TryHackMe | Nmap | Part 1 Walkthrough

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome to my Channel today is Sunday for this recording so today we're going to do end map still part of the beginner complete beginner learning path I reset the end map and I think I'm going to do nine tests out of 15 make it a two-part series all right uh yeah let's get right into it as you know guys uh I'm just going to show you how to answer each Tas read through every Tas to get full understanding this one is about nmap and indepth look at scanning with mmap a powerful networking scanning tool so task one deploy answer your questions below deploy the attached PM so complete and I'm just going to close this out and then task two introduction so it just talks about the history of mmap and the creation so answer the questions below what networking constructs are used to direct traffic to the right application on the server so as you read it says when a computer runs on a network service it opens the network construct call ports the port or ports yeah next question how many of these are available on any network and able computer and as you read through it it says every computer has a total of 65,535 available ports so copy and paste and then says research hel me these are considered well known these are the standard numbers mentioned in the task hint search in Google how many well-known ports are there substituting in your answers to question number one so I'm just going to highlight Google and what's this sure oh I'm going put ports are there there you go 021 12033 or four yeah all right let's go task three end map switches and this one talks about M map right so I already load my start machine and a attack box so Let's uh close this out and type all you need is the help menu right so the N map so n map Dash so here's all the lists of make this bigger all right so answer your questions below what is the first switch listed in The Help menu for sin scan more on this later so skin scan scan techniques and the first one is Dash lowercase S capital S last question which switch we use for UDP scan so as you read through it scan techniques are here Das low lowercase S capital u so some of these are fairly simple next question you wanted to detect which operating system the target is running on which switch will you use so operating system so OS Dash Capital next question M provides to switch to detect the version of services running on the target what is the switch so version detection and I believe is Showcase S capital V next question the default output provided by m map often does not provide enough information for pentest how would you increase the ver verbosity verbosity okay so verbosity increase verbosity uh Sor increase in the output so Dash case v a next question verbosity level one is good but verbosity level two is better how will you set the Robos level to two nope it's highly advisable to always use at least this option so increase and this is right here- V for greater F next question we should always save the output of our scans this means that we only need to run the scan once reducing Network traffic does chance of detection and gives us a reference to use when writing reports or clients which which we use to save the mmat results in three major formats so three major formats format format OS Tech [Music] detection let's see formats okay let's see we switch three major formats so oh yes it is all right here OA outputs three major formats right here all right next question which switch will you use to save the mmat results in normal format and that one so Dash low case o and next question a very useful output format how will you save results in a groupable format that one's easy so it's Dash L case o g and then next question sometimes the result we're getting just aren't enough we don't care about how low we are we enable aggressive mod this is a shorthand switch to activ service detection operating system detection Trace rout and common script scanning how we activate the setting so aggressive is miscellaneous right here so it's d a yeah and then next question map offers five levels timing template these are essentially used to increase speed of your scan speed your scan runs at be careful though higher speed or noisier can incur errors how will you set the timing template to L5 timing template all right timing and performance and this just right here capital T 5 yeah all right so we can also choose which ports to scan how will you tell map to only scan Port 80 all right Port specification scan DP sample so P all right next question how will you tell M to scan ports 1,00 to 1500 again this example right here so Dash case p00 there we go a very useful option that should not be ignore how will you tell mmap to scan all ports so SC common I believe see NOP yeah all ports there you go how will you activate a script from the M map scripting Library lots more on this later so activate script script scan scripting Library so yeah so it has different script scan and last question is how will you activate all of the scripts and full mode category hint there are two variants of the switch one with a space one with EOS sign look at the estrich and the answer field to see which one is it so it's talking about the script equal signs so just by seeing the hint so I'm going do is Dash script equal one yeah there you go all right uh yeah Tas 3 is pretty important get used to it and as you get comfortable it doesn't look foreign as you practice more our task two so we're going to go to scan types they always to Tas n so overview so it talks about TCP sin UTP scan talks about no fin and xess answer questions below read scan types introduction complete test five scan types TCP connect scans so I'm going to ex a split view this talks about the TCP do a shake so answer the questions below which RFC defines appropriate behavior for TCP protocol yeah RFC 7 93 was depreciated and replaced by a new RFC what is it so as you read do this test you can actually open and read about this so it's the RFC 9293 if a port is closed which flag should server sent back to indicate this see and if MF sends a TCP request with sending flag to close Port Target respond with TC with rst reset flag set rst all right next one test six scan type sin scans again talks about Sin scan answer questions there are two other names for sin scan will are day so as you read through the first line says these two scan types are slightly different sin scans are sometime refer as half open or stealth scans so secret have open stealth last question can map use sin scan while suito permissions yes or no let's see actually should read through it I think it says there there are however a couple disadvantage since scan namely the require pseudo permission so yes no all right top seven scan types UTP scans so tell spot UTP answer questions below if a UTP Port doesn't respond to and map scan what would Mark ask let's see when a packet sent to you open UTP Port there should be no response when this happen refers Port being open filter in other words it suspect the port is open but it could be far wall last question when the UTP Port is closed by convention the target sh be sent back port and reachable message which protocol would it use to do so so protocol the target should respond with a ICM all task 8 scan Tes no Fin and XM so these are even stealthier scans I believe so it just talks about these three different types answer questions below which of the three shown scan types used to urg flag so can type [Music] urg and this right here as XM scan that says PS hgf fin so xus why are no Fin and Xmen scans generally used let common generally used steier use firewall that's just right the last that's say the goal here is firewall Invision so stealth scan so yeah stealth your scan so firewall last one is which common OS May respond to no fin or Xmen scan with rst for every port common right here the second to last par particular marasol windows are known to respond rst to any M form TC yeah all right last one for this video so task n scan types icmp Network scanning and it just talks about ping suite and answer questions will how will you perform ping sweep on the 17. 172.16.0.0 X network net Mass 255.255.0.0 using map cidr notation the CI drr notation for a class B network of default net mass is sl16 so we talking about pink sweep so there's two types SN conjunction so we're going to use this one right so it's going to be n map Das 172.16.0.0 sl16 there you go guys all right uh this is a free room so yeah I'm going to stop at task n and you like this video guys please give a thumbs up hit the Subscribe button uh like this video uh hit the notification button and comment on my videos if you like it please give a thumbs up helps uh me motivate and yeah so this part one I'm going to do part two later this week thanks for watching guys peace

Info

Channel: PLei

Views: 55

Rating: undefined out of 5

Keywords: Nmap, TryHackMe

Id: OQ6EFRnOQiY

Channel Id: undefined

Length: 18min 14sec (1094 seconds)

Published: Wed Jan 31 2024