Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,090 --> 00:00:07,130 Let's briefly cover our notes so far so we have covered a little bit of this right. 2 00:00:07,140 --> 00:00:13,800 We cover the fact that we have our own map in here and what we saw in court twenty two or 80 etc. and 3 00:00:13,800 --> 00:00:19,380 we had a couple of findings from before we had default web page on Apache and we had this information 4 00:00:19,380 --> 00:00:21,330 disclosure as well. 5 00:00:21,390 --> 00:00:23,020 Now we've done some exploding. 6 00:00:23,130 --> 00:00:25,810 So I've gone ahead and just put in here. 7 00:00:26,010 --> 00:00:30,470 I put the S&P exploit so I put an example of what it looks like when we run it. 8 00:00:30,660 --> 00:00:32,590 And you could see that the. 9 00:00:32,610 --> 00:00:35,610 Who am I and the host names in there and then I've got the IP address. 10 00:00:35,610 --> 00:00:37,080 This is just for my notes. 11 00:00:37,140 --> 00:00:39,120 You can make this as detailed as you want. 12 00:00:39,120 --> 00:00:44,670 By the way you could say Hey I ran this at this specific time and I ran it against this host. 13 00:00:44,700 --> 00:00:50,270 And here is the attack I ran etc. and we'll get more into what your report should look like. 14 00:00:50,280 --> 00:00:55,430 But as long as you know at least for me as long as I know I have a screenshot of proof that I did it 15 00:00:55,830 --> 00:00:58,110 and I have the IP address that I ran it against. 16 00:00:58,170 --> 00:00:59,220 That's pretty much enough. 17 00:00:59,220 --> 00:01:01,580 I can remember the rest and then type out the report. 18 00:01:02,160 --> 00:01:08,400 And same here with the mod SSL attack on port 80 and four for three and I don't have a copy of it right 19 00:01:08,400 --> 00:01:12,680 now but the shadow file we did uncover the shadow file as being a root user. 20 00:01:12,680 --> 00:01:19,920 So this just notes for us perhaps we could use the shadow file information and crack the passwords or 21 00:01:19,920 --> 00:01:25,160 we could go on and try to pass the password or pass the hash round which we'll get to in later videos. 22 00:01:25,710 --> 00:01:30,310 And another thing that add in here to was undetected malicious activity. 23 00:01:30,330 --> 00:01:35,940 So this is something that you're going to see on a report and we talked about in the the brute forcing 24 00:01:35,940 --> 00:01:40,980 video where if we're doing any kind of brute forcing we're doing it not only to see if we get hit with 25 00:01:40,980 --> 00:01:43,680 bad password but to see if the client catch us. 26 00:01:43,710 --> 00:01:46,410 So this example I'm using to say hey they didn't catch us. 27 00:01:46,410 --> 00:01:48,430 Here's an example what we did. 28 00:01:48,480 --> 00:01:52,350 Also scanning in there as well if you're not seeing a scan that's something that we're going to report 29 00:01:52,350 --> 00:01:53,050 back. 30 00:01:53,070 --> 00:01:56,580 So this would be typically a low finding these would also be low findings. 31 00:01:56,610 --> 00:02:02,340 Anytime we get access to a machine this is obviously critical finding. 32 00:02:02,340 --> 00:02:07,010 So we just want to keep know of what kind of things we're finding take good pictures et cetera. 33 00:02:07,010 --> 00:02:12,020 So I'm hoping that you are getting the gist now of what your notes should look like. 34 00:02:12,030 --> 00:02:15,470 Again Make these your own however it feels good to you. 35 00:02:15,540 --> 00:02:17,000 This is just how I kind of do it. 36 00:02:17,010 --> 00:02:21,210 I don't have to put a ton of information in there for me to remember as long as I have my screenshots 37 00:02:21,300 --> 00:02:24,960 which are most important because that's your proof that you were actually there and you did it. 38 00:02:24,990 --> 00:02:28,020 Otherwise it's just he said she said kind of thing. 39 00:02:28,050 --> 00:02:29,640 So that is it for this video. 40 00:02:29,640 --> 00:02:31,350 That is it for this section. 41 00:02:31,350 --> 00:02:33,840 Congratulations again for making it this far. 42 00:02:34,170 --> 00:02:38,280 Now we're going to move into some of the fun stuff where we get to look at a bunch of different attacks 43 00:02:38,670 --> 00:02:43,420 and gradually just get a little bit more complex and learn some new things along the way. 44 00:02:43,470 --> 00:02:49,620 And I like to call it a capstone because we're capping off where all the things we learned so far. 45 00:02:49,650 --> 00:02:53,490 We're going to actually build upon it so you're going to learn a bunch of new little techniques as we 46 00:02:53,490 --> 00:02:55,480 do this little midcourse Capstone. 47 00:02:55,650 --> 00:02:58,570 And then we're gonna get into really fun stuff once we get to act director. 48 00:02:58,590 --> 00:03:00,070 I'm really excited for that. 49 00:03:00,120 --> 00:03:02,310 So I will catch you over in the next section. 5167