Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,150 --> 00:00:04,020 Welcome to the section on scanning an enumeration. 2 00:00:04,050 --> 00:00:12,810 So in this first episode we're going to focus on installing a vulnerable VM in that vulnerable VM is 3 00:00:12,810 --> 00:00:14,280 called the key objects. 4 00:00:14,280 --> 00:00:16,570 So I am on the Google machines. 5 00:00:16,590 --> 00:00:18,840 I am here not in a VM. 6 00:00:18,840 --> 00:00:20,970 This is on my windows machine. 7 00:00:20,970 --> 00:00:27,710 So we're going to install a second VM and we're going to run Cally and the secondary VM together. 8 00:00:27,780 --> 00:00:32,810 So go ahead and go to Google and I want you just to search for CAP tricks. 9 00:00:32,820 --> 00:00:42,610 Level one should appear and we're looking for Volm hub right here at the top so Von hub is a great resource. 10 00:00:43,070 --> 00:00:48,800 If we go to the home page really quick and we take a peek you can see that ball and hub just has a bunch 11 00:00:48,890 --> 00:00:52,210 of different machines in here and these are all vulnerable machines. 12 00:00:52,220 --> 00:00:55,540 You can actually download these and you can see the different levels on them. 13 00:00:55,550 --> 00:00:59,690 Beginner to intermediate what kind of flags are available etc.. 14 00:00:59,720 --> 00:01:04,790 So it's really nice because every machine has a vulnerability and it's kind of like a puzzle you know 15 00:01:04,790 --> 00:01:06,860 you want to want to download it. 16 00:01:06,860 --> 00:01:09,050 You want to run it and try to break into it. 17 00:01:09,080 --> 00:01:13,340 So these are really good and they have a lot of different practice ones. 18 00:01:13,340 --> 00:01:14,840 There's good lists out there. 19 00:01:14,870 --> 00:01:21,590 If you're planning on taking something like the OCP there's a list out there by a guy named Apache that 20 00:01:21,650 --> 00:01:27,920 has OSTP to vulnerable black boxes and we can just google that as well. 21 00:01:27,920 --> 00:01:29,660 Everything's on Google guys. 22 00:01:29,660 --> 00:01:39,530 So we could say something like Von hub OSTP boxes something like that and batches first one right here 23 00:01:39,530 --> 00:01:43,240 is this and you could see Catholics Level one is actually on the list. 24 00:01:43,250 --> 00:01:45,340 So we are in the beginner friendly. 25 00:01:45,350 --> 00:01:50,000 We're going to do a walkthrough first of this box and then we'll walk through some more machines and 26 00:01:50,000 --> 00:01:54,250 just give you that repetition in and it will get better and better as we go. 27 00:01:54,440 --> 00:01:57,110 So back to the story at hand. 28 00:01:57,200 --> 00:02:02,210 We're going to be doing is we're going to be downloading this guy and then running it. 29 00:02:02,240 --> 00:02:07,490 So if you see right here there is a download button or to go ahead and just click that download button 30 00:02:07,790 --> 00:02:08,690 and click the right one. 31 00:02:08,690 --> 00:02:13,810 It's going to have an option for us to directly download a mirror download and then a magnet download 32 00:02:13,820 --> 00:02:15,150 if you are a torrent user. 33 00:02:15,410 --> 00:02:21,720 So I'm going to click on this and access denied okay I'll click on the mirror. 34 00:02:21,720 --> 00:02:28,170 This is why we have a mirror and then I'm going to hit save down here and go ahead and download this 35 00:02:28,200 --> 00:02:35,480 and then meet me with your VM where open open a secondary VM where when yours is done. 36 00:02:35,510 --> 00:02:38,280 So go ahead and pause and then come back. 37 00:02:38,320 --> 00:02:38,710 All right. 38 00:02:38,740 --> 00:02:43,600 So at this point we should have this VM we're running here and in the background. 39 00:02:43,600 --> 00:02:48,650 I also have a secondary VM where so when I say secondary I've got Cally running here in the back. 40 00:02:48,680 --> 00:02:53,270 Can see it and then I also have this VM workstation right here. 41 00:02:53,290 --> 00:03:00,610 So what we also need to do is we need to locate the newly downloaded file and that is going to be a 42 00:03:00,640 --> 00:03:02,100 rar file. 43 00:03:02,140 --> 00:03:04,510 So go ahead and find that. 44 00:03:04,510 --> 00:03:07,120 So I use a tool called seven zip. 45 00:03:07,120 --> 00:03:11,560 You're more than welcome to use something like when RAR or whatever to open these. 46 00:03:11,740 --> 00:03:14,200 And then I'm just going to extract this where I want it. 47 00:03:14,200 --> 00:03:15,480 So go ahead and extract. 48 00:03:15,490 --> 00:03:18,950 I'm just going to drag and drop it right now to the folder I'm putting it in. 49 00:03:18,970 --> 00:03:22,160 And we should be good to go there. 50 00:03:22,290 --> 00:03:28,860 So from that point once you're all extracted and pause if you need to go ahead and close out of your 51 00:03:29,430 --> 00:03:35,900 seven zip here and then you're just going to go ahead and select open a virtual machine so it's like 52 00:03:35,900 --> 00:03:40,220 that navigate to the folder that has key app tricks in it here. 53 00:03:40,270 --> 00:03:46,580 Minus in my downloads folder I'm going to go ahead and click on key optics and that's going to set the 54 00:03:46,580 --> 00:03:48,100 machine for us here. 55 00:03:49,080 --> 00:03:53,550 And then what we're going to do is we're going to edit the machine settings and make sure that everything 56 00:03:53,550 --> 00:03:54,960 is correct. 57 00:03:55,110 --> 00:04:02,930 So we're going to give it a net setting instead of a bridge setting here and we can look at the memory. 58 00:04:02,930 --> 00:04:05,110 Sixty four megabytes. 59 00:04:05,110 --> 00:04:06,040 That's a little low. 60 00:04:06,040 --> 00:04:07,930 I'm going to go ahead just give it a little bit more. 61 00:04:07,930 --> 00:04:10,350 I'm going to give it like 256. 62 00:04:10,360 --> 00:04:14,050 You don't need a lot for this because all we're doing is running it in the background. 63 00:04:14,050 --> 00:04:15,460 But we do want to give it a little bit. 64 00:04:15,490 --> 00:04:17,080 Just so I kind of boots. 65 00:04:17,080 --> 00:04:17,640 Kind of quick. 66 00:04:17,650 --> 00:04:23,710 So we'll go ahead and hit ok on that and now there's one more thing that we want to do. 67 00:04:23,710 --> 00:04:25,560 I'm going to drag this over. 68 00:04:25,570 --> 00:04:29,550 Go ahead and open up your folder with your key objects. 69 00:04:29,830 --> 00:04:31,480 So it should look something like this. 70 00:04:31,480 --> 00:04:35,010 We have this file folder in here we've got some configurations. 71 00:04:35,020 --> 00:04:37,310 We've got the actual VM sitting right here. 72 00:04:37,480 --> 00:04:40,620 There is this virtual machine configuration file here. 73 00:04:40,660 --> 00:04:44,570 We're going to go ahead and just right click on that and select edit. 74 00:04:44,620 --> 00:04:49,210 Now you can open with a you can choose another app and hit notepad. 75 00:04:49,210 --> 00:04:53,800 If you don't have something like let's just go through this together we'll use Notepad because that's 76 00:04:53,800 --> 00:04:55,010 very common. 77 00:04:55,030 --> 00:05:03,540 So go ahead and use Notepad and say OK I'm going to drag it over and then all we're going to do is hit 78 00:05:03,550 --> 00:05:07,960 control and F together and all we're going to do is search for bridged. 79 00:05:07,960 --> 00:05:15,770 Now we're gonna go ahead and take the match case off and just hit find next and here we see under either 80 00:05:15,770 --> 00:05:18,200 net zero network name equals bridge. 81 00:05:18,200 --> 00:05:25,480 We're going to actually just go ahead and change that to net and they're going to head save and then 82 00:05:25,480 --> 00:05:28,550 we're gonna come back into our machine. 83 00:05:28,660 --> 00:05:32,690 I'm going to go ahead and just power it on and go ahead and select. 84 00:05:32,710 --> 00:05:36,100 I copied it and now this I'll boot up. 85 00:05:36,180 --> 00:05:41,950 It'll just take a minute here and then we should be brought to a screen where we are successfully loaded. 86 00:05:42,010 --> 00:05:45,550 And another note is if you click in the machine you're going to notice that you might not be able to 87 00:05:45,550 --> 00:05:47,200 move your mouse around and moving the mouse. 88 00:05:47,200 --> 00:05:48,790 Now it's not working. 89 00:05:48,790 --> 00:05:54,130 All you gotta do is hit control and ult together as it says to return your computer and then you come 90 00:05:54,130 --> 00:05:54,800 back. 91 00:05:54,820 --> 00:05:58,510 So if you ever have that issue control it will get you back out of that mode. 92 00:05:59,080 --> 00:05:59,770 So here we go. 93 00:05:59,770 --> 00:06:05,590 We are now at this screen is as welcome to capture it's level 1 penetration and assessment environment. 94 00:06:05,860 --> 00:06:07,940 And then it gives us a log in prompt. 95 00:06:07,990 --> 00:06:11,710 So from here we're actually not going to try to attack the log in. 96 00:06:11,830 --> 00:06:15,250 We're going to take this off line and or we're going to minimize this. 97 00:06:15,250 --> 00:06:20,840 I should say we're going to log into our Kelly Linux machine and we're gonna try to attack it. 98 00:06:20,860 --> 00:06:25,270 So first step is we're going to scan it do a little bit of enumeration and then we'll do some attacking 99 00:06:25,630 --> 00:06:26,830 and kind of go from there. 100 00:06:27,070 --> 00:06:29,270 So that's it from this video. 101 00:06:29,290 --> 00:06:31,260 Go ahead and minimize. 102 00:06:31,480 --> 00:06:36,640 Log into your Kelly machine and then I will catch you over in the next video where we start talking 103 00:06:36,640 --> 00:06:37,360 about and map. 10279