Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,320 --> 00:00:01,920 So I kind of want to go through the 2 00:00:01,920 --> 00:00:04,319 basics again for people who just got 3 00:00:04,319 --> 00:00:07,359 started not sure what to do. They've 4 00:00:07,359 --> 00:00:10,160 installed Ki Linux. Now you kind of it 5 00:00:10,160 --> 00:00:11,920 begs the question, okay, what do I do 6 00:00:11,920 --> 00:00:15,839 now? So just to kind of recap, I'm sure 7 00:00:15,839 --> 00:00:18,000 you've seen a lot of YouTube videos. I'm 8 00:00:18,000 --> 00:00:19,359 sure you've seen a lot of YouTube 9 00:00:19,359 --> 00:00:22,560 tutorials on Kali Linux or maybe just 10 00:00:22,560 --> 00:00:24,720 Linux itself. 11 00:00:24,720 --> 00:00:26,880 I want to kind of go through the basics 12 00:00:26,880 --> 00:00:31,760 again to kind of guide people into this 13 00:00:31,760 --> 00:00:33,520 Linux distribution a little bit better. 14 00:00:33,520 --> 00:00:36,719 Kind of what is it all about? Uh this is 15 00:00:36,719 --> 00:00:38,559 just a beginner video. So I mean if you 16 00:00:38,559 --> 00:00:39,840 already know this stuff there's no point 17 00:00:39,840 --> 00:00:42,719 in watching it. Uh but Kali Linux let me 18 00:00:42,719 --> 00:00:44,800 just go through just dive straight into 19 00:00:44,800 --> 00:00:48,000 it. Kali Linux is a operating system 20 00:00:48,000 --> 00:00:51,120 used by ethical hackers. This operating 21 00:00:51,120 --> 00:00:54,480 system is used w it's widely known for 22 00:00:54,480 --> 00:00:58,079 ethical hacking purposes uh related to 23 00:00:58,079 --> 00:01:00,399 security researching discovering 24 00:01:00,399 --> 00:01:03,039 vulnerabilities on web applications 25 00:01:03,039 --> 00:01:04,559 because of the tools that you would use 26 00:01:04,559 --> 00:01:06,880 in this distribution. There's a lot of 27 00:01:06,880 --> 00:01:09,920 tools and suites which are pre-installed 28 00:01:09,920 --> 00:01:11,840 which you can use to practice your 29 00:01:11,840 --> 00:01:14,400 skills and actually to be a hacker. Um 30 00:01:14,400 --> 00:01:16,960 I'm sure you installed K Linux not to 31 00:01:16,960 --> 00:01:19,280 just play around and play video games. 32 00:01:19,280 --> 00:01:22,400 you installed Ki Linux for the intent to 33 00:01:22,400 --> 00:01:25,360 hack uh responsibly. Of course, I do not 34 00:01:25,360 --> 00:01:27,759 condone any illegal activity and I sure 35 00:01:27,759 --> 00:01:30,720 is don't promote any illegal activity or 36 00:01:30,720 --> 00:01:33,200 any illegal endeavor. I am what you call 37 00:01:33,200 --> 00:01:36,159 a ethical hacker, someone who finds a 38 00:01:36,159 --> 00:01:38,640 vulnerability and loves the opportunity 39 00:01:38,640 --> 00:01:40,720 to report it and actually to do good 40 00:01:40,720 --> 00:01:42,079 because it makes the world a better 41 00:01:42,079 --> 00:01:45,360 place. And I would like to kind of go 42 00:01:45,360 --> 00:01:47,040 through the basics to kind of guide 43 00:01:47,040 --> 00:01:50,159 people into the direction of Ki Linux 44 00:01:50,159 --> 00:01:52,399 itself, you know, because it has 600 45 00:01:52,399 --> 00:01:55,119 tools. And if I try to show 600 tools, 46 00:01:55,119 --> 00:01:58,479 we might be here for 2 weeks or even a 47 00:01:58,479 --> 00:02:02,560 month uh to be, you know, honest. It's 48 00:02:02,560 --> 00:02:04,640 just going to take a long time to show 49 00:02:04,640 --> 00:02:06,960 you 600 tools. I don't think that's 50 00:02:06,960 --> 00:02:09,920 really needed. Um 600 tools is not 51 00:02:09,920 --> 00:02:11,599 really necessary for, you know, your 52 00:02:11,599 --> 00:02:13,360 endeavor. You probably thought, "Do I 53 00:02:13,360 --> 00:02:15,200 need to learn 600 tools, Dicklin?" No, 54 00:02:15,200 --> 00:02:17,840 you don't. You don't need to learn 600. 55 00:02:17,840 --> 00:02:19,280 You probably learn need to learn about 56 00:02:19,280 --> 00:02:21,360 the basics probably around about five at 57 00:02:21,360 --> 00:02:23,280 least. So, we're going to just kind of 58 00:02:23,280 --> 00:02:24,720 go through the basics first. So, when 59 00:02:24,720 --> 00:02:27,200 you install Ky Linux, this is the first 60 00:02:27,200 --> 00:02:29,040 thing that you see. You've got this 61 00:02:29,040 --> 00:02:31,360 drop-own menu here. This menu is just 62 00:02:31,360 --> 00:02:34,800 for uh categories associated with the 63 00:02:34,800 --> 00:02:36,879 particular field you're interested in. 64 00:02:36,879 --> 00:02:38,959 Uh and then in this category has the 65 00:02:38,959 --> 00:02:41,360 tools to do that particular thing. So 66 00:02:41,360 --> 00:02:43,519 for example, reconnaissance is all 67 00:02:43,519 --> 00:02:46,000 about, you know, information gathering. 68 00:02:46,000 --> 00:02:48,480 This is what you call recon or like it 69 00:02:48,480 --> 00:02:50,239 says there, reconnaissance, information 70 00:02:50,239 --> 00:02:52,319 gathering. And it just has a lot of 71 00:02:52,319 --> 00:02:54,160 open-source intelligence tools. It 72 00:02:54,160 --> 00:02:57,040 allows you to discover, find, research 73 00:02:57,040 --> 00:02:59,200 information. That's all this is. Um, so 74 00:02:59,200 --> 00:03:00,480 you know, you got the popular one down 75 00:03:00,480 --> 00:03:01,920 here called Nap. And if you actually 76 00:03:01,920 --> 00:03:03,680 click on it, it just opens it in the 77 00:03:03,680 --> 00:03:05,760 terminal. Because most of these tools 78 00:03:05,760 --> 00:03:07,519 are ter terminal tools. If you don't 79 00:03:07,519 --> 00:03:09,200 know what a terminal is, this terminal 80 00:03:09,200 --> 00:03:10,720 window here, this little window, if you 81 00:03:10,720 --> 00:03:12,319 actually click this icon here, this is a 82 00:03:12,319 --> 00:03:13,760 terminal. It's just like a window 83 00:03:13,760 --> 00:03:15,519 emulator. It's just a window which you 84 00:03:15,519 --> 00:03:17,599 can type other commands commands in to 85 00:03:17,599 --> 00:03:19,440 do something specific. So, if I type in 86 00:03:19,440 --> 00:03:22,000 ls, you can see here it's listed my 87 00:03:22,000 --> 00:03:25,680 files on a computer. So, if I change the 88 00:03:25,680 --> 00:03:28,560 directory by typing cd, which stands for 89 00:03:28,560 --> 00:03:31,360 change directory, into the desktop 90 00:03:31,360 --> 00:03:32,879 directory, where do you think that goes? 91 00:03:32,879 --> 00:03:34,640 It goes into the background. So, you see 92 00:03:34,640 --> 00:03:36,319 this is my desktop environment behind 93 00:03:36,319 --> 00:03:38,959 me. And if I create a folder, so let's 94 00:03:38,959 --> 00:03:41,440 say make directory like this. Make 95 00:03:41,440 --> 00:03:43,680 directory make dur. And let's just say 96 00:03:43,680 --> 00:03:46,319 test. We do that. We can see this folder 97 00:03:46,319 --> 00:03:49,120 just popped up on my screen. And I can 98 00:03:49,120 --> 00:03:50,640 drag it around. It's an actual folder. 99 00:03:50,640 --> 00:03:52,400 If I click on it, so you can see how the 100 00:03:52,400 --> 00:03:54,560 ter terminal emulator can be very handy 101 00:03:54,560 --> 00:03:56,480 when you want to navigate through files 102 00:03:56,480 --> 00:03:58,560 and when you want to navigate through 103 00:03:58,560 --> 00:04:00,239 remote connections and servers and stuff 104 00:04:00,239 --> 00:04:01,599 like that. 105 00:04:01,599 --> 00:04:04,000 So you know you would use the terminal 106 00:04:04,000 --> 00:04:06,480 most of the time to configure 107 00:04:06,480 --> 00:04:09,439 pre-install or even update tools or 108 00:04:09,439 --> 00:04:10,879 software that you would use in 109 00:04:10,879 --> 00:04:12,560 penetration testing. The very first 110 00:04:12,560 --> 00:04:13,439 thing that you should do when you 111 00:04:13,439 --> 00:04:16,400 install K Linux is typing pseudoapp 112 00:04:16,400 --> 00:04:19,919 update and then type a and and put and 113 00:04:19,919 --> 00:04:21,519 and so this is what you call the and 114 00:04:21,519 --> 00:04:23,840 operator which basically means okay run 115 00:04:23,840 --> 00:04:25,440 this command first and then run the 116 00:04:25,440 --> 00:04:28,720 second one. So you can go pseudoapp 117 00:04:28,720 --> 00:04:32,240 upgrade as well. Um, so apt, if you 118 00:04:32,240 --> 00:04:33,759 don't know what this is, it's like an 119 00:04:33,759 --> 00:04:36,080 it's like a package manager. So a 120 00:04:36,080 --> 00:04:37,680 package manager is where you can install 121 00:04:37,680 --> 00:04:39,759 packages, software, and even update it 122 00:04:39,759 --> 00:04:41,680 on your current system without needing 123 00:04:41,680 --> 00:04:43,199 to do a lot of stuff. So you just type 124 00:04:43,199 --> 00:04:45,120 in pseudoapp update, which is going to 125 00:04:45,120 --> 00:04:47,919 fetch the latest packages related to 126 00:04:47,919 --> 00:04:50,479 Kali Linux, which can update current 127 00:04:50,479 --> 00:04:51,919 software and tools that you would use 128 00:04:51,919 --> 00:04:54,000 like Burpu or N Map or whatever it is, 129 00:04:54,000 --> 00:04:57,199 right? Or even Python. uh upgrade 130 00:04:57,199 --> 00:05:00,080 however updates and upgrades the entire 131 00:05:00,080 --> 00:05:03,040 operating system itself um updating the 132 00:05:03,040 --> 00:05:05,040 core packages which makes the operating 133 00:05:05,040 --> 00:05:07,840 system work in Kylo Linux. Uh this works 134 00:05:07,840 --> 00:05:09,440 for any other Linux distribution as 135 00:05:09,440 --> 00:05:11,840 well. It actually upgrades the firmware 136 00:05:11,840 --> 00:05:14,080 and it's pretty nice. So you can see 137 00:05:14,080 --> 00:05:15,919 there it just fetched those packages and 138 00:05:15,919 --> 00:05:17,840 it's configured it and it just bundles 139 00:05:17,840 --> 00:05:19,199 it and it's asking me if I want to 140 00:05:19,199 --> 00:05:20,800 continue to install these other kernel 141 00:05:20,800 --> 00:05:22,400 packages. I'm going to go ahead and do 142 00:05:22,400 --> 00:05:23,840 that. might take a little while 143 00:05:23,840 --> 00:05:25,120 depending on your internet connection, 144 00:05:25,120 --> 00:05:27,520 but it's definitely a necessity if you 145 00:05:27,520 --> 00:05:30,080 want a fast working reliable K Linux 146 00:05:30,080 --> 00:05:31,919 environment when you do penetration 147 00:05:31,919 --> 00:05:34,320 testing or even hack the box like I 148 00:05:34,320 --> 00:05:38,280 always talk about in my videos. 149 00:05:39,280 --> 00:05:41,360 So anyways, uh you can see this folder. 150 00:05:41,360 --> 00:05:42,800 I just dragged it in the bin. It's going 151 00:05:42,800 --> 00:05:44,479 to say empty trash. I don't need that 152 00:05:44,479 --> 00:05:47,280 trash because it is literally trash. Uh 153 00:05:47,280 --> 00:05:49,600 I'm going to minimize my terminal. Don't 154 00:05:49,600 --> 00:05:51,199 close it. Just minimize it. So in the 155 00:05:51,199 --> 00:05:53,440 background it's updating. Uh go to the 156 00:05:53,440 --> 00:05:55,440 applications menu again. So let's have a 157 00:05:55,440 --> 00:05:57,600 look here. So we got reconnaissance. We 158 00:05:57,600 --> 00:05:58,960 just took a look at that. We got burp 159 00:05:58,960 --> 00:06:01,039 sweep which is a popular tool for 160 00:06:01,039 --> 00:06:03,199 intercepting website requests and 161 00:06:03,199 --> 00:06:05,199 applications which helps you analyze 162 00:06:05,199 --> 00:06:07,520 certain requests. It's a lot of 163 00:06:07,520 --> 00:06:09,759 information to handle but you'll get 164 00:06:09,759 --> 00:06:12,080 through it very easily. Um so everything 165 00:06:12,080 --> 00:06:13,759 to do with this category is just 166 00:06:13,759 --> 00:06:16,080 researching and finding stuff. Uh 167 00:06:16,080 --> 00:06:17,440 resource development. It's just 168 00:06:17,440 --> 00:06:18,960 everything to do with like searching for 169 00:06:18,960 --> 00:06:21,360 the right exploit. And honestly, I don't 170 00:06:21,360 --> 00:06:23,199 know what this other stuff is. I haven't 171 00:06:23,199 --> 00:06:25,039 messed with it. The only common ones I 172 00:06:25,039 --> 00:06:27,440 know is search where you search for a 173 00:06:27,440 --> 00:06:29,360 particular exploit that you would use or 174 00:06:29,360 --> 00:06:31,759 run against a vulnerability. Uh MSF 175 00:06:31,759 --> 00:06:34,479 Venom to generate a payload or even 176 00:06:34,479 --> 00:06:36,560 encode payloads which is something that 177 00:06:36,560 --> 00:06:39,039 you get access to. So this is a category 178 00:06:39,039 --> 00:06:42,319 relied strictly on you know gaining 179 00:06:42,319 --> 00:06:44,479 access and having that initial access. 180 00:06:44,479 --> 00:06:46,160 Um, so these are like initial access 181 00:06:46,160 --> 00:06:47,600 tools, you know, it's not like you click 182 00:06:47,600 --> 00:06:49,199 it and then you gain access to it or 183 00:06:49,199 --> 00:06:50,960 something. So you can actually run this 184 00:06:50,960 --> 00:06:52,720 tool against something. So for example, 185 00:06:52,720 --> 00:06:55,360 this tool here called comics is used for 186 00:06:55,360 --> 00:06:56,560 testing command injection 187 00:06:56,560 --> 00:06:59,759 vulnerabilities in a website parameter 188 00:06:59,759 --> 00:07:01,840 just like SQL map. SQL map is used for 189 00:07:01,840 --> 00:07:03,840 SQL injections. This one here comics is 190 00:07:03,840 --> 00:07:06,639 used for command injection. Uh, so it's 191 00:07:06,639 --> 00:07:09,120 very nice. Um, so you do have to do a 192 00:07:09,120 --> 00:07:11,199 lot of research in like web application 193 00:07:11,199 --> 00:07:13,840 security and use Ku Linux as well to 194 00:07:13,840 --> 00:07:15,440 learn about it. That's how I did and 195 00:07:15,440 --> 00:07:17,039 I'll definitely make a tutorial series. 196 00:07:17,039 --> 00:07:18,880 Um, execution tab, everything to gain 197 00:07:18,880 --> 00:07:21,039 access. Again, persistence is like 198 00:07:21,039 --> 00:07:22,960 everything to do with being persistent, 199 00:07:22,960 --> 00:07:24,880 having that persistent access. These are 200 00:07:24,880 --> 00:07:26,639 just tools to gain access to a web 201 00:07:26,639 --> 00:07:29,039 server. Not sure what this top one is. 202 00:07:29,039 --> 00:07:31,520 Uh, privilege escalation. Oh, this is 203 00:07:31,520 --> 00:07:33,039 probably the best thing to learn more 204 00:07:33,039 --> 00:07:35,360 about. Um, privilege escalation is 205 00:07:35,360 --> 00:07:36,960 basically where you have access to a 206 00:07:36,960 --> 00:07:39,759 system already, but you don't have like 207 00:07:39,759 --> 00:07:41,440 higher authority on the system. So, for 208 00:07:41,440 --> 00:07:43,520 example, if you if you for educational 209 00:07:43,520 --> 00:07:46,000 purposes, uh, as an example, if you got 210 00:07:46,000 --> 00:07:49,360 into a vulnerable Windows server 211 00:07:49,360 --> 00:07:50,800 operating system, if you basically 212 00:07:50,800 --> 00:07:52,720 hacked into a Windows computer and 213 00:07:52,720 --> 00:07:54,720 you're you are the basic user, you're 214 00:07:54,720 --> 00:07:56,720 not like the admin user, uh, you can 215 00:07:56,720 --> 00:07:59,599 actually run Win. So, you've got linies 216 00:07:59,599 --> 00:08:01,759 and windpiece. Win is for Windows, 217 00:08:01,759 --> 00:08:04,000 Lindpie is for Linux. So, let's say you 218 00:08:04,000 --> 00:08:05,440 hacked into a Windows computer and you 219 00:08:05,440 --> 00:08:07,759 wanted to find loopholes or find 220 00:08:07,759 --> 00:08:10,080 vulnerable versions in the system. Uh, 221 00:08:10,080 --> 00:08:12,400 Windpiece will automate this for you to 222 00:08:12,400 --> 00:08:14,080 find those things. So, you can do your 223 00:08:14,080 --> 00:08:16,400 research and quickly gain access. Uh, 224 00:08:16,400 --> 00:08:18,000 the same as for Linux. If you hacked 225 00:08:18,000 --> 00:08:19,520 into a Linux server or something like 226 00:08:19,520 --> 00:08:21,280 that, it's the same thing. You can run 227 00:08:21,280 --> 00:08:23,840 linies to find those loopholes and get 228 00:08:23,840 --> 00:08:27,039 higher privileges on the system uh like 229 00:08:27,039 --> 00:08:30,000 root, right? Which is pretty cool. um 230 00:08:30,000 --> 00:08:32,240 defensive evasion, 231 00:08:32,240 --> 00:08:35,360 credential access, discovery. These are 232 00:08:35,360 --> 00:08:37,039 these are actually new tabs that have 233 00:08:37,039 --> 00:08:39,200 been opened, but most of it you'll still 234 00:08:39,200 --> 00:08:41,279 see the same tools. It's pretty nice. Uh 235 00:08:41,279 --> 00:08:43,200 so the there's a lot of uh tools to go 236 00:08:43,200 --> 00:08:45,760 through. I did say 600, but the you 237 00:08:45,760 --> 00:08:46,880 could just take a look at these main 238 00:08:46,880 --> 00:08:49,360 ones in the category, but they do have 239 00:08:49,360 --> 00:08:52,160 it listed as well. Um if you installed 240 00:08:52,160 --> 00:08:54,240 it, of course. But this is actually a 241 00:08:54,240 --> 00:08:55,920 pre-made virtual machine, so I don't 242 00:08:55,920 --> 00:08:57,760 actually think it has 600 tools built 243 00:08:57,760 --> 00:08:59,279 into it. I think it has the basic 244 00:08:59,279 --> 00:09:01,680 necessities for you to do penetration 245 00:09:01,680 --> 00:09:03,200 testing. And of course, you can install 246 00:09:03,200 --> 00:09:05,600 any other tool later on down the line. 247 00:09:05,600 --> 00:09:06,560 All right, let's go back to our 248 00:09:06,560 --> 00:09:07,839 terminal. Let's see if it's updating. 249 00:09:07,839 --> 00:09:09,680 Okay, it's at 14%. So, I'm going to go 250 00:09:09,680 --> 00:09:12,560 ahead and skip the video. So, let's 251 00:09:12,560 --> 00:09:14,480 continue where we left off. So, it's 252 00:09:14,480 --> 00:09:16,880 done upgrading. That's brilliant. And if 253 00:09:16,880 --> 00:09:18,640 you have done this already, just skip 254 00:09:18,640 --> 00:09:20,320 that. Let's get into the basics. So, 255 00:09:20,320 --> 00:09:22,480 type in clear. So, you can actually 256 00:09:22,480 --> 00:09:24,959 clear your terminal. Uh the shortest way 257 00:09:24,959 --> 00:09:26,480 and the quickest way to do it without 258 00:09:26,480 --> 00:09:29,920 typing clear is actually by holding if 259 00:09:29,920 --> 00:09:32,959 you're on Windows CRL L. If you hold 260 00:09:32,959 --> 00:09:36,160 Ctrl L that clears the the terminal as 261 00:09:36,160 --> 00:09:39,279 well. Uh on I think if you're doing it 262 00:09:39,279 --> 00:09:42,160 on VMware Fusion. So this is on Mac. I 263 00:09:42,160 --> 00:09:44,880 think it's command L. Uh so you could 264 00:09:44,880 --> 00:09:47,200 try and do that and it um but yeah. So 265 00:09:47,200 --> 00:09:48,800 clear also does the same thing. So if 266 00:09:48,800 --> 00:09:50,320 you have bunch of stuff on the screen, 267 00:09:50,320 --> 00:09:51,760 you can just type in clear and it clears 268 00:09:51,760 --> 00:09:54,080 the screen. So you can just do command 269 00:09:54,080 --> 00:09:56,080 sorry not command control L if you're on 270 00:09:56,080 --> 00:09:57,839 Windows. Anyways let's get straight into 271 00:09:57,839 --> 00:10:00,240 it. So um the first thing that we just 272 00:10:00,240 --> 00:10:01,519 did in the beginning was change 273 00:10:01,519 --> 00:10:03,440 directory onto our desktop make a 274 00:10:03,440 --> 00:10:05,440 folder. I'll show you that again. So if 275 00:10:05,440 --> 00:10:08,320 you type in cd do that goes back a 276 00:10:08,320 --> 00:10:10,560 folder. So it goes back a directory. So 277 00:10:10,560 --> 00:10:13,040 this itself is an environment. Uh you 278 00:10:13,040 --> 00:10:15,360 can also navigate into folders as well. 279 00:10:15,360 --> 00:10:18,000 So if I type in ls it means list the 280 00:10:18,000 --> 00:10:20,079 files. So that's what we are doing here. 281 00:10:20,079 --> 00:10:22,480 We are listing the files on the system 282 00:10:22,480 --> 00:10:24,800 and we can see here we listing files. We 283 00:10:24,800 --> 00:10:26,640 can see desktop downloads, pictures, 284 00:10:26,640 --> 00:10:29,200 etc. If we downloaded something, we can 285 00:10:29,200 --> 00:10:30,959 go into the downloads folder by typing 286 00:10:30,959 --> 00:10:34,079 CD downloads. And if we type in ls, 287 00:10:34,079 --> 00:10:36,480 there's nothing in this file. Uh to 288 00:10:36,480 --> 00:10:38,320 actually see hidden files, if you want 289 00:10:38,320 --> 00:10:41,600 to find hidden files, you can type in ls 290 00:10:41,600 --> 00:10:47,200 dash a. So what this will do is it will 291 00:10:47,200 --> 00:10:50,160 find hidden directories. And if you 292 00:10:50,160 --> 00:10:51,360 don't know what hidden directories are, 293 00:10:51,360 --> 00:10:53,120 so let me go ahead and create hidden 294 00:10:53,120 --> 00:10:54,640 directory. Just a hidden directory 295 00:10:54,640 --> 00:10:57,120 called hidden or I just do test. Okay, 296 00:10:57,120 --> 00:10:58,800 that's a hidden directory with the dot 297 00:10:58,800 --> 00:11:00,000 in the beginning. That's how you create 298 00:11:00,000 --> 00:11:03,040 a folder that isn't supposed to be seen. 299 00:11:03,040 --> 00:11:05,120 If I do ls, you can see it's not showing 300 00:11:05,120 --> 00:11:09,360 up. If I do ls- a, you can see there the 301 00:11:09,360 --> 00:11:12,000 folder showed up and I get into it. So 302 00:11:12,000 --> 00:11:14,000 it's pretty nice. So in order to remove 303 00:11:14,000 --> 00:11:16,240 a directory we're going to type remove 304 00:11:16,240 --> 00:11:19,279 and then the name of the the folder and 305 00:11:19,279 --> 00:11:21,600 by that it's going to say can't remove 306 00:11:21,600 --> 00:11:24,079 as a directory. So we can just say you 307 00:11:24,079 --> 00:11:28,560 know what let's do pseudo remove test. 308 00:11:28,560 --> 00:11:30,160 Okay it's still going to say that. Let's 309 00:11:30,160 --> 00:11:34,000 say remove remove fully. So this dash rf 310 00:11:34,000 --> 00:11:37,519 means remove fully test. And we can see 311 00:11:37,519 --> 00:11:40,000 there it just removed it. And if I find 312 00:11:40,000 --> 00:11:42,320 it it's not there. So you can see how 313 00:11:42,320 --> 00:11:44,800 helpful it is to rely on the terminal 314 00:11:44,800 --> 00:11:46,640 emulator to navigate through the system, 315 00:11:46,640 --> 00:11:48,959 create files, move files, delete files, 316 00:11:48,959 --> 00:11:51,920 even run commands, tools, etc. Um, so 317 00:11:51,920 --> 00:11:53,600 you can actually have more than one 318 00:11:53,600 --> 00:11:55,200 terminal 319 00:11:55,200 --> 00:11:57,279 uh window open doing certain things. So 320 00:11:57,279 --> 00:12:00,160 it's pretty cool. So you can do cd. So 321 00:12:00,160 --> 00:12:02,160 let's go back a directory. You can see 322 00:12:02,160 --> 00:12:03,680 this is the home directory where the 323 00:12:03,680 --> 00:12:05,920 users are. If I go all the way back, you 324 00:12:05,920 --> 00:12:08,000 can see this is where all the system 325 00:12:08,000 --> 00:12:11,120 files are, the bootloadader, the kernel, 326 00:12:11,120 --> 00:12:14,320 all the packages installed, etc. Um, so 327 00:12:14,320 --> 00:12:15,839 it's everything's in here as well. Yeah, 328 00:12:15,839 --> 00:12:17,760 but just type in cd to go back to the 329 00:12:17,760 --> 00:12:21,680 main directory of our at this start. And 330 00:12:21,680 --> 00:12:25,519 uh, so let's just take it slow. So ls 331 00:12:25,519 --> 00:12:29,680 that lists the files. mk dur with a file 332 00:12:29,680 --> 00:12:32,639 name or sorry a folder name stands for 333 00:12:32,639 --> 00:12:34,800 make directory so this is going to make 334 00:12:34,800 --> 00:12:36,560 a directory and you can name it whatever 335 00:12:36,560 --> 00:12:38,720 you want literally uh you can name it 336 00:12:38,720 --> 00:12:40,399 whatever you want it doesn't matter so 337 00:12:40,399 --> 00:12:42,079 it's it's just a folder right you can 338 00:12:42,079 --> 00:12:43,440 create a folder to do certain things so 339 00:12:43,440 --> 00:12:44,720 you can say okay I want to work on my 340 00:12:44,720 --> 00:12:46,240 website let's just create a folder to 341 00:12:46,240 --> 00:12:47,839 put my code in or something like that 342 00:12:47,839 --> 00:12:49,600 you know um so you can make a directory 343 00:12:49,600 --> 00:12:52,240 by using the mk command um you can also 344 00:12:52,240 --> 00:12:54,399 remove a directory by typing remove and 345 00:12:54,399 --> 00:12:56,800 then the file name or the folder name to 346 00:12:56,800 --> 00:12:58,560 remove And if that doesn't work, you can 347 00:12:58,560 --> 00:13:01,279 use uh remove fully completely remove it 348 00:13:01,279 --> 00:13:04,399 and with pseudo it will remove. Um the 349 00:13:04,399 --> 00:13:06,720 next thing is so like I showed you 350 00:13:06,720 --> 00:13:09,839 before to see hidden files is ls- a and 351 00:13:09,839 --> 00:13:12,000 you can actually see right away it did 352 00:13:12,000 --> 00:13:14,240 list other directories but it also lists 353 00:13:14,240 --> 00:13:19,360 the files that are hidden. So if I do ls 354 00:13:19,360 --> 00:13:20,800 this is the same directory. If I type in 355 00:13:20,800 --> 00:13:23,360 ls- a you can see all these other files 356 00:13:23,360 --> 00:13:26,000 and folders that pop up which is very 357 00:13:26,000 --> 00:13:28,000 nice. And these aren't supposed to be 358 00:13:28,000 --> 00:13:29,920 changed. This is by default installed 359 00:13:29,920 --> 00:13:32,160 already. Um, but you can actually tweak 360 00:13:32,160 --> 00:13:34,000 it and interact with it. So when you 361 00:13:34,000 --> 00:13:35,600 install tools, it configures with your 362 00:13:35,600 --> 00:13:37,760 bash environment. Um, which is very 363 00:13:37,760 --> 00:13:40,000 nice. But anyways, that's awesome, 364 00:13:40,000 --> 00:13:42,079 right? So let's get back into it. So if 365 00:13:42,079 --> 00:13:43,680 we go to the menu here, we took we took 366 00:13:43,680 --> 00:13:45,839 a look at some tools, right? But we 367 00:13:45,839 --> 00:13:47,360 didn't actually run any of them. So 368 00:13:47,360 --> 00:13:49,360 let's go ahead just play around. So if 369 00:13:49,360 --> 00:13:52,240 we type in end mapap, 370 00:13:52,240 --> 00:13:53,839 okay, what happened? It didn't do 371 00:13:53,839 --> 00:13:56,720 anything. Um so NMAP is just a tool 372 00:13:56,720 --> 00:13:59,519 which allows you to scan like open 373 00:13:59,519 --> 00:14:01,760 services and ports on a network. Um but 374 00:14:01,760 --> 00:14:03,279 you can see here nothing obviously 375 00:14:03,279 --> 00:14:05,120 happened but it's because we need to 376 00:14:05,120 --> 00:14:07,680 supply a address to scan. So if we type 377 00:14:07,680 --> 00:14:11,519 in MAP and then a IP this can be a local 378 00:14:11,519 --> 00:14:14,639 area network IP. So a IP address which 379 00:14:14,639 --> 00:14:16,880 is a computer address or or phone 380 00:14:16,880 --> 00:14:18,560 address on your network that you can 381 00:14:18,560 --> 00:14:20,560 scan. I'm not sure why you would do that 382 00:14:20,560 --> 00:14:22,160 but you could do it to see if there's 383 00:14:22,160 --> 00:14:23,839 any ports that are open. You can even do 384 00:14:23,839 --> 00:14:25,279 this to your router, your modem or 385 00:14:25,279 --> 00:14:26,720 whatever. For now, I'm just going to do 386 00:14:26,720 --> 00:14:28,720 my modem, my router, which is 387 00:14:28,720 --> 00:14:30,880 192.168.1.1. 388 00:14:30,880 --> 00:14:32,959 Uh I don't I I'm not sure what yours is, 389 00:14:32,959 --> 00:14:35,839 but to figure that out, what you can run 390 00:14:35,839 --> 00:14:37,279 is there's this thing called net 391 00:14:37,279 --> 00:14:39,760 discover, which basically stands for 392 00:14:39,760 --> 00:14:42,240 network discover. And you can see, okay, 393 00:14:42,240 --> 00:14:43,760 I need to be root for this. Just type in 394 00:14:43,760 --> 00:14:45,360 pseudo. 395 00:14:45,360 --> 00:14:47,120 And you can see it's going to find other 396 00:14:47,120 --> 00:14:49,600 network devices. So devices connected to 397 00:14:49,600 --> 00:14:52,079 the same network. And uh yours should be 398 00:14:52,079 --> 00:14:53,920 like it should tell you what that is. Um 399 00:14:53,920 --> 00:14:55,680 so you can see here this is my modem. It 400 00:14:55,680 --> 00:14:58,160 actually says there. And uh if I do end 401 00:14:58,160 --> 00:14:59,519 mapap, okay, you know the popular 402 00:14:59,519 --> 00:15:01,760 command ping. So you you you send a ping 403 00:15:01,760 --> 00:15:03,120 request to see if it's up and running. 404 00:15:03,120 --> 00:15:05,440 End mapap basically does this request 405 00:15:05,440 --> 00:15:08,480 where it sends out a like a a request to 406 00:15:08,480 --> 00:15:11,839 see if that service or if that port is 407 00:15:11,839 --> 00:15:14,079 open then bring back that result. So 408 00:15:14,079 --> 00:15:15,600 this is what MAP is doing. So if I do 409 00:15:15,600 --> 00:15:18,399 MAPAP and then supply the address, it's 410 00:15:18,399 --> 00:15:20,079 going to go out and perform the scan to 411 00:15:20,079 --> 00:15:22,480 see if there's any services or open 412 00:15:22,480 --> 00:15:25,360 ports is what it's called to try and 413 00:15:25,360 --> 00:15:28,000 test or probe it further. Um, so the 414 00:15:28,000 --> 00:15:29,519 reason why would we a hacker would do 415 00:15:29,519 --> 00:15:32,959 this is to understand how a system works 416 00:15:32,959 --> 00:15:35,279 so they can find a loophole and 417 00:15:35,279 --> 00:15:37,519 potentially gain access to a vulnerable 418 00:15:37,519 --> 00:15:39,839 piece of software in that service. So 419 00:15:39,839 --> 00:15:41,519 it's kind of like that and end mapap is 420 00:15:41,519 --> 00:15:43,920 very helpful in finding these um open 421 00:15:43,920 --> 00:15:46,160 ports and services because you can see 422 00:15:46,160 --> 00:15:48,000 here right away it just displayed that 423 00:15:48,000 --> 00:15:49,360 information. So what are we looking at? 424 00:15:49,360 --> 00:15:51,040 So we've got the port, we've got the 425 00:15:51,040 --> 00:15:53,199 state of the port. So if it's opened, if 426 00:15:53,199 --> 00:15:55,440 the port's closed or filtered, you can 427 00:15:55,440 --> 00:15:58,160 see here and also the service like what 428 00:15:58,160 --> 00:16:01,040 that port is. So we got port 22 on my 429 00:16:01,040 --> 00:16:04,160 network is SSH. So we got a SSH machine 430 00:16:04,160 --> 00:16:08,240 or a session open. We've got port 53. So 431 00:16:08,240 --> 00:16:10,480 there's the HTTPS website running. 432 00:16:10,480 --> 00:16:12,959 That's why we've got two uh ports here 433 00:16:12,959 --> 00:16:15,199 which are related with HTTPS which means 434 00:16:15,199 --> 00:16:17,519 there's a website running and it's open 435 00:16:17,519 --> 00:16:19,440 which is the modem website which we you 436 00:16:19,440 --> 00:16:22,720 actually log in to uh see devices on 437 00:16:22,720 --> 00:16:24,880 your network. 438 00:16:24,880 --> 00:16:26,720 And also you've got these other ports 439 00:16:26,720 --> 00:16:28,240 here. I mean we've got this port here 440 00:16:28,240 --> 00:16:29,759 which is unknown which I don't know what 441 00:16:29,759 --> 00:16:31,120 that is. We could take a look at that a 442 00:16:31,120 --> 00:16:32,320 little bit further. But this is not 443 00:16:32,320 --> 00:16:34,959 really necessarily um anything serious, 444 00:16:34,959 --> 00:16:37,040 but it's pretty cool to play around with 445 00:16:37,040 --> 00:16:39,279 a tool like MAP. I know how how basic it 446 00:16:39,279 --> 00:16:41,040 sounds, but it's really cool because you 447 00:16:41,040 --> 00:16:42,639 could do certain things with it. Um 448 00:16:42,639 --> 00:16:44,079 there's certain like commands and 449 00:16:44,079 --> 00:16:47,440 parameters that you can add to the uh 450 00:16:47,440 --> 00:16:50,399 like inmap tool to perform a in-depth 451 00:16:50,399 --> 00:16:53,040 scan. Uh these are just basic defaults. 452 00:16:53,040 --> 00:16:55,920 But if you type in mm map-h what this 453 00:16:55,920 --> 00:16:58,320 will do is you can actually see all 454 00:16:58,320 --> 00:17:00,079 these parameters that you can actually 455 00:17:00,079 --> 00:17:02,320 run with the tool in map that performs a 456 00:17:02,320 --> 00:17:04,480 certain outcome which is also very nice. 457 00:17:04,480 --> 00:17:05,919 But this is something we can take a look 458 00:17:05,919 --> 00:17:07,760 at in another popular tool that I 459 00:17:07,760 --> 00:17:10,000 usually use or ethical hackers would use 460 00:17:10,000 --> 00:17:12,400 strictly like website penetration 461 00:17:12,400 --> 00:17:16,240 testers is a tool called what web. Now 462 00:17:16,240 --> 00:17:18,559 this isn't like a dangerous tool or 463 00:17:18,559 --> 00:17:20,400 anything. All this does, it just visits 464 00:17:20,400 --> 00:17:22,559 a website and then grabs information 465 00:17:22,559 --> 00:17:24,400 about the website in the headers. 466 00:17:24,400 --> 00:17:25,760 Essentially, what what that would 467 00:17:25,760 --> 00:17:27,600 include is is like what the website's 468 00:17:27,600 --> 00:17:29,520 made in. If I do my website, if I do 469 00:17:29,520 --> 00:17:31,840 declan.com, it's going to go ahead and 470 00:17:31,840 --> 00:17:34,080 it's going to banner grab or grab that 471 00:17:34,080 --> 00:17:36,480 information from my website like uh what 472 00:17:36,480 --> 00:17:38,160 is the website running on, what is it 473 00:17:38,160 --> 00:17:41,520 using, where's it being hosted, um you 474 00:17:41,520 --> 00:17:43,280 know, all that information. So, you can 475 00:17:43,280 --> 00:17:45,360 see here this is this is my thing. Uh, 476 00:17:45,360 --> 00:17:47,440 by the way, this is if you see this 477 00:17:47,440 --> 00:17:50,640 here, like this IP, this isn't my IP. 478 00:17:50,640 --> 00:17:52,160 This is actually where my website is 479 00:17:52,160 --> 00:17:54,240 hosted. So, if you if you know someone 480 00:17:54,240 --> 00:17:56,160 does something silly to this IP address, 481 00:17:56,160 --> 00:17:58,320 uh, you will be in trouble. Not by me, 482 00:17:58,320 --> 00:18:00,320 by the company of Versel. It's just to 483 00:18:00,320 --> 00:18:02,000 give you another perspective on what you 484 00:18:02,000 --> 00:18:04,240 can do with what web. Uh, what web isn't 485 00:18:04,240 --> 00:18:06,559 supposed to identify an IP address. It's 486 00:18:06,559 --> 00:18:09,360 just to form that request to see what 487 00:18:09,360 --> 00:18:11,039 the website's using. So, you can see 488 00:18:11,039 --> 00:18:12,960 here I'm using Versel to host my 489 00:18:12,960 --> 00:18:14,960 website. Now you can also if you were 490 00:18:14,960 --> 00:18:17,039 like a malicious actor you could just go 491 00:18:17,039 --> 00:18:19,120 on Google search up a vulnerable piece 492 00:18:19,120 --> 00:18:20,640 of software or something related to 493 00:18:20,640 --> 00:18:23,280 Versel which I doubt anyways that's kind 494 00:18:23,280 --> 00:18:24,880 of what you would do is identify that 495 00:18:24,880 --> 00:18:26,480 information and then go ahead and do 496 00:18:26,480 --> 00:18:28,160 your research to find if there's any 497 00:18:28,160 --> 00:18:30,320 vulnerable pieces of versions of that 498 00:18:30,320 --> 00:18:32,400 software with the information that you 499 00:18:32,400 --> 00:18:34,320 have to then potentially run against the 500 00:18:34,320 --> 00:18:35,919 target or run against something's 501 00:18:35,919 --> 00:18:38,160 vulnerable. It's just something to keep 502 00:18:38,160 --> 00:18:40,799 in mind of what web basically stands for 503 00:18:40,799 --> 00:18:44,080 what web technologies like what website 504 00:18:44,080 --> 00:18:46,559 what is the website running and what are 505 00:18:46,559 --> 00:18:47,919 we taking a look at. So that's why it's 506 00:18:47,919 --> 00:18:50,240 called what web and uh it's very nice. 507 00:18:50,240 --> 00:18:52,240 It's very nice. So another common tool 508 00:18:52,240 --> 00:18:54,000 that hackers would use or ethical 509 00:18:54,000 --> 00:18:56,080 hackers would use is a tool called 510 00:18:56,080 --> 00:18:58,799 metas-loit. This is a framework that has 511 00:18:58,799 --> 00:19:02,559 a lot of like modules and exploitation 512 00:19:02,559 --> 00:19:04,559 scripts just a lot of like code 513 00:19:04,559 --> 00:19:07,440 pre-written code for vulnerable versions 514 00:19:07,440 --> 00:19:10,160 of software programs like I was just 515 00:19:10,160 --> 00:19:12,240 speaking about before. So in order to 516 00:19:12,240 --> 00:19:14,720 run this framework we can type in MSF 517 00:19:14,720 --> 00:19:16,480 console which is actually the 518 00:19:16,480 --> 00:19:18,400 metas-ploit framework console which we 519 00:19:18,400 --> 00:19:20,720 can actually run in our terminal to use 520 00:19:20,720 --> 00:19:23,360 metas-ploit. Um, so Metas-ploit just 521 00:19:23,360 --> 00:19:26,720 basically it's just a tool that has, as 522 00:19:26,720 --> 00:19:29,679 you can see here, 2529 523 00:19:29,679 --> 00:19:30,640 exports. And you're probably thinking, 524 00:19:30,640 --> 00:19:32,880 "Wow, what could you do with that?" Um, 525 00:19:32,880 --> 00:19:34,320 there's a lot of stuff here that you can 526 00:19:34,320 --> 00:19:36,880 take a look at, but it's actually just a 527 00:19:36,880 --> 00:19:39,440 huge library. So, think of like this. 528 00:19:39,440 --> 00:19:42,240 It's like a huge library of like 529 00:19:42,240 --> 00:19:46,799 payloads, exploits, scanners to test 530 00:19:46,799 --> 00:19:50,640 certain versions of systems. That's kind 531 00:19:50,640 --> 00:19:52,720 of what this is. So, let's say I had 532 00:19:52,720 --> 00:19:55,760 like an old version of 533 00:19:55,760 --> 00:19:59,440 uh like SSH or something. You can type 534 00:19:59,440 --> 00:20:03,679 in search SSH like login or whatever. 535 00:20:03,679 --> 00:20:07,280 And you can see right away as I typed in 536 00:20:07,280 --> 00:20:08,559 search, this is built into the 537 00:20:08,559 --> 00:20:10,480 framework. If I type that again, you can 538 00:20:10,480 --> 00:20:12,720 see here I can use different modules, 539 00:20:12,720 --> 00:20:15,120 exploitation modules or even auxiliary 540 00:20:15,120 --> 00:20:16,799 modules, which basically means testing. 541 00:20:16,799 --> 00:20:19,440 It's not actually attacking it any in 542 00:20:19,440 --> 00:20:22,320 any way. So auxiliary modules just tests 543 00:20:22,320 --> 00:20:23,760 it. Uh so I can actually use these 544 00:20:23,760 --> 00:20:26,080 modules which is just pre-written code 545 00:20:26,080 --> 00:20:28,159 to run against the target to perform 546 00:20:28,159 --> 00:20:30,799 something specific like login or testing 547 00:20:30,799 --> 00:20:33,120 the login or maybe like testing 548 00:20:33,120 --> 00:20:34,480 something like this. Look auxiliary 549 00:20:34,480 --> 00:20:36,960 scanner SSH login. So can we try to log 550 00:20:36,960 --> 00:20:39,919 into the version of SSH? Um SSH is just 551 00:20:39,919 --> 00:20:41,919 like another network tool that allows 552 00:20:41,919 --> 00:20:44,400 you to log in and share files and have 553 00:20:44,400 --> 00:20:46,080 remote access to something. Right? Let's 554 00:20:46,080 --> 00:20:48,400 say I had like an old version of Apache 555 00:20:48,400 --> 00:20:53,280 2 or sorry not Apache 2 just Apache. 556 00:20:53,280 --> 00:20:56,240 So Apache Tomcat like that's a good one. 557 00:20:56,240 --> 00:20:59,440 So like if I search Apache 558 00:20:59,440 --> 00:21:02,240 uh Tomcat 559 00:21:02,240 --> 00:21:04,240 we can see here everything to do with 560 00:21:04,240 --> 00:21:07,520 Apache Tomcat. So over the years 561 00:21:07,520 --> 00:21:09,600 Metas-boy is you know always being 562 00:21:09,600 --> 00:21:11,200 developed. I mean look at this one here 563 00:21:11,200 --> 00:21:13,600 2025. This is very recent and it's an 564 00:21:13,600 --> 00:21:15,840 excellent exploitation module against 565 00:21:15,840 --> 00:21:17,520 Tomcat. So, this is actually quite 566 00:21:17,520 --> 00:21:19,520 recent, but it's always being added on. 567 00:21:19,520 --> 00:21:21,679 It's always been updated because it's a 568 00:21:21,679 --> 00:21:23,679 very handy framework to just get that 569 00:21:23,679 --> 00:21:25,440 testing going to just quickly gain 570 00:21:25,440 --> 00:21:27,840 access or to enumerate further as a 571 00:21:27,840 --> 00:21:29,840 penetration tester to see if the system 572 00:21:29,840 --> 00:21:33,039 is you know flawed or flawless and you 573 00:21:33,039 --> 00:21:34,559 know we proceed with something else 574 00:21:34,559 --> 00:21:36,559 right. So, metas-ploit framework is very 575 00:21:36,559 --> 00:21:38,400 handy in that sense. It's really great 576 00:21:38,400 --> 00:21:41,919 to test systems and test even networks 577 00:21:41,919 --> 00:21:44,320 and old versions of software because you 578 00:21:44,320 --> 00:21:46,320 might just gain access or even better 579 00:21:46,320 --> 00:21:48,480 you might have shell access and then you 580 00:21:48,480 --> 00:21:49,760 could do what we spoke about in the 581 00:21:49,760 --> 00:21:51,440 beginning privilege escalation which is 582 00:21:51,440 --> 00:21:53,840 a major vulnerability in system. So 583 00:21:53,840 --> 00:21:55,600 metas-loit is great. I use it all the 584 00:21:55,600 --> 00:21:57,440 time when I do hack the box retired 585 00:21:57,440 --> 00:21:59,360 machines. It's really good to get your 586 00:21:59,360 --> 00:22:02,320 hands uh on this framework and get good 587 00:22:02,320 --> 00:22:04,480 with it. It's amazing. I think the last 588 00:22:04,480 --> 00:22:05,919 the last thing that I want to talk about 589 00:22:05,919 --> 00:22:07,520 is a thing called search exploit. So 590 00:22:07,520 --> 00:22:09,840 metas-ploit framework has this connected 591 00:22:09,840 --> 00:22:11,919 to what's called a search exploit 592 00:22:11,919 --> 00:22:13,360 website. So there's a website that you 593 00:22:13,360 --> 00:22:14,720 can actually go to. So if I open up my 594 00:22:14,720 --> 00:22:17,280 Firefox browser here, there's actually a 595 00:22:17,280 --> 00:22:18,799 website and it should be bookmarked 596 00:22:18,799 --> 00:22:21,200 here. Okay, it's actually not but it's 597 00:22:21,200 --> 00:22:23,440 called search exploit. So or it's also 598 00:22:23,440 --> 00:22:26,000 called exploitd. So if I go to 599 00:22:26,000 --> 00:22:27,520 exploitdb.com, 600 00:22:27,520 --> 00:22:29,280 it's just like a manual. It's just like 601 00:22:29,280 --> 00:22:31,840 a a website where you can see uh the 602 00:22:31,840 --> 00:22:33,840 latest exploits or people who uploaded 603 00:22:33,840 --> 00:22:37,039 exploits um to test a system, right? Or 604 00:22:37,039 --> 00:22:40,240 website or a vulnerability on a service, 605 00:22:40,240 --> 00:22:41,520 right? But you don't have to go to the 606 00:22:41,520 --> 00:22:42,960 website. You can actually just type in 607 00:22:42,960 --> 00:22:44,480 search exploit on your terminal. For 608 00:22:44,480 --> 00:22:46,000 example, let's do what we did with 609 00:22:46,000 --> 00:22:47,919 metas. So if I do search exploit, let's 610 00:22:47,919 --> 00:22:51,919 search for an exploit related to Tomcat. 611 00:22:51,919 --> 00:22:54,080 Right? Right away, it does the same 612 00:22:54,080 --> 00:22:55,840 thing. Right? So if something's not 613 00:22:55,840 --> 00:22:57,360 already in metas-loit, you can just use 614 00:22:57,360 --> 00:22:58,880 search boy to find that version of 615 00:22:58,880 --> 00:23:00,240 software. So let's say it had a 616 00:23:00,240 --> 00:23:02,240 particular version here that you could 617 00:23:02,240 --> 00:23:04,880 you know test or run the exploit would 618 00:23:04,880 --> 00:23:06,559 be in one of these files. Now these are 619 00:23:06,559 --> 00:23:08,799 text files but you would get something 620 00:23:08,799 --> 00:23:11,200 like this. So denial of service 621 00:23:11,200 --> 00:23:12,720 obviously don't suggest that don't want 622 00:23:12,720 --> 00:23:15,760 to do that but there's like Python sorry 623 00:23:15,760 --> 00:23:18,640 yeah Python files Ruby files here. So 624 00:23:18,640 --> 00:23:22,000 you gotpy Ruby you've got Pearl scripts 625 00:23:22,000 --> 00:23:23,919 here as well. Let's try and do something 626 00:23:23,919 --> 00:23:26,720 like PHP 627 00:23:26,720 --> 00:23:28,559 upload vulnerability or something like 628 00:23:28,559 --> 00:23:31,280 that. So we can do arbitrary. So for 629 00:23:31,280 --> 00:23:34,080 this version of software here called ZOM 630 00:23:34,080 --> 00:23:37,520 ZOM plugg 3.8 uh we can do arbitrary 631 00:23:37,520 --> 00:23:39,679 file upload. So this is just a service 632 00:23:39,679 --> 00:23:42,720 that we can perform a like upload our 633 00:23:42,720 --> 00:23:45,200 files to. Uh we've got the exploit here. 634 00:23:45,200 --> 00:23:47,440 So this is just a PHP reverse shell 635 00:23:47,440 --> 00:23:49,360 which means we can gain access to the 636 00:23:49,360 --> 00:23:51,360 server. Um, so you can see here there's 637 00:23:51,360 --> 00:23:54,080 a lot of like exploits that we could use 638 00:23:54,080 --> 00:23:56,320 even with WordPress and all types of 639 00:23:56,320 --> 00:23:58,799 software, right? So I mean you've got 640 00:23:58,799 --> 00:24:01,360 this script here. So this this ID number 641 00:24:01,360 --> 00:24:03,120 here is to do with Python. So we could 642 00:24:03,120 --> 00:24:06,080 run this Python script to perform this 643 00:24:06,080 --> 00:24:08,400 file upload vulnerability, right? So to 644 00:24:08,400 --> 00:24:11,919 actually find or locate or even get this 645 00:24:11,919 --> 00:24:14,000 script like to even use it, you can 646 00:24:14,000 --> 00:24:16,159 actually just copy this location of the 647 00:24:16,159 --> 00:24:18,240 script here. So go ahead and copy that. 648 00:24:18,240 --> 00:24:20,320 So we can just go ahead and copy this 649 00:24:20,320 --> 00:24:23,120 path name, not like the Python file. But 650 00:24:23,120 --> 00:24:24,880 what we can do is let's just do the 651 00:24:24,880 --> 00:24:26,880 exact same thing again and it will still 652 00:24:26,880 --> 00:24:28,799 do that. But you can see here the path 653 00:24:28,799 --> 00:24:30,320 is here. So we can just go ahead and 654 00:24:30,320 --> 00:24:33,039 just type in copy the path name. And 655 00:24:33,039 --> 00:24:34,400 then we could just rename it to 656 00:24:34,400 --> 00:24:36,640 exploit.py at the end of the file name. 657 00:24:36,640 --> 00:24:39,120 We just can call it exploit.py related 658 00:24:39,120 --> 00:24:40,559 to that service. And now if I type in 659 00:24:40,559 --> 00:24:41,840 ls, you can actually see here the 660 00:24:41,840 --> 00:24:43,760 exploits on my desktop. So you can see 661 00:24:43,760 --> 00:24:45,840 there there's the exploit. But we can 662 00:24:45,840 --> 00:24:47,840 actually go ahead and actually read this 663 00:24:47,840 --> 00:24:50,720 exploit by let's just type in nano. So 664 00:24:50,720 --> 00:24:52,559 nano is where you can actually see and 665 00:24:52,559 --> 00:24:54,960 edit files in on your terminal. So type 666 00:24:54,960 --> 00:24:57,279 in exploit.py and we can actually read 667 00:24:57,279 --> 00:25:00,000 everything to do with this exploit and 668 00:25:00,000 --> 00:25:01,679 this vulnerability. So this is all the 669 00:25:01,679 --> 00:25:04,240 code that makes it work so that we could 670 00:25:04,240 --> 00:25:06,480 gain access to the server. So it's just 671 00:25:06,480 --> 00:25:09,120 like a a nice helpful way to navigate 672 00:25:09,120 --> 00:25:11,600 and just quickly get that exploit 673 00:25:11,600 --> 00:25:13,840 running just to test the system so that 674 00:25:13,840 --> 00:25:16,080 we can provide further information. I 675 00:25:16,080 --> 00:25:18,480 forgot to mention one more thing is that 676 00:25:18,480 --> 00:25:21,039 this operating system is running what's 677 00:25:21,039 --> 00:25:23,520 called DBN Linux 678 00:25:23,520 --> 00:25:25,679 which is highly customizable and this 679 00:25:25,679 --> 00:25:28,159 Linux environment is called XFCE which 680 00:25:28,159 --> 00:25:31,520 is a lightweight version for Ki Linux as 681 00:25:31,520 --> 00:25:34,480 a Linux dro. Anyways, 682 00:25:34,480 --> 00:25:36,000 another handy thing that you can do is 683 00:25:36,000 --> 00:25:38,799 when you open up the terminal and let's 684 00:25:38,799 --> 00:25:41,120 say you want to see what your IP address 685 00:25:41,120 --> 00:25:44,400 is on your Linux machine, you can type 686 00:25:44,400 --> 00:25:46,880 in if config and essentially this 687 00:25:46,880 --> 00:25:49,919 command on Linux will give you the 688 00:25:49,919 --> 00:25:53,440 information needed to understand what is 689 00:25:53,440 --> 00:25:57,279 your IP address for your system. 690 00:25:57,279 --> 00:25:59,840 So if I come up here, you can see I have 691 00:25:59,840 --> 00:26:01,919 Ethernet zero and you can see this 692 00:26:01,919 --> 00:26:06,720 address here is my IP address for my 693 00:26:06,720 --> 00:26:09,600 local computer on my network. So this is 694 00:26:09,600 --> 00:26:13,679 just only LAN local area network IP 695 00:26:13,679 --> 00:26:15,679 address. So this is just the network 696 00:26:15,679 --> 00:26:18,720 your computer IP on your main network. 697 00:26:18,720 --> 00:26:23,039 So yours might say WLAN or WLAN0. 698 00:26:23,039 --> 00:26:25,279 Mine says ETH0. And then this would be 699 00:26:25,279 --> 00:26:27,679 your IP address for your machine. So 700 00:26:27,679 --> 00:26:29,919 let's learn a little bit of like system 701 00:26:29,919 --> 00:26:31,440 commands here because you're going to be 702 00:26:31,440 --> 00:26:33,200 doing this when you do hack the box and 703 00:26:33,200 --> 00:26:34,799 all that type of stuff. So I'm just 704 00:26:34,799 --> 00:26:36,400 going to go through some basic commands 705 00:26:36,400 --> 00:26:38,559 that you can take note of. Um we can 706 00:26:38,559 --> 00:26:41,919 type in unname a and essentially this 707 00:26:41,919 --> 00:26:44,400 will just pull information already from 708 00:26:44,400 --> 00:26:47,440 your system from the color Linux machine 709 00:26:47,440 --> 00:26:49,039 uh about what the operating system is 710 00:26:49,039 --> 00:26:51,039 running. Um so if you did this on a 711 00:26:51,039 --> 00:26:52,480 different Linux distribution it will 712 00:26:52,480 --> 00:26:54,480 pull something else. Um, but it's just 713 00:26:54,480 --> 00:26:56,080 good to bring in that information 714 00:26:56,080 --> 00:26:57,840 because let's say I had access to a 715 00:26:57,840 --> 00:27:00,320 machine, a Linux machine specifically, 716 00:27:00,320 --> 00:27:03,039 and I did unname a it would tell me what 717 00:27:03,039 --> 00:27:05,440 that is. So I could just further 718 00:27:05,440 --> 00:27:07,760 identify more system information. 719 00:27:07,760 --> 00:27:09,520 Another good thing is to run a command 720 00:27:09,520 --> 00:27:13,279 called top. This basically just shows 721 00:27:13,279 --> 00:27:16,320 real time system processes. So think 722 00:27:16,320 --> 00:27:19,520 like task manager on Windows. This is 723 00:27:19,520 --> 00:27:22,559 like that but for Linux. And we can see 724 00:27:22,559 --> 00:27:26,400 uh the P ID, the process ID of the 725 00:27:26,400 --> 00:27:28,240 current program that is open. Um so 726 00:27:28,240 --> 00:27:31,039 we've got basically the root user 727 00:27:31,039 --> 00:27:32,640 running uh in the background here. So we 728 00:27:32,640 --> 00:27:34,480 got the user Ki and then we got the user 729 00:27:34,480 --> 00:27:37,279 root on this session. Uh you can also 730 00:27:37,279 --> 00:27:39,520 see like what is this command associated 731 00:27:39,520 --> 00:27:41,200 with. So this is the terminal. Our 732 00:27:41,200 --> 00:27:44,080 default user Ki Linux user is using 733 00:27:44,080 --> 00:27:46,159 that. Um so you can just press Ctrl C to 734 00:27:46,159 --> 00:27:47,919 go out of it. Um let's actually become a 735 00:27:47,919 --> 00:27:49,360 root user. So the way that you do that 736 00:27:49,360 --> 00:27:53,120 is you by typing pseudo sue just like 737 00:27:53,120 --> 00:27:56,799 that. And by the way pseudo stands for 738 00:27:56,799 --> 00:27:59,919 super user do. So that's why you what 739 00:27:59,919 --> 00:28:01,840 why you type in pseudo when you want to 740 00:28:01,840 --> 00:28:04,720 run a command that needs root uh access 741 00:28:04,720 --> 00:28:06,559 because it prevents you from running 742 00:28:06,559 --> 00:28:09,520 root programs that is not installed on 743 00:28:09,520 --> 00:28:11,919 your system or not. So when you run 744 00:28:11,919 --> 00:28:14,000 pseudo it's running it with root 745 00:28:14,000 --> 00:28:17,600 privileges. So super user which is root 746 00:28:17,600 --> 00:28:20,080 and then do. So that's what pseudo 747 00:28:20,080 --> 00:28:22,559 stands for. Super user do and then so 748 00:28:22,559 --> 00:28:24,080 what we're saying here is we're saying 749 00:28:24,080 --> 00:28:27,200 super user do become super user. Sounds 750 00:28:27,200 --> 00:28:29,200 a little bit weird but that's how it is. 751 00:28:29,200 --> 00:28:31,039 We just it's just pseudo sue. You just 752 00:28:31,039 --> 00:28:33,440 become root and then you're good to go. 753 00:28:33,440 --> 00:28:35,360 And uh you can see we are the root user. 754 00:28:35,360 --> 00:28:37,200 So if we actually delete files and 755 00:28:37,200 --> 00:28:39,600 upload files etc. we delete files, move 756 00:28:39,600 --> 00:28:41,679 files, copy files around the system. 757 00:28:41,679 --> 00:28:43,279 Let's actually check another one. So 758 00:28:43,279 --> 00:28:44,720 let's see if this is installed. So this 759 00:28:44,720 --> 00:28:46,080 is not installed. We can actually go 760 00:28:46,080 --> 00:28:47,520 ahead and install it. So if you type 761 00:28:47,520 --> 00:28:49,440 that and just press Y, it's going to go 762 00:28:49,440 --> 00:28:52,000 ahead and install this command. Uh if 763 00:28:52,000 --> 00:28:53,520 it's installed by default, that's great. 764 00:28:53,520 --> 00:28:54,880 You can just run it. But essentially 765 00:28:54,880 --> 00:28:56,640 HTTOP 766 00:28:56,640 --> 00:28:59,360 is basically what we did before with 767 00:28:59,360 --> 00:29:02,960 top. HTOP is a improved process monitor, 768 00:29:02,960 --> 00:29:05,520 right? So it's exactly like top where we 769 00:29:05,520 --> 00:29:07,919 can see real-time processes, but HTOP 770 00:29:07,919 --> 00:29:10,399 gives you like more of a visualized, you 771 00:29:10,399 --> 00:29:12,480 know, just with colors essentially. like 772 00:29:12,480 --> 00:29:14,240 it just makes it more readable instead 773 00:29:14,240 --> 00:29:16,000 of just looking at white text. The 774 00:29:16,000 --> 00:29:17,279 really cool thing about it is that you 775 00:29:17,279 --> 00:29:20,320 can sort through it um and just copy it 776 00:29:20,320 --> 00:29:23,360 and copy note of it which is very nice. 777 00:29:23,360 --> 00:29:26,159 Uh let's type in free-m 778 00:29:26,159 --> 00:29:28,640 is basically memory that's being used 779 00:29:28,640 --> 00:29:30,320 right now. It's just memory usage 780 00:29:30,320 --> 00:29:31,440 really. That's all that is. There's 781 00:29:31,440 --> 00:29:32,799 nothing too much to it. You can type in 782 00:29:32,799 --> 00:29:34,720 uptime. So there's another Linux 783 00:29:34,720 --> 00:29:36,159 command. If you type in uptime, you can 784 00:29:36,159 --> 00:29:37,760 just see which user has been running for 785 00:29:37,760 --> 00:29:41,720 a certain period of time. 786 00:29:42,159 --> 00:29:43,840 Okay, great. So, we learned a little bit 787 00:29:43,840 --> 00:29:47,120 of some system commands on Linux. Let's 788 00:29:47,120 --> 00:29:48,960 take a look at more networking commands. 789 00:29:48,960 --> 00:29:53,240 So, I showed you fconfig. 790 00:29:53,440 --> 00:29:57,120 So, that's fconfig. We can also do IPA, 791 00:29:57,120 --> 00:29:59,039 which is basically what I showed you 792 00:29:59,039 --> 00:30:02,240 before. We we can identify our host 793 00:30:02,240 --> 00:30:03,840 address on a network. So, you can see 794 00:30:03,840 --> 00:30:05,600 that this is our address. And if you 795 00:30:05,600 --> 00:30:06,480 scroll up here, there's more 796 00:30:06,480 --> 00:30:08,960 information. But that is another great 797 00:30:08,960 --> 00:30:11,679 way to kind of type less instead of 798 00:30:11,679 --> 00:30:13,760 doing that. So you just type in IPA 799 00:30:13,760 --> 00:30:16,399 which is great. Um if config same thing 800 00:30:16,399 --> 00:30:19,440 ping. So ping is just a tool a built-in 801 00:30:19,440 --> 00:30:23,679 command line utility tool to test a 802 00:30:23,679 --> 00:30:26,799 address. So if I was to test my router 803 00:30:26,799 --> 00:30:29,679 on my network, the router, the modem 804 00:30:29,679 --> 00:30:31,360 that gives me access to the internet. If 805 00:30:31,360 --> 00:30:34,320 I just ping it, it just sends request to 806 00:30:34,320 --> 00:30:36,799 the router and then it brings back the 807 00:30:36,799 --> 00:30:39,360 request saying it is up and running. So 808 00:30:39,360 --> 00:30:42,480 if let's say that a server was down or a 809 00:30:42,480 --> 00:30:44,720 website IP address was down and you try 810 00:30:44,720 --> 00:30:46,799 to ping it and then it wasn't pinging, 811 00:30:46,799 --> 00:30:48,320 right? It sent requests but it wasn't 812 00:30:48,320 --> 00:30:49,600 receiving anything that's why it says 813 00:30:49,600 --> 00:30:51,760 unreachable then that means it's down. 814 00:30:51,760 --> 00:30:54,640 Ping is a great utility tool to identify 815 00:30:54,640 --> 00:30:59,600 if a network is stable or not. 816 00:30:59,600 --> 00:31:03,440 Another great Linux command is netstat 817 00:31:03,440 --> 00:31:07,120 which basically just shows open 818 00:31:07,120 --> 00:31:09,600 information like open ports on your 819 00:31:09,600 --> 00:31:12,320 system as well. Um but to specifically 820 00:31:12,320 --> 00:31:14,720 filter this out we can type in net stat. 821 00:31:14,720 --> 00:31:16,880 So go ahead and type in netstat and type 822 00:31:16,880 --> 00:31:19,520 in tn 823 00:31:19,520 --> 00:31:22,399 tulin like this. So this can actually 824 00:31:22,399 --> 00:31:24,080 just show you like which ports are 825 00:31:24,080 --> 00:31:26,480 specifically open. So we've got UDP 826 00:31:26,480 --> 00:31:28,159 ports here, but there's not actually 827 00:31:28,159 --> 00:31:31,360 anything running right now as as active 828 00:31:31,360 --> 00:31:32,880 connection. So there's nothing on here. 829 00:31:32,880 --> 00:31:35,840 Another great one is called trace route. 830 00:31:35,840 --> 00:31:37,120 So if you don't know what trace route 831 00:31:37,120 --> 00:31:39,600 is, so trace route just identifies that 832 00:31:39,600 --> 00:31:42,320 specific route to that host. So it just 833 00:31:42,320 --> 00:31:44,320 bounces. It hops to that host until it 834 00:31:44,320 --> 00:31:46,159 gets to the first address. Right? So 835 00:31:46,159 --> 00:31:49,840 let's say we do trace route declan.com. 836 00:31:49,840 --> 00:31:53,120 Right? It goes from our address, but it 837 00:31:53,120 --> 00:31:55,919 actually does a hop to go back to the 838 00:31:55,919 --> 00:31:58,399 original address. It just shows each 839 00:31:58,399 --> 00:32:01,200 hop. So, it like hops. It's like, okay, 840 00:32:01,200 --> 00:32:02,320 checking this route, checking this 841 00:32:02,320 --> 00:32:03,760 route, checking this route till we get 842 00:32:03,760 --> 00:32:06,240 to the main address that may leak info 843 00:32:06,240 --> 00:32:08,720 about it, like ISP, hosting provider, 844 00:32:08,720 --> 00:32:11,600 the location of the data center, um, or 845 00:32:11,600 --> 00:32:13,440 network segmentation or something like 846 00:32:13,440 --> 00:32:17,600 that. It's just finding and discovering 847 00:32:17,600 --> 00:32:19,200 devices, right? called 848 00:32:19,200 --> 00:32:21,039 misisconfigurations. It's it's another 849 00:32:21,039 --> 00:32:23,600 thing that you could use trace route to 850 00:32:23,600 --> 00:32:27,279 show each hop or router or gateway 851 00:32:27,279 --> 00:32:30,399 between the um attacker or the 852 00:32:30,399 --> 00:32:32,720 investigator and the target. So this 853 00:32:32,720 --> 00:32:35,039 will basically reveal how data travels 854 00:32:35,039 --> 00:32:37,600 across the internet or local networks 855 00:32:37,600 --> 00:32:39,840 which helps understand the structure of 856 00:32:39,840 --> 00:32:42,080 the target network and potential access 857 00:32:42,080 --> 00:32:43,840 points. So that's what you would use 858 00:32:43,840 --> 00:32:46,240 trace route for. But this isn't anything 859 00:32:46,240 --> 00:32:48,559 malicious. It's just bunny hopping. It's 860 00:32:48,559 --> 00:32:51,760 just hopping uh on different network 861 00:32:51,760 --> 00:32:55,120 requests. So, it's just to investigate 862 00:32:55,120 --> 00:32:57,200 more information about like where's the 863 00:32:57,200 --> 00:33:00,720 main address located. Um like uncovering 864 00:33:00,720 --> 00:33:02,799 those details. That's all that is. So, 865 00:33:02,799 --> 00:33:04,559 we took a look at networking commands. 866 00:33:04,559 --> 00:33:08,960 Now, let's focus on some process and 867 00:33:08,960 --> 00:33:12,880 service management commands on Linux. So 868 00:33:12,880 --> 00:33:14,640 like I showed you before about showing 869 00:33:14,640 --> 00:33:18,559 you know processes we could do ps uh aux 870 00:33:18,559 --> 00:33:20,799 which will list the current processes 871 00:33:20,799 --> 00:33:22,559 running on the system. So we don't 872 00:33:22,559 --> 00:33:24,480 actually have to look at that 873 00:33:24,480 --> 00:33:27,039 specifically. But if I was to like open 874 00:33:27,039 --> 00:33:29,360 up firefox. So let me just open up 875 00:33:29,360 --> 00:33:31,039 firefox. So Firefox is running. If I go 876 00:33:31,039 --> 00:33:34,159 back and type in ps aux you can actually 877 00:33:34,159 --> 00:33:36,159 come up here and actually see firefox 878 00:33:36,159 --> 00:33:37,919 running. So you can actually see the 879 00:33:37,919 --> 00:33:40,159 specific session of Firefox that's 880 00:33:40,159 --> 00:33:42,000 running on the system. So if I come down 881 00:33:42,000 --> 00:33:44,000 here um there should be so these were 882 00:33:44,000 --> 00:33:46,399 the commands that I was running prior 883 00:33:46,399 --> 00:33:48,080 but there needs to be okay here we go. 884 00:33:48,080 --> 00:33:49,919 So you can you can see there I'm running 885 00:33:49,919 --> 00:33:51,519 Firefox and you can actually see the 886 00:33:51,519 --> 00:33:54,480 associated um browser. So this is the 887 00:33:54,480 --> 00:33:57,360 one here. So this is the P. So the P is 888 00:33:57,360 --> 00:33:59,039 this and we can actually go ahead and 889 00:33:59,039 --> 00:34:01,679 destroy this session by typing in the 890 00:34:01,679 --> 00:34:04,000 Linux command called kill. So this will 891 00:34:04,000 --> 00:34:05,519 just go ahead and just destroy that 892 00:34:05,519 --> 00:34:08,240 session by just closing that P ID. So if 893 00:34:08,240 --> 00:34:10,560 I do if I copy that P ID and I paste it 894 00:34:10,560 --> 00:34:12,399 in, you can see there the browser's 895 00:34:12,399 --> 00:34:14,399 gone. So if I do that again, if I open 896 00:34:14,399 --> 00:34:16,879 up the browser 897 00:34:16,879 --> 00:34:19,919 and then if I find that it would still 898 00:34:19,919 --> 00:34:21,839 be here. So you can see if I come to the 899 00:34:21,839 --> 00:34:24,879 latest, this is the processor that has 900 00:34:24,879 --> 00:34:27,520 opened for that particular browser. And 901 00:34:27,520 --> 00:34:29,119 if I go here, I can actually destroy 902 00:34:29,119 --> 00:34:31,200 that process by typing in kill and then 903 00:34:31,200 --> 00:34:33,919 the process ID that spawned. And there 904 00:34:33,919 --> 00:34:38,320 we go. It forced closed the browser 905 00:34:38,320 --> 00:34:40,320 completely. It destroyed the session so 906 00:34:40,320 --> 00:34:42,320 that the browser just closed. Right? So 907 00:34:42,320 --> 00:34:43,359 it's not actually running in the 908 00:34:43,359 --> 00:34:46,240 background nor is it running at all. It 909 00:34:46,240 --> 00:34:47,839 just destroyed the process, the session 910 00:34:47,839 --> 00:34:49,679 and just closing the browser completely. 911 00:34:49,679 --> 00:34:51,679 So to start services on Linux, this is 912 00:34:51,679 --> 00:34:54,159 another thing I want to talk about is, 913 00:34:54,159 --> 00:34:55,359 you know, let's say you want to run a 914 00:34:55,359 --> 00:34:56,960 web server. Let's say just for 915 00:34:56,960 --> 00:34:58,320 educational reasons, you want to set up 916 00:34:58,320 --> 00:35:00,960 like a a test page, like a fishing page, 917 00:35:00,960 --> 00:35:03,040 right? um or you want to run your own 918 00:35:03,040 --> 00:35:05,200 web server off your Linux machine on 919 00:35:05,200 --> 00:35:06,800 your local area network. Um you've 920 00:35:06,800 --> 00:35:08,560 actually got Apache 2 installed which is 921 00:35:08,560 --> 00:35:09,839 basically what you would host your 922 00:35:09,839 --> 00:35:11,760 servers on, right? Sorry, your your 923 00:35:11,760 --> 00:35:13,839 files on to host your server. So you can 924 00:35:13,839 --> 00:35:17,280 type in um service Apache 2 which is the 925 00:35:17,280 --> 00:35:18,800 service and then you can type in start. 926 00:35:18,800 --> 00:35:20,560 So if you type in service Apache to 927 00:35:20,560 --> 00:35:22,640 start. So the command service allows you 928 00:35:22,640 --> 00:35:24,560 to run certain services on your system. 929 00:35:24,560 --> 00:35:26,000 So you can run other services. It 930 00:35:26,000 --> 00:35:27,359 doesn't just have to be Apache. whatever 931 00:35:27,359 --> 00:35:28,960 is installed that you can run the 932 00:35:28,960 --> 00:35:30,480 command service. You can just type in 933 00:35:30,480 --> 00:35:32,240 start and then it will go ahead and 934 00:35:32,240 --> 00:35:34,480 start that particular service. So now 935 00:35:34,480 --> 00:35:36,960 Apache 2 is running and like I said 936 00:35:36,960 --> 00:35:39,440 before if we do IPA and we actually go 937 00:35:39,440 --> 00:35:42,320 to our network address sorry our IP 938 00:35:42,320 --> 00:35:44,720 address of our machine and go to that 939 00:35:44,720 --> 00:35:46,560 local port number of the web address 940 00:35:46,560 --> 00:35:48,720 that's running. So Apache 2 will spawn a 941 00:35:48,720 --> 00:35:50,560 web server and uh you can see here this 942 00:35:50,560 --> 00:35:52,720 is on our machine. This is a website 943 00:35:52,720 --> 00:35:54,800 running on our machine. Uh this is just 944 00:35:54,800 --> 00:35:56,320 the default page, but if you upload like 945 00:35:56,320 --> 00:35:58,640 your own code like HTML CSS into this 946 00:35:58,640 --> 00:36:02,320 directory. So you can type in cd /bar 947 00:36:02,320 --> 00:36:04,800 www/html. 948 00:36:04,800 --> 00:36:07,599 And if you go into this directory, 949 00:36:07,599 --> 00:36:09,359 you can see here that's actually what's 950 00:36:09,359 --> 00:36:11,200 being hosted in front of us right now. 951 00:36:11,200 --> 00:36:13,040 So if I actually delete this, so let's 952 00:36:13,040 --> 00:36:15,359 use our Linux commands. So let's copy 953 00:36:15,359 --> 00:36:16,800 this. Copy the whole thing including 954 00:36:16,800 --> 00:36:18,720 this file and this file. Now if I type 955 00:36:18,720 --> 00:36:20,720 in remove, we don't have to do pseudo 956 00:36:20,720 --> 00:36:23,040 because we already root. If I do remove 957 00:36:23,040 --> 00:36:25,440 remove fully and just paste in the files 958 00:36:25,440 --> 00:36:28,400 I want to delete. Enter. We can see here 959 00:36:28,400 --> 00:36:30,640 if I refresh this whole page will 960 00:36:30,640 --> 00:36:33,920 disappear. There we go. So the the HTML 961 00:36:33,920 --> 00:36:36,240 files were deleted. Now there's nothing 962 00:36:36,240 --> 00:36:38,079 on the web page. But we can make our own 963 00:36:38,079 --> 00:36:41,200 HTML file. So if we type in touch. So 964 00:36:41,200 --> 00:36:42,640 this is going to go ahead and create a 965 00:36:42,640 --> 00:36:44,000 file. So touch, let's call it 966 00:36:44,000 --> 00:36:46,480 index.html. 967 00:36:46,480 --> 00:36:49,040 And if we press enter, we type in ls, 968 00:36:49,040 --> 00:36:50,480 it's there. But there's nothing on the 969 00:36:50,480 --> 00:36:51,920 web page, of course, because we actually 970 00:36:51,920 --> 00:36:53,760 need to write the code for the the web 971 00:36:53,760 --> 00:36:56,240 page. So, let's use some of our Linux 972 00:36:56,240 --> 00:36:59,520 skills. So, let's type in nano index 973 00:36:59,520 --> 00:37:02,960 html to go into that file and edit it. 974 00:37:02,960 --> 00:37:04,720 Now, we can actually edit the file. You 975 00:37:04,720 --> 00:37:06,160 can edit whatever you want in this file 976 00:37:06,160 --> 00:37:08,480 and it will show up on the website. But 977 00:37:08,480 --> 00:37:10,160 if you don't know HTML, I won't go too 978 00:37:10,160 --> 00:37:11,680 much into it, but let's just type in a 979 00:37:11,680 --> 00:37:13,359 header. So, let's write some code, some 980 00:37:13,359 --> 00:37:15,280 basic HTML code. So, this is what you 981 00:37:15,280 --> 00:37:17,760 call a header tag. So let's just it's 982 00:37:17,760 --> 00:37:20,480 just a header of a website. Uh so if we 983 00:37:20,480 --> 00:37:23,599 type in header test, we could just say 984 00:37:23,599 --> 00:37:26,800 heading one and we close that. Just like 985 00:37:26,800 --> 00:37:28,720 that. That's a heading. You can just 986 00:37:28,720 --> 00:37:31,200 call it heading if you want 987 00:37:31,200 --> 00:37:33,280 or whatever you want. Test or my 988 00:37:33,280 --> 00:37:36,280 website. 989 00:37:36,960 --> 00:37:40,839 My cool website. 990 00:37:40,960 --> 00:37:43,280 And then you press control X on Windows 991 00:37:43,280 --> 00:37:47,280 or command X on um Mac if you're on Mac 992 00:37:47,280 --> 00:37:48,880 or like VMware Fusion. And then you just 993 00:37:48,880 --> 00:37:51,760 press Y to save and then press enter. 994 00:37:51,760 --> 00:37:54,240 There we go. Now it's saved the file. 995 00:37:54,240 --> 00:37:56,240 Now if we go back and refresh, there we 996 00:37:56,240 --> 00:37:58,000 go. It's a title. It's the heading of 997 00:37:58,000 --> 00:38:00,000 the website. So there we go. So our 998 00:38:00,000 --> 00:38:01,359 website's running because we used the 999 00:38:01,359 --> 00:38:03,680 the command service to run the Apache 1000 00:38:03,680 --> 00:38:05,280 server. We went into the directory, 1001 00:38:05,280 --> 00:38:08,400 added our own file. Um, so you can see 1002 00:38:08,400 --> 00:38:10,240 how this can be beneficial, which is 1003 00:38:10,240 --> 00:38:12,800 very cool. So let's go cd. Just go back 1004 00:38:12,800 --> 00:38:14,240 to the main directory. We're done with 1005 00:38:14,240 --> 00:38:16,079 that. And let's just type in service 1006 00:38:16,079 --> 00:38:19,680 Apache 2 stop. So if you go back, if you 1007 00:38:19,680 --> 00:38:21,119 do that whole thing again and you go 1008 00:38:21,119 --> 00:38:22,880 back, copy your IP address, paste it in 1009 00:38:22,880 --> 00:38:25,359 the browser on port 80. You go to it, it 1010 00:38:25,359 --> 00:38:26,720 the website's not going to be running 1011 00:38:26,720 --> 00:38:28,800 because we close the session by running 1012 00:38:28,800 --> 00:38:32,240 service Apache 2 stop. So we stop this 1013 00:38:32,240 --> 00:38:35,200 service. So that's another great uh 1014 00:38:35,200 --> 00:38:37,280 utility tool built into Linux for us to 1015 00:38:37,280 --> 00:38:39,680 run specific services. Um if you want to 1016 00:38:39,680 --> 00:38:42,079 see like service status, so you can type 1017 00:38:42,079 --> 00:38:44,720 in systemctl. 1018 00:38:44,720 --> 00:38:48,079 So systemctl will actually you know 1019 00:38:48,079 --> 00:38:50,880 analyze or actually list what services 1020 00:38:50,880 --> 00:38:52,960 are running. So you can type in like 1021 00:38:52,960 --> 00:38:56,000 let's say status for 1022 00:38:56,000 --> 00:38:58,960 Apache 2, right? We can see here it's 1023 00:38:58,960 --> 00:39:00,800 disabled. So it's not running, right? It 1024 00:39:00,800 --> 00:39:02,880 says inactive. So it's not active 1025 00:39:02,880 --> 00:39:06,240 currently. Uh but if we type in if we go 1026 00:39:06,240 --> 00:39:09,760 back and type in service Apache 2 start 1027 00:39:09,760 --> 00:39:12,880 right and then systemctl 1028 00:39:12,880 --> 00:39:16,240 status to see the status the current 1029 00:39:16,240 --> 00:39:19,280 status of Apache 2. We can see that it's 1030 00:39:19,280 --> 00:39:21,440 currently active. So now it's running. 1031 00:39:21,440 --> 00:39:23,680 So systemct ctl is a great way to see 1032 00:39:23,680 --> 00:39:25,359 what services are running on the system. 1033 00:39:25,359 --> 00:39:28,320 So you can type in system status for SSH 1034 00:39:28,320 --> 00:39:29,920 if you're running SSH. I'm not running 1035 00:39:29,920 --> 00:39:33,040 SSH but you can see there um if it was 1036 00:39:33,040 --> 00:39:34,560 running it will say it's running. So you 1037 00:39:34,560 --> 00:39:36,960 can actually pick what service so or 1038 00:39:36,960 --> 00:39:40,160 Apache or SSH or something else like 1039 00:39:40,160 --> 00:39:44,320 Telnet or FTP. Okay, I don't actually 1040 00:39:44,320 --> 00:39:48,240 have FTP um but whatever whatever it can 1041 00:39:48,240 --> 00:39:50,400 be right and what I like about systemctl 1042 00:39:50,400 --> 00:39:53,119 as well what I like about systemctl is 1043 00:39:53,119 --> 00:39:54,880 that you can actually enable and disable 1044 00:39:54,880 --> 00:39:57,200 these services at boot time. So let's 1045 00:39:57,200 --> 00:39:59,040 say you boot up Kylie Linux and it's 1046 00:39:59,040 --> 00:40:01,520 just automatically running, right? Um or 1047 00:40:01,520 --> 00:40:03,359 you just want to boot up K Linux and you 1048 00:40:03,359 --> 00:40:04,560 don't want to have anything running. You 1049 00:40:04,560 --> 00:40:06,160 don't want to have this this service 1050 00:40:06,160 --> 00:40:08,160 running at all. Um you can actually 1051 00:40:08,160 --> 00:40:09,520 enable that. So you can type in 1052 00:40:09,520 --> 00:40:12,480 systemcttl enable and then the service 1053 00:40:12,480 --> 00:40:16,000 name. So it could be SSH like I said or 1054 00:40:16,000 --> 00:40:18,160 even Apache 2. So when you boot up Ky 1055 00:40:18,160 --> 00:40:19,760 Linux, Apache 2 is already running. So 1056 00:40:19,760 --> 00:40:21,440 if you do that, it will set it to that. 1057 00:40:21,440 --> 00:40:24,000 So when I restart Linux and I boot it up 1058 00:40:24,000 --> 00:40:25,920 again, Apache 2 will be running. But we 1059 00:40:25,920 --> 00:40:27,920 don't want to do that because we don't 1060 00:40:27,920 --> 00:40:29,599 want anyone else browsing on our cool 1061 00:40:29,599 --> 00:40:31,839 website, right? So let's just disable 1062 00:40:31,839 --> 00:40:33,520 that. So we can type in disable and it 1063 00:40:33,520 --> 00:40:35,599 will just disable that functionality. So 1064 00:40:35,599 --> 00:40:38,079 when we boot up Linux K Linux or you can 1065 00:40:38,079 --> 00:40:40,640 even do this on YUbuntu Linux, uh it 1066 00:40:40,640 --> 00:40:43,040 will disable that service from running 1067 00:40:43,040 --> 00:40:45,599 once you boot it up. Great. So we took a 1068 00:40:45,599 --> 00:40:47,200 look at process and service management. 1069 00:40:47,200 --> 00:40:49,200 Now let's look at package management. So 1070 00:40:49,200 --> 00:40:50,400 what I showed you in the beginning was 1071 00:40:50,400 --> 00:40:52,079 we updated our operating system. We use 1072 00:40:52,079 --> 00:40:54,560 the AP package manager to upgrade 1073 00:40:54,560 --> 00:40:56,960 certain uh kernel files etc. We just 1074 00:40:56,960 --> 00:40:59,520 updated the whole operating system for 1075 00:40:59,520 --> 00:41:01,599 Ki Linux to make sure all the tools all 1076 00:41:01,599 --> 00:41:02,960 the software that we will use as a 1077 00:41:02,960 --> 00:41:05,359 penetration tester is up to date and it 1078 00:41:05,359 --> 00:41:08,000 is functional. But let's actually take a 1079 00:41:08,000 --> 00:41:10,480 look at package management like Linux 1080 00:41:10,480 --> 00:41:11,920 commands for package management a little 1081 00:41:11,920 --> 00:41:13,599 bit further. So I showed you now we are 1082 00:41:13,599 --> 00:41:15,200 in root. We don't actually have to type 1083 00:41:15,200 --> 00:41:18,240 root anymore. Um but we can say you know 1084 00:41:18,240 --> 00:41:20,640 apt update make sure it's updated. 1085 00:41:20,640 --> 00:41:22,960 That's great. We can do that. It's going 1086 00:41:22,960 --> 00:41:26,240 to go to the uh Linux mirror repository 1087 00:41:26,240 --> 00:41:28,160 and actually download all packages to 1088 00:41:28,160 --> 00:41:30,319 make sure and ensure it's updated. The 1089 00:41:30,319 --> 00:41:32,800 next one is upgrade. So, we've upgraded 1090 00:41:32,800 --> 00:41:34,400 that. We don't we don't need to do that 1091 00:41:34,400 --> 00:41:35,760 again. And by the way, I don't think it 1092 00:41:35,760 --> 00:41:36,880 will go through that. Yeah, there we go. 1093 00:41:36,880 --> 00:41:38,160 You can see that it's already upgraded 1094 00:41:38,160 --> 00:41:40,160 the whole thing. So, we automatically 1095 00:41:40,160 --> 00:41:42,160 installed and no longer required to 1096 00:41:42,160 --> 00:41:43,599 update it. Okay, that's great. If you 1097 00:41:43,599 --> 00:41:45,200 want to install a specific package, you 1098 00:41:45,200 --> 00:41:47,760 can type in apt install and then like a 1099 00:41:47,760 --> 00:41:49,839 package name. Like we saw before, we had 1100 00:41:49,839 --> 00:41:51,440 to you can actually install something 1101 00:41:51,440 --> 00:41:52,800 specific. So you can type in apt 1102 00:41:52,800 --> 00:41:55,119 install. Let's say Python Python 3, 1103 00:41:55,119 --> 00:41:56,560 right? It's already installed. But if 1104 00:41:56,560 --> 00:41:57,839 you didn't have Python 3, you can 1105 00:41:57,839 --> 00:41:59,280 actually select what package you want to 1106 00:41:59,280 --> 00:42:01,680 install on this repository, the K Linux 1107 00:42:01,680 --> 00:42:03,040 repository, and it will go ahead and 1108 00:42:03,040 --> 00:42:05,359 download that package for you. And by 1109 00:42:05,359 --> 00:42:06,240 the way, everything's already 1110 00:42:06,240 --> 00:42:08,160 preconfigured with Ki Linux. So it's 1111 00:42:08,160 --> 00:42:09,920 absolutely brilliant to have this 1112 00:42:09,920 --> 00:42:11,359 operating system for you because you can 1113 00:42:11,359 --> 00:42:13,040 just get straight into it and learn. If 1114 00:42:13,040 --> 00:42:14,880 you want to remove a package, which I 1115 00:42:14,880 --> 00:42:16,880 don't suggest unless it's like malicious 1116 00:42:16,880 --> 00:42:18,319 or something like that or you just don't 1117 00:42:18,319 --> 00:42:22,079 want it, you can just type in apt remove 1118 00:42:22,079 --> 00:42:24,160 and then the file name. So obviously not 1119 00:42:24,160 --> 00:42:26,079 Python 3. We don't want to remove Python 1120 00:42:26,079 --> 00:42:28,800 3. We need that to run certain scripts, 1121 00:42:28,800 --> 00:42:30,720 but you can type in apt remove and then 1122 00:42:30,720 --> 00:42:32,640 the file name, but we don't need to do 1123 00:42:32,640 --> 00:42:34,480 that. In order to see what packages 1124 00:42:34,480 --> 00:42:36,400 we've installed, we can actually type in 1125 00:42:36,400 --> 00:42:41,599 apt list and then installed like this to 1126 00:42:41,599 --> 00:42:44,880 see what packages are installed on our 1127 00:42:44,880 --> 00:42:47,280 operating system for Kylie Linux. So 1128 00:42:47,280 --> 00:42:48,880 what packages have we installed already 1129 00:42:48,880 --> 00:42:51,520 when we upgraded the system like what 1130 00:42:51,520 --> 00:42:53,119 are the packages that we have just 1131 00:42:53,119 --> 00:42:54,880 installed. So these there's a lot of 1132 00:42:54,880 --> 00:42:56,480 lines here to go through but we can see 1133 00:42:56,480 --> 00:42:58,319 here these are some of the basic. So we 1134 00:42:58,319 --> 00:43:00,079 got Apache 2, we upgraded that. That's 1135 00:43:00,079 --> 00:43:02,240 brilliant. Uh we've got the add user 1136 00:43:02,240 --> 00:43:04,319 command as well. A crackeng which is a 1137 00:43:04,319 --> 00:43:07,200 tool for cracking Wi-Fi wireless 1138 00:43:07,200 --> 00:43:10,560 networks. Um sevenzip for zipping files. 1139 00:43:10,560 --> 00:43:12,400 So there's a lot of packages here that 1140 00:43:12,400 --> 00:43:14,480 have been updated uh or even downloaded 1141 00:43:14,480 --> 00:43:17,920 installed already preconfigured on KO 1142 00:43:17,920 --> 00:43:19,440 Linux. Let's explore this a little bit 1143 00:43:19,440 --> 00:43:21,359 further. Let's say that you want to 1144 00:43:21,359 --> 00:43:23,119 review all the commands we've typed out 1145 00:43:23,119 --> 00:43:24,640 already. 1146 00:43:24,640 --> 00:43:26,480 So you can actually type in history. 1147 00:43:26,480 --> 00:43:28,960 This is a command that will allow us to 1148 00:43:28,960 --> 00:43:30,960 see what commands we've typed out 1149 00:43:30,960 --> 00:43:33,440 previously. And you can see how helpful 1150 00:43:33,440 --> 00:43:34,960 this can be to navigate through a 1151 00:43:34,960 --> 00:43:36,960 system, to navigate through our own 1152 00:43:36,960 --> 00:43:38,880 machine on Ki Linux, or to even just 1153 00:43:38,880 --> 00:43:40,800 remember commands now and then. What I 1154 00:43:40,800 --> 00:43:42,560 find really interesting about Ki Linux 1155 00:43:42,560 --> 00:43:46,000 or just Linux in general is that you can 1156 00:43:46,000 --> 00:43:47,839 actually search for a specific file on 1157 00:43:47,839 --> 00:43:50,560 Linux, especially if it's like deep in 1158 00:43:50,560 --> 00:43:53,119 the system, like in your files, etc., 1159 00:43:53,119 --> 00:43:55,920 and you can't find it. So let's say you 1160 00:43:55,920 --> 00:43:58,240 So let me go ahead and actually create a 1161 00:43:58,240 --> 00:44:00,560 file. Uh let's let's just create a 1162 00:44:00,560 --> 00:44:04,079 random file in a uh folder really 1163 00:44:04,079 --> 00:44:06,800 quickly. Let's let's do it in our opt 1164 00:44:06,800 --> 00:44:09,280 folder. So this is just an optional 1165 00:44:09,280 --> 00:44:11,200 directory folder. So let's say I created 1166 00:44:11,200 --> 00:44:14,160 a file called test.ext, 1167 00:44:14,160 --> 00:44:16,560 right? And I go out completely. I'm not 1168 00:44:16,560 --> 00:44:18,480 even associated with that user and I 1169 00:44:18,480 --> 00:44:20,640 just I'm the regular user as well. That 1170 00:44:20,640 --> 00:44:21,680 doesn't really matter. But we can 1171 00:44:21,680 --> 00:44:25,599 actually type in find slash the name of 1172 00:44:25,599 --> 00:44:28,319 that file. So find is a command in Linux 1173 00:44:28,319 --> 00:44:30,480 slash is searching through the entire 1174 00:44:30,480 --> 00:44:32,319 operating system or just the entire 1175 00:44:32,319 --> 00:44:36,160 system for a file name. So we say find 1176 00:44:36,160 --> 00:44:40,880 slashname for that file and we can find 1177 00:44:40,880 --> 00:44:42,800 test.ext 1178 00:44:42,800 --> 00:44:45,040 and just by doing this it's going to say 1179 00:44:45,040 --> 00:44:46,640 permission denied. So, we don't actually 1180 00:44:46,640 --> 00:44:48,400 have permissions to do that. But we can 1181 00:44:48,400 --> 00:44:51,359 go back and type in pseudo find file 1182 00:44:51,359 --> 00:44:53,040 text, right? It's also going to say 1183 00:44:53,040 --> 00:44:54,880 permission denied. But we can also see 1184 00:44:54,880 --> 00:44:56,800 here there's a lot of other files called 1185 00:44:56,800 --> 00:44:58,319 test.ext, 1186 00:44:58,319 --> 00:45:00,079 which I find really interesting. But you 1187 00:45:00,079 --> 00:45:02,480 can actually see down here. So, with it 1188 00:45:02,480 --> 00:45:03,920 searching throughout the whole entire 1189 00:45:03,920 --> 00:45:06,240 operating system for other files called 1190 00:45:06,240 --> 00:45:08,240 test.ext, you can actually see here, 1191 00:45:08,240 --> 00:45:09,839 this is actually where we added our own 1192 00:45:09,839 --> 00:45:11,680 file in the optional directory. So, we 1193 00:45:11,680 --> 00:45:13,520 can see /opt, that's where we were, 1194 00:45:13,520 --> 00:45:15,119 slashext. 1195 00:45:15,119 --> 00:45:17,920 test.ext. So you can see how the find 1196 00:45:17,920 --> 00:45:20,319 slash So you can see how helpful the 1197 00:45:20,319 --> 00:45:22,640 find utility command in Linux can be 1198 00:45:22,640 --> 00:45:24,560 helpful for searching through the entire 1199 00:45:24,560 --> 00:45:26,880 system to find a specific file. It could 1200 00:45:26,880 --> 00:45:29,359 be a word list or a directory or 1201 00:45:29,359 --> 00:45:31,839 whatever it is. So it's absolutely 1202 00:45:31,839 --> 00:45:33,839 brilliant. So like when you do hack the 1203 00:45:33,839 --> 00:45:35,359 box and you gain access, you can try and 1204 00:45:35,359 --> 00:45:37,440 find the user flag by typing in find if 1205 00:45:37,440 --> 00:45:39,760 you have privilege access privilege 1206 00:45:39,760 --> 00:45:41,359 access which is great. And that's the 1207 00:45:41,359 --> 00:45:43,760 end of the video. So, we covered a lot 1208 00:45:43,760 --> 00:45:45,680 of uh Linux commands in this video and I 1209 00:45:45,680 --> 00:45:46,960 hope you learn a lot. If you got any 1210 00:45:46,960 --> 00:45:48,560 questions, just reach out to me or just 1211 00:45:48,560 --> 00:45:50,319 do some research online. Go on Google, 1212 00:45:50,319 --> 00:45:51,760 search up a few things. If you don't 1213 00:45:51,760 --> 00:45:53,440 understand it, uh you know, search up 1214 00:45:53,440 --> 00:45:56,400 Linux commands on Google or on YouTube 1215 00:45:56,400 --> 00:45:58,160 and you can also find and watch other 1216 00:45:58,160 --> 00:46:00,400 videos related to Linux. Uh Linux is a 1217 00:46:00,400 --> 00:46:02,240 really cool operating system. There's a 1218 00:46:02,240 --> 00:46:03,839 lot of Linux distributions out there. 1219 00:46:03,839 --> 00:46:05,440 It's not just Ki Linux. You've got 1220 00:46:05,440 --> 00:46:10,000 Yubuntu, Arch Linux, K Yubuntu, even 1221 00:46:10,000 --> 00:46:12,480 lightweight versions of like other Linux 1222 00:46:12,480 --> 00:46:14,720 distros, which is really good. Ki Linux 1223 00:46:14,720 --> 00:46:17,760 is strictly made for penetration 1224 00:46:17,760 --> 00:46:19,599 testing. It's made for penetration 1225 00:46:19,599 --> 00:46:22,800 testers to do all their tasks to be a 1226 00:46:22,800 --> 00:46:24,800 hacker, an ethical hacker to be a 1227 00:46:24,800 --> 00:46:27,280 penetration tester, which I find really 1228 00:46:27,280 --> 00:46:30,400 cool, right? And a lot of people use it 1229 00:46:30,400 --> 00:46:32,240 um especially me I use it a lot to 1230 00:46:32,240 --> 00:46:36,079 perform security uh tests on my website. 1231 00:46:36,079 --> 00:46:38,160 Uh I use it because it has all the stuff 1232 00:46:38,160 --> 00:46:40,560 and all the tools preconfigured for me 1233 00:46:40,560 --> 00:46:44,160 to run and test my software or even do 1234 00:46:44,160 --> 00:46:46,000 like cool videos like this. Yeah. So 1235 00:46:46,000 --> 00:46:47,520 it's good. I thank you for watching this 1236 00:46:47,520 --> 00:46:48,880 video. I've tried to cover a lot of 1237 00:46:48,880 --> 00:46:50,560 Linux commands as possible. If you 1238 00:46:50,560 --> 00:46:52,240 enjoyed this video, please give it a 1239 00:46:52,240 --> 00:46:55,599 like and subscribe.90252