Hang tight while we fetch the video data and transcripts. This only takes a moment.
Connecting to YouTube player…
Fetching transcript data…
We’ll display the transcript, summary, and all view options as soon as everything loads.
Next steps
Loading transcript tools…
Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 1) | The Cyber Mentor | YouTubeToText
YouTube Transcript: Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack! (Part 1)
Skip watching entire videos - get the full transcript, search for keywords, and copy with one click.
Share:
Video Transcript
Video Summary
Summary
Core Theme
This content is an introductory segment of a comprehensive ethical hacking course, focusing on foundational knowledge and practical setup for aspiring penetration testers. It covers essential cybersecurity concepts, tool installation, and basic Linux commands necessary for the course.
Mind Map
Click to expand
Click to explore the full interactive mind map • Zoom, pan, and navigate
hello and welcome to this 15 hour
edition of the Practical ethical hacking
course my name is Heath Adams and I'm
going to be your instructor for the
entirety of this course okay quick edit
so you might be looking at the YouTube
video and seeing that it's only seven
plus hours that is because YouTube
recently implemented a rule that we can
no longer have videos over 12 hours so I
had to split this into two parts I had
to add this edit in and go back and
re-render everything so this is
officially part one and we'll go through
part one and then I'll have a link in
the description below for part two so
without further Ado let's Jump Right In
A really quick who am I again my name is
Heath Adams and I am the CEO of TCM
security we are a cyber security
consulting firm and an educational
institution on a day-to-day basis we
primarily focus on what's called ethical
hacking that is where companies hire us
to try to hack into them to find
vulnerabilities and let them know of any
security issues they may have before the
bad people find those on their own that
could be breaking into a network a web
application wireless network mobile
applications thick client applications
Etc I can even be breaking into a
building which is called physical pen
testing there's a lot of different types
of hacking out there we're going to
cover quite a bit of that in this course
now hacking is such an interesting field
because you don't have to necessarily
come from an I.T background I'm actually
a former accountant and I just fell in
love with hacking and I know people from
all different walks of life we have
somebody that works for us that used to
be a mayor I've seen doctors I've seen
pharmacists I've seen all different
kinds of weird backgrounds come into
ethical hacking so if you're watching
this and you really don't have an I.T
background a formal one that's okay as
long as you have some basic computer
knowledge some basic networking
knowledge that's all you really need to
succeed in this course we're going to
hold your hand the entire way through
and make sure that you get and
understand everything that's presented
in front of you in terms of the
qualifications I've listed my hacker
certifications that's not all the
certifications but those are the ones
that are relevant maybe make me an
expert whatever I've also listed my
social media if you want to follow me on
LinkedIn or follow the company on
Twitter follow me on YouTube I would
love if you just hit subscribe right now
before we even get started or you want
to wait till the end that's perfectly
fine as well we're making our way to a
million subscribers and you could be a
part of that and I would absolutely love
it if you did
we also have some sites we have our
Consulting site which is just
tcm-tech.com we've got the academy which
I'll show you here in a second we also
have certifications site now before we
dive into things you might say to
yourself this course seems familiar and
that's because it might be last year we
released a ethical hacking course in 12
hours this year it's up to 15 hours last
year that total of you has got 3 million
views in 11 months which is great it
hasn't even been a full year yet and we
taught quite a bit of lessons in here
you can see all the different lessons we
taught in here so you might say hey
what's the difference between this
12-hour course and the 15-hour course
while there's quite a few differences
three hours to be exact but even with
the three hours of time difference we
went through a lot of this in for
example in the Kali Linux section that's
been completely redone the python
section has been completely redone so a
lot of these videos and tools and ideas
have been brought in into 2023
methodologies so not only are there
three hours more but a lot of the videos
and content have been recreated for 2023
specifically to make sure that this is
up to date and fresh so you're getting a
brand new courses this is the latest and greatest
greatest
now this course is actually an extension
of a 25 hour it's pretty close to 27
hours now of materials that is on our
TCM Security Academy website and this is
the only time I'm going to try to sell
you on anything throughout the entirety
of this 15 hours so I just ask for one
minute of your time
this course takes the first half the 15
hours takes the first half of what's in
here if we scroll down to the curriculum
we actually have all the first half here
you'll see this if you actually came to
the website it's the exact same thing
you're getting in this course this goes
all the way through the Capstone and the
buffer overflows here and that is a
great stopping point we'll go to the
Capstone we'll go through it it's a
great Midway point to test your skills
if you get through the Midway point and
you say hey I really like this I want to
get the rest of the course we have even
more stuff in here we have active
directory which is one of my favorite
things to pen test against and I would
say it's the best part of the entire
course we teach that we cover quite a
bit of this all this is on active
directory right here we cover more post
exploitation we cover web app pen
testing application pen testing we get
into a little bit of Wireless testing
and legal documents and all that fun
stuff so the 15 hours that's here it's a
great great resource it gets you started
if you love it you love our instruction
you want more this course is 29.99 all
of our courses in fact on the academy if
we go over here they're all 29.99 so if
you're interested we have an all access
pass that gives you access to everything
we've got courses on Linux python we've
got courses on privilege escalation osin
external pen testing all different kinds
of stuff in here if you're interested in
that I just encourage you to check out
the website you don't have to buy
anything this is completely 100 free if
you just want to stick with the 15 hours
last but not least this course does lead
to what is a certification we have a
certification called the pmpt it's the
Practical Network penetration testing
certification I'll link it down in the
description below it's a one-of-a-kind
certification you go through you try to
hack an organization you write a report
you present a debrief and the good thing
about this is it gets you job ready for
the field so if you can get through this
certification you actually go look for
the pmpt on LinkedIn or indeed you're
going to find this on job postings so
this course 15 hours of this is part of
a 50 hour curriculum that we have and so
if you feel that hey I really am
interested in this field and maybe I
want a certification consider looking at
the pmpt as well and that's really it
we're gonna end here salesmanships over
please enjoy this 15 hours if you do
please like comment subscribe all that
fun YouTube stuff let's go ahead and
jump right into this course I'm so
excited to teach you in this 2023 day Edition
all right I hate PowerPoints but I love
this template I don't know what's so
cool about it it's all the colors I
think so welcome to a day in the life of
an ethical hacker 2022 edition let's
talk about a pen tester's day to day and
I'm going to highlight this at a very
high level so what we do is we roll out
of bed hopefully we wake up in the
morning and we kick off our day and now
our day can be performing an assessment
and we're going to talk about the
different assessment types that are out
there it could be writing a report it
could be giving a debrief or a
collection of the three when we perform
an assessment we're talking about
different types of pen testing or
ethical hacking and we're going to cover
the most common types we'll talk about
some other types as well once we perform
our assessment we need to write a report
we deliver a report to our client that
report then gets digested and eventually
we give them a debrief if they want one
and we talk about our findings and so
we'll cover this whole process from
start to finish let's talk about the
different types of Assessments that we
could perform as an ethical hacker now
the first type of assessment I want to
talk about is what is called an external
network pen test and one of the
questions that we ask people when we're
doing phone screens and baselines on
interviews is we say hey can you tell me
what an external pen test is versus an
internal pen test and honestly I would
say at least half the people get the
answer wrong so make sure you're paying
attention and you take notes because
this may come up on an interview now an
external pen test is probably the most
common type of pen test that we perform
if you just got hired as a penetration
tester and you're brand new to the
industry it's likely they're going to
start you out doing external network pen
tests these pen tests are the most
straightforward and something that a
junior could take on and work through
and build up some experience and or
confidence as they go through their
process so an external pen test is
looking at an organization's security
from the outside this could to be us
trying to hack in from our mom's
basement or from another country or
whatever it might be whatever scenario
plays out in your head that's what it
could be you're trying to hack in from
the outside the methodology for external
pen tests focuses heavily on what's
called open source intelligence
gathering or oh send we're trying to
gather as much Intel and data about an
organization who are their employees
what is their email format have they
ever been involved in a breach can we
find out what passwords were in those
breaches can we collect data and then
use it against that organization to
reach a login panel or breach the VPN or
get into an area where we otherwise
would not be allowed into now why do we
focus so much on open source
intelligence well because this is an
external assessment you have to think
about the internet as a whole there are
Bots scanning the internet 24 7. if you
don't believe me try putting up an SSH
server or something similar and leave it
up for 24 hours and see how many login
attempts you get on that server it's a
lot Bots are scanning all the time so
what does that mean for us well that
means that if we do vulnerability
scanning and we find something that is
incredibly dangerous
well somebody's probably already found
that as well so the chances of us
finding something like remote code
execution where we can land on a machine
externally without doing a lot of work
it's pretty low usually organizations
have their external networks buttoned up
from a patching perspective so what
we're really looking at is the Intel
that we can gather where are the login
panels who are the users and how can we
use that against the organization now
this is the most common type of pen test
that organizations do in my opinion for
two reasons the main reason is that a
lot of compliance organizations dictate
that an external network pen test must
be performed annually that is not true
for the rest of the pen test though some
compliance organizations might dictate
other pen tests the external is by far
the most common the other side of this
is external pen tests tend to be a
little bit cheaper than the rest of the
assessments depending on the size and
scope of the engagement and a lot of
organizations like to dip their toes in
the water before going and doing more
assessments with a security firm so they
might test you out and say hey let's do
an external pen test we'll see how it
goes we like you we'll hire you for more
stuff so between those two reasons we
see a lot of external network pen tests
more so than anything else in my opinion
now these pen tests tend to last around
32 to 40 hours on average though if you
have a very large engagement that can go
a lot longer or if you have a very small
company and you're looking at one IP
address or five IP addresses and 10
employees it's probably not going to
take you 32 hours to do that pen test
maybe somewhere in the 8 to 16 hour
range we then tend to add another 8 to
16 hours for report writing and we'll
touch base on report writing towards the
end of this video so moving on is what
is called an internal Network pen test
this is assessing an organization's
security from the inside of the network
this means that we somehow breached the
perimeter perhaps we sent a phishing
email and somebody opened our email
clicked on our link and now we're inside
the network or maybe we broke into the
building and left a dropbox behind
whatever scenario in your head you want
to play as well you can do that what we
do on our end is we typically send a
laptop out to the client the client
plugs that laptop in and we are able to
remote into that laptop and perform a
network assessment as if we were sitting
inside the office this is why a lot of
work nowadays is remote because we don't
have to be on site anymore to do
internal pen tests now the methodology
for an internal penetration test focuses
heavily on active directory now if you
don't know what active directory attacks
are you absolutely need to learn those
in order to be a successful internal
penetration tester and it's one of those
things that a majority of the
organizations that are out there use so
I believe the statement that I read once
was 95 or 99 don't quote me on this by
the way of the Fortune 500 companies use
active directory in their environments
and I honestly think that this number is
way closer to 99 than anything else
every single internal pen test I've ever
done with the exception of one client
one very small client has always been on
active directory so you need to
understand active directory methodology
in order to perform an internal Network
pen test these typically last 32 to 40
hours though they can run a lot longer
again depending on the size and the
scope they don't typically run shorter
though I have seen them run 16 to 24
hours if the network is very small but
there is a checklist that we have to run
through that is usually in the 32 to 40
hour range and just like external pen
tests we tack on another 8 to 16 hours
for report writing now the third type of
assessment I wanted to talk about is a
web application pen test this is
probably the second most common I wanted
to group the external and the internal
pen test together but you have to think
about networks nowadays versus web
applications there are websites
everywhere there are more websites than
there are networks if we're just
counting websites to business networks
there probably are more web sites to
home networks as well though I'm not
entirely sure of that I would argue that
the answer is probably way more websites
than home networks so with that there's
a lot of attack surface that's out there
so organizations will come to us and
they'll say hey we need a web
application pen test this can be
dictated Again by compliance perhaps
stakeholders want to see this or maybe
the client is very interested in the
security of the application and wants to
make sure that it is very secure before
they launch their application now the
methodology focuses heavily on web-based
attacks obviously and the owas testing
guidelines so oauth stands for the open
web application security project you've
never heard of it Google it it's a great
resource they have testing guidelines
for not just web application but mobile
as well they have how to test how to
defend how to prevent all kinds of great
things and we follow their testing
guidelines pretty exclusively if you're
ever going to be a pen tester and you
want a pen test against web apps you you
for sure need to know what the owas top
10 attacks are because you will be asked
those in an interview now these
engagements last typically 32 to 40
hours and that is pretty much the
minimum we have a very thorough
checklist that we have to go through
when we're doing a web app pen test and
I would say it pushes closer to 40 hours
than anything else unless it were a very
very small and specific web application
they're almost always in the 32 to 40
hour range with another 8 to 16 hours
for report writing another Common
Assessment that we are asked to perform
as pen testers is what's known as a
wireless pen test or a wireless network
pen test and we're assessing an
organization's wireless network security
so the methodology will vary depending
on what type of wireless network is
being used for example if they're using
a guest Network we might log on to the
guest Network and test segmentation can
a guest access internal resources or is
the network properly segmented if
they're using a pre-share key which is
what's common in most household and we
might test that pre-share key for
password strength and see how strong the
pre-shared key is and how strong the
password is if they're using
enterprise-based network then we open
ourselves up to a variety of new attacks
as well so our methodology really
changes depending on what is being used
now Wireless pen testing is fairly
straightforward you can look up the
methodology online find blog posts about
it you just need a wireless network
adapter that you can honestly pick up
for 30 to 50 dollars at most and I'll
leave a link in the description below to
my favorite wireless network adapter but
you can just pick one that is compatible
with your machine and that will work and
do packet injection it's honestly where
a lot of hackers start this is where I
got my start before I ever learned about
real pen testing or anything I went and
bought a cheap wireless adapter and I
started just hacking my own network and
some devices that I had laying around at
the house and I learned how to hack
wireless pretty quick so it's one of
those things that kind of gets you
excited it and gets you into the hacking
mindset and kind of teaches you some of
the wireless assessments that are out
there and I think it's pretty fun as
well now these typically last about four
to eight hours per SSID so if we're
testing two ssids we're probably looking
in the 8 to 16 hour range and then
typically another two to four hours for
report writing all right the last thing
I want to touch on in terms of
Assessments that we do quite a bit are
physical pen tests and social
engineering assessments so when we're
doing a physical pen test we're
assessing an organization's physical security
security
and our methodology is going to depend
on the tasks and goals that are at hand
that are given to us by the client so if
we're doing a physical pen test we are
going on site and we're trying to break
into the building that can be through
cloning badges that can be through
social engineering that can be through
picking locks there's a lot of different
scenarios that are at hand there now
that methodology again depends on what
we're up against and it also depends on
the client's goal the client might say
hey we want to see if you can just even
get in the building or they might say
hey I want you to get in the building
and find our server closet and take a
picture of yourself in our server closet
we want to see if you can make it there
so there's typically some goal behind
why you're breaking into a building but
it is legal breaking and entering and
it's pretty fun and pretty exciting if
that's your jam and there's a lot of
social engineering involved in that so
it's very very fun engagement to do the
other side of this is pure social
engineering and what I mean by that is
doing something like a phishing campaign
against an organization and we might
actually do a phishing campaign in
combination with an external pen test so
we might combine those together though
often they're left apart we might do
something like a fishing campaign where
we call people and we say hey I'm from
I.T can you give me your password or I
just sent you a code to your account can
you give me the code that I just sent
you we might do a smishing campaign
where we send text messages and see if
anybody responds back to us there's a
lot of different social engineering
that's out there and we have different
campaigns that we can run in different
engagements depending again on the
client's need now the great thing about
this is social engineering and physical
pen testing offer a lot of learning
opportunities and training opportunities
for example when we do physical pen
tests we wear cameras on our hip and we
record everything that we do not just
for our liability but also for teaching
end users at the end of the day we'll
cut that video have a Lessons Learned
here's the good things they did here's
the bad things they did and they can
walk away with a way to improve moving
forward the weakest element of any
organization is going to be the human
you can have a great environment great
policy security everything set up and
all it takes is one really nice person
to hold the door open for you and that
can lead to catastrophic events so
social engineering again is a very
important part of security and it's one
of my favorite things to assess when I'm
doing this type of work now again these
can last anywhere from 16 to 40 hours
maybe even more depending on the
engagement that you're on plus another
four to eight hours for report writing
again maybe more depending on the scope
of the engagement that you're working
now these aren't the only assessments
there are other assessments that we
might perform as a pen tester these tend
to get a little bit more specialized and
you might have to take additional
training in order to learn this type of
stuff but these are things that we
perform at work and you may end up
performing as well so we have mobile
penetration testing it's a lot like web
application penetration testing in the
sense that you're testing against an
application except it's on a mobile
device so iOS or Android and then
there's specific methodology and
techniques related to those operating
systems you may have iot or Internet of
Things penetration testing and somebody
might send you something like one time
we got sent over a pressure cooker that
was a wireless pressure cooker and they
wanted it pen tested so we had a lot of
fun doing that there's red team
engagements which are kind of sort of
like pen testing but not really what I
say pen testing I think of banging at
the front door where red teaming is
trying to sneak in in whatever creative
way you can so a red team engagement
might say hey we want you to hack our
company you've got a month or six months
or a year and we don't want to hear you
we don't want to see you we don't want
to know about it just let us know if you
can hack into us in these types of
engagements the methodology can be
anything depending on what is allowed in
scope usually it's pretty open in the
scope I've heard a red team sending
people to the client location and they
might even live there for a little bit
they might befriend some of the
employees try to become buddy buddy
learn some internal Secrets maybe get a
password slip them a thumb drive they
might do all kinds of social engineering
engagements it's very very custom and
unique to the client and Depends again
on the scope which is usually pretty
wide and what they can and can't do so
red team engagements are pretty awesome
but they're also incredibly stealthy
where pen testing is very time Limited
in the sense that we might only have a
weak engagement we're going to know the
IP addresses we're going to know our
scope and we're going to have a set
defined limitation in front of us where
red team doesn't have that as much now a
purple team engagement is something that
you might do tabletop exercises and
things like that where you as a red
teamer or being offensive and working
with a blue team or defensive you work
together and that makes purple and in
that sense you might tabletop and say
hey I just ran this attack do you see me
in your network I just ran this other
attack do you see me and you try to
establish a Baseline and you can see Hey
where's the detection at where is the
detection weak and how can we improve
detection mechanisms within the network
it's usually a bit of a more mature
process an organization that's never
gone through a pen test before likely
isn't just going to jump right into a
purple team engagement but it is
something that more mature organizations
do in order to improve their baselines
and improve their detection mechanisms
internally now I've covered just a
handful of the different types of pen
testing engagements that you can work on
there's car hacking there's airplane
hacking there's scada hacking there's
all kinds of really cool stuff out there
that you can do I discovered the most
common items but you can absolutely
specialize if that's something that
you're interested in now with all the
fun of getting to do assessment work
there comes the downside of report
writing and debriefing I actually enjoy
doing both and in order to be a
successful consultant you really need to
be a three-headed person in a sense you
have to be really good at technical
abilities you have to be really good at
report writing and communicating
effectively not just to a technical
audience but to a non-technical audience
and you also have to be good with
presentation skills in the sense that
you need to present your findings to a
technical and non-technical audience so
with report writing we typically deliver
a report within a week after the
engagement now that report should be
high level and Technical so we have
what's called an executive summary for
non-technical people think about a CEO
who might not be a technical person if
they're going to read the report it
should still be Crystal Clear what the
issues were and how they should be fixed
and that's what the executive summary is
now we have a technical findings section
and that's for the people doing the work
maybe the security engineer the network
engineer or the web app developer
depending on who you're working with it
can digest the findings they can say hey
here's what they found here's what tools
they use here's how they were able to do
it and here are the recommendations for
remediation now recommendations should
be incredibly clear you should have high
level recommendations like hey patch
this and you should have technical
recommendations as well that says hey go
to this website here's how you would
install this patch etc etc so depending
on your audience you want to make sure
that you're communicating effectively to
both of them and for a lot of new pen
testers this can be an incredible
struggle it's one of those things that
you write a report you get beat up on it
in the QA process and you just get
better over time and it's just something
that is kind of passed down and you
learn as you go so don't be worried if
you're not great at report writing just
make sure that you understand that if
you're going to do this job you will
have to write reports and you will have
to get better at it as you go last but
not least is the debrief process now a
debrief walks your clients through your
report findings and again this should be
non-technical and Technical as well you
may be sitting in a room with a CEO and
a network engineer you might be sitting
in front of all technical people you
might be sitting in front of all c-level
non-technical people so you need to make
sure that when you are presenting your
findings that you can explain it at a
high level and a technical level as well
I've seen many people struggle with this
all right I've had I've been in one
situation I remember that I was in a
debrief with a co-worker of mine this
was years ago and he was very much
struggling to communicate he was giving
very technical in-depth details about
what he was Finding and the CEO kept
stopping him and saying I don't
understand what you're saying so we had
to do a little bit of translation
because he really wasn't great at the
debrief process yet he was still fairly
new and it's one of those things that if
you're going to be an effective
consultant you need to be able to do both
both
now the debrief is important because it
also gives the opportunity for your
client to ask any questions about the
findings that you have and address any
concerns as well so maybe there's a
finding that they want to challenge or
they want more information on it gives
them the opportunity to do that because
when we give them the initial report the
report is a draft after the debrief or
if they choose to not have a debrief we
finalize that report so the debrief is
the last opportunity the client has to
understand what you're presenting to
them and to ask any questions or address
any concerns so it's a very very
important process alright hopefully that
was informative for you if you're
looking to become a pen tester you
should know at a high level what these
different types of assessments are and
you should know what you're getting
yourself into because a lot of people
think oh it's fun and games I just get
to go hack things and yes that's a lot
of the job but a lot of the job is also
doing report writing and doing debriefs
in front of our clients so if you're not
strong with report writing or if you're
not strong with your presentation skill
cells you may have some time on The
Struggle Bus before you get decent at it
alright so make sure that you know
coming into that that those are things
that you're going to have to be doing
and that you're comfortable doing those
so before we begin in this course and we
really start to dive in it's important
to cover one of the topics that I'm
going to harp on the most which is
effective no keeping if you're going to
be successful in your career and you're
going to be successful in this course
you really need to take good notes now
in this first video I'm going to show
you what my notebook kind of looks like
not only for my personal notebook but as
a notebook for an assessment and how I
might take notes for an assessment and
then I'll also show you some note
keeping applications that I prefer or
I've heard students prefer in the second
video we're going to cover how to
install one of the applications and
another cool application used for taking
screenshots so let's take a look at my
notebook first
so here is my notebook and actually
let's click over here so this is my
notebook and you can see it's really
long it's got all kinds of stuff in here
and it's just something that I build
upon this one in particular is actually
only geared towards active directory so
I have a few different notebooks this
one is active directory and it's
actually a few different courses that
I've taken in the past that I've kind of
put together and then just for
assessment work etc I just kind of have
a little cheat sheet here so I wanted to
show you this one in particular because
these were built off of courses and
you're going to be working through a
course so kind of just get an idea of
how maybe to structure it so here you
can see I structured it and I've got
different modules here where okay module
one might have had this email macro
fundamentals module two two here has all
these different uh components to them
right and we have we have our notes then
we have child notes and even sub
children to those child notes and I'll
show you how to create that here in a
second but let's say for example
enumeration which is one of the most
important things that you're going to
cover in hacking and we take a look at
enumeration you don't have to understand
what any of this means here but you
could see if I want to look at a domain
and I want to get the current domain
that I'm on here's the command I run and
here is a picture of what it looks like
and here's what comes back when you run
that command that's great that's what I
want to see and I have a whole list of
commands for all these in here right so
if I'm confused on a assessment and I
want to go and
find a command that I'm not sure of I
can go to my little cheat sheet here now
again this is really long so you have to
create your notes the way it really
helps you for a course I think it's good
to write it all out step by step like
this and then go back and make a cheat
sheet I don't need this pictures anymore
I've been doing this for a while so
maybe I just say hey get current domain
is get net domain and then I say hey
okay get object of another domain here's
an example of it I don't need the
pictures because it makes it really long
but as an example and over time you
learn with the pictures as well at least
so let's build from that
here is an example of an actual
assessment that I did for a client and
you can see how I did this now I did an
external internal and web application
assessment for this client and these
were the findings now I'm only going to
show you what is Master obfuscated
already or doesn't reveal client
information but as you can see here one
example is on the internal they had
something called SMB signing disabled
you don't need to worry about it but
here in my picture I've got a nice
picture the picture has highlighted it
says Hey message shining disable that
signifies SMB signings disabled and it
has the IP address so we identified the
machine and we give proof of concept
that this SMB signing is disabled here
another example
ms-17010 these are both internal
exploits that you're going to encounter
in this course here's one I check this
machine it says hey this Target's not
patched now this is one I didn't exploit
but it shows that it's actually
vulnerable to this attack so these are a
couple screenshots that I'll put now
your notes could be different than mine
how I organize is I take a screenshot I
put it in here and then I make sure that
I have at least the IP address and the
screenshot for reference because I'll
remember it but if you need to go in
here and take detailed notes that's
absolutely fine as well you always want
good notes for your assessments because
you never know if a client's going to
come back in six months or even a year
and say hey what was that one thing that
you did here and if you go back to your
notes you say oh you know I did this and
some people get down really into the
weeds they have dates times everything
for step by step what they do on an
assessment and that's completely up to
you and how well you take your notes
this is kind of how I lay it out and
then you see the green check marks next
to it I add those green check marks when
I'm doing my report so as I'm building
my report out and I cover something in
the report I'll just go ahead and right
click and I'll change the note icon to a
check mark meaning that I've written
that part of the report for that finding
and we just kind of go through over time
so with that being said I do want to
show you some decent applications the
one that I'm using here and that you see
is called keep note now I run on Windows
as a base so keep note.org that's how
you get keep note it is for Linux it is
for Mac OS X but this is totally a
preference thing me I prefer I've been
using it for a long time some people
don't like it okay so I'm going to offer
some Alternatives as well
cherry tree comes built into Kali Linux
as you're going to see here in just a
little bit worth looking at worth trying
seeing if you like it one note's another
example if you use Microsoft and if
you're a Mac User a lot of students have
told me that Joplin is really good now
I've never used this but I keep hearing
great things about it so what I'm going
to do is I'm going to put all of these
into the course resources and you'll be
able to look at them download them
decide on your own now you're not
limited to these four no keeping
applications by any means feel free to
use whatever you like to take notes if
you want pen and paper that's great as
well and so just make sure that you're
taking good notes and we're gonna we're
gonna harp on this throughout the entire
course over and over and over again so
make sure you're taking good notes so
from here what we're going to do is
we're going to install keep note in the
next video and we're going to install an
awesome tool called greenshot I'm going
to show you what greenshot does and why
it's so cool and I can cannot live on
any assessment without it so let's catch
you over in the next video when we work
alright so in that example in the last
video we talked about using keep note so
if you go to Google and you type in keep
note all you got to do is come here and
keep noteworks on Windows Linux and Mac
OS X so
great great tool the only issue with
this tool is it has not been updated in
a long time some people find issue with
that if you're one of those people I'm
actually not you can use other tools
OneNote is an option
cherry tree is also an option you can
also find other options out there for
you if you have a favorite note-taking
tool already that's absolutely fine as
well just make sure to take good notes
especially during this course and make
the most of it learn all the things that
you can and incorporate that so I will
show you quickly how to install keep
note here and another thing note too is
while we do this is cherry tree is
available on Cali Linux we're going to
install Kali Linux here very soon so
once we install Kali Linux and we get
into the introductory Linux and we
explore it I'll show you a little bit
more of cherry tree and what that looks
like and we'll talk pros and cons of
cherry tree when we get there so here we
go if you are on Windows you can follow
along or you download your appropriate
one here depending if you're on Linux or
if you need Mac as well so I'm going to
go ahead and install the exe and I'm
just going to actually run this
we're just going to say yes
and I'm going to say next next install
and that's it that I mean it's it's that
quick and then we just launch Keep note
and here you go we've got keep note so
the other tool the really cool tool that
I love this one is called Green shot now
this is a screenshot capturing tool so
let's go to downloads here on greenshot
if you are running on something other
than Windows you're going or Windows or
Mac so basically Linux you're going to
need a different tool the recommended
tool that I've heard out there is called
Flame shot
f-l-a-m-e though I have no experience
with it
I've heard it is identical to Green shot
so here I'm going to download the latest
stable I'm going to select run yes
yes okay
okay
accept the agreement give away our firstborn
firstborn
next next next place it however you want
I'm just going to next through
everything and I'm going to start green
shot with Windows start that is my
preference I love this tool again
so it's finished all right let's take a
look at it so it should be running let's
start greenshot now
okay now you see it running down here on
the bottom okay let's let's go let's
open up a web page let's say we want to
take a screenshot of something now you
just hit your print screen button
and this nice cursor gets brought up
here and let's say we wanted to take
this downloads part right here we're
just going to capture this
and now we have choices we can just save
the image that we just grabbed
or my favorite is that we can actually
just open an image editor right so let's
open this in their image editor look at
this okay so here's the picture we just
grabbed right on top of this really
great tools let me show you two that I
use always so I come into effects I put
a border on it let's say that you have
like a Kali Linux and Kali Linux if
you've never used it has a black
terminal it's really nasty so let's
imagine here that it's black it's nasty
when it comes to reporting so let's
imagine that we're in this situation and
we're writing a report and we've got
this black background similar to this
well you can see what I just did I just
inverted it and I do this for all of my
reports I invert the Cali background so
that way it's white and that way it
looks nice on a report and when we get
into the reporting you'll kind of see
what that looks like but I like a nice
clean background it saves on ink as well
if they were to print it and it's just
nice and neat when you give it to a
client so I always invert my images if I
need to you've got the black border here
another thing is let's say you want to
point something out you saw in my keep
note notebook that I had a highlight you
can just click that button up here and
just highlight something like right here
great another tool that's in here is
this officegate so let's say that
there's like a password or something
really sensitive in here that that you
don't want the client to see or you
don't want to be reveal on a final
report you can do that and then you can
just like up the pixel size on this and
make it really blurry you know
um so it's a really really great tool
and then when you're done you can copy
it to your clipboard you can save the
file I just usually like copy this and
if I want to go paste it like you know
make a new notebook or whatever I'll
just paste it in my keep note and just
kind of go from there so again fantastic
tool awesome to use if I had two
recommendations for your note keeping
it's keep note and green shot if I had
to make one recommendation of the two
it's absolutely green shot you can be
flexible on your note keeping tool so
again hopefully this helps you again
again please do take good notes of this
course you're going to find yourself
wanting to know hey what was that
command I ran again and because we're
going to go through so much stuff by the
time this is all said and done that
you're gonna want to remember it so
please take good notes so from here
let's go ahead and move on into our
networking refresher and we'll catch you
hello everyone and welcome to this
section on networking so this section is
titled networking refresher meaning that
some of you might have a networking
background and if you're looking at this
list that's on the screen and you go
down the list and you say yep I know all
those you can feel free to skip this
section if you've taken some of these in
the past and you just might want a
little bit of a refresher on them then
this section is for you we're going to
cover these topics not totally in depth
but we're going to use it as a way to
brush up and then we'll hit on
networking again when we get into
introductory Linux so if you are
unfamiliar with things like TCP UDP in
the three-way handshake or if you're
subnetting is a little shaky or you
don't know what the OSI model is chances
are you should probably stick around and
just click through this series watch it
and build that Foundation remember we
talked about one of the core foundations
of pen testing being a strong networking background
background
this is a good way to build it up
remember what you might have forgotten
and go from there so let's go ahead and
just jump right into the first video
what's up everybody so I'm gonna preface
this video really quick with that it is
raining pretty hard here so if the
soothing sounds of the rain put you to
sleep during this video and you can hear
it I'm very very sorry but the show must
go on so what we're going to be doing
today is we're going to be talking about
IP addresses now if you've ever used a
computer before and you're any anywhat
familiar with it you probably know what
an IP address is but I want to take this
a little bit deeper in in theory on why
we use IP addresses what types of IP
addresses are out there and talk more
about protocols and how IP addresses are
actually designed and made up
so I'm here in a Cali terminal and I'm
just going to type in a simple command
and that command is ifconfig now if
you've used Linux before this might be
familiar to you if you used windows it's
similar to ipconfig all I'm trying to do
is bring up my IP address so what we can
see here is that we have an IP address
which is our inet this is my IP address
here I also have another IP address this
inet 6. this is what's called an IPv6
address so we've got this inet which is
considered an ipv4 in this inet 6 which
is considered an IPv6 now you can notice
right away that there's two different
types of notations for these this inet
here is in a decimal notation and the
IPv6 is in a hexadecimal notation we'll
get to the importance of that in just a
second so when it comes to IP addresses
this looks probably pretty familiar to
us this is an IP address this is how we
communicate we communicate over layer
three and you're going to hear me
talking about layers repeatedly
throughout the course or at least
throughout this part of the course so
that we can get familiar with how we're
actually doing this so I want you to be
familiar with troubleshooting these
layers and these layers all refer to
something called The OSI model so when
we we talk about layers we think about
the OSI model and I'll introduce the OSI
model here in a few videos and it should
all click once I introduce the OSI model
so if I brought in the OSI model up
front it might be boring might not make
sense so I'm going to introduce the OSI
model near the end and you're going to
say hey yeah that all makes sense so
what we've got here is we've got this
ipv4 address and this is the most
commonly used format that we use today
right we use ipv4 for mostly everything
and again this is in that decimal
notation so when we see this decimal
notation it's just a realistically a
bunch of ones and zeros that are put
together so that we have this human
readable format
realistically all we're seeing here with
192 this first this first section here
this first octet is actually just a
bunch of ones and zeros it's eight bits
so we've got a range of eight ones and
zeros here we've got another eight here
eight here and eight here so when it's
all said and done this inet or this ipv4
is made up of 32 bits eight plus eight
plus eight plus eight here and which
equals four bytes so another way to
think about that is to think about it as
say something like this one two three
four five six seven eight period period
okay that is one section there so we've
got eight ones that can make up this and
then we'd have another eight
Etc not gonna be the dead horse here but
I do want to give you guys another
example so if we go into our
applications and we go to a text editor
really quick
so the way this looks is something like
this we start with a number like 128 I'm
gonna try to space this out as best as
possible and all I like to do is think
of 128 as my base and this will make a
lot more sense when we get into
subdending so please if you're confused
by this don't worry this is all Theory
right now when we get into subnetting
and we get Hands-On it'll make a lot
more sense I promise you
so let's say we have ones and zeros here
if we have a one for each of these sections
sections
and I'm going to space this out again as
best as possible it's not pretty but if
we have a one for all these this equals
255 why does this equal 255 will you
take this and all these numbers add up
one plus two plus four plus eight all
this adds up to 255. so let's say if we
didn't have all the ones and zeros we
had just
someone's enabled
like these last three here okay well
this would equal seven
because we have four plus two plus one
equals seven so our first number or
whatever number this applied to in the
octet would be seven so if we had
7.7.7.7 it would just be this numbers
repeating over and over these numbers
repeating over and over right so uh be
zero zero zero zero one one one dot zero
zero zero zero one one one
and so forth so this is kind of what it
looks like behind the scenes because
again a computer is just ones and zeros
we're all binary so what we're going to
do is we're going to close this out
we're going to talk a little bit of
other Theory when it comes to this and
why inet or IPv6 and why ipv4 so let's
close this and let's talk about ipv4
so I'm going to bring up a calculator
and with ipv4 we have these 32 bits so
what we can do is we could take two
to the 30 second power
and this is the possible amount of IAP
addresses that we could have so we have
somewhere in the four billion range of
IP addresses well spoiler alert we don't
have only four billion people on earth
right we're up to seven something
billion at this point and all these IEP
address spaces are gone so ipv4 has been
around since 1981. nobody thought we
were ever going to use all these
addresses uh computers weren't really a
thing who knew that we were going to
want all these addresses and you know uh
these companies started buying them up
and they started buying them up in large
chunks and then they sold those to isps
and then isps sell those to you and so
these IP addresses have been gone for a
very very long time and uh chances are
when you when you have an IP address and
you get this ipv4 you're only going to
get one if your corporation you might
buy it more but we've run out of IP
address space there's just not enough to
go around so the theory is okay let's
come up with something different let's
come up with IPv6 now this hexadecimal
mole is actually in 128 bits which makes
things just a little bit longer and adds
quite a bit so let's take this 2 to the
128 power
and we get a number that I cannot tell
you how to say not even going to try but
I can guarantee you that in our lifetime
we will never use this address space
so we've come up with a solution of IPv6
but nobody really uses it IPv6 is just a
thing that's that's there but when we we
get IPv6 addresses a sign but still to
this day everybody's using ipv4 well how
how is that possible if we're using ipv4
but we're out of address space well
think about this we're using something
called nat which is Network address
translation now let's think about your
network so you might have a cell phone
or computer or multiple devices my
network has at least 20 devices on it
I've got I've got cameras I've got
multiple cell phones Smart TVs
everything that connects to my internet
gets an IP address
and that's 20 IP addresses right there
right so let's say I have 20 devices
that's 20 IP addresses am I taking up 20
IP addresses out of that 4 billion no
we're actually using something called
Network address translation or it's
called nat for short and we'll talk
about this again when we we set up our
actual lab but
with Nat what we're doing is we're
assigned these private IP address spaces
192.168.57.139 now if you've ever seen a
IP address before and you've been on a
network good chances are it probably
started with 192 or maybe it started
with a 10 dot or something along those
lines and that's because those are
private IP addresses so anything that
starts with 192.168 is not an IP address
that is going to be out in the uh the
interwebs it is going to be an IP
address that is only known to you these
are called private IP addresses so
because we use these private IP
addresses we can pass them out through
what is called a public IP address now
to make better use of this let's go out
to Firefox and I've already got a tab open
open
so I went to Google and I just said
private IP addresses and I clicked the
second image here because I think it's a
great image so if we look at this there
are classes of IP addresses private IP
addresses now there is a Class D and E
we're not going to worry about those The
Big Three are class A B and C if you
know these you are good to go uh so if
we look at class C this is what the most
common household and small business use
so we see it starts with the
192.168.0.0 so the 192 168 are constant
if you see a 192.168 address you can
guarantee yourself that that is a
private IP address space and then we
have the range of changing this number
between 0 and 255 and this number
between 0 and 255. Y 0 to 255 well
that'll all make sense when we get into
subnetting but what that allows us to do
is have a large number of networks here
and a small amount of hosts but for a a
regular user like you or I uh or a small business
business
254 hosts is pretty good I mean I'm only
using like 20 in my household so the
most common household is probably using
this 192 address
but what about a big big business right
something huge
okay well they might use a 10 address
because a 10 address frees you up to
anything after this 10 is private so 10.1
10.1
10.1.1.1 whatever you want to put in
here up to 255 on each octet
makes for a small amount of networks but
a large amount of hosts okay and don't
worry about the host versus Network
thing again subnetting we'll talk about
that it'll all make sense
but just imagine the amount of amount of
host that you can put in here with this
wide range so because of this you'll see
larger corporations using 10 addresses
you'll also see a lot of Corporations
even small businesses using 10 addresses
the the matter of fact is as long as you
have this private IP address you're good
to communicate across your network so
any IP address outside of these and the
loopback here are free game for the
public address space they're probably
already owned and you purchase those or
rent those really from your ISP your
internet service provider so going back
to this thought we have a class C
address my Network's Class C 192 168 57
139 here so it falls into that class C
I've got all these devices on this
192.168 network all these devices are
talking out of one IP address that is my
public IP address that is what I rent
from my ISP and all this network traffic
goes out one IP so this is how we have
achieved or solved the issue of running
out of address space without having to
use IPv6 not that there's anything wrong
with IPv6 uh it's it's not pretty I mean
it's way easier to type this stuff in
than it would be to type something like
this in
um but at the same time this is how
we've solved it we've we're able to
still use ipv4 in mostly all networks
and we are able to communicate out with
this quote unquote IEP address shortage
so hopefully that makes sense we're
going to build upon these Concepts again
ipv4 IPv6 IP addresses are layer 3
protocols Layer Three is a router so
when we Route traffic we route via an IP
address so we're going to build upon
that as well as we go in hopefully this
is all just a refresher to you so that
is it for this video I'll go ahead and
all right so we're going to move down a
layer here and talk about Layer Two so
remember ipv4 IPv6 IP address is just a
whole that is layer three we're talking
about routing here in Layer Two we're
going to be talking about a Mac address
or a physical address now Mac stands for
media access control and that is
identified here in our ifconfig as this
ether here so we can think of this as
our physical address and a way that we
communicate when we are using switches
switches communicate over this physical
address this is kind of how they know
what device is what so what we say here
is if we have a device say you just
built a computer and you're installing
your network interface card or your Nick
you're going to plug that in and you're
going to have a MAC address for that
Nick your cell phone that's going to
have a MAC address anything that's using
a network interface is going to have a
MAC address so these Mac addresses are
important because they utilize layer 2
or switching and they are how we
communicate over switches now there's
something to be noted briefly about Mac
addresses now Mac addresses have
identifiers so as you can see here this
Mac address
has six different pairs of two right
and what we can do is we could take the
first three pairs
and we can just copy this
and we can go out and we can try to put
it into a MAC address lookup now for
this one this is just going to be VMware
I'm not sure if it's actually going to
come up but I'm going to go ahead and
paste it and see what happens
and you can see that the vendor actually
shows up as VMware so the first three
pairs here are identifiers and we can
identify what we're up against if you've
ever looked in your house and you've
looked at your network and you you're
trying to find a device and you see the
IP address but the IP address doesn't
really help you identify it you might
see something along the lines of a MAC
address because your your home device
say your your router might also be
what's called a layer two slash layer 3
device meaning it's doing switching and
routing for you and it'll also know the
MAC address of that device so you can
take the first three pairs here put
those into the Google machine and see if
you can identify what the device is so
if I was unsure this didn't have a host
name or device name and I could just
reach out and say okay well let me let
me look these up maybe it'll give me an
ink link it's not going to tell me the
exact device but if I know it's it's
running VMware then I could say oh you
know that's my host machine running or
if it's related to like Texas
Instruments or something maybe I know
that device in my house so this is just
a quick way to look up devices and know
about them the other option or other
thing that you need to know here is just
that again Mac addresses layer two
related to switching I'm just trying to
repeat this and get this into your head
so that's all we need to know from this
lesson and we're going to go ahead and
all right so now we're moving into layer
four which is the transport layer of the
OSI model
and we're going to talk about what is
TCP and what is UDP so we'll type that
in here TCP versus UDP so TCP is what is
known as the transmission control
protocol and you could think of that as
a connection oriented protocol and we
also have UDP which is the user datagram
protocol and this is a connection less
protocol so when we have these two
protocols one is best suited when it
comes to high reliability that's TCP TCP
is connection oriented we want to make a
connection we need High reliability so
you can think of something like a
website which is HTTP or https or you
can think of something like SSH or FTP
the file transfer protocol those all
utilize TCP when you think about UDP you
might think about something like a
streaming service that's connectionless
or DNS is connectionless or our voice
over IP is connectionless and when this
comes into the importance of scanning
scanning is super important we're going
to be scanning both TCP and UDP as a
penetration tester and don't worry about
scanning right now when we get into the
scanning section this will make a lot
more sense
but we need to know what TCP and udpr
and Define them broadly so the most commonly
commonly
we commonly use protocol that you're
going to be scanning is going to be TCP
now TCP works on what is called a
three-way handshake now if we look at
the three-way handshake it's going to
look something like this we're going to
first send out a sin packet
and then we're going to receive back a
sin act packet
and finally we're going to send an act
packet now how does this work now you
could think of this as an interaction so
let's say you have a friend or a
neighbor and you go to your neighbor and
you say hello that's a sin now sinach is
going to be the response it's going to
say hey sin I acknowledge you that's
your neighbor waving hello back and then
you know you are good to go start a
conversation so that's the
acknowledgment now when we think about
this in the terms of ports now Port is a
item that can be open on a machine it's
a way to communicate with certain protocols for example if you think about
protocols for example if you think about HTTP that's over Port 80. if you think
HTTP that's over Port 80. if you think about https that's over Port 443 there's
about https that's over Port 443 there's a lot of different protocols and there
a lot of different protocols and there are 65 000 plus ports that can utilize
are 65 000 plus ports that can utilize these protocols so everything related
these protocols so everything related here is has to do with these ports
here is has to do with these ports now let's say that you want to connect
now let's say that you want to connect to Port 443 on a website you're going to
to Port 443 on a website you're going to send out a sin packet to that website
send out a sin packet to that website you're going to say hey I want to
you're going to say hey I want to connect to you on Port 443 and if 443 is
connect to you on Port 443 and if 443 is open and available for connection
open and available for connection they're going to say hey you can go
they're going to say hey you can go ahead and connect to me and when you
ahead and connect to me and when you want to actually establish that
want to actually establish that connection you're going to send that
connection you're going to send that acknowledgment packet back now let's
acknowledgment packet back now let's make more sense of this let's go ahead
make more sense of this let's go ahead and open up a tool called Wireshark so
and open up a tool called Wireshark so this is built into Kali Linux I'm just
this is built into Kali Linux I'm just going to type in Wireshark and I'm going
going to type in Wireshark and I'm going to provide an ampersand here just so I
to provide an ampersand here just so I have shell access if I need it in the
have shell access if I need it in the background
background and all I'm going to do is capture
and all I'm going to do is capture packet data so this is going to be
packet data so this is going to be listening in on my Nic and it's going to
listening in on my Nic and it's going to say hey what's he doing let's capture
say hey what's he doing let's capture all that data so we're going to capture
all that data so we're going to capture that I'm going to start a capture here
that I'm going to start a capture here you're going to start to see a bunch of
you're going to start to see a bunch of traffic coming through you can see the
traffic coming through you can see the different protocols here you can see UDP
different protocols here you can see UDP is coming through right now but we're
is coming through right now but we're going to go establish a TCP connection
going to go establish a TCP connection so let's go out to the world wide web
so let's go out to the world wide web and I've got Google up I'm just going to
and I've got Google up I'm just going to refresh Google you're going to see a lot
refresh Google you're going to see a lot of traffic start coming through so I'm
of traffic start coming through so I'm going to go ahead and just stop this
going to go ahead and just stop this right here
right here look at all the data packets that get
look at all the data packets that get sent when you're using your computer
sent when you're using your computer this is what's going on in the
this is what's going on in the background you don't even think about it
background you don't even think about it so we could see some sin synacts there
so we could see some sin synacts there those are in the gray let's see if we
those are in the gray let's see if we could find a good one okay so here is
could find a good one okay so here is one right here
one right here um so what we're gonna do actually let's
um so what we're gonna do actually let's find a better one so we're going to come
find a better one so we're going to come down to
down to here and we're going to say okay
here and we're going to say okay so here we are we're our source IP this
so here we are we're our source IP this is 192.168 5739 we're going out to
is 192.168 5739 we're going out to destination of 74 125 21 155 we're
destination of 74 125 21 155 we're saying hey I've got this port here I
saying hey I've got this port here I want to connect to your Port so Port 443
want to connect to your Port so Port 443 this is a web page we're sending a sin
this is a web page we're sending a sin packet
packet if that port is open and available for
if that port is open and available for connection and communication what's
connection and communication what's going to happen back is that IP address
going to happen back is that IP address is going to say hey here I am I'll allow
is going to say hey here I am I'll allow you to connect on this port and if we
you to connect on this port and if we make that final connection we're going
make that final connection we're going to go ahead and send the ACT packet back
to go ahead and send the ACT packet back which is right here it's going to say
which is right here it's going to say ack so that is the three-way handshake
ack so that is the three-way handshake please do remember this is going to come
please do remember this is going to come back into play when we get into scanning
back into play when we get into scanning and we'll talk about Stealth scanning
and we'll talk about Stealth scanning and how we modify the three-way
and how we modify the three-way handshake to actually do some scanning
handshake to actually do some scanning so that is it for this lesson I will
so that is it for this lesson I will catch you over in the next one
all right so before we go into the OSI model I do want to talk about some
model I do want to talk about some common ports and protocols since this is
common ports and protocols since this is a refresher most of these should be
a refresher most of these should be pretty familiar to you I'm going to run
pretty familiar to you I'm going to run through them pretty quickly and just
through them pretty quickly and just talk about them briefly on each of these
talk about them briefly on each of these common ports and the reason I've listed
common ports and the reason I've listed these is because there are things that
these is because there are things that we'll see quite often as a penetration
we'll see quite often as a penetration tester and it's just something that as
tester and it's just something that as we're going through the course if one of
we're going through the course if one of these show up it's something that just
these show up it's something that just rings a bell and you see you see a scan
rings a bell and you see you see a scan it comes back and you see Port 21 you
it comes back and you see Port 21 you just think ah yes FTP or you see Port 80
just think ah yes FTP or you see Port 80 you think ah yes HTTP so you got to
you think ah yes HTTP so you got to start training your mind to memorize
start training your mind to memorize these ports so when we get into our
these ports so when we get into our scanning which again we haven't covered
scanning which again we haven't covered scanning but when we get there and we
scanning but when we get there and we see what ports are open on a machine
see what ports are open on a machine we're going to be able to have these
we're going to be able to have these common ports memorized so on the TCP
common ports memorized so on the TCP side we've got FTP FTP is the file
side we've got FTP FTP is the file transfer protocol you're going to see
transfer protocol you're going to see this in some assessments you're going to
this in some assessments you're going to see this a lot when we do something
see this a lot when we do something called Capture the Flag or we run
called Capture the Flag or we run through some test machines you'll see
through some test machines you'll see FTP open quite a bit so FTP file
FTP open quite a bit so FTP file transfer protocol all that means is we
transfer protocol all that means is we can log into this server we can put a
can log into this server we can put a file or we can get a file off the server
file or we can get a file off the server now SSH and telnet kind of play hand in
now SSH and telnet kind of play hand in hand telnet is the ability to log into a
hand telnet is the ability to log into a machine remotely now SSH does the same
machine remotely now SSH does the same thing the only difference is SSH is the
thing the only difference is SSH is the encrypted version of that so with telnet
encrypted version of that so with telnet you are in clear text and with SSH you
you are in clear text and with SSH you are encrypted now SMTP POP3 and IMAP all
are encrypted now SMTP POP3 and IMAP all relate to mail we're not going to worry
relate to mail we're not going to worry too much about mail in this course but
too much about mail in this course but you might see it come back up at some
you might see it come back up at some point so just remember your 25 110 and
point so just remember your 25 110 and 143
143 DNS so DNS is a way to resolve IP
DNS so DNS is a way to resolve IP addresses to names and we could take a
addresses to names and we could take a quick look at that if we go back to our
quick look at that if we go back to our Kali machine and say we're at Google
Kali machine and say we're at Google here we've got Google up but the
here we've got Google up but the computer doesn't really know what Google
computer doesn't really know what Google is the computer is just using nice text
is the computer is just using nice text like google.com for us to humans what's
like google.com for us to humans what's going on on the back end is Google
going on on the back end is Google actually resolves to an IP address
actually resolves to an IP address now the IP address is how the computer
now the IP address is how the computer knows to get back and forth
knows to get back and forth because we don't want to sit there and
because we don't want to sit there and type in IP addresses this DNS or domain
type in IP addresses this DNS or domain name system has been implemented for us
name system has been implemented for us so we type in google.com on the back end
so we type in google.com on the back end it knows hey I want to go out to
it knows hey I want to go out to 17179 10 22 34 whatever it is in in
17179 10 22 34 whatever it is in in reality but this is just a quick way for
reality but this is just a quick way for the computer to relate to a human and
the computer to relate to a human and the human to you know have easily
the human to you know have easily readable access to some of this stuff so
readable access to some of this stuff so going back to our PowerPoint
going back to our PowerPoint we have HTTP and https that is a website
we have HTTP and https that is a website just what you saw there mostly
just what you saw there mostly everything is on 443 now or https the
everything is on 443 now or https the HTTP on Port 80 you'll see sometimes
HTTP on Port 80 you'll see sometimes remember that is the non-secure version
remember that is the non-secure version of the protocol so https is encrypted
of the protocol so https is encrypted HTTP is not encrypted and not secure
HTTP is not encrypted and not secure so lastly SMB ports 139 and 445.
so lastly SMB ports 139 and 445. originally it was just 139 in the later
originally it was just 139 in the later versions of Windows they put on 445
versions of Windows they put on 445 you're going to see these ports a lot
you're going to see these ports a lot this is probably the most common Port
this is probably the most common Port you're going to see as a pen tester
you're going to see as a pen tester these relate to file shares you might
these relate to file shares you might also hear this called Samba so there are
also hear this called Samba so there are a few names for it but when you think of
a few names for it but when you think of SMB and you see 139 or 445 think of file
SMB and you see 139 or 445 think of file shares and as a pen tester perspective
shares and as a pen tester perspective you got to think about all the crazy
you got to think about all the crazy exploits we've had regarding SMB the
exploits we've had regarding SMB the most recent one as of this course was
most recent one as of this course was the wannacry virus right so you have the
the wannacry virus right so you have the wannacry virus it's also known as
wannacry virus it's also known as Eternal blue was what it was built off
Eternal blue was what it was built off of or
of or ms17010 was the official term of that
ms17010 was the official term of that exploit that exploit utilized an SMB
exploit that exploit utilized an SMB exploit to navigate through networks so
exploit to navigate through networks so it became very vicious very quick
it became very vicious very quick because SMB is open so frequently on
because SMB is open so frequently on networks now on the UDP side we also
networks now on the UDP side we also have DNS over here DNS is both atcp and
have DNS over here DNS is both atcp and UDP protocol we also have DHCP
UDP protocol we also have DHCP now when it comes to IP addresses DHCP
now when it comes to IP addresses DHCP Associates you with an IP address kind
Associates you with an IP address kind of at random now you could have the
of at random now you could have the opposite of that is what is a static IP
opposite of that is what is a static IP address so with DHCP you plug into your
address so with DHCP you plug into your network say your home network and the
network say your home network and the internet just fires up guess what
internet just fires up guess what probably DHCP on the back end it just
probably DHCP on the back end it just picks a number between a range says hey
picks a number between a range says hey here's your IP address I'm going to let
here's your IP address I'm going to let you lease that out for eight hours or a
you lease that out for eight hours or a day or a week or however long the timing
day or a week or however long the timing is set for and that IP address is yours
is set for and that IP address is yours now the opposite of that again is static
now the opposite of that again is static so you could say hey I want a static IP
so you could say hey I want a static IP address and anytime I plug in with this
address and anytime I plug in with this specific computer go ahead and give it
specific computer go ahead and give it this IP address so how are we going to
this IP address so how are we going to know that most likely the MAC address
know that most likely the MAC address right so from Layer Two it's going to
right so from Layer Two it's going to know layer 3 and how to assign it so
know layer 3 and how to assign it so again DHCP should be pretty familiar to
again DHCP should be pretty familiar to you we've also got tftp on Port 69 which
you we've also got tftp on Port 69 which is the trivial FTP and it utilizes UDP
is the trivial FTP and it utilizes UDP instead of TCP and we also have SNMP
instead of TCP and we also have SNMP which is the simple Network management
which is the simple Network management protocol so you will encounter SNMP
protocol so you will encounter SNMP occasionally on networks not always but
occasionally on networks not always but when we do encounter it there may be
when we do encounter it there may be some information to be gathered
some information to be gathered especially if there are strings being
especially if there are strings being used that are Community or public
used that are Community or public strings and we'll worry about that when
strings and we'll worry about that when we we encounter it but you'll probably
we we encounter it but you'll probably see it again in this course
see it again in this course so that is it in this video we're going
so that is it in this video we're going to go ahead and move on to the OSI model
to go ahead and move on to the OSI model and tie all this together then we'll get
and tie all this together then we'll get into a little bit of subnetting and
into a little bit of subnetting and we'll end this with a refresher on
we'll end this with a refresher on networking a final final video on
networking a final final video on networking so I'll see you over in the
networking so I'll see you over in the next video
all right so this whole time we've been talking we've been talking about
talking we've been talking about networking and I've been throwing terms
networking and I've been throwing terms at you and I every time I throw a term
at you and I every time I throw a term at you I try to use the respective layer
at you I try to use the respective layer for it so you've heard me say layer two
for it so you've heard me say layer two layer three layer four and those all
layer three layer four and those all correspond with what is called The OSI
correspond with what is called The OSI model now if you're ever in a network
model now if you're ever in a network interview or if you're ever talking to
interview or if you're ever talking to somebody who has experience in
somebody who has experience in networking or even if you're on the help
networking or even if you're on the help desk or taking tickets knowing the OSI
desk or taking tickets knowing the OSI model is incredibly helpful and people
model is incredibly helpful and people will just throw layers at you especially
will just throw layers at you especially the people who have been in the field
the people who have been in the field for quite some time might just say Layer
for quite some time might just say Layer Two instead of a switch or they might
Two instead of a switch or they might say layer three instead of a router so
say layer three instead of a router so I'm going to discuss the OSI model
I'm going to discuss the OSI model really quickly give you a mnemonic on
really quickly give you a mnemonic on how to remember it and just talk about
how to remember it and just talk about some of the concepts within it and how
some of the concepts within it and how to troubleshoot down it as well so
to troubleshoot down it as well so I picked this up from Keith Barker a
I picked this up from Keith Barker a long time ago great trainer by the way
long time ago great trainer by the way and this is the mnemonic so we're gonna
and this is the mnemonic so we're gonna go p d n t s
go p d n t s p a
p a and this stands in my head for please do
and this stands in my head for please do not throw sausage pizza away
not throw sausage pizza away again that is please do not throw
again that is please do not throw sausage pizza away so I'm gonna put
sausage pizza away so I'm gonna put numbers corresponding to the layers in
numbers corresponding to the layers in front of it here
front of it here and we're gonna go ahead and type these
and we're gonna go ahead and type these out one by one so on the first layer
out one by one so on the first layer here we've got what is called the
here we've got what is called the physical layer
physical layer and you could think of your physical
and you could think of your physical layer as like data cables
layer as like data cables or like your cat 6 cables
or like your cat 6 cables stuff like that something you might you
stuff like that something you might you might plug in right that is the physical
might plug in right that is the physical layer and we've already talked about
layer and we've already talked about Layer Two quite a bit Layer Two is the
Layer Two quite a bit Layer Two is the data layer and that is our switching
data layer and that is our switching right and also our Mac addresses
right and also our Mac addresses going down the list we've got the
going down the list we've got the network layer which is IP addresses
network layer which is IP addresses also routing
the fourth layer is the transport layer which is TCP UDP which we have talked
which is TCP UDP which we have talked about as well
about as well and the last few so the session layer
and the last few so the session layer we've got the session layer which is
we've got the session layer which is just session management you don't really
just session management you don't really have to worry too much about this one
have to worry too much about this one six is the presentation layer now this
six is the presentation layer now this should be familiar to you because think
should be familiar to you because think about WMV
about WMV jpeg movie files that's what your
jpeg movie files that's what your presentation layer is so media and then
presentation layer is so media and then lastly we've got the application layer
lastly we've got the application layer which is like HTTP SMTP your
which is like HTTP SMTP your applications that you utilize right
applications that you utilize right so we've got this laid out here and you
so we've got this laid out here and you might be asking why is this important
might be asking why is this important well again when we say something like my
well again when we say something like my home router is a layer 2 3. so that
home router is a layer 2 3. so that means it does it does switching and it
means it does it does switching and it does routing right you might think of
does routing right you might think of this in another way as well you might be
this in another way as well you might be asked to troubleshoot and something to
asked to troubleshoot and something to talk about too with the with the OSI
talk about too with the with the OSI model is when we receive data we receive
model is when we receive data we receive data down this physical layer all the
data down this physical layer all the way down to the application when we
way down to the application when we transmit data it goes out the
transmit data it goes out the application layer down to the physical
application layer down to the physical when we're troubleshooting this it is
when we're troubleshooting this it is always best to start with the physical
always best to start with the physical and go down to the application Level
and go down to the application Level okay so say you get a your working help
okay so say you get a your working help desk and you get a phone call and
desk and you get a phone call and somebody says you know my internet's not
somebody says you know my internet's not working help me
working help me well what's the first thing you're going
well what's the first thing you're going to do are you going to ask them
to do are you going to ask them application Level questions yeah
application Level questions yeah probably not you might say hey can you
probably not you might say hey can you look at the back of the computer do you
look at the back of the computer do you see a uh the cable plugged in
see a uh the cable plugged in oh the cable's plugged in okay well uh
oh the cable's plugged in okay well uh do you do you see the the where the
do you do you see the the where the cables plugged in is there a blinking
cables plugged in is there a blinking light is that blinking light green by
light is that blinking light green by chance okay we're checking the Nick
chance okay we're checking the Nick right and then we might ask them to you
right and then we might ask them to you know do they have an IP address what's
know do they have an IP address what's going on uh all the way down and then we
going on uh all the way down and then we troubleshoot all the way down to layer
troubleshoot all the way down to layer seven so we wouldn't start on layer
seven so we wouldn't start on layer seven right we would start from the
seven right we would start from the basics and move down so it's important
basics and move down so it's important to know this this isn't a help desk
to know this this isn't a help desk course by any means but it's super
course by any means but it's super important to know this especially if
important to know this especially if it's been a while since you've seen this
it's been a while since you've seen this network stuff or even if this is new to
network stuff or even if this is new to you that the osm model is commonly
you that the osm model is commonly referred to even as a pen tester I get
referred to even as a pen tester I get all kinds of layer two layer three talk
all kinds of layer two layer three talk and you will be sitting in meetings with
and you will be sitting in meetings with network Engineers with people who are
network Engineers with people who are very very smart about this stuff and
very very smart about this stuff and they're going to throw all this lingo at
they're going to throw all this lingo at you so if you know this lingo really
you so if you know this lingo really really benefits you or else you're just
really benefits you or else you're just gonna sit there and wonder what the heck
gonna sit there and wonder what the heck they're talking about so hopefully the
they're talking about so hopefully the this is a quick informative method for
this is a quick informative method for you and again remember
you and again remember please do not throw sausage pizza away
please do not throw sausage pizza away that's the easiest way that I remember
that's the easiest way that I remember it you can make up your own mnemonics if
it you can make up your own mnemonics if you want people have other things as
you want people have other things as well if you've got a if you got a
well if you've got a if you got a favorite mnemonic please feel free to
favorite mnemonic please feel free to comment down below and tell me your
comment down below and tell me your mnemonic as well so I'd love to hear
mnemonic as well so I'd love to hear some of these other ones so let's go
some of these other ones so let's go ahead and move on into subnetting and
ahead and move on into subnetting and then we'll uh we'll start moving into
then we'll uh we'll start moving into other fun parts of the course
let's talk about subnetting so subnetting is important in networking
subnetting is important in networking you hear about it all the time you hear
you hear about it all the time you hear even people perhaps freaking out I know
even people perhaps freaking out I know I freaked out when I heard that I had to
I freaked out when I heard that I had to do it for exams like Network Plus or
do it for exams like Network Plus or CCNA and I feel like there are a lot of
CCNA and I feel like there are a lot of complicated methods out there for
complicated methods out there for submitting but there was a method that
submitting but there was a method that was shown to me middle of my career and
was shown to me middle of my career and it just blew my mind it's really really
it just blew my mind it's really really fast subnetting method and I really want
fast subnetting method and I really want to break down for you what subnetting is
to break down for you what subnetting is why we do it and then show you the
why we do it and then show you the methodology behind it so if we want to
methodology behind it so if we want to talk about subnetting if we just come in
talk about subnetting if we just come in here and just do an ifconfig
here and just do an ifconfig and we look at our IP address right we
and we look at our IP address right we have our inet which is our ipv4 and you
have our inet which is our ipv4 and you can see here too we have this net mask
can see here too we have this net mask this is also known as a subnet mask or a
this is also known as a subnet mask or a subnet and it just says 255-255-255.0
really tell us a lot if we don't know much about it but this is what a subnet
much about it but this is what a subnet looks like and we can think of subnets
looks like and we can think of subnets in ones and zeros it's all bit right so
in ones and zeros it's all bit right so we've got eight bits here just like an
we've got eight bits here just like an IP address ipv4 same thing 8 Bits 8 Bits
IP address ipv4 same thing 8 Bits 8 Bits 8 Bits and another eight bits and we've
8 Bits and another eight bits and we've got ones and zeros if all the ones are
got ones and zeros if all the ones are switched on we've got 255 if none of the
switched on we've got 255 if none of the ones are switched on we've got zero and
ones are switched on we've got zero and depending on how those ones and zeros
depending on how those ones and zeros are switched on or off determines a lot
are switched on or off determines a lot of things for us and that's why this net
of things for us and that's why this net mask is important now attached to your
mask is important now attached to your resources for this course I've created
resources for this course I've created an Excel sheet that I think will be
an Excel sheet that I think will be useful so if we look at the Excel sheet
useful so if we look at the Excel sheet here is the Cyber mentors subnetting
here is the Cyber mentors subnetting sheet and let's talk through this it
sheet and let's talk through this it looks like a bunch of numbers and it
looks like a bunch of numbers and it might look crazy for you and we're going
might look crazy for you and we're going to talk about how this breaks down how
to talk about how this breaks down how the bits break down and then how I would
the bits break down and then how I would write this shorthanded for an exam or a
write this shorthanded for an exam or a test or just something that I do on a
test or just something that I do on a day-to-day basis
day-to-day basis so first let's talk about the bit so
so first let's talk about the bit so come to the bits tab here and we have
come to the bits tab here and we have our eight bits right we can count this
our eight bits right we can count this across and there's eight here on the
across and there's eight here on the count you can see that and it starts
count you can see that and it starts with 128 and descends down to one you
with 128 and descends down to one you just keep cutting it in half right so
just keep cutting it in half right so 128 64 32 16 8 whatever what's more
128 64 32 16 8 whatever what's more important is why we get to these numbers
important is why we get to these numbers so if we have a 1 switched on here it
so if we have a 1 switched on here it adds to the value when all the ones are
adds to the value when all the ones are switched on it equals to 255 you see all
switched on it equals to 255 you see all the ones switched on here if we were to
the ones switched on here if we were to highlight over all this come down to the
highlight over all this come down to the sum you see the sum is 255 that's all
sum you see the sum is 255 that's all this formula is doing here
this formula is doing here so if we were to come through and you
so if we were to come through and you see all the zeros here nothing's flipped
see all the zeros here nothing's flipped on to actually turn any value on here
on to actually turn any value on here how this actually works is the switch
how this actually works is the switch has to be on in order right so if we
has to be on in order right so if we were to switch on another bit we'd have
were to switch on another bit we'd have to switch it on here
to switch it on here and we'd have to switch another one on
and we'd have to switch another one on here we couldn't just come down here and
here we couldn't just come down here and switch it on here it wouldn't make sense
switch it on here it wouldn't make sense it doesn't work that way not with
it doesn't work that way not with subnetting so we're going to take these
subnetting so we're going to take these back off and just show zeros again but
back off and just show zeros again but you see how the values change if for
you see how the values change if for example we had this network and you saw
example we had this network and you saw the default and I'm showing you the
the default and I'm showing you the 255-255-2550 the standard here because
255-255-2550 the standard here because that is what's known as a slash 24
that is what's known as a slash 24 Network that's very very common
Network that's very very common and it's very common because it's used
and it's very common because it's used mostly in household and small businesses
mostly in household and small businesses and it's done this way because of the
and it's done this way because of the amount of hosts that it allows now if we
amount of hosts that it allows now if we talk about the host you can see that I
talk about the host you can see that I have here 2 to the eighth power
have here 2 to the eighth power why do I have that well we actually go
why do I have that well we actually go by how many bits are switched off or how
by how many bits are switched off or how many hosts are available to us so if a
many hosts are available to us so if a host here or a bit was switched on then
host here or a bit was switched on then we lose the amount of hosts we have
we lose the amount of hosts we have available to us and this subnet gets
available to us and this subnet gets smaller and smaller now don't worry too
smaller and smaller now don't worry too much about the ones and zeros it's going
much about the ones and zeros it's going to make a lot more sense when we stop
to make a lot more sense when we stop talking in these binary terms I just
talking in these binary terms I just kind of want to break down the math
kind of want to break down the math behind it first before we make it really
behind it first before we make it really really simplistic so again we've we're
really simplistic so again we've we're talking about what's called the slash 24
talking about what's called the slash 24 or whack 24 Network and it's so standard
or whack 24 Network and it's so standard because of the host again 256. think of
because of the host again 256. think of all the devices in your house you have
all the devices in your house you have cell phones you probably have computers
cell phones you probably have computers you might have like a Roku or Amazon
you might have like a Roku or Amazon Fire or something along those lines you
Fire or something along those lines you might have Smart TVs or smart watches or
might have Smart TVs or smart watches or something that connects to the internet
something that connects to the internet well again they're all connecting
well again they're all connecting through Nat right and going out but the
through Nat right and going out but the amount of hosts that you can have on
amount of hosts that you can have on your private Network really depends on
your private Network really depends on the subnet mask and how you set it so we
the subnet mask and how you set it so we have this class C that you saw before
have this class C that you saw before the
the 192.168.1 or dot zero or however you
192.168.1 or dot zero or however you want to have it right well it allows us
want to have it right well it allows us to have 256 when we have a subnet of
to have 256 when we have a subnet of Slash 24 so that's very common for a
Slash 24 so that's very common for a household it's also common for a small
household it's also common for a small business maybe there's a printer some
business maybe there's a printer some few devices in there but they're never
few devices in there but they're never going to get over this 256 hose okay so
going to get over this 256 hose okay so when we come to the subnet cheat sheet
when we come to the subnet cheat sheet let's break this down a little bit
let's break this down a little bit differently
differently so we have our host here let's start
so we have our host here let's start with the slash 24 we just were and you
with the slash 24 we just were and you saw that there is 256 available hosts as
saw that there is 256 available hosts as we start turning off bits
we start turning off bits okay we turn off a bit here we turn off
okay we turn off a bit here we turn off a bit keep going down the list the hosts
a bit keep going down the list the hosts start getting bigger and that just
start getting bigger and that just corresponds here we have a slash 24 and
corresponds here we have a slash 24 and the only reason I'm saying 24 is I'm
the only reason I'm saying 24 is I'm counting the ones across right so we've
counting the ones across right so we've got 24 bits switched on if we had 23
got 24 bits switched on if we had 23 okay it gets bigger and bigger and
okay it gets bigger and bigger and bigger
bigger now
now let's stay away from the ones and zeros
let's stay away from the ones and zeros I think it's a little bit complicated
I think it's a little bit complicated the better way to think about this is to
the better way to think about this is to look at the subnet Mass down here and
look at the subnet Mass down here and I'm going to replicate this and then
I'm going to replicate this and then we're going to come back to it so what I
we're going to come back to it so what I do here is we can have a possibility of
do here is we can have a possibility of 32 bits switched on right so I'm just
32 bits switched on right so I'm just making a new tab and I'm just going to
making a new tab and I'm just going to go over here and I'm going to hit
go over here and I'm going to hit control and drag this across until it
control and drag this across until it hits eight
hits eight okay and then I'm gonna do the same
okay and then I'm gonna do the same thing with nine I'm gonna drag it across
thing with nine I'm gonna drag it across all I'm doing is just making really
all I'm doing is just making really quickly 32 placeholders
quickly 32 placeholders and I'm just emulating here
and I'm just emulating here if we had the possibility of
if we had the possibility of 32 different switched on bits so imagine
32 different switched on bits so imagine one bit is switched on imagine all 32
one bit is switched on imagine all 32 bits are switched on that's the
bits are switched on that's the possibilities here right so always for
possibilities here right so always for sure we're going to have an amount of
sure we're going to have an amount of host and we're gonna have a subnet mask
host and we're gonna have a subnet mask okay so we'll just call it subnet there
okay so we'll just call it subnet there we always start here
we always start here with 128 just like the bits that you saw
with 128 just like the bits that you saw you saw the 128 start on the bits let's
you saw the 128 start on the bits let's just start also with 128. now as you saw
just start also with 128. now as you saw every bit that's switched on remember
every bit that's switched on remember when we switch a bit on over here
when we switch a bit on over here it starts decreasing so we're going to
it starts decreasing so we're going to decrease for the bits that are switched
decrease for the bits that are switched on 64 32 16 8
on 64 32 16 8 4 2 1. you come over here and what I
4 2 1. you come over here and what I like to actually do is I like to just
like to actually do is I like to just add these numbers together and you can
add these numbers together and you can see 128 and 64 is 192.
see 128 and 64 is 192. and then you can add these two together
and then you can add these two together so you get 192 32 you just add diagonals
so you get 192 32 you just add diagonals the way I I actually always do it so 224
the way I I actually always do it so 224 240 248
240 248 252 254 and 255. now what does that
252 254 and 255. now what does that correspond to it corresponds to the
correspond to it corresponds to the possibilities of the bits being flipped
possibilities of the bits being flipped on right so this looks just like what
on right so this looks just like what you see here
you see here same deal and if you had a one
same deal and if you had a one underneath of it okay then you got 128
underneath of it okay then you got 128 if you've got another one underneath of
if you've got another one underneath of it well guess what you've got 128 plus
it well guess what you've got 128 plus 64 which is 192. and this number keeps
64 which is 192. and this number keeps growing why is this important this is
growing why is this important this is still all ones and zeros right well
still all ones and zeros right well let's start thinking about it
let's start thinking about it if we have a slash 24 Network we've got
if we have a slash 24 Network we've got 24 bits turned on
24 bits turned on our subnet mask is
our subnet mask is 255.255.255.0
255.255.0.0 why where are these changes coming from let me show you this
coming from let me show you this okay for a slash eight I'm just tying
okay for a slash eight I'm just tying this into just this right here well this
this into just this right here well this is coming from the number of bits that
is coming from the number of bits that are turned on
are turned on eight bits turned on we've got two five
eight bits turned on we've got two five five and the rest are zeros you got
five and the rest are zeros you got another eight bits turned on two five
another eight bits turned on two five five two five five the rest are zeros
five two five five the rest are zeros come down to the slash 24 which is that
come down to the slash 24 which is that really common subnet that you see and
really common subnet that you see and you've got two five five two five five
you've got two five five two five five two five five zero now this is very
two five five zero now this is very common okay let's go back to the cheat
common okay let's go back to the cheat sheet now
sheet now and you can see that I've got X as a
and you can see that I've got X as a placeholder in the subnet so what I'm
placeholder in the subnet so what I'm saying here is you look at this list and
saying here is you look at this list and you say I've got a slash one well for
you say I've got a slash one well for this whole area here from one to eight
this whole area here from one to eight the placeholder is going to hold in
the placeholder is going to hold in place of this x so for a slash one if
place of this x so for a slash one if I've got 128 then guess what it's going
I've got 128 then guess what it's going to become
to become 128.0.0.0 because that's how it would be
128.0.0.0 because that's how it would be and if you were turned on just one bit
and if you were turned on just one bit here and made all of these zeros guess
here and made all of these zeros guess what just the 128 would be on the rest
what just the 128 would be on the rest would be zeros okay if we had a slash 14
would be zeros okay if we had a slash 14 okay so 255's automatically flipped on
okay so 255's automatically flipped on you have a slash eight already you've
you have a slash eight already you've passed through it okay so you're
passed through it okay so you're starting on the second iteration here
starting on the second iteration here slash 14 corresponds down here to 252 so
slash 14 corresponds down here to 252 so you'd have a 255.252.0.0
so all this is is placeholders let's go back to the sheet here
back to the sheet here so I make this quick and dirty list this
so I make this quick and dirty list this is what I write out when I'm just
is what I write out when I'm just writing out something quick for an exam
writing out something quick for an exam I'll write out one through thirty two
I'll write out one through thirty two I'll put the host here and I'll put the
I'll put the host here and I'll put the subnet here so again if we know that
subnet here so again if we know that once we cross through 8 16 24 32 that
once we cross through 8 16 24 32 that has a two five five in front of it
has a two five five in front of it all we've got to do then is we'll say
all we've got to do then is we'll say slash 27 well we've come through three
slash 27 well we've come through three columns then I know for sure that we've
columns then I know for sure that we've got
255.255.255.something right you see the slash 27 you come down here the subnet
slash 27 you come down here the subnet would be 224.
would be 224. say 28 okay two five five two five five
say 28 okay two five five two five five two five five look at the 28 you've got
two five five look at the 28 you've got a DOT 240.
a DOT 240. and this is gonna be confusing this is
and this is gonna be confusing this is subnetting is not necessarily easy once
subnetting is not necessarily easy once you get the chart down it makes a lot
you get the chart down it makes a lot more sense so let's start piecing some
more sense so let's start piecing some more things together when I say that
more things together when I say that I've got host now the host I'm showing
I've got host now the host I'm showing you only correspond to these first rows
you only correspond to these first rows but it's very common or very useful just
but it's very common or very useful just to know this number right off the bat
to know this number right off the bat now if you look at the cheat sheet what
now if you look at the cheat sheet what you can do here is you just know that
you can do here is you just know that you start with a one or you start with
you start with a one or you start with the 128 you go down but every time you
the 128 you go down but every time you go up you're doubling and why are we
go up you're doubling and why are we doubling do you remember from the bits
doubling do you remember from the bits part
part every time a bit is turned off so as we
every time a bit is turned off so as we go up a number
go up a number we take it to the next power so we've
we take it to the next power so we've got eight bits turned off we take two to
got eight bits turned off we take two to the eighth power it's 256. well
the eighth power it's 256. well here you go look
here you go look come through here 256 we go to the ninth
come through here 256 we go to the ninth power 512 to the 10th power 10 24 it
power 512 to the 10th power 10 24 it just keeps doubling okay that's all you
just keeps doubling okay that's all you got to think about in your mind is it
got to think about in your mind is it keeps doubling so on an exam for example
keeps doubling so on an exam for example you might have something like what how
you might have something like what how many hosts could be potentially in a
many hosts could be potentially in a slash 20 Network and you come to your
slash 20 Network and you come to your cheat sheet that you made or you have in
cheat sheet that you made or you have in your head and you say well 496 and then
your head and you say well 496 and then we'll get to this in a minute but we
we'll get to this in a minute but we have to subtract two so 494 potential
have to subtract two so 494 potential and why is this all important what do we
and why is this all important what do we even care about any of this why am I
even care about any of this why am I rambling on well you need to know based
rambling on well you need to know based on the network okay the slash 24 is
on the network okay the slash 24 is great for a small office home network
great for a small office home network however you want to have it but what if
however you want to have it but what if you're a large Enterprise
you're a large Enterprise maybe you have thousands of devices okay
maybe you have thousands of devices okay maybe you want a slash 16 Network that
maybe you want a slash 16 Network that might make more sense for you or you
might make more sense for you or you even see some with a slash 8 Network it
even see some with a slash 8 Network it just depends on how big the company is
just depends on how big the company is the larger the company the greater
the larger the company the greater chance that you're going to see that
chance that you're going to see that they're not using slash 24 or they could
they're not using slash 24 or they could even have subnetted segments of their
even have subnetted segments of their Network where say they have just
Network where say they have just telephones and they've got 500 employees
telephones and they've got 500 employees and 500 telephones they might just have
and 500 telephones they might just have one slash 23 Network for nothing but
one slash 23 Network for nothing but telephones because that's the amount of
telephones because that's the amount of hosts that fit in there
hosts that fit in there so what we're after with subnetting is
so what we're after with subnetting is how many hosts can we fit and what is
how many hosts can we fit and what is the mask that's behind it so those are
the mask that's behind it so those are questions you might be asked in the exam
questions you might be asked in the exam and these are questions that you're just
and these are questions that you're just going to see and when you're given
going to see and when you're given addresses say you're doing a pen test
addresses say you're doing a pen test for a client you might be given
for a client you might be given something like this you might be given
something like this you might be given IP address it's
IP address it's 192.168.1.0 24. okay and immediately in
192.168.1.0 24. okay and immediately in your head you're like oh slash 24 that's
your head you're like oh slash 24 that's standard there could be up to 256 hosts
standard there could be up to 256 hosts or 254 hosts or devices in this network
or 254 hosts or devices in this network but if they gave you something like 192
but if they gave you something like 192 168 1.0 20. then you might look at your
168 1.0 20. then you might look at your little chart and say
little chart and say 4094 hosts remember we're going to
4094 hosts remember we're going to subtract two four thousand ninety four
subtract two four thousand ninety four hosts in this network now I know if I'm
hosts in this network now I know if I'm scanning this I'm up against a lot more
scanning this I'm up against a lot more devices potentially than I am in this
devices potentially than I am in this okay so when a client gives you your
okay so when a client gives you your subnets they might just write it out
subnets they might just write it out like this and depending how big your
like this and depending how big your client is might depend on how big their
client is might depend on how big their subnets are for you for example I just
subnets are for you for example I just pen tested a client that was a slash 16
pen tested a client that was a slash 16 all the way across and it looks
all the way across and it looks something like
something like 10.1.0.0 16.
10.1.0.0 16. okay and your subnet mask for that would
okay and your subnet mask for that would be something like two five five two five
be something like two five five two five five zero dot zero and how does this
five zero dot zero and how does this come into play well every time you have
come into play well every time you have a two five five that number's locked in
a two five five that number's locked in place that's another way to think about
place that's another way to think about this so that 10 is always locked down
this so that 10 is always locked down this one is always locked down the rest
this one is always locked down the rest of the bits are fair game meaning we
of the bits are fair game meaning we could have
10.1.1.0.1.2.3 we could actually have a zero here
zero here 0.1.2.3.4 and that's how this number for
0.1.2.3.4 and that's how this number for like a slash 16 gets so big because you
like a slash 16 gets so big because you have 10.1.0.0
through 255 on the possibilities which equals 256 hosts okay for one range you
equals 256 hosts okay for one range you get 256. well imagine you have to do
get 256. well imagine you have to do that 255 other times right and that
that 255 other times right and that number gets substantially bigger here
number gets substantially bigger here and then if you were to have a slash
and then if you were to have a slash eight then of course it gets bigger and
eight then of course it gets bigger and bigger so what you need to realize are a
bigger so what you need to realize are a few things here
few things here we have these addresses and you see the
we have these addresses and you see the slash one slash a again we call them wax
slash one slash a again we call them wax whack 24 is going to be very common I
whack 24 is going to be very common I would say wax 16 is probably your next
would say wax 16 is probably your next common you might see some weird cemented
common you might see some weird cemented networks like this subnetted networks
networks like this subnetted networks like this but typically it's slash 24
like this but typically it's slash 24 16. now
16. now your network ID is typically what is
your network ID is typically what is known as your first address and your
known as your first address and your broadcast ID is known as your last
broadcast ID is known as your last address this is not always the case but
address this is not always the case but it is very common and let me log back
it is very common and let me log back into this Cali machine here and I'll
into this Cali machine here and I'll show you
show you so we have our IP address 192 168 57.139
so we have our IP address 192 168 57.139 and we've got a net mask of
and we've got a net mask of 255-255-2550 what does that tell you
255-255-2550 what does that tell you from what we just learned that tells you
from what we just learned that tells you we have a slash 24 Network okay this is
we have a slash 24 Network okay this is a common Network there are potentially
a common Network there are potentially 250 for hosts why have I keep saying
250 for hosts why have I keep saying that why do I keep subtracting true well
that why do I keep subtracting true well we've got a network ID and a broadcast
we've got a network ID and a broadcast ID or broadcast IP here well what we
ID or broadcast IP here well what we need to know
need to know is we are DOT 139 we could be anywhere
is we are DOT 139 we could be anywhere from dot 1.254 within this network
from dot 1.254 within this network that's our 254 possibilities this zero
that's our 254 possibilities this zero means we have the flexibility to be any
means we have the flexibility to be any IP address range from 1 to 254. usually
IP address range from 1 to 254. usually usually a DOT zero for this IP here and
usually a DOT zero for this IP here and a DOT 255 make up your network ID and
a DOT 255 make up your network ID and your broadcast IP okay usually so if we
your broadcast IP okay usually so if we were to say something along the lines of
were to say something along the lines of let's go back to this Excel document and
let's go back to this Excel document and we were to say something along the lines
we were to say something along the lines of this let's say that we have a slash
of this let's say that we have a slash 24 Network
24 Network and we want to know how many hosts
and we want to know how many hosts we want to know how what our network ID
we want to know how what our network ID is
is and what our broadcast ideas or IAP is
and what our broadcast ideas or IAP is okay
okay we would say okay and we'll we'll give
we would say okay and we'll we'll give it one more we'll say it's a slash 24
it one more we'll say it's a slash 24 and the IP starts with
and the IP starts with 192.168.1 DOT
192.168.1 DOT zero okay or we can even write it like
zero okay or we can even write it like this 192 168 1.0 24 delete this and
this 192 168 1.0 24 delete this and we'll say what's our subnet mask
what's our host what's our Network what's our broadcast so subnet you come
what's our broadcast so subnet you come to your cheat sheet you say Okay slash
to your cheat sheet you say Okay slash 24 I already know that I need to be
24 I already know that I need to be filling in this area here on the X so
filling in this area here on the X so I'm just going to come in 255 255 what's
I'm just going to come in 255 255 what's the X well we know to come down this row
the X well we know to come down this row 255 here
255 here dot zero
dot zero okay and then we've got hosts I'm just
okay and then we've got hosts I'm just going to expand this a little bit we've
going to expand this a little bit we've got the host okay hosts are right here
got the host okay hosts are right here 256 hosts potentially 254 though because
256 hosts potentially 254 though because we always subtract 2 from the host total
we always subtract 2 from the host total so our network ID is usually the first
so our network ID is usually the first address available to us which is
address available to us which is 192.1681.0 the broadcast is
192.1681.0 the broadcast is 192.168.1.255 meaning available to us is
192.168.1.255 meaning available to us is anything from dot 1 to Dot 254.
anything from dot 1 to Dot 254. let's take a look at something else
let's take a look at something else that's uh a basic example let's do like
that's uh a basic example let's do like a slash 28. let's say we got
192.168.1.0 28. now what
now what well you've got 16 hosts here
well you've got 16 hosts here okay so our subnet is then going to fill
okay so our subnet is then going to fill in two five five two five five two five
in two five five two five five two five five dot X right because we're in this
five dot X right because we're in this row
row slash 28 says it's going to be a 240
slash 28 says it's going to be a 240 when we drop down to the subnet mask
when we drop down to the subnet mask I'm going to make this a little bigger
I'm going to make this a little bigger how many hosts 16 minus two we have 14
how many hosts 16 minus two we have 14 hoes
hoes okay so the first non-host would be a
okay so the first non-host would be a 192.168.1.0 again still the same thing
192.168.1.0 again still the same thing first first address
first first address last address is going to be what
last address is going to be what 192.168.1.15.
does that make sense 0 to 15 is 16 addresses usable space is 14 because we
addresses usable space is 14 because we take out the network and the broadcast
take out the network and the broadcast now you could see something like this
now you could see something like this and then guess what you're segmented so
and then guess what you're segmented so because you're only using this little
because you're only using this little bit of space you can then in turn have
bit of space you can then in turn have something like this
something like this 192.168.1.16 28.
192.168.1.16 28. and then it starts the same way your
and then it starts the same way your subnet mask is actually the same because
subnet mask is actually the same because you're using a slash 28 you come through
you're using a slash 28 you come through you can just copy and paste that the
you can just copy and paste that the hosts are still the same what changes
hosts are still the same what changes here
here well your first address 102.168.1.16
and then your last address which is 192.168.1.31
so because this is smaller on the slash 28 side
28 side we can actually have multiple networks
we can actually have multiple networks within like say a DOT
1.0.1.16.1.32 you get a multiple little networks here with only a small amount
networks here with only a small amount of hosts so maybe you have just a few
of hosts so maybe you have just a few servers in this range and you have like
servers in this range and you have like servers
servers um a b and c they go in a slash 28 and
um a b and c they go in a slash 28 and then you have another one of servers DC
then you have another one of servers DC and e or d d e and f however you want to
and e or d d e and f however you want to say it and you have more in that range
say it and you have more in that range okay so you can subnet this out into
okay so you can subnet this out into different things and when we see subnets
different things and when we see subnets we see all kinds of stuff we can see
we see all kinds of stuff we can see phones servers user computers Wireless
phones servers user computers Wireless all different sort of things some
all different sort of things some companies get really specific with their
companies get really specific with their subnetting now let's try one more let's
subnetting now let's try one more let's say we have a slash 23. now I want to
say we have a slash 23. now I want to put in
put in 192.168.1.0 23 but that would be wrong
192.168.1.0 23 but that would be wrong why would this be wrong this is actually
why would this be wrong this is actually going to be a zero and I'll show you why
going to be a zero and I'll show you why in a second
in a second so we're no longer locking in the this
so we're no longer locking in the this this number anymore right when we get
this number anymore right when we get below the slash 24 of the 255 all the
below the slash 24 of the 255 all the way across for three of them guess what
way across for three of them guess what we're now have the ability to change
we're now have the ability to change this number other than what's locked in
this number other than what's locked in so let's do a DOT zero we'll talk about
so let's do a DOT zero we'll talk about why let's hit enter here so the subnet
why let's hit enter here so the subnet on a slash 23 well we're going to do a
on a slash 23 well we're going to do a 254 which is going to be the placeholder
254 which is going to be the placeholder of the X here we're going to come in and
of the X here we're going to come in and say 255-255-254.0
and now again we're not locked in so remember this 255 would lock in this dot
remember this 255 would lock in this dot one that doesn't happen anymore so we've
one that doesn't happen anymore so we've got 255 255 254.0 we're actually going
got 255 255 254.0 we're actually going to start at zero here and we're going to
to start at zero here and we're going to say the number of hosts that are
say the number of hosts that are possible
possible it's 510 okay 512 minus two we'll say
it's 510 okay 512 minus two we'll say our network ID is
our network ID is 192.168.0.0 and our broadcast would then
192.168.0.0 and our broadcast would then be 192.168.1.255.
why okay so we have the possibility now that we're spanning two ranges we've got
that we're spanning two ranges we've got 510 hosts in this network okay and we
510 hosts in this network okay and we have the ability to go between zero and
have the ability to go between zero and one we've got two options now zero and
one we've got two options now zero and one so if we were to say another network
one so if we were to say another network if we wanted to get to like a two we'd
if we wanted to get to like a two we'd actually have to say
actually have to say 192.168.2.0 23 it would be the same
192.168.2.0 23 it would be the same subnet mask
subnet mask same number of hosts but then this would
same number of hosts but then this would be 192.168.2.0
again there's 500 510 possible hosts in between this right because you got to
between this right because you got to think dot
think dot 0.1.0.2.0.3 all the way through 254 and
0.1.0.2.0.3 all the way through 254 and again 1.1 1.2 all the way through 254.
again 1.1 1.2 all the way through 254. so that equals 510. once you've hit that
so that equals 510. once you've hit that maximum that 1.255 then guess what you
maximum that 1.255 then guess what you start at 2 you have a whole new network
start at 2 you have a whole new network here just like these smaller segments
here just like these smaller segments you get whole new networks on the bigger
you get whole new networks on the bigger side as well so what you need to know is
side as well so what you need to know is that when I if I were to put something
that when I if I were to put something like a 192.168.1.0.23
that would have fallen into line with the one and the zero in our actual
the one and the zero in our actual network ID still would have been 0.0 and
network ID still would have been 0.0 and a 1.255 would have been the broadcast
a 1.255 would have been the broadcast here and you can double check this
here and you can double check this anytime you're confused you can double
anytime you're confused you can double check your cider notation so I'm going
check your cider notation so I'm going to bring over a website that I will show
to bring over a website that I will show you here and this is just an IP
you here and this is just an IP addressing guide It's called
addressing guide It's called ipaddressguide.com you bring this over
ipaddressguide.com you bring this over and you scroll down just a little bit
and you scroll down just a little bit and I just put in
and I just put in 192.168.1.0 23 and you can see that it
192.168.1.0 23 and you can see that it actually corrects me and says the first
actually corrects me and says the first bit is
bit is 192.168.0.0 the last one's
192.168.0.0 the last one's 192.1681.255 total host is 5 12 minus
192.1681.255 total host is 5 12 minus two shows you that again first IP last
two shows you that again first IP last IP you got your net mask very easy to
IP you got your net mask very easy to use a cider calculator here or an IP
use a cider calculator here or an IP range to convert to cider as well so
range to convert to cider as well so very useful calculators but if you're
very useful calculators but if you're not allowed to use these for like an
not allowed to use these for like an exam purpose or something along those
exam purpose or something along those lines then using the cheat sheet that
lines then using the cheat sheet that I've shown you is super useful now what
I've shown you is super useful now what I want to do is I want to try three more
I want to do is I want to try three more subnets okay I'm going to write these
subnets okay I'm going to write these out I'm going to say
192.168.1.0 26 and
192.168.1.0 27. I want you to solve these for me tell me the subnet mask the
these for me tell me the subnet mask the host Network and broadcast
host Network and broadcast and with that being said this again is a
and with that being said this again is a very complicated topic I did not pick
very complicated topic I did not pick this up the first time or the second
this up the first time or the second time that I got it if you're running
time that I got it if you're running confused right now perfectly normal you
confused right now perfectly normal you can go back and watch this video again
can go back and watch this video again try to pick up more topics try to
try to pick up more topics try to understand it maybe I'm not the right
understand it maybe I'm not the right instructor for this either I do
instructor for this either I do recommend looking at other resources to
recommend looking at other resources to completely fill in your knowledge Gap if
completely fill in your knowledge Gap if there is one that exists another
there is one that exists another resource that I'll link down is what is
resource that I'll link down is what is called seven second subnetting it is
called seven second subnetting it is very useful a lot of students have
very useful a lot of students have recommended it to me I'm going to push
recommended it to me I'm going to push it forward as well so go ahead and try
it forward as well so go ahead and try to solve this understand that what
to solve this understand that what you're after here is just understanding
you're after here is just understanding what a subnet is okay when you see
what a subnet is okay when you see something like this if a client sends
something like this if a client sends you
you 192.1681.024 you're gonna say hey okay I
192.1681.024 you're gonna say hey okay I know that there's probably 254 hosts in
know that there's probably 254 hosts in that Network and I know what I'm working
that Network and I know what I'm working with if you see this
with if you see this 255.255.255.0 again you know that you're
255.255.255.0 again you know that you're working with a slash 24 Network very
working with a slash 24 Network very standard stuff that's what we're after I
standard stuff that's what we're after I don't expect you to ever memorize this I
don't expect you to ever memorize this I don't have this memorized like I don't
don't have this memorized like I don't come in here and say you know a slash 18
come in here and say you know a slash 18 is a two five five two five five 192.0
is a two five five two five five 192.0 Network and it's got 16 384 hosts I
Network and it's got 16 384 hosts I don't do that okay I have a cheat sheet
don't do that okay I have a cheat sheet I'll use a website if I need to for the
I'll use a website if I need to for the most part what you need to understand is
most part what you need to understand is two 254 hosts for a slash 24 if that
two 254 hosts for a slash 24 if that number has gone up to like a slash 28
number has gone up to like a slash 28 you know you're dealing with less if
you know you're dealing with less if that number is lower like a slash 16 you
that number is lower like a slash 16 you know you're doing with a bigger Network
know you're doing with a bigger Network that's really what it comes down to
that's really what it comes down to unless you are working in networking and
unless you are working in networking and then these become more important but as
then these become more important but as a pen tester understanding how to read
a pen tester understanding how to read this understanding what the subnet is
this understanding what the subnet is and just identifying it with very basic
and just identifying it with very basic measures this is extremely useful so I
measures this is extremely useful so I will catch you over in the next video
will catch you over in the next video when we talk about solving these
when we talk about solving these challenges and hopefully we got them all
challenges and hopefully we got them all right so I'll see you over there in the
right so I'll see you over there in the next one
foreign so let's solve this challenge together
so let's solve this challenge together shall we
shall we 've got a
've got a 192.168.00 22 why did I write this out
192.168.00 22 why did I write this out this way well similar to the slash 23.
this way well similar to the slash 23. so if we come to a slash 22 we see that
so if we come to a slash 22 we see that there are
there are 1024 hosts which means we have a
1024 hosts which means we have a possibility of 1022 right and all we
possibility of 1022 right and all we need to do is fill in the blank on the X
need to do is fill in the blank on the X so
so 255.255 dot 252.0
we come across we know our first IP here or ID is
IP here or ID is 192.1680.0 first address possible now if
192.1680.0 first address possible now if we think about this we can kind of do
we think about this we can kind of do this mentally in our head we can think
this mentally in our head we can think okay there's probably 250 or so hosts in
okay there's probably 250 or so hosts in a network and we've got a thousand or so
a network and we've got a thousand or so hosts here well that's going to be about
hosts here well that's going to be about four right four ranges because we got a
four right four ranges because we got a thousand divided by 250 so I'm going to
thousand divided by 250 so I'm going to go ahead and go 0 1 2 3. that's four
go ahead and go 0 1 2 3. that's four total we'd say
192.168.3.255. and hopefully that math makes sense again zero
makes sense again zero dot 0.1 through 254
dot 0.1 through 254 .1.1 through
.1.1 through 254.2.1 through
254.2.1 through 254.3.1 through 254. that equals about
254.3.1 through 254. that equals about 1022 hosts okay actually I lied to you
1022 hosts okay actually I lied to you the only two we're taking off are 0 and
the only two we're taking off are 0 and 255 you actually have dot zero through
255 you actually have dot zero through 255 1.0 through 255 all the way we're
255 1.0 through 255 all the way we're only subtracting these two so if you do
only subtracting these two so if you do that math that will add up to 10 22.
that math that will add up to 10 22. okay so a slash 26 we've got a
255.255.255.192 fill in the blanks fill in the X's 64 hosts we got 62 in reality
in the X's 64 hosts we got 62 in reality and we're gonna say 192. 168.1.0
and we're gonna say 192. 168.1.0 and 192.168.1.63.
again if we wanted to create a second Network we could start here with a
Network we could start here with a 64-26 and we would start with 64 as the
64-26 and we would start with 64 as the network ID and then 127 as the broadcast
network ID and then 127 as the broadcast and lastly
255.255.255.224 for a slash 27. we've got 30 potential hosts
we've got 30 potential hosts because we got 32 minus 2. 192 168.1.0
because we got 32 minus 2. 192 168.1.0 and then we're going to do 192.168.1.31.
same thing here if we wanted to create a second Network we could we could say
192.168.1.32-27 and then this would start at 32 and this one would end at
start at 32 and this one would end at 63. we can make however many networks
63. we can make however many networks within that four to eight I think eight
within that four to eight I think eight eight different segmented networks with
eight different segmented networks with the Slash 27.
the Slash 27. so that is it again as I said last video
so that is it again as I said last video this can be confusing and all we're
this can be confusing and all we're taking away here is identifying what the
taking away here is identifying what the cider notation looks like identifying
cider notation looks like identifying the base that to me is slash 24 being
the base that to me is slash 24 being the most common what you'll see
the most common what you'll see understanding what a subnet mask is and
understanding what a subnet mask is and why it's important especially in
why it's important especially in relation to hosts and the number of
relation to hosts and the number of devices that you can have on a network
devices that you can have on a network and why you might see something like a
and why you might see something like a slash 28 or a slash 23 or more commonly
slash 28 or a slash 23 or more commonly something like a slash 16. so understand
something like a slash 16. so understand again that slash 24 as you see a bigger
again that slash 24 as you see a bigger number there or you see even you know
number there or you see even you know something other than 3 255s in a row
something other than 3 255s in a row understand the number of hosts are
understand the number of hosts are getting smaller the last 255s you see on
getting smaller the last 255s you see on your screen the number is getting bigger
your screen the number is getting bigger for the number of hosts okay and just
for the number of hosts okay and just understand how to read this that's all
understand how to read this that's all you need to take away again I'm going to
you need to take away again I'm going to provide additional resources as I
provide additional resources as I provide in the last video go review them
provide in the last video go review them if you don't understand them you can
if you don't understand them you can always come to the Discord Channel you
always come to the Discord Channel you can always ask q a questions this is not
can always ask q a questions this is not an easy topic to pick up but it is a
an easy topic to pick up but it is a topic that I had to show you as part of
topic that I had to show you as part of networking
all right so in order to be successful in this course we are going to be
in this course we are going to be utilizing what is called a virtual
utilizing what is called a virtual machine now virtual machines are known
machine now virtual machines are known as VMS for short and a VM is just a
as VMS for short and a VM is just a machine on top of a machine and to give
machine on top of a machine and to give you an example I'm actually running this
you an example I'm actually running this Windows 10 instance that you see here
Windows 10 instance that you see here on top of my Windows 10 instance so here
on top of my Windows 10 instance so here you can see if I scroll up that I have a
you can see if I scroll up that I have a Windows 10 machine I also have a Linux
Windows 10 machine I also have a Linux machine sitting here if I were to
machine sitting here if I were to demaximize this you can see that I'm
demaximize this you can see that I'm actually running here a Windows machine
actually running here a Windows machine in the back this is my wife and I and
in the back this is my wife and I and you come through here we just blow it
you come through here we just blow it back up and we're back inside of our
back up and we're back inside of our machine so a virtual machine is just a
machine so a virtual machine is just a machine inside of a machine so what
machine inside of a machine so what we're going to be doing is we're going
we're going to be doing is we're going to be utilizing this to build out Labs
to be utilizing this to build out Labs that way we don't have to actually have
that way we don't have to actually have a bunch of Hardware we can just use this
a bunch of Hardware we can just use this for our our course and run what we need
for our our course and run what we need to on top of our own machine already now
to on top of our own machine already now this can get resource intensive so if
this can get resource intensive so if you are only utilizing something like
you are only utilizing something like eight gigabytes of RAM then you might
eight gigabytes of RAM then you might have some issues with this but you can
have some issues with this but you can still follow along when we get into the
still follow along when we get into the active directory portion you might run
active directory portion you might run into issues if you do not have at least
into issues if you do not have at least 16 gigabytes of RAM to utilize but we'll
16 gigabytes of RAM to utilize but we'll worry about that when we we get there
worry about that when we we get there there's still plenty of ways to follow
there's still plenty of ways to follow along throughout this whole course so
along throughout this whole course so another thing to note is that I use VMS
another thing to note is that I use VMS every single day this machine that you
every single day this machine that you see here is actually my day-to-day pen
see here is actually my day-to-day pen testing machine so I run a Kali Linux
testing machine so I run a Kali Linux instance on top of my Windows machine
instance on top of my Windows machine and utilize that to do penetration
and utilize that to do penetration testing so I'm going to demonstrate that
testing so I'm going to demonstrate that to you and how we're going to build out
to you and how we're going to build out our Labs with that and a lot of us in
our Labs with that and a lot of us in the industry run through VMS as opposed
the industry run through VMS as opposed to running it directly on metal or on a
to running it directly on metal or on a machine
machine so in order to utilize virtual machines
so in order to utilize virtual machines we first need some sort of virtual
we first need some sort of virtual machine software to play these so there
machine software to play these so there are two different ways that we can do
are two different ways that we can do this if you are on a Windows machine or
this if you are on a Windows machine or a Linux machine you can utilize VMware
a Linux machine you can utilize VMware Workstation player now if you type in
Workstation player now if you type in VMware Workstation player in Google the
VMware Workstation player in Google the first one here that says download VMware
first one here that says download VMware Workstation player you just click on
Workstation player you just click on that
that and if you are in a Mac environment
and if you are in a Mac environment you're going to be utilizing Oracle
you're going to be utilizing Oracle virtualbox so if you type in Oracle
virtualbox so if you type in Oracle virtualbox you come here and you go to
virtualbox you come here and you go to downloads
downloads you have your option there as well so in
you have your option there as well so in this course I will be using VMware
this course I will be using VMware Workstation player I'm going to be
Workstation player I'm going to be running it on top of Windows if you are
running it on top of Windows if you are using Mac that is absolutely fine you're
using Mac that is absolutely fine you're going to be following along just the
going to be following along just the same all you need to be able to do is
same all you need to be able to do is follow the same instructions that I give
follow the same instructions that I give you and you will be a-okay so if you
you and you will be a-okay so if you scroll down here you can see try
scroll down here you can see try workstation player for windows or try a
workstation player for windows or try a workstation player for Linux go ahead
workstation player for Linux go ahead and just select download now
and just select download now that should bring up a download and go
that should bring up a download and go ahead and save it
ahead and save it if you're doing virtualbox go ahead and
if you're doing virtualbox go ahead and download for OS X I will download the
download for OS X I will download the windows version just so that we can uh
windows version just so that we can uh we can see what that looks like as well
we can see what that looks like as well so I'll save both of these
so I'll save both of these so let's view our downloads and we've
so let's view our downloads and we've got VMware Workstation player here
got VMware Workstation player here I'm going to go ahead and open this one
I'm going to go ahead and open this one and we're going to install this
and this will be very point and click so next accept the agreement possibly
so next accept the agreement possibly give away our first child uh yeah we
give away our first child uh yeah we should go ahead and install the enhanced
should go ahead and install the enhanced keyboard driver while we have this
and then we don't need to enjoy join any Improvement programs or check for
Improvement programs or check for product update that's okay we will
product update that's okay we will install desktop start menu you check
install desktop start menu you check check your preferences as you like it
check your preferences as you like it I'm just going to install this
I'm just going to install this and this should just finish here in just
and this should just finish here in just a second
okay then you'll be brought to this screen once everything's done it should
screen once everything's done it should take about a minute or two and we're
take about a minute or two and we're going to go ahead and hit finish
going to go ahead and hit finish and it's going to want a restart to take
and it's going to want a restart to take effect you can go ahead and restart your
effect you can go ahead and restart your system I'm going to say no right now
system I'm going to say no right now let's go ahead and install virtualbox if
let's go ahead and install virtualbox if you are a Mac User
you are a Mac User we'll hit next
we'll hit next here
here next and yes and install
next and yes and install except
except and again vary point and click with the
and again vary point and click with the installation
installation select install and any options that do
select install and any options that do pop up
pop up and then we can start Oracle VM if we
and then we can start Oracle VM if we want let's go ahead and just start that
want let's go ahead and just start that this is what Oracle VM looks like
this is what Oracle VM looks like and let's see if we can start the VMware
and let's see if we can start the VMware Player here even though we need to
Player here even though we need to restart
and this is what VMware Workstation player looks like so here you can see
player looks like so here you can see that we have virtual machines we can
that we have virtual machines we can create new virtual machines open ones
create new virtual machines open ones Etc we'll get into that in the next
Etc we'll get into that in the next video so again if you are using Windows
video so again if you are using Windows or Linux this is probably what your view
or Linux this is probably what your view is going to look like for the rest of
is going to look like for the rest of the time if you are using Oracle on a
the time if you are using Oracle on a Mac this is what your view is going to
Mac this is what your view is going to look like another site Pro tip here is
look like another site Pro tip here is that I am using workstation Pro and I
that I am using workstation Pro and I might utilize this in some instances
might utilize this in some instances throughout the course other instances
throughout the course other instances I'll be utilizing the workstation player
I'll be utilizing the workstation player they are not much of a difference
they are not much of a difference especially in the beginning when we get
especially in the beginning when we get into the active directory portion it
into the active directory portion it might actually be worth it for you all
might actually be worth it for you all to download the VMware Pro trial because
to download the VMware Pro trial because the trial is 30 days and you can utilize
the trial is 30 days and you can utilize that to get through some sections and
that to get through some sections and actually have nice little Windows here
actually have nice little Windows here to to be clean and just have a pro
to to be clean and just have a pro Edition you can do everything that I'm
Edition you can do everything that I'm going to show you in the course on the
going to show you in the course on the player it just is that you have to open
player it just is that you have to open if you want to run more than one machine
if you want to run more than one machine you you'll just have to reopen the
you you'll just have to reopen the VMware Workstation player several times
VMware Workstation player several times to run multiple machines but that's okay
to run multiple machines but that's okay it just won't look like this nice clean
it just won't look like this nice clean layout where you could transfer between
layout where you could transfer between machines like I can do just here
machines like I can do just here so with that being said let's go ahead
so with that being said let's go ahead and move on to the next video we're
and move on to the next video we're going to be installing Kali Linux onto
going to be installing Kali Linux onto our VMware Workstation player
now that we've installed VMware or virtualbox we need to install Linux
virtualbox we need to install Linux we're going to be using a version of
we're going to be using a version of Linux called Kali Linux throughout this
Linux called Kali Linux throughout this course
course this version of Linux is a Debian based
this version of Linux is a Debian based distribution which is geared towards
distribution which is geared towards ethical hacking and penetration testing
ethical hacking and penetration testing so it's a special version of Linux that
so it's a special version of Linux that allows us to have all the tools in one
allows us to have all the tools in one place that will allow us to hack without
place that will allow us to hack without having to download these tools and
having to download these tools and install them on our own custom Linux
install them on our own custom Linux distribution so it's all kind of nicely
distribution so it's all kind of nicely built into one package
built into one package so if you go out to Google and you type
so if you go out to Google and you type in Kali Linux download you should see
in Kali Linux download you should see this link I'll put the link in the
this link I'll put the link in the description below as well but you should
description below as well but you should just be able to go to get Cali right
just be able to go to get Cali right here
here and you're going to be presented with a
and you're going to be presented with a couple of options here we're going to be
couple of options here we're going to be using a virtual machine in this course
using a virtual machine in this course so we're just going to go ahead and
so we're just going to go ahead and click on this virtual machine option
click on this virtual machine option and that's going to take us down just a
and that's going to take us down just a little bit here what you're going to do
little bit here what you're going to do is you're going to download the
is you're going to download the respective version that you need so if
respective version that you need so if you need VMware you download VMware
you need VMware you download VMware you're using virtualbox go ahead and
you're using virtualbox go ahead and download the virtualbox one
download the virtualbox one now they have a direct download which is
now they have a direct download which is a 7-Zip and they also have a torrent if
a 7-Zip and they also have a torrent if you know how to torrent
you know how to torrent what you're going to do is go ahead and
what you're going to do is go ahead and download the file that you need and
download the file that you need and while you're doing that if you do choose
while you're doing that if you do choose to download directly you're also going
to download directly you're also going to need a tool called 7-Zip or a way to
to need a tool called 7-Zip or a way to unzip this file so go ahead and start
unzip this file so go ahead and start your download while it's downloading
your download while it's downloading let's also go ahead and navigate to
let's also go ahead and navigate to 7-Zip so if you go to Google and you
7-Zip so if you go to Google and you look at 7-Zip you'll see this page here
look at 7-Zip you'll see this page here comes up you just go to download in here
comes up you just go to download in here you're going to download the file that
you're going to download the file that is for your respective system so here
is for your respective system so here I'm using Windows on 64-bit I would
I'm using Windows on 64-bit I would download this executable right here now
download this executable right here now if you're running on Linux here's where
if you're running on Linux here's where you download Linux if you're running on
you download Linux if you're running on Mac OS here's where you download for Mac
Mac OS here's where you download for Mac OS very straightforward I've already got
OS very straightforward I've already got this installed but what you need to do
this installed but what you need to do is just download this and literally
is just download this and literally click next through it make sure you get
click next through it make sure you get it installed
it installed go ahead and pause the video once that
go ahead and pause the video once that is installed 7zip that is and once you
is installed 7zip that is and once you have the actual Cali image downloaded go
have the actual Cali image downloaded go ahead and unpause the video I'll be here
ahead and unpause the video I'll be here waiting for you
waiting for you okay so your next step should look
okay so your next step should look something like this
something like this you have your 7-Zip file open you should
you have your 7-Zip file open you should see a folder located in there and the
see a folder located in there and the easiest thing is to just drag and drop
easiest thing is to just drag and drop this you can also right click and
this you can also right click and extract if you know where you want to
extract if you know where you want to extract it I created a folder called
extract it I created a folder called Cali I'm just going to grab this and I'm
Cali I'm just going to grab this and I'm going to drag it over and it's going to
going to drag it over and it's going to take a minute here just a few seconds
take a minute here just a few seconds honestly to unzip the file size of this
honestly to unzip the file size of this one at least for the VMware version is
one at least for the VMware version is around 11 gigabytes or 11 gigabytes
around 11 gigabytes or 11 gigabytes exactly unzip so make sure you have the
exactly unzip so make sure you have the space on your hard drive in order to do
space on your hard drive in order to do this
this now once you have it unzipped you can go
now once you have it unzipped you can go ahead and just double click in here
ahead and just double click in here you'll see a bunch of files if you have
you'll see a bunch of files if you have VMware installed you can actually just
VMware installed you can actually just double click on this vmx file and that
double click on this vmx file and that should open things up for you I'm just
should open things up for you I'm just going to show you the other way around
going to show you the other way around doing this as well
doing this as well so with VMware Workstation player open
so with VMware Workstation player open what you're going to want to do is go to
what you're going to want to do is go to open a virtual machine
and in the folder that you have you should see this vmx file as well again
should see this vmx file as well again you could double click it or you could
you could double click it or you could just open it through this what's going
just open it through this what's going to happen is it's going to open that
to happen is it's going to open that file here and you're going to want to
file here and you're going to want to edit this virtual machine settings once
edit this virtual machine settings once you have it loaded click on edit virtual
you have it loaded click on edit virtual machine settings
machine settings and in here we're going to want to First
and in here we're going to want to First change the amount of ram that we have
change the amount of ram that we have now this is dependent on your system if
now this is dependent on your system if you have like eight gigs of RAM or maybe
you have like eight gigs of RAM or maybe even 16 gigs of RAM you might want to
even 16 gigs of RAM you might want to try leaving it at 2 at first I'm going
try leaving it at 2 at first I'm going to bump mine up to four gigs which is
to bump mine up to four gigs which is 40.96 and I have a 128 gigs of RAM so I
40.96 and I have a 128 gigs of RAM so I have more than enough space to allocate
have more than enough space to allocate for this but if you again if you're on
for this but if you again if you're on like eight gigs of RAM probably not the
like eight gigs of RAM probably not the best idea to Jack this up Beyond two
best idea to Jack this up Beyond two honestly I would try it at one maybe two
honestly I would try it at one maybe two see how it works the other thing you're
see how it works the other thing you're going to make sure of is that you're
going to make sure of is that you're running on Nat Network so if you click
running on Nat Network so if you click on network adapter make sure that it
on network adapter make sure that it says Nat and that's selected once that's
says Nat and that's selected once that's selected go ahead and hit OK
selected go ahead and hit OK and then you're just going to hit play
and then you're just going to hit play Virtual Machine
Virtual Machine when it asks you what to do just say I
when it asks you what to do just say I copied it
copied it now from here it's going to take a
now from here it's going to take a minute for this to load you can just let
minute for this to load you can just let this run through it'll boot on its own
this run through it'll boot on its own once you are presented with the login
once you are presented with the login screen go ahead and unpause the video
screen go ahead and unpause the video but until then pause and I'll meet you
but until then pause and I'll meet you back when you're at the login screen
okay I'm at the login screen I'm going to make this a little bit bigger just so
to make this a little bit bigger just so we can see
we can see and from here what I'm going to do is
and from here what I'm going to do is I'm just going to type in the username
I'm just going to type in the username of Cali k-a-l-i and the password of Cali
of Cali k-a-l-i and the password of Cali k-a-l-i
k-a-l-i hit enter
and if you see this screen congratulations you have successfully
congratulations you have successfully installed the Kali Linux and you now
installed the Kali Linux and you now have it up and running
have it up and running in later videos we're going to cover
in later videos we're going to cover what we're going to be doing and how to
what we're going to be doing and how to use this and how to use Linux and all
use this and how to use Linux and all this but for now pat yourself on the
this but for now pat yourself on the back you've got Linux installed and
back you've got Linux installed and we're going to pause here and move on to
we're going to pause here and move on to the next video
okay so this video pertains to some updates we need to make to virtualbox
updates we need to make to virtualbox for quality of life so if you're not
for quality of life so if you're not using virtualbox you can go ahead and
using virtualbox you can go ahead and skip this video if you are Buckle in we
skip this video if you are Buckle in we just need to do a couple of quick
just need to do a couple of quick updates and then we should be good for
updates and then we should be good for the rest of the course
the rest of the course so go ahead and go out to Google and
so go ahead and go out to Google and Google virtualbox extension pack what
Google virtualbox extension pack what it's going to bring up is just the
it's going to bring up is just the downloads page of virtualbox so we're
downloads page of virtualbox so we're going to want to go here
going to want to go here and on this page if you look kind of
and on this page if you look kind of towards the middle you'll see that there
towards the middle you'll see that there is a virtual box extension pack here
is a virtual box extension pack here we're going to just click all supported
we're going to just click all supported platforms and that will automatically
platforms and that will automatically download the file that we need
download the file that we need so once that is downloaded and pause if
so once that is downloaded and pause if you need to go ahead and open virtualbox
you need to go ahead and open virtualbox and you can come in here and up at the
and you can come in here and up at the top we're going to go ahead and click on
top we're going to go ahead and click on preferences
preferences and from here we are interested in
and from here we are interested in extensions see extensions right here go
extensions see extensions right here go ahead and click on that there's a little
ahead and click on that there's a little plus sign we're going to go ahead and
plus sign we're going to go ahead and click on that
click on that and then you should have your downloads
and then you should have your downloads right here so we're going to take the
right here so we're going to take the downloads and just go ahead and install
downloads and just go ahead and install that hit install
that hit install read this give away your firstborn
read this give away your firstborn accept all the terms and you should be
accept all the terms and you should be good very quick install okay
good very quick install okay the second thing we need to do is we
the second thing we need to do is we need to come to the one tab appear above
need to come to the one tab appear above which is Network
which is Network we're going to go ahead and hit the
we're going to go ahead and hit the network button or this add button and
network button or this add button and we're going to add what is called a Nat
we're going to add what is called a Nat Network
Network okay and we're going to come in here and
okay and we're going to come in here and we're going to double click
we're going to double click and you can go ahead and keep these
and you can go ahead and keep these defaults I'm going to actually change
defaults I'm going to actually change them to
192.168.57.0 because that's what's going to be used through the rest of the
to be used through the rest of the course and that is what the cider
course and that is what the cider notation of my Cali machine and my key
notation of my Cali machine and my key Optics which you'll see later Etc all
Optics which you'll see later Etc all fell into this 57.0 so we're going to go
fell into this 57.0 so we're going to go ahead and keep it on this Nat Network
ahead and keep it on this Nat Network make sure you support the hcp go ahead
make sure you support the hcp go ahead and just hit OK hit OK
and just hit OK hit OK and then for a machine and make sure any
and then for a machine and make sure any machine that you use again any machine
machine that you use again any machine that you use in this course make sure
that you use in this course make sure you set it to Nat network if you're
you set it to Nat network if you're using virtualbox so you can come in here
using virtualbox so you can come in here click on a machine like this mail
click on a machine like this mail machine I have here you can just click
machine I have here you can just click on that settings go to network and then
on that settings go to network and then you can go ahead and just go to Nat
you can go ahead and just go to Nat Network all right and that name right
Network all right and that name right here you see name that Network that's
here you see name that Network that's all we're going to use that'll
all we're going to use that'll automatically set it up so when you have
automatically set it up so when you have a Cali machine running later and you
a Cali machine running later and you have kiopteryx or another box running or
have kiopteryx or another box running or even when we build out an active
even when we build out an active directory lab you need to make sure that
directory lab you need to make sure that you're running that net Network so that
you're running that net Network so that all the machines are on the same subnet
all the machines are on the same subnet if you don't you might run into a
if you don't you might run into a situation where the same IP comes up for
situation where the same IP comes up for the same machine and then they're
the same machine and then they're conflicting with each other or you get
conflicting with each other or you get on different networks and some weird
on different networks and some weird stuff happens so make sure again that
stuff happens so make sure again that it's imperative that you're setting that
it's imperative that you're setting that net Network for every single machine
net Network for every single machine that you're setting up so with that said
that you're setting up so with that said we're going to go ahead and move on to
we're going to go ahead and move on to the next video in this section
the first thing I'd like to do before we get started with any commands or
get started with any commands or anything like that is just take a look
anything like that is just take a look around Kali Linux and kind of
around Kali Linux and kind of demonstrate why a pen tester or ethical
demonstrate why a pen tester or ethical hacker might use this distribution of 1x
hacker might use this distribution of 1x now throughout the course as stated in
now throughout the course as stated in the last video you might see a different
the last video you might see a different version of this pop up as I recorded
version of this pop up as I recorded videos on some of the older versions
videos on some of the older versions everything should still work just as is
everything should still work just as is you just might see a different look and
you just might see a different look and feel to some of the Cali interface but
feel to some of the Cali interface but all the commands I'm going to show you
all the commands I'm going to show you everything that we do is going to be the
everything that we do is going to be the same so let's take a look and just
same so let's take a look and just explore Kali Linux just for a bit so if
explore Kali Linux just for a bit so if we come up here into the corner and we
we come up here into the corner and we just click on the little Cali logo you
just click on the little Cali logo you can see that we have nice things broken
can see that we have nice things broken out for us so we've got these favorites
out for us so we've got these favorites up here which we have our terminal which
up here which we have our terminal which we're going to be living in essentially
we're going to be living in essentially we've got a text editor we've got a web
we've got a text editor we've got a web browser which is basically Firefox we've
browser which is basically Firefox we've got some other tool down here docs Etc
got some other tool down here docs Etc the other thing that we can come scroll
the other thing that we can come scroll through is we can see that we have
through is we can see that we have different applications in here if we
different applications in here if we look at the different sections these
look at the different sections these kind of go in order which we haven't
kind of go in order which we haven't covered quite yet but in the order of
covered quite yet but in the order of how a hack might go down so information
how a hack might go down so information gathering is usually the first step you
gathering is usually the first step you can come in here look through this and
can come in here look through this and here's a bunch of tools related to
here's a bunch of tools related to information gathering you can even click
information gathering you can even click into these and go deeper if you wanted
into these and go deeper if you wanted to related to specific things so DNS or
to related to specific things so DNS or SMB or open source intelligence
SMB or open source intelligence all of this that's in here this is just
all of this that's in here this is just built in tools so let's say we're coming
built in tools so let's say we're coming in here we want to do a wireless attack
in here we want to do a wireless attack well we go to wireless Stacks got a
well we go to wireless Stacks got a bunch of tools already built in so Kali
bunch of tools already built in so Kali Linux is just essentially a ethical
Linux is just essentially a ethical hacking distribution of Linux and it's
hacking distribution of Linux and it's built on Debian so if you've ever used
built on Debian so if you've ever used something like Ubuntu or anything along
something like Ubuntu or anything along those lines of a Debian distribution
those lines of a Debian distribution this is all going to feel really
this is all going to feel really familiar to you with just a bunch of
familiar to you with just a bunch of tools built in on top of it so fairly
tools built in on top of it so fairly straightforward they do have some nice
straightforward they do have some nice Tools in here you can come through and
Tools in here you can come through and utilize these a lot of this is already
utilize these a lot of this is already built in and we're going to take a look
built in and we're going to take a look at that as we go okay so the next thing
at that as we go okay so the next thing that we're going to do is and throughout
that we're going to do is and throughout the rest of this course is start looking
the rest of this course is start looking at the terminal so if you come up here
at the terminal so if you come up here you'll see that we have a terminal now
you'll see that we have a terminal now mostly everything that we do is going to
mostly everything that we do is going to be done in this terminal here now this
be done in this terminal here now this is almost like accessing the command
is almost like accessing the command line so if you're using a command line
line so if you're using a command line like in Windows for example if you've
like in Windows for example if you've ever used a command line if not that's
ever used a command line if not that's okay but we do a lot of this from this
okay but we do a lot of this from this interface as opposed to maybe utilizing
interface as opposed to maybe utilizing a GUI bass interface where if we clicked
a GUI bass interface where if we clicked a folder this might look more familiar
a folder this might look more familiar to you if you're a Windows or Mac User
to you if you're a Windows or Mac User you come in here you have this kind of
you come in here you have this kind of area yeah yeah we can do that and
area yeah yeah we can do that and sometimes we'll utilize this but a lot
sometimes we'll utilize this but a lot of times we're going to be living right
of times we're going to be living right here okay so as we move forward we're
here okay so as we move forward we're going to start talking about this
going to start talking about this command line how we can utilize it and
command line how we can utilize it and use it to our advantage and then we'll
use it to our advantage and then we'll do some tips and tricks and hopefully
do some tips and tricks and hopefully learn some pretty neat stuff as we go so
learn some pretty neat stuff as we go so in the next video I'm going going to
in the next video I'm going going to cover the sudo feature which I think is
cover the sudo feature which I think is important it's something that was
important it's something that was brought in now originally we had
brought in now originally we had something called a root permission and
something called a root permission and we'll talk about that that has changed
we'll talk about that that has changed since 2020.1 moving forward so we're
since 2020.1 moving forward so we're introducing that into this course and
introducing that into this course and we'll talk options that you have so
we'll talk options that you have so let's go ahead and move to the next
let's go ahead and move to the next video where we talk about the sudo
video where we talk about the sudo feature
all right so before we look at any commands or learn any command line we
commands or learn any command line we have to talk about sudo Sudo is very
have to talk about sudo Sudo is very important and what had happened
important and what had happened previously was that in the earlier
previously was that in the earlier versions of Kali Linux we ran as a user
versions of Kali Linux we ran as a user called root root is the ultimate user
called root root is the ultimate user you could think of it as the
you could think of it as the administrator of the machine now we're
administrator of the machine now we're running as a user called Cali so we
running as a user called Cali so we don't have root privileges directly this
don't have root privileges directly this is as an improved security feature
is as an improved security feature because we should be running only
because we should be running only certain commands when we need to as the
certain commands when we need to as the root user
root user so what we're going to see is we're
so what we're going to see is we're going to see how we can run commands as
going to see how we can run commands as an elevated privilege and we're going to
an elevated privilege and we're going to do that with sudo which stands for super
do that with sudo which stands for super user do they just kind of shortened it
user do they just kind of shortened it so we just have sudo now okay now with
so we just have sudo now okay now with sudo what we're doing is we're saying
sudo what we're doing is we're saying Hey I want to run a command elevated I
Hey I want to run a command elevated I want to run this as a higher user in
want to run this as a higher user in this instance we can say I want to run
this instance we can say I want to run the command as root why is that
the command as root why is that important well let's take a look at an
important well let's take a look at an example let's say that I wanted to look
example let's say that I wanted to look at a very sensitive file now one
at a very sensitive file now one sensitive file in our system is the Etsy
sensitive file in our system is the Etsy Shadow file you can see cat
Shadow file you can see cat Etsy like this Etsy Shadow and you don't
Etsy like this Etsy Shadow and you don't have to follow along right now you don't
have to follow along right now you don't have to really understand what's going
have to really understand what's going on if you've never seen Linux all I'm
on if you've never seen Linux all I'm doing is saying hey I want to print out
doing is saying hey I want to print out this file I want to look at it okay and
this file I want to look at it okay and for here I can't see it it says
for here I can't see it it says permission denied you don't have the
permission denied you don't have the access to see this file that's a good
access to see this file that's a good thing but if I was the root user or
thing but if I was the root user or somebody that had elevated privileges I
somebody that had elevated privileges I could see it so I could say sudo
could see it so I could say sudo cat
cat Etsy Shadow like this
Etsy Shadow like this okay and it's going to say what is your
okay and it's going to say what is your password for Cali I'm gonna go ahead and
password for Cali I'm gonna go ahead and say Cali k-a-l-i
say Cali k-a-l-i hit enter
hit enter and now I can see that I have access to
and now I can see that I have access to this file and this file is very
this file and this file is very sensitive we'll talk about this later on
sensitive we'll talk about this later on in the course but sensitive file okay so
in the course but sensitive file okay so when we're looking at it I ran that
when we're looking at it I ran that command specifically as the root user as
command specifically as the root user as the root user I'm able to see okay this
the root user I'm able to see okay this file now
file now why or what's going on here well we're
why or what's going on here well we're running that specific Command right and
running that specific Command right and we're still staying as Cali we're doing
we're still staying as Cali we're doing this in a kind of one-off scenario so
this in a kind of one-off scenario so there will be times where something that
there will be times where something that you run in this course might require
you run in this course might require sudo or you can run the command without
sudo or you can run the command without sudo but you notice something doesn't
sudo but you notice something doesn't work so best practice for this is saying
work so best practice for this is saying hey let's go ahead and just run mostly
hey let's go ahead and just run mostly everything that I'm showing you
everything that I'm showing you command-wise in this course that's not
command-wise in this course that's not best practice overall usually you should
best practice overall usually you should run things just as a regular user if you
run things just as a regular user if you get permissions blocked then run it as
get permissions blocked then run it as pseudo as necessary now the other thing
pseudo as necessary now the other thing to point out and we'll talk about this
to point out and we'll talk about this again in later on in the course but why
again in later on in the course but why can we do this is because this user is
can we do this is because this user is part of what's called a pseudors file
part of what's called a pseudors file meaning we can have this permission not
meaning we can have this permission not any user can come in here say we made a
any user can come in here say we made a new user and we just called the user
new user and we just called the user John we can't just take John and just go
John we can't just take John and just go ahead and then just run these commands
ahead and then just run these commands as root no John has to have the
as root no John has to have the permission to do this so you can think
permission to do this so you can think of Cali as being an administrator but
of Cali as being an administrator but only when we utilize that access or that
only when we utilize that access or that privilege okay the other thing I want to
privilege okay the other thing I want to show you though is that we can switch
show you though is that we can switch over to root if we want to we can come
over to root if we want to we can come in here and we can say sudo switch user
in here and we can say sudo switch user Dash just like that and then I'll put us
Dash just like that and then I'll put us into root now you can see okay we're
into root now you can see okay we're running root at Cali and that's only for
running root at Cali and that's only for this instance
this instance you can if you want I'm not going to
you can if you want I'm not going to demonstrate how to do this but you can
demonstrate how to do this but you can if you want change the root password log
if you want change the root password log out and log back in as root and run
out and log back in as root and run through this course as root again that's
through this course as root again that's not best security practice but that
not best security practice but that feature is available to you if you are a
feature is available to you if you are a Linux user that is comfortable with
Linux user that is comfortable with Linux comfortable with running as root
Linux comfortable with running as root and you want the easy path otherwise I
and you want the easy path otherwise I highly recommend just staying as Cali
highly recommend just staying as Cali running as pseudo privileges as you need
running as pseudo privileges as you need it and then moving forward but this is a
it and then moving forward but this is a quick way to switch into root if you
quick way to switch into root if you need to sometimes even running sudo
need to sometimes even running sudo causes some issues so switching to root
causes some issues so switching to root to run a command is Okay what we can do
to run a command is Okay what we can do here too is the demonstration is we can
here too is the demonstration is we can go file new tab and look at a new
go file new tab and look at a new instance and you'll see that this
instance and you'll see that this instance of root is only good for this
instance of root is only good for this tab here once we start a new tab we're
tab here once we start a new tab we're going to be brought back right back to
going to be brought back right back to Cali Cali you can see that from the Top
Cali Cali you can see that from the Top Line in the tab as well so just keep
Line in the tab as well so just keep note of this when you're running
note of this when you're running commands in this course if you see
commands in this course if you see something again try running it with sudo
something again try running it with sudo if it's not working or if it says access
if it's not working or if it says access denied then you know hey I need to run
denied then you know hey I need to run sudo very very very important okay I'm
sudo very very very important okay I'm trying to drive that in into your brains
trying to drive that in into your brains right now so from here we're going to
right now so from here we're going to move on we're going to start looking at
move on we're going to start looking at how to navigate around the file system
how to navigate around the file system taking a look at everything from a
taking a look at everything from a bigger picture and diving into terminal
bigger picture and diving into terminal so I will see you over in the next video
now we're going to take a look at the Linux terminal and if you're a user of a
Linux terminal and if you're a user of a regular computer like Windows or even
regular computer like Windows or even Mac OS you are probably used to using
Mac OS you are probably used to using what is called a GUI or a graphical user
what is called a GUI or a graphical user interface
interface and we can do this with our version of
and we can do this with our version of Linux we can come in here and if we want
Linux we can come in here and if we want to like go to folders We can absolutely
to like go to folders We can absolutely open this and go to folders we've got
open this and go to folders we've got the ability to go to Firefox we've got
the ability to go to Firefox we've got all of our Tools in here that we want to
all of our Tools in here that we want to use or look at and we have a graphical
use or look at and we have a graphical user interface
user interface however a lot of our time is going to be
however a lot of our time is going to be spent on the command line and using a
spent on the command line and using a terminal so it's very important that we
terminal so it's very important that we learn how to use a terminal in Linux
learn how to use a terminal in Linux so looking at our terminal here we can
so looking at our terminal here we can see a few things before we even get
see a few things before we even get started
started the first thing is that we have a Cali
the first thing is that we have a Cali at Cali
at Cali what does that mean well the first
what does that mean well the first instance here is Cali that is your user
instance here is Cali that is your user so remember when we first logged in we
so remember when we first logged in we logged in as Cali and that is our user
logged in as Cali and that is our user so if we ever switch over to root we'll
so if we ever switch over to root we'll see root here the second part of this is
see root here the second part of this is our hostname so our computer name
our hostname so our computer name happens to also be Cali if you change
happens to also be Cali if you change your host name you could say whatever
your host name you could say whatever you wanted to say here
you wanted to say here the last little part of this is this
the last little part of this is this attilda this is actually the directory
attilda this is actually the directory that you are currently in so this is a
that you are currently in so this is a quick way to say what user am I what
quick way to say what user am I what workstation am I on and what directory
workstation am I on and what directory am I in
am I in now we can take a look at what directory
now we can take a look at what directory we are in with the PWD command and that
we are in with the PWD command and that stands for print working directory and
stands for print working directory and in this instance you can see we are in
in this instance you can see we are in the home forward slash Cali folder and
the home forward slash Cali folder and that is the equivalent of being in the
that is the equivalent of being in the attilda so if you see the Attila that
attilda so if you see the Attila that just means you are in your users home
just means you are in your users home folder so if we were a root user we
folder so if we were a root user we would actually be in the forward slash
would actually be in the forward slash root folder as opposed to the home Cali
root folder as opposed to the home Cali folder so the attilda means something
folder so the attilda means something different for every user that you're on
different for every user that you're on the next thing we're going to look at is
the next thing we're going to look at is the change directory feature so imagine
the change directory feature so imagine that we are in our folder here so if we
that we are in our folder here so if we go to like I don't know our desktop
go to like I don't know our desktop and we're sitting in our Cali folder
and we're sitting in our Cali folder this is really what we're looking at so
this is really what we're looking at so we're looking at Cali right here and we
we're looking at Cali right here and we want to get out of this Cali folder and
want to get out of this Cali folder and change into another folder say like I
change into another folder say like I don't know downloads for example if we
don't know downloads for example if we go into downloads it's very easy to
go into downloads it's very easy to click into but how do we navigate around
click into but how do we navigate around on the terminal I'm going to show you
on the terminal I'm going to show you how to do that so the first thing we're
how to do that so the first thing we're going to do is use the CD command that
going to do is use the CD command that stands for change directory now if we do
stands for change directory now if we do change directory dot dot that says I
change directory dot dot that says I want to go backwards so if I do that
want to go backwards so if I do that now you can see that we are in the
now you can see that we are in the forward slash home folder but we can
forward slash home folder but we can also do a PWD print the working
also do a PWD print the working directory and you can see that we are in
directory and you can see that we are in the home folder
the home folder now can we go any further back well
now can we go any further back well let's try CD dot dot again
let's try CD dot dot again and now you can see we are at a forward
and now you can see we are at a forward slash if we do a PWD we are at a forward
slash if we do a PWD we are at a forward slash and one more time I'm going to CD
slash and one more time I'm going to CD dot dot and see if anything happens
dot dot and see if anything happens nothing happens here we cannot change
nothing happens here we cannot change any further we are in what is called our
any further we are in what is called our base directory so if you see a forward
base directory so if you see a forward slash think of that as the base folder
slash think of that as the base folder you cannot go any further back from that
you cannot go any further back from that now I'm going to clear my screen if you
now I'm going to clear my screen if you want to clear your screen you just hit
want to clear your screen you just hit Ctrl l
Ctrl l like that and that'll clear the screen
like that and that'll clear the screen and from here we are going to look at
and from here we are going to look at what is in our base folder and to do
what is in our base folder and to do that we can use a tool called list which
that we can use a tool called list which is LS
is LS so from here we can see different colors
so from here we can see different colors and different things and we can tell
and different things and we can tell based on the colors though these color
based on the colors though these color schemes are not the greatest in the
schemes are not the greatest in the newest Kali Linux we could still see
newest Kali Linux we could still see like hey this darker version of Blue is
like hey this darker version of Blue is actually a folder where some of these
actually a folder where some of these other things are actually files we don't
other things are actually files we don't have to worry too much about that right
have to worry too much about that right now but we just came out of the home
now but we just came out of the home folder so we can see here that we have a
folder so we can see here that we have a bunch of files and folders and let's say
bunch of files and folders and let's say we want to go back to the home folder
we want to go back to the home folder well we can see the home
well we can see the home and I'm going to start typing H and I'm
and I'm going to start typing H and I'm just going to hit Tab and because
just going to hit Tab and because there's nothing else in here with an H
there's nothing else in here with an H we don't have to worry too much it will
we don't have to worry too much it will just auto-complete to the home folder
just auto-complete to the home folder now for example if there's a bunch of
now for example if there's a bunch of L's I'm going to back up really quick
L's I'm going to back up really quick before I hit enter
before I hit enter if I wanted to try something that has
if I wanted to try something that has multiple items in here if I tried the L
multiple items in here if I tried the L and I hit tab you're going to see that
and I hit tab you're going to see that there's going to be a lot of options for
there's going to be a lot of options for me to go through and depending on what
me to go through and depending on what you have is when you can auto complete
you have is when you can auto complete so if I start typing l o it should know
so if I start typing l o it should know that there's only one Lo and I can Tab
that there's only one Lo and I can Tab and autocomplete the rest so you just
and autocomplete the rest so you just have to be able to get to a point where
have to be able to get to a point where you can Tab out or if you know the first
you can Tab out or if you know the first letter of the file that you're looking
letter of the file that you're looking for you can hit tab on that and you can
for you can hit tab on that and you can see okay here's where I need to be or
see okay here's where I need to be or here's what I can look at with
here's what I can look at with everything that starts with that letter
everything that starts with that letter I'm going to delete this and we're going
I'm going to delete this and we're going to CD back into home
to CD back into home we're going to LS to list the contents
we're going to LS to list the contents of home which is just our Cali folder so
of home which is just our Cali folder so I'm going to CD into Cali
and if I LS from here you can see that I have our desktop documents downloads
have our desktop documents downloads similar to what we saw in the graphical
similar to what we saw in the graphical user interface when we were in the
user interface when we were in the folder now we can see it from our
folder now we can see it from our terminal now before we go diving deeper
terminal now before we go diving deeper into these folders
into these folders something that I want to look at is what
something that I want to look at is what if I wanted to get to this Etsy folder
if I wanted to get to this Etsy folder over here so there's this Etsy folder
over here so there's this Etsy folder that was in our base
that was in our base now if I try to CD into Etsy from here
now if I try to CD into Etsy from here nothing's going to work I'm tabbing
nothing's going to work I'm tabbing nothing works if I try CD Etsy it's
nothing works if I try CD Etsy it's going to say I can't find it
going to say I can't find it so what does that mean well when we
so what does that mean well when we change directories we can only change
change directories we can only change directories from the folders that we
directories from the folders that we have available to us so I can only
have available to us so I can only change directories into these folders by
change directories into these folders by using that sort of nomenclature however
using that sort of nomenclature however if I can provide a full directory or a
if I can provide a full directory or a full path then I can CD from any folder
full path then I can CD from any folder that I'm in so if I go CD forward slash
that I'm in so if I go CD forward slash because remember we have the base here
because remember we have the base here well then I can say forward slash
well then I can say forward slash ET start typing that out and guess what
ET start typing that out and guess what I get Etsy here and if I wanted to dive
I get Etsy here and if I wanted to dive deeper into what folders are in there I
deeper into what folders are in there I could hit Tab and I could see all the
could hit Tab and I could see all the folders that are available in the Etsy
folders that are available in the Etsy folder to complete my task now if I hit
folder to complete my task now if I hit enter
enter I will be brought into the Etsy folder
I will be brought into the Etsy folder and similarly I can hit LS and see all
and similarly I can hit LS and see all the files and folders that are in here
the files and folders that are in here now let's just CD here and I'm going to
now let's just CD here and I'm going to use the attilda and that's going to get
use the attilda and that's going to get us back to our home folder
us back to our home folder I'm going to control L to clear screen
I'm going to control L to clear screen and then I'm going to LS again you're
and then I'm going to LS again you're going to see we're back where we just
going to see we're back where we just were
were now in this case what if I wanted to
now in this case what if I wanted to list the files of the Etsy folder well
list the files of the Etsy folder well it's the same thing I could do LS
it's the same thing I could do LS forward slash Etsy
forward slash Etsy and that will list all the files as if I
and that will list all the files as if I were sitting in that folder so just know
were sitting in that folder so just know that you can list folders and files you
that you can list folders and files you can change directories from being it
can change directories from being it within another directory it doesn't have
within another directory it doesn't have to be in that same up and down tree that
to be in that same up and down tree that I was showing you there's a lot more
I was showing you there's a lot more robustness to these commands same thing
robustness to these commands same thing if we LS in here we could take a look at
if we LS in here we could take a look at the folders and we don't have to change
the folders and we don't have to change the directory to see what's in these
the directory to see what's in these folders We can just LS desktop for
folders We can just LS desktop for example and start Auto tab completing
example and start Auto tab completing there's nothing in there I do have
there's nothing in there I do have something in the downloads folder just
something in the downloads folder just because I changed my picture I put our
because I changed my picture I put our TCM security logo in there so I have
TCM security logo in there so I have that in the downloads folder but it's
that in the downloads folder but it's completely normal not to have anything
completely normal not to have anything in your desktop or downloads when you
in your desktop or downloads when you first install Cali and again we can
first install Cali and again we can achieve the same thing by seeding into
achieve the same thing by seeding into downloads and then hitting LS
downloads and then hitting LS you have the same object here as you saw
you have the same object here as you saw before except we're just now in that
before except we're just now in that folder so you have to declare the folder
folder so you have to declare the folder or be within the folder to see the
or be within the folder to see the contents okay now let's go ahead and CD
contents okay now let's go ahead and CD back to the base folder you could CD dot
back to the base folder you could CD dot dot or just use the attilda I'm going to
dot or just use the attilda I'm going to clear my screen
clear my screen and from here we want to talk about
and from here we want to talk about making a directory so let's make a
making a directory so let's make a directory I'm going to make a directory
directory I'm going to make a directory called Heath you can just use your first
called Heath you can just use your first name if you want
name if you want and then when you LS in here
and then when you LS in here you can see now that the heath directory
you can see now that the heath directory is here
is here and I could see the end of that heat
and I could see the end of that heat directory I can LS in that directory and
directory I can LS in that directory and there's not going to be anything in
there's not going to be anything in there
there so I'm going to go ahead and backup one
so I'm going to go ahead and backup one and now I'm going to show you how to
and now I'm going to show you how to remove a directory or remove a folder so
remove a directory or remove a folder so you say rmdir
you say rmdir and you're going to go ahead and just
and you're going to go ahead and just say he
say he and that will remove that these commands
and that will remove that these commands work exactly the same as everything else
work exactly the same as everything else if I wanted to make a directory in the
if I wanted to make a directory in the base folder I could totally make dur
base folder I could totally make dur forward slash eat if I wanted to and I
forward slash eat if I wanted to and I could also remove that from here so
could also remove that from here so again it doesn't matter exactly where
again it doesn't matter exactly where you're at as long as you're using full
you're at as long as you're using full file path
file path okay so I've cleared my screen and now I
okay so I've cleared my screen and now I want to run LS
want to run LS and you see in LS that we just have a
and you see in LS that we just have a bunch of folders that's not entirely
bunch of folders that's not entirely true
true what we're going to do is we're going to
what we're going to do is we're going to do an ls-la
do an ls-la and I like to think of this as list all
and I like to think of this as list all but really it stands for long all
but really it stands for long all and if we hit enter you can see that
and if we hit enter you can see that there's a bunch of new files in here and
there's a bunch of new files in here and folders actually so from this we can see
folders actually so from this we can see that we have
that we have a like a bash history we've got uh dot
a like a bash history we've got uh dot Java folder anything with a DOT is
Java folder anything with a DOT is considered a hidden file we won't see
considered a hidden file we won't see that when we're using the ls command we
that when we're using the ls command we actually have to do a dash La command
actually have to do a dash La command and this is a great time to actually
and this is a great time to actually take a look at what these sub commands
take a look at what these sub commands are and how are some ways that we can
are and how are some ways that we can identify what these things mean so I'm
identify what these things mean so I'm going to show you a website first and I
going to show you a website first and I think this website is awesome we can go
think this website is awesome we can go to something like explain shell.com so
to something like explain shell.com so it is
it is explain shell you can see it
explain shell you can see it autocompleting up there but explain
autocompleting up there but explain shell.com
shell.com and if you came in here and you wanted
and if you came in here and you wanted to take a look let me make this a little
to take a look let me make this a little bit bigger if you wanted to take a look
bit bigger if you wanted to take a look at like ls-la you could say okay explain
at like ls-la you could say okay explain this to me
this to me and it'll tell you okay the first part
and it'll tell you okay the first part is LS that means list directory contents
is LS that means list directory contents remember I called it the list command
remember I called it the list command that's what it is now what does that La
that's what it is now what does that La do well the L you hover over it says use
do well the L you hover over it says use long listing format and the a says use
long listing format and the a says use all okay so do not ignore entries
all okay so do not ignore entries starting with a DOT which is what we're
starting with a DOT which is what we're looking for and the long listing just
looking for and the long listing just gives us more detail gives us these file
gives us more detail gives us these file permissions which we'll get into a
permissions which we'll get into a little bit later and who owns it and
little bit later and who owns it and what the file size is the directory
what the file size is the directory Etc et cetera we'll get down into that
Etc et cetera we'll get down into that in just a few videos
in just a few videos we can also use what are called Man
we can also use what are called Man pages I'm going to control L again if we
pages I'm going to control L again if we do man LS man stands for manual so man
do man LS man stands for manual so man LS we can see in here that LS means list
LS we can see in here that LS means list directory contents great Dash a stands
directory contents great Dash a stands for all do not ignore entry starting
for all do not ignore entry starting with the period same thing as we saw
with the period same thing as we saw before we could scroll down look for the
before we could scroll down look for the L portion of this and we'll see that we
L portion of this and we'll see that we have used a long listing format you can
have used a long listing format you can hit Q to quit this
hit Q to quit this so if you don't have internet access for
so if you don't have internet access for example you can use the Man pages I like
example you can use the Man pages I like using explain shell.com I think it's
using explain shell.com I think it's pretty awesome but man works very quick
pretty awesome but man works very quick and from the terminal you don't have to
and from the terminal you don't have to leave or do anything another thing that
leave or do anything another thing that you can do is LS dash dash help
you can do is LS dash dash help and that will give you similar to The
and that will give you similar to The Man pages though not as old detail I
Man pages though not as old detail I guess is the best way to say it and you
guess is the best way to say it and you come in here and you can see the same
come in here and you can see the same kind of switches and commands that were
kind of switches and commands that were in here so dash dash help works for a
in here so dash dash help works for a lot of commands it's one of those that
lot of commands it's one of those that you should know and you should try if
you should know and you should try if you have any questions about what you're
you have any questions about what you're trying to do it's a great resource so if
trying to do it's a great resource so if we LS la
we LS la we can CD into one of these hidden
we can CD into one of these hidden folders like we can CD into dot cache
folders like we can CD into dot cache for example
for example and we just LS that you can see that
and we just LS that you can see that there's actually stuff in the cache in
there's actually stuff in the cache in here so we're not going to get into this
here so we're not going to get into this I just want to show you that hidden
I just want to show you that hidden files and folders do exist so if you're
files and folders do exist so if you're looking for something especially pen
looking for something especially pen test related something might be hidden
test related something might be hidden if you're on a Linux machine you might
if you're on a Linux machine you might need to do ls-la to see a hidden file
need to do ls-la to see a hidden file and they're incredibly easy to see as
and they're incredibly easy to see as you can see for yourself let's go ahead
you can see for yourself let's go ahead and CD back to our home folder and from
and CD back to our home folder and from here I'm going to show you a couple of
here I'm going to show you a couple of things that we're going to explain later
things that we're going to explain later on but I just kind of want to get you
on but I just kind of want to get you familiar with it the first thing I want
familiar with it the first thing I want to show you is the echo command if we go
to show you is the echo command if we go Echo and we use a single apostrophe and
Echo and we use a single apostrophe and we say hi like this that's just going to
we say hi like this that's just going to Echo out to the screen we'll get into
Echo out to the screen we'll get into the echo command a little bit later on
the echo command a little bit later on in the course what we're doing here is
in the course what we're doing here is we're going to Echo this into a file so
we're going to Echo this into a file so I'm going to say hi and then I'm going
I'm going to say hi and then I'm going to put that file I'm going to use this
to put that file I'm going to use this greater than symbol and that's going to
greater than symbol and that's going to be a region Direction operator and I'm
be a region Direction operator and I'm going to say hey just go ahead and make
going to say hey just go ahead and make a file called test.txt
a file called test.txt and while you don't need to know this
and while you don't need to know this yet if I ran Cat on this on test.txt
yet if I ran Cat on this on test.txt you'll see that it prints back out High
you'll see that it prints back out High okay so I just want to have this file
okay so I just want to have this file here that we created and what we're
here that we created and what we're going to do is we're going to just
going to do is we're going to just quickly LS we're going to see that it's
quickly LS we're going to see that it's there you can see that there are color
there you can see that there are color differences for files and folders again
differences for files and folders again and the reason we're making this in this
and the reason we're making this in this video is I want to show you the copy
video is I want to show you the copy command so if we run copy on this we
command so if we run copy on this we could say copy test.txt what I want to
could say copy test.txt what I want to do is I want to copy this into the
do is I want to copy this into the downloads folder so I can just say copy
downloads folder so I can just say copy test.txt into downloads
test.txt into downloads if we LS we'll see that test.text is
if we LS we'll see that test.text is here we're making a copy if we LS
here we're making a copy if we LS downloads we can see that test.text is
downloads we can see that test.text is actually in there as well
actually in there as well so similar with the remove directory we
so similar with the remove directory we can use the RM command and what we're
can use the RM command and what we're going to do is remove that file and
going to do is remove that file and again we don't have to be in the
again we don't have to be in the directory to remove it we can call the
directory to remove it we can call the directory path and then test.text
directory path and then test.text if we hit LS on downloads again we can
if we hit LS on downloads again we can just go ahead and hit enter and you're
just go ahead and hit enter and you're going to see that there is no test.txt
going to see that there is no test.txt in there anymore but if we LS here
in there anymore but if we LS here you'll see that test.text does exist so
you'll see that test.text does exist so I'm going to go ahead and control l
I'm going to go ahead and control l the opposite of this is the move command
the opposite of this is the move command now if I move test.txt and I put that
now if I move test.txt and I put that into downloads
into downloads if I LS now
if I LS now you're going to see that there is no
you're going to see that there is no test.txt in here why is that well if we
test.txt in here why is that well if we LS downloads you're gonna see that we
LS downloads you're gonna see that we moved it so remember copy leaves an
moved it so remember copy leaves an original version wherever you copied
original version wherever you copied from move completely moves it so the CP
from move completely moves it so the CP and the MV commands are what you need to
and the MV commands are what you need to know there now while we're on this what
know there now while we're on this what we're going to do is we're going to look
we're going to do is we're going to look at a command called locate so locate's
at a command called locate so locate's pretty awesome if we did locate and say
pretty awesome if we did locate and say I wanted to find out where that
I wanted to find out where that test.text file is I could do locate
test.text file is I could do locate test.text and we're probably not going
test.text and we're probably not going to get anything back quite yet now if
to get anything back quite yet now if we're looking through this none of these
we're looking through this none of these files are where we're at so there are
files are where we're at so there are some test.text files on this machine but
some test.text files on this machine but we're not seeing the one that we created
we're not seeing the one that we created so say that we created a file we can't
so say that we created a file we can't remember where we put it and we just
remember where we put it and we just want to go search for it and find it
want to go search for it and find it what we can do is we can say update DB
what we can do is we can say update DB and you're going to see that we actually
and you're going to see that we actually get a denied why are we getting
get a denied why are we getting permission denied well this comes back
permission denied well this comes back to sudo so let's go ahead and sudo
to sudo so let's go ahead and sudo update
update DB
DB you're going to enter in your sudo
you're going to enter in your sudo password
password it's going to update the database and
it's going to update the database and now if we do locate test.txt and you can
now if we do locate test.txt and you can just when you see a screen like this by
just when you see a screen like this by the way where it's kind of semi-gray if
the way where it's kind of semi-gray if you just hit the right arrow that will
you just hit the right arrow that will go ahead and autocomplete because it
go ahead and autocomplete because it remembers your last command
remembers your last command you can hit that
you can hit that and you can now see that the first entry
and you can now see that the first entry in here is home Cali downloads test.text
in here is home Cali downloads test.text so now the database is updated and it
so now the database is updated and it finds it one other thing to mention I
finds it one other thing to mention I just talked about Auto completing with
just talked about Auto completing with the right arrow if you hit the up Arrow
the right arrow if you hit the up Arrow you can go through your previous
you can go through your previous commands you can see all the commands
commands you can see all the commands that I've been running through so we can
that I've been running through so we can also use the down arrow to scroll back
also use the down arrow to scroll back down through those commands so say I
down through those commands so say I wanted to run that locate test.txt
wanted to run that locate test.txt command again instead of typing it out I
command again instead of typing it out I just hit the up arrow and then I hit
just hit the up arrow and then I hit enter easy breezy okay so we're gonna go
enter easy breezy okay so we're gonna go ahead and remove downloads test.txt
ahead and remove downloads test.txt and now that file should be gone we can
and now that file should be gone we can LS one more time into downloads just to
LS one more time into downloads just to make sure and you can see that PCM
make sure and you can see that PCM security finals the only thing that's in
security finals the only thing that's in there
there one other thing to point out that I just
one other thing to point out that I just noticed actually is
noticed actually is these files are case sensitive and the
these files are case sensitive and the folders are case sensitive so if I try
folders are case sensitive so if I try to CD into downloads
to CD into downloads it's not going to work because downloads
it's not going to work because downloads doesn't exist so if I CD into downloads
doesn't exist so if I CD into downloads I could spell
I could spell then you can see that I actually get
then you can see that I actually get into the downloads folder so note that
into the downloads folder so note that it's case sensitive autocomplete if I go
it's case sensitive autocomplete if I go back we'll do a pretty decent job at
back we'll do a pretty decent job at trying on newer versions of Cali that is
trying on newer versions of Cali that is if I hit do for example and then I tab
if I hit do for example and then I tab it'll realize that I'm trying to get to
it'll realize that I'm trying to get to downloads so the last thing I'm going to
downloads so the last thing I'm going to show you is the password command and
show you is the password command and that is p-a-s-swd
that is p-a-s-swd we are going to be good security
we are going to be good security engineers and change our password we're
engineers and change our password we're going to make it a strong password
going to make it a strong password because we're good security engineers
because we're good security engineers I am going to be the bad security
I am going to be the bad security engineer and make my password password
engineer and make my password password and I'm doing that because later on the
and I'm doing that because later on the course will talk about cracking Linux
course will talk about cracking Linux passwords and we're going to use my bad
passwords and we're going to use my bad password as an example so here we're
password as an example so here we're going to type our current password Kali
going to type our current password Kali is a terrible password by the way and
is a terrible password by the way and we're going to go ahead and type in our
we're going to go ahead and type in our new password you can make your password
new password you can make your password whatever you want I'm making mine
whatever you want I'm making mine password and now we have updated
password and now we have updated successfully and we have finished all
successfully and we have finished all the commands that we need to know for
the commands that we need to know for this video I'll go ahead and see you in
this video I'll go ahead and see you in the next lesson
now we're going to talk about users and privileges
privileges so in the last video we learned about
so in the last video we learned about ls-la so I am in my home folder which is
ls-la so I am in my home folder which is the attilda here and all I'm going to do
the attilda here and all I'm going to do is just say ls-la
is just say ls-la I'm going to hit enter
I'm going to hit enter and we're going to see a bunch of stuff
and we're going to see a bunch of stuff over here on the left hand side we've
over here on the left hand side we've got this we've got the details kind of
got this we've got the details kind of of ownership we've got some file size in
of ownership we've got some file size in here and we'll talk about all of this
here and we'll talk about all of this but we do ls-la we're getting so much
but we do ls-la we're getting so much more information than whether or not a
more information than whether or not a file is hidden which is kind of the
file is hidden which is kind of the purpose we looked at it for last time
purpose we looked at it for last time but now we can take it and look at it
but now we can take it and look at it from a different scope or a lens we can
from a different scope or a lens we can see that we have this column here the
see that we have this column here the First Column now the First Column tells
First Column now the First Column tells us something interesting
us something interesting it first tells us whether or not we are
it first tells us whether or not we are looking at a file or a directory so if
looking at a file or a directory so if we see a d here we are seeing that this
we see a d here we are seeing that this is a directory note that these are also
is a directory note that these are also color coded right so we have blue for
color coded right so we have blue for directories it looks like and then white
directories it looks like and then white ear or files and then we also have links
ear or files and then we also have links which we're not going to get into much
which we're not going to get into much right now but a link looks like it's a
right now but a link looks like it's a lighter blue
lighter blue so we have the indicator here first it
so we have the indicator here first it says okay it's either a d or maybe a
says okay it's either a d or maybe a dash or an L there are other settings
dash or an L there are other settings that could be here but for now this is
that could be here but for now this is all we need to worry about the next set
all we need to worry about the next set of things that we're going to look at
of things that we're going to look at are these rwx's or our blank x what does
are these rwx's or our blank x what does that all mean well rwx means read write
that all mean well rwx means read write execute when we're missing one of those
execute when we're missing one of those like a dash here that just means we have
like a dash here that just means we have a read and execute and there are
a read and execute and there are actually three groups that we're looking
actually three groups that we're looking at here so we have the first group which
at here so we have the first group which is the owner of our file so this first
is the owner of our file so this first group says read write execute for the
group says read write execute for the owner of this file and if we look at the
owner of this file and if we look at the owner of the file we can actually see
owner of the file we can actually see that the owner is going to be Cali well
that the owner is going to be Cali well in this instance it's the directory but
in this instance it's the directory but here we're looking at Cali you can see
here we're looking at Cali you can see that one of these has root listed but in
that one of these has root listed but in this instance or since we're using the
this instance or since we're using the Cali user and we're in our home folder
Cali user and we're in our home folder we're looking at mostly Cali being the
we're looking at mostly Cali being the file owner for this
file owner for this the next one we're going to look at is
the next one we're going to look at is we're going to say okay group membership
we're going to say okay group membership so anybody that is a part of this group
so anybody that is a part of this group what do they get ownership to or what do
what do they get ownership to or what do they get to do with this directory or
they get to do with this directory or this file well anybody in this group can
this file well anybody in this group can read or execute but they cannot write to
read or execute but they cannot write to this directory or file and lastly we
this directory or file and lastly we have the third setting which is all
have the third setting which is all other users what can all other users do
other users what can all other users do all of the users can read and execute
all of the users can read and execute but they cannot write here and we don't
but they cannot write here and we don't have anything in here besides this link
have anything in here besides this link that is read write execute we don't have
that is read write execute we don't have a world read write execute in this
a world read write execute in this folder and that's okay
folder and that's okay this does come into play when we're
this does come into play when we're doing penetration testing however when
doing penetration testing however when we want to find some sort of file that
we want to find some sort of file that has read write access or read write
has read write access or read write execute access if we have full access
execute access if we have full access that is ideal especially if there are
that is ideal especially if there are some sensitive files that we're not
some sensitive files that we're not supposed to see or maybe were
supposed to see or maybe were misconfigured or if we need somewhere to
misconfigured or if we need somewhere to write to on the disk for example if I
write to on the disk for example if I clear the screen here and we do an ls-la
clear the screen here and we do an ls-la of the temp folder
we could see that temp actually has read write execute privileges throughout this
write execute privileges throughout this is a great place when we're doing pen
is a great place when we're doing pen testing and we're working on a Linux
testing and we're working on a Linux machine that if we need to come drop a
machine that if we need to come drop a file we know that this temp folder can
file we know that this temp folder can be written to we can write whatever file
be written to we can write whatever file we want and execute these files from
we want and execute these files from here without having to worry about too
here without having to worry about too many permissions so for attacking
many permissions so for attacking machines later on especially as we get
machines later on especially as we get on into the Practical ethical hacking
on into the Practical ethical hacking course you may see me go and use the
course you may see me go and use the temp folder to upload malware or write a
temp folder to upload malware or write a malicious file or something that I can
malicious file or something that I can do from a folder that is read write
do from a folder that is read write executable so let's clear the screen
executable so let's clear the screen again
again now another reason and importance for
now another reason and importance for the read write execute is that if we
the read write execute is that if we write a script we won't be able to
write a script we won't be able to execute that script until we have full
execute that script until we have full access to do so that's going to become
access to do so that's going to become more important as we download files and
more important as we download files and try to run them against machines but
try to run them against machines but even in this little section when we're
even in this little section when we're looking at the bash scripting we're
looking at the bash scripting we're going to need to be able to execute our
going to need to be able to execute our script and we're going to need to be
script and we're going to need to be able to change the permissions on that
able to change the permissions on that let's go ahead and do that here we're
let's go ahead and do that here we're going to create a little text file and
going to create a little text file and just look at the permissions and how
just look at the permissions and how things change
things change so similar to the last video we're going
so similar to the last video we're going to do an echo and we're just going to
to do an echo and we're just going to say hello
say hello and in this we are going to use our
and in this we are going to use our directional operator and we are going to
directional operator and we are going to just put this in a hello.txt file
just put this in a hello.txt file if we ls-la
we can see that hello.txt is in here but look at the permissions that are set
look at the permissions that are set we have read write permissions we don't
we have read write permissions we don't have any execute permissions if this was
have any execute permissions if this was a script or anything that we're trying
a script or anything that we're trying to run the machine will not let us run
to run the machine will not let us run it because we do not have to execute
it because we do not have to execute permissions
permissions same thing here everybody else can only
same thing here everybody else can only read this file they cannot write or
read this file they cannot write or execute this file so we can change the
execute this file so we can change the permissions on this and we can do that
permissions on this and we can do that with the chmod which stands for change
with the chmod which stands for change mode
mode so I'm going to go ahead and clear
so I'm going to go ahead and clear screen again and we can do a CH mod
screen again and we can do a CH mod and there's two different ways to do
and there's two different ways to do this the first way is to do something
this the first way is to do something like a plus sign and then give the
like a plus sign and then give the permissions that you want set for that
permissions that you want set for that file so we could do something like rwx
file so we could do something like rwx that is read write execute if you want
that is read write execute if you want to just read access or read write access
to just read access or read write access or just write access you would put the
or just write access you would put the appropriate lettering there and let's go
appropriate lettering there and let's go ahead and just give this a read write
ahead and just give this a read write execute and I'm going to say hello.txt
execute and I'm going to say hello.txt and hit enter
and hit enter and we're going to go ahead and ls-la
and we're going to go ahead and ls-la again
again and now you can see that the color of
and now you can see that the color of this has changed why it is fully read
this has changed why it is fully read write executable for us as the user
write executable for us as the user okay as the owner I should say
okay as the owner I should say so that's one way of doing it however
so that's one way of doing it however there is another way of doing this as
there is another way of doing this as well we can say chmod
well we can say chmod 777
777 hello.txt hit enter
hello.txt hit enter do an ls-la
do an ls-la and you'll see now that everything has
and you'll see now that everything has read write execute here well what
read write execute here well what changed what is this 777 and why is it
changed what is this 777 and why is it so important
so important okay for that we're going to jump over
okay for that we're going to jump over to PowerPoint for just a second
to PowerPoint for just a second okay so we have different numbers that
okay so we have different numbers that we can set for the CH mod and remember
we can set for the CH mod and remember we did 777 because we gave a seven to
we did 777 because we gave a seven to each group we had the first second and
each group we had the first second and third groups remember that well what
third groups remember that well what does 7 mean well 7 means read write
does 7 mean well 7 means read write execute so for a read permission we get
execute so for a read permission we get four points or a right we get 2 and for
four points or a right we get 2 and for execute we get one so as you can see
execute we get one so as you can see down here we have four plus two plus one
down here we have four plus two plus one that equals seven well if we had no
that equals seven well if we had no permissions that would be zero so we
permissions that would be zero so we could do something like a seven zero
could do something like a seven zero zero you might see something like read
zero you might see something like read only and then you would just give it
only and then you would just give it four four four across the board for
four four four across the board for example or I've seen something like an
example or I've seen something like an SSH pem file and those files require
SSH pem file and those files require specific permissions typically it is six
specific permissions typically it is six four four so that would say that the
four four so that would say that the owner has read write but no execute and
owner has read write but no execute and then the rest of everybody else has just
then the rest of everybody else has just read access to that file so that would
read access to that file so that would be a 644 permission so if you ever
be a 644 permission so if you ever wonder what the permissions mean you can
wonder what the permissions mean you can always refer back to a chart like this
always refer back to a chart like this or quickly Google what do the CH mod
or quickly Google what do the CH mod numbers mean just know if you want to
numbers mean just know if you want to give something full permissions you are
give something full permissions you are going to set 777 across the board and if
going to set 777 across the board and if we're doing hacking or doing penetration
we're doing hacking or doing penetration testing that's often what we're going to
testing that's often what we're going to use with the exception of pem files
use with the exception of pem files where they have to have more restricted
where they have to have more restricted permissions sometimes 644 sometimes
permissions sometimes 644 sometimes actually four zero zero is what I've
actually four zero zero is what I've seen as well from here let's go back to
seen as well from here let's go back to our Cali machine and I'm going to go
our Cali machine and I'm going to go ahead and control L to clear the screen
ahead and control L to clear the screen here we want to take a look at adding a
here we want to take a look at adding a user
user so we're going to do a pseudo
so we're going to do a pseudo add user
add user and you can give whatever username you
and you can give whatever username you want I'm going to just call this user
want I'm going to just call this user John
John it's going to ask for our sudo password
it's going to ask for our sudo password remember we changed our password so make
remember we changed our password so make sure you put in the right password and
sure you put in the right password and now it's going to say okay what password
now it's going to say okay what password do you want to use for John
do you want to use for John I'm going to go ahead and enter that and
I'm going to go ahead and enter that and I'm going to enter it again
and then you could just hit enter through all of this
through all of this and get back to the screen where it says
and get back to the screen where it says Cali at Cali from here we're going to go
Cali at Cali from here we're going to go ahead and switch user and go into John
ahead and switch user and go into John so just do s u John
so just do s u John I'm going to ask for John's password go
I'm going to ask for John's password go ahead and give that password
ahead and give that password and now you can see
and now you can see that we are John at Cali so what is
that we are John at Cali so what is special about John well we've made a new
special about John well we've made a new user and John has some permissions now
user and John has some permissions now if we wanted to cat out like the at the
if we wanted to cat out like the at the password file
password file we can and this is a very common file
we can and this is a very common file that you're going to look at as a pen
that you're going to look at as a pen tester if you come in here the Etsy
tester if you come in here the Etsy password file is important this is
password file is important this is something that we can see a lot of
something that we can see a lot of information about this machine now the
information about this machine now the Etsy password file is called the
Etsy password file is called the password file not because it has our
password file not because it has our password in it but because it used to
password in it but because it used to store our password in it in a very very
store our password in it in a very very long time ago now what is being done is
long time ago now what is being done is they put an X here for a placeholder and
they put an X here for a placeholder and that placeholder is then filled in with
that placeholder is then filled in with the shadow file we'll take a look at
the shadow file we'll take a look at that here in a second so we are using
that here in a second so we are using the cat command and you've seen me use
the cat command and you've seen me use this several times throughout the course
this several times throughout the course we are using that to basically print out
we are using that to basically print out a file so when we print out the file we
a file so when we print out the file we can read the file so from here we're
can read the file so from here we're reading the file and we're saying okay I
reading the file and we're saying okay I see root root is the zero user ID and
see root root is the zero user ID and that is important that's telling us they
that is important that's telling us they are the ultimate user on the machine
are the ultimate user on the machine they are user zero
they are user zero if we scroll way down to the bottom we
if we scroll way down to the bottom we should see some users that were created
should see some users that were created here for example we see Cali Cali's user
here for example we see Cali Cali's user 1000 pretty common we can also see that
1000 pretty common we can also see that John is in use here and John is user
John is in use here and John is user 1001 we could see what type of shell
1001 we could see what type of shell type they're using and what their home
type they're using and what their home folder is as well you could see the zsh
folder is as well you could see the zsh shell type compared to John's bin bash
shell type compared to John's bin bash so they are different shell types and
so they are different shell types and we'll get into those a little later on
we'll get into those a little later on but from here we can also see Roots here
but from here we can also see Roots here we could see the root shell type and we
we could see the root shell type and we can also see what kind of services are
can also see what kind of services are running on this machine so if you want
running on this machine so if you want to find the users I typically look at
to find the users I typically look at root and then I look and scroll all the
root and then I look and scroll all the way to the bottom to see what's been
way to the bottom to see what's been installed besides what's on this machine
installed besides what's on this machine so in here we can see some things like
so in here we can see some things like SSH which is important we know okay this
SSH which is important we know okay this has the capability of running SSH maybe
has the capability of running SSH maybe has an SSH service maybe it has a SQL
has an SSH service maybe it has a SQL service here with the MySQL openvpn so
service here with the MySQL openvpn so it's a little bit of information
it's a little bit of information gathering
gathering if we were to land on a machine for
if we were to land on a machine for example and we're a low-level user with
example and we're a low-level user with no privileges we could start to look at
no privileges we could start to look at who are the other users on the computer
who are the other users on the computer why are they important how can we get a
why are they important how can we get a hold of them where are their files
hold of them where are their files located what kind of services are
located what kind of services are running on this machine this is all part
running on this machine this is all part of the information gathering stage of
of the information gathering stage of ethical hacking and this file leads to a
ethical hacking and this file leads to a lot of clues for us
lot of clues for us now clearing the screen let's say I want
now clearing the screen let's say I want to view the shadow file the shadow file
to view the shadow file the shadow file is the file that contains the password
is the file that contains the password hashes for this machine
hashes for this machine I'm going to go ahead and try to type in
I'm going to go ahead and try to type in cat
remission denied okay maybe I need to use sudo
let's try it here enter our password oh John is not in the suitors file this
oh John is not in the suitors file this is also called the Sue doers file and
is also called the Sue doers file and you can also call sudo Sudo depends on
you can also call sudo Sudo depends on your nomenclature and how you pronounce
your nomenclature and how you pronounce it I'm a pseudo person so from here I'm
it I'm a pseudo person so from here I'm going to go ahead and control L we're
going to go ahead and control L we're going to switch user back into Cali and
going to switch user back into Cali and we're gonna take a look at some stuff so
we're gonna take a look at some stuff so if I go switch user
if I go switch user Cali it's going to ask me for the
Cali it's going to ask me for the password I'm gonna enter our password in
password I'm gonna enter our password in and first thing I want to show you the
and first thing I want to show you the shadow file before we move on to the
shadow file before we move on to the sudoers file so if we go pseudo cat
sudoers file so if we go pseudo cat let's see Shadow I think this is
let's see Shadow I think this is important to see
important to see you can come in here and remember how I
you can come in here and remember how I said with a hash that this is set here
said with a hash that this is set here so our root password has not been set
so our root password has not been set there's no hash in here and this is
there's no hash in here and this is security best practice we don't really
security best practice we don't really want to have a root password unless we
want to have a root password unless we absolutely need to in this instance we
absolutely need to in this instance we might just want to have certain users
might just want to have certain users that can Elevate into root and then if
that can Elevate into root and then if logging is enabled we can then see from
logging is enabled we can then see from our logs who access that root account at
our logs who access that root account at what time you really don't want to have
what time you really don't want to have a root password where anybody can just
a root password where anybody can just log in with a known password because
log in with a known password because then that eliminates some accountability
then that eliminates some accountability so best practice would say hey if we
so best practice would say hey if we have a Linux machine you get all regular
have a Linux machine you get all regular user accounts and then if you want to
user accounts and then if you want to run something as an elevated privilege
run something as an elevated privilege you're going to do that with your
you're going to do that with your account and then use sudo for that
account and then use sudo for that but looking down here we can see the
but looking down here we can see the hashes for this computer okay and what's
hashes for this computer okay and what's interesting actually is Cali and John
interesting actually is Cali and John have the same password but they have
have the same password but they have different hashes and that is sort of
different hashes and that is sort of unique if you saw this in a Windows
unique if you saw this in a Windows machine if the password was the same on
machine if the password was the same on the local machine you would see the
the local machine you would see the exact same hash and that is a clear
exact same hash and that is a clear indicator that password reuse is in play
indicator that password reuse is in play but here it's not so the hashing
but here it's not so the hashing algorithm that's being used is a little
algorithm that's being used is a little bit different and it's generating
bit different and it's generating different hashes even though the
different hashes even though the password is the same regardless the
password is the same regardless the password for both of these accounts is
password for both of these accounts is password and that's very weak and can
password and that's very weak and can easily be cracked as we'll find out
easily be cracked as we'll find out later on okay now on to the Sue doers
later on okay now on to the Sue doers file what we're going to do is we're
file what we're going to do is we're going to do a pseudo cat and we're going
going to do a pseudo cat and we're going to look at
to look at Etsy
Etsy sudoers just like that and I might have
sudoers just like that and I might have typed that a little fast so I'm going to
typed that a little fast so I'm going to go ahead and scroll back up for a second
go ahead and scroll back up for a second pseudo cat
pseudo cat Etsy sudoers
Etsy sudoers okay just like that it should Auto tab
okay just like that it should Auto tab complete and from there we're gonna go
complete and from there we're gonna go in here and we're going to look at who
in here and we're going to look at who has what privileges
has what privileges well if you see allow members of a group
well if you see allow members of a group pseudo to execute any command and you
pseudo to execute any command and you see percent pseudo so it's calling sudo
see percent pseudo so it's calling sudo from somewhere else sometimes we can
from somewhere else sometimes we can just include users in here we could say
just include users in here we could say hey the user Cali I want to do these
hey the user Cali I want to do these things instead this is saying hey
things instead this is saying hey anybody a part of this group I want to
anybody a part of this group I want to be able to do whatever they want they
be able to do whatever they want they can execute any commands like they were
can execute any commands like they were the root user essentially
the root user essentially so with that what we're going to do is
so with that what we're going to do is we're going to take a look at who is in
we're going to take a look at who is in that percent pseudo group and we can do
that percent pseudo group and we can do that by using the grep command
that by using the grep command so we can say grep and we're going to
so we can say grep and we're going to get really familiar with grep in The
get really familiar with grep in The Bash scripting video but basically think
Bash scripting video but basically think of grep as pulling out a specific string
of grep as pulling out a specific string or element out of a file or some
or element out of a file or some contents that you want to see it's a
contents that you want to see it's a great way to narrow down specifics and
great way to narrow down specifics and pull down only the information that you
pull down only the information that you want and we're going to get really
want and we're going to get really familiar with it here in a couple videos
familiar with it here in a couple videos so we're going to say grep and then
so we're going to say grep and then we're going to say sudo just like this
we're going to say sudo just like this and we're going to do that from Etsy
and we're going to do that from Etsy group
okay and it says who has a pseudo privilege here all we see is Cali so our
privilege here all we see is Cali so our user has pseudo privilege if we wanted
user has pseudo privilege if we wanted to give privileges to John we'd have to
to give privileges to John we'd have to add John to the pseudo group in the Etsy
add John to the pseudo group in the Etsy group or we could add John specifically
group or we could add John specifically to the sudoers file and give him
to the sudoers file and give him specific permissions as well and as we
specific permissions as well and as we move on in the course and we get into
move on in the course and we get into privilege escalation and if you ever go
privilege escalation and if you ever go into more of the privilege escalation
into more of the privilege escalation courses that we have you'll see that we
courses that we have you'll see that we look at pseudo-privileges immediately
look at pseudo-privileges immediately when we get onto a machine by doing
when we get onto a machine by doing something like sudo-l and we'll take a
something like sudo-l and we'll take a look at those and say okay what commands
look at those and say okay what commands can I run and in this instance we could
can I run and in this instance we could see okay all commands can be run here
see okay all commands can be run here but sometimes that's not the case
but sometimes that's not the case sometimes we can only run one specific
sometimes we can only run one specific command or maybe John for example we
command or maybe John for example we want John to be able to run python
want John to be able to run python because John's a developer so John can
because John's a developer so John can run python with pseudo privileges but
run python with pseudo privileges but cannot run anything else so something to
cannot run anything else so something to think about depending on the individual
think about depending on the individual and who we want to give permissions to
and who we want to give permissions to on that machine they might not have
on that machine they might not have privileges to access everything as sudo
privileges to access everything as sudo they can actually be limited in what
they can actually be limited in what they can run as well so that is it for
they can run as well so that is it for this video I'm going to go ahead and
this video I'm going to go ahead and catch you in the next one
now we're going to touch on networking commands that are relevant to
commands that are relevant to penetration testing and relevant to this
penetration testing and relevant to this course
course so the first thing that we're going to
so the first thing that we're going to do is we're going to use the IP Command
do is we're going to use the IP Command and that is IPA
and that is IPA IPA lists all is the way I like to think
IPA lists all is the way I like to think about it and you can see here that we
about it and you can see here that we have a loopback address and we have our
have a loopback address and we have our eth0 this is our ethernet address
eth0 this is our ethernet address and you can see that we have an IP
and you can see that we have an IP address here ipv4 of
address here ipv4 of 192.168.138140 we are on a slash 24
192.168.138140 we are on a slash 24 subnet and here is our broadcast address
subnet and here is our broadcast address here we can also see our IPv6 here which
here we can also see our IPv6 here which is nice and we can see our Mac address
is nice and we can see our Mac address here
here so we can also look at this through the
so we can also look at this through the i f config command
and that will show us the same things here's ethernet zero here is the
here's ethernet zero here is the loopback all the same information here
loopback all the same information here ifconfig is the old school way of doing
ifconfig is the old school way of doing it IPA is the newer way of doing it IPA
it IPA is the newer way of doing it IPA is nice and colorful if I'm being honest
is nice and colorful if I'm being honest I still use ifconfig because I like the
I still use ifconfig because I like the old school way of doing things but IPA
old school way of doing things but IPA is the new way of doing things and in
is the new way of doing things and in some instances I have config requires
some instances I have config requires sudo to even run or may no longer be on
sudo to even run or may no longer be on a machine but in some instances IP is
a machine but in some instances IP is not a machine depending on what type of
not a machine depending on what type of machine you're on and what you access
machine you're on and what you access you may need either one of these so it's
you may need either one of these so it's great to show you both
great to show you both now while the IPA does all
now while the IPA does all if only shows the ethernet connection so
if only shows the ethernet connection so the hardwired connections if we want to
the hardwired connections if we want to see wireless connections we need to do
see wireless connections we need to do IW config
IW config and in this instance you're going to see
and in this instance you're going to see down here that we have no wireless
down here that we have no wireless connections right now when we get into
connections right now when we get into Wireless hacking we'll see that we have
Wireless hacking we'll see that we have connections established and we'll use
connections established and we'll use the IW config command but just know for
the IW config command but just know for now that it's for wireless and if you
now that it's for wireless and if you ever need to use it that's what it's for
ever need to use it that's what it's for let's clear our screen and the next
let's clear our screen and the next thing I want to cover is the ipn and n
thing I want to cover is the ipn and n stands for neighbor the alternative to
stands for neighbor the alternative to this is the ARP Dash a
this is the ARP Dash a okay what is ARP if you do not know what
okay what is ARP if you do not know what ARP is that is the address resolution
ARP is that is the address resolution protocol this comes from your networking
protocol this comes from your networking if you are not familiar with networking
if you are not familiar with networking then you may need to go study up on a
then you may need to go study up on a little bit of this now ARP says what IP
little bit of this now ARP says what IP address is associated with what Mac
address is associated with what Mac address and what happens is a broadcast
address and what happens is a broadcast message goes out when we are trying to
message goes out when we are trying to identify an IP address and a MAC address
identify an IP address and a MAC address so broadcast goes out and it says who
so broadcast goes out and it says who has this IP address and whoever has the
has this IP address and whoever has the IP address will come back and it'll say
IP address will come back and it'll say hey that's me I have that IP address and
hey that's me I have that IP address and here is my Mac address so now you can
here is my Mac address so now you can associate my Mac address with this IP
associate my Mac address with this IP address
address and it is a way to identify these two
and it is a way to identify these two items together and link them up so again
items together and link them up so again in this instance we can use the IAP
in this instance we can use the IAP command or the old ARP command now the
command or the old ARP command now the IP Command is a little bit prettier and
IP Command is a little bit prettier and a little bit more colorful I think
a little bit more colorful I think easier to read in my opinion but either
easier to read in my opinion but either will work in this situation
will work in this situation another IP Command that we're going to
another IP Command that we're going to want to run and know is the IPR command
want to run and know is the IPR command now R stands for route you could also
now R stands for route you could also type in route
type in route and you'll get similar feedback here so
and you'll get similar feedback here so what we're looking at is what is called
what we're looking at is what is called a routing table we want to know where
a routing table we want to know where our traffic is routing and here you can
our traffic is routing and here you can see on either one of these that we're
see on either one of these that we're routing through
routing through 192.168.138.0 we have an open Gateway we
192.168.138.0 we have an open Gateway we can see the Gateway here is
can see the Gateway here is 138.2 we can see our mask here and we
138.2 we can see our mask here and we can find all that information out up
can find all that information out up here as well so it's important to know
here as well so it's important to know the routing and what's going on
the routing and what's going on especially if you are in a network or
especially if you are in a network or example where you might have multiple
example where you might have multiple routes say if we come in and we say oh
routes say if we come in and we say oh IPA okay we're on the
IPA okay we're on the 192.168.138 network but we just try to
192.168.138 network but we just try to connect to only the machines on this
connect to only the machines on this network we see a slash 24 we think okay
network we see a slash 24 we think okay well I know a slash 24 has 255 potential
well I know a slash 24 has 255 potential IEP addresses and I'm going to go ahead
IEP addresses and I'm going to go ahead and just stick to scanning that subnet
and just stick to scanning that subnet and looking for those IPS on that subnet
and looking for those IPS on that subnet well if you looked at the routing table
well if you looked at the routing table you might actually see that there's a
you might actually see that there's a 137 in here or 136 or maybe a 10 dot IP
137 in here or 136 or maybe a 10 dot IP address or something different than what
address or something different than what you have here maybe you have the ability
you have here maybe you have the ability to talk to other networks even though
to talk to other networks even though you're on this one slash 24 Network
you're on this one slash 24 Network very important to look at the routing
very important to look at the routing table it's also important because in
table it's also important because in real life pen tests we have been on a
real life pen tests we have been on a quote unquote segmented Network and in
quote unquote segmented Network and in reality it really wasn't a segmented
reality it really wasn't a segmented Network there just wasn't a route to
Network there just wasn't a route to that Network so they said that we were
that Network so they said that we were isolated and we couldn't access anything
isolated and we couldn't access anything and all we had to do was say okay we're
and all we had to do was say okay we're going to go add that Network to our
going to go add that Network to our routing table and what do you know we
routing table and what do you know we were able to scan and connect to the
were able to scan and connect to the network so being able to know your
network so being able to know your routing table being able to understand
routing table being able to understand what a route is and how to add routes
what a route is and how to add routes how to remove routes can become
how to remove routes can become important as well these are things that
important as well these are things that you should already know from General
you should already know from General networking I'm showing you the commands
networking I'm showing you the commands here for basic routing and how to
here for basic routing and how to display the routing tables
display the routing tables if you need further information on
if you need further information on routing tables you should go look that
routing tables you should go look that up and research that before continuing
up and research that before continuing on with the ethical hacking course okay
on with the ethical hacking course okay last command I want to get through that
last command I want to get through that is the Ping command so I'm going to do
is the Ping command so I'm going to do an ifconfig again and in this instance
an ifconfig again and in this instance I'm just going to Ping
I'm just going to Ping 192.168.138 and I believe earlier I saw
192.168.138 and I believe earlier I saw a DOT 2 was my Gateway so I'm going to
a DOT 2 was my Gateway so I'm going to go ahead and just hit enter that should
go ahead and just hit enter that should talk back to me and it does now if you
talk back to me and it does now if you are a Windows user and you've ever used
are a Windows user and you've ever used ping before it will only send four
ping before it will only send four packets out so it'll check four times
packets out so it'll check four times as you can see here we are getting more
as you can see here we are getting more than four packets sent we are sending
than four packets sent we are sending indefinitely and I'm going to go ahead
indefinitely and I'm going to go ahead and just hit Ctrl C and stop that we are
and just hit Ctrl C and stop that we are definitely seeing that we're getting
definitely seeing that we're getting responses back now there is a way to
responses back now there is a way to limit the amount that we send in the
limit the amount that we send in the amount of traffic that we're sending but
amount of traffic that we're sending but basically what we're doing with the Ping
basically what we're doing with the Ping command is we're saying hey are you
command is we're saying hey are you there are you alive can you respond to
there are you alive can you respond to me let me know you're there so I asked
me let me know you're there so I asked the machine at this IP address to
the machine at this IP address to respond and tell me yes I am here now
respond and tell me yes I am here now this is called
this is called icmp traffic not all machines permit
icmp traffic not all machines permit icmp traffic just because we ping a
icmp traffic just because we ping a machine and it does not respond does not
machine and it does not respond does not mean that it's not online okay there are
mean that it's not online okay there are machines that have icmp disabled and
machines that have icmp disabled and will not respond to Ping requests but
will not respond to Ping requests but ping is a quick way to see if a machine
ping is a quick way to see if a machine is online and typically by default ping
is online and typically by default ping or icmp is enabled on most machine means
or icmp is enabled on most machine means just as a further example we can ping a
just as a further example we can ping a machine that we do not believe to be
machine that we do not believe to be alive so I'm going to change this to a
alive so I'm going to change this to a three I don't think there's a three on
three I don't think there's a three on my network
my network and you're gonna see it's going to try
and you're gonna see it's going to try to send data and it's just going to get
to send data and it's just going to get stuck here and say host unreachable
stuck here and say host unreachable now again that could potentially mean
now again that could potentially mean that that host is not there or it could
that that host is not there or it could potentially mean that the host has icmp
potentially mean that the host has icmp disabled but we're going to be using
disabled but we're going to be using ping sweeping to identify host in our
ping sweeping to identify host in our Network and we'll do that here in just a
Network and we'll do that here in just a couple of videos but I wanted you to get
couple of videos but I wanted you to get familiar with the Ping command if you
familiar with the Ping command if you weren't familiar already
weren't familiar already now there are some commands in this
now there are some commands in this video that we did not talk about for
video that we did not talk about for example the netstat command now the
example the netstat command now the netsack command is used to identify what
netsack command is used to identify what open ports and services are there we'll
open ports and services are there we'll take a look at that more later on but
take a look at that more later on but just know that that command exists and
just know that that command exists and that we're going to do due diligence on
that we're going to do due diligence on a command later so any of you that are
a command later so any of you that are watching that have networking background
watching that have networking background or like hey you didn't show netstat
or like hey you didn't show netstat that's so important you're correct it's
that's so important you're correct it's coming later on in the course so that's
coming later on in the course so that's it for this video we're going to go
it for this video we're going to go ahead and move on to the next one
let's now talk about viewing creating and editing files and we've done a
and editing files and we've done a little bit of this in the course already
little bit of this in the course already you've seen me do something like Echo
you've seen me do something like Echo hello and remember that prints out to
hello and remember that prints out to the screen
the screen and we could just Echo that again like a
and we could just Echo that again like a hello and put that into a file and
hello and put that into a file and you've seen me do that we'll just call
you've seen me do that we'll just call this one hey.txt
this one hey.txt and if we LS we should see hey.txt right
and if we LS we should see hey.txt right here
here if we do a cat
if we do a cat a DOT txt we should print out to the
a DOT txt we should print out to the screen hello
screen hello all these should be pretty familiar to
all these should be pretty familiar to you
you so let's build upon this let's talk
so let's build upon this let's talk about how we can append to this and
about how we can append to this and overwrite these files in different ways
overwrite these files in different ways that we can actually create and edit
that we can actually create and edit files I'm going to clear the screen here
files I'm going to clear the screen here now what if I wanted to add to this file
now what if I wanted to add to this file and I'm just tapping up by the way what
and I'm just tapping up by the way what if I want to say hello again
if I want to say hello again so I want to say Echo hello again into
so I want to say Echo hello again into this hey.txt file that already exists
this hey.txt file that already exists what do we think is going to happen here
what do we think is going to happen here so I'm going to go ahead and hit enter
so I'm going to go ahead and hit enter and then I'm going to cut out the
and then I'm going to cut out the hey.txt
hey.txt well now it says hello again it used to
well now it says hello again it used to say hello well that is because when we
say hello well that is because when we use one greater than symbol like this
use one greater than symbol like this what's going to happen is that
what's going to happen is that overwrites the file
overwrites the file so if we tab up and if we go over and we
so if we tab up and if we go over and we just write hey again again just for fun
just write hey again again just for fun and let's add a second one of these so
and let's add a second one of these so now there should be two of these greater
now there should be two of these greater than symbols we hit enter we cat out
than symbols we hit enter we cat out a DOT dxt
a DOT dxt and now you can see it says hello again
and now you can see it says hello again and hello again again
and hello again again why do we care why are we doing this
why do we care why are we doing this well when we are using
well when we are using scripting for example and we want to
scripting for example and we want to Loop through a bunch of information and
Loop through a bunch of information and we want to add that information to a
we want to add that information to a file we might use something like this
file we might use something like this where if we're Gathering say i p
where if we're Gathering say i p addresses this is foreshadowing by the
addresses this is foreshadowing by the way if they were gathering IP addresses
way if they were gathering IP addresses and we are wanting to put them all in a
and we are wanting to put them all in a file we're going to need to use
file we're going to need to use something like a double greater than in
something like a double greater than in order to not overwrite the file with one
order to not overwrite the file with one IP address we want to list all the IP
IP address we want to list all the IP addresses in the file
addresses in the file so you're going to see that when we get
so you're going to see that when we get into the bash scripting of this section
into the bash scripting of this section let's clear our screen another way that
let's clear our screen another way that we can make a new file is just to say
we can make a new file is just to say touch
touch new file.txt
new file.txt and if we LS you can see that new
and if we LS you can see that new file.txt is here we can cat out new
file.txt is here we can cat out new file.txt
file.txt [Music]
[Music] and nothing is going to be in there
and nothing is going to be in there because we didn't tell it to do anything
because we didn't tell it to do anything we just said touch which creates a file
we just said touch which creates a file so we can use a different type of Editor
so we can use a different type of Editor to try and edit this and save the file
to try and edit this and save the file now there are a few editors that we can
now there are a few editors that we can use within our terminal so we can use
use within our terminal so we can use something called Nano which is my
something called Nano which is my personal favorite
personal favorite you may hear other people talk about VI
you may hear other people talk about VI in Vim you may hear lots of jokes about
in Vim you may hear lots of jokes about quitting them and how it's impossible to
quitting them and how it's impossible to quit them and for that reason honestly
quit them and for that reason honestly because of the complications and because
because of the complications and because I like Simplicity I just use Nano so we
I like Simplicity I just use Nano so we can Nano new file
can Nano new file and in here you can type whatever you
and in here you can type whatever you want I'm going to literally say I can
want I'm going to literally say I can type whatever I want in here
and now I'm going to hit Ctrl X and throughout this course you're going to
throughout this course you're going to actually see me
actually see me use Nano quite a bit and we're going to
use Nano quite a bit and we're going to use it for updating files and Shell Code
use it for updating files and Shell Code and it's beneficial if we log into a
and it's beneficial if we log into a machine remotely for example and we
machine remotely for example and we won't have the ability to have a
won't have the ability to have a graphical user interface type notepad
graphical user interface type notepad which I'm going to show you here in a
which I'm going to show you here in a second we might not have the luxury of
second we might not have the luxury of having something like that we might have
having something like that we might have to use Nano or Bim or in in terminal
to use Nano or Bim or in in terminal text editor so we're going to go ahead
text editor so we're going to go ahead and hit Ctrl X here I'm going to hit Y
and hit Ctrl X here I'm going to hit Y which is going to say yes I want to save
which is going to say yes I want to save this file and then I'm going to hit
this file and then I'm going to hit enter
enter and now if I cut out newfile.txt
and now if I cut out newfile.txt you can see it says I can type whatever
you can see it says I can type whatever I want in here
I want in here lastly we're going to look at a
lastly we're going to look at a graphical notepad so we're going to use
graphical notepad so we're going to use mouse pad we can type in mouse pad
mouse pad we can type in mouse pad and we can just say new file dot txt
and we can just say new file dot txt just like we created and hidden here you
just like we created and hidden here you can see that it says I can type whatever
can see that it says I can type whatever I want in here and that's true I can
I want in here and that's true I can also modify it's just like a notepad if
also modify it's just like a notepad if you had on Windows machine or if you've
you had on Windows machine or if you've used leafpad or any sort of notepad type
used leafpad or any sort of notepad type material this one's just called mouse
material this one's just called mouse pad so we can control s and save and
pad so we can control s and save and then just exit out if we cat out our new
then just exit out if we cat out our new file again you can see I can also modify
file again you can see I can also modify now throughout this course you might see
now throughout this course you might see me use a tool called G edit it is not
me use a tool called G edit it is not installed on this machine yet though we
installed on this machine yet though we are making updates to the course we will
are making updates to the course we will be using G edit anytime you see me use G
be using G edit anytime you see me use G edit feel free to use mouse pad instead
edit feel free to use mouse pad instead of G edit it's become deprecated
of G edit it's become deprecated offensive security got rid of it in Kali
offensive security got rid of it in Kali Linux and now if you go hit G edit it'll
Linux and now if you go hit G edit it'll say it's not found but you can install
say it's not found but you can install it we're not going to do that right now
it we're not going to do that right now but when we install Tools in a upcoming
but when we install Tools in a upcoming video you will be able to install that
video you will be able to install that with one of the tools that we're running
with one of the tools that we're running so anyway just note that we're going to
so anyway just note that we're going to be using mouse pad instead of G edit
be using mouse pad instead of G edit because it's the new and latest and
because it's the new and latest and greatest
greatest one last thing with Nano or any of these
one last thing with Nano or any of these tools
tools you can make a brand new file so you can
you can make a brand new file so you can say like brand new file.txt and then you
say like brand new file.txt and then you can type whatever in here and control X
can type whatever in here and control X hit Y hit enter and then you can cat out
hit Y hit enter and then you can cat out brand new file and guess what it's there
brand new file and guess what it's there so the file doesn't have to be existing
so the file doesn't have to be existing to use Nano or existing to use mouse pad
to use Nano or existing to use mouse pad you can create new files with these
you can create new files with these commands as well
commands as well so that is it for this video I'm gonna
so that is it for this video I'm gonna go ahead and catch you in the next one
another topic we need to talk about is starting and stopping services
starting and stopping services we may have a service like a web server
we may have a service like a web server or SSH or maybe SQL or some sort of
or SSH or maybe SQL or some sort of database that we need to start while
database that we need to start while we're already running Cali or we might
we're already running Cali or we might want to start a service on boot every
want to start a service on boot every single time that our computer loads if
single time that our computer loads if you've ever used Windows this is similar
you've ever used Windows this is similar to installing a program and then having
to installing a program and then having that boot up on launch it's kind of the
that boot up on launch it's kind of the same thing here if we're installing
same thing here if we're installing something we want that service to start
something we want that service to start on launch we have to tell our machine to
on launch we have to tell our machine to do that so we're going to look at how to
do that so we're going to look at how to start a service and how to have a
start a service and how to have a service start on launch so the first
service start on launch so the first service that we're going to look at is
service that we're going to look at is the Apache service and this is what I
the Apache service and this is what I used to use when I first started out as
used to use when I first started out as an ethical hacker and the reason is is
an ethical hacker and the reason is is that we can spin up our own web server
that we can spin up our own web server fairly easily and host malicious data or
fairly easily and host malicious data or files or things that we might want to
files or things that we might want to access or might want somebody else to
access or might want somebody else to access so before we run that command I
access so before we run that command I do want to do a proof of concept so
do want to do a proof of concept so let's do an ifconfig
let's do an ifconfig and we're going to grab our IP address
and we're going to grab our IP address here I'm going to copy this
here I'm going to copy this and then I want to open up Firefox
and then I want to open up Firefox from within Firefox I'm going to go
from within Firefox I'm going to go ahead and try to navigate to that IP
ahead and try to navigate to that IP address
address and you're going to see that it says
and you're going to see that it says it's unable to connect this is exactly
it's unable to connect this is exactly what we expected
what we expected so now what we're going to do is we're
so now what we're going to do is we're going to come in here and we're going to
going to come in here and we're going to say sudo service
say sudo service Apache to
Apache to start
start we hit enter it's going to ask for our
we hit enter it's going to ask for our sudo password
and then we have no confirmation of anything so let's go ahead and come in
anything so let's go ahead and come in back into the browser
back into the browser and we're going to refresh
and we're going to refresh and let's take away the https and now
and let's take away the https and now you can see that this is here on Port
you can see that this is here on Port 80. so we are actually on HTTP not https
80. so we are actually on HTTP not https and we have an Apache server running now
and we have an Apache server running now now let's say we wanted to stop this
now let's say we wanted to stop this service we could we can go in here and
service we could we can go in here and say sudo service Apache to stop and
say sudo service Apache to stop and before we do that I want to show you
before we do that I want to show you something so if we come back into the
something so if we come back into the Apache 2 I'm going to make this a little
Apache 2 I'm going to make this a little bit bigger
bit bigger you could see that our files are located
you could see that our files are located in the VAR
in the VAR www.html folder and what that is if we
www.html folder and what that is if we come to our home folder here
come to our home folder here and we just go to file system
and we just go to file system we scroll down and go to bar
we scroll down and go to bar and then we go to www
and then we go to www .html all I'm doing is going to the same
.html all I'm doing is going to the same location here
location here why I'm doing this is this is where if I
why I'm doing this is this is where if I wanted to host like a picture or a file
wanted to host like a picture or a file or malware I could put that in here this
or malware I could put that in here this index.html is the same index page that's
index.html is the same index page that's loaded here like if I open that that's
loaded here like if I open that that's literally the same page that's being
literally the same page that's being hosted you're seeing it here from a file
hosted you're seeing it here from a file format but now if I go back you can see
format but now if I go back you can see I'm hosting it at this IP address so if
I'm hosting it at this IP address so if I wanted to host something malicious I
I wanted to host something malicious I could do that now in order to stop the
could do that now in order to stop the service all we have to do is say stop
service all we have to do is say stop hit enter then we come back and we
hit enter then we come back and we refresh this page
refresh this page you can see that we're now again unable
you can see that we're now again unable to connect
to connect now I did mention the beginning of this
now I did mention the beginning of this video that this was my favorite way to
video that this was my favorite way to host malicious stuff or just host files
host malicious stuff or just host files for whatever purpose now that has
for whatever purpose now that has changed
changed I now use Python to do this so we can
I now use Python to do this so we can create a file let's go ahead and just
create a file let's go ahead and just say Echo hello and we're going to do
say Echo hello and we're going to do [Music]
[Music] hello.txt
hello.txt so if we LS we can see that we've got a
so if we LS we can see that we've got a bunch of stuff in here
bunch of stuff in here um hello.txt being one of them so what
um hello.txt being one of them so what I'm going to do is I'm going to spin up
I'm going to do is I'm going to spin up a web server on the fly with python so
a web server on the fly with python so I'm going to say python three
I'm going to say python three Dash m http.server
and then I'm going to give it port 80. now what we're saying is we want to run
now what we're saying is we want to run the module HTTP server and we're going
the module HTTP server and we're going to run Port 80 here you can put whatever
to run Port 80 here you can put whatever Port you want
Port you want and you can see now it says hey it's
and you can see now it says hey it's hosting up HTTP on Port 80 and what's
hosting up HTTP on Port 80 and what's going to happen is any file within the
going to happen is any file within the directory that I'm in is going to now be
directory that I'm in is going to now be hosted so you can see that I'm hosting
hosted so you can see that I'm hosting all this stuff here pretty awesome it's
all this stuff here pretty awesome it's a quick way to host up a web server
a quick way to host up a web server without having to start and stop
without having to start and stop services and you can on the fly from
services and you can on the fly from within a folder just start a web server
within a folder just start a web server so I think this is the cooler and better
so I think this is the cooler and better way to do it so I wanted to show you how
way to do it so I wanted to show you how to start a service but also that python
to start a service but also that python has some robust capabilities as well if
has some robust capabilities as well if you follow into the python section we'll
you follow into the python section we'll cover how to run an FTP server as well
cover how to run an FTP server as well which is also fun stuff so I'm going to
which is also fun stuff so I'm going to hit Ctrl C which is going to again shut
hit Ctrl C which is going to again shut down the server if I come here refresh
down the server if I come here refresh you'll see that it's now shut down
you'll see that it's now shut down and we can go ahead and talk about one
and we can go ahead and talk about one more thing before we go so let's say
more thing before we go so let's say that we wanted a service to start when
that we wanted a service to start when we started our machine well for that
we started our machine well for that we're going to use the system CTL
we're going to use the system CTL command system CTL
command system CTL and we can say enable if we wanted to
and we can say enable if we wanted to for example enable SSH we can come in
for example enable SSH we can come in here and just enable SSH and we just hit
here and just enable SSH and we just hit enter on this
enter on this and now you can see that it's enabled so
and now you can see that it's enabled so when we restart the computer SSH will
when we restart the computer SSH will always be enabled for us now I'm going
always be enabled for us now I'm going to disable that this isn't like security
to disable that this isn't like security best practice
and now you can see that we have disabled it and we're good to go so if
disabled it and we're good to go so if you ever have a service that you want to
you ever have a service that you want to run you just need to figure out the name
run you just need to figure out the name of the service and enable that and there
of the service and enable that and there may be times that you want things to run
may be times that you want things to run like historically I have ran SSH with it
like historically I have ran SSH with it enabled or I used to run the Apache 2
enabled or I used to run the Apache 2 server so I didn't have to spin it up
server so I didn't have to spin it up every time I just had a place to go
every time I just had a place to go immediately host that but your mileage
immediately host that but your mileage may vary depending on what it is you
may vary depending on what it is you want to run but knowing these commands
want to run but knowing these commands is important in case you need to start
is important in case you need to start or stop a service maybe restart a
or stop a service maybe restart a service same thing with enabling a
service same thing with enabling a service at boot up or disabling a
service at boot up or disabling a service at boot up so that's it for this
service at boot up so that's it for this video I'll go ahead and see you over in
video I'll go ahead and see you over in the next one
now let's talk about installing and updating tools
updating tools so the first thing that we're going to
so the first thing that we're going to do for Mark command line is we're going
do for Mark command line is we're going to look at how we would update our
to look at how we would update our current machine so just like other
current machine so just like other operating systems Linux machines require
operating systems Linux machines require updates as well and patching can be best
updates as well and patching can be best practice
practice so in order to update and upgrade our
so in order to update and upgrade our machine we're going to use the sudo
machine we're going to use the sudo command
command and we're going to say apt apt
and we're going to say apt apt and then we're going to say update and
and then we're going to say update and upgrade just like that so make sure you
upgrade just like that so make sure you use two Ampersand symbols here we're
use two Ampersand symbols here we're going to do two commands we're going to
going to do two commands we're going to say first I want you to update second I
say first I want you to update second I want you to upgrade
want you to upgrade well why are we doing this why are we
well why are we doing this why are we running two commands in the first place
running two commands in the first place well what we do when we actually install
well what we do when we actually install items on our Cali machine we are going
items on our Cali machine we are going out to what are called repositories and
out to what are called repositories and we're looking through packages and the
we're looking through packages and the update command is going out to the known
update command is going out to the known repositories and it is updating those
repositories and it is updating those repositories and then it's going to look
repositories and then it's going to look at those repositories and say okay what
at those repositories and say okay what needs upgraded here so what tools have
needs upgraded here so what tools have upgrades or updates available for them
upgrades or updates available for them that we need so if we run this command
that we need so if we run this command you're going to see that it's going to
you're going to see that it's going to go through these repositories you can
go through these repositories you can see it going through these Cali rolling
see it going through these Cali rolling and release AMD 64 packages and contents
and release AMD 64 packages and contents etc etc it'll take some time as it goes
etc etc it'll take some time as it goes through and it updates these
through and it updates these repositories it's going to find what
repositories it's going to find what programs we need and it'll provide it in
programs we need and it'll provide it in a list now what you can see is it's
a list now what you can see is it's asking us are you rude so this is a
asking us are you rude so this is a lesson here sometimes we have to be the
lesson here sometimes we have to be the root user we can't be just a pseudo user
root user we can't be just a pseudo user to run the command so what we're going
to run the command so what we're going to do in this instance is we're going to
to do in this instance is we're going to sudo switch user into root now we're
sudo switch user into root now we're root and we're going to run that command
root and we're going to run that command again we're going to say apt update
again we're going to say apt update and apt upgrade
okay and it's going to run through this and then it should provide us with a
and then it should provide us with a list of what we're going to install
list of what we're going to install which if we scroll back up to the top
which if we scroll back up to the top you can see that it says hey these
you can see that it says hey these packages were automatically installed
packages were automatically installed and no longer required and it says we
and no longer required and it says we can use the APT Auto remove command to
can use the APT Auto remove command to do that it's saying here are the brand
do that it's saying here are the brand new packages that need to be installed
new packages that need to be installed and then here are the packages that are
and then here are the packages that are going to be upgraded so these are
going to be upgraded so these are already installed such as like Apache 2
already installed such as like Apache 2 has some updates that are required and
has some updates that are required and it's going to go through and install all
it's going to go through and install all these now when you scroll down to the
these now when you scroll down to the bottom it's going to say you need 801
bottom it's going to say you need 801 megabytes and yours might be different
megabytes and yours might be different depending on when you watch this video
depending on when you watch this video it's going to say do you want to
it's going to say do you want to continue this operation
continue this operation in this instance I'm going to say no
in this instance I'm going to say no and the reason that I'm going to say no
and the reason that I'm going to say no is because updating on Kali Linux can
is because updating on Kali Linux can break things you should always have
break things you should always have almost two copies of your Linux right
almost two copies of your Linux right you should take a backup copy before you
you should take a backup copy before you ever make an update and there are some
ever make an update and there are some limitations on being able to make
limitations on being able to make backups depending on if you're using
backups depending on if you're using VMware or virtualbox and we're not going
VMware or virtualbox and we're not going to get into that right now but just know
to get into that right now but just know that tools can easily get broken by
that tools can easily get broken by pushing updates and we'll talk about a
pushing updates and we'll talk about a tool that you can use that is up to date
tool that you can use that is up to date and kind of makes your Cali the latest
and kind of makes your Cali the latest and greatest without breaking anything
and greatest without breaking anything even the current version of Cali right
even the current version of Cali right now 2022.2 not all the tools work out of
now 2022.2 not all the tools work out of the box as the way they should
the box as the way they should we'll talk about that in just a little
we'll talk about that in just a little bit so let's say that you wanted to
bit so let's say that you wanted to install a tool we're just going to go
install a tool we're just going to go grab one as an example so let's say that
grab one as an example so let's say that there was a tool you wanted to install
there was a tool you wanted to install like this cron Damon common I'm just
like this cron Damon common I'm just going to copy that
going to copy that you could come in here and you could say
you could come in here and you could say apt install Ron Damon common like this
apt install Ron Damon common like this hit enter and it's going to say oh you
hit enter and it's going to say oh you want to install this just hit yes and it
want to install this just hit yes and it will install and it will also upgrade
will install and it will also upgrade this cron package here I'm not going to
this cron package here I'm not going to do that but just know that you can also
do that but just know that you can also install applications as a one-time thing
install applications as a one-time thing if they're a part of the repository that
if they're a part of the repository that you have we're not going to get into
you have we're not going to get into updating repositories and adding manual
updating repositories and adding manual repositories we don't need to know that
repositories we don't need to know that at this point in our Linux careers we
at this point in our Linux careers we just need to understand that we're going
just need to understand that we're going out to repository and we can download
out to repository and we can download those items or packages based on what is
those items or packages based on what is in the repository so updating the
in the repository so updating the repository is always good and then we
repository is always good and then we checked for upgrades available to our
checked for upgrades available to our packages
packages in this instance we're not going to do
in this instance we're not going to do any updating or upgrading but there may
any updating or upgrading but there may be a time where we need to install a
be a time where we need to install a specific tool we go out to the web and
specific tool we go out to the web and we have to grab a tool and it says Hey
we have to grab a tool and it says Hey run this app install command this is
run this app install command this is what it's going to be doing this is how
what it's going to be doing this is how we would install something if we need to
we would install something if we need to now the next thing that we're going to
now the next thing that we're going to look at is we're going to look at the
look at is we're going to look at the get command
get command and git is a tool that runs with GitHub
and git is a tool that runs with GitHub I'm going to open up a new Firefox and
I'm going to open up a new Firefox and I'm going to make this a little bit
I'm going to make this a little bit bigger we're going to go to GitHub
bigger we're going to go to GitHub actually let's just go to Google we're
actually let's just go to Google we're going to go to Google
going to go to Google and a lot of times in our ethical
and a lot of times in our ethical hacking careers we're going to be
hacking careers we're going to be searching for tools we're going to come
searching for tools we're going to come out here and we're going to say oh I
out here and we're going to say oh I really want to find a tool maybe that
really want to find a tool maybe that does brute force Office 365 and then I
does brute force Office 365 and then I might say something like GitHub and you
might say something like GitHub and you can see it's already starting to
can see it's already starting to fill out and we might go find something
fill out and we might go find something like okay there's this Daft hack tool we
like okay there's this Daft hack tool we might click on that and we come in here
might click on that and we come in here and it might tell you how to install
and it might tell you how to install this well this is Powershell so that's
this well this is Powershell so that's not a great example uh we might come
not a great example uh we might come into here we might say okay here's one
into here we might say okay here's one how to install so you go through and
how to install so you go through and it'll say here's the usage on how to use
it'll say here's the usage on how to use this and sometimes we'll give you
this and sometimes we'll give you installation instructions but a lot of
installation instructions but a lot of times all you will need to do is you'll
times all you will need to do is you'll need to come in here and just download
need to come in here and just download the code to install the file so I'm
the code to install the file so I'm going to show you a tool that we're
going to show you a tool that we're going to install and run we go to Google
going to install and run we go to Google and we search for hemp my Cali
and we search for hemp my Cali just like that you're going to see that
just like that you're going to see that we can click in here and this tool is
we can click in here and this tool is available to us to download now
available to us to download now one way to look at a tool and see if it
one way to look at a tool and see if it has any relevancy on GitHub is to look
has any relevancy on GitHub is to look up at the number of stars that it has in
up at the number of stars that it has in the forks that it has
the forks that it has anything with like 700 stars like this
anything with like 700 stars like this is pretty reputable and you also should
is pretty reputable and you also should look at when it was last updated you can
look at when it was last updated you can see that this was last updated last
see that this was last updated last month now full disclosure DeWalt
month now full disclosure DeWalt actually works for TCM security and is a
actually works for TCM security and is a fantastic person if you never got to
fantastic person if you never got to interact with DeWalt he is somebody that
interact with DeWalt he is somebody that is awesome and a great resource he built
is awesome and a great resource he built this out because there were so many
this out because there were so many issues with Kali Linux and the tools
issues with Kali Linux and the tools that were coming freshly installed like
that were coming freshly installed like in 2022.2 don't always work in the way
in 2022.2 don't always work in the way that we intend them to work so a lot of
that we intend them to work so a lot of tools are broken some things need
tools are broken some things need downgraded and there's a lot of options
downgraded and there's a lot of options in here that can tell you hey here's
in here that can tell you hey here's what we can fix like we can fix
what we can fix like we can fix different missing issues that are going
different missing issues that are going on or we can fix go laying or fix impack
on or we can fix go laying or fix impack it and you don't have to worry about
it and you don't have to worry about what any of that means right now until
what any of that means right now until we get into pen testing but this is
we get into pen testing but this is something that we actually do install
something that we actually do install and run when we build out our lab
and run when we build out our lab machines or we build out our machines
machines or we build out our machines for even hacking on clients this is such
for even hacking on clients this is such a well done tool and he tells you in
a well done tool and he tells you in here how to install it he says hey get
here how to install it he says hey get clone right here off of this address we
clone right here off of this address we can also come up here we can go to the
can also come up here we can go to the code and we can just copy we say copy my
code and we can just copy we say copy my Cali right here and then we'll come in
Cali right here and then we'll come in and we can just say get clone
and we can just say get clone actually let's switch user I'm sorry
actually let's switch user I'm sorry let's sudo or let's switch user back to
let's sudo or let's switch user back to Cali
Cali and we'll enter here and then what I
and we'll enter here and then what I like to do when I install tools is I
like to do when I install tools is I like to install them into the op folder
like to install them into the op folder the opt folder so from here we're going
the opt folder so from here we're going to run get clone
to run get clone paste that
actually we're going to run sudo get clone I apologize
clone I apologize and then enter your password
and now if we look in here we should have Pimp My Cali which we do so if we
have Pimp My Cali which we do so if we CD to Pimp My Cali
CD to Pimp My Cali and now we LS we can see that we have
and now we LS we can see that we have the pimp mycali.sh script if you come
the pimp mycali.sh script if you come back into the website it will tell you
back into the website it will tell you how to run and operate this any decent
how to run and operate this any decent GitHub will say hey here's how you run
GitHub will say hey here's how you run this script so it says hey just run sudo
this script so it says hey just run sudo hit my Cali this is for a new Cali VM
hit my Cali this is for a new Cali VM you just need to run menu option n we're
you just need to run menu option n we're going to copy this and paste it
going to copy this and paste it and then we're gonna run it
and then we're gonna run it so now this tells you what do you want
so now this tells you what do you want to do well here's all the different
to do well here's all the different options N is a new VM setup run this
options N is a new VM setup run this option as your first time running Pimp
option as your first time running Pimp My Cali okay so that's going to fix all
My Cali okay so that's going to fix all the things for you I'm going to go ahead
the things for you I'm going to go ahead and hit n and let this run it's going to
and hit n and let this run it's going to go out and fetch some stuff from
go out and fetch some stuff from repositories and it's running apt update
repositories and it's running apt update and now it's going to install certain
and now it's going to install certain tools and packages and uninstall certain
tools and packages and uninstall certain tools and packages as you can see it's
tools and packages as you can see it's rolling through here so go ahead and let
rolling through here so go ahead and let this run I'm going to pause the video
this run I'm going to pause the video here for a second and then meet me back
here for a second and then meet me back when you're at the next screen where you
when you're at the next screen where you can actually enter in any sort of
can actually enter in any sort of command
command okay so it's been about five minutes and
okay so it's been about five minutes and we get to this page here and you can see
we get to this page here and you can see that it's asking us if we want to run
that it's asking us if we want to run root login installation it explains that
root login installation it explains that in Cali 2019 point x the default user
in Cali 2019 point x the default user used to be root which we talked about
used to be root which we talked about early on in this course and now that
early on in this course and now that they've switched it to Cali which is
they've switched it to Cali which is what we've been using now do we want to
what we've been using now do we want to re-enable the ability to log in as root
re-enable the ability to log in as root in Cali in this instance I'm going to
in Cali in this instance I'm going to choose yes however
choose yes however you need to make sure that you are
you need to make sure that you are comfortable and capable of running as
comfortable and capable of running as root
root in Linux if you do not feel comfortable
in Linux if you do not feel comfortable stick with running as Cali you're going
stick with running as Cali you're going to see me throughout the course as we
to see me throughout the course as we get into the ethical hacking section
get into the ethical hacking section running as root just know that there may
running as root just know that there may be times where you might need to use
be times where you might need to use sudo or you may need to switch user into
sudo or you may need to switch user into root as you saw me do with upgrading
root as you saw me do with upgrading packages just a few minutes ago that may
packages just a few minutes ago that may be required so if you're understanding
be required so if you're understanding of that you can hit no on this screen
of that you can hit no on this screen and that's perfectly okay security best
and that's perfectly okay security best practice to just to hit no I'm going to
practice to just to hit no I'm going to hit yes because I feel comfortable
hit yes because I feel comfortable running as root I'm the only user on
running as root I'm the only user on this machine and I don't have any
this machine and I don't have any accountability or repudiation to worry
accountability or repudiation to worry about so I'm going to give a new
about so I'm going to give a new password for this
and I'm going to enter it again and now it's going to ask if we want to
and now it's going to ask if we want to copy everything over from our Cali
copy everything over from our Cali folder into our root folder I'm going to
folder into our root folder I'm going to say no
and now it's going to continue on installing so we're going to let this
installing so we're going to let this run again go ahead and pause the video
run again go ahead and pause the video if you need to and then we'll meet you
if you need to and then we'll meet you back when this is all said and done
back when this is all said and done okay and when everything is said and
okay and when everything is said and done which it took about 10 minutes to
done which it took about 10 minutes to get through all that you should get to
get through all that you should get to this all done happy hacking screen right
this all done happy hacking screen right here and everything should be installed
here and everything should be installed for you if you chose to go the root
for you if you chose to go the root route that's a weird thing to say if you
route that's a weird thing to say if you chose to go the root route you can log
chose to go the root route you can log out and log back in as root and begin
out and log back in as root and begin using Linux as root otherwise you can
using Linux as root otherwise you can continue on with this lesson using Cali
continue on with this lesson using Cali as your main user so we're going to go
as your main user so we're going to go ahead and move on to the next video
last video in the section and this is going to be one of my favorites so what
going to be one of my favorites so what we're going to be talking about is
we're going to be talking about is scripting with bash I'm going to show
scripting with bash I'm going to show you some cool tricks that we can do to
you some cool tricks that we can do to kind of narrow down some of the results
kind of narrow down some of the results that we get and then I'm going to show
that we get and then I'm going to show you how you can automate some of that
you how you can automate some of that process and we'll take that and even
process and we'll take that and even write out some for loops and one line
write out some for loops and one line Loops which this might not make any
Loops which this might not make any sense right now and that's absolutely
sense right now and that's absolutely okay but by the time the video is done
okay but by the time the video is done hopefully it does so the first thing I
hopefully it does so the first thing I want to show you is I want to show you
want to show you is I want to show you how we're going to write a ping sweep so
how we're going to write a ping sweep so we're going to write a pink sweeper
we're going to write a pink sweeper basically we're going to go out and say
basically we're going to go out and say I want to Ping a device if that device
I want to Ping a device if that device is alive go ahead and show me that
is alive go ahead and show me that result and we're going to sweep an
result and we're going to sweep an entire network
entire network so what we're going to do first is we're
so what we're going to do first is we're going to identify a device that's alive
going to identify a device that's alive so we can test this out and then build
so we can test this out and then build upon that so you can go ahead and type
upon that so you can go ahead and type in ifconfig
in ifconfig and then just hit enter
and then just hit enter now my ethernet here is on a netted
now my ethernet here is on a netted Network so I'm running through a
Network so I'm running through a different IP address subnet here so this
different IP address subnet here so this one is 192.168 57 150 my actual IP
one is 192.168 57 150 my actual IP address is on a dot four dot X here so
address is on a dot four dot X here so I'm going to for this example I'm going
I'm going to for this example I'm going to be pinging
192.168.4.29 however and you can see here's the Ping that we're getting back
here's the Ping that we're getting back however if you are unsure of a IP
however if you are unsure of a IP address in your house that is active or
address in your house that is active or your Subnet in your house that's okay
your Subnet in your house that's okay you can just run 57.1 for this example
you can just run 57.1 for this example you might not get a lot of return
you might not get a lot of return results however you might only get one
results however you might only get one or two when we do this sweep so I advise
or two when we do this sweep so I advise you to figure out what your IP address
you to figure out what your IP address is that's a good challenge anyway and if
is that's a good challenge anyway and if you are familiar with networking which
you are familiar with networking which you should be at this point then you
you should be at this point then you should be able to determine the IP
should be able to determine the IP address of your home network but if you
address of your home network but if you do not do that then you can use 57.1 or
do not do that then you can use 57.1 or whatever your IP address is here on this
whatever your IP address is here on this third octet so that will also work if
third octet so that will also work if you see that
you see that all right so I'm going to clear this now
all right so I'm going to clear this now what are we noticing when we're pinging
what are we noticing when we're pinging we're pinging this address and we're
we're pinging this address and we're getting some data back now if we ping an
getting some data back now if we ping an active address you can see that we get
active address you can see that we get okay 64 bytes from 192 1684.29 it's
okay 64 bytes from 192 1684.29 it's saying it's active we're getting details
saying it's active we're getting details back if we were to Ping something let me
back if we were to Ping something let me do like 41.
do like 41. where we just don't get any data back
where we just don't get any data back okay and let's try this one more time
okay and let's try this one more time let's try this a different way let's do
let's try this a different way let's do like a count of one dash C of one we'll
like a count of one dash C of one we'll do a count of one
do a count of one it's going to try to send one packet
it's going to try to send one packet over and see if it works nothing's
over and see if it works nothing's happening right it's trying to transmit
happening right it's trying to transmit that packet you could see that it's
that packet you could see that it's getting zero received here where here is
getting zero received here where here is getting four received no data is coming
getting four received no data is coming back it's just not doing anything for us
back it's just not doing anything for us so the thing that we can identify here
so the thing that we can identify here is what's the big difference if we look
is what's the big difference if we look at line one and two versus line one and
at line one and two versus line one and two what are we seeing when we get data
two what are we seeing when we get data back well the big difference here is
back well the big difference here is we're well two of them I guess we see
we're well two of them I guess we see that we get this response right that's a
that we get this response right that's a big difference and then down here it'll
big difference and then down here it'll say hey we received some packets if it's
say hey we received some packets if it's not zero now the easy way to do this is
not zero now the easy way to do this is to look at a line that says hey we
to look at a line that says hey we receive data which is this line here
receive data which is this line here okay now what I want to do is I want to
okay now what I want to do is I want to narrow this down just a little bit what
narrow this down just a little bit what we're going to say is we're just going
we're going to say is we're just going to do a ping of one time so I'm going to
to do a ping of one time so I'm going to clear this I'm going to bring it back to
clear this I'm going to bring it back to this like this
this like this I'm gonna do a count of one
I'm gonna do a count of one and that should just ping once and
and that should just ping once and that's perfect we don't need to Ping
that's perfect we don't need to Ping endlessly we just want to make sure we
endlessly we just want to make sure we can ping once and then we're done okay
can ping once and then we're done okay and then from here I'm gonna put this
and then from here I'm gonna put this into a text file I'm just going to call
into a text file I'm just going to call this ip.txt just like that
this ip.txt just like that so when I cat out ip.txt
so when I cat out ip.txt now you can see that I have this file
now you can see that I have this file it's stored I don't have to run the
it's stored I don't have to run the command again we're good to go so what
command again we're good to go so what we're going to do now is we can take
we're going to do now is we can take this and then we can start Gathering
this and then we can start Gathering data based off of what we see here
data based off of what we see here so what I want to do
so what I want to do is I want to just extract this one line
is I want to just extract this one line here the 64 bytes from 192
here the 64 bytes from 192 168.4.29 and the best way to do that is
168.4.29 and the best way to do that is with a command called grep so grep is
with a command called grep so grep is going to look for a specific term or
going to look for a specific term or phrase and we can do that and it's going
phrase and we can do that and it's going to pull down any line that has that term
to pull down any line that has that term or phrase so if I say grep here and then
or phrase so if I say grep here and then I just put in quotation 64 bytes like
I just put in quotation 64 bytes like this
this now when I cut out this all I'm pulling
now when I cut out this all I'm pulling down is this line and it's even
down is this line and it's even highlighting it for us it's saying
highlighting it for us it's saying here's the line that we see 64 bytes
here's the line that we see 64 bytes from 192.168 Okay so we've extracted
from 192.168 Okay so we've extracted just the one line and why am I
just the one line and why am I extracting this line well if we're
extracting this line well if we're building out a ping sweeper what I want
building out a ping sweeper what I want to do is I want to sweep every single IP
to do is I want to sweep every single IP within a specific subnet so say this dot
within a specific subnet so say this dot four right I want to Ping
four right I want to Ping 4.1.2.3 all the way through 254 255. I
4.1.2.3 all the way through 254 255. I want to see if I can get through all the
want to see if I can get through all the IP addresses in a subnet so what we're
IP addresses in a subnet so what we're going to do is we're going to Ping every
going to do is we're going to Ping every single one of them and say hey are you
single one of them and say hey are you you up are you there and we're going to
you up are you there and we're going to do it with a count of one and we're
do it with a count of one and we're going to say are you there okay and if
going to say are you there okay and if they're there they're going to say yeah
they're there they're going to say yeah I'm here 64 bytes here's my response and
I'm here 64 bytes here's my response and it's going to say 64 bytes from this IP
it's going to say 64 bytes from this IP address so we want to extract the IP
address so we want to extract the IP addresses to say yeah we're alive that's
addresses to say yeah we're alive that's basically our goal here so when we run
basically our goal here so when we run this on a bigger scale which is what
this on a bigger scale which is what we're going to do we're going to need to
we're going to do we're going to need to grep out this information and extract
grep out this information and extract this information to where we only just
this information to where we only just get the IP address back
get the IP address back okay so what we're going to do now is
okay so what we're going to do now is we're going to start narrowing down and
we're going to start narrowing down and grabbing this IP address and then I'm
grabbing this IP address and then I'm going to show you how we're going to
going to show you how we're going to take this all in one instance and run it
take this all in one instance and run it and then extract IP addresses so from
and then extract IP addresses so from here what I want to do is I want to do
here what I want to do is I want to do another command so every time we pipe
another command so every time we pipe we're saying hey run this command then
we're saying hey run this command then with that command run this command then
with that command run this command then also run this command too so we're going
also run this command too so we're going to keep running this command on top of
to keep running this command on top of this to narrow things down so here's
this to narrow things down so here's what we're doing here we're going to run
what we're doing here we're going to run a command called cut
a command called cut and with cut we're going to say I want
and with cut we're going to say I want to cut something out of this we need to
to cut something out of this we need to provide it what is called a delimiter so
provide it what is called a delimiter so we do a Dash D like this
we do a Dash D like this and the delimiter I'm going to use is a
and the delimiter I'm going to use is a space
space and then I'm going to say Dash f for
and then I'm going to say Dash f for field and then I'm going to say 4.
field and then I'm going to say 4. okay what is this doing well it's saying
okay what is this doing well it's saying Hey I want to cut this line that you're
Hey I want to cut this line that you're getting back on a space so the delimiter
getting back on a space so the delimiter is a space so here's a space Here's a
is a space so here's a space Here's a space Here's a space and it says I want
space Here's a space and it says I want to count up to 4 to grab that data so
to count up to 4 to grab that data so one two three four right here so if we
one two three four right here so if we say 4 here like this we hit enter we're
say 4 here like this we hit enter we're grabbing that specific IP address
grabbing that specific IP address because we're doing it by spaces if we
because we're doing it by spaces if we did it on three what do you think we're
did it on three what do you think we're going to grab we're going to grab the
going to grab we're going to grab the word from so you can see here's from so
word from so you can see here's from so what I want to do is grab the IP so
what I want to do is grab the IP so we're going to use this cut just like
we're going to use this cut just like this use our delimiter and then get to
this use our delimiter and then get to the correct field position that we want
the correct field position that we want to grab the IP address
to grab the IP address all right so we've got the IP address
all right so we've got the IP address now there's only one thing wrong here
now there's only one thing wrong here with this IP address is that there is a
with this IP address is that there is a little colon on the end of it we just
little colon on the end of it we just want this without a colon at all we want
want this without a colon at all we want it just like this now there's a couple
it just like this now there's a couple ways we can do this we could use
ways we can do this we could use something called said said it's a little
something called said said it's a little bit complicated and a little bit
bit complicated and a little bit Advanced I would say for where we're at
Advanced I would say for where we're at right now
right now um so I'd rather teach you an easier way
um so I'd rather teach you an easier way to do this and that is called translate
to do this and that is called translate so with translate all we're going to do
so with translate all we're going to do is we're going to do one more pipe like
is we're going to do one more pipe like this and we're just going to say TR for
this and we're just going to say TR for translate a Dash D for a delimiter again
translate a Dash D for a delimiter again and then we're going to say we want to
and then we're going to say we want to get rid of this
get rid of this and that's it we're just getting rid of
and that's it we're just getting rid of this okay so if we run this one more
this okay so if we run this one more time
time now you can see that we've successfully
now you can see that we've successfully extracted this IP address out that's our
extracted this IP address out that's our goal that's all we wanted to do
goal that's all we wanted to do now how can we apply this to something
now how can we apply this to something bigger how can we make this part of a
bigger how can we make this part of a bigger script that is the question and
bigger script that is the question and we're going to do that so what I want
we're going to do that so what I want you to do is I just want you to copy
you to do is I just want you to copy this okay copy this entire line
this okay copy this entire line and we're going to go into a mouse pad
and we're going to go into a mouse pad so let's copy the selection and I'm
so let's copy the selection and I'm going to clear my screen I'm just going
going to clear my screen I'm just going to say mouse pad
to say mouse pad and we're going to call this ipsweep.sh
okay so this is going to be a bash script
script and I'm going to make this bigger
and I'm going to make this bigger and the first thing we're going to do
and the first thing we're going to do with our bash script is we have to
with our bash script is we have to declare that it's a batch script we're
declare that it's a batch script we're going to say hash bang right here
going to say hash bang right here shebang is what we'd call this forward
shebang is what we'd call this forward slash bin forward slash bash this allows
slash bin forward slash bash this allows the machine to know when we run this
the machine to know when we run this this allows bash to know hey we're
this allows bash to know hey we're calling this here's the location to bash
calling this here's the location to bash this is what we're running with the
this is what we're running with the script you're also going to see this
script you're also going to see this when we we use python as well you'll see
when we we use python as well you'll see the the Declaration hip here at the top
the the Declaration hip here at the top or when we're calling this out so I'm
or when we're calling this out so I'm going to go ahead and control s and save
going to go ahead and control s and save this that'll add some nice color to this
this that'll add some nice color to this so when we're coding this out we get to
so when we're coding this out we get to see in color I like that a lot I'm going
see in color I like that a lot I'm going to actually make this a little bit
to actually make this a little bit smaller and then make this like this
smaller and then make this like this here so we can get the whole picture
here so we can get the whole picture okay so what I want to do is I want to
okay so what I want to do is I want to paste in what we just wrote so I'm just
paste in what we just wrote so I'm just going to control V here and paste that
going to control V here and paste that in
in so
so we don't need to do a cat of an IP
we don't need to do a cat of an IP address here
address here in this instance instead we're going to
in this instance instead we're going to change this back we're going to Ping
change this back we're going to Ping remember we want to Ping every device in
remember we want to Ping every device in the network so we want to Ping say if
the network so we want to Ping say if we're pinging 192 1684 dot X okay we
we're pinging 192 1684 dot X okay we want to Ping that and we can leave this
want to Ping that and we can leave this like this for now don't worry about
like this for now don't worry about changing anything here this is just
changing anything here this is just going to be a placeholder we're going to
going to be a placeholder we're going to do a little bit of extra
do a little bit of extra syntax here to make this work so we're
syntax here to make this work so we're going to write what is called a for Loop
going to write what is called a for Loop so we're going to say 4 and I'll explain
so we're going to say 4 and I'll explain what this does here in a second you're
what this does here in a second you're also going to see this again when we get
also going to see this again when we get into python encoding and so you'll be
into python encoding and so you'll be able to understand more and more about
able to understand more and more about loops and what for Loops are while Loops
loops and what for Loops are while Loops Etc they're very very useful and very
Etc they're very very useful and very common in coding and scripting so I'm
common in coding and scripting so I'm going to say 4 IP in and then I'm going
going to say 4 IP in and then I'm going to say sequence
to say sequence 1 through 254.
1 through 254. now
now very important this character here is
very important this character here is not an apostrophe okay this is not an
not an apostrophe okay this is not an apostrophe
apostrophe this is the little line I don't know
this is the little line I don't know what it's called it's above the attilda
what it's called it's above the attilda next to your escape button on your
next to your escape button on your keyboard so it's this right here okay
keyboard so it's this right here okay it's like a backwards apostrophe almost
it's like a backwards apostrophe almost I'm sure there's a term for it I just
I'm sure there's a term for it I just don't know it uh so you come in here and
don't know it uh so you come in here and you say okay four IP address in sequence
you say okay four IP address in sequence one through 254 and I'm going to explain
one through 254 and I'm going to explain what all this does in a second I want
what all this does in a second I want you just to type this out for now I want
you just to type this out for now I want you to say do
you to say do all right and then I want you to come
all right and then I want you to come down here
down here and we're going to say Ampersand on this
and we're going to say Ampersand on this line and we're going to say done I'm
line and we're going to say done I'm going to explain what all this means
going to explain what all this means okay so this is a loop that we've just
okay so this is a loop that we've just created
created what we're saying is for the IP address
what we're saying is for the IP address and we're just declaring this this could
and we're just declaring this this could be Bob if you wanted to we're just I'm
be Bob if you wanted to we're just I'm just making it a name or a term that's
just making it a name or a term that's easy for us to remember so we're going
easy for us to remember so we're going to say for IP but if you want to call
to say for IP but if you want to call this Bob call Bob for IP in sequence 1
this Bob call Bob for IP in sequence 1 through 254. so what sequence is doing
through 254. so what sequence is doing is it's saying Hey I want to count
is it's saying Hey I want to count everything from 1 to 254. so one two
everything from 1 to 254. so one two three four five six seven eight all the
three four five six seven eight all the way to 254. this for Loop means I'm
way to 254. this for Loop means I'm going to do this every single time so
going to do this every single time so for IP in one for ipn2 for ipn3 we're
for IP in one for ipn2 for ipn3 we're going to run this command until we're
going to run this command until we're done so until this sequence has run up
done so until this sequence has run up 255 times it's done
255 times it's done okay and now we're going to say I want
okay and now we're going to say I want to do a count of
to do a count of dollar sign IP
dollar sign IP so what we're saying here is for IP in
so what we're saying here is for IP in sequence 1 through 254 go ahead and do a
sequence 1 through 254 go ahead and do a ping Dash C for a count of one 192.1684
ping Dash C for a count of one 192.1684 254 and here we're going to say dot
254 and here we're going to say dot 1.2.3 every time this Loops over and
1.2.3 every time this Loops over and over and over it's going to be
over and over it's going to be incrementing that number through this
incrementing that number through this sequence that's all we're doing this is
sequence that's all we're doing this is a basic Loop okay so we're going to keep
a basic Loop okay so we're going to keep going through and through and through
going through and through and through now this will work if you plugged in
now this will work if you plugged in your hard-coded IP address here this
your hard-coded IP address here this will absolutely work now we can improve
will absolutely work now we can improve this just a little bit if we want to so
this just a little bit if we want to so what's going on here is what we're going
what's going on here is what we're going to say is if we wanted to run this we
to say is if we wanted to run this we would just do dot forward slash and then
would just do dot forward slash and then I P Suite okay and this would work
I P Suite okay and this would work that's fine but we can make this a
that's fine but we can make this a little bit better from a coding
little bit better from a coding perspective we can come in here and we
perspective we can come in here and we can give this a dollar sign one
can give this a dollar sign one and that means argument one so what
and that means argument one so what we're saying here is I want to give an
we're saying here is I want to give an argument instead so if you want to be
argument instead so if you want to be technical this first dot forward slash
technical this first dot forward slash ipsweep.sh that is argument zero so you
ipsweep.sh that is argument zero so you can consider this dollar sign zero
can consider this dollar sign zero argument one would be what you type
argument one would be what you type after that so this would be argument one
after that so this would be argument one argument two
argument two Etc so in this case what we can do is we
Etc so in this case what we can do is we could say I want to run
could say I want to run 192.1684 like this and this will run the
192.1684 like this and this will run the dot 1.2.3 after it so you provide the
dot 1.2.3 after it so you provide the argument it places that here in argument
argument it places that here in argument one and then it does the rest for you so
one and then it does the rest for you so this way you can specify your network
this way you can specify your network and if you wanted to Ping multiple
and if you wanted to Ping multiple networks you don't have to come back in
networks you don't have to come back in here and keep changing this it just
here and keep changing this it just works so super easy this is a great
works so super easy this is a great little script for a slash 24 type subnet
little script for a slash 24 type subnet okay
okay okay so let's go ahead and try running
okay so let's go ahead and try running this really quick I'm going to just
this really quick I'm going to just control s save this I'm going to close
control s save this I'm going to close it we're going to do a CH mod plus X on
it we're going to do a CH mod plus X on ipsweep if it'll allow us to we might
ipsweep if it'll allow us to we might have to do a
have to do a okay let's do LS La real quick make sure
okay let's do LS La real quick make sure it worked
it worked it sure did okay so here's what we're
it sure did okay so here's what we're gonna do we're going to run the ipsweep
gonna do we're going to run the ipsweep and we're going to say
and we're going to say 192.168 you just put in your IP here I'm
192.168 you just put in your IP here I'm going to run that all right
going to run that all right and you can see all the devices that are
and you can see all the devices that are coming back within my network here
coming back within my network here I'm going to go ahead and hit Ctrl C
I'm going to go ahead and hit Ctrl C cancel this out
cancel this out and so this is grabbing all the
and so this is grabbing all the different devices in my network now
different devices in my network now that's great
that's great that works out really well but what we
that works out really well but what we can do is improve this what if I typed
can do is improve this what if I typed in a what if I didn't type anything at
in a what if I didn't type anything at all what if I just hit enter here now
all what if I just hit enter here now I'm just getting all kinds of pings
I'm just getting all kinds of pings unknown and it's going off of some of
unknown and it's going off of some of the stuff I was doing before but it just
the stuff I was doing before but it just causes all kinds of issues and errors
causes all kinds of issues and errors right so you can see I'm trying to hit
right so you can see I'm trying to hit Ctrl C it's it's taking its time to
Ctrl C it's it's taking its time to Break
Break um here we get issues because we're not
um here we get issues because we're not we're just allowing any sort of argument
we're just allowing any sort of argument here what we need to do is we need to
here what we need to do is we need to fix this up just a little bit so what we
fix this up just a little bit so what we can say is we can come back in here and
can say is we can come back in here and just go mouse pad ipsweep.sh
and come in here and let's add a little bit extra oh and I also left this in
bit extra oh and I also left this in here don't leave this in here that's why
here don't leave this in here that's why that was running twice
that was running twice um okay so what we're doing here is we
um okay so what we're doing here is we need to add in a statement what we're
need to add in a statement what we're going to do is we're going to add in a
going to do is we're going to add in a if statement if statements are
if statement if statements are conditions we're saying hey if this
conditions we're saying hey if this condition is met do something for us if
condition is met do something for us if it's not met then go ahead and do
it's not met then go ahead and do something else all right so we're going
something else all right so we're going to say
to say if
if and we're gonna just put in here dollar
and we're gonna just put in here dollar sign one
sign one is equal to nothing
is equal to nothing then we're gonna go ahead and just say
then we're gonna go ahead and just say then
then Echo
Echo you forgot and IP address
Echo syntax something like this we'll just
syntax something like this we'll just say
say IP
IP sweep.sh and we'll go
sweep.sh and we'll go 192.1684 like that
192.1684 like that okay
okay and then if we did do this correctly
and then if we did do this correctly if we do have an argument inside of
if we do have an argument inside of argument one then we're going to say
argument one then we're going to say else do all of this here
else do all of this here and be done and then we're going to end
and be done and then we're going to end our if statement with f i
our if statement with f i now this script or this resemblance of
now this script or this resemblance of this script is not one of my own by the
this script is not one of my own by the way this is goes credit to something
way this is goes credit to something I've modified over time but the original
I've modified over time but the original credit definitely goes to Georgia
credit definitely goes to Georgia Weidman I remember seeing this in her
Weidman I remember seeing this in her course a long long time ago when I was
course a long long time ago when I was first getting started and she did a
first getting started and she did a great job of teaching this this is just
great job of teaching this this is just a modification of this script so I just
a modification of this script so I just want to make sure that all credit goes
want to make sure that all credit goes to her but looking at this let's break
to her but looking at this let's break this down really quick before we run
this down really quick before we run this again we've got an if statement we
this again we've got an if statement we said if
said if argument one doesn't equal anything then
argument one doesn't equal anything then you're gonna Echo back out and say hey
you're gonna Echo back out and say hey you forgot an IP address here's the
you forgot an IP address here's the syntax
syntax if it does include something then we're
if it does include something then we're gonna go ahead and come in here and say
gonna go ahead and come in here and say let's run our for statement our for Loop
let's run our for statement our for Loop and run through it and then we're going
and run through it and then we're going to end our if here
to end our if here the only thing that I'm doing uniquely
the only thing that I'm doing uniquely here is I'm including this Ampersand
here is I'm including this Ampersand which is going to run this command
which is going to run this command um multiple times at once this is a good
um multiple times at once this is a good way to explain it basically we have a
way to explain it basically we have a couple ways of doing this we could say
couple ways of doing this we could say like this so we could put a command here
like this so we could put a command here and this will run one at a time it'll
and this will run one at a time it'll say okay four one four two four three
say okay four one four two four three this allows multiple instances of this
this allows multiple instances of this Loop to run at once and just speeds
Loop to run at once and just speeds things up I can show you the difference
things up I can show you the difference between that so I'm going to go ahead
between that so I'm going to go ahead and just Ctrl s save this
and just Ctrl s save this I'm going to go ahead and just run this
I'm going to go ahead and just run this script real quick now let's try running
script real quick now let's try running it with without anything here
it with without anything here okay now look it says you forgot an IP
okay now look it says you forgot an IP address so look we did that correctly
address so look we did that correctly now let's go ahead and add the 192.168.4
now let's go ahead and add the 192.168.4 run it and you can see okay it's
run it and you can see okay it's sweeping but it's taking its sweet time
sweeping but it's taking its sweet time especially for the IP addresses that are
especially for the IP addresses that are going to hang like
going to hang like um like if I don't have a DOT two or dot
um like if I don't have a DOT two or dot three it's going to take a while so I'm
three it's going to take a while so I'm going to control C and get out of this
going to control C and get out of this if it'll let me and it looks like it's
if it'll let me and it looks like it's actually going to hang so what we can do
actually going to hang so what we can do is we can come back in I'm going to open
is we can come back in I'm going to open a new tab real quick just while that's
a new tab real quick just while that's waiting and I'm just going to say mouse
waiting and I'm just going to say mouse pad and we're just going to go back into
pad and we're just going to go back into ipsweep dot sh fits in this folder there
ipsweep dot sh fits in this folder there we go okay
we go okay so from here I'm going to change this
so from here I'm going to change this back to the Ampersand and I'm going to
back to the Ampersand and I'm going to save it I just want you to see the
save it I just want you to see the difference really quick and why I run it
difference really quick and why I run it like this so ipsweep
.sh192168.4 you can see it's picking everything up really fast all right what
everything up really fast all right what I can do now is I can run this and then
I can do now is I can run this and then store this into like ips.txt something
store this into like ips.txt something like that just like found IP addresses
like that just like found IP addresses okay so now if I cat IPS dot txt I have
okay so now if I cat IPS dot txt I have all the IP addresses I just found and I
all the IP addresses I just found and I found them that fast
found them that fast versus this which may still be going and
versus this which may still be going and it is and I can't even kill I'm just
it is and I can't even kill I'm just going to close this out okay so this is
going to close this out okay so this is the big difference there with that
the big difference there with that Ampersand and the speed what it is
Ampersand and the speed what it is capable of doing so
capable of doing so with all that being said we could take
with all that being said we could take this and do one more thing so I want to
this and do one more thing so I want to show you how we can utilize a one-liner
show you how we can utilize a one-liner these are called one line statements in
these are called one line statements in um in bash and we can do similar to what
um in bash and we can do similar to what we just did and accomplish that in this
we just did and accomplish that in this command line so now we have an IP
command line so now we have an IP address we have a list of IP addresses
address we have a list of IP addresses let's say that we want to run nmap now
let's say that we want to run nmap now we haven't gotten to nmap yet you don't
we haven't gotten to nmap yet you don't need to really know about it just know
need to really know about it just know that it is a tool that allows us to go
that it is a tool that allows us to go out and do Port scanning okay so
out and do Port scanning okay so typically we would just say something
typically we would just say something like nmap and we might do something like
like nmap and we might do something like uh Dash T4 Dash a dash p dash like this
uh Dash T4 Dash a dash p dash like this this is just saying I want to run a map
this is just saying I want to run a map scan I want to look at everything and I
scan I want to look at everything and I want to scan all ports this is just an
want to scan all ports this is just an example you can just run mmap IP address
example you can just run mmap IP address like this and that would be fine too
like this and that would be fine too like we could just go 192.168 4.29 and
like we could just go 192.168 4.29 and we'll do a quick M map scan okay but
we'll do a quick M map scan okay but what we can't do here is we can't just
what we can't do here is we can't just say hey I want to run uh well we could
say hey I want to run uh well we could we could say I want to run nmap for
we could say I want to run nmap for everything in dot zero 24.
everything in dot zero 24. the issue is it's going to take time
the issue is it's going to take time looking and finding what IP addresses
looking and finding what IP addresses are valid here if we have a list we can
are valid here if we have a list we can automate this process quite a bit we can
automate this process quite a bit we can just come in here and we can say
just come in here and we can say something a little bit different we can
something a little bit different we can say hey for IP we're using the same kind
say hey for IP we're using the same kind of syntax in dollar sign and we're going
of syntax in dollar sign and we're going to put parentheses here we're going to
to put parentheses here we're going to say cat
say cat and then we're going to say ips.txt
and then we're going to say ips.txt and then we're just going to do this
and then we're just going to do this we're going to say do and map
we're going to say do and map dollar sign IP and then again we have
dollar sign IP and then again we have the option of doing done or we can do
the option of doing done or we can do Ampersand done just like this okay I'm
Ampersand done just like this okay I'm just going to do done here as an example
just going to do done here as an example and just show you so this is really easy
and just show you so this is really easy we're saying hey for every IP address in
we're saying hey for every IP address in this list and all we're doing is we're
this list and all we're doing is we're cutting out this IP list that we just
cutting out this IP list that we just had so it's going to take the first IP
had so it's going to take the first IP then run the M Maps again it's going to
then run the M Maps again it's going to come back run the next one so until this
come back run the next one so until this list is completely done it's going to
list is completely done it's going to keep going through this Loop that's all
keep going through this Loop that's all it is a simple Loop then we're going to
it is a simple Loop then we're going to say done it's going to take that IP
say done it's going to take that IP address it's going to start scanning it
address it's going to start scanning it it's going to go through and hopefully
it's going to go through and hopefully find information and go in a loop so
find information and go in a loop so this is a quick way to automate some of
this is a quick way to automate some of this process I actually do this with a
this process I actually do this with a lot of my scripts where I will do some
lot of my scripts where I will do some probing see if anything is out there
probing see if anything is out there that's alive put it into an IP file and
that's alive put it into an IP file and you're going to see this later in the
you're going to see this later in the course and then nmap scan that
course and then nmap scan that so think about this hopefully this gets
so think about this hopefully this gets your wheels spinning on what you can do
your wheels spinning on what you can do to really start scripting some of this
to really start scripting some of this stuff out and this is going to be the
stuff out and this is going to be the first time you get your hands dirty with
first time you get your hands dirty with scripting we're going to go on again
scripting we're going to go on again with this and we're going to get more
with this and we're going to get more advanced as we go but this should be a
advanced as we go but this should be a good introductory lesson to you on how
good introductory lesson to you on how we can build a simple tool and automate
we can build a simple tool and automate a lot of this process fairly easily with
a lot of this process fairly easily with just a little bit of command line syntax
just a little bit of command line syntax so we're going to go ahead and move on
so we're going to go ahead and move on to the next section and I will see you
to the next section and I will see you over there
welcome to this module on python so if you've never used python before or even
you've never used python before or even heard of python before python is a
heard of python before python is a coding and scripting language it is
coding and scripting language it is commonly used in ethical hacking and
commonly used in ethical hacking and it's commonly used all around the world
it's commonly used all around the world it is actually considered one of the
it is actually considered one of the best beginner languages to start with if
best beginner languages to start with if you've never learned coding before so
you've never learned coding before so that's exactly what we're going to do
that's exactly what we're going to do we're going to cover some of the basics
we're going to cover some of the basics of python so we'll cover everything you
of python so we'll cover everything you see on this screen here strings math
see on this screen here strings math functions we're going to get into
functions we're going to get into conditional statements and looping we'll
conditional statements and looping we'll get into some more advanced items and
get into some more advanced items and eventually we're going to build our own
eventually we're going to build our own tools so we're going to be building a
tools so we're going to be building a port scanner at the end of the lesson
port scanner at the end of the lesson and then when we get into the exploit
and then when we get into the exploit development section of this course we're
development section of this course we're going to use Python again to write our
going to use Python again to write our own exploits so it's going to be used
own exploits so it's going to be used throughout the course you're going to
throughout the course you're going to see it again as a ethical hacker as well
see it again as a ethical hacker as well well you're going to go on to websites
well you're going to go on to websites and you might need to download python
and you might need to download python code or something to utilize against a
code or something to utilize against a host or a client and it's just going to
host or a client and it's just going to be frequently seen for you so very
be frequently seen for you so very important topic to cover especially for
important topic to cover especially for the foundations one very big thing to
the foundations one very big thing to point out you do not have to be a
point out you do not have to be a developer to be successful in
developer to be successful in penetration testing the important thing
penetration testing the important thing is that you understand what you're
is that you understand what you're seeing and understand how to read code
seeing and understand how to read code if when you come away from this module
if when you come away from this module you have a better understanding on how
you have a better understanding on how to read what you are seeing in code
to read what you are seeing in code you'll be much better off by no means do
you'll be much better off by no means do you have to be a developer I am still to
you have to be a developer I am still to this day nowhere near a developer level
this day nowhere near a developer level and I'm very very successful in what I
and I'm very very successful in what I do you don't have to be a developer so
do you don't have to be a developer so the big takeaway here is to take very
the big takeaway here is to take very good notes understand what you're seeing
good notes understand what you're seeing if you need to watch a video multiple
if you need to watch a video multiple times in this section absolutely okay
times in this section absolutely okay just make sure you understand everything
just make sure you understand everything in front of you and understand that the
in front of you and understand that the lessons are going to build upon each
lessons are going to build upon each other and it should all come together in
other and it should all come together in the end and you're going to get to see
the end and you're going to get to see it over and over through the course
it over and over through the course especially in the exploit development
especially in the exploit development section where we write our own python
section where we write our own python script so I look forward to teaching you
script so I look forward to teaching you this module on Python and look forward
this module on Python and look forward to seeing you in the next video
okay on to our first lesson the first thing that we're going to cover is going
thing that we're going to cover is going to be strings
to be strings and in order to do that I'm going to go
and in order to do that I'm going to go ahead and make a directory on my Linux
ahead and make a directory on my Linux machine you can make a folder in your
machine you can make a folder in your Mac or your Windows machine if you're
Mac or your Windows machine if you're using those operating systems I'm just
using those operating systems I'm just going to go in here and just say make
going to go in here and just say make dirt Python and then I'm going to go
dirt Python and then I'm going to go ahead and go into that directory
ahead and go into that directory so from here I'm going to go ahead and
so from here I'm going to go ahead and make my first script so I'm going to
make my first script so I'm going to clear my screen with Ctrl l
clear my screen with Ctrl l and I'm going to say mouse pad
and I'm going to say mouse pad and I'm just going to call this script
and I'm just going to call this script first dot pi and I'm going to give it
first dot pi and I'm going to give it the Ampersand here at the end that's
the Ampersand here at the end that's just going to allow me to open up this
just going to allow me to open up this process of mouse pad and also have the
process of mouse pad and also have the terminal available to me when I need it
terminal available to me when I need it so you'll see why I do that here in a
so you'll see why I do that here in a little bit now if you're not on Linux
little bit now if you're not on Linux that's okay you can use something like
that's okay you can use something like notepad plus plus or code runner for Mac
notepad plus plus or code runner for Mac which we showed earlier in this course
which we showed earlier in this course so from here what I'm going to do is I'm
so from here what I'm going to do is I'm going to go ahead and enter in a shebang
going to go ahead and enter in a shebang which is a hash an exclamation forward
which is a hash an exclamation forward slash bin or slash python3
slash bin or slash python3 and this is important for Linux here
and this is important for Linux here because we are calling out the directory
because we are calling out the directory if you are familiar with Linux What's
if you are familiar with Linux What's Happening Here is we have two options we
Happening Here is we have two options we can come in here and we can say
can come in here and we can say python3 and we can say first.pi and
python3 and we can say first.pi and that'll execute our script or in theory
that'll execute our script or in theory we can come in here we can just do a DOT
we can come in here we can just do a DOT forward slash first dot pi and run it
forward slash first dot pi and run it that way if we run it like this our
that way if we run it like this our script will not know where to go unless
script will not know where to go unless we declare that so up here we're giving
we declare that so up here we're giving the shebang forward slash bin forward
the shebang forward slash bin forward slash python3 that is where python3 is
slash python3 that is where python3 is located in this machine so it will come
located in this machine so it will come up here and it will look for this first
up here and it will look for this first and say okay I'm going to execute this
and say okay I'm going to execute this based on python 3. so that is a little
based on python 3. so that is a little bit of a Linux Nuance here and something
bit of a Linux Nuance here and something you should know in case you are ever
you should know in case you are ever coding in Linux or an environment that
coding in Linux or an environment that is similar like Unix which Macs do run
is similar like Unix which Macs do run off of so from here if you've ever taken
off of so from here if you've ever taken a coding class the first thing you do in
a coding class the first thing you do in every single coding class is what is
every single coding class is what is known as hello world so we're going to
known as hello world so we're going to print out hello world and print it to
print out hello world and print it to our terminal so in order to do that
our terminal so in order to do that we're going to go ahead and do some
we're going to go ahead and do some thing like this we're going to say print
thing like this we're going to say print and then we'll do a parenthesis and
and then we'll do a parenthesis and we'll say hello
I'm gonna go ahead and save this and if we run this and I'm going to run
and if we run this and I'm going to run this with python3 if we run this python3
this with python3 if we run this python3 first.pi
first.pi you'll see that it says hello world
you'll see that it says hello world now one thing that we can do in here
now one thing that we can do in here is good practice for being a developer
is good practice for being a developer is add some notes in so we're going to
is add some notes in so we're going to add a comment in here we're going to do
add a comment in here we're going to do a
a #or a pound symbol and we're just going
#or a pound symbol and we're just going to say print string
to say print string now when we run this again this isn't
now when we run this again this isn't going to print out comments are just for
going to print out comments are just for us inside of the script and I can prove
us inside of the script and I can prove that to you by Saving this and running
that to you by Saving this and running it again you'll see all we have in here
it again you'll see all we have in here is Hello World perfect
is Hello World perfect so comments
so comments with a hash are just meant for whoever
with a hash are just meant for whoever is reading your script or your code and
is reading your script or your code and that could be you or
that could be you or bad scenario but what if you get hit by
bad scenario but what if you get hit by a bus tomorrow you're the main developer
a bus tomorrow you're the main developer and nobody knows how to read your code
and nobody knows how to read your code because you didn't leave any comments
because you didn't leave any comments that'd be very bad so good coding
that'd be very bad so good coding practice suggests to leave good comments
practice suggests to leave good comments and make sure that people can come in
and make sure that people can come in and read your code and understand what
and read your code and understand what is going on in here so we're going to
is going on in here so we're going to add comments along the way so that way
add comments along the way so that way we understand what we're doing and
we understand what we're doing and practice good habits as well so what
practice good habits as well so what you're seeing here is what's called a
you're seeing here is what's called a string you're seeing a string in
string you're seeing a string in quotations and you can see a string
quotations and you can see a string printed out
printed out with single quotes as well so we can
with single quotes as well so we can just do hello world
just do hello world I'll add the exclamation for consistency
I'll add the exclamation for consistency and if we save this and print this
and if we save this and print this you'll see that it also prints
you'll see that it also prints hello world
hello world so it really doesn't matter if you have
so it really doesn't matter if you have single quotes or double quotes until we
single quotes or double quotes until we get into more advanced strings and we'll
get into more advanced strings and we'll talk about those a little bit later on
talk about those a little bit later on in the course but for now just know that
in the course but for now just know that you can use single quotes or double
you can use single quotes or double quotes when printing out a string
quotes when printing out a string another thing that we can do with
another thing that we can do with strings is print on multiple lines so if
strings is print on multiple lines so if we say print
we say print and we do triple quotes like this we say
and we do triple quotes like this we say this string runs and then we hit enter
this string runs and then we hit enter multiple lines with an exclamation and
multiple lines with an exclamation and and add in three more double quotes
and add in three more double quotes there and close this off
there and close this off we can add a note here as well that says
we can add a note here as well that says triple quote for multi-line
triple quote for multi-line and if we save this with Ctrl s and we
and if we save this with Ctrl s and we run this again
run this again you're going to see this string runs
you're going to see this string runs multiple lines awesome another thing
multiple lines awesome another thing that we can do is concatenate strings so
that we can do is concatenate strings so we can print out something like
we can print out something like this string
this string is and now we're going to add a space at
is and now we're going to add a space at the end of it make sure you have a space
the end of it make sure you have a space right here
right here we're going to do a plus sign and then
we're going to do a plus sign and then we're going to say awesome
we're going to say awesome just like that and we can say we can
just like that and we can say we can also concat innate
also concat innate it's always hard for me to spell that so
it's always hard for me to spell that so what's going to happen here is it's
what's going to happen here is it's going to take this string
going to take this string plus this string when it prints out so
plus this string when it prints out so the reason we have a space is it's got
the reason we have a space is it's got to have the space because there's no
to have the space because there's no space here and this will just add a
space here and this will just add a space for us even though in our heads we
space for us even though in our heads we might want it to so we're going to go
might want it to so we're going to go ahead and save this print it out one
ahead and save this print it out one more time
more time and you can see that it concatenated and
and you can see that it concatenated and said this string is awesome
said this string is awesome now one last thing
now one last thing we can also print out a new line so we
we can also print out a new line so we can just do something like this
can just do something like this and we can use a single quote this time
and we can use a single quote this time just to do a proof of concept do a
just to do a proof of concept do a backslash n like this
backslash n like this and this will print out a new line
and this will print out a new line and we'll get familiar with that later
and we'll get familiar with that later on as we get into functions we'll write
on as we get into functions we'll write our own function to make a new line but
our own function to make a new line but for now if we wanted to add another line
for now if we wanted to add another line we could and then we can just print
we could and then we can just print test that new line out
and let's see if it actually gave us a line printed in between this
line printed in between this concatenation and this new print
concatenation and this new print statement here let's go ahead and save
statement here let's go ahead and save that
that print it and you can see there is a line
print it and you can see there is a line here so the backslash n will print out a
here so the backslash n will print out a new line for us
new line for us and that is all we need to know for
and that is all we need to know for basic string so we're going to go ahead
basic string so we're going to go ahead and move on to math you can go ahead and
and move on to math you can go ahead and leave this open we're going to run
leave this open we're going to run through this as we go and then you'll
through this as we go and then you'll have a long script which will also make
have a long script which will also make for very good notes let's go ahead and
for very good notes let's go ahead and move on to math
move on to math so math
so math python actually has a built-in math
python actually has a built-in math interpreter
interpreter so we can do a bunch of fun stuff with
so we can do a bunch of fun stuff with python and with math that's
python and with math that's automatically built in so I'm going to
automatically built in so I'm going to go ahead and just call this section math
go ahead and just call this section math and if you want to like keep track of
and if you want to like keep track of sections you can come up here and just
sections you can come up here and just call this strings
call this strings and just capitalize it like that and
and just capitalize it like that and then that way we kind of have an idea of
then that way we kind of have an idea of where we're at you can even add an extra
where we're at you can even add an extra line here if we want to so from here
line here if we want to so from here let's go ahead and play around with math
let's go ahead and play around with math just a little bit so if I wanted to do a
just a little bit so if I wanted to do a print of 50 plus 50
print of 50 plus 50 we can definitely add
we can definitely add we can also subtract so if you want to
we can also subtract so if you want to do 50 minus 50 you could do that
do 50 minus 50 you could do that and I'll give you some time to catch up
and I'll give you some time to catch up here in just a second
here in just a second I'm just going to do a few print
I'm just going to do a few print statements then we'll take a look at
statements then we'll take a look at them and then we'll move on to some more
them and then we'll move on to some more math as well we can also do 50 times 50.
math as well we can also do 50 times 50. and we'll just use the little star or
and we'll just use the little star or the asterisks we'll just say multiply
the asterisks we'll just say multiply and we'll also do 50 divided by 50.
and we'll also do 50 divided by 50. we'll just say divide
so if we save that you could take a second to catch up you could see we are
second to catch up you could see we are just doing Simple Math here we should
just doing Simple Math here we should expect 100 we should expect zero we
expect 100 we should expect zero we should expect one here and 2500 if my
should expect one here and 2500 if my math is mental math is correct so I'm
math is mental math is correct so I'm going to go ahead and print this out
okay we've got 100 0 2500 and 1.0 so this 1.0 is a little bit different this
this 1.0 is a little bit different this is what's known as a float everything
is what's known as a float everything else that is come out so far is just an
else that is come out so far is just an integer and we'll talk a little bit
integer and we'll talk a little bit about that here in just a few minutes
about that here in just a few minutes but know that integers are on the left
but know that integers are on the left hand side and if we don't have a decimal
hand side and if we don't have a decimal point here we're looking at integers and
point here we're looking at integers and on the right hand side when we see
on the right hand side when we see anything on the right hand side of the
anything on the right hand side of the decimal we're looking at what is called
decimal we're looking at what is called a float and that becomes very important
a float and that becomes very important depending on when we need it
depending on when we need it for now we're going to keep worrying
for now we're going to keep worrying about math we'll get into integers and
about math we'll get into integers and floats in just a little bit
floats in just a little bit so another thing that math built into
so another thing that math built into python can do
python can do is it can do PEMDAS if you've never
is it can do PEMDAS if you've never heard of PEMDAS please excuse my dear
heard of PEMDAS please excuse my dear Aunt Sally so parentheses exponents
Aunt Sally so parentheses exponents multiply divide add subtract
multiply divide add subtract you may have had it something different
you may have had it something different within your educational experience but
within your educational experience but it will do that for you so if you do 50
it will do that for you so if you do 50 plus 50 minus 50
plus 50 minus 50 times 50 divided by 50.
times 50 divided by 50. it will give you the answer
it will give you the answer I don't know that Mental Math off hand
I don't know that Mental Math off hand another thing that we can do are
another thing that we can do are exponents so we can print say 50 to the
exponents so we can print say 50 to the second power which is same thing as 50
second power which is same thing as 50 times 50 which would be 2500 as well and
times 50 which would be 2500 as well and we can get exponents out of this
we can get exponents out of this and we'll actually go ahead and save
and we'll actually go ahead and save this and run this here because the next
this and run this here because the next step I want to be able to lay out
step I want to be able to lay out clearly
clearly you can see that we have successfully
you can see that we have successfully done the math here and did it for us
done the math here and did it for us awesome and it also did the exponent for
awesome and it also did the exponent for us as well
us as well so now a couple weird things with the
so now a couple weird things with the vision so you saw the 1.0 before
vision so you saw the 1.0 before well we have a few things that we can do
well we have a few things that we can do for example the 50 divided by 6 but
for example the 50 divided by 6 but using a percentage sign is what's called
using a percentage sign is what's called a medullo
a medullo and that it just takes what is left over
and that it just takes what is left over so 50 divided by 6 is not divisible
so 50 divided by 6 is not divisible there is a leftover so if we print that
there is a leftover so if we print that you'll see we get a leftover of two
you'll see we get a leftover of two which makes sense because 6 goes into 58
which makes sense because 6 goes into 58 times 6 times 8 is 48 and then we have 2
times 6 times 8 is 48 and then we have 2 left over so if we want to know what the
left over so if we want to know what the remainder is we can use a percentage
remainder is we can use a percentage sign here
sign here we can also do something like 50 divided
we can also do something like 50 divided by 6 like we saw earlier and this will
by 6 like we saw earlier and this will have division with remainder
have division with remainder so we can say or or float
so we can say or or float we'll save that and take a look at that
we'll save that and take a look at that really quick
you can see we get 8.3 and then it rounds up eventually to a four
and lastly what if we wanted no remainder so if we just did 50 divided
remainder so if we just did 50 divided by 6
by 6 we say no remainder
we say no remainder we could do this and we should get
we could do this and we should get eight here
eight here so depending on the situation and what
so depending on the situation and what we want we might want a situation where
we want we might want a situation where we only want the integer
we only want the integer or we only might want what's left over
or we only might want what's left over or perhaps we actually want the whole
or perhaps we actually want the whole number of what's being divided so there
number of what's being divided so there are a few different ways to divide with
are a few different ways to divide with math in Python and it's good to know all
math in Python and it's good to know all of them depending on the situation that
of them depending on the situation that you run into so for now just take notes
you run into so for now just take notes on this and know that there are a few
on this and know that there are a few ways to do math and division and you can
ways to do math and division and you can do PEMDAS and exponents and all kinds of
do PEMDAS and exponents and all kinds of fun stuff and this is just scratching
fun stuff and this is just scratching the surface of math with python
the surface of math with python so that's it for this lesson we're going
so that's it for this lesson we're going to go ahead and move on to the next one
to go ahead and move on to the next one which is going to start covering
which is going to start covering variables and methods
so I'm going to come in here and I'm just going to
call this section variables and methods and if we want to make our script a
and if we want to make our script a little bit clean we can just come in
little bit clean we can just come in here and copy this new line
here and copy this new line it'll be a lot easier once we write a
it'll be a lot easier once we write a function for this but we haven't gotten
function for this but we haven't gotten there quite yet so we're going to print
there quite yet so we're going to print out this new line and that way when we
out this new line and that way when we print this out
print this out you can see that we have kind of gaps in
you can see that we have kind of gaps in between the sections that we're working
between the sections that we're working on
on so now we're going to work on variables
so now we're going to work on variables and methods
and methods so variables
so variables variable means something can vary it can
variable means something can vary it can change and we're going to look at that
change and we're going to look at that here in a second so if we have something
here in a second so if we have something like quote and we make quote equal to
like quote and we make quote equal to All is fair in Love and War
All is fair in Love and War and this is what this is a string we are
and this is what this is a string we are storing the string inside of this
storing the string inside of this variable
variable called quote
called quote and we can just come in here now we can
and we can just come in here now we can print out whoa
print out whoa and if we do that we should get this
and if we do that we should get this returned back to us
returned back to us you can see all is fair and Love and War
you can see all is fair and Love and War if we didn't print this just go ahead
if we didn't print this just go ahead actually we'll just comment this out
actually we'll just comment this out this is a great way to test the script
this is a great way to test the script if we just save this now with a comment
if we just save this now with a comment and we hit enter there's nothing here we
and we hit enter there's nothing here we haven't given it any instructions to
haven't given it any instructions to actually print out so now we can print
actually print out so now we can print this out and it's printing whatever is
this out and it's printing whatever is stored inside of that variable in this
stored inside of that variable in this instance we have a string stored in
instance we have a string stored in there
there now when we talk about methods
now when we talk about methods methods are just functions that are
methods are just functions that are available for a given object now you
available for a given object now you could think of functions as something
could think of functions as something built in to python that allows us to do
built in to python that allows us to do something and it'll make sense here when
something and it'll make sense here when we get into using methods so we have
we get into using methods so we have this quote All is fair in Love and War
this quote All is fair in Love and War well what if we wanted to print this in
well what if we wanted to print this in a few different ways well we can use
a few different ways well we can use methods to do that for example we can
methods to do that for example we can print quote in uppercase and just do
print quote in uppercase and just do upper like that
upper like that and this is going to make it all
and this is going to make it all uppercase because we're giving it this
uppercase because we're giving it this period upper and then open close
period upper and then open close parentheses right here and that is
parentheses right here and that is allowing us to use that method so we can
allowing us to use that method so we can say uppercase
say uppercase and we can also print in lowercase if we
and we can also print in lowercase if we do lower
and just for one more we can also do print
print and we'll say quote dot title
and we'll say quote dot title and this is what's known as title cakes
and this is what's known as title cakes and title case will capitalize every
and title case will capitalize every single letter like it is the title uh in
single letter like it is the title uh in this instance here we're going to get
this instance here we're going to get like the a capitalize which wouldn't
like the a capitalize which wouldn't really be true in a title but still just
really be true in a title but still just know that title case is meant to
know that title case is meant to capitalize every first letter within
capitalize every first letter within your string or your sentence in this
your string or your sentence in this case we're going to call this lowercase
case we're going to call this lowercase here
here okay so let's go ahead and save this and
okay so let's go ahead and save this and we're going to print this out
and you can see the differences that we have we have it here
have we have it here in its normal quote and then we have it
in its normal quote and then we have it in uppercase all lowercase and then
in uppercase all lowercase and then every single first letter capitalized
every single first letter capitalized perfect these are methods these are just
perfect these are methods these are just a small example methods we're going to
a small example methods we're going to get into more a little bit later
get into more a little bit later here's another example what if we wanted
here's another example what if we wanted to print the length of quote
to print the length of quote let's say we wanted to know how many
let's say we wanted to know how many characters were within this sentence so
characters were within this sentence so this is going to count the characters
this is going to count the characters and this will also count spaces so we're
and this will also count spaces so we're trying to get a total count of what's
trying to get a total count of what's going on inside this string we print
going on inside this string we print that you'll see that we get 28 return so
that you'll see that we get 28 return so if you want to check that you can go
if you want to check that you can go count every single character within here
count every single character within here and you'll get the length of that and
and you'll get the length of that and that could become important as you're
that could become important as you're doing python later on and this is just
doing python later on and this is just yet another example of a method now
yet another example of a method now let's go back to looking at variables
let's go back to looking at variables and why they're called variables
and why they're called variables so let's say that we have a variable of
so let's say that we have a variable of a name and in this instance I'm going to
a name and in this instance I'm going to use my name and I'm going to make it a
use my name and I'm going to make it a string
string and I'm going to use my age
and I'm going to use my age I am 33 and
I am 33 and here we're going to say string just so
here we're going to say string just so we can make sure we notate the
we can make sure we notate the differences this is an INT or an integer
differences this is an INT or an integer and we're also going to give a GPA let's
and we're also going to give a GPA let's say I went to school I'm going to use
say I went to school I'm going to use the American grading system let's say I
the American grading system let's say I had a 3.7 GPA
had a 3.7 GPA and this is what's known as a float
and this is what's known as a float and that has a decimal so make sure you
and that has a decimal so make sure you notate that
notate that so if we print these out if we print out
so if we print these out if we print out the integer of age
the integer of age that'll still print
that'll still print 33.
33. what if we print out the integer of
what if we print out the integer of 30.1 save that
30.1 save that take a look
take a look and you'll see that we just get
and you'll see that we just get 30.
30. all right
all right and you can see that this rounded down
and you can see that this rounded down again integer just the first number just
again integer just the first number just what's on the left side of the decimal
what's on the left side of the decimal point
point doesn't care about the right side what
doesn't care about the right side what if we printed integer
if we printed integer of 30.9
will it round will it round
will it round no
no so if we save that
so if we save that and we print again you'll see it's still
and we print again you'll see it's still 30. it doesn't care what's on the right
30. it doesn't care what's on the right side of the number it's only going to
side of the number it's only going to take what the integer is so anytime you
take what the integer is so anytime you print an integer you're only going to
print an integer you're only going to get the first or what's on the left hand
get the first or what's on the left hand side of the decimal point so make sure
side of the decimal point so make sure you know that
you know that now a few cool things that we can do
now a few cool things that we can do let's say that we wanted to print
let's say that we wanted to print something like this if we print
something like this if we print my name is with a space
my name is with a space and then we'll do plus name
and then we'll do plus name and we'll say
and we'll say space again and I
space again and I m space
m space age
age Plus
Plus space years old make sure you have your
space years old make sure you have your spacing in there properly that way you
spacing in there properly that way you can account for the spaces before and
can account for the spaces before and after these variables but what are we
after these variables but what are we doing here we are concatenating
doing here we are concatenating variables now if I try to run this I'm
variables now if I try to run this I'm actually going to get an error if I run
actually going to get an error if I run it
it we're getting a type error and this is a
we're getting a type error and this is a great example by the way of
great example by the way of understanding what python is telling you
understanding what python is telling you I get emails all the time from students
I get emails all the time from students saying I don't understand why my script
saying I don't understand why my script isn't working and the first thing I'll
isn't working and the first thing I'll ask them is I will say did you read the
ask them is I will say did you read the output of the error because it tells you
output of the error because it tells you it says Hey on line 44 by control tab
it says Hey on line 44 by control tab look this is line 44 it tells you where
look this is line 44 it tells you where your mistake is and then it also says it
your mistake is and then it also says it only concatenate string not int to
only concatenate string not int to string so if you didn't know what this
string so if you didn't know what this meant and maybe you don't you can copy
meant and maybe you don't you can copy this go to Google and search it and I
this go to Google and search it and I promise you somebody will have had this
promise you somebody will have had this error before
error before as much as if we wish to be special uh
as much as if we wish to be special uh there's not in many situations that will
there's not in many situations that will come up where there hasn't been this
come up where there hasn't been this error or an issue that we run into that
error or an issue that we run into that somebody hasn't already had before so
somebody hasn't already had before so with that in mind
with that in mind we can fix this so it's saying that it
we can fix this so it's saying that it can only concatenate strings not
can only concatenate strings not integers well name is a string but age
integers well name is a string but age is an integer so we need to make in this
is an integer so we need to make in this situation age or string so what we're
situation age or string so what we're going to do is just say Str like this
going to do is just say Str like this and give it like that
and give it like that and now if we print this save it print
and now if we print this save it print it
it you can see my name is Heath and I am 33
you can see my name is Heath and I am 33 years old perfect
years old perfect now what happens if I am a year older
now what happens if I am a year older well I could take age and do something
well I could take age and do something like plus equals one
like plus equals one something like that
something like that and if I print age now hopefully
and if I print age now hopefully we are seeing 34. you could see 34. now
we are seeing 34. you could see 34. now this is what comes into play this is a
this is what comes into play this is a variable variables can change
variable variables can change at this point in the script we Define
at this point in the script we Define that we are 33 and as we run through it
that we are 33 and as we run through it I am still 33 when I print this
I am still 33 when I print this statement out however I've had a
statement out however I've had a birthday now age has increased by one
birthday now age has increased by one printing age out now will say that I'm
printing age out now will say that I'm 34.
34. so variables can change variables can
so variables can change variables can store different numbers at different
store different numbers at different times that's why they are called
times that's why they are called variables because they vary now
variables because they vary now we could also do something like birthday
we could also do something like birthday and set birthday equal to one and I
and set birthday equal to one and I could say age plus equals birthday
could say age plus equals birthday and then print days and guess what now
and then print days and guess what now it's going to return
it's going to return 35.
35. so just know that you can store a number
so just know that you can store a number within a variable we've shown that
within a variable we've shown that before already we can add two integers
before already we can add two integers together and we can print them out so
together and we can print them out so we're adding those together and it's
we're adding those together and it's taking that total and adding that to age
taking that total and adding that to age and now
and now it's saying we're 35 years old
it's saying we're 35 years old so that is it for this lesson we're
so that is it for this lesson we're going to go ahead and move on to
going to go ahead and move on to functions and fix this new line issue
functions and fix this new line issue that we've had plus write some pretty
that we've had plus write some pretty cool stuff out and build some other cool
cool stuff out and build some other cool functions out as well so I'll go ahead
functions out as well so I'll go ahead and see you over in the next lesson
and see you over in the next lesson all right moving on to functions so
all right moving on to functions so let's go ahead and print out a new line
let's go ahead and print out a new line really quick
and we're going to call this functions now I like to think of functions as many
now I like to think of functions as many programs what they are is an organized
programs what they are is an organized block of code that you define and then
block of code that you define and then you can call it later instead of
you can call it later instead of repeatedly typing the code out
repeatedly typing the code out so we're going to take a look at some
so we're going to take a look at some examples of that
examples of that so let's go ahead and write a function
so let's go ahead and write a function so let's do a Define Def and that's how
so let's do a Define Def and that's how we start a function and in this one I'm
we start a function and in this one I'm going to say who am I
going to say who am I and I'm going to do closed parentheses
and I'm going to do closed parentheses and here we're going to say
and here we're going to say this is a function without parameters
this is a function without parameters and we'll talk about that here in just a
and we'll talk about that here in just a little bit
little bit now indentation is incredibly important
now indentation is incredibly important in Python if we do not indent we will
in Python if we do not indent we will throw an error here and you're going to
throw an error here and you're going to see a lot of situations where
see a lot of situations where indentation becomes incredibly important
indentation becomes incredibly important it's one of the most important things in
it's one of the most important things in python python does not have a lot of
python python does not have a lot of rules that apply to it but indentation
rules that apply to it but indentation is one of them that you must follow so
is one of them that you must follow so we're going to go ahead and hit the tab
we're going to go ahead and hit the tab to indent and I'm going to say my name
to indent and I'm going to say my name is Heath
and this is what is known as a local variable we'll talk about that here in a
variable we'll talk about that here in a second as well
second as well age is equal to 30.
age is equal to 30. and we're going to go ahead and print
and we're going to go ahead and print same thing we did before we can actually
same thing we did before we can actually just kind of copy this up here we'll say
just kind of copy this up here we'll say my name is
my name is just like this okay copy all that paste
just like this okay copy all that paste it and then
it and then add the closed parentheses there I'll
add the closed parentheses there I'll let you catch up
let you catch up and then we can just call down here
and then we can just call down here who am I
so what's going on in here well we have a function that we're
well we have a function that we're defining we're calling it who am I
defining we're calling it who am I and it has no parameters we'll get into
and it has no parameters we'll get into parameters here in just a second
parameters here in just a second now we're giving it some items within
now we're giving it some items within this in this instance what we're doing
this in this instance what we're doing is we're giving this local variables
is we're giving this local variables we're saying hey
we're saying hey in this instance when we have a variable
in this instance when we have a variable of name it's going to be Heat and the
of name it's going to be Heat and the age is going to be 30.
age is going to be 30. well whatever is stored in here is only
well whatever is stored in here is only stored within the function
stored within the function that's why this is a local variable if
that's why this is a local variable if we print
we print age
age as well we'll see that so we know that
as well we'll see that so we know that age was 35 we called age over here is 30
age was 35 we called age over here is 30 and let's see what happens first of all
and let's see what happens first of all we called our function here we said who
we called our function here we said who am I called that and all it does is run
am I called that and all it does is run our mini program our mini program says
our mini program our mini program says hey I'm going to print out
hey I'm going to print out these variables into this string here
these variables into this string here okay and that's exactly what it did but
okay and that's exactly what it did but when we printed age again you could see
when we printed age again you could see that we're actually still 35 so this
that we're actually still 35 so this variable or the variables that are
variable or the variables that are within a function are local and do not
within a function are local and do not apply outside of the function so make
apply outside of the function so make sure to remember that okay so I'm going
sure to remember that okay so I'm going to delete this print statement we don't
to delete this print statement we don't need it
need it and we're going to write some more
and we're going to write some more functions so let's do one where we add
functions so let's do one where we add some parameters
some parameters so we're going to do add 100
so we're going to do add 100 and we're going to give this a parameter
and we're going to give this a parameter of num n-u-m and that's just going to
of num n-u-m and that's just going to stand for number
stand for number okay we're going to indent make sure we
okay we're going to indent make sure we indent and all we're going to do is
indent and all we're going to do is print num Plus 100.
print num Plus 100. so when we call our function we say add
so when we call our function we say add 100
100 just like last time
just like last time this time we have to actually give it
this time we have to actually give it what is called an argument so our
what is called an argument so our argument goes with our parameter here
argument goes with our parameter here when we're calling it so our argument is
when we're calling it so our argument is going to be a hundred and when we print
going to be a hundred and when we print this out this is going to be 200
this out this is going to be 200 hopefully so we'll save this
hopefully so we'll save this run it
run it you can see that we got 200 because
you can see that we got 200 because we're doing print 100 plus 100. that's
we're doing print 100 plus 100. that's all we're doing is this mini program
all we're doing is this mini program okay let's try another one let's say we
okay let's try another one let's say we want to have multiple parameters
want to have multiple parameters let's do Define
add and we're just going to add X and Y this one's going to be easy we're just
this one's going to be easy we're just going to say print
going to say print X Plus y
X Plus y and now we can add whatever we want so
and now we can add whatever we want so let's add Seven and Seven
let's add Seven and Seven and one will take the place of X the
and one will take the place of X the other one will take the place of Y
other one will take the place of Y X Plus y 7 plus 7 should be 14. let's go
X Plus y 7 plus 7 should be 14. let's go ahead and run that
ahead and run that you'll see we get 14 here beautiful
you'll see we get 14 here beautiful all right let's make it a little bit
all right let's make it a little bit more complicated then
more complicated then all right let's try adding in here
all right let's try adding in here another function this time we're going
another function this time we're going to do multiply we're going to do X and Y
to do multiply we're going to do X and Y again
again and instead of doing a print I want to
and instead of doing a print I want to show you something a little bit
show you something a little bit different let's say we just return
different let's say we just return X
X times y
times y and now in this instance
and now in this instance if we multiply
7 times 7 do we get 49
do we get 49 we don't
we don't okay
okay there's a reason for this this is just
there's a reason for this this is just calling back so when this is saying
calling back so when this is saying return this isn't saying print remember
return this isn't saying print remember this says print this is going to return
this says print this is going to return x times y so we can call this here this
x times y so we can call this here this function and it knows that this function
function and it knows that this function is equal to 49 and perhaps we can put
is equal to 49 and perhaps we can put that into something else like we could
that into something else like we could put that maybe into a variable or
put that maybe into a variable or whatever it is we might want to do with
whatever it is we might want to do with it however if we wanted to return to the
it however if we wanted to return to the screen we actually have to call that so
screen we actually have to call that so sometimes we're going to actually store
sometimes we're going to actually store something instead of printing it we do a
something instead of printing it we do a lot of printing in Python tutorials just
lot of printing in Python tutorials just so that you can see it on the screen and
so that you can see it on the screen and make sure that you're seeing what you're
make sure that you're seeing what you're doing and that everything's printing out
doing and that everything's printing out okay so that's why we're doing this but
okay so that's why we're doing this but please understand that the return option
please understand that the return option does exist and is used quite frequently
does exist and is used quite frequently so I'm going to save this
so I'm going to save this and run this you can see now that we get
and run this you can see now that we get 49. perfect
49. perfect okay two more
okay two more let's say we want to do a square root
let's say we want to do a square root okay so let's define square root
okay so let's define square root and we're just going to give it one
and we're just going to give it one parameter
parameter and in this instance we're going to
and in this instance we're going to print out the square root so we're going
print out the square root so we're going to take X
to take X and a square root an exponent format is
and a square root an exponent format is just to
just to the power of 0.5
the power of 0.5 that's all we're doing and we can test
that's all we're doing and we can test that theory by doing something like
that theory by doing something like square root
square root of 64.
which we should return as 8 because 8 times 8 is 64. so if we save that
times 8 is 64. so if we save that come in here print it and you can see we
come in here print it and you can see we get a float of 8.0
get a float of 8.0 now I told you we would create our own
now I told you we would create our own function for a new line and we're going
function for a new line and we're going to do just that
to do just that let's go ahead and Define new line
let's go ahead and Define new line and we could call this like new line if
and we could call this like new line if we wanted to or whatever but I think to
we wanted to or whatever but I think to make it simple as long as we understand
make it simple as long as we understand what it is we can make comments and
what it is we can make comments and notes in here if we wanted to we could
notes in here if we wanted to we could just say defined NL
just say defined NL and then we can just say that when we do
and then we can just say that when we do that we're just going to print out
our n for our new line and then we call a new line we'll get
and then we call a new line we'll get one very simple so we can just even say
one very simple so we can just even say in here
in here new line okay so now we know and we save
new line okay so now we know and we save that and we can print it
that and we can print it you'll see it
you'll see it it's here but we really don't have
it's here but we really don't have anything after it to really show it but
anything after it to really show it but we do have that space there
we do have that space there so that is it for this lesson I'll go
so that is it for this lesson I'll go ahead and see you over in the next one
ahead and see you over in the next one next up we're going to learn about
next up we're going to learn about Boolean expressions and also relational
Boolean expressions and also relational and Boolean operators
and Boolean operators so let's go ahead and type in here
so let's go ahead and type in here Boolean expressions
Boolean expressions and when we think of these we can just
and when we think of these we can just think that this as true or false
think that this as true or false that's really what it is
that's really what it is so from here let's do a few variables so
so from here let's do a few variables so we could set Bowl one equal to true
we could set Bowl one equal to true we're just going to say hey this
we're just going to say hey this variable is true
variable is true bull 2 we could set equal to three times
bull 2 we could set equal to three times three
three is equal to 9. so the double equals
is equal to 9. so the double equals means that something is equal to
means that something is equal to something so we have three times three
something so we have three times three that's nine equal equal that means that
that's nine equal equal that means that equals nine do not confuse that with
equals nine do not confuse that with setting up your variable this is saying
setting up your variable this is saying hey my variable is equal to this but
hey my variable is equal to this but this is saying this is equal to this
this is saying this is equal to this number okay and that is a true statement
number okay and that is a true statement we could also say Bool 3 and make that
we could also say Bool 3 and make that false
false or we can give it a statement that makes
or we can give it a statement that makes it false so something like 3 times 3
it false so something like 3 times 3 does not equal nine exclamation equals
does not equal nine exclamation equals means does not equal nine
means does not equal nine now if we print it out
now if we print it out bull one bull two bull three ample four
bull one bull two bull three ample four just like that
just like that and save it
and save it and if we come
and if we come in here you'll see that it says true
in here you'll see that it says true true false false
true false false again Boolean Expressions is something
again Boolean Expressions is something true is something false
true is something false why do we need to know this well we need
why do we need to know this well we need to know if something is true
to know if something is true then we might want to continue on or if
then we might want to continue on or if something is false we might want to do
something is false we might want to do something and we'll get into that when
something and we'll get into that when we get into conditional statements like
we get into conditional statements like if something is true then go ahead and
if something is true then go ahead and do this if something is false do this or
do this if something is false do this or there's something called while Loops
there's something called while Loops which will allow us to continue as long
which will allow us to continue as long as something is true we're going to get
as something is true we're going to get there when we get to conditional
there when we get to conditional statements as well or looping I should
statements as well or looping I should say and we'll talk about that but that
say and we'll talk about that but that is why we might want to know these
is why we might want to know these things among other stuff we might want
things among other stuff we might want to know if something's true or set that
to know if something's true or set that parameter or that variable to True until
parameter or that variable to True until it becomes false
it becomes false etc etc so right now just understand
etc etc so right now just understand that Boolean expressions are true or
that Boolean expressions are true or false and we're going to come in here
false and we're going to come in here and we're going to print
and we're going to print and we're going to say type
and we're going to say type and we're going to do Bowl One
and we're going to do Bowl One okay and this will tell us now this is a
okay and this will tell us now this is a nice thing so if we come in here and say
nice thing so if we come in here and say type it'll give us the class this class
type it'll give us the class this class is Boolean awesome and another example
is Boolean awesome and another example of that is if we say like Rule 5 is
of that is if we say like Rule 5 is equal to true and we print the type so
equal to true and we print the type so if you see true and you're like I wonder
if you see true and you're like I wonder what that is is that Boolean or is it
what that is is that Boolean or is it actually just a string we come in here
actually just a string we come in here and say pull five let's save that
and say pull five let's save that save that there and then you should see
save that there and then you should see that that class is actually a string
that that class is actually a string here so you can check with the type to
here so you can check with the type to see what is this okay so the type
see what is this okay so the type feature is very nice and we can see that
feature is very nice and we can see that we are dealing with a Boolean here and
we are dealing with a Boolean here and this one is actually a straight so
this one is actually a straight so please note that if you put it in
please note that if you put it in quotations that makes the string
quotations that makes the string you leave it like this that makes it a
you leave it like this that makes it a Boolean expression
Boolean expression let's go ahead and make a new line
let's go ahead and make a new line and we're going to talk about
and we're going to talk about relational
relational and Boolean operators
okay so we can think of that as let's make a
so we can think of that as let's make a variable here we say
variable here we say greater than
we say 7 is greater than 5. well that would be true
would be true and we are using an operator here so the
and we are using an operator here so the operator is the greater than sign
operator is the greater than sign we're also using a Boolean expression
we're also using a Boolean expression because it's going to result in a true
because it's going to result in a true return if we were to print that out
return if we were to print that out now we can do a few other things we can
now we can do a few other things we can say like less than
say like less than is equal to 5 is less than seven we can
is equal to 5 is less than seven we can do greater than
do greater than or equal to
or equal to which would be 7 is greater than or
which would be 7 is greater than or equal to seven that's true
equal to seven that's true we can also do less than or equal to
we can also do less than or equal to and in that case we can do 7 is less
and in that case we can do 7 is less than or equal to seven which is also
than or equal to seven which is also true
true so all of these statements here are true
so all of these statements here are true now we can get into some other type of
now we can get into some other type of operators and statements here what if we
operators and statements here what if we did
did and so let's just call this test and
and so let's just call this test and we're going to do test and
we're going to do test and we say 7 is greater than five well
we say 7 is greater than five well that's true
that's true and
and 5 is less than seven that's also true
5 is less than seven that's also true both statements are true thus this is
both statements are true thus this is true
true do another one
do another one test and two
test and two and for some students this does take a
and for some students this does take a little bit to get your head wrapped
little bit to get your head wrapped around I'm going to provide a table for
around I'm going to provide a table for you here just in a second but just
you here just in a second but just follow along and I'll explain this as we
follow along and I'll explain this as we go let's say we have 7 is greater than
go let's say we have 7 is greater than five
five and
and five is greater than seven
five is greater than seven all right let me fix that syntax five is
all right let me fix that syntax five is greater than seven this now becomes
greater than seven this now becomes false
false why well seven is greater than five
why well seven is greater than five and 5 is greater than seven that's not
and 5 is greater than seven that's not true so because it's not true because
true so because it's not true because all statements are not true
all statements are not true this becomes false
this becomes false there's an alternative to this what if
there's an alternative to this what if we had an or we said or so 7 is greater
we had an or we said or so 7 is greater than 5 or
than 5 or 5 is less than seven well both
5 is less than seven well both statements are true thus this is true
statements are true thus this is true but we can have the same situation as
but we can have the same situation as before where we have 7 is greater than 5
before where we have 7 is greater than 5 or 5 is greater than seven and guess
or 5 is greater than seven and guess what this statement is actually true
what this statement is actually true because all we need is one condition to
because all we need is one condition to be true for this to be true so in this
be true for this to be true so in this situation this is true
situation this is true or if this is true then the whole thing
or if this is true then the whole thing becomes true
becomes true so just because this is false this would
so just because this is false this would also have to be false for this to be
also have to be false for this to be false
false hopefully that makes sense one other
hopefully that makes sense one other thing here before I show you the cool
thing here before I show you the cool little table is we could do test not so
little table is we could do test not so if we said something was not true
if we said something was not true guess what that becomes false
guess what that becomes false same thing if we said it was not false
same thing if we said it was not false then it's true not is just the opposite
then it's true not is just the opposite so not true in this situation is false
so not true in this situation is false now if we go out to the internet
now if we go out to the internet and we go to Google
and we go to Google we could come in here and we can just
we could come in here and we can just search something like python truth table
search something like python truth table and if we go to images we should be able
and if we go to images we should be able to find one that works out pretty well
to find one that works out pretty well in our favor here's a good example right
in our favor here's a good example right here
here so if you ever take a coding class you
so if you ever take a coding class you might be quizzed on this
might be quizzed on this this will tell you truth tables right
this will tell you truth tables right here so if it's not false it's true it's
here so if it's not false it's true it's not true it's false we can look at or
not true it's false we can look at or statements so true or false is true the
statements so true or false is true the only situation and or statement becomes
only situation and or statement becomes false is when both are false now the and
false is when both are false now the and we looked at that if it's true and false
we looked at that if it's true and false it's false if it's false and true or
it's false if it's false and true or false and false it's still False only
false and false it's still False only situation for and where it can be true
situation for and where it can be true is when both are true there's also not
is when both are true there's also not or not and
or not and there is does not equal or equals so
there is does not equal or equals so it's good to know these types of Truth
it's good to know these types of Truth tables and you can come and just again
tables and you can come and just again Google python truth table and come look
Google python truth table and come look at this pretty straightforward once you
at this pretty straightforward once you get the hang of it but it's completely
get the hang of it but it's completely okay for right now for it to be
okay for right now for it to be confusing just wanted you to know that
confusing just wanted you to know that these are out there and exist in case
these are out there and exist in case you are a little bit confused by this
you are a little bit confused by this lesson
lesson so we're going to go ahead and move on
so we're going to go ahead and move on to the next lesson which is going to
to the next lesson which is going to cover conditional statements
cover conditional statements okay we'll come in here we'll do a new
okay we'll come in here we'll do a new line
line and we'll just say conditional
and we'll just say conditional statements
statements and we can think of this as if then
and we can think of this as if then or if then else or if else either way
or if then else or if else either way you want to write this this is fine
you want to write this this is fine so think about this
so think about this if you go to the store and you want to
if you go to the store and you want to buy a drink and that drink is two
buy a drink and that drink is two dollars
dollars if you have two dollars or more you can
if you have two dollars or more you can buy the drink
buy the drink if you do not have two dollars you will
if you do not have two dollars you will not be able to buy the drink
not be able to buy the drink so let's take a look at that
so let's take a look at that so if we write a function and we call it
so if we write a function and we call it Define drink
Define drink and we give it a parameter of money we
and we give it a parameter of money we come in here and we say if
come in here and we say if money
money is greater than or equal to two
is greater than or equal to two then we're going to return
then we're going to return look at the indentation again
look at the indentation again we need an indent here after our
we need an indent here after our function and we need an indent after our
function and we need an indent after our if statement so make sure you're
if statement so make sure you're indenting correctly
indenting correctly return you
return you got yourself a drink
got yourself a drink and here we come back we can say else
and here we come back we can say else we're going to return
kind of like Seinfeld no soup for you all right so if we come in here and we
all right so if we come in here and we print drink
print drink of three meaning we had three dollars at
of three meaning we had three dollars at the time and we print drink of one
the time and we print drink of one meaning we had one dollar at the time
meaning we had one dollar at the time we're gonna have two different results
we're gonna have two different results if we have two or more dollars we're
if we have two or more dollars we're going to return you've got yourself a
going to return you've got yourself a drink otherwise if we have less than two
drink otherwise if we have less than two dollars we're gonna say no drink for you
dollars we're gonna say no drink for you let's save that
you've got yourself a drink when we print out three dollars because we had
print out three dollars because we had enough money here you can see with one
enough money here you can see with one dollar we did not have enough money thus
dollar we did not have enough money thus no drink or us
no drink or us okay let's take a look at a little bit
okay let's take a look at a little bit more of a complicated one we're gonna
more of a complicated one we're gonna come in here we're gonna say Define now
come in here we're gonna say Define now I'm going to make this alcoholic
I'm going to make this alcoholic beverages if you do not drink that's
beverages if you do not drink that's okay you can just follow along still you
okay you can just follow along still you can change it into whatever you want to
can change it into whatever you want to be I think this is a good example
be I think this is a good example because we have a couple parameters and
because we have a couple parameters and we can use those to make different sort
we can use those to make different sort of conditional statements so let's
of conditional statements so let's define alcohol
define alcohol now in the United States
now in the United States we have two things that we need in order
we have two things that we need in order to purchase alcohol one we have to be
to purchase alcohol one we have to be old enough
old enough we also have to have enough money
we also have to have enough money similar to the drink before that was
similar to the drink before that was non-alcoholic we assume
non-alcoholic we assume well we have to actually be old enough
well we have to actually be old enough to purchase the strength in the United
to purchase the strength in the United States you have to be 21. so if
our age is greater than or equal to 21. they put a space here by the way sorry
and look the and is coming into play money
look the and is coming into play money is greater than or equal to five
we're getting a drink all right
all right now we're gonna say else if
now we're gonna say else if because there's a few situations that we
because there's a few situations that we can be in there's actually four
can be in there's actually four situations here so we're going to say
situations here so we're going to say e-l-i-f which stands for else if
e-l-i-f which stands for else if what happens if our age is greater than
what happens if our age is greater than or equal to 21
or equal to 21 and we don't have enough money so we say
and we don't have enough money so we say money is less than five
money is less than five well in that situation we're going to
well in that situation we're going to return
return come back with more money
okay and then what if we have another situation where we say
situation where we say age is less than 21.
age is less than 21. and we actually have money
and we actually have money we're just an underage person trying to
we're just an underage person trying to buy a drink and we say five dollars
buy a drink and we say five dollars well we're gonna return
nice try kid and then lastly if we have no monies and
and then lastly if we have no monies and we're not old enough well then we can
we're not old enough well then we can just return something like your
just return something like your too young
too young and two poor
and two poor yay and then let's try these out so
yay and then let's try these out so we've got these different situations
we've got these different situations here again if we have our age and money
here again if we have our age and money we meet both criteria we're getting a
we meet both criteria we're getting a drink
drink otherwise if we meet the age but no
otherwise if we meet the age but no money let's come back with more money we
money let's come back with more money we don't meet the age but we have the money
don't meet the age but we have the money nice try kid and then lastly if you
nice try kid and then lastly if you don't have the money and you're not old
don't have the money and you're not old enough you're gonna be too young and too
enough you're gonna be too young and too poor so we're gonna print out a few
poor so we're gonna print out a few different
different statements here of this function so
statements here of this function so let's give it 21 and 5.
let's give it 21 and 5. we'll print alcohol again of 21 and 4.
we'll print alcohol again of 21 and 4. friends alcohol of 20 and 5.
friends alcohol of 20 and 5. and these should all meet different
and these should all meet different criteria alcohol of 20 and 4.
criteria alcohol of 20 and 4. so we should expect to get these in
so we should expect to get these in order we meet what we need here we don't
order we meet what we need here we don't we don't we don't different criteria for
we don't we don't different criteria for each of these we'll save this go ahead
each of these we'll save this go ahead and run this
and you can see it says no drink for you actually that's the last one uh we're
actually that's the last one uh we're getting a drink come back with more
getting a drink come back with more money nice try kid and you're too young
money nice try kid and you're too young and too poor
and too poor so you can see that we can make
so you can see that we can make conditional statements based on
conditional statements based on everything that we're starting to put
everything that we're starting to put together here we have now used a
together here we have now used a function we've used multiple parameters
function we've used multiple parameters we've used the conditional statement
we've used the conditional statement we've used relational operators
we've used relational operators okay we've got the Boolean right this is
okay we've got the Boolean right this is true and true we're returning something
true and true we're returning something this is
this is true and true in this situation then
true and true in this situation then we're going to return something else so
we're going to return something else so we have different situations that can
we have different situations that can come back
come back so we need to meet those criteria and
so we need to meet those criteria and we're starting to use that look we're
we're starting to use that look we're using the return instead of the print
using the return instead of the print feature there's a bunch of different
feature there's a bunch of different things that we're doing here that's all
things that we're doing here that's all starting to tie in and hopefully that's
starting to tie in and hopefully that's starting to make sense why we do things
starting to make sense why we do things we're starting to build upon it and it's
we're starting to build upon it and it's starting to get a little bit more fun
starting to get a little bit more fun so from here we're going to go ahead and
so from here we're going to go ahead and move on to lists and move on with our
move on to lists and move on with our journey into python so I'll see you in
journey into python so I'll see you in the next lesson
the next lesson let's move on to lists so let's go ahead
let's move on to lists so let's go ahead and do our new line
and do our new line and we'll call it lists
and we'll call it lists and the best way to think of lists in my
and the best way to think of lists in my opinion is that they have brackets
opinion is that they have brackets something like this
something like this now lists are data structures they are
now lists are data structures they are changeable we can reorder them they are
changeable we can reorder them they are basically just a group of elements
basically just a group of elements now everything within a list is called
now everything within a list is called an item and as I mentioned the best way
an item and as I mentioned the best way to think about lists is that they have
to think about lists is that they have brackets just like a string might have
brackets just like a string might have quotes around it lists will have
quotes around it lists will have brackets around it
brackets around it now again we need to remember these are
now again we need to remember these are changeable we'll talk about something
changeable we'll talk about something here in a little bit that is not
here in a little bit that is not changeable which is called the Tuple now
changeable which is called the Tuple now here
here let's go ahead and declare a list we're
let's go ahead and declare a list we're going to say movies and I'm just going
going to say movies and I'm just going to list out some movies that I like
to list out some movies that I like and we can do a bracket and I can say
and we can do a bracket and I can say when Harry
when Harry Met Sally we'll just give these as
Met Sally we'll just give these as strings
strings I like The Hangover
I like The Hangover and I like
and I like The Perks of Being a Wallflower now you
The Perks of Being a Wallflower now you can add whatever you like here and my
can add whatever you like here and my hangover here by the way that I have to
hangover here by the way that I have to hang over here my hangover on the line
hang over here my hangover on the line here is just because my notepad here is
here is just because my notepad here is not wide enough if I made it wider it
not wide enough if I made it wider it would actually just continue on so a
would actually just continue on so a don't confuse this if I hit enter you'll
don't confuse this if I hit enter you'll see it goes to 148 so my wrapping does
see it goes to 148 so my wrapping does not mean I went into a new line
not mean I went into a new line and lastly we'll just say The Exorcist
and we'll close the list off with a close bracket
close bracket so if I wanted to print
so if I wanted to print the first movie in the list
the first movie in the list I wanted to print When Harry Met Sally
I wanted to print When Harry Met Sally I come in here and I print movies and I
I come in here and I print movies and I wanted to say one do we think that would
wanted to say one do we think that would print the first item in the list go
print the first item in the list go ahead and hit save print
ahead and hit save print and you're going to see that it actually
and you're going to see that it actually prints The Hangover so what am I doing
prints The Hangover so what am I doing here I am calling an index
here I am calling an index and our index actually starts with the
and our index actually starts with the number zero so when we look at an index
number zero so when we look at an index we need to think of it as 0 1 2 3.
we need to think of it as 0 1 2 3. always count starting with zero not one
always count starting with zero not one otherwise you can return the wrong
otherwise you can return the wrong numbers and this can get very confusing
numbers and this can get very confusing let's make sure we add no to this
let's make sure we add no to this Returns the second
Returns the second item in the list okay we're looking at
item in the list okay we're looking at the second item with the index of one if
the second item with the index of one if we printed
we printed for example movies and we gave it zero
for example movies and we gave it zero then we would see that this will return
then we would see that this will return the first item in the list
the first item in the list okay we'll save that take a look real
okay we'll save that take a look real quick
quick you could see that the first item is
you could see that the first item is When Harry Met Sally and that's exactly
When Harry Met Sally and that's exactly what we're getting returned which is
what we're getting returned which is what we want
what we want now let's look at a few tricks to
now let's look at a few tricks to splicing an index or indices uh we can
splicing an index or indices uh we can say something like print movies and if
say something like print movies and if we printed movies one to three what
we printed movies one to three what would happen here
would happen here well what's gonna happen is it's going
well what's gonna happen is it's going to return
to return the first
the first item given
item given so this is going to be index number one
so this is going to be index number one which is item two so first I should say
which is item two so first I should say first index number given
first index number given right until
right until the last number given it's not going to
the last number given it's not going to include the last number
include the last number well let's even say but not include the
well let's even say but not include the last number
last number so
so no it's a lot it's just printed out take
no it's a lot it's just printed out take a look so one to three will print The
a look so one to three will print The Hangover starting at one and The Perks
Hangover starting at one and The Perks of Being a Wallflower which is two it
of Being a Wallflower which is two it will not print three
will not print three okay so make sure you understand if you
okay so make sure you understand if you go one to three you're only going to
go one to three you're only going to include two items three items
include two items three items now you can also do one to four which
now you can also do one to four which would print all of those
would print all of those if you wanted to print everything from
if you wanted to print everything from the beginning of a number so say we've
the beginning of a number so say we've wanted to print movies one and we wanted
wanted to print movies one and we wanted to go all the way to the end we could
to go all the way to the end we could just do something like this
just do something like this so you can start from a certain point in
so you can start from a certain point in index print The Hangover versus Being a
index print The Hangover versus Being a Wallflower The Exorcist and we're
Wallflower The Exorcist and we're skipping When Harry Met Sally because
skipping When Harry Met Sally because we're not stirring at zero
we're not stirring at zero okay
okay we could also do in the opposite of that
we could also do in the opposite of that movies
movies and remember if we go to one it's not
and remember if we go to one it's not going to include one it's only going to
going to include one it's only going to include
include the first item here everything before so
the first item here everything before so When Harry Met Sally everything up until
When Harry Met Sally everything up until this point is another way to think about
this point is another way to think about it
it okay so we wanted to print two items
okay so we wanted to print two items we'd actually have to add a second or
we'd actually have to add a second or put the number two here and that would
put the number two here and that would include The Hangover that's what we
include The Hangover that's what we wanted to do
wanted to do now another thing that we can do is if
now another thing that we can do is if we wanted to print the very last item
we wanted to print the very last item we could do a movies
we could do a movies negative one and you don't need to
negative one and you don't need to commit All This to Memory right now
commit All This to Memory right now especially if you're not working with
especially if you're not working with lists but if you ever do work with lists
lists but if you ever do work with lists you need to pull specific items down
you need to pull specific items down from the list this becomes very
from the list this becomes very important so important to know that
important so important to know that indexes or indices exist you start at
indexes or indices exist you start at zero and then you move forward and then
zero and then you move forward and then the way that you can spice these just
the way that you can spice these just depends on how you call these now this
depends on how you call these now this will return last item in list we save
will return last item in list we save that
that take a look
take a look you'll see It'll return The Exorcist
you'll see It'll return The Exorcist here
here now we can apply methods to lists just
now we can apply methods to lists just like printing length of movies
like printing length of movies we'll print count the items in the list
we'll print count the items in the list right and the list and we'll save that
right and the list and we'll save that just take a quick look
I never close this sorry so you can see it tells you your mistakes and even I
it tells you your mistakes and even I make mistakes come in here try it again
make mistakes come in here try it again you can see that we have four items
you can see that we have four items within our list
within our list all right so and that is true we have
all right so and that is true we have four items in the list
four items in the list we can also
we can also add to the list so we can use something
add to the list so we can use something like movies dot append we'll add to
like movies dot append we'll add to lists and if we wanted to add the movie
lists and if we wanted to add the movie Jaws we could
Jaws we could and if we printed movies you'll see
and if we printed movies you'll see that this appends to the end of the list
that this appends to the end of the list let's go ahead and save that
and you'll see now that Jaws is here at the end
the end now we could also insert a movie into
now we could also insert a movie into the list so if we did movies dot insert
the list so if we did movies dot insert and we wanted to put in a specific spot
and we wanted to put in a specific spot so say we want to put it in index two we
so say we want to put it in index two we could say two and then we could give it
could say two and then we could give it a movie Hustle the movie I just watched
a movie Hustle the movie I just watched recently and really liked and we can
recently and really liked and we can come in here and print movies now we
come in here and print movies now we save that
save that you can see that we can actually insert
you can see that we can actually insert hustle here into position two on the
hustle here into position two on the index so pretty neat
index so pretty neat now we can also remove movies we did
now we can also remove movies we did movies.pop
movies.pop come in here and that will remove
so if we come in here add a print statement
come in here add a print statement really quick save that and then print
really quick save that and then print this out
this out you'll see that Jaws is now gone
we can also specify specific spots we want to remove so if we want to remove
want to remove so if we want to remove index 0 we could and then this will
index 0 we could and then this will remove
remove the first item
the first item print movies
print movies save
save go ahead
go ahead and When Harry Met Sally is now gone
and When Harry Met Sally is now gone from our list
from our list we can also combine two lists so if we
we can also combine two lists so if we come in here and let's say that my wife
come in here and let's say that my wife has favorite movies and she definitely
has favorite movies and she definitely does
does and we'll just go with a couple of her
and we'll just go with a couple of her favorite movies she likes
favorite movies she likes Just Go With It
Just Go With It and she also likes 50 First Dates
and she also likes 50 First Dates come in here and close that off well we
come in here and close that off well we can combine movies let's say we wanted
can combine movies let's say we wanted to know our favorite movies
to know our favorite movies what we can do we can combine lists I
what we can do we can combine lists I should say come in here and I could say
should say come in here and I could say I want to add movies plus
I want to add movies plus Amber movies
Amber movies and I can print
and I can print our favorite
our favorite movies and then I have now combined
movies and then I have now combined lists let's go ahead and take a look at
lists let's go ahead and take a look at that hopefully I did it right
that hopefully I did it right and you can see now the hangover hustle
and you can see now the hangover hustle perks a big Wildfire Exorcist just go
perks a big Wildfire Exorcist just go with the 50 First Dates you could also
with the 50 First Dates you could also just come in here if you copied this by
just come in here if you copied this by the way
the way and just pasted this you don't have to
and just pasted this you don't have to put it into a variable you could totally
put it into a variable you could totally do it like that but I think storing in
do it like that but I think storing in variables is a better practice so I'm
variables is a better practice so I'm going to go ahead and just Ctrl Z here
going to go ahead and just Ctrl Z here and
and one more thing so we can also have what
one more thing so we can also have what are called 2D lists
are called 2D lists so two dimensional lists so let's say
so two dimensional lists so let's say for example we have grades
for example we have grades and we have a list of grades and we're
and we have a list of grades and we're going to say that
going to say that inside this list we have Bob and his
inside this list we have Bob and his grade is an 82.
grade is an 82. and then we have
and then we have Alice
and she has a 90.
a 90. okay and then we've got Jeff
okay and then we've got Jeff 's not doing so hot Jeff's got a 73.
's not doing so hot Jeff's got a 73. okay
okay and let's say we wanted to pull down
and let's say we wanted to pull down Bob's grade we could make a variable
Bob's grade we could make a variable like it's called Bob's grade
like it's called Bob's grade and we could set that to grades and then
and we could set that to grades and then do something like zero one like this and
do something like zero one like this and what are we doing here well we're saying
what are we doing here well we're saying I want to pull from the first index
I want to pull from the first index okay index one or zero right
okay index one or zero right first index 0 1 2 so I'm pulling from
first index 0 1 2 so I'm pulling from zero
zero and within that I want to pull the
and within that I want to pull the second item which is this zero one so we
second item which is this zero one so we have a two dimensional index here and if
have a two dimensional index here and if we went ahead and printed
we went ahead and printed Bob's grade you can see now we save this
we get an 82. well that's correct what if we screwed
well that's correct what if we screwed up Bob's grade and we wanted to fix it
up Bob's grade and we wanted to fix it well we could also do something like
well we could also do something like grades 0 1 just kind of like we called
grades 0 1 just kind of like we called and we could just set it equal to 83
and we could just set it equal to 83 maybe it wasn't 83.
maybe it wasn't 83. okay we come in here and we print out
okay we come in here and we print out grades
grades you should see that this has changed so
you should see that this has changed so let's go ahead and print this you can
let's go ahead and print this you can see now Bob has an 83. so we can modify
see now Bob has an 83. so we can modify our 2D lists as well
our 2D lists as well so that is it for list remember lists
so that is it for list remember lists have brackets lists are data structures
have brackets lists are data structures we can change lists as you saw we were
we can change lists as you saw we were able to append pop insert remove okay we
able to append pop insert remove okay we can modify many different ways we're
can modify many different ways we're going to move on here in a second to
going to move on here in a second to what are called tuples and tuples cannot
what are called tuples and tuples cannot be changed even though they look very
be changed even though they look very much like lists they are different so
much like lists they are different so I'll go ahead and see you over in the
I'll go ahead and see you over in the next lesson when we cover duples
next lesson when we cover duples okay let's talk about tuples very
okay let's talk about tuples very quickly and then we're gonna move on so
quickly and then we're gonna move on so do a new line
do a new line say tuples
say tuples and these are like lists but they do not
and these are like lists but they do not change we'll say do not change
change we'll say do not change and then they get parentheses as opposed
and then they get parentheses as opposed to getting brackets
to getting brackets okay so we might want to have something
okay so we might want to have something that doesn't change and when something
that doesn't change and when something can't change we say that they are not
can't change we say that they are not mutable
mutable m-u-t-a-b-l-e they're not mutable so
m-u-t-a-b-l-e they're not mutable so that means that they're immutable and
that means that they're immutable and tuples are immutable meaning we can't
tuples are immutable meaning we can't change them so we think of list list
change them so we think of list list mutable tuples not mutable or immutable
mutable tuples not mutable or immutable so if we have a tuple of grades we can
so if we have a tuple of grades we can say something like grades are equal to a
say something like grades are equal to a b
b see this is the American grading system
see this is the American grading system d
d and F
and F coming here if we did something like
coming here if we did something like grades.pop like we saw before
grades.pop like we saw before or grades dot append something like that
or grades dot append something like that neither of these are not going to work
neither of these are not going to work or neither of these will work I should
or neither of these will work I should say proper English what's going to
say proper English what's going to happen is they're not mutable we can't
happen is they're not mutable we can't change them once we have this and we
change them once we have this and we store it it does not change so if we
store it it does not change so if we want something that is like a list but
want something that is like a list but we don't want it to change it's better
we don't want it to change it's better to use a tuple we can set something in
to use a tuple we can set something in stone like our grade letterings and then
stone like our grade letterings and then we can call those when we need to we can
we can call those when we need to we can just say something like print grades
just say something like print grades and give it a one
and give it a one and save it and we should get a B back
and save it and we should get a B back okay and we get a B back so that's it
okay and we get a B back so that's it just know the difference between tuples
just know the difference between tuples and lists and that tuples do not change
and lists and that tuples do not change but they are very similar in how they
but they are very similar in how they can function and there are pros and cons
can function and there are pros and cons to each of those
to each of those so we're gonna go ahead and move on to
so we're gonna go ahead and move on to the next lesson which is going to be
the next lesson which is going to be looping
looping okay so let's come in here make a new
okay so let's come in here make a new line
line and we're going to call this looping
and we're going to call this looping so we're going to talk about two
so we're going to talk about two different types of Loops the first type
different types of Loops the first type of loop that we're going to talk about
of loop that we're going to talk about is what's called a for Loop
is what's called a for Loop and four Loops are start to finish of an
and four Loops are start to finish of an iterate
iterate and here's what a loop looks like and
and here's what a loop looks like and we'll take a look so let's go ahead and
we'll take a look so let's go ahead and get a list we're going to say vegetables
get a list we're going to say vegetables and you can put whatever vegetables you
and you can put whatever vegetables you want in here I'm going to go with a
want in here I'm going to go with a cucumber
cucumber I'll do some spinach
I'll do some spinach and then we'll do some cabbage as well
and then we'll do some cabbage as well and now what we're gonna do is we're
and now what we're gonna do is we're gonna come in here and we're going to
gonna come in here and we're going to write a four Loop we're going to say 4 x
write a four Loop we're going to say 4 x and x could be whatever you want it to
and x could be whatever you want it to be you could say for veggies
be you could say for veggies it could be whatever you want to call it
it could be whatever you want to call it in this instance I'm just going to call
in this instance I'm just going to call it X
it X in vegetables
in vegetables the 4X in this list
the 4X in this list we're going to go ahead and print out
we're going to go ahead and print out so what do you think this is going to do
so what do you think this is going to do all this is going to do is just Loop
all this is going to do is just Loop through the iterates start to finish up
through the iterates start to finish up and iterate so it's going to say
and iterate so it's going to say cucumber spinach cabbage go ahead and
cucumber spinach cabbage go ahead and give it a go save it print it
give it a go save it print it cucumber spinach cabbage all we did was
cucumber spinach cabbage all we did was go through a list iterate through it
go through a list iterate through it until we reached the end of the list and
until we reached the end of the list and then it stopped so that is a for Loop
then it stopped so that is a for Loop another good example of a loop if you
another good example of a loop if you want to think about it might be trying
want to think about it might be trying to Ping an IEP address like a 192 168
to Ping an IEP address like a 192 168 1.1 or maybe you have 1.x maybe there's
1.1 or maybe you have 1.x maybe there's a whole slew of ips that you want to
a whole slew of ips that you want to Ping maybe it's one through 254. okay if
Ping maybe it's one through 254. okay if you wanted to Ping all of those you
you wanted to Ping all of those you might want to do something like a 4X in
might want to do something like a 4X in IP and where IP is just equal to like a
IP and where IP is just equal to like a sequence like say IP is like a sequence
sequence like say IP is like a sequence of one to 254 and don't worry about this
of one to 254 and don't worry about this I'm just logically writing this out so
I'm just logically writing this out so if you say IPS 1 to 254 for x and IEP
if you say IPS 1 to 254 for x and IEP and then you want to do something you
and then you want to do something you might want to like Ping
192.168.1.x and then X will be one then two then three then four okay so you
two then three then four okay so you could write something like this for a
could write something like this for a pink sweeper again it's the start to
pink sweeper again it's the start to finish of an iterate one through two
finish of an iterate one through two fifty four with a stop at 254 when the
fifty four with a stop at 254 when the iterate is done now another example of
iterate is done now another example of this or another example of a loop is
this or another example of a loop is what we call a while loop let me say
what we call a while loop let me say wall loops
wall loops these execute as long
these execute as long as true
as true I should probably capitalize true so
I should probably capitalize true so that way it makes sense that we're
that way it makes sense that we're talking booleans so let's think about
talking booleans so let's think about this situation what about we set I equal
this situation what about we set I equal to one so we've got a variable of I
to one so we've got a variable of I equal to one
equal to one while I is less than 10.
while I is less than 10. we're going to go ahead and print out I
we're going to go ahead and print out I and then we're going to say I Plus
and then we're going to say I Plus equals 1.
equals 1. so what's going to happen
so what's going to happen well while I is less than 10
well while I is less than 10 . so right now I is equal to 1 1 is less
. so right now I is equal to 1 1 is less than 10 that is true we're going to go
than 10 that is true we're going to go ahead and print I increase the value of
ahead and print I increase the value of I by 1. so the next time it Loops
I by 1. so the next time it Loops through it's going to be 2 and it's
through it's going to be 2 and it's going to continue on until this is no
going to continue on until this is no longer true so if we save this this
longer true so if we save this this should print out one through nine
should print out one through nine because we're not looking for 10 just
because we're not looking for 10 just one through nine so we're going to say
one through nine so we're going to say that hit enter one two three four five
that hit enter one two three four five six seven eight nine and it looks like
six seven eight nine and it looks like the loop actually did its job so again
the loop actually did its job so again we have two types of Loops all we need
we have two types of Loops all we need to know about right now is we have a
to know about right now is we have a start to finish of an iterate that's the
start to finish of an iterate that's the for Loop a little while loop executes as
for Loop a little while loop executes as long as true we may see these later on
long as true we may see these later on as we do our project work so keep these
as we do our project work so keep these in mind as we go on through the course
in mind as we go on through the course so from here we're going to go ahead and
so from here we're going to go ahead and move on to Advanced strings so I'll see
move on to Advanced strings so I'll see you over in the next lesson
you over in the next lesson okay let's take a look at some Advanced
okay let's take a look at some Advanced strings so if we come in here
strings so if we come in here again we do a new line
again we do a new line go ahead and enter Advanced strings
go ahead and enter Advanced strings and let's create a variable of my name
and let's create a variable of my name I'm going to say my name is Heath
I'm going to say my name is Heath now let's say we wanted to print
now let's say we wanted to print my name and we wanted to grab the first
my name and we wanted to grab the first letter of my name how do you think we
letter of my name how do you think we might do that
might do that well if you're saying index of 0 you are
well if you're saying index of 0 you are absolutely correct
absolutely correct and we can say in here first letter
and we can say in here first letter what about printing the last letter of
what about printing the last letter of my name
my name well if you say negative one you have
well if you say negative one you have remembered your index lessons great job
remembered your index lessons great job that's going to be the last letter
that's going to be the last letter we can save this and we can go ahead and
we can save this and we can go ahead and print
and if I made this a string that would be very helpful go ahead and save this
be very helpful go ahead and save this you can see that we get the capital H
you can see that we get the capital H and the lowercase H here because my name
and the lowercase H here because my name starts with an h and ends with an H
starts with an h and ends with an H so another thing to note about strings
so another thing to note about strings much like tuples they are also immutable
much like tuples they are also immutable you cannot change a string we cannot
you cannot change a string we cannot modify the string we can join strings we
modify the string we can join strings we could split strings and we'll talk about
could split strings and we'll talk about that here in a second but once I have
that here in a second but once I have set this variable in this string this
set this variable in this string this string is here forever I can always
string is here forever I can always change the value of this variable but
change the value of this variable but you cannot change this string so again
you cannot change this string so again strings are immutable
strings are immutable now let's go ahead and say we have a
now let's go ahead and say we have a sentence
sentence we give that
we give that something like this is a sentence
something like this is a sentence if I can type today
if I can type today and we print out sentence
with something like this what do we think that's going to look
what do we think that's going to look like let's save this print it
like let's save this print it you can see that we get this what are we
you can see that we get this what are we doing well we're just grabbing this
doing well we're just grabbing this first word however we have the benefit
first word however we have the benefit of knowing what the first word is and
of knowing what the first word is and how long it is so we went 0 1 2 3.
how long it is so we went 0 1 2 3. remember we stopped at four so we grab
remember we stopped at four so we grab the word this
the word this well what if we were in a situation
well what if we were in a situation where we didn't know what the word was
where we didn't know what the word was or how long the first word was we could
or how long the first word was we could use something like a delimiter so we
use something like a delimiter so we could say print
could say print we could do sentence dot split
we could do sentence dot split and if we do a DOT split we can just do
and if we do a DOT split we can just do it like this and then this is a
it like this and then this is a delimiter and a delimiter says we're
delimiter and a delimiter says we're going to take something and we're going
going to take something and we're going to split based on that now the default
to split based on that now the default delimiter in Python if we just give it a
delimiter in Python if we just give it a split is a space
split is a space if we save this
if we save this come in here
come in here this is a sentence now look at it it's
this is a sentence now look at it it's in a list we could pull the first item
in a list we could pull the first item if we wanted to and know the first word
if we wanted to and know the first word instead of having to split it like this
instead of having to split it like this or pull it out like that
or pull it out like that so
so we could do something like this as well
we could do something like this as well this is just a proof of concept that's a
this is just a proof of concept that's a little bit fun we go sentence
little bit fun we go sentence split
split and we say that is equal to sentence
and we say that is equal to sentence dot split
dot split okay and then we also create another
okay and then we also create another variable we call that sentence join and
variable we call that sentence join and we say that is equal to
we say that is equal to space we're giving it a delimiter to
space we're giving it a delimiter to join on actually we're telling you what
join on actually we're telling you what to add in between the different words
to add in between the different words that we're pulling out so we're adding a
that we're pulling out so we're adding a space here and we're going to say join
space here and we're going to say join sentence split like this
sentence split like this and if we print out
and if we print out sentence join what do you think we're
sentence join what do you think we're gonna actually have happen here let's
gonna actually have happen here let's save it
save it guess what this is a sentence so all we
guess what this is a sentence so all we did was deconstruct this sentence based
did was deconstruct this sentence based on the delimiter it came out to this is
on the delimiter it came out to this is a sentence and then we joined it back
a sentence and then we joined it back together with a space so every one of
together with a space so every one of those got a space in between and that's
those got a space in between and that's it so that's just a Nifty little way to
it so that's just a Nifty little way to show you that splitting and joining is
show you that splitting and joining is possible and again this is still
possible and again this is still immutable even though we're messing
immutable even though we're messing around with the strings the strings are
around with the strings the strings are immutable let's take a look at a few
immutable let's take a look at a few other things here
other things here I mentioned in the beginning of the
I mentioned in the beginning of the first lesson when we were talking about
first lesson when we were talking about strings initially that we might have
strings initially that we might have different ways of using single quotes
different ways of using single quotes and double quotes and think about this
and double quotes and think about this like what if we had a situation of quote
like what if we had a situation of quote and we wanted to say something like he
and we wanted to say something like he said
said give me all your money
give me all your money well with this situation what are we
well with this situation what are we gonna do what if we wanted to add quotes
gonna do what if we wanted to add quotes here and say give me all your money we
here and say give me all your money we do that because that is a quote well
do that because that is a quote well looks like it's kind of messed up we're
looks like it's kind of messed up we're not seeing it in green it kind of looks
not seeing it in green it kind of looks funny what we can do in this situation
funny what we can do in this situation is we can use single quotes if we wanted
is we can use single quotes if we wanted to
to or we could flip this around by the way
or we could flip this around by the way we could use single quotes on the
we could use single quotes on the outside and then double quotes on the
outside and then double quotes on the inside if we wanted to use double quotes
inside if we wanted to use double quotes here and I could save this so let's
here and I could save this so let's print out quote just to show you and
print out quote just to show you and then we can save this
another thing that we can do though is we can say something like quote
and then we can just do he said and we can do character escaping so we can do
can do character escaping so we can do give me all your money like this
give me all your money like this and now python knows that everything
and now python knows that everything within these escaped characters
within these escaped characters is ignoring it's ignoring this double
is ignoring it's ignoring this double quote here and ignoring this double
quote here and ignoring this double quote here so we're escaping that and
quote here so we're escaping that and then we can print it
then we can print it and hopefully we did this right go ahead
and hopefully we did this right go ahead and print
and print you can see now it says he said give me
you can see now it says he said give me all your money in double quotes while we
all your money in double quotes while we also use double quotes on the outside so
also use double quotes on the outside so we can use character escaping if we want
we can use character escaping if we want to just know that we'll have to use this
to just know that we'll have to use this backslash in front of each of the
backslash in front of each of the characters that we want to escape okay
characters that we want to escape okay let's take a few more examples here so
let's take a few more examples here so if we say
if we say something like a variable of too much
something like a variable of too much space what happens in the situation
space what happens in the situation where we have
where we have like you can just add as much space as
like you can just add as much space as you want in here it doesn't really
you want in here it doesn't really matter we have a string with a lot of
matter we have a string with a lot of space in there well we can strip this
space in there well we can strip this out we can print too much space and then
out we can print too much space and then we can do a DOT strip
we can do a DOT strip and the strip is going to take the
and the strip is going to take the delimiter of a space as default
delimiter of a space as default and that will also strip this out you
and that will also strip this out you can see there's just hello there nothing
can see there's just hello there nothing else so that's kind of nice
else so that's kind of nice few more items what if we have the
few more items what if we have the letter of a
letter of a and we have the word
and we have the word of
of Apple
Apple okay
okay well what if we wanted to know something
well what if we wanted to know something like this let's actually go up a little
like this let's actually go up a little bit
bit and let's say we wanted to know like
and let's say we wanted to know like print
print a and Apple
a and Apple okay what is this going to return
okay what is this going to return go ahead and if I could type sorry
go ahead and if I could type sorry and this is going to return something
and this is going to return something let's go ahead and save that
let's go ahead and save that that's going to return true
that's going to return true so we'll just say true
so we'll just say true now if we print
now if we print a in apple
you're going to see that this is going to return false
to return false save this
save this y
y well this here is a lowercase a and that
well this here is a lowercase a and that does not exist with an apple so even
does not exist with an apple so even though we're looking for a specific
though we're looking for a specific letter Within A Word we have to match
letter Within A Word we have to match case sensitivity in order for that to
case sensitivity in order for that to return true so if we wanted to know if
return true so if we wanted to know if the letter A was in the word apple and
the letter A was in the word apple and we weren't concerned about case
we weren't concerned about case sensitivity then what do we do in that
sensitivity then what do we do in that situation
situation well this brings something up that we
well this brings something up that we did a little bit early on which is using
did a little bit early on which is using lowercase remember the lowercase method
lowercase remember the lowercase method we can say print
we can say print and then we can come in here and say
and then we can come in here and say letter dot lower you could also do upper
letter dot lower you could also do upper if you wanted to but what we're doing is
if you wanted to but what we're doing is we're converting all of this to
we're converting all of this to lowercase so this is not going to be a
lowercase so this is not going to be a lowercase a and then we could say in
lowercase a and then we could say in word dot lower
word dot lower and we can just say this is an improved
and we can just say this is an improved way of doing this
way of doing this so if we print that out we save this
so if we print that out we save this this should come back as true
this should come back as true so think about when you're trying to
so think about when you're trying to match a word or a string or anything and
match a word or a string or anything and if somebody came in and you were
if somebody came in and you were expecting like I don't know like think
expecting like I don't know like think about school and we're thinking about uh
about school and we're thinking about uh a word maybe like
a word maybe like Manhattan I don't know and somebody
Manhattan I don't know and somebody types in
types in Manhattan like this
Manhattan like this okay we still want to be able to accept
okay we still want to be able to accept that answer is true even though they may
that answer is true even though they may have screwed up a little bit on the
have screwed up a little bit on the punctuation now there could be instances
punctuation now there could be instances where we want a capitalized letter and
where we want a capitalized letter and it has to be very specific in that case
it has to be very specific in that case this kind of syntax works but if we're
this kind of syntax works but if we're looking to just accept an answer like
looking to just accept an answer like Manhattan for Manhattan then we might
Manhattan for Manhattan then we might want to consider using lowercase or
want to consider using lowercase or uppercase in that situation just to
uppercase in that situation just to match those words or letters or whatever
match those words or letters or whatever it might be
it might be so one more thing let's look at what is
so one more thing let's look at what is called string formatting so if we do
called string formatting so if we do something like movie we'll pick the
something like movie we'll pick the hangover again
hangover again we say The Hangover you can pick
we say The Hangover you can pick whatever movie you want here there's a
whatever movie you want here there's a few ways that we can print this out
few ways that we can print this out remember we concatenated early on and we
remember we concatenated early on and we said like print
said like print we did something like my favorite movie
we did something like my favorite movie [Music]
[Music] is space
is space plus
plus you know movie something like that right
you know movie something like that right well we can actually write this in a
well we can actually write this in a certain way that is a little bit easier
certain way that is a little bit easier so there's a few things that we can do
so there's a few things that we can do for example we can do my favorite movie
for example we can do my favorite movie is add a couple brackets in here like
is add a couple brackets in here like that
that and then we can add
and then we can add period at the end just because we're
period at the end just because we're going to close our sentence we'll say
going to close our sentence we'll say dot format
dot format and we'll say movie and close that off
and we'll say movie and close that off that's one way of doing it
that's one way of doing it if we save that
if we save that it's a my favorite movie is The Hangover
it's a my favorite movie is The Hangover okay this is called using the string
okay this is called using the string format method now what we can do there's
format method now what we can do there's another type of method we can use is we
another type of method we can use is we could say print my favorite movie is
could say print my favorite movie is percent s
percent s and we say
and we say percent really
percent really just like this
just like this save that
save that this is using percent formatting and
this is using percent formatting and look the same thing happens I just
look the same thing happens I just forgot my period in there
forgot my period in there so no big deal
so no big deal lastly if we print out
lastly if we print out an F in the front this is called an F
an F in the front this is called an F string or what's known as a string
string or what's known as a string literal we can do my favorite movie is
literal we can do my favorite movie is and then just do a movie like this
and then just do a movie like this super easy
super easy and we have moved off of using the
and we have moved off of using the format method and the percent method
format method and the percent method into this F string or string literal let
into this F string or string literal let me come in here we save this
me come in here we save this tab up print and you can see my favorite
tab up print and you can see my favorite movie is The Hangover that worked out
movie is The Hangover that worked out perfectly well you can use any of these
perfectly well you can use any of these to format but just know that the F
to format but just know that the F strings are the latest and the greatest
strings are the latest and the greatest way of doing it in Python 3.
way of doing it in Python 3. so that is it for this lesson we're
so that is it for this lesson we're going to go ahead and move on to
going to go ahead and move on to dictionaries
dictionaries okay so we'll add new lines in here
okay so we'll add new lines in here and we'll say dictionaries
and we'll say dictionaries and we could think of these as key value
and we could think of these as key value pairs
and also think of these with the curly braces like this so we've seen lists
braces like this so we've seen lists like that we've seen tuples now we can
like that we've seen tuples now we can think of dictionaries with the curly
think of dictionaries with the curly braces
braces so let's go ahead and we're going to put
so let's go ahead and we're going to put some drinks and again I'm going to use
some drinks and again I'm going to use alcoholic beverages you do not have to
alcoholic beverages you do not have to do that you can use whatever drinks and
do that you can use whatever drinks and prices in here that you want but we're
prices in here that you want but we're going to have a key value pair so our
going to have a key value pair so our key is going to be the drink so first
key is going to be the drink so first drink I'm going to pick up is a White
drink I'm going to pick up is a White Russian
Russian and the value is going to be seven let's
and the value is going to be seven let's say that a White Russian costs seven
say that a White Russian costs seven dollars
dollars if we do an Old Fashioned
if we do an Old Fashioned we're going to say that this costs ten
we're going to say that this costs ten dollars
dollars and we'll do one more we'll do a lemon
and we'll do one more we'll do a lemon drop and we'll just say that this costs
drop and we'll just say that this costs eight dollars
eight dollars okay and we can make a note here to
okay and we can make a note here to ourselves that drink is the key
ourselves that drink is the key price is the value remember key value
price is the value remember key value pairs key value
pairs key value all right so we've got our drinks we can
all right so we've got our drinks we can print our drinks
print our drinks save this go ahead print
save this go ahead print and you can see we print out our
and you can see we print out our dictionary here
dictionary here now
now let's give it another example
let's give it another example let's say that we have employees
let's say that we have employees and this could be a good example so we
and this could be a good example so we say we have employees and I really like
say we have employees and I really like the show Bob's Burgers so I'm going to
the show Bob's Burgers so I'm going to use Bob's Burgers here as an example
use Bob's Burgers here as an example let's say we have different departments
let's say we have different departments we've got the finance department
we've got the finance department and in the finance department
and in the finance department we actually have a list of people what
we actually have a list of people what if we've got we've got Bob oops we've
if we've got we've got Bob oops we've got Linda
got Linda and we've got Tina
and we've got Tina all in finance
all in finance we can also have another department
we can also have another department let's have it
let's have it so again that's the key
so again that's the key and the value is going to be this list
and the value is going to be this list that we're putting in there so Gene
that we're putting in there so Gene Louise
Louise and we'll throw our Teddy in there as
and we'll throw our Teddy in there as well
well and that one and let's do one more we'll
and that one and let's do one more we'll do HR
do HR so HR and we'll put in here
so HR and we'll put in here Jimmy Jr
Jimmy Jr and we'll also put in Mort
and we'll also put in Mort again you can put whatever you want in
again you can put whatever you want in here and if you need to pause if you're
here and if you need to pause if you're trying to follow line for line word for
trying to follow line for line word for word you need to pause and type this out
word you need to pause and type this out feel free to do that
feel free to do that I'm gonna go ahead and print out our
I'm gonna go ahead and print out our employees just to show this make sure I
employees just to show this make sure I type this all right because this is a
type this all right because this is a lot of syntax
lot of syntax and we've got Finance it and HR looks
and we've got Finance it and HR looks like we did a great job awesome
like we did a great job awesome so let's say I wanted to add a new key
so let's say I wanted to add a new key value pair I could do that in a couple
value pair I could do that in a couple of different ways we can do something
of different ways we can do something like employees
like employees and we can just say something like we
and we can just say something like we want to add a legal department
want to add a legal department all right and in the legal department
all right and in the legal department we're gonna have
we're gonna have just one person we'll just have Mr frond
just one person we'll just have Mr frond he's our legal team
he's our legal team okay we'll just say it adds new e value
okay we'll just say it adds new e value pair
pair save that actually let's print employees
save that actually let's print employees so that way we can actually
so that way we can actually verify save
verify save print
print and you can see legal ads Mr frond so we
and you can see legal ads Mr frond so we are adding to the end of our dictionary
are adding to the end of our dictionary just like we added to the end of our
just like we added to the end of our list everything gets appended to the end
list everything gets appended to the end unless we specify otherwise
unless we specify otherwise let's go ahead and come in here another
let's go ahead and come in here another way that we can do this is we can say
way that we can do this is we can say something like employees
something like employees dot update
dot update and we can say something like give it a
and we can say something like give it a sales department
sales department and in the sales department we'll have
and in the sales department we'll have Andy
Andy we'll have Ollie
close that off we're also going to have to close off
we're also going to have to close off our curly braces and we'll close off our
our curly braces and we'll close off our parentheses and if you have a decent
parentheses and if you have a decent notepad it'll show you where your items
notepad it'll show you where your items are so that way you know you're closing
are so that way you know you're closing things off correctly so we've got three
things off correctly so we've got three different types of syntax going on there
different types of syntax going on there and it sometimes can be hard to read so
and it sometimes can be hard to read so here we could say adds new key value
here we could say adds new key value pair as well
pair as well so just another way of doing it we can
so just another way of doing it we can print employees and we'll see that
print employees and we'll see that Annie and Ollie should be added provided
Annie and Ollie should be added provided we typed everything correct which we did
we typed everything correct which we did so here's sales with Andy and Ollie
so here's sales with Andy and Ollie okay one more thing let's say that we
okay one more thing let's say that we wanted to update
wanted to update something in our dictionary we're going
something in our dictionary we're going to go ahead and update a value we're
to go ahead and update a value we're going to go back to drinks for this one
going to go back to drinks for this one let's say that inflation has happened
let's say that inflation has happened which it has and with inflation the
which it has and with inflation the price of a white russian has now gone up
price of a white russian has now gone up from Seven dollars to eight dollars we
from Seven dollars to eight dollars we can do something like that print drinks
can do something like that print drinks and you should see
and you should see that hopefully this has been updated
that hopefully this has been updated to eight dollars which it was seven
to eight dollars which it was seven before now it's eight perfect
before now it's eight perfect we can also grab the value of that so if
we can also grab the value of that so if we wanted to do something like print
we wanted to do something like print drinks dot get and then we do white
drinks dot get and then we do white Russian
Russian totally do something like this
totally do something like this and save and hopefully it will return
and save and hopefully it will return eight
eight and it does
and it does so that is it for this lesson we're
so that is it for this lesson we're going to go ahead and move into a new
going to go ahead and move into a new file here in the next video so let's go
file here in the next video so let's go ahead and save this and close this and
ahead and save this and close this and we'll prepare for the next video so I'll
we'll prepare for the next video so I'll catch you over in the next lesson
okay so I wanted to talk about importing we're going to talk about importing
we're going to talk about importing modules so I wanted to make a new file
modules so I wanted to make a new file for this let's just call this mouse pad
for this let's just call this mouse pad importing dot Pi or whatever you want to
importing dot Pi or whatever you want to call it and I'm going to do the
call it and I'm going to do the Ampersand here and again if you're using
Ampersand here and again if you're using Windows or Mac just make sure you create
Windows or Mac just make sure you create a new file for this
a new file for this I'm going to go in here and I'm going to
I'm going to go in here and I'm going to add my shebang like before
add my shebang like before I'm going to declare bin Python 3 and
I'm going to declare bin Python 3 and save this
save this and now we're going to go ahead and talk
and now we're going to go ahead and talk about importing so
about importing so importing let's type this importing
importing let's type this importing and we'll say importing is important
and we'll say importing is important now modules exist within python that are
now modules exist within python that are built in but not available to us without
built in but not available to us without importing them so like you saw us being
importing them so like you saw us being able to do math but we could import a
able to do math but we could import a more robust module of math and then use
more robust module of math and then use that to do more advanced calculations
that to do more advanced calculations outside of adding subtracting exponents
outside of adding subtracting exponents Etc in this instance we're going to talk
Etc in this instance we're going to talk about a couple of different Imports that
about a couple of different Imports that we can do and that you're going to see
we can do and that you're going to see again as we get into some of our
again as we get into some of our Hands-On stuff and we build out some
Hands-On stuff and we build out some projects
projects for example we might want to import
for example we might want to import something called CIS now let's say if we
something called CIS now let's say if we tried to print out sys dot version and
tried to print out sys dot version and we'll just save this and then we're
we'll just save this and then we're going to Python 3 importing dot pi
going to Python 3 importing dot pi and you're going to see that I get an
and you're going to see that I get an error back that says CIS is not defined
error back that says CIS is not defined name says not defined okay well CIS is
name says not defined okay well CIS is something that we're going to use quite
something that we're going to use quite often in Python you're going to see it
often in Python you're going to see it imported quite a bit and it does a lot
imported quite a bit and it does a lot of different unique items like it does
of different unique items like it does something called ARG V for example which
something called ARG V for example which we'll use as an example later on but if
we'll use as an example later on but if we want to specify a an amount of
we want to specify a an amount of arguments say we're trying to run uh
arguments say we're trying to run uh Python 3 we're going to do a port
Python 3 we're going to do a port scanner later so we'll just say
scanner later so we'll just say portscanner.pi and we need to supply an
portscanner.pi and we need to supply an IP address here right and this is
IP address here right and this is argument zero this is argument one so if
argument zero this is argument one so if we Supply no argument one then we're
we Supply no argument one then we're going to throw an error it's going to be
going to throw an error it's going to be an if else statement and that's going to
an if else statement and that's going to use something called RV now we'll get
use something called RV now we'll get into that later but that's very
into that later but that's very important it's a part of CIS another
important it's a part of CIS another part of CIS is doing something like the
part of CIS is doing something like the version type of python that we're used
version type of python that we're used using or another thing is the sys dot
using or another thing is the sys dot exit which you'll see later on as well
exit which you'll see later on as well which is going to allow us to gracefully
which is going to allow us to gracefully exit
exit when we encounter an error we tell the
when we encounter an error we tell the script to exit or whatever we're doing
script to exit or whatever we're doing so we might need to import something
so we might need to import something like sis or another one is OS which is
like sis or another one is OS which is very common to be imported as well so
very common to be imported as well so let's talk about importing
let's talk about importing in order to import we can say something
in order to import we can say something like import sys just like this and we
like import sys just like this and we can just say this is for system
can just say this is for system functions and parameters
functions and parameters save that
save that and let's go ahead and just print this
and let's go ahead and just print this now and see what happens
now and see what happens you can see now that sys has been
you can see now that sys has been imported even though it wasn't built in
imported even though it wasn't built in automatically we can import it and you
automatically we can import it and you can see now it tells us hey we are
can see now it tells us hey we are running on version 3.10.5 of python and
running on version 3.10.5 of python and it was downloaded on June 8th 2022 or
it was downloaded on June 8th 2022 or built on June 8th of 2022 so
built on June 8th of 2022 so from here let's go ahead and import
from here let's go ahead and import something else let's go ahead and import
something else let's go ahead and import date time
date time and we can import from something so I
and we can import from something so I know this is going to be confusing but
know this is going to be confusing but we can import specifics from a module so
we can import specifics from a module so we're just importing the date time
we're just importing the date time feature from date time even though
feature from date time even though they're named the same just know that we
they're named the same just know that we can import specifics we don't have to
can import specifics we don't have to import the whole thing even though we
import the whole thing even though we totally could just import the whole
totally could just import the whole thing as well so here
thing as well so here for example we can say print
for example we can say print date time dot now like this and you know
date time dot now like this and you know what this is going to do it's going to
what this is going to do it's going to tell you what the date and the time is
tell you what the date and the time is and I apologize this is backwards this
and I apologize this is backwards this is it's from date time import date time
is it's from date time import date time so again your syntax will tell you where
so again your syntax will tell you where it's wrong
it's wrong and it is perfectly normal to make
and it is perfectly normal to make mistakes I leave these in the video so
mistakes I leave these in the video so that you see that I am human too and
that you see that I am human too and it's completely normal to make mistakes
it's completely normal to make mistakes like this so go ahead and do your script
like this so go ahead and do your script now and you'll see that it gives the
now and you'll see that it gives the date and the time so right now it is
date and the time so right now it is July 6th and it is two o'clock in the
July 6th and it is two o'clock in the morning
morning I am a night owl
I am a night owl now one other thing that we can do is we
now one other thing that we can do is we can come in here and we can
can come in here and we can from daytime import date time
from daytime import date time and we can also give this an alias we
and we can also give this an alias we can say as
can say as DT what if we don't want to write date
DT what if we don't want to write date time out we just want to do DT just like
time out we just want to do DT just like we didn't want to write new line out we
we didn't want to write new line out we did NL same kind of concept so we can
did NL same kind of concept so we can just say import with alias
just say import with alias and instead of saying date time.now we
and instead of saying date time.now we could just say DT dot now save that
could just say DT dot now save that go ahead and print it
go ahead and print it you can see it still works so absolutely
you can see it still works so absolutely the same thing we're just giving an
the same thing we're just giving an alias making it a little bit easier to
alias making it a little bit easier to run okay so that is it for this video
run okay so that is it for this video let's go ahead and close this out and
let's go ahead and close this out and then I'm going to meet you in the next
then I'm going to meet you in the next video we're going to talk about sockets
video we're going to talk about sockets before we get into building out a port
before we get into building out a port scanner so I'll catch you over in the
scanner so I'll catch you over in the next video
next video okay so let's make a new file and we're
okay so let's make a new file and we're going to call this s dot pi
going to call this s dot pi and again create this however you want
and again create this however you want to if you're using Linux you can follow
to if you're using Linux you can follow along like this or just create a new
along like this or just create a new file in Linux or Windows
file in Linux or Windows again we're going to shebang this up
again we're going to shebang this up here I'm going to give this a bin python
here I'm going to give this a bin python 3. now this is an incredibly necessary
3. now this is an incredibly necessary if you're running on Windows or Mac but
if you're running on Windows or Mac but this is just best practice for me this
this is just best practice for me this is the location of my python even though
is the location of my python even though I'm not actually calling it I am calling
I'm not actually calling it I am calling it with python3 so this isn't incredibly
it with python3 so this isn't incredibly relevant as long as you're using python
relevant as long as you're using python 3. now we are going to deal with sockets
3. now we are going to deal with sockets oh sockets
oh sockets now sockets
now sockets are what can be used to connect two
are what can be used to connect two nodes together so we're going to use
nodes together so we're going to use this to connect to Ports and IP
this to connect to Ports and IP addresses if you're unfamiliar with
addresses if you're unfamiliar with computer networking that's okay but what
computer networking that's okay but what we're looking for is a port and we're
we're looking for is a port and we're going to look for that port on an IP
going to look for that port on an IP address and on that IP address that that
address and on that IP address that that port is open we're going to make a
port is open we're going to make a connection to this
connection to this we're going to build a port scanner in
we're going to build a port scanner in the next video or in later on in the
the next video or in later on in the lesson and you'll see this in action
lesson and you'll see this in action right now I just want you to notate
right now I just want you to notate understand what we're doing and then I'm
understand what we're doing and then I'm going to demonstrate an example that you
going to demonstrate an example that you do not have to follow along with and you
do not have to follow along with and you might not be able to follow along with
might not be able to follow along with so that's okay but just know that
so that's okay but just know that sockets are used to make a connection
sockets are used to make a connection between ports and IEP addresses and
between ports and IEP addresses and you'll see that here very shortly so you
you'll see that here very shortly so you do not name this by the way socket.pi if
do not name this by the way socket.pi if for some reason you came in here and you
for some reason you came in here and you named this socket.pi this will break
named this socket.pi this will break python because we are going to
python because we are going to import socket so make sure that you come
import socket so make sure that you come in here and you rename this if you named
in here and you rename this if you named it socket.pi it's very easy to do that
it socket.pi it's very easy to do that but that will break the socket dot Pi
but that will break the socket dot Pi which is but we're importing here
which is but we're importing here so with this we're going to set a couple
so with this we're going to set a couple of variables we're going to say host is
of variables we're going to say host is equal to 127.0.0.1
and this is our loopback address or our home address if you're not familiar with
home address if you're not familiar with computer networking I do recommend that
computer networking I do recommend that you go take a class on computer
you go take a class on computer networking because it will become very
networking because it will become very important as you get into python
important as you get into python development especially if you ever work
development especially if you ever work with nodes of any sort so other thing is
with nodes of any sort so other thing is ports so we have ports on our machine
ports so we have ports on our machine that we can connect to we're going to be
that we can connect to we're going to be using TCP uh if you do not know what TCP
using TCP uh if you do not know what TCP is or what the ports are that's okay you
is or what the ports are that's okay you can still follow along but know that
can still follow along but know that there are 65 535 available ports some
there are 65 535 available ports some ports are very common in what they use
ports are very common in what they use like Port 80 for example is a web server
like Port 80 for example is a web server over HTTP you have 443 which is https 21
over HTTP you have 443 which is https 21 is FTP there's a lot of common ports and
is FTP there's a lot of common ports and protocols that are out there we're going
protocols that are out there we're going to pick a non-standard port non-common
to pick a non-standard port non-common we're just going to say 7777 so what I'm
we're just going to say 7777 so what I'm going to tell this to do is I want to
going to tell this to do is I want to tell this to reach out to this host
tell this to reach out to this host which is just going to be us for this
which is just going to be us for this example and this port I want to make a
example and this port I want to make a connection on this port now I'm going to
connection on this port now I'm going to give a variable of s
give a variable of s and this is going to be a very long
and this is going to be a very long statement so if you say socket dot
statement so if you say socket dot socket I'm going to type this out and
socket I'm going to type this out and I'm going to explain everything okay so
I'm going to explain everything okay so socket
socket dot AF init
dot AF init then we're going to say socket
then we're going to say socket dot sock stream
and then just for your notes AF init is ipv4
AF init is ipv4 sock stream
sock stream is a port
is a port so we're giving it this s because we are
so we're giving it this s because we are not wanting to type this whole long
not wanting to type this whole long thing out all the time we're just
thing out all the time we're just shortening this what we're going to do
shortening this what we're going to do is we're going out to make a connection
is we're going out to make a connection to this AFI net which is ipv4 IP address
to this AFI net which is ipv4 IP address which is what this is and we're going to
which is what this is and we're going to also make a connection on a port which
also make a connection on a port which is our sock stream we're going to give
is our sock stream we're going to give it this port so we're going to say that
it this port so we're going to say that by doing s dot connect
by doing s dot connect and we're going to come in here and this
and we're going to come in here and this is going to be a tuple so we're actually
is going to be a tuple so we're actually going to use
going to use double parentheses here oh support
double parentheses here oh support okay and we could come in here by the
okay and we could come in here by the way and we could just put in one two
way and we could just put in one two seven zero zero one instead of using a
seven zero zero one instead of using a variable but I like to use variables
variable but I like to use variables because it's best practice but you could
because it's best practice but you could hard code this in if you wanted to but
hard code this in if you wanted to but here I just like using the variables
here I just like using the variables easier to change especially if you're
easier to change especially if you're coming in here and you're writing in a
coming in here and you're writing in a bunch of host Port calls so the variable
bunch of host Port calls so the variable is easy just to have in one place as
is easy just to have in one place as opposed to hard coding this
opposed to hard coding this okay so I'm going to go ahead and save
okay so I'm going to go ahead and save this this is where I do not expect you
this this is where I do not expect you to follow along because you might not
to follow along because you might not have the architecture behind it now as I
have the architecture behind it now as I stated in the beginning of this video I
stated in the beginning of this video I am an ethical hacker by trade which
am an ethical hacker by trade which means that this version of Cali that
means that this version of Cali that I've been running on her this version of
I've been running on her this version of Linux that I've been running on is
Linux that I've been running on is actually Cali Linux
actually Cali Linux and
and in Kali Linux we have a bunch of tools
in Kali Linux we have a bunch of tools available to us for pen testing and
available to us for pen testing and ethical hacking one of those tools is a
ethical hacking one of those tools is a tool called netcat now netcat is NC and
tool called netcat now netcat is NC and basically what it does is allows us to
basically what it does is allows us to connect to open ports or establish a
connect to open ports or establish a listener on an open port so what I'm
listener on an open port so what I'm going to do is actually I'm going to
going to do is actually I'm going to open up a new tab here make this bigger
open up a new tab here make this bigger and then I'm going to run this here
and then I'm going to run this here just understand if you've never used
just understand if you've never used netcat before that's fine I'm just
netcat before that's fine I'm just opening up a listener on a port that's
opening up a listener on a port that's all just worry about the L and the P for
all just worry about the L and the P for now listen on Port 7777 anybody makes a
now listen on Port 7777 anybody makes a connection on that Port we're listening
connection on that Port we're listening so we are going to connect to ourselves
so we are going to connect to ourselves because we wrote the script out to
because we wrote the script out to 127001 which is us and all we're going
127001 which is us and all we're going to do is python3 s dot pi
to do is python3 s dot pi hit enter nothing's going to happen we
hit enter nothing's going to happen we don't have any print statements anything
don't have any print statements anything crazy
crazy but you can see that a connection was
but you can see that a connection was made from one two seven zero zero one to
made from one two seven zero zero one to one two seven zero zero one and it made
one two seven zero zero one and it made a connection on this port and we
a connection on this port and we connected on the other side on this
connected on the other side on this other Port here which don't worry about
other Port here which don't worry about that too much if you're not familiar
that too much if you're not familiar with networking that's absolutely okay
with networking that's absolutely okay but there has to be two or it's being
but there has to be two or it's being connected
connected um one on one side one on the other so
um one on one side one on the other so here we made that connection we didn't
here we made that connection we didn't tell this to do anything else we just
tell this to do anything else we just said hey go out listen for this
said hey go out listen for this connection we made a connection we
connection we made a connection we established it we did our job we used
established it we did our job we used our socket and we are good to go here we
our socket and we are good to go here we close the connection because there was
close the connection because there was nothing no instructions given or
nothing no instructions given or anything else and that's all we needed
anything else and that's all we needed so what we're going to do now is we're
so what we're going to do now is we're going to in the next video build out
going to in the next video build out what I call a terrible Port scanner and
what I call a terrible Port scanner and we'll talk about why it's terrible but
we'll talk about why it's terrible but we're going to tie everything we've
we're going to tie everything we've learned so far together and build
learned so far together and build something out that is actually usable
something out that is actually usable with python so I've been throwing all
with python so I've been throwing all these lessons and terms and everything
these lessons and terms and everything out to you now we're going to apply that
out to you now we're going to apply that you're going to see how we can use that
you're going to see how we can use that all together and I'm very excited so
all together and I'm very excited so I'll catch you over in the next lesson
I'll catch you over in the next lesson when we start building out a port
when we start building out a port scanner
scanner it is time to create our first project
it is time to create our first project and this project is going to be building
and this project is going to be building out a terrible Port scanner and so let's
out a terrible Port scanner and so let's go ahead and create a new file I'm going
go ahead and create a new file I'm going to call this scanner.pi
give it the Ampersand here if you're on Linux
Linux and then we're just going to call this
in python3 save it get the pretty colors going
going and what we are going to do is we are
and what we are going to do is we are going to create a scanner that is going
going to create a scanner that is going to be something like this we're going to
to be something like this we're going to type in python3
type in python3 scanner.pi and then we're going to say
scanner.pi and then we're going to say IP address we want to provide an IEP
IP address we want to provide an IEP address and then it's going to go out
address and then it's going to go out and do Port scanning on the IP address
and do Port scanning on the IP address so hopefully we can build that out for
so hopefully we can build that out for now let's go ahead and import a couple
now let's go ahead and import a couple of things I should say a few things
of things I should say a few things we're going to import
we're going to import CIS talked about CIS
CIS talked about CIS I'm going to import socket talked about
I'm going to import socket talked about socket and from
socket and from date time we're going to go ahead and
date time we're going to go ahead and import
import date time so none of this should be new
date time so none of this should be new to you
to you so
so first thing that we're going to need to
first thing that we're going to need to do is Define our Target so we need to
do is Define our Target so we need to set up an if statement I'm just going to
set up an if statement I'm just going to say Define our Target
say Define our Target and what I want to say is if
and what I want to say is if the length of CIS ARG V and I'll explain
the length of CIS ARG V and I'll explain this in a second is equal to 2
this in a second is equal to 2 then we're going to set a Target
then we're going to set a Target variable Target is going to be equal to
variable Target is going to be equal to socket dot get host by name
socket dot get host by name and we're going to say sys dot ARG V1
and all this is going to do is Translate hostname to ipv4 all right
hostname to ipv4 all right let me make the else statements I'm
let me make the else statements I'm going to come back I'm going to explain
going to come back I'm going to explain everything okay so if we do else
everything okay so if we do else we're going to print out
we're going to print out invalid amount of arguments
and also print out syntax
syntax Python 3 scanner
Python 3 scanner dot pi
dot pi IP address
something like that okay go ahead and close that off okay
go ahead and close that off okay so we're taking a method of length and
so we're taking a method of length and we're saying CIS dot ARG V we spoke a
we're saying CIS dot ARG V we spoke a little bit about argb in the importing
little bit about argb in the importing section
section RV is going to be the amount of
RV is going to be the amount of arguments that we are giving so when we
arguments that we are giving so when we come in here and we type in python3
come in here and we type in python3 okay our first argument argument zero in
okay our first argument argument zero in theory is going to be scanner.pi
theory is going to be scanner.pi the second argument or second index
the second argument or second index index of one is going to be the IP
index of one is going to be the IP address that we give so 192.168 1.1 or
address that we give so 192.168 1.1 or whatever it might be
whatever it might be so we need to have two arguments if we
so we need to have two arguments if we have a third argument it's going to
have a third argument it's going to break if we don't have a second argument
break if we don't have a second argument it's going to break if we just type in
it's going to break if we just type in scanner.pi it'll break if we type in an
scanner.pi it'll break if we type in an IP address
IP address like 1.1 and then we type in something
like 1.1 and then we type in something here
here it's going to break because there's too
it's going to break because there's too many arguments so if it doesn't meet
many arguments so if it doesn't meet this specific length
this specific length then what we're going to do is print out
then what we're going to do is print out invalid amount of arguments
invalid amount of arguments here's the syntax give somebody some
here's the syntax give somebody some some help here
some help here if it does meet the length then what
if it does meet the length then what we're going to do is we're going to set
we're going to do is we're going to set our Target equal to socket dot get host
our Target equal to socket dot get host by name
by name and all this is saying is we're going to
and all this is saying is we're going to get host by name of CIS arcv1 that's our
get host by name of CIS arcv1 that's our IP address now this is going to
IP address now this is going to translate a hostname to an ipv4 so in
translate a hostname to an ipv4 so in case
case for example if you did
for example if you did python3scanner dot pi and you had a host
python3scanner dot pi and you had a host name like I have a host in my house
name like I have a host in my house called Punisher like if I gave it
called Punisher like if I gave it Punisher and my DNS knew internally that
Punisher and my DNS knew internally that that translated to a specific IP address
that translated to a specific IP address in my network that's fine this will
in my network that's fine this will translate
translate okay easy enough but we could also just
okay easy enough but we could also just give it an IP address so that's what
give it an IP address so that's what we're looking for here I highly
we're looking for here I highly recommend for this example using an IP
recommend for this example using an IP address
address in previous lessons when I've taught
in previous lessons when I've taught this before somebody has tried typing in
this before somebody has tried typing in a host name and it doesn't always go as
a host name and it doesn't always go as planned though we will talk about adding
planned though we will talk about adding error exceptions for that here in a
error exceptions for that here in a little bit so right now all we need to
little bit so right now all we need to know is we're trying to set this up with
know is we're trying to set this up with these arguments now this is not the best
these arguments now this is not the best logic this is something that will work
logic this is something that will work for our needs because we are building
for our needs because we are building this out but if we're building it out
this out but if we're building it out for somebody else this logic's not great
for somebody else this logic's not great and this is why I call this a crappy
and this is why I call this a crappy Port scanner is because it's not the
Port scanner is because it's not the best we're only doing it for proof of
best we're only doing it for proof of concept and to learn what we've learned
concept and to learn what we've learned so far but think about this in another
so far but think about this in another way think about if we're running two
way think about if we're running two arguments well I could give this an
arguments well I could give this an argument what if I if I come here and I
argument what if I if I come here and I say python3scanner dot pi and I give it
say python3scanner dot pi and I give it the second argument
the second argument but I give it like
but I give it like 192.1 or something like that well that's
192.1 or something like that well that's not a host name it's not going to
not a host name it's not going to translate to anything that's also not
translate to anything that's also not really an IP address so we should really
really an IP address so we should really add some other statements in here to say
add some other statements in here to say hey it needs to be a valid IP address it
hey it needs to be a valid IP address it needs to be like have four octets like
needs to be like have four octets like we expect and if we really wanted to get
we expect and if we really wanted to get critical about this we can make sure
critical about this we can make sure that it is a valid IP address because I
that it is a valid IP address because I P addresses can serve like 256. whatever
P addresses can serve like 256. whatever so we could say it must be between like
so we could say it must be between like you know each octet must be between 1
you know each octet must be between 1 and 254 and get really refined with that
and 254 and get really refined with that and say hey that's not a valid IP
and say hey that's not a valid IP address thus we're not going to scan
address thus we're not going to scan this but we don't have to worry about
this but we don't have to worry about that right now I'm just saying the logic
that right now I'm just saying the logic behind it we need to start thinking
behind it we need to start thinking about well how can a user break this we
about well how can a user break this we know how to run it but if we gave this
know how to run it but if we gave this to somebody else how would they run it
to somebody else how would they run it and how could they break it or how could
and how could they break it or how could they typo some something so these are
they typo some something so these are things to think about as we go
things to think about as we go so for now we've added this in we've got
so for now we've added this in we've got this in here we could test this if we
this in here we could test this if we just save it we come in here and we just
just save it we come in here and we just say Python 3 scanner dot Pi we don't
say Python 3 scanner dot Pi we don't give in any arguments you'll see that it
give in any arguments you'll see that it says invalid amount of arguments
says invalid amount of arguments python3scanner.pi is the syntax perfect
python3scanner.pi is the syntax perfect don't give it an argument right now
don't give it an argument right now because it's going to break if you don't
because it's going to break if you don't have DNS translating properly so
have DNS translating properly so from here let's go ahead and add a
from here let's go ahead and add a pretty Banner so just add a pretty
pretty Banner so just add a pretty Banner
Banner and all I'm going to do is do a print
and all I'm going to do is do a print command
command and I'm going to just do a bunch of
and I'm going to just do a bunch of dashes this is not really going to be
dashes this is not really going to be that pretty of a banner but it's still
that pretty of a banner but it's still going to be a banner and so when this
going to be a banner and so when this kicks off if if we've got a valid IP
kicks off if if we've got a valid IP that we're going to be scanning
that we're going to be scanning we're just going to do scanning Target
we're just going to do scanning Target and then we'll just do a space and you
and then we'll just do a space and you could just do a concatenation here of
could just do a concatenation here of plus Target you could do F string if you
plus Target you could do F string if you want completely up to you on how you
want completely up to you on how you want to do this so we just do scanning
want to do this so we just do scanning Target plus Target this will say what
Target plus Target this will say what the IP address is we can do like
the IP address is we can do like scanning Target
scanning Target of that something along those lines and
of that something along those lines and then we could say print
then we could say print time started
time started and then we can give this something like
and then we can give this something like a string
a string so we want to give plus a string of
so we want to give plus a string of date time dot now remember we can't
date time dot now remember we can't concatenate numbers and strings
concatenate numbers and strings so we're going to go ahead and do this
so we're going to go ahead and do this and then we'll just print out
and then we'll just print out this one more time
okay I'm going to save this let's go ahead and try running this with
let's go ahead and try running this with like
like I don't know 192 168 1.1
I don't know 192 168 1.1 okay
okay so this is what we get
so this is what we get we can see that we have scanning Target
we can see that we have scanning Target okay scan Target 192.168 1.1 here's the
okay scan Target 192.168 1.1 here's the time that it started perfect we've got a
time that it started perfect we've got a pretty Banner set up
pretty Banner set up so now let's actually start making it do
so now let's actually start making it do something
something so we're going to use what is called the
so we're going to use what is called the try command we're going to try something
try command we're going to try something and if it works perfect if it doesn't
and if it works perfect if it doesn't we're going to have exceptions for that
we're going to have exceptions for that so here's what we're going to do we're
so here's what we're going to do we're going to say try
going to say try or we're going to do a for Loop
or we're going to do a for Loop port in range remember we talked about a
port in range remember we talked about a range earlier we talked about well what
range earlier we talked about well what about a 4ip in range of 1 through 254.
about a 4ip in range of 1 through 254. we're doing the same concept here now
we're doing the same concept here now we're just giving it a range now there
we're just giving it a range now there are 65 535 potential ports
are 65 535 potential ports I'm not going to force you to scan all
I'm not going to force you to scan all those if you want to you can come in
those if you want to you can come in here and say 65 535 this is not threaded
here and say 65 535 this is not threaded we are not doing any sort of
we are not doing any sort of speed runs here this is could
speed runs here this is could potentially be a slow Port scanner so it
potentially be a slow Port scanner so it is best in my opinion to do like a port
is best in my opinion to do like a port scan between 50 and 85.
scan between 50 and 85. and the reason I do this is because
and the reason I do this is because we're going to scan or attempt to scan
we're going to scan or attempt to scan our home router and usually DNS is open
our home router and usually DNS is open on that and usually Port 80s open on
on that and usually Port 80s open on that so I'm trying to look and see if we
that so I'm trying to look and see if we can find a couple ports that might be
can find a couple ports that might be open
open so for port in this range what we're
so for port in this range what we're going to do is we're going to set our s
going to do is we're going to set our s equal to that lovely socket dot socket
equal to that lovely socket dot socket socket dot AF inet
socket dot AF inet and socket dot sock underscore stream
and socket dot sock underscore stream just like that
just like that and then we're also going to come in
and then we're also going to come in here and we're going to do a socket
here and we're going to do a socket dot set default
dot set default timeout to one
timeout to one so if it responds back or doesn't
so if it responds back or doesn't respond back within a second we're just
respond back within a second we're just going to move on we don't want to stick
going to move on we don't want to stick to scanning a port waiting waiting
to scanning a port waiting waiting waiting for not to respond back to us
waiting for not to respond back to us and then the script takes long and
and then the script takes long and longer and longer so we just want to
longer and longer so we just want to make sure that we set our default
make sure that we set our default timeout to one there and then what we're
timeout to one there and then what we're going to do is we're going to go ahead
going to do is we're going to go ahead and
and set a variable result
set a variable result and result is going to equal to
and result is going to equal to s dot connect
s dot connect underscore ex and I'll explain all this
underscore ex and I'll explain all this in a second
in a second Target import
Target import all right
all right so what this is doing here actually let
so what this is doing here actually let me type out the rest and then we'll go
me type out the rest and then we'll go back we're going to say if result is
back we're going to say if result is equal to zero
equal to zero we're going to print out
we're going to print out port
port we can do
is open so now we can come in here we can do a format Port if we want to you
can do a format Port if we want to you could use an F string here if you want
could use an F string here if you want to so we can just use an F string
to so we can just use an F string I'm just showing you examples but you
I'm just showing you examples but you can say port and just do an F in front
can say port and just do an F in front of this
okay Port whatever is open and then we're going to close the connection
all right let's read through this make sure we understand what's going on
sure we understand what's going on so we're gonna do a for Loop for a port
so we're gonna do a for Loop for a port in the range of 50 to 85 so we're going
in the range of 50 to 85 so we're going to start with 50 and 51 then 52 go
to start with 50 and 51 then 52 go through that process we are setting a
through that process we are setting a variable
variable of s equal to this because we're going
of s equal to this because we're going to gather the ipv4 address and we're
to gather the ipv4 address and we're going to gather the port that we're
going to gather the port that we're trying to connect to
trying to connect to now our ipv4 address here's our Tuple
now our ipv4 address here's our Tuple right here we are saying I want to
right here we are saying I want to connect on Target and Port Target is
connect on Target and Port Target is going to be supplied by us we're going
going to be supplied by us we're going to use rb1
to use rb1 so we're going to supply the IP address
so we're going to supply the IP address and the port is going to be this range
and the port is going to be this range here
here so for port in range we're declaring
so for port in range we're declaring Port here now this s.connect underscore
Port here now this s.connect underscore EX
EX this is an error indicator
this is an error indicator so if a port is open the error result
so if a port is open the error result returns zero
returns zero if a port is closed it returns a one so
if a port is closed it returns a one so if the result is a zero we're going to
if the result is a zero we're going to say hey this port was open
say hey this port was open if it's not it's going to close out and
if it's not it's going to close out and we're going to close this then we're
we're going to close this then we're going to go back to the loop and come
going to go back to the loop and come through and try it again so we're going
through and try it again so we're going to close out our socket connection on
to close out our socket connection on that Port come back try 51 52
that Port come back try 51 52 etc etc
etc etc now before we run this there are some
now before we run this there are some exceptions that we need to consider
exceptions that we need to consider so the first one we're going to try this
so the first one we're going to try this but we need exceptions so accept
but we need exceptions so accept what if we have a keyboard interrupt so
what if we have a keyboard interrupt so we'll say keyboard interrupt
we'll say keyboard interrupt and
and that just means what if we hit Ctrl C
that just means what if we hit Ctrl C while this is running we can stop this
while this is running we can stop this on our own so we're providing an
on our own so we're providing an exception of a keyboard interrupt and
exception of a keyboard interrupt and we're going to say exiting program on a
we're going to say exiting program on a new line
and then we're going to assist exit remember I talked about sysexit and
remember I talked about sysexit and we're going to allow us to exit
we're going to allow us to exit gracefully
gracefully we can also do an exception of a socket
we can also do an exception of a socket dot gai error
dot gai error now this
now this is what happens when the hostname does
is what happens when the hostname does not resolve so what if we say hostname
not resolve so what if we say hostname could not be resolved
could not be resolved so if we typed in a bunch of
so if we typed in a bunch of Mumble jumbo up here we say like Python
Mumble jumbo up here we say like Python 3
3 scanner dot pi
scanner dot pi and we just typed in something and that
and we just typed in something and that doesn't resolve to an IP address well
doesn't resolve to an IP address well guess what this is going to throw an
guess what this is going to throw an error now
error now and we can exit
we got to cover all of our bases lastly what if we have a socket dot
lastly what if we have a socket dot error so we have an error when we're
error so we have an error when we're doing this and we print out
doing this and we print out hey we could not connect to the server
hey we could not connect to the server just it's just not online what if we try
just it's just not online what if we try to connect to an IP address and it
to connect to an IP address and it doesn't talk back to us
doesn't talk back to us but not connect to the server
but not connect to the server so something to think about there again
so something to think about there again we'll assist dot exit
we'll assist dot exit so let's go ahead and save this
so let's go ahead and save this now you're going to need to run this
now you're going to need to run this against something so I'm going to show
against something so I'm going to show you an example of mine okay so in order
you an example of mine okay so in order to run this we need an IP address now if
to run this we need an IP address now if I type in ifconfig I'm actually on a
I type in ifconfig I'm actually on a virtual machine right now so
virtual machine right now so 192.168.138.140 is not my true IP
192.168.138.140 is not my true IP address
address I'm actually going to bring up my
I'm actually going to bring up my Windows machine that I'm on
Windows machine that I'm on and you can see here that I have a
and you can see here that I have a default gateway of
default gateway of 192.168.4.1 so make sure you know your
192.168.4.1 so make sure you know your gateway or what your router's IP address
gateway or what your router's IP address or that you have a machine that you can
or that you have a machine that you can scan that you know might have a port of
scan that you know might have a port of 53 or 80 open or you need to modify your
53 or 80 open or you need to modify your script to make sure that you can scan
script to make sure that you can scan for something but I'm going to go ahead
for something but I'm going to go ahead and scan my 4.1 because it should have
and scan my 4.1 because it should have some stuff open so if I do a Python 3
some stuff open so if I do a Python 3 scanner.pi I'm going to come in here and
scanner.pi I'm going to come in here and just do a 4.1
just do a 4.1 and I hit enter this could take some
and I hit enter this could take some time so what I'm going to do is I'm
time so what I'm going to do is I'm going to let this sit here actually it's
going to let this sit here actually it's already it's zooming through uh you can
already it's zooming through uh you can see it found Port 53 pretty quick
see it found Port 53 pretty quick um and then this might take time to find
um and then this might take time to find Port 80 if Port 80 is open but basically
Port 80 if Port 80 is open but basically what it's going to go through is go
what it's going to go through is go through 450 51 52 53 all the way through
through 450 51 52 53 all the way through the process and has that one second
the process and has that one second timeout as it goes through and checks
timeout as it goes through and checks each and every one of these ports so it
each and every one of these ports so it should take maybe up to a minute for
should take maybe up to a minute for this to work so I'm going to go ahead
this to work so I'm going to go ahead and pause right here looks like we're
and pause right here looks like we're almost done actually or 80 came back as
almost done actually or 80 came back as open too no need to pause it finished
open too no need to pause it finished while I was yapping so you can see I
while I was yapping so you can see I came back and said 453 is open port 80
came back and said 453 is open port 80 is open so our script worked
is open so our script worked it took forever to scan these ports but
it took forever to scan these ports but it is working so we were able to build
it is working so we were able to build out let's go back and look at this this
out let's go back and look at this this is awesome we were able to build out a
is awesome we were able to build out a port scanner that came in here and
port scanner that came in here and within two hours you now have the
within two hours you now have the knowledge to build out a basic Port
knowledge to build out a basic Port scanner you didn't think you would be
scanner you didn't think you would be able to do that well here you are look
able to do that well here you are look at you
at you you're awesome okay so we were able to
you're awesome okay so we were able to give it an argument
give it an argument we set our if conditional statement make
we set our if conditional statement make sure the length of the argument was two
sure the length of the argument was two valid otherwise we have an else here we
valid otherwise we have an else here we made a little pretty Banner we imported
made a little pretty Banner we imported some stuff got that all working we did a
some stuff got that all working we did a try statement which really was just a
try statement which really was just a for Loop in here and we had some logic
for Loop in here and we had some logic based on conditions that would happen
based on conditions that would happen within this for Loop we had a for Loop
within this for Loop we had a for Loop and an if statement together we used a F
and an if statement together we used a F string to print this out pretty cool
string to print this out pretty cool came through we had some exceptions as
came through we had some exceptions as well for example like the keyboard
well for example like the keyboard interrupt just as to show you if I come
interrupt just as to show you if I come and run this again if I wanted to stop
and run this again if I wanted to stop this scan in the middle of it I could
this scan in the middle of it I could just hit Ctrl C and it'll say hey
just hit Ctrl C and it'll say hey exiting program and that's exactly what
exiting program and that's exactly what we told it to do we could say in here it
we told it to do we could say in here it says exiting program so that's the
says exiting program so that's the keyboard interrupt same thing we had
keyboard interrupt same thing we had exceptions for not being able to connect
exceptions for not being able to connect or we had the hostname could not resolve
or we had the hostname could not resolve we would also have those sorts of things
we would also have those sorts of things as well so you could test out those
as well so you could test out those errors see if they work for you but
errors see if they work for you but other than that we built a scanner so
other than that we built a scanner so this is Project number one we're gonna
this is Project number one we're gonna go ahead and move on to learning a
go ahead and move on to learning a little bit more Python and then we'll go
little bit more Python and then we'll go ahead and get into some more Project
ahead and get into some more Project work so I'll see you over in the next
work so I'll see you over in the next video
video now we're going to take a look at
now we're going to take a look at accepting user input in our program and
accepting user input in our program and then how we can manipulate data with
then how we can manipulate data with that input
that input so let's go ahead and make a new file
so let's go ahead and make a new file I'm going to just say mouse pad and
I'm going to just say mouse pad and we'll call this input dot pi
we'll call this input dot pi and I'm going to bring this over we'll
and I'm going to bring this over we'll give this the shebang
give this the shebang then python3 here
then python3 here save it get the pretty colors
save it get the pretty colors and in order to take input in Python all
and in order to take input in Python all we actually need to do is just use input
we actually need to do is just use input something like this so we could say like
something like this so we could say like enter your name for input like this and
enter your name for input like this and put a space and we'll need to put this
put a space and we'll need to put this into a variable so if we come into the
into a variable so if we come into the front of this and we just say name is
front of this and we just say name is equal to
equal to we could do something like that and then
we could do something like that and then we can just print out like
we can just print out like hello
hello and give a space
and give a space do name
do name and then
and then we'll add an exclamation at the end or a
we'll add an exclamation at the end or a period at the end doesn't really matter
period at the end doesn't really matter and then we can just come in here and
and then we can just come in here and save that
save that and if we run this
close this out I forgot to add an ampersands we'll do that real quick and
ampersands we'll do that real quick and if we run this now we just say python3
if we run this now we just say python3 and we say input
and we say input dot Pi let's say enter your name I'll
dot Pi let's say enter your name I'll just say Heath
just say Heath and you can see it says hello Heath
and you can see it says hello Heath we can add upon this we can say like
we can add upon this we can say like what's your favorite drink so if we just
what's your favorite drink so if we just make a variable and we call it drink and
make a variable and we call it drink and we do input and say what's your favorite
we do input and say what's your favorite drink
drink and do a question mark something like
and do a question mark something like that
that we can come in here and then just add
we can come in here and then just add upon this if we want we can just say
upon this if we want we can just say have a space
have a space plus drink
plus drink less period
less period all right and it should say welcome
all right and it should say welcome Heath have a and then whatever drink we
Heath have a and then whatever drink we put in here so if we save this come back
put in here so if we save this come back and run it
and run it okay I'm gonna put Heath as my name and
okay I'm gonna put Heath as my name and then
then White Russian is my favorite drink
White Russian is my favorite drink and it says hello Heath have a White
and it says hello Heath have a White Russian so we can easily accept input
Russian so we can easily accept input like this
like this so let's think about if we wanted to
so let's think about if we wanted to build out a calculator I'm going to go
build out a calculator I'm going to go ahead and delete this what if we wanted
ahead and delete this what if we wanted to take input and make a mini calculator
to take input and make a mini calculator we could definitely do that
we could definitely do that so what if we had two numbers and we've
so what if we had two numbers and we've been taking X and Y so if we said X is
been taking X and Y so if we said X is equal to input
equal to input and we'll just say
and we'll just say give me a number
give me a number and then we'll do something like that
and then we'll do something like that and then we can also do y and also make
and then we can also do y and also make that input
that input give me yet another number
give me yet another number you put whatever you want here by the
you put whatever you want here by the way
way and if we do something like print
and if we do something like print X Plus y
X Plus y and we do that let's save it and let's
and we do that let's save it and let's see what happens here so I'm going to
see what happens here so I'm going to print this out
print this out we'll give a number we'll do three and
we'll give a number we'll do three and then we'll do two
then we'll do two and it gave us 32. why is it doing that
and it gave us 32. why is it doing that well what it's doing is it is taking
well what it's doing is it is taking these and giving this to us as a string
these and giving this to us as a string so we need to either do an integer here
so we need to either do an integer here and put this in an INT or we need to
and put this in an INT or we need to take this as a float so if we think
take this as a float so if we think about this from the past if we want to
about this from the past if we want to only take integers we can but if
only take integers we can but if somebody were to put in like 8.7 or some
somebody were to put in like 8.7 or some number here and they gave that to us
number here and they gave that to us well we would only take the eight and we
well we would only take the eight and we would leave off the 0.7 so I think if
would leave off the 0.7 so I think if we're building out a calculator it's
we're building out a calculator it's better to use floats so we can just come
better to use floats so we can just come in here and say float and we'll put this
in here and say float and we'll put this all in parentheses and then we'll do the
all in parentheses and then we'll do the same thing right here
so now when we come in here and we'd save this and run this again what should
save this and run this again what should happen is this should work properly so
happen is this should work properly so if we did like three
if we did like three and then 3.2
and then 3.2 you'll see that we get 6.2 which is
you'll see that we get 6.2 which is proper that's awesome
proper that's awesome well what if we wanted to build this out
well what if we wanted to build this out further
further we could make this into a situational
we could make this into a situational thing what if we not only wanted to do
thing what if we not only wanted to do an addition but what if we wanted to
an addition but what if we wanted to allow the user to say I want to add or
allow the user to say I want to add or subtract or divide or multiply or maybe
subtract or divide or multiply or maybe use an exponent we could do that so what
use an exponent we could do that so what if we added another variable and we just
if we added another variable and we just called this o for operator and we just
called this o for operator and we just took that input and we just said
took that input and we just said something along the lines of input
something along the lines of input give me an operator
give me an operator right and maybe we put this in the
right and maybe we put this in the middle here so that way we're not just
middle here so that way we're not just getting two numbers maybe we want to
getting two numbers maybe we want to take that and we want to say something
take that and we want to say something like this so that way you'll say give me
like this so that way you'll say give me your number give me an operator and then
your number give me an operator and then give me another number and we'll print
give me another number and we'll print that out so
that out so now let's think about how we want this
now let's think about how we want this to flow if we want this to work with a
to flow if we want this to work with a addition like we already have we might
addition like we already have we might want to come in here and just say
want to come in here and just say something like if o
something like if o or operator is equal to a plus sign
or operator is equal to a plus sign well then
well then we'll come in and just print out X Plus
we'll come in and just print out X Plus y
y remember the indentation is important
remember the indentation is important here
here else if or L if
else if or L if o is equal to a minus
o is equal to a minus guess what we're going to print x minus
guess what we're going to print x minus y
y and we can continue on here
and we can continue on here else if o is equal to
division we'll divide and then we'll multiply as well so x
and then we'll multiply as well so x divided by y
divided by y else if o is equal to
else if o is equal to multiply here
multiply here we'll go ahead and multiply that
we'll go ahead and multiply that let's throw in an exponent for good
let's throw in an exponent for good measure
measure so let's do L if o is equal to an
so let's do L if o is equal to an exponent so that's two
exponent so that's two asterisk there and then we'll just print
asterisk there and then we'll just print out
out X
X times y so we've got a mini little
times y so we've got a mini little calculator here and we need to end this
calculator here and we need to end this with
with an else statement so what if we take
an else statement so what if we take input that doesn't belong here if it
input that doesn't belong here if it doesn't match one of these operators
doesn't match one of these operators then we can just print something like
then we can just print something like unknown operator
unknown operator all right and period there save that and
all right and period there save that and this should work so let's go ahead and
this should work so let's go ahead and give this a try what if we come in here
give this a try what if we come in here we just say
we just say give me a number we'll do three and
give me a number we'll do three and let's say we want to multiply and we'll
let's say we want to multiply and we'll do by three
do by three and we get a 9 we can do it again we can
and we get a 9 we can do it again we can try something like
try something like we'll do uh four and this time we'll do
we'll do uh four and this time we'll do an exponent we'll do four
an exponent we'll do four so four to the fourth power is 256. so
so four to the fourth power is 256. so we have just quite easily built out a
we have just quite easily built out a little calculator that we take input
little calculator that we take input from a user and then utilize that to
from a user and then utilize that to calculate that expression given what is
calculate that expression given what is given to us by the user now let's think
given to us by the user now let's think of something else here just as an aside
of something else here just as an aside what if something is written differently
what if something is written differently like when I think of math with python
like when I think of math with python yes we think of two asterisks as an
yes we think of two asterisks as an exponent but what if we had a situation
exponent but what if we had a situation where we wanted to maybe use the up
where we wanted to maybe use the up Arrow or the carrot symbol which is how
Arrow or the carrot symbol which is how I've commonly seen it used online for
I've commonly seen it used online for Math and exponents well we could do
Math and exponents well we could do something like or
something like or o is equal to
o is equal to the up
the up Arrow like that and what if we save that
Arrow like that and what if we save that and ran this now
and ran this now and if we gave a 4 to the up Arrow of 4
and if we gave a 4 to the up Arrow of 4 guess what we still get 256 so we can
guess what we still get 256 so we can use our statement like that here our and
use our statement like that here our and or or other operators that we have
or or other operators that we have learned along the way so start thinking
learned along the way so start thinking about it like that as we start to piece
about it like that as we start to piece these things together we're starting to
these things together we're starting to build out little projects and we can use
build out little projects and we can use some of the logic that we have already
some of the logic that we have already learned throughout this course so that's
learned throughout this course so that's it for this lesson we're going to go
it for this lesson we're going to go ahead and move on to the next one
ahead and move on to the next one okay now we're going to talk about
okay now we're going to talk about reading and writing files using python
reading and writing files using python so let's go ahead and make a new file
so let's go ahead and make a new file I'm just going to mouse pad and we're
I'm just going to mouse pad and we're going to call this file months Dot txt
going to call this file months Dot txt and in here let's go ahead and just type
and in here let's go ahead and just type out the month so we'll do January
out the month so we'll do January February March
February March April if I could type May June July
April if I could type May June July August September October November
August September October November and December
and December if you need to take a break and catch up
if you need to take a break and catch up go ahead and do that
go ahead and do that save this and once you have it saved go
save this and once you have it saved go ahead and close the file out
ahead and close the file out so let's go ahead and create a new
so let's go ahead and create a new python file so call this mouse pad and I
python file so call this mouse pad and I think we'll just call this read write
think we'll just call this read write dot pi
dot pi it'll do an ampersand here
it'll do an ampersand here and for this what we're going to do is
and for this what we're going to do is we're going to go ahead and look at how
we're going to go ahead and look at how we can read and write files so the way
we can read and write files so the way that we do that is with the open command
that we do that is with the open command so we'll say something like open and
so we'll say something like open and with open and actually let's add the
with open and actually let's add the shebang up here really quick in python3
shebang up here really quick in python3 save it and with the open command we can
save it and with the open command we can say something like open
say something like open months.txt
and I need to add this here so if we open months.txt what we need to
so if we open months.txt what we need to do with this or what we typically do
do with this or what we typically do with this is we store this within a
with this is we store this within a variable so we might just call this
variable so we might just call this months equals open months.txt and if we
months equals open months.txt and if we want to read that file we can come in
want to read that file we can come in here and just print out months and
here and just print out months and you'll see what this does here in a
you'll see what this does here in a second now best practice says to also
second now best practice says to also close this out anytime we open this so
close this out anytime we open this so I'm going to go ahead and just add some
I'm going to go ahead and just add some lines in here because we're going to add
lines in here because we're going to add some more stuff to this but we can just
some more stuff to this but we can just do months Dot close
do months Dot close and we'll save this let's go ahead and
and we'll save this let's go ahead and run and see what happens here so if we
run and see what happens here so if we do Python 3
do Python 3 read write.pi
read write.pi you'll see we get this information back
you'll see we get this information back let me move this so it's readable and
let me move this so it's readable and what this tells us is hey this is the
what this tells us is hey this is the name of the file
name of the file we're in a certain mode in this mode
we're in a certain mode in this mode currently is read mode and we get the
currently is read mode and we get the default encoding here of utf-8
default encoding here of utf-8 so we're getting information back we're
so we're getting information back we're not actually reading the file that we
not actually reading the file that we wrote so
wrote so um some of the information that we can
um some of the information that we can get by the way we can come in here and
get by the way we can come in here and we can say it to ourselves well
we can say it to ourselves well is this file readable so we have mode
is this file readable so we have mode equals R and this is one way to check it
equals R and this is one way to check it there's a couple ways that we can check
there's a couple ways that we can check it as well we can print out
it as well we can print out month dot mode and that will tell us
month dot mode and that will tell us what mode we're in we can also print out
what mode we're in we can also print out months.readable and that should give us
months.readable and that should give us a Boolean statement whether that is true
a Boolean statement whether that is true or false so if we come in here and we
or false so if we come in here and we save this
save this and we do this again
and we do this again you'll see that we get months we print
you'll see that we get months we print that out we get the whole shebang here
that out we get the whole shebang here and we get the uh mode is equal to R
and we get the uh mode is equal to R which is readable you can see if we
which is readable you can see if we print out the mode we can also see it's
print out the mode we can also see it's readable or if we do months readable we
readable or if we do months readable we can see that it is readable so we have
can see that it is readable so we have the ability here to actually print this
the ability here to actually print this out and read this file
out and read this file so how do we do that well let's go ahead
so how do we do that well let's go ahead and delete these two lines
and we can just come in here and do month dot read
month dot read if we do that what happens here let's
if we do that what happens here let's save it print this out
save it print this out and you can see that it reads through
and you can see that it reads through every single iteration January all the
every single iteration January all the way through December perfect so we just
way through December perfect so we just read a file and we closed out
read a file and we closed out working as intended if we wanted to read
working as intended if we wanted to read this line by line we could we can do
this line by line we could we can do months.readline like this and if we save
months.readline like this and if we save that in print
that in print we will read literally one line if we
we will read literally one line if we wanted to read a second line we could
wanted to read a second line we could copy this and we could paste this and
copy this and we could paste this and save it and come in here and guess what
save it and come in here and guess what we'll get January and February this time
we'll get January and February this time so if we want to read this we have to
so if we want to read this we have to read line by line now if we wanted to
read line by line now if we wanted to read all the lines at once we could do
read all the lines at once we could do that
that in a different way we could do that with
in a different way we could do that with read lines
read lines and this will print out an empty array
and this will print out an empty array or a list here actually and what you'll
or a list here actually and what you'll see is we get January a new line
see is we get January a new line February new line March Etc so we put
February new line March Etc so we put this into a list and now if we try to
this into a list and now if we try to actually run this again let's actually
actually run this again let's actually tab over we tried to run this twice look
tab over we tried to run this twice look what happens
what happens I'm going to print this and save this
so we have the first list here and then we have a second list here the second
we have a second list here the second list is empty
list is empty well that's because we've actually
well that's because we've actually already read this so we read through it
already read this so we read through it here first and then it's empty the next
here first and then it's empty the next time we try to read it so if we wanted
time we try to read it so if we wanted to read it again what we need to do is
to read it again what we need to do is actually use what is called the seek
actually use what is called the seek method we can come in here and say
method we can come in here and say months.seek
months.seek do zero like that to go back to the very
do zero like that to go back to the very first line
first line and print out again
and print out again and now you can see we actually printed
and now you can see we actually printed this out twice so that works out well
this out twice so that works out well we also have the ability to put this
we also have the ability to put this into a for Loop to read through every
into a for Loop to read through every iteration of the line so if we wanted to
iteration of the line so if we wanted to do something like
do something like four month in months we could just print
four month in months we could just print out month
out month all right and that should iterate
all right and that should iterate through everything in here so save that
through everything in here so save that print this
print this and you can see that it indeed does
and you can see that it indeed does print through everything
print through everything we can also add the dot strip at the end
we can also add the dot strip at the end of this
save that print and you can see that we strip out
print and you can see that we strip out any of the new lines that are in there
any of the new lines that are in there so you saw we got some spacing in here
so you saw we got some spacing in here it's a little funky so if we came
it's a little funky so if we came through and we just added the dot strip
through and we just added the dot strip that makes our for Loop a little bit
that makes our for Loop a little bit better so again remember what we're
better so again remember what we're defining here is whatever we want we can
defining here is whatever we want we can call this for X in months make this an X
call this for X in months make this an X and it's the same thing but logically
and it's the same thing but logically it's just easy to call this month in
it's just easy to call this month in month and then we can just print those
month and then we can just print those out so we can iterate through this so so
out so we can iterate through this so so far up until this point all we've done
far up until this point all we've done is been able to read a file what if we
is been able to read a file what if we want to write to a file or append to a
want to write to a file or append to a file well we can do that as well so if
file well we can do that as well so if we wanted to
we wanted to for instance open a file let's open a
for instance open a file let's open a new file let's do something we haven't
new file let's do something we haven't created yet let's do days of the week so
created yet let's do days of the week so let's do open days and if we try to do
let's do open days and if we try to do this let's change months to days
this let's change months to days and we're going to change days to close
and we're going to change days to close and we're just going to leave this open
and we're just going to leave this open right here so we have our best practice
right here so we have our best practice now if we try to run this with an open
now if we try to run this with an open days.txt uh we're not going to be able
days.txt uh we're not going to be able to do that because currently we're just
to do that because currently we're just in read mode so we want to be able to
in read mode so we want to be able to turn over and put ourselves into write
turn over and put ourselves into write mode in order to do that we can just do
mode in order to do that we can just do a w if we wanted to check that out we
a w if we wanted to check that out we could just do print days.mode like we
could just do print days.mode like we saw before make sure we are actually
saw before make sure we are actually operating in right mode so if we save
operating in right mode so if we save this
this you'll see that we are in right mode so
you'll see that we are in right mode so we're good to go you could also just
we're good to go you could also just again delete this save
again delete this save and print out days apologies you print
and print out days apologies you print out days save that you'll be able to see
out days save that you'll be able to see that we are also in write mode so both
that we are also in write mode so both of these work
of these work now let's write to a file so we've got
now let's write to a file so we've got days let's go ahead and
days let's go ahead and write to that so we can do something
write to that so we can do something like
like days oops days dot right
days oops days dot right and let's say we wanted to put Monday
and let's say we wanted to put Monday into days save that
into days save that close it
close it and if we go ahead and execute that
and if we go ahead and execute that nothing happens but if we go ahead and
nothing happens but if we go ahead and cat out days.txt
cat out days.txt you'll see that Monday has been put into
you'll see that Monday has been put into days.txt perfect so now what if we
days.txt perfect so now what if we wanted to continue on with this let's
wanted to continue on with this let's put Tuesday in there and we're going to
put Tuesday in there and we're going to need a new line so let's go ahead and do
need a new line so let's go ahead and do a new line with that and we'll do
a new line with that and we'll do Tuesday and hopefully when we write this
Tuesday and hopefully when we write this out we'll see Monday and Tuesday so
out we'll see Monday and Tuesday so let's save that
let's save that print this
print this sorry let's run the script and then
sorry let's run the script and then print this
print this and you'll see we have the new line in
and you'll see we have the new line in there and we have Tuesday but we
there and we have Tuesday but we actually overwrote it we don't we don't
actually overwrote it we don't we don't have Monday anymore
have Monday anymore so what's happening here is we're
so what's happening here is we're actually writing to a file which is
actually writing to a file which is overwriting the file we're not appending
overwriting the file we're not appending to the file so if we wanted to append to
to the file so if we wanted to append to the file what we need to do is change
the file what we need to do is change this W to an a
this W to an a and we can come in here and we can write
and we can come in here and we can write in Wednesday if we wanted to
in Wednesday if we wanted to save this
save this and now let's run this and run that and
and now let's run this and run that and now you can see we have Tuesday and
now you can see we have Tuesday and Wednesday so understand the difference
Wednesday so understand the difference between R being read
between R being read W being right which overwrites and a
W being right which overwrites and a being append which allows us to append a
being append which allows us to append a file instead of overwriting a file
file instead of overwriting a file so that is it for this lesson I'll go
so that is it for this lesson I'll go ahead and see you over in the next one
ahead and see you over in the next one all right let's talk about classes and
all right let's talk about classes and objects
objects so python is what is known as an object
so python is what is known as an object oriented programming language so pretty
oriented programming language so pretty much everything in Python is an object
much everything in Python is an object and we can use what is called a class to
and we can use what is called a class to be what is like an object Constructor
be what is like an object Constructor and we can use that to help create
and we can use that to help create objects and this is a little bit easier
objects and this is a little bit easier to explain once we actually demonstrate
to explain once we actually demonstrate this so we're going to create a couple
this so we're going to create a couple of files in this lesson and the first
of files in this lesson and the first thing that we're going to do is we're
thing that we're going to do is we're going to do a mouse pad and I am going
going to do a mouse pad and I am going to create a file called
to create a file called employees dot pi
and in this we're going to go ahead and declare class
declare class I'm going to save this here so let's do
I'm going to save this here so let's do class employees save it
class employees save it and we're going to go ahead and hit
and we're going to go ahead and hit enter and just tab over
enter and just tab over and we're going to do this
and we're going to do this Define and two underscores
Define and two underscores i n i t or init two underscores again
i n i t or init two underscores again and we're gonna put some parameters
and we're gonna put some parameters inside of this function and we'll talk
inside of this function and we'll talk about what the init function is here in
about what the init function is here in a second let's go ahead and let's think
a second let's go ahead and let's think about having employees so the first
about having employees so the first parameter we're going to Define is
parameter we're going to Define is called self
called self and then for our employees we might want
and then for our employees we might want to know the employee's name
to know the employee's name we might want to know what department
we might want to know what department they work in
they work in we might want to know their role in that
we might want to know their role in that department
department their salary
their salary and maybe the years that they've been
and maybe the years that they've been employed so we'll do years underscore
employed so we'll do years underscore employed
employed and just like a function We'll add the
and just like a function We'll add the colon here at the end
colon here at the end and we're going to go ahead and tab and
and we're going to go ahead and tab and then we're going to Define all of this
then we're going to Define all of this so let's go ahead and say self
so let's go ahead and say self dot name is equal to name so we're
dot name is equal to name so we're creating methods here which you'll see
creating methods here which you'll see us use in just a bit we're going to do
us use in just a bit we're going to do self.department
self.department equals Department
equals Department and you should get the gist at this
and you should get the gist at this point self.roll is equal to roll
point self.roll is equal to roll self. salary is equal to salary
self. salary is equal to salary self
self dot years employed is equal to years
dot years employed is equal to years employed
okay so let's save that so all classes have a function called the init function
have a function called the init function and this is always executed when the
and this is always executed when the class is being initiated
class is being initiated so we're going to use this init function
so we're going to use this init function to assign values to object properties
to assign values to object properties so what we're doing here is we're
so what we're doing here is we're creating these parameters within this
creating these parameters within this function and we're also building out
function and we're also building out methods that we can use once we import
methods that we can use once we import this class so let's go ahead and close
this class so let's go ahead and close this out and we're going to open up
this out and we're going to open up another mouse pad and we'll just call
another mouse pad and we'll just call this something like our employees dot Pi
this something like our employees dot Pi you can call whatever you want and I'm
you can call whatever you want and I'm going to go ahead and do my shebang at
going to go ahead and do my shebang at the top we'll do bin python3
the top we'll do bin python3 save that and from here I want to
save that and from here I want to actually import the class that we just
actually import the class that we just built so what I'm going to do is I'm
built so what I'm going to do is I'm going to import this and we're going to
going to import this and we're going to say from employees
import employees
employees all right and we can make a couple of
all right and we can make a couple of employees here so let's set a variable
employees here so let's set a variable of E1 for employee one and we'll just do
of E1 for employee one and we'll just do employees
employees and I'm going to stick with the Bob's
and I'm going to stick with the Bob's Burgers theme from earlier we'll just
Burgers theme from earlier we'll just say we've got Bob remember we we're
say we've got Bob remember we we're declaring Bob's name
declaring Bob's name his department will say he works in
his department will say he works in sales
sales will say that his role within the
will say that his role within the department is the director of sales
department is the director of sales and we'll say his salary is a hundred
and we'll say his salary is a hundred thousand dollars a year
thousand dollars a year and that he has been employed for 20
and that he has been employed for 20 years
years and we'll do another employee
and we'll do another employee and we'll say that this employee is
and we'll say that this employee is Linda
Linda she is an executive
she is the Chief Information officer or the CIO
the CIO she makes a hundred and fifty thousand
she makes a hundred and fifty thousand dollars a year and she has been with the
dollars a year and she has been with the organization for 10 years
organization for 10 years so we can do some stuff with this we can
so we can do some stuff with this we can go and say like print
go and say like print E1 dot name
E1 dot name let's save this make sure everything
let's save this make sure everything works
works coming here actually let me close and
coming here actually let me close and reopen this because I forgot my
reopen this because I forgot my Ampersand on this
Ampersand on this and we'll come back and now we'll go
and we'll come back and now we'll go ahead and do python3 our employees and
ahead and do python3 our employees and you'll see that print e1.name is pulling
you'll see that print e1.name is pulling down Bob so we're using the name method
down Bob so we're using the name method that we created with our class so we
that we created with our class so we Define that within that class so now we
Define that within that class so now we have the ability to pull down
have the ability to pull down information based on the class that we
information based on the class that we built so we can also do something like
built so we can also do something like print E2 dot roll and we should get that
print E2 dot roll and we should get that role printed out for us so if we see E2
role printed out for us so if we see E2 roll we're getting that she is a CIO so
roll we're getting that she is a CIO so that is accurate statement here let's
that is accurate statement here let's see if we could open both of these let's
see if we could open both of these let's open also
open also employees.pi and we have both of these
employees.pi and we have both of these here now so it's a little bit easier to
here now so it's a little bit easier to see we've got our function our init
see we've got our function our init function here and we have all of our
function here and we have all of our methods that we've defined now we can
methods that we've defined now we can build upon this within this class so
build upon this within this class so let's say if we wanted to make another
let's say if we wanted to make another function if we wanted to say something
function if we wanted to say something like Define
like Define eligible for retirement
eligible for retirement and we just said self in here as the
and we just said self in here as the parameter what if we said something like
parameter what if we said something like if
if self dot years employed
self dot years employed is greater than or equal to 20.
is greater than or equal to 20. then we return true because if the
then we return true because if the person has worked with us for 20 years
person has worked with us for 20 years then they are eligible for retirement
then they are eligible for retirement otherwise if they haven't then they
otherwise if they haven't then they haven't earned their retirement yet so
haven't earned their retirement yet so we can look at an employee and see how
we can look at an employee and see how long they've worked with us and we can
long they've worked with us and we can save this here and then we can come in
save this here and then we can come in here we can do something like print
here we can do something like print and we'll say E1
and we'll say E1 and we'll ask if they are eligible for
and we'll ask if they are eligible for retirement
retirement okay
okay save this print this out and you'll see
save this print this out and you'll see that Bob is indeed eligible for
that Bob is indeed eligible for retirement because he has been with the
retirement because he has been with the company at least 20 years which is what
company at least 20 years which is what we put here within the class
we put here within the class so just know what we're doing is we're
so just know what we're doing is we're building out our own class and we're
building out our own class and we're able to Define
able to Define these functions and these parameters and
these functions and these parameters and these help us with creating our objects
these help us with creating our objects that we're using over here so we've got
that we're using over here so we've got our classes and then we've got our
our classes and then we've got our objects so this can get really robust
objects so this can get really robust very quick and we'll build out a project
very quick and we'll build out a project to look at that here in the next lesson
to look at that here in the next lesson and that way we can tie this all
and that way we can tie this all together but this is a very important
together but this is a very important part of programming and this is very
part of programming and this is very much a one-on-one class so we're just
much a one-on-one class so we're just skimming the surface on what this is but
skimming the surface on what this is but this is actually incredibly useful when
this is actually incredibly useful when we start building out classes like this
we start building out classes like this to help with other things that we're
to help with other things that we're writing and pulling information from so
writing and pulling information from so that's it for this lesson we're going to
that's it for this lesson we're going to go ahead and move on to the next one
go ahead and move on to the next one we have reached the final project in
we have reached the final project in this course and this is going to tie
this course and this is going to tie everything together that we have learned
everything together that we have learned thus far
thus far so I am a bit of a sneaker head which
so I am a bit of a sneaker head which means I really like shoes and so what
means I really like shoes and so what we're going to do is we're going to
we're going to do is we're going to build a budget app using classes and
build a budget app using classes and objects and we're going to see what
objects and we're going to see what shoes we can afford based on how much
shoes we can afford based on how much money we have
money we have so we're going to go ahead and start
so we're going to go ahead and start with the class and we're going to just
with the class and we're going to just make a new file we'll do mouse pad and
make a new file we'll do mouse pad and we'll call this shoes I can type shoes
we'll call this shoes I can type shoes dot pi
dot pi open that up
open that up and we'll also open up a new window as
and we'll also open up a new window as well or just a new tab here and we'll
well or just a new tab here and we'll write in both of these so uh for this
write in both of these so uh for this one we're going to go ahead and just
one we're going to go ahead and just define a class of shoes
define a class of shoes and I'm going to go ahead and just save
and I'm going to go ahead and just save that so I see the colors
that so I see the colors and here we're going to Define our init
and here we're going to Define our init statement
statement and we're going to just say self
and we're going to just say self and then we're going to have a name
and then we're going to have a name our name of our shoe and the price of
our name of our shoe and the price of our shoes
our shoes and within this we're just going to
and within this we're just going to Define
Define self.name equals name this should all
self.name equals name this should all look familiar so far and self dot price
look familiar so far and self dot price is equal to price
is equal to price what we're going to do with the price
what we're going to do with the price because we'll run into an instance where
because we'll run into an instance where this is going to be taken potentially as
this is going to be taken potentially as a string we're going to go ahead and
a string we're going to go ahead and just give this a flow we want to make
just give this a flow we want to make sure that we are assuming this is going
sure that we are assuming this is going to be a float of a price here
to be a float of a price here let's go ahead and Define a few more
let's go ahead and Define a few more things so I want to define a budget
things so I want to define a budget check
check and I want to make sure that we have the
and I want to make sure that we have the budget here so what we're going to do in
budget here so what we're going to do in this instance is we're just going to say
this instance is we're just going to say self and then we'll also add in budget
self and then we'll also add in budget here
here and we'll come in here and we'll do a
and we'll come in here and we'll do a check first we want to make sure that we
check first we want to make sure that we are given an integer or a float here
are given an integer or a float here when we are asked for the budget so we
when we are asked for the budget so we can say something like if not
can say something like if not is instance and what this means is we're
is instance and what this means is we're saying if this type is not what we're
saying if this type is not what we're specifying here then we're going to go
specifying here then we're going to go ahead and reject this and close out of
ahead and reject this and close out of the application so the is instance looks
the application so the is instance looks for our type and returns a True Value
for our type and returns a True Value but if we say is not true then that's
but if we say is not true then that's false remember our truth tables and thus
false remember our truth tables and thus becomes invalid and closes the app so
becomes invalid and closes the app so what's going to happen is we're going to
what's going to happen is we're going to say budget
say budget and we're also going to look whether
and we're also going to look whether budget is going to be an INT or a float
budget is going to be an INT or a float and if it is not one of those two things
and if it is not one of those two things we're going to go ahead and print out
we're going to go ahead and print out invalid entry
invalid entry please enter a number something along
please enter a number something along those lines and then we'll exit the
those lines and then we'll exit the application
application so let's say that we have a budget and
so let's say that we have a budget and we want to also know how much money is
we want to also know how much money is left over if we buy the shoes so we can
left over if we buy the shoes so we can define something like change or what
define something like change or what change is left over and we could say
change is left over and we could say something like self Budget on this as
something like self Budget on this as well
well and we can just return
and we can just return our budget
our budget minus ourself dot price
minus ourself dot price so remember we declared self.price up
so remember we declared self.price up here now we're calling it we're just
here now we're calling it we're just saying Hey I want to return the value of
saying Hey I want to return the value of the budget that we have minus the cost
the budget that we have minus the cost of the item that we're purchasing
okay only a couple more things and we'll be done with our class here so we also
be done with our class here so we also need to purchase it right so let's
need to purchase it right so let's define buy and we're going to do self
define buy and we're going to do self budget again
and here we're going to do a self dot Budget Check
and what we'll say is if our budget is greater than or equal to self.price
is greater than or equal to self.price then we're going to print out
we'll do a F string here and we'll just say U and cop sum and then we'll do
say U and cop sum and then we'll do self.name
self.name so the name that we'll provide here this
so the name that we'll provide here this will all make sense once we tie it all
will all make sense once we tie it all together
together okay and then if our budget is equal to
okay and then if our budget is equal to the self.price then we're gonna just say
the self.price then we're gonna just say print out
print out you
you have exactly enough money for these
have exactly enough money for these shoes
shoes otherwise
we can do else now we could go through this whole thing and and give a
this whole thing and and give a statement and say well what if we had no
statement and say well what if we had no money or what if we didn't have enough
money or what if we didn't have enough money but in this instance we're just
money but in this instance we're just gonna print out the situation of
gonna print out the situation of you can
you can buy these shoes and have we have a
buy these shoes and have we have a dollar sign here
dollar sign here we'll say self
we'll say self dot change
dot change and we'll give a budget left over
and we'll give a budget left over so
left over just like this all right and then when we exit the
all right and then when we exit the application we can say something like
application we can say something like exit
exit and we'll just give a statement thanks
and we'll just give a statement thanks for using our shoe budget app
for using our shoe budget app now this might not make any sense yet
now this might not make any sense yet and that's okay let me make this a
and that's okay let me make this a little bit bigger
little bit bigger and so what we're doing here is we're
and so what we're doing here is we're defining our init and in our init we
defining our init and in our init we have a name which is going to be the
have a name which is going to be the name of the shoe
name of the shoe and price which give me the price of the
and price which give me the price of the shoe so self.name is equal to name
shoe so self.name is equal to name self.price is going to be a float
self.price is going to be a float because we're expecting
because we're expecting potentially it could be our price of our
potentially it could be our price of our shoe could be 2.99 or 100.99 it might
shoe could be 2.99 or 100.99 it might not just be a perfect number so we want
not just be a perfect number so we want to use a float
to use a float we have our budget check here we're just
we have our budget check here we're just checking the is instance we could in
checking the is instance we could in theory add to this budget check and make
theory add to this budget check and make sure we have enough funding before we
sure we have enough funding before we come down and do the purchase would
come down and do the purchase would probably be the logical way to do this
probably be the logical way to do this but in this instance we're just using
but in this instance we're just using really beginner logic and we're just
really beginner logic and we're just coming through and we're just saying hey
coming through and we're just saying hey if this instance isn't an integer or a
if this instance isn't an integer or a float like somebody types in a string
float like somebody types in a string then we're just going to go ahead and
then we're just going to go ahead and reject this we we don't want any we have
reject this we we don't want any we have no interest if this is no integer or
no interest if this is no integer or float here
float here then we're going to Define our change so
then we're going to Define our change so if we have uh money left over like if we
if we have uh money left over like if we have budget minus the price of the shoe
have budget minus the price of the shoe then we're going to go ahead and give
then we're going to go ahead and give some money back
some money back um and then we're gonna buy the shoe as
um and then we're gonna buy the shoe as well so we're gonna have our buy option
well so we're gonna have our buy option as long as our budget is greater than
as long as our budget is greater than the price of the shoe we can buy that
the price of the shoe we can buy that shoe
shoe and if the budget is equal to the price
and if the budget is equal to the price then we have enough money if it's not
then we have enough money if it's not then we'll actually have some money left
then we'll actually have some money left over here
over here um unless it's the instance of not
um unless it's the instance of not having enough money and then it'll just
having enough money and then it'll just exit the application because we haven't
exit the application because we haven't told it to do anything else and then
told it to do anything else and then it'll also thank us for using the shoe
it'll also thank us for using the shoe app so that's part one we have defined
app so that's part one we have defined the class now could we build this out
the class now could we build this out all in one thing yes we could just write
all in one thing yes we could just write a script out for this we could code this
a script out for this we could code this and make it into one easy script but
and make it into one easy script but what this will do is allow us
what this will do is allow us flexibility this is where object
flexibility this is where object oriented programming comes into play
oriented programming comes into play because we don't have to continue to
because we don't have to continue to repeat ourself and what we're following
repeat ourself and what we're following is what is called the dry approach the
is what is called the dry approach the don't repeat yourself approach and so
don't repeat yourself approach and so what we're doing is maintaining
what we're doing is maintaining everything in a class here and then
everything in a class here and then we'll call that class and make it very
we'll call that class and make it very easy on us instead of having one crazy
easy on us instead of having one crazy long script that is potentially
long script that is potentially repetitive and a lot more difficult to
repetitive and a lot more difficult to go through so here we're gonna just
go through so here we're gonna just open this up and I'm going to call out a
open this up and I'm going to call out a shebang I'm Ben python3 I'm Gonna Save
shebang I'm Ben python3 I'm Gonna Save this and I'm going to call this
this and I'm going to call this uh shoe purchase
uh shoe purchase dot pi
dot pi save that
save that now
now we're going to import from our class
we're going to import from our class that we made so from shoes import shoes
and let's define a few variables so let's say low is equal to
let's say low is equal to choose and for the low price shoes we're
choose and for the low price shoes we're just going to say we can buy some and
just going to say we can buy some and ones and we can buy those for 30 dollars
ones and we can buy those for 30 dollars uh for medium price shoes maybe we can
uh for medium price shoes maybe we can purchase some Air Force Ones
purchase some Air Force Ones and for those maybe they're a hundred
and for those maybe they're a hundred and twenty dollars
and twenty dollars and then for the high price shoes maybe
and then for the high price shoes maybe we're interested in purchasing
we're interested in purchasing some off-whites
and those might run us for a hundred dollars
dollars and from here what we're gonna do is
and from here what we're gonna do is we're going to do a try statement
we're going to do a try statement remember we've done a try statement
remember we've done a try statement before and we're going to say try
before and we're going to say try and we're going to say shoe budget
is equal to a float of an input we're going to ask for an
of an input we're going to ask for an input here so this is all tying together
input here so this is all tying together we'll say what is your shoe budget
we'll say what is your shoe budget do a question mark there
do a question mark there tie this together and then
tie this together and then we're going to do an exception so if we
we're going to do an exception so if we have a value error
have a value error meaning we don't get a number back
meaning we don't get a number back similar to what we were doing previously
similar to what we were doing previously if we don't get a number back here we're
if we don't get a number back here we're going to say please enter a number
now we can come in here and say
we can come in here and say for shoes in
for shoes in and then we can just give this high
and then we can just give this high medium low like this
medium low like this we can do a shoes dot by
we can do a shoes dot by and remember we came out with this by
and remember we came out with this by Method over in our class here so we're
Method over in our class here so we're doing a shoes dot by I'm gonna go and
doing a shoes dot by I'm gonna go and check all this for us and we're going to
check all this for us and we're going to say
say to budget
to budget so we're going to take the input of shoe
so we're going to take the input of shoe budget what's the value here we'll take
budget what's the value here we'll take that we'll come in here and we'll see
that we'll come in here and we'll see what our budget is if it is greater than
what our budget is if it is greater than or equal to the price of the shoe we're
or equal to the price of the shoe we're defining our name of the shoe and our
defining our name of the shoe and our price of the shoe from our parameters
price of the shoe from our parameters that we defined up here name and price
that we defined up here name and price so we're saying hey our the name and the
so we're saying hey our the name and the price so is the price of the shoe
price so is the price of the shoe is it at least the amount of our budget
is it at least the amount of our budget and if it is we can buy that and we'll
and if it is we can buy that and we'll check in the highest order and then go
check in the highest order and then go in the lowest order if you flip these
in the lowest order if you flip these and you put in 400 we just keep telling
and you put in 400 we just keep telling you that you can only buy the low price
you that you can only buy the low price shoe so you need to make sure it's in
shoe so you need to make sure it's in the highest to the lowest order in this
the highest to the lowest order in this this example and so it'll check do we
this example and so it'll check do we have enough money to buy the 400 pair of
have enough money to buy the 400 pair of shoes no okay and then do we have enough
shoes no okay and then do we have enough money to buy the 120 pair of shoes no do
money to buy the 120 pair of shoes no do we have enough money to buy the 30 pair
we have enough money to buy the 30 pair of shoes so we'll go through that and
of shoes so we'll go through that and iterate in this Loop to see what we can
iterate in this Loop to see what we can or can't buy so let's go ahead and save
or can't buy so let's go ahead and save this
this and we'll save shoes.pi and I'm going to
and we'll save shoes.pi and I'm going to go ahead and run this hopefully I have
go ahead and run this hopefully I have no typos I will do shoe budget
no typos I will do shoe budget shoe purchase sorry and run this and I
shoe purchase sorry and run this and I do have a typo and so if I come back in
do have a typo and so if I come back in here
here I forgot to close off my F string so let
I forgot to close off my F string so let me save that
me save that now let's try this
now let's try this what is our shoe budget let's give it a
what is our shoe budget let's give it a few different options if we said our
few different options if we said our shoe budget was thirty dollars exactly
shoe budget was thirty dollars exactly well it's going to say that we can cop
well it's going to say that we can cop some air some and ones sorry and we have
some air some and ones sorry and we have exactly enough money for these shoes
exactly enough money for these shoes thanks for using the shoe app uh what if
thanks for using the shoe app uh what if we had 31 dollars
we had 31 dollars well we could still cop some and ones
well we could still cop some and ones and then we can buy these shoes and have
and then we can buy these shoes and have one dollar left over all right what if
one dollar left over all right what if we had 450 dollars
we had 450 dollars well we can buy the off-whites and we
well we can buy the off-whites and we can buy those and have fifty dollars
can buy those and have fifty dollars left over for our budget
left over for our budget so hopefully this makes sense I know
so hopefully this makes sense I know this is a lot of information and this
this is a lot of information and this again is just a one-on-one course so
again is just a one-on-one course so we're just kind of
we're just kind of dabbling in the object oriented
dabbling in the object oriented programming and if you continue on with
programming and if you continue on with python from here and you start getting
python from here and you start getting into more complex material then you
into more complex material then you could build upon what you're learning
could build upon what you're learning here so
here so try to think of something that you might
try to think of something that you might want to script out like this or write
want to script out like this or write out like this and think of the logic
out like this and think of the logic behind it I highly recommend going and
behind it I highly recommend going and doing coding challenges or programming
doing coding challenges or programming challenges and try to increase the logic
challenges and try to increase the logic and the ideas behind what you're trying
and the ideas behind what you're trying to build and that just takes practice
to build and that just takes practice all this takes practice it's one thing
all this takes practice it's one thing to watch and follow along with somebody
to watch and follow along with somebody it's a whole nother game to go out and
it's a whole nother game to go out and do this yourself so start thinking of
do this yourself so start thinking of some things that you want to build
some things that you want to build really use your Google skills look at
really use your Google skills look at stack Overflow and look at some Googling
stack Overflow and look at some Googling and some redditing and just try to piece
and some redditing and just try to piece together the logic that you have in what
together the logic that you have in what you want to build so highly recommend
you want to build so highly recommend building upon this this is a great
building upon this this is a great language learn and very flexible and I
language learn and very flexible and I hope that you continue on with this
okay before we get hands on I have to give you a little bit of Death by
give you a little bit of Death by PowerPoint but it's for good reason
PowerPoint but it's for good reason so we need to introduce the five stages
so we need to introduce the five stages of ethical hacking these are the five
of ethical hacking these are the five stages that you will go through on every
stages that you will go through on every assessment
assessment so before we do that let's first make a
so before we do that let's first make a big note from here on we are moving into
big note from here on we are moving into the ethical hacking portion of our
the ethical hacking portion of our course we're going to learn malicious
course we're going to learn malicious things
things please only use the information learned
please only use the information learned in this course for ethical purposes do
in this course for ethical purposes do not attack your neighbors do not attack
not attack your neighbors do not attack anybody that you do not have explicit
anybody that you do not have explicit permission to do so
permission to do so you can and will get into trouble for
you can and will get into trouble for doing that so with that out of the way
doing that so with that out of the way let's talk briefly about the five stages
let's talk briefly about the five stages of ethical hacking
of ethical hacking so
so we start up at the top and we actually
we start up at the top and we actually start with what is called reconnaissance
start with what is called reconnaissance the stage is also known as information
the stage is also known as information gathering and there are two different
gathering and there are two different types there's active and passive now
types there's active and passive now passive is saying like going out to
passive is saying like going out to Google and searching for somebody say
Google and searching for somebody say you're giving a client and you want to
you're giving a client and you want to look at their Google you want to look at
look at their Google you want to look at LinkedIn you might be looking for I
LinkedIn you might be looking for I don't know a picture of their badge or
don't know a picture of their badge or an employee's name or maybe an
an employee's name or maybe an employee's Twitter page
employee's Twitter page that's all passive you're not actually
that's all passive you're not actually going out to the company's website and
going out to the company's website and doing anything active against it now
doing anything active against it now active reconnaissance kind of falls into
active reconnaissance kind of falls into place with the second phase which is
place with the second phase which is scanning an enumeration now that is
scanning an enumeration now that is active that is where we go out and we
active that is where we go out and we take tools such as nmap and nessus and
take tools such as nmap and nessus and nicto and you've never heard of any of
nicto and you've never heard of any of those that's fine but we take those and
those that's fine but we take those and we scan actively against a client now
we scan actively against a client now what we're looking for are open ports
what we're looking for are open ports vulnerabilities different items and with
vulnerabilities different items and with what Returns on these results when we do
what Returns on these results when we do this scanning we also perform what is
this scanning we also perform what is called enumeration enumeration is just
called enumeration enumeration is just looking at items and digging into them
looking at items and digging into them to see if we can find anything of value
to see if we can find anything of value say that there is a web server running
say that there is a web server running on Port 80 we see Port 80 is open and
on Port 80 we see Port 80 is open and it's running something like Apache 1.2
it's running something like Apache 1.2 which would be really really outdated we
which would be really really outdated we would go out to Google and we would say
would go out to Google and we would say Google do you know if Apache 1.2 2 has
Google do you know if Apache 1.2 2 has any X place for it and we would do
any X place for it and we would do research that's the enumeration portion
research that's the enumeration portion of it so once we do our information
of it so once we do our information gathering we do our scanning enumeration
gathering we do our scanning enumeration then we move into the gaining access
then we move into the gaining access portion
portion this is also known as exploitation we
this is also known as exploitation we will run an exploit against the client
will run an exploit against the client or against the vulnerable service or
or against the vulnerable service or whatever it may be to try to gain access
whatever it may be to try to gain access into a machine or into a network into an
into a machine or into a network into an environment Etc once we have that access
environment Etc once we have that access the process starts to repeat we do
the process starts to repeat we do scanning and enumeration again and we
scanning and enumeration again and we also want to maintain that access right
also want to maintain that access right so if we were to get kicked out okay or
so if we were to get kicked out okay or a user shuts down their computer how do
a user shuts down their computer how do we maintain that access so when they
we maintain that access so when they turn their computer back on we still
turn their computer back on we still have access to it and then lastly there
have access to it and then lastly there is the covering tracks you want to
is the covering tracks you want to delete any logs that you may leave
delete any logs that you may leave behind you want to delete any kind of
behind you want to delete any kind of malware that you upload which is more
malware that you upload which is more important as a pen tester any accounts
important as a pen tester any accounts that you create for any reason you want
that you create for any reason you want to delete those as well you really just
to delete those as well you really just want to clean up it's a good way of
want to clean up it's a good way of putting it covering tracks is the more
putting it covering tracks is the more hacker way of putting it but as a
hacker way of putting it but as a penetration tester you really just want
penetration tester you really just want to clean up so we're going to go heavily
to clean up so we're going to go heavily through steps one through three in this
through steps one through three in this course we'll also cover four and five
course we'll also cover four and five briefly but the process in methodology
briefly but the process in methodology never changes regardless if you're doing
never changes regardless if you're doing network if you're doing web app or if
network if you're doing web app or if you're doing a different type of
you're doing a different type of assessment it's all similar in this five
assessment it's all similar in this five stages of hacking the tools might change
stages of hacking the tools might change the attack methods might change but the
the attack methods might change but the overall methodology is always the same
overall methodology is always the same so that's how we're also going to
so that's how we're also going to structure this course we're going to go
structure this course we're going to go in first and we're going to talk about
in first and we're going to talk about information gathering and reconnaissance
information gathering and reconnaissance then we're going to move into scanning
then we're going to move into scanning enumeration and then we'll start with
enumeration and then we'll start with exploitation and do that repeatedly
exploitation and do that repeatedly until we get it inside of our heads and
until we get it inside of our heads and our it feels almost second nature right
our it feels almost second nature right once we have all that done we'll do some
once we have all that done we'll do some practice boxes you know give it a go see
practice boxes you know give it a go see how we do we'll move into the internal
how we do we'll move into the internal side of things with active directory
side of things with active directory we'll start working with our web
we'll start working with our web applications and our wireless and we
applications and our wireless and we will touch on the maintaining access and
will touch on the maintaining access and covering tracks but you're going to see
covering tracks but you're going to see this methodology over and over and you
this methodology over and over and you might also get this question on an
might also get this question on an interview you know to describe the five
interview you know to describe the five stages so it's important to know these
stages so it's important to know these it's just something that every ethical
it's just something that every ethical hacker can rattle off pretty quickly so
hacker can rattle off pretty quickly so have this written down think about it
have this written down think about it keep your wheels spinning and let's go
keep your wheels spinning and let's go ahead and move on to our first section
ahead and move on to our first section which is going to be information gather
which is going to be information gather ring slash reconnaissance so in some
ring slash reconnaissance so in some Cool Tools some Google Foo and just what
Cool Tools some Google Foo and just what kind of information we can actually
kind of information we can actually gather on a potential client
so in this section we are going to be talking about information gathering and
talking about information gathering and all the information gathering we're
all the information gathering we're going to do in this section is going to
going to do in this section is going to be passive so I'm calling this passive
be passive so I'm calling this passive Recon or passive reconnaissance I wanted
Recon or passive reconnaissance I wanted to give a brief overview of what we're
to give a brief overview of what we're going to be covering and talk about some
going to be covering and talk about some high level topics before we get into the
high level topics before we get into the weeds and really dive into our Target
weeds and really dive into our Target so let's talk about the different types
so let's talk about the different types of passive Recon so on the physical or
of passive Recon so on the physical or social sides physical meaning actually
social sides physical meaning actually going on site and maybe doing a physical
going on site and maybe doing a physical engagement or the social engineering
engagement or the social engineering aspect of maybe doing a phishing
aspect of maybe doing a phishing assessment or even including in a
assessment or even including in a physical engagement or a bishing
physical engagement or a bishing assessment just gathering this
assessment just gathering this information from the physical social
information from the physical social aspect is incredibly useful so we have
aspect is incredibly useful so we have location information so we might utilize
location information so we might utilize something like satellite images or often
something like satellite images or often will go on site and do drone
will go on site and do drone reconnaissance where we fly a drone
reconnaissance where we fly a drone around and try to gain information and
around and try to gain information and what we're really after with these
what we're really after with these images of this drone Recon is we're
images of this drone Recon is we're trying to find out hey what is the
trying to find out hey what is the building layout look like are there
building layout look like are there badge readers are there break areas does
badge readers are there break areas does security exist do they have somebody
security exist do they have somebody posted out up front can you just walk
posted out up front can you just walk right in the door what does their
right in the door what does their fencing look like are are there areas
fencing look like are are there areas where they're just leaving the doors
where they're just leaving the doors propped open where do people go out and
propped open where do people go out and smoke in these break areas because those
smoke in these break areas because those are good place to just walk up to
are good place to just walk up to somebody light up a cigarette even if
somebody light up a cigarette even if you don't smoke and to start a
you don't smoke and to start a conversation and then tailgate right in
conversation and then tailgate right in with them into the building now the
with them into the building now the other aspect of this is the job
other aspect of this is the job information so we might be looking for
information so we might be looking for employees online I might want to know
employees online I might want to know somebody's name job title phone number
somebody's name job title phone number who their manager is I try to get a good
who their manager is I try to get a good idea of what people look like so if I
idea of what people look like so if I see them on site I have a good idea who
see them on site I have a good idea who they are I also look for pictures so I
they are I also look for pictures so I cannot tell you how many times a badge
cannot tell you how many times a badge photo is posted on LinkedIn or somebody
photo is posted on LinkedIn or somebody posted on Twitter you can see all the
posted on Twitter you can see all the memes out there about people posting
memes out there about people posting their photos at work and it's bad it
their photos at work and it's bad it happens all the time I see it to this
happens all the time I see it to this day so we're looking for badge photos
day so we're looking for badge photos I'm looking for desk photos computer
I'm looking for desk photos computer photos I had a situation one where
photos I had a situation one where somebody took a picture of her watching
somebody took a picture of her watching a game at work she was watching a
a game at work she was watching a basketball game at work and the
basketball game at work and the basketball game was on her computer and
basketball game was on her computer and on her screen there it showed all the
on her screen there it showed all the different tools that they utilized at
different tools that they utilized at work she had a work application open in
work she had a work application open in this photo there was a desk in the
this photo there was a desk in the background you can see different things
background you can see different things and it just gives us information and
and it just gives us information and that's really what we're after what kind
that's really what we're after what kind of information can We Gather now this
of information can We Gather now this course is not a course on physical or
course is not a course on physical or social so I kind of wanted to give a
social so I kind of wanted to give a high level of what to expect we won't
high level of what to expect we won't really be doing a whole lot of this in
really be doing a whole lot of this in this course with this type of
this course with this type of information gathering but these are the
information gathering but these are the things that you should be looking for so
things that you should be looking for so if you are tasked with the physical
if you are tasked with the physical assessment do go out there and look for
assessment do go out there and look for satellite images try to get a good feel
satellite images try to get a good feel of the building layout and also try to
of the building layout and also try to get a feel for who the employees are who
get a feel for who the employees are who maybe the it manager is in case you're
maybe the it manager is in case you're going to say you know I work for it they
going to say you know I work for it they might ask you who your manager is you
might ask you who your manager is you might need to know those names and of
might need to know those names and of course look for pictures if you can find
course look for pictures if you can find a good badge photo and what that looks
a good badge photo and what that looks like you can make a fake Badge go on
like you can make a fake Badge go on site and you'll be way more passable
site and you'll be way more passable with that badge but sometimes they don't
with that badge but sometimes they don't even look it can be drawn in crayon so
even look it can be drawn in crayon so from there let's go ahead and talk about
from there let's go ahead and talk about what we will be doing a lot of which is
what we will be doing a lot of which is the web in host
the web in host so when you get a web or a host
so when you get a web or a host assessment the first thing you really
assessment the first thing you really should do is what is called Target
should do is what is called Target validation so we're going to be
validation so we're going to be targeting something on bug crowds we're
targeting something on bug crowds we're not really going to focus on this but
not really going to focus on this but what we're going to do in the real world
what we're going to do in the real world is we would validate the Target now
is we would validate the Target now there are situations where a client will
there are situations where a client will give you an IP address or a website and
give you an IP address or a website and they might they might fudge it right
they might they might fudge it right they might accidentally fat finger it
they might accidentally fat finger it put uh the wrong number put the wrong
put uh the wrong number put the wrong letter in the website and then guess
letter in the website and then guess what you're off attacking somebody
what you're off attacking somebody else's website and they're if you're a
else's website and they're if you're a podcast listener there's a good Dark Net
podcast listener there's a good Dark Net Diaries episode on this if you don't
Diaries episode on this if you don't listen to darknet Diaries go check it
listen to darknet Diaries go check it out there's a great episode with a guy
out there's a great episode with a guy named Rob Fuller AKA mubix and he talks
named Rob Fuller AKA mubix and he talks about getting the wrong
about getting the wrong IP address on an assessment and
IP address on an assessment and attacking the wrong people and actually
attacking the wrong people and actually gaining access to that machine which is
gaining access to that machine which is a really really big big screw up on both
a really really big big screw up on both parts right so you should always
parts right so you should always validate your targets on top of this
validate your targets on top of this when we're doing our web and our host on
when we're doing our web and our host on the website we're going to look for
the website we're going to look for subdomains and we'll talk more about
subdomains and we'll talk more about that as we get into it but we can do
that as we get into it but we can do that with Google we can do that with
that with Google we can do that with nmap sublister there's so many different
nmap sublister there's so many different tools that we can use and we'll cover
tools that we can use and we'll cover some of the tools and how to do it get a
some of the tools and how to do it get a little deep into that as well especially
little deep into that as well especially as we get into the website of things
as we get into the website of things there's fingerprinting we need to know
there's fingerprinting we need to know what's running on a website or what's
what's running on a website or what's running on a host what kind of services
running on a host what kind of services are out there are they running a web
are out there are they running a web server what's that web server is it IAS
server what's that web server is it IAS is it Apache what version is it right
is it Apache what version is it right are they running what ports are open on
are they running what ports are open on their machines oh they have FTP open
their machines oh they have FTP open what version of FTP is open so we need
what version of FTP is open so we need to fingerprint machines and kind of
to fingerprint machines and kind of understand but on the passive side we're
understand but on the passive side we're not touching any machine right so we're
not touching any machine right so we're not going to be doing much scanning
not going to be doing much scanning against a host we just have to utilize
against a host we just have to utilize what kind of information might already
what kind of information might already be out there so if we go out to a
be out there so if we go out to a website it's on the border of active but
website it's on the border of active but as long as we're not scanning it in my
as long as we're not scanning it in my book it's still passive so we'll do we
book it's still passive so we'll do we will cover some of the passive slash
will cover some of the passive slash active side in this section and then
active side in this section and then when we get into scanning we'll get way
when we get into scanning we'll get way more active with it
more active with it lastly we're going to hit heavy
lastly we're going to hit heavy especially in the beginning on data
especially in the beginning on data breaches data breaches are the most
breaches data breaches are the most common way when we're doing an external
common way when we're doing an external assessment that we get into networks
assessment that we get into networks absolutely by far when we talk about
absolutely by far when we talk about data breaches we're talking about
data breaches we're talking about breached incidents from the past that
breached incidents from the past that have leaked data again these are like
have leaked data again these are like Home Depot Equifax LinkedIn all kinds of
Home Depot Equifax LinkedIn all kinds of breaches that are out there that have
breaches that are out there that have had credentials dumped and then those
had credentials dumped and then those credentials become available to us
credentials become available to us eventually and we try to utilize those
eventually and we try to utilize those to gain access or at least utilize the
to gain access or at least utilize the usernames to gain access nowadays most
usernames to gain access nowadays most the time there's not going to be an easy
the time there's not going to be an easy just scan find something vulnerable and
just scan find something vulnerable and exploit it on the external side of the
exploit it on the external side of the house so we're looking for these data
house so we're looking for these data breaches and this information that we
breaches and this information that we can gather and this is why information
can gather and this is why information gathering and then enumeration and
gathering and then enumeration and scanning most important by far the
scanning most important by far the better scanning enumeration that you can
better scanning enumeration that you can do and the better information gather you
do and the better information gather you can do the better hacker you're going to
can do the better hacker you're going to be and the better you're going to be at
be and the better you're going to be at your job so take these first two
your job so take these first two sections really serious so we're gonna
sections really serious so we're gonna start in with identifying what our
start in with identifying what our Target's going to be for this part of
Target's going to be for this part of the section and then we're going to go
the section and then we're going to go ahead and start talking about data
ahead and start talking about data breaches and why they're important and
breaches and why they're important and go deeper into that and then we'll go
go deeper into that and then we'll go off some of these tools that you see
off some of these tools that you see here on this list and really dive into
here on this list and really dive into those so I will look forward to seeing
those so I will look forward to seeing you in the next video when we identify
you in the next video when we identify our Target and get some information
our Target and get some information gathering started
all right before we begin doing our reconnaissance we have to
doing our reconnaissance we have to establish a client to attack so for this
establish a client to attack so for this course we're going to be utilizing a
course we're going to be utilizing a client out of bug crowd if you've never
client out of bug crowd if you've never heard of bug crowd bug crowd is a public
heard of bug crowd bug crowd is a public bug Bounty program what that means is
bug Bounty program what that means is there are programs on the website that
there are programs on the website that will allow you to attack them and if you
will allow you to attack them and if you find a bug against the program you're
find a bug against the program you're able to submit it and potentially get
able to submit it and potentially get money for it so you are able to hack
money for it so you are able to hack these programs publicly as they are part
these programs publicly as they are part of this program now the program we're
of this program now the program we're going to be attacking is Tesla so Tesla
going to be attacking is Tesla so Tesla is part of bug crowd now please do note
is part of bug crowd now please do note please double check when you're watching
please double check when you're watching this course as some time may have passed
this course as some time may have passed Tesla might no longer be part of this
Tesla might no longer be part of this bug Bounty program so it's very critical
bug Bounty program so it's very critical to make sure that you are still within
to make sure that you are still within scope before you attack if for some
scope before you attack if for some reason Tesla is no longer in scope just
reason Tesla is no longer in scope just go ahead and pick a new client and do
go ahead and pick a new client and do information gathering on them you don't
information gathering on them you don't have to pick Tesla when we're doing this
have to pick Tesla when we're doing this you can just do it to follow along with
you can just do it to follow along with me but you're also welcome to pick any
me but you're also welcome to pick any program you want so if you go to
program you want so if you go to bugcrowd.com and we go to programs
bugcrowd.com and we go to programs I will show you where Tesla exists now
I will show you where Tesla exists now you can see here that they have all
you can see here that they have all different types of programs in here and
different types of programs in here and if I were to scroll down and
if I were to scroll down and continuously I could find more and more
continuously I could find more and more and more there are hundreds of programs
and more there are hundreds of programs involved all kinds of names digital
involved all kinds of names digital ocean OCTA really big names Pinterest
ocean OCTA really big names Pinterest altacian
altacian anything that you can imagine probably
anything that you can imagine probably has a bug program if it's a reputable
has a bug program if it's a reputable okay any of the big names most likely
okay any of the big names most likely have a bug program especially if they're
have a bug program especially if they're reputable so here you could see what's
reputable so here you could see what's based on reward what's based on charity
based on reward what's based on charity and what's based on points only that's
and what's based on points only that's how the bug bounties are rewarded some
how the bug bounties are rewarded some of them are not all cash some of them
of them are not all cash some of them are just for points and for Kudos and
are just for points and for Kudos and the other ones are for charity I'm going
the other ones are for charity I'm going to go ahead and just search Tesla and
to go ahead and just search Tesla and when I do that you can see here that
when I do that you can see here that Tesla comes up
Tesla comes up now this is your first lesson into Rules
now this is your first lesson into Rules of Engagement and we're going to talk
of Engagement and we're going to talk about Rules of Engagement later but it's
about Rules of Engagement later but it's super important to read the program
super important to read the program details that you see here and what we
details that you see here and what we really need to do is we need to scroll
really need to do is we need to scroll through and make sure that we stay in
through and make sure that we stay in Scope when we're doing this so we have a
Scope when we're doing this so we have a wild card here so this means that any
wild card here so this means that any subdomain inside of tesla.com is fair
subdomain inside of tesla.com is fair game tesla.cn Tesla Motors Etc what is
game tesla.cn Tesla Motors Etc what is more important is that we stay within
more important is that we stay within this out of scope so we don't want to
this out of scope so we don't want to attack
attack shop.eu.testalmotors.com or energy
shop.eu.testalmotors.com or energy support.tesla.com it says you can report
support.tesla.com it says you can report vulnerabilities to bug Bounty for this
vulnerabilities to bug Bounty for this one any domains from Acquisitions such
one any domains from Acquisitions such as Maxwell so we have to stay within
as Maxwell so we have to stay within Tesla and there's a few more sites we're
Tesla and there's a few more sites we're not going to worry too much about that
not going to worry too much about that when we get into the web app portion of
when we get into the web app portion of the course we're going to talk about way
the course we're going to talk about way more detail on the numerating web
more detail on the numerating web applications and go into that so for now
applications and go into that so for now what we're going to do is we're just
what we're going to do is we're just going to focus on information gathering
going to focus on information gathering what kind of information can We Gather
what kind of information can We Gather from this client so again I'm setting my
from this client so again I'm setting my target to Tesla if you pick another
target to Tesla if you pick another Tesla or another client just make sure
Tesla or another client just make sure you stay in scope of that client so from
you stay in scope of that client so from here we're going to move on to our first
here we're going to move on to our first video and get our information gathering
video and get our information gathering started
welcome to the email ocean section we're going to talk about discovering
we're going to talk about discovering email addresses and this is something
email addresses and this is something that I do on a weekly basis so I'm going
that I do on a weekly basis so I'm going to show you the most common tools that I
to show you the most common tools that I use to actually look up email addresses
use to actually look up email addresses and try to find people and what you can
and try to find people and what you can do to kind of verify email addresses so
do to kind of verify email addresses so I'll show you some of my favorite tools
I'll show you some of my favorite tools and Concepts and this is something that
and Concepts and this is something that I do because not only for oh sent and
I do because not only for oh sent and doing it for investigative type work but
doing it for investigative type work but think about sales if I'm trying to find
think about sales if I'm trying to find a lead or I'm trying to find multiple
a lead or I'm trying to find multiple leads within an organization I have to
leads within an organization I have to figure out where the emails are who the
figure out where the emails are who the people I'm trying to email are so maybe
people I'm trying to email are so maybe I'll Google them and say who is the CSO
I'll Google them and say who is the CSO or chief information security officer
or chief information security officer for this company and I might find that
for this company and I might find that it's Bob Jones and we go look up Bob
it's Bob Jones and we go look up Bob Jones and we say okay well how do I get
Jones and we say okay well how do I get Bob Jones's contact information can I
Bob Jones's contact information can I find it via Google maybe maybe it's out
find it via Google maybe maybe it's out there in the public but maybe we have to
there in the public but maybe we have to dig a Little Deeper maybe we have to
dig a Little Deeper maybe we have to kind of do some guesstimation and see if
kind of do some guesstimation and see if we can figure it out so that's what
we can figure it out so that's what we're going to do today is is look at
we're going to do today is is look at the email addresses formats and try to
the email addresses formats and try to determine if we can find some emails so
determine if we can find some emails so let's go ahead and move over to the Kali
let's go ahead and move over to the Kali Linux machine that I've got
Linux machine that I've got and the first website is one of my
and the first website is one of my favorites so hunter.io you just come to
favorites so hunter.io you just come to hunter.io you get like 50 or 100 free
hunter.io you get like 50 or 100 free searches a month I don't remember what
searches a month I don't remember what it is it's it's a fair amount uh you can
it is it's it's a fair amount uh you can come here and basically just type in a
come here and basically just type in a company name so like say I want to type
company name so like say I want to type in TCM security
in TCM security tcm-sec and you can see TCM security
tcm-sec and you can see TCM security here we get one result on the email
here we get one result on the email address so we'll click it and see what
address so we'll click it and see what happens here
happens here uh and looks like we have like an info
uh and looks like we have like an info at
at tcm-asect.com it tells us hey there's
tcm-asect.com it tells us hey there's five sources that identify this so we
five sources that identify this so we see
see tcm-sec.com there's an about blog so
tcm-sec.com there's an about blog so this is where they're finding it okay
this is where they're finding it okay um a better example maybe a something
um a better example maybe a something that has more users like Tesla Tesla has
that has more users like Tesla Tesla has 468 users if we come in here and we look
468 users if we come in here and we look well we can see that they have a pattern
well we can see that they have a pattern identified here so their pattern they're
identified here so their pattern they're identifying is first initial
identifying is first initial last name at tesla.com and that's really
last name at tesla.com and that's really what we want to see and then we can
what we want to see and then we can gather email addresses here if we want
gather email addresses here if we want but say like we knew Bob Jones again
but say like we knew Bob Jones again going back to that example Bob Jones so
going back to that example Bob Jones so maybe Bob Jones works at Tesla maybe his
maybe Bob Jones works at Tesla maybe his email would be B Jones at tesla.com so
email would be B Jones at tesla.com so it's something to think about now we can
it's something to think about now we can sign up and get actual information here
sign up and get actual information here you should be able to sign up with a
you should be able to sign up with a Gmail account sometimes this does not
Gmail account sometimes this does not work depending on the country that you
work depending on the country that you are in so be cognizant you might have to
are in so be cognizant you might have to use a different email address but I just
use a different email address but I just tried signing up with a Gmail account
tried signing up with a Gmail account that I have on here and it worked just
that I have on here and it worked just fine so I'm going to go ahead and try to
fine so I'm going to go ahead and try to log in I'm going to sign in with Google
log in I'm going to sign in with Google with what's already here and just now
with what's already here and just now I'm logged in so we can go back now and
I'm logged in so we can go back now and try searching Tesla again
try searching Tesla again and you'll see that the results actually
and you'll see that the results actually come back
come back so we get information here now we get
so we get information here now we get let me make this a little bit bigger we
let me make this a little bit bigger we get information as to okay here's the
get information as to okay here's the vice president this is the vice
vice president this is the vice president's email address uh project
president's email address uh project development manager maybe you want to
development manager maybe you want to talk to somebody in Human Resources so
talk to somebody in Human Resources so you can click here and go to human
you can click here and go to human resources and then here are the
resources and then here are the different Human Resources
different Human Resources emails that are here so and then the
emails that are here so and then the sources that they found these email
sources that they found these email addresses so this isn't a particular
addresses so this isn't a particular person in HR but it's still Human
person in HR but it's still Human Resources email addresses so this looks
Resources email addresses so this looks like it's probably for Hong Kong this is
like it's probably for Hong Kong this is for Berlin this is gigafactory so they
for Berlin this is gigafactory so they have different email addresses based on
have different email addresses based on where they are now if you looked up TCM
where they are now if you looked up TCM security here you're really not going to
security here you're really not going to find much on us because we don't have a
find much on us because we don't have a ton of email addresses out there but I
ton of email addresses out there but I think that we can find more in other
think that we can find more in other ways now so we only get so many uses
ways now so we only get so many uses here we'll just keep thinking about this
here we'll just keep thinking about this as we move forward so 100.io great great
as we move forward so 100.io great great resource they have plugins if you want
resource they have plugins if you want them I I think it's fantastic place to
them I I think it's fantastic place to look
look phonebook.cz is the next resource I want
phonebook.cz is the next resource I want to show you this one is fantastic let's
to show you this one is fantastic let's start with
start with tcm-sec.com and see so we're gonna go
tcm-sec.com and see so we're gonna go tcm-sec.com and we're going to search
tcm-sec.com and we're going to search email addresses here so they do domains
email addresses here so they do domains and URLs as well which I think is
and URLs as well which I think is awesome but let's just search for email
awesome but let's just search for email address see if anything comes back no no
address see if anything comes back no no results okay that's okay let's try Tesla
and see what comes back there okay a lot more
okay a lot more so we get uh quite a few email addresses
so we get uh quite a few email addresses we could see Elon Musk all over the
we could see Elon Musk all over the place we've got Elon Dash musk Elon
place we've got Elon Dash musk Elon we've got emusks over here and we get a
we've got emusks over here and we get a ton of emails look at this so what's
ton of emails look at this so what's nice about this is we can sit here and
nice about this is we can sit here and try to identify what the possible email
try to identify what the possible email addresses are so again first initial
addresses are so again first initial last name looks like it's showing up
last name looks like it's showing up quite a bit outside of maybe like the
quite a bit outside of maybe like the Elon musks of the world we're getting a
Elon musks of the world we're getting a bunch of uh mostly first initial last
bunch of uh mostly first initial last names in here so I think that's pretty
names in here so I think that's pretty spot on with this uh the other thing
spot on with this uh the other thing that we can do is we could utilize this
that we can do is we could utilize this list say we're we're trying to do
list say we're we're trying to do something called credential stuffing
something called credential stuffing which we'll talk about in the next
which we'll talk about in the next section actually when we talk about
section actually when we talk about breach credentials uh but say we're
breach credentials uh but say we're trying to gather a bunch of usernames
trying to gather a bunch of usernames and test and see if we can log in with
and test and see if we can log in with those usernames anywhere or maybe
those usernames anywhere or maybe password spraying not so much uh the
password spraying not so much uh the credential stuffing but password
credential stuffing but password spraying where we take all these
spraying where we take all these usernames and we just throw it at a
usernames and we just throw it at a login form and say Hey Summer 2020
login form and say Hey Summer 2020 exclamation point you know see if that
exclamation point you know see if that logs into any of these accounts and you
logs into any of these accounts and you would be surprised it happens quite a
would be surprised it happens quite a bit so you know these are this is
bit so you know these are this is valuable information even if we don't
valuable information even if we don't know exactly maybe we're not just
know exactly maybe we're not just hunting for one email maybe we're
hunting for one email maybe we're hunting for an entire domain this is a
hunting for an entire domain this is a great way to get free entire domains
great way to get free entire domains with a quick copy and paste capability
with a quick copy and paste capability like we have the Tesla here we can
like we have the Tesla here we can export the CSV from hunter.io but you
export the CSV from hunter.io but you only get so many results that you can
only get so many results that you can export into a CSV here you get a bunch
export into a CSV here you get a bunch there's no guarantee these are all valid
there's no guarantee these are all valid but they're still it's still information
but they're still it's still information information is what we want this is all
information is what we want this is all we're trying to gather is as much
we're trying to gather is as much information as possible so these are all
information as possible so these are all potential email addresses for tesla.com
potential email addresses for tesla.com I think it's a great great resource
I think it's a great great resource now we could also use something like uh
now we could also use something like uh voila no bear now this one you can get
voila no bear now this one you can get 50 more leads for free I'm not going to
50 more leads for free I'm not going to show you it's the same kind of deal as
show you it's the same kind of deal as 100.io they're showing you how to
100.io they're showing you how to utilize it here basically you can just
utilize it here basically you can just search for people and see to try to find
search for people and see to try to find their email addresses there is one I
their email addresses there is one I want to show you that I do use and I
want to show you that I do use and I have quite a bit of success with and
have quite a bit of success with and that is called clearbit and clearbit has
that is called clearbit and clearbit has to be used in Chrome
to be used in Chrome so I'm going to bring up this here
so I'm going to bring up this here clearbit has to be used in Chrome so you
clearbit has to be used in Chrome so you can download the Chrome extension for
can download the Chrome extension for Clear bit
Clear bit and all you have to do is go to Google
and all you have to do is go to Google let me log in really quick
let me log in really quick and then I'm going to just select the
and then I'm going to just select the free account we get so many searches 100
free account we get so many searches 100 emails a month so basically you're going
emails a month so basically you're going to search for clearbit connect and you
to search for clearbit connect and you would just say hey clearbit connect I'll
would just say hey clearbit connect I'll put a link down below by the way but
put a link down below by the way but clearbit connect is awesome you'll
clearbit connect is awesome you'll you'll see why here in a second once I
you'll see why here in a second once I authorize this
authorize this okay we're gonna come down here
okay we're gonna come down here acknowledge probably give out our
acknowledge probably give out our firstborn and then now we're going to
firstborn and then now we're going to say hey I want to find emails
say hey I want to find emails and here's all different kinds of things
and here's all different kinds of things that we can sit here and search for you
that we can sit here and search for you can see TCM Securities in here these are
can see TCM Securities in here these are some searches that I've done these
some searches that I've done these aren't any clients of mine these are
aren't any clients of mine these are just searches that I've done in the past
just searches that I've done in the past maybe looking for information or looking
maybe looking for information or looking for possible leads or anything so if I
for possible leads or anything so if I come in here and I say hey I want to
come in here and I say hey I want to look for TCM security you could type
look for TCM security you could type that in I'm going to just click on TCM
that in I'm going to just click on TCM security
security and look what it discovered that the
and look what it discovered that the others didn't
others didn't it discovered me
it discovered me okay and if I click on me
okay and if I click on me look it says heat that tcm-sec.com
look it says heat that tcm-sec.com where where did that come from and then
where where did that come from and then look it has my LinkedIn right here as
look it has my LinkedIn right here as well that's amazing that's awesome and
well that's amazing that's awesome and it says here you can email hate just
it says here you can email hate just click this button and then it's also got
click this button and then it's also got rizwan rizwon's on my sales team look
rizwan rizwon's on my sales team look it's got Riz one at tcm-sec.com what
it's got Riz one at tcm-sec.com what does that tell you that tells you that
does that tell you that tells you that we're using a first name basis for our
we're using a first name basis for our email addresses it's awesome now let's
email addresses it's awesome now let's come in here and maybe we want to look
come in here and maybe we want to look at Tesla maybe let's try Tesla one more
at Tesla maybe let's try Tesla one more time maybe we're looking for the CSO of
time maybe we're looking for the CSO of Tesla Tesla has a CSO you could come in
Tesla Tesla has a CSO you could come in here and look like Elon Musk is right
here and look like Elon Musk is right here obviously CEO but you could come in
here obviously CEO but you could come in here and maybe go by roll and they have
here and maybe go by roll and they have different roles in here so CEO let's see
different roles in here so CEO let's see if we can find any sort of CSO uh I
if we can find any sort of CSO uh I don't see one but I do see information
don't see one but I do see information technology so maybe we can find somebody
technology so maybe we can find somebody the information technology department or
the information technology department or it Department
it Department um and then here we go we've got quite a
um and then here we go we've got quite a few I.T people here's a CIO this could
few I.T people here's a CIO this could be somebody of interest that we might
be somebody of interest that we might want to reach out to and we could just
want to reach out to and we could just scroll through this list and find people
scroll through this list and find people so say we want to reach out to the CIO
so say we want to reach out to the CIO just click on this we get first initial
just click on this we get first initial last name just like we thought we would
last name just like we thought we would we get this person's LinkedIn page we
we get this person's LinkedIn page we get their location website this is
get their location website this is awesome awesome awesome so I typically
awesome awesome awesome so I typically will start with a Google search if I'm
will start with a Google search if I'm trying to hunt something down I will
trying to hunt something down I will start with a Google search I will say
start with a Google search I will say who is in this role at this company if
who is in this role at this company if I'm looking for a specific person at a
I'm looking for a specific person at a company then I will go to phonebook.cz
company then I will go to phonebook.cz or hunter.io try to identify the the
or hunter.io try to identify the the formatting of the email and then try to
formatting of the email and then try to find that person or guesstimate that
find that person or guesstimate that once we get to that point I try not to
once we get to that point I try not to burn through these clear bits unless I
burn through these clear bits unless I need to but clearbit is very good at
need to but clearbit is very good at identifying this once we get to that
identifying this once we get to that point we can take this email say like
point we can take this email say like this um this email or we'll even try a
this um this email or we'll even try a different email I'll show you a couple
different email I'll show you a couple but we could take this and we can go try
but we could take this and we can go try to verify this so there is a website
to verify this so there is a website called email hippo you can go to
called email hippo you can go to tools.verifyemailaddress.io and all you
tools.verifyemailaddress.io and all you have to do is type in an email address
have to do is type in an email address here sometimes you can get false
here sometimes you can get false positives if they're good or bad here I
positives if they're good or bad here I typed in this email address a couple
typed in this email address a couple times and just got a bad result this is
times and just got a bad result this is an email address that does not exist now
an email address that does not exist now let's try an email address that we saw
let's try an email address that we saw info
info tcm-sec.com see if it works
result is okay so it says yeah this email address works so we're verifying
email address works so we're verifying that this is up so say that you get
that this is up so say that you get somebody and you see that they have a
somebody and you see that they have a potential email address you can come
potential email address you can come here and try to verify it first and see
here and try to verify it first and see if it works before you go fire off an
if it works before you go fire off an email uh or don't you don't have to fire
email uh or don't you don't have to fire off an email you don't have to do
off an email you don't have to do anything or interact so this is the
anything or interact so this is the benefit like if you're from a sales
benefit like if you're from a sales perspective and you're doing osin here
perspective and you're doing osin here the this is the benefit not having to
the this is the benefit not having to email get waste your time get it
email get waste your time get it rejected you can come in here and just
rejected you can come in here and just validate if you're doing an
validate if you're doing an investigation you don't want to interact
investigation you don't want to interact with the person or company that you're
with the person or company that you're investigating you want to come in here
investigating you want to come in here and just verify without any interaction
and just verify without any interaction this is the way to do it same thing with
this is the way to do it same thing with this website here email
this website here email checker.net validate email Dash
checker.net validate email Dash checker.net validate say hey checking
checker.net validate say hey checking the email I put the same email address
the email I put the same email address here you can see it says bad we could
here you can see it says bad we could try again with info at
try again with info at tcm-sec.com and see if that works and it
tcm-sec.com and see if that works and it says okay
says okay so again this is doing a a great job
so again this is doing a a great job there are possibilities of false
there are possibilities of false positives there are so many searches
positives there are so many searches that you can do per month on these I do
that you can do per month on these I do believe they have apis which is nice if
believe they have apis which is nice if you want to automate this or script this
you want to automate this or script this out but I think this is this is
out but I think this is this is fantastic this is great stuff now there
fantastic this is great stuff now there are plenty of other ways to verify email
are plenty of other ways to verify email addresses in the next section we'll talk
addresses in the next section we'll talk about that even more as we talk about
about that even more as we talk about breach data because if somebody shows up
breach data because if somebody shows up in a data breach guess we'll have that
in a data breach guess we'll have that email address has been used in the past
email address has been used in the past if you look at something like I have
if you look at something like I have I've been pwn which I'll talk about in
I've been pwn which I'll talk about in the next section and they show up guess
the next section and they show up guess what that person's email address has
what that person's email address has existed so we're trying to verify if an
existed so we're trying to verify if an email address exists who that address
email address exists who that address might belong to Etc now this is more has
might belong to Etc now this is more has been from a business perspective some of
been from a business perspective some of this hunting down of emails may be more
this hunting down of emails may be more difficult to do if you're trying to find
difficult to do if you're trying to find a specific individual that's where
a specific individual that's where breach data comes into play and a lot to
breach data comes into play and a lot to This research and what I'm going to show
This research and what I'm going to show you in the next section we'll try to
you in the next section we'll try to hunt down individuals with maybe having
hunt down individuals with maybe having loose pieces of information like a name
loose pieces of information like a name or a username or something along those
or a username or something along those lines breach data can come in handy very
lines breach data can come in handy very very well so this is kind of scratching
very well so this is kind of scratching the surface now there's one last thing I
the surface now there's one last thing I want to show you one last little tip and
want to show you one last little tip and trick do not underestimate forgot
trick do not underestimate forgot passwords do not underestimate them
passwords do not underestimate them let's go to Google for example
let's go to Google for example right now I am logging in under an
right now I am logging in under an account that is please don't hack me sir
account that is please don't hack me sir please so it's please don't hack me sir
please so it's please don't hack me sir plz I do believe I'm gonna go ahead and
plz I do believe I'm gonna go ahead and try hitting next on that
try hitting next on that okay so first of all it said hey welcome
okay so first of all it said hey welcome hey what does this mean this means that
hey what does this mean this means that we have a valid account here that's
we have a valid account here that's great this is validating that this Gmail
great this is validating that this Gmail account exists
account exists here's something else we can use this to
here's something else we can use this to tie to potentially another account or
tie to potentially another account or help validate say we know that this
help validate say we know that this email belongs to somebody that's
email belongs to somebody that's harassing somebody else we don't know
harassing somebody else we don't know who this person is they're using this
who this person is they're using this spoofed email but maybe we have a
spoofed email but maybe we have a hundred maybe we don't maybe we just
hundred maybe we don't maybe we just want to try to get more data you can
want to try to get more data you can come to forgot password
come to forgot password and it's going to say what's the last
and it's going to say what's the last password remember using I don't know
password remember using I don't know let's try another way you come down here
let's try another way you come down here and it says hey let me make this bigger
and it says hey let me make this bigger Google will send a verification code to
Google will send a verification code to H
H and it says look it shows you the rest
and it says look it shows you the rest of the the digits here and then at TC
of the the digits here and then at TC here that would give you a pretty good
here that would give you a pretty good indication if you're tracking who your
indication if you're tracking who your subject is that this email could tie to
subject is that this email could tie to somebody else look this is heat
somebody else look this is heat tcm-sec.com
tcm-sec.com okay so this email belongs to me this is
okay so this email belongs to me this is tying back to me now you have another
tying back to me now you have another Point here so if you knew about this
Point here so if you knew about this email address and now you have the link
email address and now you have the link the connection to guarantee that this
the connection to guarantee that this person this is evidence right here say
person this is evidence right here say you were doing something which we'll
you were doing something which we'll learn about again in the next section
learn about again in the next section where you're looking through breach data
where you're looking through breach data you find a username that matches this
you find a username that matches this email address and also matches this
email address and also matches this email address but people can reuse
email address but people can reuse usernames there could be multiple people
usernames there could be multiple people who use the same username so you need to
who use the same username so you need to verify or some link this would be a
verify or some link this would be a proof of a link between those a pretty
proof of a link between those a pretty strong proof if you ask me if you can
strong proof if you ask me if you can say hey I identified two email addresses
say hey I identified two email addresses with the same username I did an account
with the same username I did an account recovery came in here and saw that this
recovery came in here and saw that this had this same first character and first
had this same first character and first domain name I think that's a pretty
domain name I think that's a pretty strong correlation so things to think
strong correlation so things to think about Wheels to be spinning try to
about Wheels to be spinning try to identify email addresses in any way
identify email addresses in any way possible we'll cover this more in depth
possible we'll cover this more in depth in the next section and I'm really
in the next section and I'm really excited because password hunting is one
excited because password hunting is one of my favorite things so let's go ahead
of my favorite things so let's go ahead and move on to the next section when we
and move on to the next section when we talk about password osin
okay so I would like you to go out to github.com
github.com and then once you're there go ahead and
and then once you're there go ahead and just do a forward slash H Maverick Adams
just do a forward slash H Maverick Adams h m a v e r i c k Adams and hit enter
h m a v e r i c k Adams and hit enter and you can see me and my snazzy photo
and you can see me and my snazzy photo here but what we're after is I want to
here but what we're after is I want to show you a tool that I wrote called
show you a tool that I wrote called breach parse and we're going to walk
breach parse and we're going to walk through what it does now go ahead and
through what it does now go ahead and click on breach parts
click on breach parts and you're going to see a bash script
and you're going to see a bash script here and a little bit of a description
here and a little bit of a description so you do not need to download this let
so you do not need to download this let me preface with what we're doing here
me preface with what we're doing here this magnet link you're going to need
this magnet link you're going to need one a torrent some sort of uTorrent or
one a torrent some sort of uTorrent or BitTorrent and you'll need to download
BitTorrent and you'll need to download this and it's also something along the
this and it's also something along the lines of 44 gigabytes extracted it's a
lines of 44 gigabytes extracted it's a huge file so you don't have to do this
huge file so you don't have to do this you can just watch and follow along you
you can just watch and follow along you are more than welcome to install this on
are more than welcome to install this on your machine I'm going to show you what
your machine I'm going to show you what it looks like so I'm going to go out to
it looks like so I'm going to go out to my applications and my files here
my applications and my files here and then I have put this into my opt
and then I have put this into my opt folder so if you come into opt here and
folder so if you come into opt here and I've got breach parse
I've got breach parse if you come into this breach compilation
if you come into this breach compilation folder which is what we'll download
folder which is what we'll download you're going to see that we have data
you're going to see that we have data here okay so this data has a bunch of
here okay so this data has a bunch of different data it's got emails starting
different data it's got emails starting with zero one two three four all these
with zero one two three four all these different ones what's living inside of
different ones what's living inside of this
this is if we can display it
is if we can display it is emails and passwords now you see
is emails and passwords now you see these ones have weird symbols inside the
these ones have weird symbols inside the emails but there's a bunch of emails and
emails but there's a bunch of emails and passwords in here like somebody at
passwords in here like somebody at yahoo.com and their password is one two
yahoo.com and their password is one two three four five six
three four five six well these passwords are coming from
well these passwords are coming from credential dumps so we talked about it
credential dumps so we talked about it earlier about thinking about the you
earlier about thinking about the you know Equifax or the LinkedIn breach or
know Equifax or the LinkedIn breach or Home Depot all these big breaches that
Home Depot all these big breaches that happen
happen credentials get dumped out and guess
credentials get dumped out and guess what they show up on the dark web and
what they show up on the dark web and eventually they show up in these lists
eventually they show up in these lists so we utilize these lists and we've got
so we utilize these lists and we've got you click into this just hundreds of
you click into this just hundreds of files here and again 44 gigabytes so
files here and again 44 gigabytes so what I did was I built a little tool
what I did was I built a little tool that can search through this data and
that can search through this data and pull down names so we can take a quick
pull down names so we can take a quick look at the tool and what it does but
look at the tool and what it does but basically what it does is you just put
basically what it does is you just put in the syntax you search for something
in the syntax you search for something like at tesla.com and then you specify
like at tesla.com and then you specify you know tesla.txt
you know tesla.txt and it's going to search through all of
and it's going to search through all of these files for at tesla.com if you're
these files for at tesla.com if you're more interested in the code behind it
more interested in the code behind it you're more than welcome to read the
you're more than welcome to read the code in here and see if some of the
code in here and see if some of the items that we've covered already with
items that we've covered already with the batch scripting and the python
the batch scripting and the python scripting kind of ring a bell
scripting kind of ring a bell so what we're going to do is I'm going
so what we're going to do is I'm going to come ahead and go into the terminal
to come ahead and go into the terminal and make it a little bigger
and make it a little bigger and then I'm just going to change into
and then I'm just going to change into that op folder breach parse I'm going to
that op folder breach parse I'm going to run breech parse so reach parse here and
run breech parse so reach parse here and what we're going to do is I'm just going
what we're going to do is I'm just going to say
to say at tesla.com and then Tesla dot text
at tesla.com and then Tesla dot text and that's going to run so again you do
and that's going to run so again you do not have to install this this is only
not have to install this this is only for visual purposes I'm going to show
for visual purposes I'm going to show you in the next video another way to do
you in the next video another way to do this so this is going to run through
this so this is going to run through it's going to take a minute here and
it's going to take a minute here and it's going to grab everybody's username
it's going to grab everybody's username and password that says tesla.com and the
and password that says tesla.com and the username and then it's going to have all
username and then it's going to have all the passwords and we're going to be able
the passwords and we're going to be able to decipher things from this so I'm
to decipher things from this so I'm going to let this run and as soon as
going to let this run and as soon as it's done I'll come back and we'll talk
it's done I'll come back and we'll talk about the results
about the results okay the results are back so this breaks
okay the results are back so this breaks it down into three files there is a it's
it down into three files there is a it's cat Tesla there is a master passwords
cat Tesla there is a master passwords and user so the master has the username
and user so the master has the username and password and then the users file has
and password and then the users file has the users passwords has the passwords so
the users passwords has the passwords so I'm gonna actually G edit the Tesla
I'm gonna actually G edit the Tesla master dot text
master dot text and let's take a look at this
and let's take a look at this so from here we don't have a big list
so from here we don't have a big list surprisingly for a company the size of
surprisingly for a company the size of Tesla so what happens is people utilize
Tesla so what happens is people utilize their work credentials their work emails
their work credentials their work emails and they log into websites and probably
and they log into websites and probably shouldn't be using their work emails for
shouldn't be using their work emails for and we just use it to our advantage so
and we just use it to our advantage so we're after is we're after not only
we're after is we're after not only these usernames but we're after these
these usernames but we're after these passwords as well so we see these
passwords as well so we see these usernames and we see these passwords and
usernames and we see these passwords and I like to look for repeat offenders I
I like to look for repeat offenders I like to look for the syntax as well
like to look for the syntax as well remember we had first initial last name
remember we had first initial last name but we see first name dot last name here
but we see first name dot last name here we see possibly you know just a single
we see possibly you know just a single name there are different types of things
name there are different types of things in here so
in here so uh Nick tesla.com as well so you know
uh Nick tesla.com as well so you know it's changed up I think nowadays it is
it's changed up I think nowadays it is first initial last name but maybe in the
first initial last name but maybe in the past they use first name dot last name
past they use first name dot last name then move to an easier format or vice
then move to an easier format or vice versa they started the first initial
versa they started the first initial last name they got too big then they had
last name they got too big then they had to do first name dot last name but again
to do first name dot last name but again what we're after here is potential
what we're after here is potential repeat offenders so look at this shark
repeat offenders so look at this shark at tesla.com it got popped twice and the
at tesla.com it got popped twice and the password is very very very similar so if
password is very very very similar so if I were to attack tesla.com through a
I were to attack tesla.com through a login interface I might spray this
login interface I might spray this username with this password and this
username with this password and this password that's what we call credential
password that's what we call credential stuffing because we already know the
stuffing because we already know the passwords and then I might make some
passwords and then I might make some modification of capitalized letters and
modification of capitalized letters and non-capitalized letters with d-a-d-e
non-capitalized letters with d-a-d-e because 907 and 814 appear to be
because 907 and 814 appear to be consistent you know so I would alternate
consistent you know so I would alternate Capitals in non-capitals here in lower
Capitals in non-capitals here in lower case and just see maybe if something
case and just see maybe if something sticks so this is something that's
sticks so this is something that's interesting this user down here one two
interesting this user down here one two three four five one two three four five
three four five one two three four five star probably not going to get in with
star probably not going to get in with that on a company like Tesla but you
that on a company like Tesla but you never know
never know but this is what we would do we would
but this is what we would do we would take the usernames we would throw these
take the usernames we would throw these passwords at it and that's called
passwords at it and that's called credential stuffing and then we would
credential stuffing and then we would take these usernames and all the known
take these usernames and all the known usernames and we would spray passwords
usernames and we would spray passwords at them like fall 2019 like we talked
at them like fall 2019 like we talked about in the last video that's password
about in the last video that's password spring so this is a important and very
spring so this is a important and very very critical part of information
very critical part of information gathering is gathering these usernames
gathering is gathering these usernames and these credentials right off the bat
and these credentials right off the bat you want to identify those with your
you want to identify those with your targets so this is kind of what it looks
targets so this is kind of what it looks like this is what I do during every
like this is what I do during every assessment and hopefully that makes
assessment and hopefully that makes sense and that works into it in the next
sense and that works into it in the next video we're going to go ahead and just
video we're going to go ahead and just show another method and start thinking
show another method and start thinking again about these credentials and how
again about these credentials and how they can be utilized and then we'll do
they can be utilized and then we'll do some other information gathering as we
some other information gathering as we move on and learn some techniques and
move on and learn some techniques and how we can get information on a client
how we can get information on a client so I'll see you over in the next video
okay let's talk about hunting breach credentials and let's get Hands-On now
credentials and let's get Hands-On now before we get started I know I stressed
before we get started I know I stressed this in the beginning of the course I'm
this in the beginning of the course I'm going to stress this again
going to stress this again what I'm going to show you here could
what I'm going to show you here could change now I released a course about a
change now I released a course about a year ago which was on ethical hacking we
year ago which was on ethical hacking we talked about breach credentials and I
talked about breach credentials and I utilized a website called we leak info
utilized a website called we leak info we leak info was then eventually shut
we leak info was then eventually shut down and I got all kinds of emails
down and I got all kinds of emails saying hey this is shut down I don't
saying hey this is shut down I don't know what to do
know what to do there's more out there okay there's
there's more out there okay there's always more out there what I'm showing
always more out there what I'm showing you is the methodology I could show you
you is the methodology I could show you on a specific website which I'm going to
on a specific website which I'm going to do that website could go down tomorrow
do that website could go down tomorrow we never know but what you need to
we never know but what you need to retain is the thought process and the
retain is the thought process and the methodology behind what's about to
methodology behind what's about to happen from there you could take that
happen from there you could take that and utilize it elsewhere so if a website
and utilize it elsewhere so if a website does go down you still have the same
does go down you still have the same thoughts why you're doing it and why
thoughts why you're doing it and why you're thinking about it so let's go
you're thinking about it so let's go ahead and move over to a website now so
ahead and move over to a website now so I want to take you to a website called D
I want to take you to a website called D hash now this is dhash.com I do not
hash now this is dhash.com I do not expect you to be able to follow along at
expect you to be able to follow along at this point because
this point because this costs money okay it's five bucks
this costs money okay it's five bucks for a week it's a hundred and fifty
for a week it's a hundred and fifty dollars for a year this is only a used
dollars for a year this is only a used to take credit card they only now take
to take credit card they only now take Bitcoin I do believe or some sort of
Bitcoin I do believe or some sort of cryptocurrency absolutely worth it in my
cryptocurrency absolutely worth it in my opinion
opinion even get a week get a week see if you
even get a week get a week see if you like it it's amazing there's gonna be
like it it's amazing there's gonna be tools I show you later on the course
tools I show you later on the course that will go through and we can do it
that will go through and we can do it locally like the one I just ran in the
locally like the one I just ran in the last video I ran breach parts right this
last video I ran breach parts right this is something that I've put together in
is something that I've put together in in set up but and it's free but the
in set up but and it's free but the database isn't maintained it's a slow
database isn't maintained it's a slow search I don't get the results back as
search I don't get the results back as instantly and I can't tie it to as many
instantly and I can't tie it to as many data points as a website like this can I
data points as a website like this can I think this website's great now let's
think this website's great now let's talk about what D hash can do now that
talk about what D hash can do now that I'm logged in
I'm logged in we have the ability to search by let me
we have the ability to search by let me make this a little bit bigger we have
make this a little bit bigger we have the ability to search by email
the ability to search by email username IP address name address phone
username IP address name address phone number Vin okay think about this say we
number Vin okay think about this say we know a email address okay we know an
know a email address okay we know an email address say it's Bob Bob at
email address say it's Bob Bob at tesla.com we're not going to search this
tesla.com we're not going to search this yet we take Bob and we know Bob it has
yet we take Bob and we know Bob it has an account and we're looking for him we
an account and we're looking for him we search him Bob shows up and we see Bob
search him Bob shows up and we see Bob shows up and we see maybe his name like
shows up and we see maybe his name like Bob Jones or something like that shows
Bob Jones or something like that shows up maybe something that he's been leaked
up maybe something that he's been leaked in has his address or maybe there was an
in has his address or maybe there was an IP address tied to the client you're
IP address tied to the client you're looking for or the person you're looking
looking for or the person you're looking for this can all be identified what if
for this can all be identified what if Bob has a username it's like Bob Bob
Bob has a username it's like Bob Bob rocks123 okay well we can search that
rocks123 okay well we can search that username in here and see if that
username in here and see if that username has repeated itself at all
username has repeated itself at all which is great we could search by
which is great we could search by password so say Bob's password was Bob
password so say Bob's password was Bob rocks123 we could search that password
rocks123 we could search that password and if it's Unique enough then maybe we
and if it's Unique enough then maybe we can actually do some Advanced searching
can actually do some Advanced searching like if we go back to the example from
like if we go back to the example from last time like this last video we saw
last time like this last video we saw this 907 d-a-d-e-814
this 907 d-a-d-e-814 we could put that into a search engine
we could put that into a search engine and see if that comes back to something
and see if that comes back to something else maybe that comes back to a user
else maybe that comes back to a user that is not at a tesla.com but maybe
that is not at a tesla.com but maybe it's like Bob at gmail.com and then
it's like Bob at gmail.com and then guess what now we have Bob's personal
guess what now we have Bob's personal account or now we have Bob tied to
account or now we have Bob tied to another email account especially if we
another email account especially if we search by name or something that we can
search by name or something that we can tie them together we need to start being
tie them together we need to start being able to relate other accounts to each
able to relate other accounts to each other we can do that with hashing we
other we can do that with hashing we could do that with passwords there's a
could do that with passwords there's a lot of things that we can do and we want
lot of things that we can do and we want to start tying this together as a real
to start tying this together as a real world example when I am looking at an
world example when I am looking at an organization and I'm doing research on
organization and I'm doing research on on hashing or I'm doing research on
on hashing or I'm doing research on breach credentials I'm trying to think
breach credentials I'm trying to think okay first if my client if my client is
okay first if my client if my client is tesla.com I might come in here and
tesla.com I might come in here and search at tesla.com and I might come see
search at tesla.com and I might come see how many results are in here let's see
how many results are in here let's see what happens
what happens okay here's George tesla.com George has
okay here's George tesla.com George has been in a shared data so there's no
been in a shared data so there's no actual
actual um any data details here besides a
um any data details here besides a potential username a name email okay
potential username a name email okay same thing with safety we'd have to
same thing with safety we'd have to scroll down and see if we can find
scroll down and see if we can find something that okay here's Adobe now
something that okay here's Adobe now Adobe will have a there's actually a bob
Adobe will have a there's actually a bob and Tesla um Bob at Tesla has a hash
and Tesla um Bob at Tesla has a hash password here okay so now we could say
password here okay so now we could say well first of all we can go see if we
well first of all we can go see if we can figure out what this hash is which
can figure out what this hash is which we'll talk about in a second we can also
we'll talk about in a second we can also go and say okay Bob uh does Bob exist
go and say okay Bob uh does Bob exist anywhere else does this hash exist
anywhere else does this hash exist anywhere else on this website can we tie
anywhere else on this website can we tie it to another account that maybe even if
it to another account that maybe even if we don't crack the password then we can
we don't crack the password then we can say okay this Bob this ties to Bob
say okay this Bob this ties to Bob gmail.com so like I would note this down
gmail.com so like I would note this down and I would take this and copy it so
and I would take this and copy it so from a real world example I would take
from a real world example I would take all the data that I see on this website
all the data that I see on this website I would collect all of the passwords all
I would collect all of the passwords all of the usernames and everything so like
of the usernames and everything so like Tesla 9 all this I want to know what the
Tesla 9 all this I want to know what the passwords are I want to know who the
passwords are I want to know who the people are I want to know all the data
people are I want to know all the data because if I could start finding
because if I could start finding patterns if I could start putting things
patterns if I could start putting things together maybe I can even relate these
together maybe I can even relate these back to their personal email accounts
back to their personal email accounts like we're talking about and then I
like we're talking about and then I could see password patterns there or
could see password patterns there or other passwords and just start tying
other passwords and just start tying this down because my goal is to break
this down because my goal is to break into an organization if I'm doing a pen
into an organization if I'm doing a pen test my goal is to break into an
test my goal is to break into an organization so I'm going to take that
organization so I'm going to take that data and if I can find other passwords
data and if I can find other passwords related to a personal account I'm not
related to a personal account I'm not going to go attempt to break into a
going to go attempt to break into a personal account but I will take that
personal account but I will take that data and I will put it together and
data and I will put it together and maybe try to break into their work email
maybe try to break into their work email account with those passwords of that
account with those passwords of that information this can tie to an
information this can tie to an investigation as well if you're hunting
investigation as well if you're hunting down an individual you're trying to tie
down an individual you're trying to tie them to other accounts this is
them to other accounts this is incredibly useful if you can find their
incredibly useful if you can find their data in a breached database and have a
data in a breached database and have a password and that password's unique you
password and that password's unique you can search it maybe find them somewhere
can search it maybe find them somewhere else you find and I IP address you find
else you find and I IP address you find a name there are often IP addresses in
a name there are often IP addresses in here which we can tie to a location
here which we can tie to a location possibly and see here's that 9078 or
possibly and see here's that 9078 or Dade 814 we could take this and maybe
Dade 814 we could take this and maybe search it and see if it comes back
search it and see if it comes back anything who knows shark at Tesla shark
anything who knows shark at Tesla shark at Tesla okay
at Tesla okay sharkmail.ru look this is a new new
sharkmail.ru look this is a new new email address
email address we didn't know about this one before
we didn't know about this one before and look it does us a favor we search
and look it does us a favor we search d-a-d-e but here's the capitalize we
d-a-d-e but here's the capitalize we didn't search for capitalize we're not
didn't search for capitalize we're not searching specific okay and now we're
searching specific okay and now we're getting more information look here's one
getting more information look here's one for Dropbox okay so it tells you where
for Dropbox okay so it tells you where this is coming from and how you can tie
this is coming from and how you can tie it in if we can get any sort of name out
it in if we can get any sort of name out of this
of this um any sort of anything that would be
um any sort of anything that would be amazing we can get a person's name or IP
amazing we can get a person's name or IP address and we could start tying them
address and we could start tying them down but when you're doing different
down but when you're doing different searches like this you need to start
searches like this you need to start almost
almost um you know like in the investigations
um you know like in the investigations where they have like the the red yarn
where they have like the the red yarn and it's going from one pinpoint to
and it's going from one pinpoint to another you kind of have to zigzag that
another you kind of have to zigzag that back and forth and really try to tie
back and forth and really try to tie this down and you'll see that when we
this down and you'll see that when we get into reporting how you might take
get into reporting how you might take one individual and really just see like
one individual and really just see like a password tied to an account tied to
a password tied to an account tied to this and this was the exact methodology
this and this was the exact methodology that we took to get to that point
that we took to get to that point because when you write a report you want
because when you write a report you want to make sure that I the investigative
to make sure that I the investigative person or the say you're heading off to
person or the say you're heading off to the police or whatever you want to make
the police or whatever you want to make sure that the person that is doing what
sure that the person that is doing what what you did or they can replicate what
what you did or they can replicate what you did with ease and there's no no
you did with ease and there's no no question about it so this is some of the
question about it so this is some of the the searching that we can do now if we
the searching that we can do now if we come to dehashed again we can come here
come to dehashed again we can come here and we can search by email username name
and we can search by email username name name anything so you can put your name
name anything so you can put your name in here I mean if you want to search on
in here I mean if you want to search on here I think it's great you can come
here I think it's great you can come through here and just search for your
through here and just search for your name let's go back let's search Tesla
name let's go back let's search Tesla again I saw a hash in there the Adobe
again I saw a hash in there the Adobe hashes are kind of interesting they're
hashes are kind of interesting they're not the easiest to pick up but let's see
not the easiest to pick up but let's see let's find this Adobe hash
let's find this Adobe hash so let's say we get a hash like this
so let's say we get a hash like this we could try to identify what this hash
we could try to identify what this hash is we can try to crack this hash we can
is we can try to crack this hash we can see if it's been cracked somewhere else
see if it's been cracked somewhere else this hash as of right now we have no
this hash as of right now we have no idea but we know Bob tesla.com we can
idea but we know Bob tesla.com we can maybe paste this in here first of all
maybe paste this in here first of all and see if it ties back to anything and
and see if it ties back to anything and there's 22 results back
there's 22 results back um you know I would probably be looking
um you know I would probably be looking for somebody that has this password with
for somebody that has this password with the name of Bob it's probably not going
the name of Bob it's probably not going to be like a Brett or a Michael you know
to be like a Brett or a Michael you know we might want to see if we can find
we might want to see if we can find another account somewhere else but these
another account somewhere else but these are all tying down to a hash from Adobe
are all tying down to a hash from Adobe so depending on how they were hashing
so depending on how they were hashing this data we might not find anything
this data we might not find anything else of interest but you can see all the
else of interest but you can see all the things here all the different
things here all the different opportunities that are here for us to
opportunities that are here for us to just do research and tie down
just do research and tie down information now we can go to a website
information now we can go to a website called hashes.org
called hashes.org and if we come here we have the
and if we come here we have the capability to actually try to search for
capability to actually try to search for this hash so we could search hashes and
this hash so we could search hashes and see if we can find it
see if we can find it so you can come in here and just paste
so you can come in here and just paste it
it and again it doesn't do a great job in
and again it doesn't do a great job in my opinion with the Adobe hashes
my opinion with the Adobe hashes sometimes they crack but a lot of times
sometimes they crack but a lot of times it says it can't find them
it says it can't find them um oops there we go
um oops there we go let's try hitting a search here
let's try hitting a search here okay so it says not a valid hash now if
okay so it says not a valid hash now if you put this into Google as a search
you put this into Google as a search you can see it didn't come back with
you can see it didn't come back with anything either so we want to make sure
anything either so we want to make sure that when we're searching this you know
that when we're searching this you know we we try all options there is an adobe
we we try all options there is an adobe database that if you do put in a hash
database that if you do put in a hash and it does show up there's a GitHub
and it does show up there's a GitHub Adobe database that will actually show
Adobe database that will actually show up here so with that being said this is
up here so with that being said this is kind of what I want you to start
kind of what I want you to start thinking about when we're hunting down
thinking about when we're hunting down breach credentials how can I take a
breach credentials how can I take a person or company that I'm looking into
person or company that I'm looking into so if you have a company you can just go
so if you have a company you can just go at company
at company name.com or dot net or whatever it is
name.com or dot net or whatever it is search in here see how they show up if
search in here see how they show up if you have a person maybe a personal email
you have a person maybe a personal email account if you can find that person if
account if you can find that person if you know their email account you come in
you know their email account you come in here and say Bob gmail.com maybe you
here and say Bob gmail.com maybe you don't know what their their email
don't know what their their email address is then maybe you come here to
address is then maybe you come here to the main page you go okay I'm gonna look
the main page you go okay I'm gonna look for a name I'm going to look for Bob
for a name I'm going to look for Bob Jones
Jones and search for that and then you start
and search for that and then you start taking this and trying to find the
taking this and trying to find the patterns if you know Bob lives somewhere
patterns if you know Bob lives somewhere uh maybe you could find an address for
uh maybe you could find an address for Bob or maybe you know Bob lives in like
Bob or maybe you know Bob lives in like Arizona you could search Bob Jones and
Arizona you could search Bob Jones and see if Bob shows up
see if Bob shows up um and then kind of take it from there
um and then kind of take it from there and there is some search operators that
and there is some search operators that you can utilize you can see Bob Jones is
you can utilize you can see Bob Jones is taking forever you can put this in
taking forever you can put this in quotations and search it again and kind
quotations and search it again and kind of narrow down your results here so if
of narrow down your results here so if we click on this you could see like
we click on this you could see like here's a name of we got a lot of results
here's a name of we got a lot of results but here's the name Bob Jones this is a
but here's the name Bob Jones this is a very common name so
very common name so um but you could see like if we're
um but you could see like if we're trying to look this down we can start
trying to look this down we can start searching and adding operators in here
searching and adding operators in here and trying to see if we can figure out
and trying to see if we can figure out to tie a username or something to them
to tie a username or something to them so again get your wheel spinning don't
so again get your wheel spinning don't rely on just dehashed but just rely on
rely on just dehashed but just rely on thinking about this this is the thing
thinking about this this is the thing you should think about again the hash
you should think about again the hash could go down tomorrow but if you're
could go down tomorrow but if you're thinking about it in in the way that the
thinking about it in in the way that the credentials and the information can be
credentials and the information can be interwoven remember that red yarn again
interwoven remember that red yarn again that's really what I want you to take
that's really what I want you to take away from this so we're going to do
away from this so we're going to do another video on this I'm going to show
another video on this I'm going to show you some more I guess tools that are out
you some more I guess tools that are out there and some other things that you can
there and some other things that you can do offer alternatives to this and then
do offer alternatives to this and then we'll wrap up this section so I'll catch
we'll wrap up this section so I'll catch you over in the next video
you over in the next video okay we have reached the end of part one
okay we have reached the end of part one I am again going to link in the
I am again going to link in the description below the link to part two
description below the link to part two so go ahead and click on that if you
so go ahead and click on that if you finish this and we're going to meet you
finish this and we're going to meet you over in part two of the video
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
