that tell you that tells you that we're using a first name basis for our

we're using a first name basis for our email addresses it's awesome now let's

email addresses it's awesome now let's come in here and maybe we want to look

come in here and maybe we want to look at Tesla maybe let's try Tesla one more

at Tesla maybe let's try Tesla one more time maybe we're looking for the CSO of

time maybe we're looking for the CSO of Tesla Tesla has a CSO you could come in

Tesla Tesla has a CSO you could come in here and look like Elon Musk is right

here and look like Elon Musk is right here obviously CEO but you could come in

here obviously CEO but you could come in here and maybe go by roll and they have

here and maybe go by roll and they have different roles in here so CEO let's see

different roles in here so CEO let's see if we can find any sort of CSO uh I

if we can find any sort of CSO uh I don't see one but I do see information

don't see one but I do see information technology so maybe we can find somebody

technology so maybe we can find somebody the information technology department or

the information technology department or it Department

it Department um and then here we go we've got quite a

um and then here we go we've got quite a few I.T people here's a CIO this could

few I.T people here's a CIO this could be somebody of interest that we might

be somebody of interest that we might want to reach out to and we could just

want to reach out to and we could just scroll through this list and find people

scroll through this list and find people so say we want to reach out to the CIO

so say we want to reach out to the CIO just click on this we get first initial

just click on this we get first initial last name just like we thought we would

last name just like we thought we would we get this person's LinkedIn page we

we get this person's LinkedIn page we get their location website this is

get their location website this is awesome awesome awesome so I typically

awesome awesome awesome so I typically will start with a Google search if I'm

will start with a Google search if I'm trying to hunt something down I will

trying to hunt something down I will start with a Google search I will say

start with a Google search I will say who is in this role at this company if

who is in this role at this company if I'm looking for a specific person at a

I'm looking for a specific person at a company then I will go to phonebook.cz

company then I will go to phonebook.cz or hunter.io try to identify the the

or hunter.io try to identify the the formatting of the email and then try to

formatting of the email and then try to find that person or guesstimate that

find that person or guesstimate that once we get to that point I try not to

once we get to that point I try not to burn through these clear bits unless I

burn through these clear bits unless I need to but clearbit is very good at

need to but clearbit is very good at identifying this once we get to that

identifying this once we get to that point we can take this email say like

point we can take this email say like this um this email or we'll even try a

this um this email or we'll even try a different email I'll show you a couple

different email I'll show you a couple but we could take this and we can go try

but we could take this and we can go try to verify this so there is a website

to verify this so there is a website called email hippo you can go to

called email hippo you can go to tools.verifyemailaddress.io and all you

tools.verifyemailaddress.io and all you have to do is type in an email address

have to do is type in an email address here sometimes you can get false

here sometimes you can get false positives if they're good or bad here I

positives if they're good or bad here I typed in this email address a couple

typed in this email address a couple times and just got a bad result this is

times and just got a bad result this is an email address that does not exist now

an email address that does not exist now let's try an email address that we saw

let's try an email address that we saw info

info tcm-sec.com see if it works

result is okay so it says yeah this email address works so we're verifying

email address works so we're verifying that this is up so say that you get

that this is up so say that you get somebody and you see that they have a

somebody and you see that they have a potential email address you can come

potential email address you can come here and try to verify it first and see

here and try to verify it first and see if it works before you go fire off an

if it works before you go fire off an email uh or don't you don't have to fire

email uh or don't you don't have to fire off an email you don't have to do

off an email you don't have to do anything or interact so this is the

anything or interact so this is the benefit like if you're from a sales

benefit like if you're from a sales perspective and you're doing osin here

perspective and you're doing osin here the this is the benefit not having to

the this is the benefit not having to email get waste your time get it

email get waste your time get it rejected you can come in here and just

rejected you can come in here and just validate if you're doing an

validate if you're doing an investigation you don't want to interact

investigation you don't want to interact with the person or company that you're

with the person or company that you're investigating you want to come in here

investigating you want to come in here and just verify without any interaction

and just verify without any interaction this is the way to do it same thing with

this is the way to do it same thing with this website here email

this website here email checker.net validate email Dash

checker.net validate email Dash checker.net validate say hey checking

checker.net validate say hey checking the email I put the same email address

the email I put the same email address here you can see it says bad we could

here you can see it says bad we could try again with info at

try again with info at tcm-sec.com and see if that works and it

tcm-sec.com and see if that works and it says okay

says okay so again this is doing a a great job

so again this is doing a a great job there are possibilities of false

there are possibilities of false positives there are so many searches

positives there are so many searches that you can do per month on these I do

that you can do per month on these I do believe they have apis which is nice if

believe they have apis which is nice if you want to automate this or script this

you want to automate this or script this out but I think this is this is

out but I think this is this is fantastic this is great stuff now there

fantastic this is great stuff now there are plenty of other ways to verify email

are plenty of other ways to verify email addresses in the next section we'll talk

addresses in the next section we'll talk about that even more as we talk about

about that even more as we talk about breach data because if somebody shows up

breach data because if somebody shows up in a data breach guess we'll have that

in a data breach guess we'll have that email address has been used in the past

email address has been used in the past if you look at something like I have

if you look at something like I have I've been pwn which I'll talk about in

I've been pwn which I'll talk about in the next section and they show up guess

the next section and they show up guess what that person's email address has

what that person's email address has existed so we're trying to verify if an

existed so we're trying to verify if an email address exists who that address

email address exists who that address might belong to Etc now this is more has

might belong to Etc now this is more has been from a business perspective some of

been from a business perspective some of this hunting down of emails may be more

this hunting down of emails may be more difficult to do if you're trying to find

difficult to do if you're trying to find a specific individual that's where

a specific individual that's where breach data comes into play and a lot to

breach data comes into play and a lot to This research and what I'm going to show

This research and what I'm going to show you in the next section we'll try to

you in the next section we'll try to hunt down individuals with maybe having

hunt down individuals with maybe having loose pieces of information like a name

loose pieces of information like a name or a username or something along those

or a username or something along those lines breach data can come in handy very

lines breach data can come in handy very very well so this is kind of scratching

very well so this is kind of scratching the surface now there's one last thing I

the surface now there's one last thing I want to show you one last little tip and

want to show you one last little tip and trick do not underestimate forgot

trick do not underestimate forgot passwords do not underestimate them

passwords do not underestimate them let's go to Google for example

let's go to Google for example right now I am logging in under an

right now I am logging in under an account that is please don't hack me sir

account that is please don't hack me sir please so it's please don't hack me sir

please so it's please don't hack me sir plz I do believe I'm gonna go ahead and

plz I do believe I'm gonna go ahead and try hitting next on that

try hitting next on that okay so first of all it said hey welcome

okay so first of all it said hey welcome hey what does this mean this means that

hey what does this mean this means that we have a valid account here that's

we have a valid account here that's great this is validating that this Gmail

great this is validating that this Gmail account exists

account exists here's something else we can use this to

here's something else we can use this to tie to potentially another account or

tie to potentially another account or help validate say we know that this

help validate say we know that this email belongs to somebody that's

email belongs to somebody that's harassing somebody else we don't know

harassing somebody else we don't know who this person is they're using this

who this person is they're using this spoofed email but maybe we have a

spoofed email but maybe we have a hundred maybe we don't maybe we just

hundred maybe we don't maybe we just want to try to get more data you can

want to try to get more data you can come to forgot password

come to forgot password and it's going to say what's the last

and it's going to say what's the last password remember using I don't know

password remember using I don't know let's try another way you come down here

let's try another way you come down here and it says hey let me make this bigger

and it says hey let me make this bigger Google will send a verification code to

Google will send a verification code to H

H and it says look it shows you the rest

and it says look it shows you the rest of the the digits here and then at TC

of the the digits here and then at TC here that would give you a pretty good

here that would give you a pretty good indication if you're tracking who your

indication if you're tracking who your subject is that this email could tie to

subject is that this email could tie to somebody else look this is heat

somebody else look this is heat tcm-sec.com

tcm-sec.com okay so this email belongs to me this is

okay so this email belongs to me this is tying back to me now you have another

tying back to me now you have another Point here so if you knew about this

Point here so if you knew about this email address and now you have the link

email address and now you have the link the connection to guarantee that this

the connection to guarantee that this person this is evidence right here say

person this is evidence right here say you were doing something which we'll

you were doing something which we'll learn about again in the next section

learn about again in the next section where you're looking through breach data

where you're looking through breach data you find a username that matches this

you find a username that matches this email address and also matches this

email address and also matches this email address but people can reuse

email address but people can reuse usernames there could be multiple people

usernames there could be multiple people who use the same username so you need to

who use the same username so you need to verify or some link this would be a

verify or some link this would be a proof of a link between those a pretty

proof of a link between those a pretty strong proof if you ask me if you can

strong proof if you ask me if you can say hey I identified two email addresses

say hey I identified two email addresses with the same username I did an account

with the same username I did an account recovery came in here and saw that this

recovery came in here and saw that this had this same first character and first

had this same first character and first domain name I think that's a pretty

domain name I think that's a pretty strong correlation so things to think

strong correlation so things to think about Wheels to be spinning try to

about Wheels to be spinning try to identify email addresses in any way

identify email addresses in any way possible we'll cover this more in depth

possible we'll cover this more in depth in the next section and I'm really

in the next section and I'm really excited because password hunting is one

excited because password hunting is one of my favorite things so let's go ahead

of my favorite things so let's go ahead and move on to the next section when we

and move on to the next section when we talk about password osin

okay so I would like you to go out to github.com

github.com and then once you're there go ahead and

and then once you're there go ahead and just do a forward slash H Maverick Adams

just do a forward slash H Maverick Adams h m a v e r i c k Adams and hit enter

h m a v e r i c k Adams and hit enter and you can see me and my snazzy photo

and you can see me and my snazzy photo here but what we're after is I want to

here but what we're after is I want to show you a tool that I wrote called

show you a tool that I wrote called breach parse and we're going to walk

breach parse and we're going to walk through what it does now go ahead and

through what it does now go ahead and click on breach parts

click on breach parts and you're going to see a bash script

and you're going to see a bash script here and a little bit of a description

here and a little bit of a description so you do not need to download this let

so you do not need to download this let me preface with what we're doing here

me preface with what we're doing here this magnet link you're going to need

this magnet link you're going to need one a torrent some sort of uTorrent or

one a torrent some sort of uTorrent or BitTorrent and you'll need to download

BitTorrent and you'll need to download this and it's also something along the

this and it's also something along the lines of 44 gigabytes extracted it's a

lines of 44 gigabytes extracted it's a huge file so you don't have to do this

huge file so you don't have to do this you can just watch and follow along you

you can just watch and follow along you are more than welcome to install this on

are more than welcome to install this on your machine I'm going to show you what

your machine I'm going to show you what it looks like so I'm going to go out to

it looks like so I'm going to go out to my applications and my files here

my applications and my files here and then I have put this into my opt

and then I have put this into my opt folder so if you come into opt here and

folder so if you come into opt here and I've got breach parse

I've got breach parse if you come into this breach compilation

if you come into this breach compilation folder which is what we'll download

folder which is what we'll download you're going to see that we have data

you're going to see that we have data here okay so this data has a bunch of

here okay so this data has a bunch of different data it's got emails starting

different data it's got emails starting with zero one two three four all these

with zero one two three four all these different ones what's living inside of

different ones what's living inside of this

this is if we can display it

is if we can display it is emails and passwords now you see

is emails and passwords now you see these ones have weird symbols inside the

these ones have weird symbols inside the emails but there's a bunch of emails and

emails but there's a bunch of emails and passwords in here like somebody at

passwords in here like somebody at yahoo.com and their password is one two

yahoo.com and their password is one two three four five six

three four five six well these passwords are coming from

well these passwords are coming from credential dumps so we talked about it

credential dumps so we talked about it earlier about thinking about the you

earlier about thinking about the you know Equifax or the LinkedIn breach or

know Equifax or the LinkedIn breach or Home Depot all these big breaches that

Home Depot all these big breaches that happen

happen credentials get dumped out and guess

credentials get dumped out and guess what they show up on the dark web and

what they show up on the dark web and eventually they show up in these lists

eventually they show up in these lists so we utilize these lists and we've got

so we utilize these lists and we've got you click into this just hundreds of

you click into this just hundreds of files here and again 44 gigabytes so

files here and again 44 gigabytes so what I did was I built a little tool

what I did was I built a little tool that can search through this data and

that can search through this data and pull down names so we can take a quick

pull down names so we can take a quick look at the tool and what it does but

look at the tool and what it does but basically what it does is you just put

basically what it does is you just put in the syntax you search for something

in the syntax you search for something like at tesla.com and then you specify

like at tesla.com and then you specify you know tesla.txt

you know tesla.txt and it's going to search through all of

and it's going to search through all of these files for at tesla.com if you're

these files for at tesla.com if you're more interested in the code behind it

more interested in the code behind it you're more than welcome to read the

you're more than welcome to read the code in here and see if some of the

code in here and see if some of the items that we've covered already with

items that we've covered already with the batch scripting and the python

the batch scripting and the python scripting kind of ring a bell

scripting kind of ring a bell so what we're going to do is I'm going

so what we're going to do is I'm going to come ahead and go into the terminal

to come ahead and go into the terminal and make it a little bigger

and make it a little bigger and then I'm just going to change into

and then I'm just going to change into that op folder breach parse I'm going to

that op folder breach parse I'm going to run breech parse so reach parse here and

run breech parse so reach parse here and what we're going to do is I'm just going

what we're going to do is I'm just going to say

to say at tesla.com and then Tesla dot text

at tesla.com and then Tesla dot text and that's going to run so again you do

and that's going to run so again you do not have to install this this is only

not have to install this this is only for visual purposes I'm going to show

for visual purposes I'm going to show you in the next video another way to do

you in the next video another way to do this so this is going to run through

this so this is going to run through it's going to take a minute here and

it's going to take a minute here and it's going to grab everybody's username

it's going to grab everybody's username and password that says tesla.com and the

and password that says tesla.com and the username and then it's going to have all

username and then it's going to have all the passwords and we're going to be able

the passwords and we're going to be able to decipher things from this so I'm

to decipher things from this so I'm going to let this run and as soon as

going to let this run and as soon as it's done I'll come back and we'll talk

it's done I'll come back and we'll talk about the results

about the results okay the results are back so this breaks

okay the results are back so this breaks it down into three files there is a it's

it down into three files there is a it's cat Tesla there is a master passwords

cat Tesla there is a master passwords and user so the master has the username

and user so the master has the username and password and then the users file has

and password and then the users file has the users passwords has the passwords so

the users passwords has the passwords so I'm gonna actually G edit the Tesla

I'm gonna actually G edit the Tesla master dot text

master dot text and let's take a look at this

and let's take a look at this so from here we don't have a big list

so from here we don't have a big list surprisingly for a company the size of

surprisingly for a company the size of Tesla so what happens is people utilize

Tesla so what happens is people utilize their work credentials their work emails

their work credentials their work emails and they log into websites and probably

and they log into websites and probably shouldn't be using their work emails for

shouldn't be using their work emails for and we just use it to our advantage so

and we just use it to our advantage so we're after is we're after not only

we're after is we're after not only these usernames but we're after these

these usernames but we're after these passwords as well so we see these

passwords as well so we see these usernames and we see these passwords and

usernames and we see these passwords and I like to look for repeat offenders I

I like to look for repeat offenders I like to look for the syntax as well

like to look for the syntax as well remember we had first initial last name

remember we had first initial last name but we see first name dot last name here

but we see first name dot last name here we see possibly you know just a single

we see possibly you know just a single name there are different types of things

name there are different types of things in here so

in here so uh Nick tesla.com as well so you know

uh Nick tesla.com as well so you know it's changed up I think nowadays it is

it's changed up I think nowadays it is first initial last name but maybe in the

first initial last name but maybe in the past they use first name dot last name

past they use first name dot last name then move to an easier format or vice

then move to an easier format or vice versa they started the first initial

versa they started the first initial last name they got too big then they had

last name they got too big then they had to do first name dot last name but again

to do first name dot last name but again what we're after here is potential

what we're after here is potential repeat offenders so look at this shark

repeat offenders so look at this shark at tesla.com it got popped twice and the

at tesla.com it got popped twice and the password is very very very similar so if

password is very very very similar so if I were to attack tesla.com through a

I were to attack tesla.com through a login interface I might spray this

username with this password and this password that's what we call credential

password that's what we call credential stuffing because we already know the

stuffing because we already know the passwords and then I might make some

passwords and then I might make some modification of capitalized letters and

modification of capitalized letters and non-capitalized letters with d-a-d-e

non-capitalized letters with d-a-d-e because 907 and 814 appear to be

because 907 and 814 appear to be consistent you know so I would alternate

consistent you know so I would alternate Capitals in non-capitals here in lower

Capitals in non-capitals here in lower case and just see maybe if something

case and just see maybe if something sticks so this is something that's

sticks so this is something that's interesting this user down here one two

interesting this user down here one two three four five one two three four five

three four five one two three four five star probably not going to get in with

star probably not going to get in with that on a company like Tesla but you

that on a company like Tesla but you never know

never know but this is what we would do we would

but this is what we would do we would take the usernames we would throw these

take the usernames we would throw these passwords at it and that's called

passwords at it and that's called credential stuffing and then we would

credential stuffing and then we would take these usernames and all the known

take these usernames and all the known usernames and we would spray passwords

usernames and we would spray passwords at them like fall 2019 like we talked

at them like fall 2019 like we talked about in the last video that's password

about in the last video that's password spring so this is a important and very

spring so this is a important and very very critical part of information

very critical part of information gathering is gathering these usernames

gathering is gathering these usernames and these credentials right off the bat

and these credentials right off the bat you want to identify those with your

you want to identify those with your targets so this is kind of what it looks

targets so this is kind of what it looks like this is what I do during every

like this is what I do during every assessment and hopefully that makes

assessment and hopefully that makes sense and that works into it in the next

sense and that works into it in the next video we're going to go ahead and just

video we're going to go ahead and just show another method and start thinking

show another method and start thinking again about these credentials and how

again about these credentials and how they can be utilized and then we'll do

they can be utilized and then we'll do some other information gathering as we

some other information gathering as we move on and learn some techniques and

move on and learn some techniques and how we can get information on a client

how we can get information on a client so I'll see you over in the next video

okay let's talk about hunting breach credentials and let's get Hands-On now

credentials and let's get Hands-On now before we get started I know I stressed

before we get started I know I stressed this in the beginning of the course I'm

this in the beginning of the course I'm going to stress this again

going to stress this again what I'm going to show you here could

what I'm going to show you here could change now I released a course about a

change now I released a course about a year ago which was on ethical hacking we

year ago which was on ethical hacking we talked about breach credentials and I

talked about breach credentials and I utilized a website called we leak info

utilized a website called we leak info we leak info was then eventually shut

we leak info was then eventually shut down and I got all kinds of emails

down and I got all kinds of emails saying hey this is shut down I don't

saying hey this is shut down I don't know what to do

know what to do there's more out there okay there's

there's more out there okay there's always more out there what I'm showing

always more out there what I'm showing you is the methodology I could show you

you is the methodology I could show you on a specific website which I'm going to

on a specific website which I'm going to do that website could go down tomorrow

do that website could go down tomorrow we never know but what you need to

we never know but what you need to retain is the thought process and the

retain is the thought process and the methodology behind what's about to

methodology behind what's about to happen from there you could take that

happen from there you could take that and utilize it elsewhere so if a website

and utilize it elsewhere so if a website does go down you still have the same

does go down you still have the same thoughts why you're doing it and why

thoughts why you're doing it and why you're thinking about it so let's go

you're thinking about it so let's go ahead and move over to a website now so

ahead and move over to a website now so I want to take you to a website called D

I want to take you to a website called D hash now this is dhash.com I do not

hash now this is dhash.com I do not expect you to be able to follow along at

expect you to be able to follow along at this point because

this point because this costs money okay it's five bucks

this costs money okay it's five bucks for a week it's a hundred and fifty

for a week it's a hundred and fifty dollars for a year this is only a used

dollars for a year this is only a used to take credit card they only now take

to take credit card they only now take Bitcoin I do believe or some sort of

Bitcoin I do believe or some sort of cryptocurrency absolutely worth it in my

cryptocurrency absolutely worth it in my opinion

opinion even get a week get a week see if you

even get a week get a week see if you like it it's amazing there's gonna be

like it it's amazing there's gonna be tools I show you later on the course

tools I show you later on the course that will go through and we can do it

that will go through and we can do it locally like the one I just ran in the

locally like the one I just ran in the last video I ran breach parts right this

last video I ran breach parts right this is something that I've put together in

is something that I've put together in in set up but and it's free but the

in set up but and it's free but the database isn't maintained it's a slow

database isn't maintained it's a slow search I don't get the results back as

search I don't get the results back as instantly and I can't tie it to as many

instantly and I can't tie it to as many data points as a website like this can I

data points as a website like this can I think this website's great now let's

think this website's great now let's talk about what D hash can do now that

talk about what D hash can do now that I'm logged in

I'm logged in we have the ability to search by let me

we have the ability to search by let me make this a little bit bigger we have

make this a little bit bigger we have the ability to search by email

the ability to search by email username IP address name address phone

username IP address name address phone number Vin okay think about this say we

number Vin okay think about this say we know a email address okay we know an

know a email address okay we know an email address say it's Bob Bob at

email address say it's Bob Bob at tesla.com we're not going to search this

tesla.com we're not going to search this yet we take Bob and we know Bob it has

yet we take Bob and we know Bob it has an account and we're looking for him we

an account and we're looking for him we search him Bob shows up and we see Bob

search him Bob shows up and we see Bob shows up and we see maybe his name like

shows up and we see maybe his name like Bob Jones or something like that shows

Bob Jones or something like that shows up maybe something that he's been leaked

up maybe something that he's been leaked in has his address or maybe there was an

in has his address or maybe there was an IP address tied to the client you're

IP address tied to the client you're looking for or the person you're looking

looking for or the person you're looking for this can all be identified what if

for this can all be identified what if Bob has a username it's like Bob Bob

Bob has a username it's like Bob Bob rocks123 okay well we can search that

rocks123 okay well we can search that username in here and see if that

username in here and see if that username has repeated itself at all

username has repeated itself at all which is great we could search by

which is great we could search by password so say Bob's password was Bob

password so say Bob's password was Bob rocks123 we could search that password

rocks123 we could search that password and if it's Unique enough then maybe we

and if it's Unique enough then maybe we can actually do some Advanced searching

can actually do some Advanced searching like if we go back to the example from

like if we go back to the example from last time like this last video we saw

last time like this last video we saw this 907 d-a-d-e-814

this 907 d-a-d-e-814 we could put that into a search engine

we could put that into a search engine and see if that comes back to something

and see if that comes back to something else maybe that comes back to a user

else maybe that comes back to a user that is not at a tesla.com but maybe

that is not at a tesla.com but maybe it's like Bob at gmail.com and then

it's like Bob at gmail.com and then guess what now we have Bob's personal

guess what now we have Bob's personal account or now we have Bob tied to

account or now we have Bob tied to another email account especially if we

another email account especially if we search by name or something that we can

search by name or something that we can tie them together we need to start being

tie them together we need to start being able to relate other accounts to each

able to relate other accounts to each other we can do that with hashing we

other we can do that with hashing we could do that with passwords there's a

could do that with passwords there's a lot of things that we can do and we want

lot of things that we can do and we want to start tying this together as a real

to start tying this together as a real world example when I am looking at an

world example when I am looking at an organization and I'm doing research on

organization and I'm doing research on on hashing or I'm doing research on

on hashing or I'm doing research on breach credentials I'm trying to think

breach credentials I'm trying to think okay first if my client if my client is

okay first if my client if my client is tesla.com I might come in here and

tesla.com I might come in here and search at tesla.com and I might come see

search at tesla.com and I might come see how many results are in here let's see

how many results are in here let's see what happens

what happens okay here's George tesla.com George has

okay here's George tesla.com George has been in a shared data so there's no

been in a shared data so there's no actual

actual um any data details here besides a

um any data details here besides a potential username a name email okay

potential username a name email okay same thing with safety we'd have to

same thing with safety we'd have to scroll down and see if we can find

scroll down and see if we can find something that okay here's Adobe now

something that okay here's Adobe now Adobe will have a there's actually a bob

Adobe will have a there's actually a bob and Tesla um Bob at Tesla has a hash

and Tesla um Bob at Tesla has a hash password here okay so now we could say

password here okay so now we could say well first of all we can go see if we

well first of all we can go see if we can figure out what this hash is which

can figure out what this hash is which we'll talk about in a second we can also

we'll talk about in a second we can also go and say okay Bob uh does Bob exist

go and say okay Bob uh does Bob exist anywhere else does this hash exist

anywhere else does this hash exist anywhere else on this website can we tie

anywhere else on this website can we tie it to another account that maybe even if

it to another account that maybe even if we don't crack the password then we can

we don't crack the password then we can say okay this Bob this ties to Bob

say okay this Bob this ties to Bob gmail.com so like I would note this down

gmail.com so like I would note this down and I would take this and copy it so

and I would take this and copy it so from a real world example I would take

from a real world example I would take all the data that I see on this website

all the data that I see on this website I would collect all of the passwords all

I would collect all of the passwords all of the usernames and everything so like

of the usernames and everything so like Tesla 9 all this I want to know what the

Tesla 9 all this I want to know what the passwords are I want to know who the

passwords are I want to know who the people are I want to know all the data

people are I want to know all the data because if I could start finding

because if I could start finding patterns if I could start putting things

patterns if I could start putting things together maybe I can even relate these

together maybe I can even relate these back to their personal email accounts

back to their personal email accounts like we're talking about and then I

like we're talking about and then I could see password patterns there or

could see password patterns there or other passwords and just start tying

other passwords and just start tying this down because my goal is to break

this down because my goal is to break into an organization if I'm doing a pen

into an organization if I'm doing a pen test my goal is to break into an

test my goal is to break into an organization so I'm going to take that

organization so I'm going to take that data and if I can find other passwords

data and if I can find other passwords related to a personal account I'm not

related to a personal account I'm not going to go attempt to break into a

going to go attempt to break into a personal account but I will take that

personal account but I will take that data and I will put it together and

data and I will put it together and maybe try to break into their work email

maybe try to break into their work email account with those passwords of that

account with those passwords of that information this can tie to an

information this can tie to an investigation as well if you're hunting

investigation as well if you're hunting down an individual you're trying to tie

down an individual you're trying to tie them to other accounts this is

them to other accounts this is incredibly useful if you can find their

incredibly useful if you can find their data in a breached database and have a

data in a breached database and have a password and that password's unique you

password and that password's unique you can search it maybe find them somewhere

can search it maybe find them somewhere else you find and I IP address you find

else you find and I IP address you find a name there are often IP addresses in

a name there are often IP addresses in here which we can tie to a location

here which we can tie to a location possibly and see here's that 9078 or

possibly and see here's that 9078 or Dade 814 we could take this and maybe

Dade 814 we could take this and maybe search it and see if it comes back

search it and see if it comes back anything who knows shark at Tesla shark

anything who knows shark at Tesla shark at Tesla okay

at Tesla okay sharkmail.ru look this is a new new

sharkmail.ru look this is a new new email address

email address we didn't know about this one before

we didn't know about this one before and look it does us a favor we search

and look it does us a favor we search d-a-d-e but here's the capitalize we

d-a-d-e but here's the capitalize we didn't search for capitalize we're not

didn't search for capitalize we're not searching specific okay and now we're

searching specific okay and now we're getting more information look here's one

getting more information look here's one for Dropbox okay so it tells you where

for Dropbox okay so it tells you where this is coming from and how you can tie

this is coming from and how you can tie it in if we can get any sort of name out

it in if we can get any sort of name out of this

of this um any sort of anything that would be

um any sort of anything that would be amazing we can get a person's name or IP

amazing we can get a person's name or IP address and we could start tying them

address and we could start tying them down but when you're doing different

down but when you're doing different searches like this you need to start

searches like this you need to start almost

almost um you know like in the investigations

um you know like in the investigations where they have like the the red yarn

where they have like the the red yarn and it's going from one pinpoint to

and it's going from one pinpoint to another you kind of have to zigzag that

another you kind of have to zigzag that back and forth and really try to tie

back and forth and really try to tie this down and you'll see that when we

this down and you'll see that when we get into reporting how you might take

get into reporting how you might take one individual and really just see like

one individual and really just see like a password tied to an account tied to

a password tied to an account tied to this and this was the exact methodology

this and this was the exact methodology that we took to get to that point

that we took to get to that point because when you write a report you want

because when you write a report you want to make sure that I the investigative

to make sure that I the investigative person or the say you're heading off to

person or the say you're heading off to the police or whatever you want to make

the police or whatever you want to make sure that the person that is doing what

sure that the person that is doing what what you did or they can replicate what

what you did or they can replicate what you did with ease and there's no no

you did with ease and there's no no question about it so this is some of the

question about it so this is some of the the searching that we can do now if we

the searching that we can do now if we come to dehashed again we can come here

come to dehashed again we can come here and we can search by email username name

and we can search by email username name name anything so you can put your name

name anything so you can put your name in here I mean if you want to search on

in here I mean if you want to search on here I think it's great you can come

here I think it's great you can come through here and just search for your

through here and just search for your name let's go back let's search Tesla

name let's go back let's search Tesla again I saw a hash in there the Adobe

again I saw a hash in there the Adobe hashes are kind of interesting they're

hashes are kind of interesting they're not the easiest to pick up but let's see

not the easiest to pick up but let's see let's find this Adobe hash

let's find this Adobe hash so let's say we get a hash like this

so let's say we get a hash like this we could try to identify what this hash

we could try to identify what this hash is we can try to crack this hash we can

is we can try to crack this hash we can see if it's been cracked somewhere else

see if it's been cracked somewhere else this hash as of right now we have no

this hash as of right now we have no idea but we know Bob tesla.com we can

idea but we know Bob tesla.com we can maybe paste this in here first of all

maybe paste this in here first of all and see if it ties back to anything and

and see if it ties back to anything and there's 22 results back

there's 22 results back um you know I would probably be looking

um you know I would probably be looking for somebody that has this password with

for somebody that has this password with the name of Bob it's probably not going

the name of Bob it's probably not going to be like a Brett or a Michael you know

to be like a Brett or a Michael you know we might want to see if we can find

we might want to see if we can find another account somewhere else but these

another account somewhere else but these are all tying down to a hash from Adobe

are all tying down to a hash from Adobe so depending on how they were hashing

so depending on how they were hashing this data we might not find anything

this data we might not find anything else of interest but you can see all the

else of interest but you can see all the things here all the different

things here all the different opportunities that are here for us to

opportunities that are here for us to just do research and tie down

just do research and tie down information now we can go to a website

information now we can go to a website called hashes.org

called hashes.org and if we come here we have the

and if we come here we have the capability to actually try to search for

capability to actually try to search for this hash so we could search hashes and

this hash so we could search hashes and see if we can find it

see if we can find it so you can come in here and just paste

so you can come in here and just paste it

it and again it doesn't do a great job in

and again it doesn't do a great job in my opinion with the Adobe hashes

my opinion with the Adobe hashes sometimes they crack but a lot of times

sometimes they crack but a lot of times it says it can't find them

it says it can't find them um oops there we go

um oops there we go let's try hitting a search here

let's try hitting a search here okay so it says not a valid hash now if

okay so it says not a valid hash now if you put this into Google as a search

you put this into Google as a search you can see it didn't come back with

you can see it didn't come back with anything either so we want to make sure

anything either so we want to make sure that when we're searching this you know

that when we're searching this you know we we try all options there is an adobe

we we try all options there is an adobe database that if you do put in a hash

database that if you do put in a hash and it does show up there's a GitHub

and it does show up there's a GitHub Adobe database that will actually show

Adobe database that will actually show up here so with that being said this is

up here so with that being said this is kind of what I want you to start

kind of what I want you to start thinking about when we're hunting down

thinking about when we're hunting down breach credentials how can I take a

breach credentials how can I take a person or company that I'm looking into

person or company that I'm looking into so if you have a company you can just go

so if you have a company you can just go at company

at company name.com or dot net or whatever it is

name.com or dot net or whatever it is search in here see how they show up if

search in here see how they show up if you have a person maybe a personal email

you have a person maybe a personal email account if you can find that person if

account if you can find that person if you know their email account you come in

you know their email account you come in here and say Bob gmail.com maybe you

here and say Bob gmail.com maybe you don't know what their their email

don't know what their their email address is then maybe you come here to

address is then maybe you come here to the main page you go okay I'm gonna look

the main page you go okay I'm gonna look for a name I'm going to look for Bob

for a name I'm going to look for Bob Jones

Jones and search for that and then you start

and search for that and then you start taking this and trying to find the

taking this and trying to find the patterns if you know Bob lives somewhere

patterns if you know Bob lives somewhere uh maybe you could find an address for

uh maybe you could find an address for Bob or maybe you know Bob lives in like

Bob or maybe you know Bob lives in like Arizona you could search Bob Jones and

Arizona you could search Bob Jones and see if Bob shows up

see if Bob shows up um and then kind of take it from there

um and then kind of take it from there and there is some search operators that

and there is some search operators that you can utilize you can see Bob Jones is

you can utilize you can see Bob Jones is taking forever you can put this in

taking forever you can put this in quotations and search it again and kind

quotations and search it again and kind of narrow down your results here so if

of narrow down your results here so if we click on this you could see like

we click on this you could see like here's a name of we got a lot of results

here's a name of we got a lot of results but here's the name Bob Jones this is a

but here's the name Bob Jones this is a very common name so

very common name so um but you could see like if we're

um but you could see like if we're trying to look this down we can start

trying to look this down we can start searching and adding operators in here

searching and adding operators in here and trying to see if we can figure out

and trying to see if we can figure out to tie a username or something to them

to tie a username or something to them so again get your wheel spinning don't

so again get your wheel spinning don't rely on just dehashed but just rely on

rely on just dehashed but just rely on thinking about this this is the thing

thinking about this this is the thing you should think about again the hash

you should think about again the hash could go down tomorrow but if you're

could go down tomorrow but if you're thinking about it in in the way that the

thinking about it in in the way that the credentials and the information can be

credentials and the information can be interwoven remember that red yarn again

interwoven remember that red yarn again that's really what I want you to take

that's really what I want you to take away from this so we're going to do

away from this so we're going to do another video on this I'm going to show

another video on this I'm going to show you some more I guess tools that are out

you some more I guess tools that are out there and some other things that you can

there and some other things that you can do offer alternatives to this and then

do offer alternatives to this and then we'll wrap up this section so I'll catch

we'll wrap up this section so I'll catch you over in the next video

you over in the next video okay we have reached the end of part one

okay we have reached the end of part one I am again going to link in the

I am again going to link in the description below the link to part two

description below the link to part two so go ahead and click on that if you

so go ahead and click on that if you finish this and we're going to meet you

finish this and we're going to meet you over in part two of the video

انقر على أي نص أو طابع زمني للانتقال إلى تلك اللحظة في الفيديو

معظم النصوص تصبح جاهزة في أقل من 5 ثوانٍ

نسخ بنقرة واحدة125+ لغةالبحث في المحتوىالانتقال إلى الطوابع الزمنية

الصق رابط YouTube

أدخل رابط أي فيديو YouTube للحصول على نصه الكامل

معظم النصوص تصبح جاهزة في أقل من 5 ثوانٍ

احصل على إضافة Chrome

احصل على النصوص فوراً دون مغادرة YouTube. ثبّت إضافة Chrome للوصول بنقرة واحدة إلى نص أي فيديو مباشرةً من صفحة المشاهدة.

أضف إلى Chrome — مجاناً

يعمل مع YouTube وCoursera وUdemy وغيرها من المنصات التعليمية

احصل على النصوص فوراً: فقط عدّل النطاق في شريط العنوان!

YouTube

←

→

↻

https://www.youtube.com/watch?v=UF8uR6Z6KLc

YoutubeToText

←

→

↻

https://youtubetotext.net/watch?v=UF8uR6Z6KLc

نص YouTubeجارٍ تحضير نتائجك…

نص YouTube:Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 1)