Google's Bard AI: The Next Generation of Ethical Hacking

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
foreign [Music] welcome back to another Nielsen networking video I am going to show you how Bard which is Google's answer to open AI slash Microsoft however you want to spin it their chat GTP can be used to help you with ethical hacking and for those of you who haven't heard of chat gkp or Bard you know maybe you've been under a rock as they say or you know you haven't been on the Internet or YouTube or anything in a year uh what they both watch out GTP and Bard R is known as a large language model Ai and they are both equally capable of wondrous yet very scary and dangerous things and I say that because on one end of this spectrum you know on the Wonders end of the spectrum we have you know the capability to write an essay the capability to write a book technically if you wanted you could um troubleshoot your code you could have chat GTB write your code you can have them write your AIS you know um you could even have them write your grocery list if you wanted but then there's on the other end of the spectrum let's call it the dangerous nefarious end of the spectrum they can write you malware they can assist you in writing phishing emails that look legitimate that don't have the common spelling grammar or sentence structure problems that you're used to seeing in phishing attempts so it's a game changer on both sides of the spectrum good and bad so as anything in life it all depends kind of who's yielding that resource and that's going to depend how the outcome comes so if that even with English right there but you know what I mean uh that said I have used both of these platforms extensively I was an early adopter of chat GTP I I was a big fan I still am a big fan I think it's wonderful but I have to say as of late it's been a pain to use my responses get cut off even on the page subscription responses don't always go up um the response time is super slow uh it just hasn't been a great experience so I actually decided to get bar to try I'm like I heard some good things about a recent press release that Bard you know has caught up in their stock apparently if people are like and it's gone up a lot in the last couple days it's up they're doing something and something big was drawn to Bart and then I tried it out and I I've fallen in love with it when I first tried it a couple months ago it wasn't as as good and I think I was you know like everyone else I jumped on the bandwagon with chat GTP but I can say now I will if I was given the choice which I am of GDP or Bard I'm going with Bard as of now that might change in the future but as of now I like Bart I like that it gives me my responses quicker I like that I get better responses I don't have to go back and refine so much I I like that it's a pretty easy signup process I just signed in with my Google account boom I'm in don't have to go through the you know the ringer of this then my access because I did myself and I can't change my cell phone there's all these things I just didn't really care for with open Ai and chat GTP that I've never experienced with Bard so I'm off my soapbox now this is a Bard video and specifically a barred video to uh go over how it can assist with some ethical hacking practices and we're going to Target a few in this video and they're going to be how it can help with uh making your life a little bit easier when using nmap when using ARP and when performing a DNS enumeration and again we're just going to scratch the surface of three things I thought would be helpful to my audience out there I could go on and make a five hour video about what you could do with this thing and all you know about some ideas I might not show you them but things that this is capable of and you'll see those ideas as we go through the video today so enough chatting let's get to it all right and as always for all my videos we will be using my Virtual virtualbox Lab where I will be running a Kali Linux box to perform everything during the video and I also have a metasploitable server up that I spun up so we can test against it so again these are mine and my network and I have permission to do whatever I want and we're going to move on here and we're going to go over and show you how to get to bard.google.com you just take this you know you could go over put it in here hit enter it's going to take you there and there you go first time you go you will need to sign up or sign in using your Google account if you don't have one you'll need to sign up for one and that's that so back at the uh barge screen here where you have a few options over on the left this will hide the main menu if you click this button right here you can reset the chat and what this does it's the same thing as on chat GTP when you click delete and then you hit the Green Arrow it deletes the chat this does the same thing but the difference is this doesn't permanently delete it it just deletes this the current chat you're in so this is a little different than chat GTP you have to go to The Bard activity to see all your bat your you know your bass your past um activity in your different chats so that's how you would do it that's what Bard activity is uh the FAQ you can go in there and read that if you wanted to update you could see the same thing the only other thing worth note here is going to be down here use light theme this won't work for me I don't think because I'm on a dark Chrome theme but if you weren't you could turn on the uh light theme or dark theme whatever you prefer I like the dark theme but to each their own and with that let's go ahead and get started with Bard and it tells you up here it's your creative and helpful collaborator which it really is I don't know how helpful it is but it's definitely uh or I should say I don't know how creative it is but it's definitely helpful um and again this is a like a beta if you will so you'll notice as you go through it it's going to ask you to rate thumbs up thumbs down and all that hooplas I'll show you that let's get started with our first query all right and to get our feet wet I'm just going to ask it a simple question I'm going to say list the top 20 ports and services that are scanned during a one all right and I have a typo there you know what let's just leave it because I bet you it's smart enough to correct it we're going to go ahead and run it for a bullet ability um and there you go pretty cool right quick results you get the thumbs up because we like it good job Google we can also click Google it and it'll give us a little result here then you can go out and get it this is in response I believe to um being and how they're incorporating chat GTP in their search results I guess it's kind of going backwards we're getting the results from Bard and then we can go out to the internet but you know pretty cool stuff there right you could take it a step further and obviously you could say you know like put that list in a script I can run on Linux to display the ports display we don't really need to do this this is just to kind of give you an idea of how the mindset of uh Bard works here so you know here goes it gave us a little script that would um print out the ports and here it tells you the how it would work and here's what it should display when it's ran so pretty cool stuff right there that's not really what we're gonna go down but just kind of give you an overview of what you can do for it so let's go ahead and reset the chat here and let's start on on our first legitimate scan or um query what we want to do and I say scan because we're actually going to be working with nmap here which of course it does network security so the easiest way I have found in the most successful way to get the good results is to open up a document you know word doc um VI Nano You Name It Whatever whatever floats you're about something you can write on you can write it by hand if you want but then you'll have to you know transcribe it into the window here but we want to gather our thoughts and we want to actually think about what exactly what do we want to ask Bard for so I've done that and I've done that and I'm going to paste it in here now and we're going to check it out so what I've said is I want to create a shell script that will allow me to perform nmap scans on Kali Linux I said that because I'm on Kali Linux you could say whatever you wanted or you could have it in python or whatever language you wanted it in uh it's your your input you do whatever you want the program will need a menu that the user can select from the following scans now I picked these scans you know because these are what I felt were the most common scans I use you could put whatever you wanted in here maybe you don't want all these you don't need to I did and for this demo that's what we're going to go with and at the bottom I said the program should prompt the user to enter the address or network to scan um I guess looking back at this right now we probably don't need to do that because admap is going to make you do that but there was a reason I put it in there maybe it wasn't doing it so anyway let's go ahead and hit return here or submit and let's see what we get and it's thinking it's thinking and boom here we go this is our code it's all put out here it goes down here it tells you what to do you get this cool little thing here and you can just copy the code and we're going to do now we're going to hop over to our Linux box and we're going to test this right um and we need to open a terminal here I thought I had one up and we're gonna go over here all right and what we're gonna do is we're gonna go Nano and we're just gonna go and end map Dot and what we're going to do is we're just gonna paste it in here it's all in there I'm gonna save it I'm gonna get out of it and then we're gonna give it some rights to be ran and now we're gonna run it and see what we get all right so it appears that part's working right so let's do a network discovery scan okay and let's do it on my network and just run it here and let's Let It Go and sure enough here are our results and this is the metasploitable Box and here's Kali Linux box it's kind of interesting how I picked up that before that but whatever um so pretty cool right we got what we want there that's pretty basic right um so what if we wanted to add an option to that all right let's go back over to our chat GTB so let's say while we're in the same chat and it is important that you stay in the same chat that we now want to add an option to scan a specific port so sure what we can do is I'm lazy here we can now add a scan option to scan for a specific Port have a program ask you what port to scan so we wanted to prompt us for what port to scan so we're going to say can you do that for us see what it says and that's pretty quick right because that's not as intense as the code we put at the beginning so pretty cool right it even reenlisted it here spelled it out awesome but you know what I don't like that I wanted the vulnerability scan to be the last one so what I'm going to do is I'm going to tell it to move that to option option eight to number five and then move all the elements down right see what we get see this is honestly and I'm not I don't I shouldn't say I don't own Google stocks but I don't know much Google stock but this is much quicker than the responses I get from chat GTP so that's one reason I'm a big guy for Bard right now but let's take this code and let's jump over here and we're going to go back and we're going to get rid of nmap.sh and we're going to go back oops and we're going to open up and we're gonna put the new code right and as you can see eight options and it's ooh did I copy the wrong thing or is it not behaving let's go take a look over here and see what happened um it's interesting I wonder if I copied the wrong code let's try it again let's go back over here let's actually just get out of there let's go back in and let's see okay that's better so what we're going to do is we're going to go out we're gonna hit yes we're gonna save it we're gonna give it rights to run and we're gonna run it again and there you go look we now have the option to run and let's go number five here and let's do it let's go against uh 13 that's our metas portable box let's have a chat Let's scan for DNS see if we got DNS open on that day and it is not oh it is open all right sweet so we now know that's open so pretty cool right that's success and let's say now we want to go back to chat GTP what can we do we okay I know what we'll do we'll kill it we wanna we want an option to exit the program so let's go ahead and put in my pre-written uh script here and what we're gonna do is we're just gonna have it at Option nine that sends a control C to kill the program when selected I could have just loaded the exit but whatever um I'm My Own critic I guess so and the results should return us to the command line so let's go ahead and hit this let's see what it does let's give it a second here and you can see we got the option for nine let's copy the right code this time let's go whoops I do that every time let's go back over here and let's do an RM on that and then let's let's go Nano move fast and now now let's paste in here and then let's do that and let's go there all right so now we're going to run it all right cool we got our exit button right easy oh but it's asking us that's not what we want okay so that oh see that's not what we wanted we wanted it just to get out of there so what we're gonna do we're gonna go back and tell it it did sloppy code right there we're not really going to tell that we're instead we're going to tell it that option nine should not ask for the network when you want to scan can you remove that we're going to see if we'll do it and we got some new code and let's see what it says up here sure the updated script it didn't admit that it had a mistake there that's just interesting a lot of times you'll say oh it's all right so let's go ahead and go back over here let's get rid of it until I've done this before huh and then we're gonna go here and then we're gonna go there and then we're gonna go here and there we go again I'm not working outside and there we go all right so let's try to exit now and boom we're out pretty cool right um the last thing it would be nice well and let's just hear let's double check that this is working so let's just go in here one more time let's do a six and we're gonna do try to find out what OS we're running here on this device let's see what we get here make sure the whole script's working all right so we're good because it is running on Linux a very old version of Linux which is why I have it because it's perfect to uh test against the last thing we're going to do is it would be cool to get those results in a file sure we could just pipe it right there on the command line and it'll probably work but I'm going to have the program give us the option to do it and then we'll move on so what we're going to do is we're going to tell it for each option and you do have to be pretty specific about it because if you just do this it's going to add for option nine which we were just working on what we're telling it right now which would be pointless because we don't we're exiting why would we wanted to write our exiting to a anyways so you need to be specifics for each option after the network rip is input um have it prompt if you want to Output the screen or if we can be written to a file named in map.output so we're going to add that to it and we're gonna wait and you know now we're getting you know this getting pretty technical on this script right here right not bad for uh you know not being python or anything and we're gonna need to go here and copy that we're gonna go back for our final test event map here and let's go ahead and paste this code in here and I'm gonna go there and we're gonna go oops get some rights and now we're gonna execute it and here we go so let's do um let's do seven and we'll go ten zero two thirteen and let's see what we get here and of course as soon as I pause the video it is the results come in so it looks like it's prompting us you want a screen or a file let's do F or file and see if we get the output we want I guess let's clear the screen so you can see what our output looks like and let's cat and map dot output and there you go there's the results in the file so it actually looked like it displayed on both on the screen and in a file but you know what at this point in the video I'm not gonna argue with it it gave us the results we needed and we're going to move on to something else here so let's go ahead and do that all right and to do that we need to go back over to Bart all right we're going to use ARP in our next example and remember you could do this with anything I just chose these three things we're going to go over and map for you know everyone uses nmap or if you don't you better be learning and map I have some great videos on my channel check them out and then ARP I know some some of you might consider it old school depending on uh what you're actually doing in the field of ethical happening or cyber security but it's still very useful and it's important to understand the fundamentals of you know how man in the middle is uh how Matt cloning and all that stuff so you need to know art to know how that works so what we're going to do is I'm gonna just really simply and you know over in notepad plus plus type this up and now I'm going to paste it in there and we're just going to ask it you know write a script these are the options we want in the menu and we're gonna hit enter and we're going to see what Bard comes up with here and let's let's interesting that it already has an address on it um hopefully that's just an example I should pay attention to the code before I held it okay so now we're seeing that little screen where it's actually not showing the um code snippet so I'm going to go over here to the other draft option and see if any of them have it and none of them do so I am not liking that so I'm gonna try resetting the chat putting it in one more time because I've had some really bad results as I said when I don't see that code copy option I've tended to not get the results I want and I'm still not getting it so why okay so here's a snippet option let's give it a shot let's just see sometimes this will work sometimes I'll have to actually go and tweak the code a little bit or not the code the query that I'm asking it so we're going to go over here and we're just gonna do now all right we'll paste it in there we'll save it up give us some give it some rights let's try running it okay so far so good let's see if it actually shows the arc table okay um let's try I don't really want to add or delete anything let's just do eggs let's see if that works okay so so far so good oops my bad let's try this let's see what else let's see what we get here all right so all right so let's try let's do three let's delete ten zero to thirteen let's see if it's not there and now let's try it again and let's see what we get so it's still not showing up there so it doesn't look like that scan is doing it good let's try this here ah just for Giggles so let's go add and let's put a 10 0 2 .13 but let's put it to this Mac oops actually I'm jumping the gun here we gotta hit enter now I gotta put the map all right now let's see we got here all right now here's what interested see we just did we just cloned the Mac see how we're the same here so that's not good you wouldn't want that going down there so technically if you know and again it looks like this is the same because these are the same devices as virtualbox but we just cleaned it here so now if someone goes out there and it's looking for this Mac they would send packets to this IP address which would be the man in the middle uh so that's for that and now let's move on to our last option here or our last example I should say and our last example is going to be we're going to ask um for a quick script that will do DNS enumeration for us and I have the code right here or the code I have the query that I want to put in so I'm going to go ahead enter that and we'll see what we got here and I'm sorry the video went a little longer uh I wanted to give you an actual video that gave you the oh here's my kitty she's sorry it went too long too but I wanted to give you some actual back and forth and let you know that you know you are going to have to deal with this feedback it's not going to be all sunshine and rainbows trying to to get to get this to be what you wanted to it does involve a little pain but it is worth it in the long run to get the results you want so what we're going to do here is we're going to do Nano we're going to go ahead and paste the code in we're going to go ahead and control X figure it out give it some rights and let's run it and let's run it against oops scan me Dot N map.org all right and you can see it you know it's not pulling any M or any record really from there which I guess I wouldn't expect it to other than a record it did pull and ip6 uh a record but no other record so let's just go right to uh nmap itself and map.org all right and there's some more information you can see obviously the EA records and that stuff and then the cname uh MX records SPF records and all that good stuff so that did work very cool um and you know what with that I think we are near the end of the video so if you enjoyed this video feel free to smash that like button we'd appreciate it if you'd like to see future content feel free to subscribe we get a lot of views but not so many subscribers so every subscriber helps us get that count out so you don't miss our future videos all right and take care everyone
Info
Channel: Nielsen Networking
Views: 743
Rating: undefined out of 5
Keywords: google bard, google bard ai, ethical hacking, ethical hacker, ethical hacking tutorial, artificial intelligence, chat gpt, bard google, google ai bard, how to use google bard, google bard vs chatgpt, google ai, chatgpt tutorial, pentesting, cyber security, kali linux, kali linux tutorial, kali linux tools, google bard vs chatgpt vs bing, what is chatgpt, bard ai, ai chatbot, open ai, google bird ai, google board demo, google board, google bard review
Id: 0Mqk3r8elr4
Channel Id: undefined
Length: 23min 31sec (1411 seconds)
Published: Sat May 13 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.