Time
10 hours 55 minutes
Difficulty
Beginner
CEU/CPE
11

Video Transcription

00:00
Hey, everyone, welcome back to the core. So in the last couple of videos, we went through our first lab. So again, we just launched core impact scanner, and we went ahead and ran a couple of scans with that. Ah, very simple fast scan as well as a more detailed scan
00:14
in this video, we're gonna use another vulnerability. Skinner called open Voss on. I do recommend you actually download and play with this one on your own as well. But in this particular lab, we're just gonna run Avery Basic scan with open Voss. So what? We're doing some work in the Cali Lenox terminal window. So no worries at all. If you have no experience in linen or specifically with Callie Lennox,
00:33
you're gonna get step by step in this particular lab.
00:36
I just want to mention also, as usual in the resource section of the course. You can find the downloadable step by step guides, as you see, pictured here on the screen.
00:44
So the other thing I want to mention with all the labs that were using in this course is on the right side of the lab. She'll notice instructions, and we mentioned this in the previous videos as well. But basically, make sure that as you're going through the instructions, whether you follow along in the step by step, you just listen to me. Or do you actually use the instructions on the right side here,
01:03
no matter what? To get full credit for the lab,
01:06
You want to make sure you look at these instructions and check these boxes to the left side of them.
01:11
That way, once you go to end the lab, it will track your progress and see that you've actually completed all of the steps for the lab. So very important. Make sure you do that if you want to get credit.
01:21
So first things first, word is gonna go ahead and log in. So in this particular instance were using of Cali. The user name and password is a little different than the default ones. Right. So you'll see here, that student and student. So we're gonna go ahead and type that in. So just the word student all over case and then we'll also type in that for a password as well.
01:42
All right. Once you typed in student, just select next, or he could have said entering a keyboard. And again, Same thing here. We're just gonna type in student all over case and we'll go ahead and sign in.
01:51
Probably just will take a few seconds here. So actually pull up the Cali Lennox desktop, and the first thing we're going to do once it pulls up is we're gonna actually launch a terminal window. So if you don't know what that is, don't worry about that. Just think of it as a magical place. You can type things and cool stuff happens. So just think of it like that.
02:07
So you notice here it's pulling up. The desktop should just take a few more seconds here, and then we'll go ahead and launch a terminal window.
02:14
So the way we're gonna launch the terminal is on the left side. Here, there's this little bat black box. So Kelly Lennox makes it very easy to launch the different applications inside of it. Very simple to do. So all we're gonna do is this little back black box of the left side. Just go ahead and select that and click on that is going to launch a terminal for us
02:32
and might take a few seconds or coach or so to actually launch the terminal window.
02:37
All right, so once your terminal window launches again, it might take a few seconds or so. It's sometimes a labs because it's a virtual machine, right? Might run just a little bit slow, but just be patient with this. You take just a few seconds to launch the terminal window. Once we've done so, we're gonna enter in a command, basically create a file, and in the file, we're gonna put some i p addresses.
02:55
So we're to use a command called Nando.
02:58
So all over, Case N A N O will put a space, and then we're gonna Neymar file in this lab. We're gonna call it skinning target list with some underscores. So we're gonna do scanning,
03:07
underscore target underscore list,
03:10
and then just press enter on your keyboard.
03:13
That's gonna take us into the file itself, and we're gonna go through and again down little step by step guide, or follow along on the right side here with the I P addresses you need. But we're gonna go ahead and enter those in. So 1st 1 I'm gonna entering this 1 92.168
03:29
0.0 dot 10 and you notice we're gonna go kind of a somewhat sequential order. So the next one down, it's gonna be 1 92.168 dot 0.20 on then 3040 etcetera. So you could feel Frito pause a video as you type those in and come back
03:46
after you finish typing them. I'm gonna go ahead and just continue typing them real quick on the screen. Here.
03:50
Look,
03:51
if I type that one correctly, that'll work a lot better. Trust me on. And then finally, our last one here 1 92.168
03:58
0.0 dot 50.
04:00
All right, So once we've type those in, we're gonna do a control. XO, hold on the control button on your keyboard. Um, and press X
04:09
and I will take you out of that. You'll notice little prompt at the bottom. There is going to say, Do you want to save the changes or not? We're gonna press. Why? Because we do
04:16
and then just will press enter here.
04:19
So that's taking us back to the terminal window special. We've created that file with those I p addresses in it.
04:25
The next thing we want to do is we're gonna go ahead and launch her open. Voss. So again, that's a vulnerability scanner we're gonna be using in this lab.
04:31
So let's go ahead and just type that in s. So we're gonna use a command called pseudo, which basically gives us administrator type access. We get access to a lot of different things and that allows us to launch certain applications Were type pseudo
04:44
all over case s u D O will put a space, and then we're gonna put open Voss
04:48
so O P E N v A s dash start. So again start means we want to launch it. So let's go and do that. It's gonna ask us for a password to verify. It's really us doing it, and we're gonna type in our past. Heard we used to log in. So if you don't remember that, it's the word student all over case
05:05
and you're not gonna see anything typing on the screen but is actually typing it for you. Just press enter there and then you see it's gonna go ahead and start launching Opened. Boston might take about 3 to 5 minutes. And once it's done, it's gonna launch a web page for us for green Bone. So I'm gonna pause a video until it launches at me just now. It probably takes about 3 to 5 minutes
05:26
tow. Launch it on your side.
05:28
All right. So you'll see her that it did launched the green boat site successfully for me if for some reason, it doesn't just open fire Fox and type in the u. R l https
05:38
and then the your local host 1 27.0 dot 0.1 colon 9392 and then ford slash log and log in a she male. So basically, this Uriel you're seeing at the top there.
05:48
So the next step we're going to do is actually log in. So this log it is gonna be admin lower case. So a d m i n all over case
05:58
and then our fancy password again, right? So the capital p the at symbol lower case ssw
06:03
the number zero lower case R D.
06:06
And by the way, that is a absolutely terrible password to use in real life. So don't do that. If you're looking for a new password.
06:13
So we're gonna select Log in there. I'm just gonna x out of that. I don't want to remember my password.
06:17
It doesn't matter too much since we're in a virtual lab environment. But I just, you know, like to keep my habits the same across the board.
06:26
All right, so now we've successfully logged into the green bone application. Before we go further in this lab, I'm in a policies video will pick things back up in the next video. So again, in this video, we just went through credited basically a text file using the Nano command inside of Cali Lennox. And again, that command actually works in any version. Lennix.
06:46
But we created that that we launched her open Voss,
06:48
and it took us to the green bone security site. And we're gonna do some configurations now, but we're gonna do that in the next video

Up Next

Fundamentals of Vulnerability Management

Most of the successful attacks through a business network could be prevented with vulnerability management. This course focuses on what you can do to automatically manage vulnerabilities and keep your network safe from attack.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor