1
00:00:00,390 --> 00:00:02,820
‫Let's perform another vulnerability scan.

2
00:00:04,370 --> 00:00:09,020
‫I want to perform an aggressive scan to find as many vulnerabilities as possible.

3
00:00:10,290 --> 00:00:14,520
‫Go to college and start the Nessa's demon if it's not already started.

4
00:00:16,120 --> 00:00:19,030
‫You service an SSD status to learn if it's running.

5
00:00:19,950 --> 00:00:25,890
‫OK, so it's inactive, so I use service necessity start to start as service.

6
00:00:27,490 --> 00:00:30,770
‫Now go to your browser and connect to the Nessus interface.

7
00:00:31,600 --> 00:00:41,260
‫It is an HTTP service is running on the same machine, so I'll use one two seven zero zero one lookback

8
00:00:41,260 --> 00:00:44,140
‫IP address referred to as localhost.

9
00:00:44,980 --> 00:00:48,430
‫And the port of the Nessa's service is eight three four.

10
00:00:50,290 --> 00:00:51,790
‫Sign in using your credential.

11
00:00:54,880 --> 00:00:56,450
‫Click the new scan button.

12
00:00:57,310 --> 00:01:00,040
‫Now let's choose advanced scan for this scan.

13
00:01:00,980 --> 00:01:03,930
‫Will be more aggressive than a basic network scan.

14
00:01:04,850 --> 00:01:10,340
‫So enter the basic info, give the scan and name and enter description if you want.

15
00:01:11,650 --> 00:01:13,270
‫And the targets.

16
00:01:14,280 --> 00:01:21,000
‫Here I have a Windows XP with an IP address of two zero seven and Métis voidable to Linux system with

17
00:01:21,000 --> 00:01:22,950
‫an IP address of two zero six.

18
00:01:23,880 --> 00:01:29,610
‫Here I have a third system, an up to date Windows eight, and it's IP addresses two to three.

19
00:01:31,170 --> 00:01:37,710
‫Right, so back to Cali and enter the IP addresses of the target systems to zero six four meters, voidable

20
00:01:38,100 --> 00:01:42,600
‫to zero seven for Windows XP and two to three for Windows eight.

21
00:01:44,090 --> 00:01:47,540
‫Now click discovery and the list of the left.

22
00:01:48,780 --> 00:01:54,330
‫So we're simply going to accept the default on this page, so let's click on Assessment over to the

23
00:01:54,330 --> 00:01:54,600
‫left.

24
00:01:56,190 --> 00:02:01,710
‫And on this page, we want to check perform thorough tests, so check the box.

25
00:02:02,810 --> 00:02:09,020
‫Then move to the report section in the options on the left, you can override the normal verbosity,

26
00:02:09,200 --> 00:02:11,420
‫make it report as much info as possible.

27
00:02:12,440 --> 00:02:18,080
‫So next click, the advanced option in the left to the left, the only thing we're going to do here

28
00:02:18,080 --> 00:02:20,660
‫is uncheck enable safe checks.

29
00:02:21,770 --> 00:02:25,570
‫Now on a normal production network, you would leave this box checked.

30
00:02:25,820 --> 00:02:29,090
‫You don't want to take down production systems when scanning.

31
00:02:29,390 --> 00:02:34,160
‫But for our purposes here, we want to gather as much information as possible.

32
00:02:34,160 --> 00:02:35,540
‫So we're going to one check it.

33
00:02:36,750 --> 00:02:38,580
‫Now click on the credentials tab.

34
00:02:39,660 --> 00:02:41,550
‫Select the S.H. option.

35
00:02:42,460 --> 00:02:43,540
‫In the list on the left.

36
00:02:44,810 --> 00:02:50,540
‫Now, since we know the username and password for the portable two machine, we're going to put those

37
00:02:50,540 --> 00:02:51,730
‫credentials in here.

38
00:02:52,730 --> 00:02:55,640
‫Remember the username and password of both MSF admin?

39
00:02:56,810 --> 00:03:02,330
‫Change the authentication method to password and put it in the username and password below.

40
00:03:03,810 --> 00:03:05,310
‫Now in the plug ins tab.

41
00:03:06,200 --> 00:03:12,050
‫We only need to activate the plug ins that have to do with what might be running on a Linux system so

42
00:03:12,050 --> 00:03:13,550
‫we can disable a few things here.

43
00:03:22,830 --> 00:03:28,980
‫OK, I paused the demo here, I've got to make an apology, it's a late update while capturing the demo,

44
00:03:29,400 --> 00:03:33,810
‫I forgot that I have Windows targets and disable the windows plug ins.

45
00:03:34,140 --> 00:03:35,100
‫It's a mistake.

46
00:03:35,100 --> 00:03:41,270
‫And I just wanted to show you that what we do here is if there's a problem, there's always a solution.

47
00:03:41,850 --> 00:03:46,500
‫So if you have Windows targets, please do not disable the windows plug ins.

48
00:03:47,610 --> 00:03:48,580
‫All right, let's move on.

49
00:03:49,110 --> 00:03:51,520
‫We can finally click save at the bottom.

50
00:03:52,380 --> 00:03:54,780
‫So here's the scan and we're ready to run it.

51
00:03:55,320 --> 00:03:59,910
‫Simply click the great triangle at the far right of our skin, which stands for launching the scan.

52
00:04:02,090 --> 00:04:07,940
‫And yes, the scan is started now, you can pause or stop the scan any time you want.

53
00:04:08,780 --> 00:04:12,140
‫So click the scan and we see the results in real time.

54
00:04:13,560 --> 00:04:18,450
‫OK, boy, that's going to take a while to run, so it's probably a good time to check your e-mail.

55
00:04:18,660 --> 00:04:22,760
‫Grab a cup of coffee maybe, but just make sure you come back to review the results.