WEBVTT 00:07.400 --> 00:07.880 Okay. 00:07.880 --> 00:08.330 Welcome. 00:08.330 --> 00:12.980 Today we're going to install and mess around with angry IP scanner. 00:13.070 --> 00:15.290 First thing we need to do is open up our terminal. 00:15.290 --> 00:17.450 I'm going to blow this up so you can see it. 00:17.450 --> 00:19.220 But I actually got ahead of myself. 00:19.250 --> 00:23.480 We're actually going to go to Firefox and download angry IP scanner. 00:23.540 --> 00:25.670 So I'm just going to do a quick Google search. 00:25.670 --> 00:28.250 So we'll go to google.com. 00:28.790 --> 00:34.280 And then we're just going to do angry IP scanner just like that. 00:34.280 --> 00:36.530 And we can download it right here. 00:36.560 --> 00:39.950 So let me hit that download button and you'll notice it has a windows, Mac and Linux. 00:39.950 --> 00:42.170 We want the Linux version right there. 00:42.260 --> 00:46.700 And we are operating on Kali with a Debian system. 00:46.700 --> 00:48.800 So I'm going to click that one right there. 00:49.610 --> 00:51.620 It's going to say to continue to download. 00:54.350 --> 00:56.750 And continue right there. 01:02.340 --> 01:03.540 And there we go. 01:03.540 --> 01:04.380 It is off. 01:04.410 --> 01:06.090 It is downloading. 01:06.750 --> 01:07.890 It doesn't take much. 01:07.920 --> 01:09.090 You'll notice that it's already there. 01:09.090 --> 01:10.680 So I can show it in the folder. 01:10.950 --> 01:12.630 It's in our downloads right there. 01:12.660 --> 01:14.970 So now we're going to go back to the terminal. 01:15.810 --> 01:18.720 Right here I'm going to do a change directory to downloads. 01:18.720 --> 01:23.040 Don't forget that capital D and hit tab to finish that off. 01:23.550 --> 01:27.660 And if I do an LZ right there we can see it right there. 01:27.690 --> 01:32.760 So now we need to do a sudo and then dpkg. 01:33.000 --> 01:38.130 We're going to do a switch or tac I and then IP scan. 01:38.160 --> 01:42.090 I'm just going to hit the tab button to finish that off and enter. 01:42.240 --> 01:43.800 Ask me for my password. 01:43.830 --> 01:46.080 And it's going to go to town and do its thing. 01:46.080 --> 01:47.550 Now we should have that downloaded. 01:47.550 --> 01:51.750 Now if I click on this right here I type in angry. 01:51.780 --> 01:54.780 You can see now that we have angry IP scanner right there. 01:55.020 --> 01:56.550 I'm just going to click on that. 01:57.360 --> 01:58.870 Hit next. 01:59.770 --> 02:00.670 Next again. 02:00.700 --> 02:03.730 We're just going to hit next through all this and then finally close. 02:03.730 --> 02:05.050 And here you go. 02:05.080 --> 02:07.690 We've got our angry IP scanner sitting right here. 02:07.720 --> 02:11.110 Now I'm going to have to do something I want to scan something. 02:11.110 --> 02:16.030 And because Kali is on a virtual machine I actually need to restart a new virtual machine. 02:16.150 --> 02:19.120 So I'm going to start up my trusty Archaeopteryx two. 02:19.180 --> 02:22.360 This is going to take a second to get uploaded, or I should say uploaded. 02:22.360 --> 02:24.280 It's going to take a second to get started. 02:25.480 --> 02:29.620 You can see here I had it on the other screen, but I'm going to start running the Archaeopteryx two 02:29.650 --> 02:34.660 to let it scan through there, and it'll just take a second for it to start booting up. 02:34.930 --> 02:42.160 Now I have Archaeopteryx two running on the same subnet as I have my Kali box. 02:42.160 --> 02:46.810 And I can show you that do VirtualBox. 02:46.810 --> 02:48.970 Here you can see that my Archaeopteryx two is right here. 02:48.970 --> 02:53.770 If I go to settings and then network, it's running on Nat network just like that. 02:53.770 --> 02:57.320 And then Kali, if I do the same thing Settings network. 02:57.320 --> 02:58.250 It's on that network. 02:58.250 --> 03:02.150 And that's important because if it's on the different subnet, it'll never see each other. 03:02.150 --> 03:03.080 And that's a bad thing. 03:03.080 --> 03:08.420 So next thing I need to do, because I'm running on that specific virtual machine, is I'm just going 03:08.450 --> 03:13.190 to do an ifconfig to figure out where I am as far as IPS. 03:13.190 --> 03:21.710 And you can see here that I'm running on ten .0.2.9 now with angry IP scanner because of it's a lightweight 03:21.740 --> 03:22.850 way of doing it. 03:22.880 --> 03:27.680 I'm just going to put 10.0.2.0 through 255. 03:27.710 --> 03:32.570 That should scan the entire final octet or the slash 24 Cidr. 03:32.810 --> 03:35.690 I'm just going to hit start right there and let it go to town. 03:35.690 --> 03:43.580 And if I expand this out you can see partially see if I can blow that up for you guys I can't it's not 03:43.580 --> 03:44.390 going to let me. 03:44.630 --> 03:46.460 But you can see that it's going through. 03:46.460 --> 03:48.560 And we've got 10.3. 03:49.340 --> 03:51.350 And it said it took 14 seconds. 03:51.560 --> 03:53.960 Average time per host 0.06 seconds. 03:53.960 --> 03:55.650 Host scan 254. 03:55.770 --> 03:58.680 Five hosts alive, two ports open. 03:59.130 --> 04:04.170 So we set that and then you can see right here with the green those are active machines. 04:04.200 --> 04:07.530 Now we have 2.5 and we have 2.3. 04:07.530 --> 04:09.930 And if I scroll down there shouldn't be any others. 04:10.920 --> 04:12.060 And there's not. 04:12.090 --> 04:12.900 Right. 04:12.900 --> 04:19.950 So we can see that 2.3 has port 80 open and 2.5 has 80 and 443. 04:19.980 --> 04:28.860 Now if I go back to that terminal and we know that 2.9 is my own machine and it is not unlike nmap showing 04:28.890 --> 04:30.030 2.9 is active. 04:30.030 --> 04:31.800 So that means 2.3 and 2.5. 04:31.830 --> 04:35.940 Now VirtualBox is going to keep alive these first three. 04:35.970 --> 04:43.230 Okay so 2122 and two three are all VirtualBox which means 2.5 is going to be Archaeopteryx's machine. 04:43.230 --> 04:45.930 But how do I how do I make sure of that. 04:45.960 --> 04:46.740 Right. 04:46.770 --> 04:50.700 Well I can use nmap at that point which I'm going to do. 04:50.880 --> 04:56.640 So now I've got that 2.5 I just need to run nmap to verify that that is correct. 04:56.640 --> 05:01.740 So I'm going to do a sudo there sudo I can't type today. 05:01.770 --> 05:07.290 Nmap switch capital O10 .0.2.5. 05:07.380 --> 05:12.390 And that should run through and verify that it is that machine. 05:12.390 --> 05:16.950 And we can see here because of all these open ports that is an actual machine. 05:17.280 --> 05:22.410 You can also see that it's running Linux version 2.61 hop distance. 05:22.410 --> 05:25.290 So that is 100% my option two. 05:25.290 --> 05:27.720 Now then what happens when we run it on 2.3. 05:28.950 --> 05:31.020 It's going to come back and it's not going to give us much. 05:31.020 --> 05:32.010 So there we go. 05:32.040 --> 05:32.340 See. 05:32.340 --> 05:34.890 So it's not a real it's not really open. 05:34.890 --> 05:36.960 It's just VirtualBox saying it is okay. 05:36.990 --> 05:37.440 All right. 05:37.440 --> 05:43.260 So that's angry IP scanner very quick very clean very easy to run through I like angry IP scanner because 05:43.260 --> 05:45.120 it's it's so quick right. 05:45.150 --> 05:45.990 It goes through it. 05:46.020 --> 05:49.830 So I like I like angry IP scanner I do it's quick. 05:49.830 --> 05:50.340 It's clean. 05:50.340 --> 05:51.630 It's giving me a GUI interface. 05:51.630 --> 05:55.540 But honestly, I'm not a big fan of it because of so limited capability. 05:55.570 --> 05:57.310 I mean, it's great if you want a graphical interface. 05:57.310 --> 05:58.060 It really is. 05:58.060 --> 06:00.310 But nmap does the same thing and much quicker. 06:00.310 --> 06:05.740 So let me show you I'm going to blow this up and we'll just do a sudo which I'm sure you don't even 06:05.740 --> 06:06.460 need to do. 06:06.460 --> 06:10.390 And then you do nmap and then switch as in report scans. 06:10.390 --> 06:13.750 Then switch to dot zero slash 24. 06:13.780 --> 06:20.470 And this does a ping scan for all those different IP addresses on that final octet using that 24 right 06:20.470 --> 06:21.070 there. 06:21.310 --> 06:22.300 So I hit enter on there. 06:22.300 --> 06:25.960 It's going to ask me my thing and it's going to go through the motions. 06:25.960 --> 06:28.960 And we should start to see very quickly. 06:28.990 --> 06:31.870 In no time at all we can see that. 06:31.870 --> 06:37.570 It's telling me a 2.9 up 2.5 up 2.32.22.1. 06:37.600 --> 06:42.340 Now angry IP scanner goes through and it says, well 80 and 443 are open. 06:42.340 --> 06:45.820 And so I guess if I really wanted to know that I could. 06:45.850 --> 06:46.360 Right. 06:46.390 --> 06:49.120 So it does provide me some some extra actionable items. 06:49.120 --> 06:52.770 But I could do that with nmap as well. 06:52.770 --> 06:54.960 And there is a trick for that. 06:55.380 --> 06:57.150 So I could do a switch f. 06:57.150 --> 07:02.190 So if I open this back up I can do a pseudo nmap. 07:02.460 --> 07:07.680 I could do a switch capital f ten .0.2.0. 07:07.680 --> 07:09.420 Excuse me slash 24. 07:09.690 --> 07:13.500 Hit enter and it will pretty much do the same thing for me. 07:14.640 --> 07:20.430 And look it kind of goes through the motions and you can see and it provides more data to I mean the 07:20.430 --> 07:26.130 other one only told me I had port 80 and 443 open, but capital F is going to tell me that I got everything 07:26.160 --> 07:28.350 open, but it doesn't provide that GUI interface. 07:28.350 --> 07:33.420 So I mean, if I'm doing large networks, I guess I would prefer angry IP scanner. 07:33.450 --> 07:38.460 Like if I had a lot of items on this, it would be nice to kind of go through and go, oh, okay, it's 07:38.460 --> 07:39.450 open or it's not. 07:39.450 --> 07:45.060 But for something small like 5 or 6 hosts, I think I prefer nmap, it just does it quicker. 07:45.330 --> 07:47.040 Um, anyway, that's angry IP scanner. 07:47.040 --> 07:48.930 I hope that's helpful and we will see you next time. 07:48.930 --> 07:49.830 Thank you everyone.