Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,120 --> 00:00:07,530 So I want to show you some additional scanning tools that we can use especially other opportunities 2 00:00:07,530 --> 00:00:11,450 and options you might have out there that you might like more. 3 00:00:11,610 --> 00:00:16,110 And I'm going to show you a tool in this video called mass scan. 4 00:00:16,110 --> 00:00:18,530 We'll show how to scan with medicinally. 5 00:00:18,570 --> 00:00:24,210 And then last couple of videos will be on Nexus and I think nexus is super important to show because 6 00:00:24,210 --> 00:00:26,750 it is a tool you will use in your career. 7 00:00:26,880 --> 00:00:29,610 And it's a must have in terms of knowledge. 8 00:00:29,670 --> 00:00:35,250 So we're going to be using a tool called mass scan a mass scan was actually built to scan the entire 9 00:00:35,250 --> 00:00:37,180 Internet really fast. 10 00:00:37,410 --> 00:00:39,570 So it's a really fast port scanner. 11 00:00:39,690 --> 00:00:41,370 And if you want to read about it. 12 00:00:41,520 --> 00:00:41,970 Robert. 13 00:00:41,970 --> 00:00:45,420 David Graham here at get hub has mass scan. 14 00:00:45,420 --> 00:00:50,370 You're more than welcome to come through here and look at the usage and different syntax and even how 15 00:00:50,370 --> 00:00:51,920 to scan the entire Internet. 16 00:00:52,020 --> 00:00:56,340 Though I do not recommend this because you will have people knocking at your door pretty quick. 17 00:00:56,550 --> 00:00:58,290 So let's minimize this. 18 00:00:58,290 --> 00:01:02,430 And I will make this an attachment as a resource in case you're interested or you could just google 19 00:01:03,150 --> 00:01:04,520 Robert David Graham. 20 00:01:04,650 --> 00:01:10,370 So mass skin is actually built in you to start typing mass scan and then you hit tab. 21 00:01:10,380 --> 00:01:16,010 And what we're going to do is we're going to just do a regular old scan here. 22 00:01:16,050 --> 00:01:19,560 So this scan is going to look something like this. 23 00:01:19,560 --> 00:01:25,470 We're going to save port like this and we're just going to specify one through sixty five five thirty 24 00:01:25,470 --> 00:01:27,840 five OK. 25 00:01:28,040 --> 00:01:32,290 And we can choose a rate of how fast we want to go. 26 00:01:32,330 --> 00:01:37,400 We also need to pick you know what IP we want to scan. 27 00:01:37,400 --> 00:01:45,590 So we're going to go ahead and just scan 1 9 2 1 6 8 5 7 1 thirty nine. 28 00:01:45,810 --> 00:01:46,090 Sorry. 29 00:01:46,120 --> 00:01:47,300 One thirty four. 30 00:01:47,990 --> 00:01:51,830 And we're going to hit enter on this in one second. 31 00:01:51,830 --> 00:01:54,360 First I want to set up and map as well. 32 00:01:54,390 --> 00:01:58,430 Let's do the end map syntax from memory if you can. 33 00:01:58,430 --> 00:02:05,420 So we're going to do T4 again for speed dash P dash and we're going to leave off the dash a. 34 00:02:06,200 --> 00:02:06,680 All right. 35 00:02:06,830 --> 00:02:16,750 And we're just going to say same thing 1 9 2 1 6 8 5 7 dot 1 3 4 and then we're going to run this here 36 00:02:17,200 --> 00:02:23,920 and I'm going to run both at the same time and I just want to do this for the sole purpose of doing 37 00:02:23,950 --> 00:02:28,370 a speed scan and seeing how fast one is compared to the other. 38 00:02:28,450 --> 00:02:32,600 So you can see here too that we have forced options. 39 00:02:32,600 --> 00:02:34,580 We've got the dash little ass big ass. 40 00:02:34,580 --> 00:02:37,940 Now this should look like very familiar syntax right. 41 00:02:37,940 --> 00:02:43,660 This is that stealth scanning room of the stealth scan we go out and we say hey I want to kick to you 42 00:02:43,670 --> 00:02:44,150 sin. 43 00:02:44,150 --> 00:02:48,050 And they say yeah to me Sinek and then we say not just kidding. 44 00:02:48,200 --> 00:02:49,080 Reset. 45 00:02:49,280 --> 00:02:49,490 Right. 46 00:02:49,520 --> 00:02:55,580 So this is what it's doing it's doing this dash P capital P lowercase n if you remember from the end 47 00:02:55,580 --> 00:02:56,150 that video. 48 00:02:56,150 --> 00:03:00,070 This means treat everything as if it is a live. 49 00:03:00,170 --> 00:03:05,900 And then the rest we don't really have to worry about the settings but these are some similar and map 50 00:03:05,960 --> 00:03:07,940 options though not fully. 51 00:03:07,940 --> 00:03:13,400 So we do have to specify the ports here and this is running and you see this one actually finished first. 52 00:03:13,730 --> 00:03:16,940 So in this race and this is something that I want to point out too. 53 00:03:16,970 --> 00:03:22,160 This one's going actually pretty slow and it could be because we're not giving it enough threads so 54 00:03:22,190 --> 00:03:28,970 I'm a control C one more time here and we're gonna try this with something like dash dash rate of 1000 55 00:03:28,990 --> 00:03:32,310 thousand and see how much faster it goes. 56 00:03:32,690 --> 00:03:36,030 And you can see now the time is significantly less. 57 00:03:36,230 --> 00:03:42,770 So the rate is important and the nice thing about it too is typically when it finds a port it tells 58 00:03:42,770 --> 00:03:45,250 you about it see if out of port it tells you about it. 59 00:03:45,260 --> 00:03:51,500 So a lot of people like to run mass scan for the purpose of running it and getting quick results because 60 00:03:51,500 --> 00:03:54,320 now they can say hey four four threes open. 61 00:03:54,350 --> 00:03:58,430 I'm going to go out there and I'm going to go try to look at it while the rest of these results are 62 00:03:58,430 --> 00:04:04,210 coming through and it's finding 30 to 768 which didn't even know is open. 63 00:04:04,340 --> 00:04:05,220 But anyway. 64 00:04:05,800 --> 00:04:11,960 So OK we've got thirty two seven sixty eight which didn't show the first time did show the first time 65 00:04:11,960 --> 00:04:13,510 actually as RTC. 66 00:04:13,670 --> 00:04:20,060 So we're looking at these results and I want to go back and backtrack just a little bit here. 67 00:04:20,120 --> 00:04:24,650 So remember in the first video where I said we didn't have to do the dash a right away. 68 00:04:24,650 --> 00:04:28,910 This finished in five point six seven seconds which is pretty good. 69 00:04:29,030 --> 00:04:34,610 Sometimes mass gain is faster sometimes Cally is faster and that is faster here. 70 00:04:35,120 --> 00:04:43,220 And we've got one two three four five six ports open now strategy might say that instead of scanning 71 00:04:43,280 --> 00:04:56,930 like this where we say dash a 1 9 2 1 6 8 5 7 1 thirty four instead we say let's scan like this and 72 00:04:56,930 --> 00:05:09,960 then when we find out what we have we could say 20 to 80 111 130 9 4 4 3 and this 3 2 768 and then run 73 00:05:09,960 --> 00:05:16,140 that and instead of going out to every port trying to make that connection scanning with all we're only 74 00:05:16,140 --> 00:05:23,850 going to scan the ports that come back and this tiered scanning or this phased or stage scanning is 75 00:05:23,880 --> 00:05:25,260 a lot faster. 76 00:05:25,260 --> 00:05:29,970 Now again I've told you my preference my preference is just to add the dash and let it fly and then 77 00:05:29,970 --> 00:05:35,580 I'll go do other things but scanning but if you're in a competition or you need something to go fast 78 00:05:35,580 --> 00:05:37,910 or you're just like in a time crunch. 79 00:05:37,980 --> 00:05:42,390 This isn't a bad way to do it either you could actually script this out to do this for you. 80 00:05:43,080 --> 00:05:49,350 So again we're still finishing here we've got six seconds left and it's found all the same ports granted 81 00:05:49,410 --> 00:05:53,060 in a different order but it didn't find it as fast. 82 00:05:53,100 --> 00:05:54,690 So your mileage may vary. 83 00:05:54,690 --> 00:05:58,870 I've had times where any map has taken me an hour in Wall and map is going. 84 00:05:58,890 --> 00:06:02,220 I just go out and I say hey mass scan go ahead and scan everything for me. 85 00:06:02,250 --> 00:06:03,620 I want to know what's up. 86 00:06:03,840 --> 00:06:08,790 And in this instance when we're actually scanning against a host inside of our network it's a little 87 00:06:08,790 --> 00:06:10,680 bit quicker a little bit easier. 88 00:06:10,680 --> 00:06:15,690 So this is just an introduction into another tool something to get your self familiarized with with 89 00:06:15,750 --> 00:06:20,710 other options that are out there and we'll look at a couple more options and we'll be on the exploitation. 90 00:06:20,730 --> 00:06:22,140 So I'll see you over in the next video. 9150