1
00:00:00,550 --> 00:00:04,540
So now we're in the part of a course where we're going to utilize a different platform.

2
00:00:04,540 --> 00:00:07,690
This platform is called try hack me.

3
00:00:07,690 --> 00:00:13,840
Now this Web site is becoming one of my favorite Web sites to use and I'll kind of show you why they

4
00:00:13,840 --> 00:00:19,960
have all different sorts of rooms and actually a lot of these rooms are geared towards beginners and

5
00:00:19,990 --> 00:00:21,780
are free on top of it.

6
00:00:21,810 --> 00:00:26,890
So there's a lot of free access here but I do recommend spending the extra ten dollars a month just

7
00:00:26,890 --> 00:00:29,510
to get that VIP because it really really is worth it.

8
00:00:29,980 --> 00:00:31,060
But you can come in here.

9
00:00:31,060 --> 00:00:37,390
You just click on one of these boxes or you can go buy different sort of learning pass like they have

10
00:00:37,390 --> 00:00:39,010
in OCP learning path.

11
00:00:39,010 --> 00:00:42,280
They have a very basic beginner learning path.

12
00:00:42,280 --> 00:00:47,470
You can click on activities and kind of look through here and just see if you want to learn Linux or

13
00:00:47,470 --> 00:00:53,260
you want to learn the basics of any map or just some of these little things are really nice.

14
00:00:53,260 --> 00:00:57,910
You can also click in some of these and just deploy your own virtual machine you'll need to have to

15
00:00:57,910 --> 00:01:01,570
have a Linux machine like this if you don't have the space for it.

16
00:01:01,570 --> 00:01:02,870
So it's super nice.

17
00:01:02,920 --> 00:01:09,450
Now the reason that I really really like this platform is you can create your own vote vulnerable machines.

18
00:01:09,460 --> 00:01:11,010
And that's exactly what I've done here.

19
00:01:11,020 --> 00:01:18,010
So I've created this Windows print SCA arena and you just come in here and if you click on the first

20
00:01:18,010 --> 00:01:22,750
task it gives you your tasks that you need to do so you can see this room will teach you a variety of

21
00:01:22,750 --> 00:01:29,110
Windows privilege escalation tactics including kernel exploits deal hijacking service exploits etc..

22
00:01:29,140 --> 00:01:33,220
Now this is completely based on this LP workshop.

23
00:01:33,220 --> 00:01:37,090
So if you go to the get hub on this page I'll even link this in the resources.

24
00:01:37,090 --> 00:01:38,890
This is not mine whatsoever.

25
00:01:38,950 --> 00:01:44,500
I did install this on an ISO I did put all the tools on there and I have modified some of this just

26
00:01:44,500 --> 00:01:46,540
to make sure that it actually works.

27
00:01:46,540 --> 00:01:52,220
So I'm gone through and improved it but this is not my script not my box whatsoever.

28
00:01:52,300 --> 00:02:00,310
But this user is kind enough to allow us to utilize this for free as a free license for anybody who

29
00:02:00,310 --> 00:02:04,450
wants to do this if you want to come in here and build your own lab out and have it locally you absolutely

30
00:02:04,450 --> 00:02:05,280
can.

31
00:02:05,380 --> 00:02:11,350
But the very nice thing here is that all you have to do is click deploy and I'm going to make this completely

32
00:02:11,350 --> 00:02:11,740
free.

33
00:02:11,740 --> 00:02:15,500
So I have the option to make this a subscription base or free base.

34
00:02:15,520 --> 00:02:17,470
This is gonna be completely free.

35
00:02:17,470 --> 00:02:22,530
All you have to do is hit deploy and then make sure you're connected to your access tab.

36
00:02:22,540 --> 00:02:23,620
So you click on access.

37
00:02:23,620 --> 00:02:27,860
The only reason I'm not going to do that is because it's going to display your public IP.

38
00:02:27,880 --> 00:02:33,820
So I'm just going to for just tell you you go to access download your open VPN connection file and log

39
00:02:33,820 --> 00:02:35,950
in via the open VPN.

40
00:02:35,950 --> 00:02:41,280
And then once you're deployed you come in here and you just get connected to the machine.

41
00:02:41,300 --> 00:02:46,850
So all I want you to do at this point is I want you to come in here open new terminal and it might take

42
00:02:46,850 --> 00:02:48,500
a minute for the pain to come through.

43
00:02:48,500 --> 00:02:54,940
So check your check your I.P. address and just give it a good paying and wait.

44
00:02:54,940 --> 00:02:56,690
So that comes through.

45
00:02:56,690 --> 00:03:00,770
And while we're waiting on this I'm going to go ahead just make this a little bit smaller or we wait

46
00:03:00,770 --> 00:03:02,260
for that to show up.

47
00:03:02,390 --> 00:03:05,900
You could see that you're going to come through here and this is going to go in the order of the class

48
00:03:05,960 --> 00:03:09,200
so auto runs going to be a first one we're going to do.

49
00:03:09,230 --> 00:03:12,980
Here you go it's going to say hey here's what we're gonna do in Windows.

50
00:03:12,980 --> 00:03:14,040
Here's how we're gonna detect it.

51
00:03:14,070 --> 00:03:19,790
Here's how we're going to exploit it in Cally Linux and here's how we're going to pull it off and then

52
00:03:19,790 --> 00:03:22,270
once we pull it off quarters and say hey we're done here.

53
00:03:22,310 --> 00:03:23,530
Go ahead and click complete.

54
00:03:23,870 --> 00:03:25,390
So this goes all the way through.

55
00:03:25,400 --> 00:03:31,100
There's even going to be some little bonus in here where we've got kernel exploits and hot potato and

56
00:03:31,670 --> 00:03:33,950
password mining that you guys are going to do on your own.

57
00:03:34,280 --> 00:03:40,860
But we're going to cover step by step not just what you see here but the reasoning why it actually happens.

58
00:03:40,940 --> 00:03:43,070
So go ahead and let your machine boot up.

59
00:03:43,070 --> 00:03:48,050
It could take one to three minutes hit pause get connected to this point and then I'll show you how

60
00:03:48,050 --> 00:03:52,580
to get captured the machine and then we'll move on to the next section where we actually start walking

61
00:03:52,670 --> 00:03:54,670
through this OK.

62
00:03:54,670 --> 00:03:57,400
And you can see now that I'm getting pings back.

63
00:03:57,490 --> 00:04:02,300
So at this point what I want you to do is I just want you to connect to this machine.

64
00:04:02,860 --> 00:04:07,120
So the way we're going to connect to this machine is we're just going to say something along the lines

65
00:04:07,120 --> 00:04:14,140
of our desktop which should be built into your Kelly machine and we'll say the IP address which is going

66
00:04:14,140 --> 00:04:18,240
to be turned out ten thirty eight forty four I'm going to copy it here.

67
00:04:18,520 --> 00:04:23,380
Your IP will be different and we'll be different every time you terminate and restart this machine.

68
00:04:23,380 --> 00:04:24,700
And then I'm going to do a G.

69
00:04:24,700 --> 00:04:27,810
The G tells us what size we want to run this at.

70
00:04:27,880 --> 00:04:32,320
If you don't put the G in here it's going to run very very small so I'm going to go ahead and see Dash

71
00:04:32,320 --> 00:04:32,530
G.

72
00:04:32,530 --> 00:04:37,650
Ninety five percent and it's going to boot up this nice sized our desktop.

73
00:04:37,780 --> 00:04:43,920
You're going to come in here in your user name is going to be user your password is going to be lowercase

74
00:04:43,960 --> 00:04:50,370
password 3 2 1 and then you're going to log in.

75
00:04:50,800 --> 00:04:54,310
And once you log in you will be the low level user.

76
00:04:54,730 --> 00:04:59,360
Only thing to point out is on your desktop here is a tools folder.

77
00:04:59,380 --> 00:05:02,350
This is going to have all the tools you need for this course.

78
00:05:02,350 --> 00:05:05,950
So there'll be a couple of tricks we're going to have to transfer files back and forth.

79
00:05:06,070 --> 00:05:09,400
Other than that everything you need is right here.

80
00:05:09,460 --> 00:05:13,060
You can actually see that power ups in here and Sherlock's in here.

81
00:05:13,060 --> 00:05:16,200
So these are a couple of things you talked about like hot potatoes in here.

82
00:05:16,240 --> 00:05:20,440
So some of these things should be familiar to you and the rest of these we're going to run and you're

83
00:05:20,440 --> 00:05:24,930
going to get more familiarized with are more familiar with as we go.

84
00:05:24,940 --> 00:05:26,620
So once you're logged in.

85
00:05:26,620 --> 00:05:32,740
Go ahead and meet me over in the next video as we start to talk about registry exploits.