Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA

The Cyber Mentor · Beginner ·🔐 Cybersecurity ·7y ago

Key Takeaways

The video covers the introduction to the Zero to Hero pentesting course, setting up a pen testing environment, notekeeping, and introductory Linux, with tools such as Cali Linux, VMware, and Cherry Tree, and concepts including network pentesting, cybersecurity, and Linux basics.

Full Transcript

e e e e e e e e shalom shalom my people how's it going got one minute hey White Rose hey gray hey everybody how's it going Hey Jake hey Kev hey neon what's the T hey spawn fresh Buzz indeed Salam alikum that's right that's right thanks J Delta appreciate that it's a little reflective because of the glass so you can see everything that's going on over here no porn or anything so we're good all right guys it's 8:00 we're going to get rolling right away so I sent out an announcement uh via email and I realize that many of you aren't uh on the email list quite yet so I'm going to go ahead and just share my screen so a couple things we're going to need for tonight and these are kind of on the large side of downloads if you haven't downloaded already is the Cali Linux custom VM so if you're going to be using VMware or virtual box it has a tab for each I'm going to be using VMware throughout the course so go ahead and just click the link here to download the 64-bit um and we're going to go with that it's 2.5 gigs I think it's like 9 or 10 extracted so we're going to go ahead and use that one uh you'll also need VMware if you have VMware Pro great I'm going to show you how to run on VMware Workstation tonight A workstation player I should say so if you search out workstation player you just go ahead and say try for Windows or for Linux depending on where you're running it um and get that downloaded as well so that way when we're talking through things you can already get this downloaded in case you're a little bit behind um so for the C Linux download I want to add in search out Custom Image download for Cali on Google uh because if you go to C Linux you're going to get a different page than this you want the custom images because they're pretty easy to install hey red finale shalom shalom all right so we're going to go into this just a little bit of PowerPoint I swear we're not going to do Death by PowerPoint uh we're just going to do a quick overview and then we're going to get really quickly started so uh hey hey frog how's it going all right Cali is made by offse SEC you are correct all right welcome to the Zero to Hero pentesting course this is a practical course on network pentesting so we're going to go from zero hopefully to Hero so who am I uh I am the Cyber Mentor you may know me as Maverick you may know me as Heath uh so a few different names but I am a husband hacker a military veteran gamer sports fan and an owner of way too many animals and when I say way too many I am serious I have 10 animals in my house right now please help me take some of these and adopt them so other than that I'm a former accountant turn security geek I went uh my own Zero to Hero path in about 3 years um actually made it from help desk to um you know to pentester in two years so it's definitely possible I think I'm a good advocate for Zero to Hero if I can do it anybody can do it so way too many yeah this is what happens when you uh when you adopt a cat right and the cat's pregnant well we didn't even adopt it she was just a stray on the street took her in she was pregnant and then she had kittens so that's a quick way to add six animals to your household that you didn't even want uh so yeah pack it up guys so on my day-to-day at my job I do quite a different few different things I wear a lot of hats so anywhere from internal to external network penetration testing web application penetration testing uh we do something called sock assessments that's kind of like a purple team that's where you work with the blue team and you you do a pen test and you say hey do you see what I'm doing right now and they say yes or no and you help them get their baselines together uh Wireless assessments malware assessments and physical assessments which are incredibly fun if you get the opportunity to do them um some of the Cs I have you can read the list don't look at the C uh so other things I'm part of I do I have co-founded vetc um so if you've heard of vetc I helped co-found that about a year ago that's for military veterans that are looking to get in cyber security uh so if you're a military veteran of any country and you're interested in that there is a link down below uh a button that says military vet question mark uh so if you click on that you can look at our slack Channel and come join us over there I have produced a course with INE um that was the first course I produced so it's kind of bad in terms of quality and speaking and everything else have gotten much better and then I am a speaker panelist I've got a panel coming up at bsides this month and then next month I'm going to be speaking at Carolina con and hopefully a couple more cons are coming down the road uh depending on what my Talk's getting picked up or not so that is a little bit about me and we could talk about Sears in uh AMA when we get to the ma kind of things but we'll we'll talk about that and yeah I am I just got picked up by syac as well um so for today's agenda we're going to do a quick course overview I know many of you have already seen the Reddit post but we're just going to cover that again in case people who see this later this um and they they're just interested in what this course is covering we're going to talk about that uh we're going to talk about setting up a penetration testing environment so that's why I needed you to get calii Linux downloaded and VMware we're going to do a lesson on notekee keeping and that's where we're going to talk about our notekee keeping options including cherry tree for you guys who are loving cherry tree and we're going to also cover introductory Linux so we're going to cover it kind of from a pentester perspective if you've never touched Linux before this is kind of the lesson for you if you have you still May learn something but it's going to be pretty basic so uh lastly we're going to do a Q&A AMA I will be here as long as you guys want me to be here and you want to talk to me so if you got questions I will answer them all um so just got to be patient with me and I'll kind of try to answer as I go um so the goal tonight is to end around 10:00 my time it's 8:00 right now so it'll be pretty quick pace but I'll definitely slow down so you guys can take notes and ask questions as well on topic uh thank you for the sub J Delta I appreciate that okay so let's talk about the course overview so the stream is every Wednesday at 8:00 pm Eastern Time unless otherwise stated that is always going to hold true if you see something elsewhere let me know but that is where we're at uh video on demand is available so if you miss this you're in another country different region can't make it uh it'll be on Twitch immediately after and if you can wait a day or if you need a away today it's also on YouTube uh and I'll provide those links for you down below uh so also course topics so let's talk about the course topics really quick let's go to that Reddit post that we talked about and this is just a quick overview of what we're going to be covering in this course so I set this up to the way I would write it out like if I were writing a book this is kind of how I would write it out um but I thought that the first lesson would get too PowerPoint if we like put all these things in here like if I started getting into legal aspects it might bore you guys to death um so what we're going to be doing is I'm actually going to move this legal side of the house probably more down towards the end when we get into um reporting so what we're going to be doing this week is we're going talking again setting up pen testing environment how to keep notes effectively introductory Linux then next week we're going to start in python it's going to be a uh simple python lesson we're not talking like getting into development level we're talking uh basic scripting into maybe medium level knowledge uh if it takes us more than one week it takes us more than one week but for the most part it should take us a week I'm going to give you some homework on this one so if you're not signed up for the mailing list I'm going to show you how to do that and uh we'll we'll get there so the following week likely we're going to be covering hacking in five steps and also covering um some external pen testing so the hacking of five steps are the five steps of hacking it's uh everything that you should know in terms of being a hacker the whole process from start to finish um so that's a theoretical overview and then we're going to go in right into it so we're going to talk about reconnaissance scanning enumeration uh we're going to talk about using Metasploit and then compiling our own exploits and then we're going to talk about some things that we can do when nothing else Works um and and then on the internal side we're going to go back to enumeration again and focus on actor directory um we're going to focus on actor directory exploitation non- actor directory exploitation and finally we'll talk about maintaining access pivoting cleanup and report writing and that's where we'll probably throw in that whole legal side of the house as well in terms of documents um so this is going to go week by week if it takes longer than a week to do a lesson it takes longer to do a week for a lesson so I have no idea how long these are going to take it's going to kind of go at our speed and where I feel that we're comfortable and I'm comfortable giving you guys um giving you guys advice right so I don't want to like skimp because I'm limiting you guys to one week so I think that when it gets to some of the meteor sections it's definitely going to take a couple weeks and we'll get through it as we go um so and in terms of that we're going to be doing some setup lab environments I'm going to do the best I can to get us what we can use so Windows licensing requires payment typically if you have a edu account you might be able to get um a Windows license for a server for so there is some parts that you may have to watch and maybe not participate I'm working on that uh right now so by the time we get to that maybe that'll change but the goal is to be able to build out our own server make it vulnerable exploit it and then learn how to patch it so we learn the red side and the blue side of the house um so that's really it at a high level overview I don't have all of these thought out into lesson plans that's kind of going to be as I go but um most of these I have a general basic idea of what I want to do so we're going to also talk about the important Social Links that I have so if you come here so if you go to the Cyber mentor.com uh yeah I was downloading some Deadpool stuff you saw the Deadpool in the uh the live scene earlier so what we're doing here with the uh the website is if you have any of the important links you want to get to they're all right here so the twitch I have a YouTube channel as well like I said where everything's going to be stored um in terms of VOD I've got a Twitter Channel if you want to reach out to me and I've got a Discord Channel which many of you are already in so um if you want to come chat with me or chat with other people that are like-minded you're more than welcome to join the Discord channel uh has a little bit of information on the twitch you can see the twitch is live so we're kind of in a twitch seption right here and then uh we've got the YouTube channel as well just a Mo video um so I am going to put it up in courses here eventually I'm going to get it in where I have the information on the course bring it off the Reddit site and put it into here and then there'll be the VOD on the site as well um you can also go to contact And subscribe up here if you have a inquiry for me you can use this form I would prefer that you use Discord or a different way to message me uh this is more for like very very serious inquiries um if you just want to chat with me Discord or Twitter or whatever is much better way I'm way more responsive on those platforms um and then for subscribing to the mailing list then you come into here and you just say put your email address and hit join and then what I'll do is on like the Monday or Tuesday before I'll send out any information that you're going to need for that week um for for some lessons like if we're talking about like the python lesson that's going to be starting next week I may send you guys some things tomorrow to go ahead and get started uh because I think I want you to have some information prior like way prior to the opportunity prior to to study python before I even teach it to you so anyway yeah I had a kissy Deadpool and a heart Deadpool and I had to pick one because the one was a fake uh a fake PNG it looked like a PNG but it ended up being a JPEG and I couldn't use the jpeg so sad feels bad man uh so let's go back into the PowerPoint let's see what else I've got for you yes giveaways so am going to be doing some giveaways this is my personal stuff so it's I would call lightly used or never used bought and wanted didn't really need it or want it um or have a use for it but some of you may have a use for it mostly going to be hack five stuff um like land turtle or a pineapple or a pack of squirrel Etc got a bunch of random stuff I really want to give away so I'm going to share with you how the giveaway works so let me bring this over so we've got currency over here um so you could see by points we've got the currency in terms of how much points you have right and basically the way I've done this is that you get points just for watching um so those who attend those who show up um they they gain more points and the points are how we're going to be um determining what we're what we're doing with the giveaway it's basically going to be a raffle but the more points you have the better off you are right um so some of the settings that I have you become a regular at 2,000 points and we have live payout so if you're here you get 10 points every I don't know 10 minutes or something like that or every six minutes I don't know what the rate is 3 minutes um if you're a sub you get an actual additional 10 points if you're a regular like we just showed up here you get an additional Four Points um and then there's active bonus which is an additional one point if if you're on an event which we are so if you follow you get a free 200 points if you're a sub you get a free 1,000 points Etc so this is just point systems um and then if we come into if you come into mini games there's some mini games that you guys can play if you're bored or whatever you guys can play these little heists or duel or whatever you want you risk points to win uh win currency or whatever so it's gambling for those who who want to gamble uh they are on a time delay and a cool down so like the heist that you just ran you're trying to get a heist together everybody who types in Heist at a certain point will get into that Heist within x amount of time um and then it just kind of goes from there and thank you so much everybody who's subscribing right now um thank you I should say thank you sorry snatch Hammer bammers uh let's see go down the list uh chloro shoe I hope I said that right riving bug uh PF gaming Reckless pancake thank you guys everybody um and so the last thing is when we go into the giveaway where is the giveaways so if we go into giveaway we're going to do a raffle for a prize I haven't determined how much um I haven't determined how much it's going to be yet but what we're going to do if you come into settings here I've given a little bit more luck to regulars and a little bit more luck to subscribers so again it plays in your favor to be a regular to attend um and to watch these streams so the students who come in here and they watch more frequently you guys are going to have a better chance of these giveaways um so in terms of getting a Discord I have not yet for the subs but I will do that that's a great idea so yeah it's rigged you guys lost all your money I'm sorry this is what gambling does it's a lesson in life so that's really it so on a Rand random night any night uh that I stream I may give something away so if you guys are are watching and you uh are here for the giveaway then you'll have the opportunity um and thank you Mr deviot for the sub so that is that for the course overview let's go ahead and move on so the first thing we're going to talk about is just really quickly installing our Cali Linux so you should by now have have open your VMware Workstation I'm on 12 player still so you're probably on like 15 or something it should look very similar the aspect of what we're going to do is we're going to go into player here we're going to go into file and then we're just going to say open and it goes right to my folder here with this this virtual machine this VMware virtual machine configuration so this 4 kilobyte little file here what we're going to be doing is we're going to double click on it and then we got a couple settings that we're going to add here so what we're going to do is we're going to say okay how much memory do we want well how much memory does your computer have like the computer I'm running on has 32 gabt of ram so I can jack this up a little bit if I want to I typically put it at eight if you're running on 16 or less I would put it at four probably um but it's up to you the the less Ram you have the slower it's going to go also this creates like a page file or some sort of file um that eats up this amount of space on your hard drive as well so expect a gigs of space to be eaten up on your hard drive so if you don't have room be very cautious of that um the other thing we need to set here is your network adapter and we need to make sure that that's set to Gat and not bridged um so we'll use natat the whole course and we're going to say use the use to share the host IP address that's fine okay and then all we're going to do is hit play and that is asking and the weirdest thing I've ever seen this is like a two foot long I I don't even know how to describe look how long this is I've never seen this before anyway it's going to ask you if you see in here it says I moved it I copied it or cancel you're going to say I copied it and it should boot up yeah I copied that mofo I've had more stability with natat over bridg I know some people like to run bridge and I used to run bridge but I've always ran that the only time I run bridge is when I'm doing an external assessment or something where I want to have a dedicated IP or whatever like I can do um port forwarding specifically to that IP address if that makes sense my my router is incredibly weird so I have to have Bridge connection for that but other than that I like using that you guys can do whatever you want but if it doesn't work because you use bridged don't yell at me so usernames root password is root backwards t r and that will get you logged in to your machine well Kelly you're special all right so here we are this is our our Cali Linux machine this is our distribution of Linux that is made for pen testing so when we come into here we have some things on the side panel here are favorites um we'll talk about some of these tools later you'll definitely be using some of these uh most important ones to know is this little ice weasel here is your Firefox I guess it's Firefox now and then your terminals right here this is where we're going to be living most of the time um so the first things first we're going to have our first minimal lesson here in Linux I want you to click on this terminal and open it and then we're going to change our password so we're just going to say pswd and we're going to enter a new password because we don't want to use the default password so what we're going to be doing here is whatever you want it to be and then do it twice all right so now we've got our password set and we are good to go so we're going to put a little back burner on c for now we're going to cover C in a little bit more depth here in a few minutes uh we're actually really doing really well on schedule so we'll have some more time for either Q&A or questions when it comes to the introductory Linux section so when we do this what we're going to do is we're going to go ahead and uh talk about notekee keeping first because you actually have a built-in notekee keeping application in here uh so if we go into I don't even know where it is definitely somewhere in here you guys know where it's at useful applications maybe Evernote yeah let's use Evernote there's cherry tree okay so they took it out actually they have put it used to be keep note that was that came with uh that came with this now they've moved it to cherry tree oh keep notes discontinu that's sad well you guys can use whatever you you want um so if you want to use cherry tree we can open up cherry tree and you can come in here and um and learn about this for this lesson in this course specifically I'm going to show you what I do with keep note um and we're going to go from there but I don't like actually keeping my notes inside of my Linux machine I like keeping my notes on my Windows machine or whatever you're running your VM from uh only because if for some reason you're your machine crashed or you didn't have a backup or whatever you lose all your notes you lose everything so definitely worth keeping them external uh the only reason I want to show keep notice because I thought it was in Cali until just now so jokes on me for not knowing that um but cherry tree is a very good alternative I know some people also use atom as well depending on if it works for you or not um but let me go ahead and bring over my keep note and I'm going to show you some examples of how I take notes so when we're here and we're looking at the notes um I'm starting here with the Zero to Hero and how I kind of like to take notes so if we're doing introductory Linux um I'm going to break this down kind of into sections tonight and what we can do is okay say I want to do introductory Linux and I'm going to be covering something called navigating the file systems how you get around the file system in terminal um if we look through here there's a bunch of different commands that we're going to be covering uh and we can go into here and like click on them and we'll have notes for each command that's one way of doing this so you kind of have topic subtopic and then sub subtopic um very very organized and another way to do that is okay I don't want to have all these little sub they're called children or child uh categories instead you can just come and and put them in here so you can say uh print working directory okay PWD here's a picture what that might look like or change directory here's a print uh what that might look like um so you kind of just go through now when it actually comes down to things I'm going to show you my note books uh so without clicking on anything because it is confidential information so I'm taking a course right now wtex through e-learn security um you can see that I actually create a folder for the chapter and then they have um they have subcategories right and then they even have lessons inside of those categories so for data encoding Basics I have something for URL HTML Bas 36 base 64 Etc I break it down um to the very specifics because if I want to search through this and I want to know something right away I can kind of just come down drill down into these and find it really easy um we're not looking through any sensitive information this is all in a syllabus my friend so ocp same thing like look at the notes the amount of notes that I took during the ocp and they're all done by chapter exercises and machines right and that's without showing you anything at all right you can just see the amount of data that I put in here so again you can see chapter 1 1.1 1.2 and even the subcategories as well so when we talk about a real client sometimes if we're if we're going through a real client and this is kind of an example company I've kind of blurred it out because I had to take pictures um and just show you but like so I made this example company this was an internal assessment that we did and you come through here and say okay well I did an internal assessment what are some things that I have well I have cracked hases that I found so if I have some cracked hashes for user one 2 3 at Corp um these are the hashes the passwords that I found I might be able to use those later just some notes for myself uh the vulnerabilities that I find so if I come in here and I say okay well I found L M&R poisoning um here are the you know the usernames the hash Etc the machine that I found it on whatever this is just a proof picture um and I'll show you guys how I'm how I'm taking screenshots we're actually going to get to that so when you come through here same thing token impersonation I come through and I say okay um here's the screenshots that I do and what you want is you want as much information as possible now this here what you're looking at is actually me doing a rush job I am not I'm not in here like on any of these you don't see me putting in um for a lot of them like the the machine I was on what time it was at uh you know as much information and detail as you can get possible the better what I do with these is when I go back and I sit down and I write my report I come in here and I say okay well there was L M&R poisoning and then what I do is I say okay well let me write that in and then what I'll do is I'll say okay I've written that so then I put a check mark next to it I know I wrote it and then we come down here and we do that for all of them and then some other things that you want to know is you say okay what pass to domain admin did I have so for this one we did LL M&R poisoning we cracked a half and then we did token impersonation to get domain admin um what strong controls do they have well they caught us scanning they caught us when we created the domain admin account um just some notes that you have in here the more detailed the possible as you can see there's not a lot of details in here when you came in here all I've got is the screenshots not really a whole lot else now many of you are asking what my screenshotting tool is and I prefer greenshot and I learned today from Kelly that you actually cannot use greenshot on Linux so you're on your own for a Linux solution but if you come out here to greenshot it's very nice all you have to do for me is all I do is hit print screen and if you guys can see this you can't but you basically I get a an arrow here and I grab it and I can just select the screen like that right and then I could say open an image emor editor here let me drag this over for you guys so I just took this little screenshot it zooms in for you oh you can see it freezes my screen on my end sorry guys um and so some of the nice things that it has like you come in here and you got effects like I like to put a border on my pictures okay automatic border um if I'm running like a black Cali I can invert the picture and make it white um so like for the reporting and stuff you don't want you don't want a black screen you actually kind of want white on the background so if you're taking screenshots of the black background very ni nice to have um it's got a highlighting tool so like I want to point out something specifically on that screenshot really nice uh it's got ausc so if I wanted to blur out this word here I could just say Okay I want to blur that word out so this tool is really really handy when you are making um making your reports this is called Green shot night of the ninth nut can't believe I just said that anyway it's called Green shot um basically it just replaces your print screen feature so instead of when you hit print screen it allows you to um drag and select and then if you wanted to actually um do a print screen there's like control print screen or something else that allows you to take a screenshot of the whole screen um hey thanks Nate that's awesome so it looks like flame shot works yeah some of you guys have some really good usernames I I'm digging it all right so we are 8:30 we are really good schedule guys so in terms of notes like this is really what you want you want uh a note you want to show as much information in like the screenshots that you can like if we go back into my keep note and we look back like um you want to see like see how I highlighted I got the I can show that I've captured a hash or whatever and a lot of times we'll blur this hash out uh that way like or if it's cracked we'll blur the cracked part of the password out that way if we release a report nobody knows uh what the password was same thing with like token impersonation you want as much information as possible in these um so really cool stuff um and that's really it so just as much detail as you can get as possible because as a pentester you may have to go back and rely on your notes and your notes are everything so if you're on an assessment and you're on site and you only have so much time on site if you didn't take a note or a screenshot or you know the right kind of things that you needed and you go back to write your report and you're going to say hey I needed that well you're screwed um you either have to go back on site you have to somehow ask the customer and they like figure out that you messed up somehow one way or another right so good call out on the flame shot I've never heard of it but I'll have to check it out looks like it's uh pretty good all right so I'm going to take a quick sip here of my lovely beer and then we are going to dive right into Linux so I do recommend that you take notes if I go too fast this does have VOD for you guys I'm going to try to talk slower the notes are stored in a folder on the desktop or wherever you save it so they store into a folder and then into subfolders inside that folder how much time do I spend on notes for the ocp um I got through the like the note guide the lab guide in seven days my goal was to get it done in a week labs and exercises or whatever for the most part there were some of them I couldn't get through that fast some of them you had to be in the labs to figure out for a little bit but uh that was seven days of work plus whatever you saw with the um with the machines just was kind of as I went and those were a little bit different let me see if I can click in there without revealing too much information so like if you look like say this machine this is well known okay say I had the machine number and the name I did my scans my TCP my UD P I had the vulnerabilities I found the exploits I found the information that I found post exploit whether it was Network information valuable information any hashes or passwords I found and then proof pictures so you can see I really organized It Out by machine 2o because you never know when other things are going to come up you don't know what machines are talking to other machines um and this is all kind of stuff we'll touch on and learn and I'll kind of guide you on how I want you taking notes as we go and get into this um but for the Linux section you really don't need that as much um it's just kind of going to be by hand and taking notes as you go if you find something interesting that you don't know um and then watching it later if you really are new to Linux you guys are getting rich over here okay so let's go ahead and hop right into C I like VM on Cali we have machines that we use like laptops that we use just specifically for Cali for work um if you want to go that route you're more than welcome to go that route I just I like having in a VM for like pen testing and it's more flexible because there's some things that you want to run in Windows some things you want to run in Linux um you know for me it's about flexibility but for some people you know everything can be done through Cali so let's log back in all right let me get my notes up because there's no way I'm going to remember everything I want to teach you guys that sounds like a lot of work red finale I like my distribution cuz C just comes with everything pre-built I know I know some people that do that I just don't like doing that I know a lot of web app people that do that specifically they'll just install the tools they need on on a distribution but and you never know what you're going to need so I'd rather just have everything instead of having you know the tools I like all right so what we're going to do in here is we're going to talk about navigating the file system now so all this is going to be about is how to get around um how to look at files and how to you know find files so the First Command I'm going to show you is PWD which stands for print working directory so what this means is it just says Hey print where I'm at what's the location I'm at you see right now we're in the root folder okay so if we want to move to a folder we can use that with something called CD so that's change directory so if we want to change directory well how do we know where we can go we can hit tab twice and see where we can change to out of this folder um and that'll give us some some ideas right so okay let's say we want to go to desktop so we say CD desktop now if I start just typing in desktop and I try to hit tab to complete uh it doesn't work because Linux is actually case sensitive so we have to type it like that but you can use tab to complete see I have desk I hit Tab and it autoc completes so if we hit enter here here you could see now that things have changed into desktop and actually let me make this a little bit bigger uh let me see if the plus works it never does for me okay that way you guys can see so now you can see that we're in desktop here and if we wanted to go back a directory we could say CD dot dot okay and now we're back into this little Atia right here which is our our root folder right and if we try to CD do dot again okay we go into like this forward slash of a folder it's like a base folder for us now if we CD do dot one more time we don't go anywhere so we are in the the lowest that we can go in terms of a directory right uh from here we can actually say okay what do how do we see what's actually in this folder well we could do a tool called LS which stands for list and we just say LS okay so in this LS we see that we have some some files it looks like and some folders here we've got a home folder media root CIS um and we could try to go into these so say we want to go into home we could just say CD home like that we'll go right back into our home folder we could say LS in here and there's 's nothing in the home folder so from here what we can do is we can actually also use change directory from outside of the folder that we're in so right now we're in the home folder right but say that we wanted to go into the root folder that we were in originally see this root folder well if I start typing in CD root and I autoc complete here it's just not working well that's because we'd actually have to put a forward slash in front of it because we're going to call it from where it actually is it's in this base folder of a forward slash and then we're going into root so we can change directory and call directories from locations other than where we were at so right now we're in root and if we LS okay we have all these folders here desktop documents Etc again with ls we don't have to be in the location that we need to be in so we could say LS desktop and it'll LS what's actually in the desktop from where we're at okay so the next thing I want to show you with this is the make directory and remove directory features so we can say we want to make a directory let's just call this new say make dur new and if we say LS you could see that the new folder has been added and then if we say remove directory new we say LS you could see that that new folder has actually been removed so easy way to make a directory and remove a directory and if we look in here there's another thing we can do that's a trick and we can say LS but we can actually say- La we're list all now this is really interesting we're going to cover this a little bit here in a couple minutes so when we look at lsla you you could see that there's some stuff in here that we actually never saw all these dots that are in front of these files or these folders well those are actually a hidden file right so we didn't see them with a normal LS but we did see them with an ls- LA so if you're pent testing a Linux environment it is always smart to try to say ls- la because you never know what is hidden or what you might be missing and that goes especially for capture the flag type thing because sometimes they like to hide stuff on you um in really really basic locations so it's always worth a try to see what's going on in here okay so from there when we talk about navigating the directories one thing we can do is we can copy remove and move files so I'm going to say I want to say Echo hello and I'm going to put that into a new file we'll just call it new. text and we'll cover how to make new files in a little bit so if we say LS you can see that new. text is here and I just want to copy this file so if we copy this file we can copy new. text and we can place it wherever we want let's say we want to place it on the desktop we'll call it new. text there so if we LS you can see that new. text is still here but if we LS the desktop you can see that new. text is there as well so what copy does is creates a copy now let's go ahead and remove the file from the desktop and again remember we don't have to be in the directory that we're in so let's go ahead and remove desktop new. text okay so that's how you remove a file is RM now if you want to move a file as opposed to copy a file you could say move MV new. text into desktop new. text and if we LS here we see that that's gone and if you saw my desktop you saw it came up but if we LS the desktop new. text is there so an Nifty little trick I want to remove that new. text file again if you hit the up Arrow a couple times you could see where we actually removed it from the desktop I'm just going to run that same command again and there we go it's gone so a couple things that I want to do here I want to create a new file again I'm going to create this same Echo hello new. text and I want to find that file so I say locate new. text okay well I found that what's new. text but that's not the file we're really looking for uh okay so what we need to do is we actually need to occasionally run this command it's called up upate DB you're updating the database let's try it again aha so now it shows up so any new files or folders that come up um we might need to run update database to see where they're at but now we can just use that locate command to quickly find a file that we're looking for so we've already actually covered the password command so I'm going to go ahead and skip that and the last command in this section of navigating the file system that I want to show you is important um outside of Google being your best friend Google's always your best friend but if you need something quick and dirty uh man is going to be your second best friend so you say man which stands for manual and we'll say man LS let's look up the ls command and we come in here and we say okay it tells us the name which is LS this is going to list directory contents it gives us the description the synopsis and it says okay what do some of these entries do so we can kind of scroll down and look through these and see what they do so remember we did A- a earlier well that stands for all and it says do not ignore entry starting with a period remember those are our hidden files okay so let's look at what the L stands for okay so it says use a long listing format remember the things that were off to the left that was kind of all jumbled together um that is the long listing format we're going to talk about that in just a second here actually we're going to go right into that now now so when we talk about the long listing format if we come in here and let's go to the desktop actually cu no we're we're here I lied okay so we got the new. text file that we created let's say ls- la again and we'll look through this so you see here there is all this jumbled mess over here so when we talk about this first row this first line here this first letter this D stands for a directory so if it has a D in front of it it's a directory it's also colorcoded so blue is a directory and if you are seeing a dash in the front that's actually a file so you can see this new. text that we created is sitting here as a file and then you're actually broken down into three groups here where the term rwx stands for read write execute so we have three options set up here if it's switched on it'll show if it's switched off it'll be a dash so if you look at the file new. text you can see it's read write but not executable and then here it's read and then here it's read so these three groups this first group here this is the file or folder owner the second group here is the group owner and then we have all of the permissions so if you're the file owner which is root we are these are the permissions we have right now we can read the file and write the file but we can't execute if I created a new account for say Bob then Bob could come in here and Bob only has read access he can't write to this file or do anything because he's not the file owner unless we put him into a group or made him the file owner so now what we can do with this is we can actually use something called chod which stands for change mode now there's a couple different ways we can do this so there's a numbering system we could say change mode 777 now 777 on new. text will give it read write exec for every single thing I don't like really doing that unless we have to but I do like using this instead I like using plus X this means we can use execute on that file so let's say new. text with execute and then you come into here and you say okay well let lsla again and it turns a shiny green that means that it's executable and that gave that permission not to just me but it gave it to everybody so what we do here is when we're using this execute this comes into importance when we're trying to write our own scripts or we're trying to use other people's scripts that we download or um we're trying to run an exploit later on the course you'll see really its importance but we need to have a file executable because if we make a script and I actually show you in this lesson why it's important uh a little bit later what you do is you have to have it executable in order to execute it if that makes sense it should um so if you tried to run like say A bash script and it wasn't executable it's going to say hey I don't know what you're talking about can't run this right now um so very important when we want to run a script or python or whatever we doing that we needed to be executable okay moving on we're going to talk a little bit about um users and some important files here as well we're never covering the remove RF you're funny that's the alt f4 time 100 um anyway so when we come into here a few things I want to show you so add user is the first thing I want to show you so let's just say we want to add user H we'll call him Bob okay we're we're making a guy named Bob you can make boss password whatever you want okay and then you come in here you can enter information or not hit enter awesome so let's look at Bob now so if we come into here and we say all right what are some important files that deal with users and you're going to be asked this on a interview you're going to find this um you know when it comes to just pen testing you're going to find this when it comes to capture the lag a lot of times you're going to need to know these files right so one of the most important files and we're going to use a command called cat is the Etsy password file now the Etsy password file is called the password file though it does not store passwords it used to way way way back in the day store a password now it provides a placeholder of an x uh for a different file called Shadow file but you can come into here and you can see information you can see who the users are you can see that there's root and you can see what their uid is ETC well if you scroll down typically you get to the bottom you find the users that are actually on the machine as well other than root so when we talk about those users we say okay well we just created Bob Bob's in this group 1,000 that's pretty standard um and that's that's about that's that's all that's here if we kind of look through this these are all just kind of system user accounts that we really don't have a lot of interest in um we're really concerned with root when we're pen testing and we're really concerned with the users that we have uh for the most part especially when it comes to like Capture the Flag type stuff so you can also say LS ety Shadow here and look at the shadow file and I said LS I meant cat I'm sorry spaced okay yes beef the hook the hooker of the pen testing world is beef okay you come into here you see this this hash right and you have this hash information this is the this is the No No that you should never give access to right this is the root should only access and that's pretty much it because I've got the hash for Bob I've got the hash for root here and we could in theory um crack these hashes right and it would probably be pretty easy so um if I came into here and we can use a tool later on that I'll show you it's called unshadow basically you take this hash or this Shadow file and this password file and you kind of combine them together what it does is it takes the root it places this hash in place of the X and then it runs the rest out into here you can run that through John or you can run that through hashcat or whatever and um you can attempt to crack it uh does it have the salt listed with it if it has a salt it doesn't mean it can't be cracked it's very I mean these ones are very well known and crackable if we ran these through um I bet for Bob what I put Robert 123 for his password so I'm pretty sure you could crack that fairly easy with with hashcat and a decent password list um it knows the mechanism there's a donate button if you guys are really concerned with donating uh there's patreon and there's a donate button down below if you're on a phone it doesn't work out as easy uh there's an info button if you're on the app there you go yeah there's the streamlabs Donate thanks guys I really do appreciate that um okay so we're going to cover these files more in depth and how to crack these I do have a video on how to crack um how to crack these passwords or the Linux passwords with hashcat uh if you're interested in that you're more than welcome to check out YouTube it's one of the more recent videos that I have on there and then um we'll cover that and its importance more later down the road but just knowing that the Etsy password contains the users and the Etsy Shadow file contains the hashes is what's most important so in terms of other users and permissions and things like that a couple more important things we need to do there is something called Su which stands for switch user so if we say we want to switch user to Bob as root we can just go ahead and do that so now we're Bob now if Bob and we want to cat out that Etsy Shadow file we do not have permission to do that because we are not a pseudo s d o e r if we're not in the pseudo file we do not have permission to do that um if we tried we could try to pseudo cat Etsy Shadow and then we type in Robert 123 which is why I made the password it says Bob is not in the sudor file this incident will be reported so basically pudor is the uh permission for us right it's kind of like the permissions file it allows us to to have access or not to have access where does it get reported to I don't know that's a great question I have no idea so uh if anybody knows that I know some of you guys know a lot more Linux than I do so please go ahead and and tell me where that is because I'd love to know um but anyway so we can't we can't do any permissions with him if we did we'd use this the command called pseudo so you if you're a lower level user you're not root then you would need to run pseudo in front of your command in order to execute it at a higher level he gets inv logs we can look this up I'm I'm down we've got extra time tonight so um we can go we're going to say switch user with a dash see if this works okay and we're root the dash just puts us back to root uh you have to cat out the V the root file and VAR me what are you talking about VAR log can we CD no yeah maybe [Music] uh what's the most recent people hold on what are we looking for where's our we got March 20th CIS log user [Music] log 20 46 that's not recent 2055 is more recent yeah Cy log all right uh let's try something let's try grap Bob no grab Bob grap pseudo no I just catted it I don't it's not if you see the Devar mail and LS you get a file that says root VAR log off. log all right thanks Davey change user Bob information Bob is not in sudor oh Bob's in trouble now guys Bob is in trouble now you found it thanks Davey Dave's the best all right so that really that covers it for the users and privileges um so next we're going to go into some common Network commands so let's go ahead and talk about those um so the first Network command that you should know probably the most important command that you should know is if config okay if config is similar to IP config if you are a Windows user all this does is print out your information so you can see my ipv4 address address here inet 6 is your IPv6 address you've got your net mask your broadcast E

Original Description

TCM Security Black Friday sale is happening now through December 1st at 11:59 PM ET! https://www.tcm.rocks/acad-y-2025 - Get 50% off your first payment to the TCM Security Academy https://www.tcm.rocks/certs-y-2025 - Take 20% off certifications & live trainings! https://www.tcm.rocks/ultimate-y-2025 - Save up to $1000 on exclusive certification bundles! Start your 2026 cybersecurity learning roadmap and take advantage of these deals before they're gone! (P.S. when you purchase a bundle or live training, you'll be entered for the chance to win a year of mentorship with Heath!) ❓Info❓ ___________________________________________ Need a Pentest?: https://tcm-sec.com Learn to Hack: https://academy.tcm-sec.com 🔹The Cyber Mentor Merch🔹 ___________________________________________ https://teespring.com/stores/the-cyber-mentor 📱Social Media📱 ___________________________________________ Website: https://thecybermentor.com Twitter: https://twitter.com/thecybermentor Twitch: https://www.twitch.tv/thecybermentor Discord: https://tcm-sec.com/discord LinkedIn: https://www.linkedin.com/in/heathadams 💸Donate💸 ___________________________________________ Like the channel? Please consider supporting me on Patreon: https://www.patreon.com/thecybermentor Support the stream (one-time): https://streamlabs.com/thecybermentor Hacker Books: Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX The Hacker Playbook 3: https://amzn.to/34XkIY2 Hacking: The Art of Exploitation: https://amzn.to/2VchDyL The Web Application Hacker's Handbook: https://amzn.to/30Fj21S Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx Linux Basics for Hackers: https://amzn.to/34WvcXP Python Crash Course, 2nd Edition: https://amzn.to/30gINu0 Violent Python: https://amzn.to/2QoGoJn Black Hat Python: https://amzn.to/2V9GpQk My Build: lg 32gk850g-b 32" Gaming Monitor:https://amzn.t
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from The Cyber Mentor · The Cyber Mentor · 28 of 60

1 Buffer Overflows Made Easy - Part 1: Introduction
Buffer Overflows Made Easy - Part 1: Introduction
The Cyber Mentor
2 Buffer Overflows Made Easy - Part 2: Spiking
Buffer Overflows Made Easy - Part 2: Spiking
The Cyber Mentor
3 Buffer Overflows Made Easy - Part 3: Fuzzing
Buffer Overflows Made Easy - Part 3: Fuzzing
The Cyber Mentor
4 Buffer Overflows Made Easy - Part 4: Finding the Offset
Buffer Overflows Made Easy - Part 4: Finding the Offset
The Cyber Mentor
5 Buffer Overflows Made Easy - Part 5: Overwriting the EIP
Buffer Overflows Made Easy - Part 5: Overwriting the EIP
The Cyber Mentor
6 Buffer Overflows Made Easy - Part 6: Finding Bad Characters
Buffer Overflows Made Easy - Part 6: Finding Bad Characters
The Cyber Mentor
7 Buffer Overflows Made Easy - Part 7: Finding the Right Module
Buffer Overflows Made Easy - Part 7: Finding the Right Module
The Cyber Mentor
8 Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
Buffer Overflows Made Easy - Part 8: Generating Shellcode and Gaining Shells
The Cyber Mentor
9 HackTheBox - Sunday Walkthrough (Re-Up)
HackTheBox - Sunday Walkthrough (Re-Up)
The Cyber Mentor
10 Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
Networking for Ethical Hackers - TCP, UDP, and the Three-Way Handshake (Re-Up)
The Cyber Mentor
11 Networking for Ethical Hackers - Network Subnetting (Re-Up)
Networking for Ethical Hackers - Network Subnetting (Re-Up)
The Cyber Mentor
12 Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
Networking for Ethical Hackers - Network Subnetting Part 2: The Challenge (Re-Up)
The Cyber Mentor
13 Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
Networking for Ethical Hackers - Building A Basic Network with Cisco Packet Tracer (Re-Up)
The Cyber Mentor
14 HackTheBox - Fighter Walkthrough (Re-Up)
HackTheBox - Fighter Walkthrough (Re-Up)
The Cyber Mentor
15 Beginner Linux for Ethical Hackers - Navigating the File System
Beginner Linux for Ethical Hackers - Navigating the File System
The Cyber Mentor
16 Beginner Linux for Ethical Hackers - Users and Privileges
Beginner Linux for Ethical Hackers - Users and Privileges
The Cyber Mentor
17 Beginner Linux for Ethical Hackers - Common Network Commands
Beginner Linux for Ethical Hackers - Common Network Commands
The Cyber Mentor
18 Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
Beginner Linux for Ethical Hackers - Viewing, Creating, and Editing Files
The Cyber Mentor
19 Beginner Linux for Ethical Hackers - Controlling Kali Services
Beginner Linux for Ethical Hackers - Controlling Kali Services
The Cyber Mentor
20 Beginner Linux for Ethical Hackers - Scripting with Bash
Beginner Linux for Ethical Hackers - Scripting with Bash
The Cyber Mentor
21 Beginner Linux for Ethical Hackers - Installing and Updating Tools
Beginner Linux for Ethical Hackers - Installing and Updating Tools
The Cyber Mentor
22 Cracking Linux Password Hashes with Hashcat
Cracking Linux Password Hashes with Hashcat
The Cyber Mentor
23 Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
Reminder: Twitch Hacking Live Stream Tonight! 2/26/19 at 8PM EST
The Cyber Mentor
24 Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
Hacking Live Stream: Episode 1 - Kioptrix Level 1, HackTheBox Jerry, and Career Q&A / AMA
The Cyber Mentor
25 Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
Hacking Live Stream: Episode 2 - HackTheBox Active, Vulnserver Buffer Overflow, and Career Q&A / AMA
The Cyber Mentor
26 Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
Hacking Live Stream: Episode 3 - Hack The Box Blue, Devel, and Career Q&A / AMA
The Cyber Mentor
27 New Zero to Hero Pentest Course, New Website, and 2K Subs?!
New Zero to Hero Pentest Course, New Website, and 2K Subs?!
The Cyber Mentor
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
Zero to Hero Pentesting: Episode 1 - Course Introduction, Notekeeping, Introductory Linux, and AMA
The Cyber Mentor
29 Zero to Hero Pentesting: Episode 2 - Python 101
Zero to Hero Pentesting: Episode 2 - Python 101
The Cyber Mentor
30 Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
Zero to Hero Pentesting: Episode 3 - Python 102, Building a Terrible Port Scanner, and a Giveaway
The Cyber Mentor
31 Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
Zero to Hero Pentesting: Episode 4 - Five Phases of Hacking + Passive OSINT
The Cyber Mentor
32 Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
Zero to Hero Pentesting: Episode 5 - Scanning Tools (Nmap, Nessus, BurpSuite, etc.) & Tactics
The Cyber Mentor
33 Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
Zero to Hero Pentesting: Episode 6 - Enumeration (Kioptrix & Hack The Box)
The Cyber Mentor
34 Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
Zero to Hero Pentesting: Episode 7 - Exploitation, Shells, and Some Credential Stuffing
The Cyber Mentor
35 Installing Windows Server 2016 on VMWare in 5 Minutes
Installing Windows Server 2016 on VMWare in 5 Minutes
The Cyber Mentor
36 Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
Zero to Hero: Week 8 - Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
The Cyber Mentor
37 A Day in the Life of an Ethical Hacker / Penetration Tester
A Day in the Life of an Ethical Hacker / Penetration Tester
The Cyber Mentor
38 Active Directory Exploitation - LLMNR/NBT-NS Poisoning
Active Directory Exploitation - LLMNR/NBT-NS Poisoning
The Cyber Mentor
39 Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
Zero to Hero: Week 9 - NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
The Cyber Mentor
40 Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
Zero to Hero: Episode 10 - MS17-010/EternalBlue, GPP/cPasswords, and Kerberoasting
The Cyber Mentor
41 Writing a Pentest Report
Writing a Pentest Report
The Cyber Mentor
42 Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
Zero to Hero: Week 11 - File Transfers, Pivoting, and Reporting Writing
The Cyber Mentor
43 The Complete Linux for Ethical Hackers Course for 2019
The Complete Linux for Ethical Hackers Course for 2019
The Cyber Mentor
44 Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
Full Ethical Hacking Course - Beginner Network Penetration Testing (2019)
The Cyber Mentor
45 Popping a Shell with SMB Relay and Empire
Popping a Shell with SMB Relay and Empire
The Cyber Mentor
46 Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
Pentesting for n00bs: Episode 1 - Legacy (hackthebox)
The Cyber Mentor
47 Pentesting for n00bs: Episode 2 - Lame
Pentesting for n00bs: Episode 2 - Lame
The Cyber Mentor
48 Pentesting for n00bs: Episode 3 - Blue
Pentesting for n00bs: Episode 3 - Blue
The Cyber Mentor
49 Web App Testing: Episode 1 - Enumeration
Web App Testing: Episode 1 - Enumeration
The Cyber Mentor
50 Pentesting for n00bs: Episode 4 - Devel
Pentesting for n00bs: Episode 4 - Devel
The Cyber Mentor
51 Pentesting for n00bs: Episode 5 - Jerry
Pentesting for n00bs: Episode 5 - Jerry
The Cyber Mentor
52 Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
Web App Testing: Episode 2 - Enumeration, XSS, and UI Bypassing
The Cyber Mentor
53 Pentesting for n00bs: Episode 6 - Nibbles
Pentesting for n00bs: Episode 6 - Nibbles
The Cyber Mentor
54 Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
Web App Testing: Episode 3 - XSS, SQL Injection, and Broken Access Control
The Cyber Mentor
55 How NOT to Approach a Cybersecurity Mentor
How NOT to Approach a Cybersecurity Mentor
The Cyber Mentor
56 Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
Web App Testing: Episode 4 - XXE, Input Validation, Broken Access Control, and More XSS
The Cyber Mentor
57 Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
Pentesting for n00bs: Episode 7 - Optimum (hackthebox)
The Cyber Mentor
58 Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
Pentesting for n00bs: Episode 8 - Bashed (hackthebox)
The Cyber Mentor
59 Pentesting for n00bs: Episode 9 - Grandpa
Pentesting for n00bs: Episode 9 - Grandpa
The Cyber Mentor
60 Top 5 Internal Pentesting Methods
Top 5 Internal Pentesting Methods
The Cyber Mentor

The video introduces the Zero to Hero pentesting course and covers setting up a pen testing environment, notekeeping, and introductory Linux, providing a comprehensive foundation for beginners in cybersecurity and penetration testing.

Key Takeaways
  1. Download and install Cali Linux
  2. Set up VMware and configure the virtual machine
  3. Use Cherry Tree for notekeeping
  4. Learn introductory Linux commands and file system navigation
  5. Use Atom for note-taking and organization
  6. Take detailed notes on commands and vulnerabilities
💡 Effective notekeeping and organization are crucial for successful penetration testing and cybersecurity, and using the right tools such as Cherry Tree and Atom can significantly improve productivity and efficiency.

Related AI Lessons

Up next
Cyber security threats @FameWorldEducationalHub #cybersecurity #threats #shorts #ytshorts
FAME WORLD EDUCATIONAL HUB
Watch →