00:00Ok, so now let's cover network commands.
00:03So the first command I want to cover is ifconfig.
00:07So you may be familiar with the Windows version of this, which is ipconfig,
00:12and they pretty much do the same thing.
00:14So it shows you here your different interface types
00:19and the IP address associated with them.
00:21So ETH0 here, Ethernet0, has an IP address of 192.168.132.164.
00:31You can see the netmask, the broadcast address, and you can see the MAC address as well.
00:37And we also have a loopback address here.
00:40Now, if your machine has a wireless adapter, or at some point you want to do wireless penetration testing,
00:48you're going to need IWconfig.
00:50And you should not expect to see anything on this at the moment,
00:55unless you're using a laptop, then you actually might see a configuration down here for it.
00:59If you would see something under IWconfig, you would see like a WLAN1, WLAN0, something along those lines.
01:08Ok, and another common command that we're going to see is going to be the ping command.
01:13So we can just type in ping and the address that we're trying to talk to.
01:18So for example, I'm going to try to ping my home router and I get talking back.
01:28So if I tried to ping something that wasn't in my network, like a 16.1, you're going to see the results change.
01:35So with ping here, ping is going to be endless.
01:39Until we hit something like Ctrl-C to stop it, it'll ping forever.
01:44So I'm going to hit Ctrl-C again and kind of show you the difference.
01:49So you see that we attempted to ping here and we got replies, we got information back.
01:56Well, that's good. That means we're talking to the other machine.
02:00It says, hey, are you there? It says, yeah, I'm there.
02:01And we try to ping this machine here, but this machine is not talking back.
02:06It could mean that the machine is not on the network or that the machine is just blocking ICMP traffic.
02:12ICMP is another word for ping.
02:15So moving on to the next command, I want to show you ARP.
02:19So the best way I like to type in is ARP with a switch of A.
02:27And ARP is just going to show you MAC addresses that it talks to and the IP address.
02:35Actually, I said that backwards.
02:37It's going to show you the IP address it talks to and the MAC address associated with it.
02:42So if an IP address reaches out, say 192.168.15.1,
02:49talked out to this machine, it's going to say, OK, hey, who are you?
02:53It's going to send a broadcast message out to say, who has this IP address?
02:57And then the IP address will respond.
02:59It says, hey, I do. And this is my MAC address.
03:02So ARP is just a way of associating IP addresses with MAC addresses.
03:08And once you know that, you can also look at netstat.
03:12So netstat-ano is another one of my favorite commands.
03:17And this shows you just the active connections that are running on your machine.
03:21So if we scroll way up.
03:23And you can just kind of see what's open and what's talking here.
03:32Where this really comes in handy on a penetration test is to see if a machine is talking to somebody else.
03:41Same thing with ARP. You want to know what that machine is associated with and is it talking to something on a port.
03:49So this is more just internal right now, but it's still good to know.
03:53So, for example, if I were to open up a Firefox page and connect out to the Internet, then I went and I did a netstat again, I would see information about that port being open and that I am going out with it.
04:08So, just kind of keep that in mind.
04:12These are not commands that you really need to know in depth right now.
04:15Networking does come into play when you are doing penetration testing, but we're going to cover these commands time and time and again.
04:23I just wanted to give you a very brief introduction to them.
04:28Okay, in the last command that I have for you today is route.
04:33So if you type in a route, that's going to print your routing table in the routing table is important because it tells you where your traffic exits essentially.
04:45So for this VM, my traffic is exiting on 192.168.134.0.
04:52So any traffic goes out of this 0.0.0.0 gateway in this range, right?
05:00So when it goes out this gateway, it's doing NAT, so network address translation, and it's running off my computer.
05:08So the best examples aren't here, but it's important to know route as well because there could be a machine that you're attacking that has multiple routes.
05:17So you might see a 134 and a 135 because it has a dual home NIC, meaning it has two NICs inside of it.
05:25So it's actually talking to a completely different network that you didn't know existed.
05:29So you might have been attacking one network and the 134 range and then 135 is just out there and this computer can talk to both.
05:37And until that point, you had no idea.
05:39And that's the idea of called pivoting when you switch a network from one to the other, but you're using a machine.
05:46So that's it for this lesson.
05:48In the next lesson, we're going to talk about viewing, creating, and editing files.
Comentarios