1
00:00:00,180 --> 00:00:03,120
The first tool up that we're gonna use is power view.

2
00:00:03,340 --> 00:00:07,360
In order to use power view we're going to have to install it.

3
00:00:07,380 --> 00:00:12,970
So what I want you to do is go ahead and just go to Google and go ahead and search for power view.

4
00:00:12,990 --> 00:00:14,280
Get hub.

5
00:00:14,280 --> 00:00:18,150
And you can be brought here to power of you at Master.

6
00:00:18,150 --> 00:00:21,120
This power tools one it's gonna say it's deprecated.

7
00:00:21,120 --> 00:00:22,290
That's fine.

8
00:00:22,290 --> 00:00:27,690
You could also go to the power exploit directory that they have here a repository and you can download

9
00:00:27,690 --> 00:00:28,820
power of you right here.

10
00:00:28,830 --> 00:00:34,410
So your best bet is either to just download these all of these if you want or you can just click on

11
00:00:34,410 --> 00:00:37,880
power of you by itself and download just this file.

12
00:00:37,950 --> 00:00:44,430
I'm going to just download just this file you can go into raw and copy it or copy the path and either

13
00:00:44,430 --> 00:00:45,030
way.

14
00:00:45,030 --> 00:00:51,180
What I want you to do is I want you to go ahead and take this file and then go bring it over to one

15
00:00:51,180 --> 00:00:52,740
of your Windows 10 machines.

16
00:00:52,740 --> 00:01:00,270
It doesn't matter which one the situation that we are having here is that we're going to run power view

17
00:01:00,300 --> 00:01:06,300
which is a power shell type script and we're going to run it and do enumeration with it.

18
00:01:06,300 --> 00:01:08,190
We're going to see what we can do for us.

19
00:01:08,220 --> 00:01:11,390
However we're going to run it directly from the machine.

20
00:01:11,400 --> 00:01:18,000
Now in an attacker situation say we have access to a shell then we'll use that shell and we're going

21
00:01:18,000 --> 00:01:23,940
to load power shell and we'll upload this file for example and then we'll still run power of you.

22
00:01:23,970 --> 00:01:29,310
The nice thing about running it on our machine here is just that it allows us to kind of auto tab complete

23
00:01:29,340 --> 00:01:32,730
which we won't have and it'll just make things a little bit smoother.

24
00:01:32,730 --> 00:01:37,950
So in a realistic scenario you're not going to be on the machine on like an already piece session you

25
00:01:37,950 --> 00:01:39,000
might be.

26
00:01:39,000 --> 00:01:43,890
Chances are you're not going to RTP into most machines but if you can't get RTP access and you know

27
00:01:43,890 --> 00:01:48,450
it's a machine that a user is not using like a server or something that's just sitting there and you

28
00:01:48,450 --> 00:01:52,290
have already access to it then feel free to log in and do it this way.

29
00:01:52,290 --> 00:01:56,190
But for now this is just the best way to demonstrate.

30
00:01:56,220 --> 00:01:57,300
So go ahead.

31
00:01:57,300 --> 00:02:02,370
I have it sitting in my downloads folder you can put it wherever you want and then we'll go ahead and

32
00:02:02,370 --> 00:02:03,360
just kind of go from there.

33
00:02:03,360 --> 00:02:08,910
So meet me in the next video once you've got power of you put onto your machine and we'll go ahead and

34
00:02:08,910 --> 00:02:11,730
start enumerating the domain using power of you.