1
00:00:00,740 --> 00:00:07,460
Operating system and burden addiction, there are some advantage options provided by and apart from

2
00:00:07,460 --> 00:00:10,040
a scanning port scanning, of course.

3
00:00:10,040 --> 00:00:13,730
So these options can help us gain more information about our target.

4
00:00:14,270 --> 00:00:18,200
And one of the most widely used options is operating system identification.

5
00:00:19,280 --> 00:00:23,390
So this kind of help us identifying the operating system running on the target machine.

6
00:00:23,930 --> 00:00:33,110
So our operating system detection scan Ottawa's is here like the world bays like that here.

7
00:00:40,890 --> 00:00:43,200
Excellence interruptus clear.

8
00:00:43,740 --> 00:00:46,450
So anyway, so, uh.

9
00:00:47,100 --> 00:00:49,440
Oops, I'm sorry, your resolution.

10
00:00:51,790 --> 00:00:54,190
There's a two years.

11
00:00:56,030 --> 00:00:57,380
If this configuration.

12
00:01:08,690 --> 00:01:10,520
Not so.

13
00:01:17,760 --> 00:01:26,160
No, we will do the in-app scanning here operating system with an ID scanning kit in order to do that.

14
00:01:26,550 --> 00:01:28,080
We will use up.

15
00:01:29,730 --> 00:01:39,180
Or two operating system for operating system IDs, or we might need a pseudo here, root access or here

16
00:01:39,180 --> 00:01:47,060
and enter your port address of your target to actually enter IP address of your target machine 135 onto

17
00:01:47,080 --> 00:01:47,250
it.

18
00:01:49,390 --> 00:01:51,310
So, uh, now.

19
00:01:53,040 --> 00:01:53,420
Now.

20
00:01:55,710 --> 00:01:56,850
Let's enter here.

21
00:01:57,490 --> 00:01:58,890
Uh, enter password.

22
00:02:00,500 --> 00:02:01,010
And.

23
00:02:09,430 --> 00:02:11,410
Here, what's the problem here?

24
00:02:13,120 --> 00:02:14,050
Incorrect, so.

25
00:02:19,570 --> 00:02:20,100
Yes, actually.

26
00:02:20,650 --> 00:02:30,370
As you can see here, we have Typekit machine is running on Linux here, a Linux 2.0 kind of version

27
00:02:30,370 --> 00:02:39,520
two point six point nine here or two point six point thirty two network distance is one hope because

28
00:02:39,520 --> 00:02:42,920
it's the long address, so it's not calling routing anywhere.

29
00:02:42,940 --> 00:02:44,920
It's just and connecting the article to it.

30
00:02:45,610 --> 00:02:54,700
And then now we will open our Windows machine to make an operating system detection here.

31
00:02:55,330 --> 00:03:03,330
Now I will open the Windows seven machine here, opening the windows here, windows, and let's show

32
00:03:03,340 --> 00:03:04,840
these windows to you.

33
00:03:06,520 --> 00:03:07,000
OK.

34
00:03:08,690 --> 00:03:10,520
So this is our Windows machine.

35
00:03:12,490 --> 00:03:12,850
Yes.

36
00:03:14,310 --> 00:03:15,480
And that started.

37
00:03:40,520 --> 00:03:50,390
Here and now, we will scan all of our addresses to find which, uh, our uh, what is our Windows seven

38
00:03:50,600 --> 00:03:54,170
line address or and map in the SUV?

39
00:03:54,590 --> 00:04:00,590
Well, here's our local, uh, address here and to 55.

40
00:04:03,010 --> 00:04:04,060
Actually, 24.

41
00:04:10,620 --> 00:04:16,410
Scanning ninety point ninety two point ninety one, he's done.

42
00:04:17,580 --> 00:04:28,080
200 a 253 is completed, underwent the scan here, so as you can see here, we have um, we have actually

43
00:04:28,620 --> 00:04:29,760
not is not this.

44
00:04:33,450 --> 00:04:34,310
Metasploit.

45
00:05:06,110 --> 00:05:10,580
So as you can see, this is out Windows machine IP address.

46
00:05:10,840 --> 00:05:14,840
Now we found it inside with, um, two.

47
00:05:16,510 --> 00:05:21,490
True here, as you can see here, uh, poll 53 is opened.

48
00:05:23,620 --> 00:05:30,010
And then now we can do the two acts you can see here, um.

49
00:05:31,200 --> 00:05:37,830
So this is actually not a windows, this is the windows we have when we're playing virtual, uh, networks,

50
00:05:38,130 --> 00:05:40,000
um, the device here.

51
00:05:40,560 --> 00:05:41,610
Uh, so.

52
00:05:49,830 --> 00:05:53,850
Our window of St. Pete is not going to torture for.

53
00:06:28,410 --> 00:06:35,580
So you can see this in network distance of one home Buswell and the other is is this is not an individual

54
00:06:35,580 --> 00:06:35,960
device.

55
00:06:35,970 --> 00:06:37,830
This isn't just a virtual machine.

56
00:06:37,830 --> 00:06:46,260
And because of that, we can be seeing here, um, make a major address, uh, of our, uh, we we have

57
00:06:46,260 --> 00:06:47,100
visual device.

58
00:06:48,530 --> 00:06:55,790
So, um, the other widely used option is motion detection, so aversion detection of different ports

59
00:06:55,790 --> 00:06:56,450
on the target.

60
00:06:56,990 --> 00:06:59,980
So it can be mixed with any of these types of guns.

61
00:06:59,990 --> 00:07:01,880
So actually, we don't need windows anywhere.

62
00:07:02,150 --> 00:07:06,920
Uh, we have and we have operating system for penetration testing here.

63
00:07:07,340 --> 00:07:12,020
So another well used option is, uh, vision connection here.

64
00:07:12,350 --> 00:07:14,030
Uh, which is a.

65
00:07:16,010 --> 00:07:18,800
So what version detection is?

66
00:07:18,800 --> 00:07:23,780
Uh, version detection is an, uh, different, uh, across the different open ports on the target.

67
00:07:23,780 --> 00:07:31,430
And uh, but detection the versions of our open ports so it can be mixed with any of the, uh, scan

68
00:07:31,430 --> 00:07:38,210
types that we have previously to add extra bit information of what visual services are running on the

69
00:07:38,210 --> 00:07:40,070
ports of the target.

70
00:07:40,460 --> 00:07:43,310
Uh, we add like that.

71
00:07:43,520 --> 00:07:54,110
So in map as we enter your IP address, uh, here and your IP address, that IP address and no.

72
00:07:55,650 --> 00:08:05,550
It's running the Virgin Addiction for, um, Typekit machine here, as you can see, we have, um detected

73
00:08:05,550 --> 00:08:13,110
what a virtual audience is using, for example, my squirrel five point point fifty one V.A. Protocol

74
00:08:13,170 --> 00:08:18,150
3.3 Post-career Esquibel, uh, eight point 3.0.

75
00:08:18,300 --> 00:08:24,780
So as you can as you know why we did it, because we can find exploits for these versions, for example,

76
00:08:24,780 --> 00:08:29,600
they can, uh, find exploits about somebody else in the assembly here.

77
00:08:30,000 --> 00:08:35,910
Uh, or we can, uh, find FTP, uh, for example, this version of F2P here.

78
00:08:37,470 --> 00:08:38,970
Exploit here, for example.

79
00:08:44,170 --> 00:08:50,290
As you can see, a better command execution, we have exploited years exploit database we have here

80
00:08:50,290 --> 00:08:57,340
so we can hack this device with these open ports because of that, how we can do it because we did and

81
00:08:57,350 --> 00:09:01,000
the information actually saves detection here.

82
00:09:01,010 --> 00:09:09,700
So in this target machine, we know which ports and which if DP service version is using so we can find

83
00:09:09,700 --> 00:09:12,250
relative exploits to hack these machine.