TryHackMe | Nmap Advanced Port Scans | Walkthrough

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome to my channel it's been a week since I upload a video just came by vacation from Hawaii so I look kind of tannish so the this video we're still in the comti pent Test Plus the last series on information gathering vulnerabil scanning and map advaned Port scans so I already load let's see the start machine and yeah so let's get right into it uh today it's going to be nmat Advanced port scan learn Advanced Techniques such as n fin xmus and idle zombie scan spoofing in addition to W FW and IDs Invasion I forgot what's FW but intrusive detection system all right task one introduction as you know guys I'm just showing you how to how to answer the questions please read through each task to get full understanding all right so answer the questions below launch attack Box by using the start attack box button and get ready to experiment with different types of map scans against different virtual machines so click one all right Tas two TCP no scan fin scan and xmus scan so talks about these three different types and it says in a no scan how many flags are set to one okay no scan does not say any flag so Six Flag bits are set to zero all right next one in a fin scan how many flags are set to one so fin scan fin scan so with fin scan set you can set this type again so believe is one right yeah so in xmax scan how many flags are set to one so xmax gets named Christmas tree light X set to Fin psh and urge flly some tasly so looks like it's three and next question start the VM and load the attack box once both are ready open the terminal attack box and use and map to Launch a fin scan against Target VM how many ports appear as open filter okay let's show split view see my face this all right so open the terminal and we're doing a fin scan right so [Applause] let's copy pend map.sf all right that's my IP address so clipboard you can type this out or copy and paste so this is a no scan and fin scan SF okay while it's loading let's see and the next question is repeat your scan launching a no scan against Target VM how many ports appear as open filter okay so while is loading uh as you know guys I'm currently not inti IT industry but I am switching over So currently I am I count certified which is recognized by my work my current work in other Industries it's uh have A+ CS A Plus network plus pendas plus and Security Plus and they're all current I did it in within the last year or so let's see still loading BST all right okay might have [Music] to all right how ports appear to be open one two three four five six seven so it's seven yeah repeat your scan launching a no scan against the target VM how many ports appear as open filter so no scan so it's going to be the same thing but instead of Das SF it's going to be all right while it's loading I want to check all right the next video is going to be I think I did this in previous path so the next one is going be fishing as you can see I'm still working on these uh I think the new updates have created more uh rooms for the pentest see was loading as you can see guys uh we already finish the introduction to cyber security which is 24 hours the pre- security which 40 hours and then the wet fundamentals which is another easy path 32 hours uh the new learning p security engineer 99% I'm pretty sure I have one more room to complete but as you can see just by completing these easy learning paths I'm already the top 1% so 11,000 people all right see how many ports are open one two three four five six seven I think it's seven again right yep there you go all right uh so think you have to terminate this and then start again let's go task three TCP M on scan so it talks about that different type of scan answer your questions below in M scan how many flags are set so as you read the first line it says and the scan the fin and AC K bits are set so it means two right yeah so it talks about the scan all right task four TCP a window and custom scan so talking about different types of scan so in TCP window scan how many flags are set so you go back window scan SC TCP same as AK examp in TCP window w FS of RC St packets are return so I think it's two right or is it one oh it's one okay cuz [Music] uh same same as so similar TCP Windows scan all right the decide experiment a custom TCP scan that's has a has the reset flag set what would you add after dash dash scan Flags hint the reset flag is [Music] rst all right it's reset right so rst yeah that's course the VM receive an update to his farall rule set a new Port is now Allowed by the wall after you make after you make sure you have terminated the VM from task two start the VM for task this Tas already did that launch attack box you haven't done that already once both ready open the terminal on the attack box and use mmap to launch AC scan against the target machine how many points appear unfilter so AC key stand which is we're going to use this one let's try again soste s- SN it's a Oh wrong IP address all right while that's loading all right appears be before on filter what is the new port number di the pier so we're going to mates 2280 so it's 443 that's the new new is there any service behind the newly discover port number hint use the Firefox and browse all [Music] right so it's basically asking to load this no no service as G is not loading so all right Tas five spoofing and decoys so before that let me um terminate this and start this okay all right t five SPO in decoys tell us about spoofing so answer your question is Bill what do you need to add the command pseudo machine IP to make the scan appear as if it's coming from the source IP [Music] 10.10.10 do1 your IP address pure so as you can see disable scan instead of in map you need to issue G spoof so I believe is um s1010 there you go SP next question what do you need to add the command pseudo map and map and then that's my IP current IP address 1010.6 do210 to make the scan appear as it's coming from the source IP address 10.10.20 do2 and 10.10.20 do28 addition to your IP address so need to add command all [Music] right let's try this so as you can see there's a command and then IP address IP address me so I think is this one so so so Dash 101020 21 uh 10.10.20 28 yep it's right here so using these two all right Tas six fra Manet packets all right talks about firewall idea FR Mana packets and answer your questions well in if the TCP segment has a size of 64 and- FF options being used how many IP fragments will you get two incest fragment talks about adding another F will split the data in 16 byte fragments instead of eight you can default by using MTU however you should always multiply by eight so 16 divide by four so 16 * 4 so it's actually four right yeah yeah there we go t seven idle zombie scan all right talks about um talks about Idol and zombie and answer questions below you discover a rarely used network printer with IP address of 10.10.5 do5 and you decide to use it as a zombie in your idle scan what argument should you add to your mmap command so so it's going to be e through here so talks about idle so Dash SII dash s yeah so it just tells about different map commands so you read through it it might look forign to you but you get you get better at it as you practice task eight getting more details as you can see I already load the start machine and the answer questions below launch attack box done so after you make sure that you have terminated the VM from task for start the VM for this task did that wait for it to load completely then open the terminal on T box use the map using m- ss- f - reason 10.10 62 210 to scan the VM was the reason provided stport being open so let's close this or copy clipboards paste what's the reason being open so reason sin d a Cas so that's it all right that was easy so so as example and this is what you use and last one task n summary so it just summarizes all the types of scam uh please read through all this and that's where we went over and yeah these types can rely on settings TCP flags and expected way to promp Ports for reply so you're just seeing which ports are open by using different type scan answer your questions below ensure you have take a note of all import M map options explain this room please join map Post Port scans room the last room of this map series all right that was pretty easy finish you can share on Twitter Facebook on in you like this video hit this the like button subscribe button the notification and comment below hopefully this video helps you to answer these questions um next one is going to be let's see next one's going to be fishing since I already did first three htb in detail a waps top 10 2021 and waps juice box juice shop anyways guys thanks for watching till the next video

Info

Channel: PLei

Views: 148

Rating: undefined out of 5

Keywords: Pentest, TryHackMe

Id: 1Ndgz9RgNhQ

Channel Id: undefined

Length: 20min 19sec (1219 seconds)

Published: Sat Dec 16 2023