Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,090 --> 00:00:07,110 Now looking at our assessment notes so far so you can make this however you want to make it whatever 2 00:00:07,110 --> 00:00:10,280 makes sense for you is how you should do this. 3 00:00:10,290 --> 00:00:15,630 Now this is just a basic example of how I might take notes on an assessment. 4 00:00:15,630 --> 00:00:17,120 Now this is just one machine. 5 00:00:17,130 --> 00:00:21,410 You might be scanning against hundreds of machines sometimes and that's OK. 6 00:00:21,420 --> 00:00:24,660 You just make the notes against the machines and what findings you have. 7 00:00:25,320 --> 00:00:33,350 So for example here I've got this machine and it's all under this one tab and we've got some and mapped 8 00:00:33,350 --> 00:00:34,090 results. 9 00:00:34,770 --> 00:00:38,100 And then on the end MAP results we've got the different parts that I found open. 10 00:00:38,100 --> 00:00:43,210 I did leave off the pieces but we can see our IMAP poll results here. 11 00:00:43,380 --> 00:00:48,810 We can see OK on twenty two I found open SSA each on 80. 12 00:00:48,810 --> 00:00:51,400 Here's some interesting items I may have had. 13 00:00:51,540 --> 00:00:54,970 You know again this is just from our notes looks familiar. 14 00:00:55,260 --> 00:01:02,280 And then I put it in the nick doe scan under here and on one thirty nine I've got the samba here and 15 00:01:02,280 --> 00:01:08,270 this is just notes for us again could anonymously connect to the IPC with S and B clients and our admin. 16 00:01:08,520 --> 00:01:10,740 Your client is never gonna see these. 17 00:01:10,800 --> 00:01:17,010 So make sure you make good notes for yourself how you can understand it and importantly make sure that 18 00:01:17,010 --> 00:01:22,650 if somebody goes through here they can also understand it because sometimes somebody else might need 19 00:01:22,650 --> 00:01:27,130 to go through your report or through your notes or somebody might be helping you write your report. 20 00:01:27,270 --> 00:01:31,210 And it's important to be clear and concise with what you're doing. 21 00:01:31,230 --> 00:01:32,970 Now I've got an exploitation tab here. 22 00:01:32,970 --> 00:01:37,010 We have not explained anything yet but I do have a findings tab here as well. 23 00:01:37,410 --> 00:01:39,410 So we've got a couple of findings already. 24 00:01:39,600 --> 00:01:45,540 We've got this wonderful default test page and it's hard to see because I've got it on my screen that's 25 00:01:45,540 --> 00:01:45,990 blown up. 26 00:01:45,990 --> 00:01:52,080 But you saw it once and make sure that you have the IP address of the hostname in your pictures that's 27 00:01:52,080 --> 00:01:57,960 important and then information disclosure here with the four a four page and we've got the server header 28 00:01:57,960 --> 00:01:58,890 information disclosure. 29 00:01:58,890 --> 00:02:02,180 Now these are both taken in green shot and a couple of things to point out. 30 00:02:02,190 --> 00:02:09,240 Just for details I've got borders added around these and I've highlighted where exactly the finding 31 00:02:09,240 --> 00:02:10,040 is. 32 00:02:10,050 --> 00:02:10,470 OK. 33 00:02:10,500 --> 00:02:15,570 So it's best to point out because if these screenshots are going in a report it's best to find out and 34 00:02:15,570 --> 00:02:20,030 just point out to the client exactly where it is where they need to be looking. 35 00:02:20,040 --> 00:02:23,870 And again make sure you have your identifier here if you can have it. 36 00:02:23,880 --> 00:02:26,440 And then here is a response from the Web site. 37 00:02:26,460 --> 00:02:28,800 And again with the information disclosure. 38 00:02:28,890 --> 00:02:34,140 So that's just a quick example of how your notes should start to form and how they should look and then 39 00:02:34,140 --> 00:02:39,960 we'll do another one after the initial exploitation to kind of show how we exploit this machine and 40 00:02:39,960 --> 00:02:42,520 how we might take some notes for the client as well. 41 00:02:42,570 --> 00:02:47,730 And then you'll get to see this all over again in the sample report we cover. 42 00:02:47,730 --> 00:02:50,050 Report writing towards the end of the course. 43 00:02:50,100 --> 00:02:50,730 So that's it. 44 00:02:50,730 --> 00:02:54,020 Just a quick lesson just to make sure you're still keeping up with your notes. 45 00:02:54,040 --> 00:02:57,330 Going to harp on this throughout because it's very very important. 46 00:02:57,330 --> 00:03:00,170 So I will catch you in the next videos next. 47 00:03:00,180 --> 00:03:04,710 Little mini chapter on some additional scanning tools we'll get right into exploitation. 4928