0:02 hey guys hack exploit here back again
0:04 with another video and welcome to end
0:06 map for beginners so this is going to be
0:08 a continuation in the ethical hacking
0:12 course now what is nmap well basically
0:14 nmap is a footprinting tool or a
0:17 reconnaissance tool now uh I had already
0:18 explained this in the first class the
0:21 first ethical hacking class uh this is
0:23 basically the first step of uh hacking
0:25 where you actually find information
0:27 about the Target or the IP or the
0:30 website so basically nmap is a footprint
0:32 tool that gets more information about
0:34 the um the Target or the IP or the
0:37 website for that matter in my opinion I
0:40 think in map is a must have for any pent
0:42 testers or ethical hackers or hackers
0:46 for that matter so uh basically uh n map
0:48 uh is available on almost all the
0:50 platforms all you have to do is just go
0:52 to the website um just going to open
0:56 nmap here uh it's nm.org that's their
0:58 website it's a free free software so you
1:00 can go and download it uh as you can see
1:02 here it's there available for Linux uh
1:05 windows and I believe Mac OS so if
1:07 you're actually on map uh if you're
1:11 actually on Mac I believe it's there so
1:13 uh you can actually install it on uh
1:15 Linux and windows because are the most
1:17 popular operating systems however if
1:20 you're using Cali Linux or parat Os like
1:23 I am it already comes pre-installed so
1:24 there are two ways you can go about
1:26 launching it on Windows I think you just
1:28 have to run the nmap command in the
1:30 command prompt uh same as with Linux but
1:33 if you're actually running a um a
1:36 penetration uh testing disc like par or
1:39 Linux uh or Cali Linux uh it's just in
1:41 the information gathering section which
1:44 is basically Recon recognisance so we
1:46 have n map right here and all you have
1:48 to do is open n map and it's going to
1:50 ask you for your root password because
1:52 it's going to need elevated uh
1:55 privileges so that's one way of uh of
1:57 starting end map now the second way of
1:59 starting end map is just by opening a
2:03 terminal uh entering your root password
2:06 uh or launching it in administrator mode
2:08 uh on Windows and you just want to enter
2:10 your password and then I'm just going to
2:13 clear the console uh like so and I'm
2:15 just going to enter nmap and I'm going
2:19 to enter the help um help option which
2:20 will basically give me all the options
2:23 available with nmap now it's going to
2:24 look a bit overwhelming because it's
2:26 going to give you a lot of lot of
2:29 options you can just look at this as a
2:30 manual basically they're giving you the
2:32 different options that you can use for
2:35 your different uh methods of scanning so
2:37 just don't worry about anything just
2:39 scroll down all the way to the bottom
2:41 and look at where it says examples I'm
2:44 going to use these examples to guide you
2:47 um to guide you in your uh uh in this
2:51 tutorial so uh firstly uh I want to just
2:54 say something n map is a very very very
2:57 noisy scanner now the reason what I mean
3:00 by this is nmap is easily detectable by
3:03 firewalls and uh by servers so they
3:05 actually know that you're scanning them
3:09 so the real charm of using nmap is not
3:12 just scanning a a server or a site or an
3:15 IP address for that matter it's how to
3:18 do it anonymously or uh very quietly so
3:20 that you're not detected I'm going to
3:24 get to that uh very very soon so uh just
3:26 make sure that you don't do anything
3:28 illegal uh I mean this is only for
3:30 educational purposes
3:33 so uh yeah so let's get to the next part
3:35 all right now uh as I was saying in the
3:38 example section uh it's just going to
3:41 give you an example of what a um a basic
3:44 n map uh run would look like you have
3:46 your nmap command which initializes in
3:49 map and then you have your uh parameters
3:51 that will bring results uh depending on
3:54 what you want out of those results so
3:57 you have your V and a now before we get
4:00 to that n map basically gives you a free
4:03 testing um uh scanning machine where
4:06 they allow you to scan their this scan
4:10 me. nm.org this web address uh for
4:12 educational purposes so as you can see
4:15 here hello welcome to scan me.n map.org
4:18 don't worry the website will be in the
4:20 description section if you're too lazy
4:22 to type that out uh so as you can see we
4:24 set up this machine to help folks learn
4:26 about nmap and also to test and make
4:28 sure that the nmap installation or
4:30 internet connection is working properly
4:32 you're authorized to scan this machine
4:34 with n map or the port scanners try not
4:36 to hammer uh on the server too hard a
4:38 few scans in a day is fine but do not
4:40 scan 100 times a day or use this site to
4:43 test your SSH Brute Force password
4:46 cracking tool so basically they they
4:47 allowing you they're giving you
4:49 permission to scan this which is what I
4:51 was going to say you need written
4:55 permission to scan any IP address any uh
4:58 any website or any server for uh
5:00 whatever you do uh it's on new that's
5:02 what I wanted to just put out so we're
5:04 going to use this as an example during
5:07 uh the the end map tutorials so coming
5:10 back here as you can see they've given
5:12 you example scan with the scan me.
5:16 nm.org uh address so what does V mean
5:18 well V basically prints the version
5:21 number or the name of the uh of these of
5:24 the server uh uh basically the address
5:27 name all right now uh the a basically
5:31 prints the uh OSD detection the version
5:33 detection and script scanning so it'll
5:35 basically give you the operating system
5:38 version the operating system itself and
5:41 this it will scan for scripts all right
5:43 now if we go down to the second one we
5:45 have a bit of a different uh command
5:48 here just ignore the SN for now I will
5:51 get to that in a future tutorial uh now
5:52 we as you can see here there's something
5:55 a bit confusing we have a very weird
5:58 looking IP uh configuration well this is
6:00 not really unusual in fact in fact what
6:03 this means is this is a range of IP
6:07 addresses now don't be confused by this
6:10 what this means uh is basically you can
6:13 pass a range of I IP addresses like from
6:15 this IP address to this IP address you
6:18 want nmap to scan that they could be
6:20 belonging to an organization so you can
6:22 basically do a very powerful end map
6:26 scan on like multiple IP addresses now
6:28 uh before we move on I just want to show
6:31 you an example of what I mean so what
6:32 you want to do is open a browser and I
6:34 just want you to search for this all
6:38 right I want you to search for
6:41 major IP block right that's the one I
6:44 want you to search for major IP block
6:46 with with whichever uh search engine and
6:48 it's going to open the major IP address
6:51 blocks just click on that by near soft
6:52 now what this means is basically these
6:55 are the IP ranges in every country all
6:57 around the world so these are all the IP
6:59 addresses registered to people or to
7:01 companies so you can choose from
7:03 whatever country that you want to scan
7:06 from uh really anything it's up to you
7:08 right so we can just try France uh let's
7:11 just try France for example and it'll
7:13 give you all the IPS and their ranges so
7:16 as you can see from this IP to this IP
7:19 belongs to Orange uh sa and it has the
7:22 assigned date and the total amount of IP
7:26 addresses now this comes to the very
7:28 important part I wanted to explain about
7:30 reconnaissance here
7:32 uh if you have an IP address you can
7:34 really do a lot with it and you can
7:36 actually find a lot of information
7:39 related to that IP address which is what
7:40 I'm going to show you right now so I'm
7:43 just going to pick a random IP address
7:47 uh let's try um let's try this one here
7:49 all right I'm just going to copy it know
7:51 it's not allowing me to copy it there we
7:54 are copying and I'm just going to search
7:56 uh for this is a very important command
7:58 this will basically give us the info
8:02 about what who this IP belongs to who is
8:03 all right so we're going to say who is
8:05 and we're going to paste that there and
8:07 we're going to enter and it's going to
8:10 open in a search engine who the IP
8:12 address belongs to so we're we're just
8:15 going to open the first uh site that we
8:17 get here so just open it and it
8:19 shouldn't take too long and it's going
8:20 to give you
8:23 the um it's going to give you all the
8:24 information about it so it's going to
8:26 tell you uh the country I saw the time
8:28 zone Europe Paris so you know it's in
8:30 Paris it also has the longitude and
8:33 latitude um coordinates so you can
8:35 actually get the uh
8:38 location uh however with the with the IP range
8:40 range
8:42 addresses what they do the uh the
8:44 basically the providers the internet
8:47 providers is they basically assign it to
8:50 a location and no more they don't have
8:53 like a specific address so uh usually
8:56 the location is about 90% accurate I
8:59 will get to GE location in the future
9:00 that's that's a bit of an advanced
9:03 tutorial uh but basically you can get
9:06 information about an IP using the who is
9:09 uh um the command which brings me to the
9:11 second part of what I wanted to say
9:14 about the who is and IP
9:16 addresses the search engines are your
9:19 best best best friend when it comes to
9:20 uh looking when it comes to
9:23 reconnaissance or footprinting you can
9:24 really really use them to Advantage and
9:26 as you can see it's given me the range
9:28 here on this website and it will give
9:29 you the location
9:31 and the longitude and latitude and
9:34 geolocation and so on and so forth so
9:36 you get the idea don't worry the
9:38 websites that have used here will be
9:40 linked in the
9:42 description all right so let's just head
9:44 over back to end map all
9:47 right um one more command I wanted to
9:48 show you that's really not linked to
9:51 nmap but is also important for uh
9:54 scanning or reconnaissance is the NS
9:57 Lookup All right so NS lookup is
9:59 available on Windows you don't need to
10:00 install it it's just part of the
10:03 operating system as it is on Linux uh
10:06 you hit NS lookup and then you enter the
10:09 um the target it can be an IP address or
10:11 a web uh or website so I'm going to copy
10:14 this site the scan me site because again
10:17 I want to keep this as legal as possible
10:18 and I'm just going to hit enter all
10:20 right and it's going to give me the
10:22 address so as you can see this allows
10:25 you to actually get the address of the
10:27 website and you can do it in vice versa
10:31 so if I if I uh copy this all right and
10:35 I said here NS look up and I pasted the
10:37 uh the address there hopefully it will
10:40 give me the name of the site all right
10:42 and as you can see here the name is can
10:47 me.n map.org all right pretty awesome
10:51 right now um if I just want to give you
10:53 a quick tip with NS lookup uh let's say
10:56 you're running a lot of uh scans and you
10:59 want to save them to a document or a to
11:01 a file so what I'm going to do is I'm
11:03 going to I want to save them on the
11:05 desktop right so I'm going to hit NS
11:07 lookup and uh we're going to let's say
11:10 we want to find the name of the of this
11:12 uh IP address we want to find what who
11:14 it's registered to and then what you
11:17 want to do is um you just want to use
11:19 the two greater than signs and you want
11:22 to give a name to a document that you
11:23 want to save it to in this case I'm
11:25 going to use a txt document and I'm
11:27 going to save it on my desktop because
11:29 that's where I opened the terminal from
11:31 although you could change it to whatever
11:33 uh directory you're in so I'm going to say
11:35 say
11:39 results.txt and I'm going to hit enter
11:41 and it's going to open uh results.txt as
11:44 you can see over here and if I open it
11:46 it'll give me the scan results pretty
11:48 awesome and you can keep on saving them
11:50 in here and it's just going to do it for
11:53 you automatically so uh this is uh
11:54 basically what I wanted to explain to
11:57 you for the first tutorial uh there's a
11:59 lot I've said in this tutorial and I
12:01 just just wanted all of that to sync in
12:03 in the next tutorial I'm going to go
12:05 through the advanced end map
12:08 commands but uh that's basically what I
12:12 wanted to tell you uh today um basically
12:14 what we've gone through in to summarize
12:17 is we've gone through what n map is um
12:21 the N map help commands what the N map
12:23 um the N map uh what what are they call
12:26 the parameters mean uh when I was
12:27 talking about these parameters right
12:30 here the V and the A and there's a lot
12:33 of them here which I'll go get uh to in
12:36 a in another video uh right after this
12:38 one I just want you guys to practice
12:40 what I've shown you in this video and
12:42 just practice a bit of reconnaissance
12:44 and uh yeah you'll get it you'll find it
12:45 really really interesting to see how
12:48 much information you can dig up from a
12:50 lot of thing a lot of these servers and
12:52 IP addresses so that's been it guys I
12:54 hope this video helped you and you
12:57 enjoyed it uh if you if it did help you
12:59 please leave a like if it didn't help
13:01 you you can dislike the video and let me
13:03 know why in the comment section
13:05 alternatively if you have any question
13:07 hit me up in the comment section social
13:10 media and or kick uh I'm always there
13:12 and I'm ready to help you guys otherwise
13:14 uh we're going to continue uh the
13:15 advanced stuff in the next video thanks
13:17 for watching so much and have a
