312-50: CEH Certified Ethical Hacker (312-50v9) Certification Video Training Course Outline
Build Your Lab - In the Future W...
Ethical Hacking Overview
FootPrinting - Reconnaissance an...
Detecting Live Systems - Port Sc...
Enumernation - What Can We Get F...
Malware - Sofware Goes Undercover
Advanced Hacking and Explotiatio...
Attacking Wireless Networks and ...
Networks - Sniffing, ARP Poision...
Firewalls, IDS and IPS and some ...
Attacking Web Technologies
So Your Ready To Take Your Test
Build Your Lab - In the Future We will offer an Online Solution
312-50: CEH Certified Ethical Hacker (312-50v9) Certification Video Training Course Info
Gain in-depth knowledge for passing your exam with Exam-Labs 312-50: CEH Certified Ethical Hacker (312-50v9) certification video training course. The most trusted and reliable name for studying and passing with VCE files which include ECCouncil CEH 312-50 practice test questions and answers, study guide and exam practice test questions. Unlike any other 312-50: CEH Certified Ethical Hacker (312-50v9) video training course for your certification exam.
Build Your Lab - In the Future We will offer an Online Solution
7. Getting to Know Your Win2k3-AD
Actually the Wind two K threead is actually pretty basic. All you need to do is make noteof the user ID and the password. There's also an Active Directory restore password that happens to be the same thing. So I'm just going to power this on; you'll notice it's Windows Server 2003. Again, folks, the reason I'm doing Server 2003 instead of Server 2012, where there is absolutely no difference, is that Server 2012 takes 18 gigs to download and this takes about two gigs. So I know a number of you folks that are in India and other places where you're, as we say, "bandwidth challenged." We'll definitely appreciate this, but please don't think that I'm taking anything away from not using one of the newer machines, because that is not the case. And just close this right here, and then you're pretty much ready to go. Everything else has been installed. Some of the things that we'll dowith this is we'll extract password. It hashes from an Active Directory database, not directly from a Sam database, and we'll do a whole bunch of other things. That Windows 2003 In other words, an Active Directory machine
8. Getting to Know Your WebApp
Now, the final machine we'll discuss is our web app. I don't even want you to worry about what platform it's on. A friend of mine wrote this a long time ago. It works extremely well for teaching you SQL injection. So what I'm going to ask is that you simply boot this machine up, ping the name of the machine, which is UdemyWeb, get the IP address, and leave it alone. I really don't want you tinkering with this machine because you'll be asking questions and it's going to be kind of a mess. Most of the machines, when I write them, I go ahead and have them turn on and log in automatically. It stops the students from having to remember every password on every machine, and it just kind of distracts from what they really need to learn. Okay? And so if you want to just double-click on this, it probably won't change because it just booted up. This would be its IP address. Again, if you wanted to, you could come out from another machine and just ping the Udmy Web App, and it should come back and give you exactly the same IP address. It doesn't have to be on the same machine. Accordingly, you could do this, but
9. Putting Our Lab Together Step By Step
Okay, boys and girls, let's go ahead and start off. I've gone ahead and installed my VMware workstation, and I'm just going to show you my personal preferences. I don't care for this home button. I'm just going to go ahead and get rid of this. Some of them have a little thing along the side. I don't care for that. If you like it, well, that's perfectly fine with me. I just think it takes up way too much real estate. All right. So the first thing I'm going to do is go ahead and do an open, and where do you think I'm going to open this from? I'm going to open it on my old drive. That's correct because I've downloaded everything from my old drive. So I'm going to go ahead and bring that over, and I've downloaded things over here to a directory. Out here I've got a VM's directory, and I've got a directory. I called O-V-F-R-A-R. Okay. Now, let me show you what's in there. Okay, now what I'm going to show you Here are the files that were downloaded when we downloaded them from the workstation. So let me go ahead thatbasically consisted of all of these. Like I said, you are going to need WinRAR installed WinRAR.You can pick any one of these, right click on it, and tell it to extract here. It will take a little bit of time. It's going to go back. It's going to go out and create an OBF file, a VMDK file, and a couple of other files. Now, this is what makes it portable. I can import this into Amazon. I can import it into Azure. I can import it into basically any virtualization platform. I can basically put anything into VMware's cloud director. I did that on purpose so that you would be able to utilise this. If you wanted to build a lab and you had VMware Vsphere and you wanted to bring it in for that or something like that, Now it's already gone ahead and done this. In reality, I don't really even need this any longer. So I'm going to go ahead and just get rid of all of these. Let's see if it's going to let me do that. I guess it's not. All right, so I'll go ahead and do that later. So what I'm going to do is grab that OVF file, and I'm just going to open it up. Now this is the important part, right here. It says, What's the name for the virtual machine? I'm going to name this virtual machine. You see, I already have one called XP Attacker on Udemy. It just put one in there with a two. So what I'm going to do is I'm just going to go ahead and take out that right there, and I'll go ahead and just get rid of that Here's the important party! If you notice what it's going to do, it's going to try and put this under my Documents folder. We don't want that. We want to put this in our Odrive, in our Veracrit folder, so that everything is in one compact little place where nothing bad can happen and everything is in one direct location. All right? Now you can go ahead and stick it right there under these VMs. Now what I would do is go ahead and make a new folder and call it XP Attacker, all right? and click okay. and OVM's XP attacker, and I'd go ahead and click on Import. Again. Ideally, what we want to do is have a compartment that has all of our ethical hacker stuff in one location. That way, we can use our machine for other things during the day, for work, for school, or whatever. And it's not going to interfere with things; it's not going to delete things or things of that nature. Now I'm going to go ahead and pause the video real quick because this is about as exciting as watching paint dry. Now I went ahead and imported all of the rest of the apps just exactly the same way that I showed you by basically dropping down the drop-down box, selecting star dotstar, right-clicking on the raw file, telling it to extract here, and then waiting for it to extract. Then once it had done so, I went ahead and dropped down the drop-down box to the OVF format. Then what I did was I imported from the OVF format, but I did not take the defaults. I changed it to the Odrive, and I also manipulated it so that I went in and made a directory in the VM directory and created one for the Web app, one for the Win, seven x 32, one for the Win, two K, three ads, one for XP Attacker, and one for the Win, two K, Udemy. Now the next one I'm going to do isI'm going to do the damn vulnerable web app. Now the damn vulnerable web app is a little bit different in that it actually is an ISO. And let me show you how that works. So basically, what I'm going to do is create a new virtual machine. I'm going to tell it that I want typical and that I want to install the operating system later. I want to use Linux. I want it to use other Linux, two six kernel, 60,64 bit, and I want the location again, I want thisto be the old drive down vulnerable web app. Click there, and we're going to click on Next, and they're going to put the maximum disc size. It's going to take the defaults on it.I'm going to tell it I want it to be a single file because in reality it's just going to boot off of the ISO file. All right? So what's going to happen right here is I'mgoing to tell it the CD right here. I'm going to double click on that, and I'm going to tell it to use the ISO file and browse that ISO file, and I'm going to go out to the old drive again. I put it under the right footer there. Okay? So I'm going to do that. Click on Gmpower, and you're going to power on the firmware. Now when it powers onto firmware, you're going to click once in here. You're going to use the right arrow keys, and you're going to move using the down arrow key to the CDROM using the plus and minus keys all the way to the right on your keyboard, and you're going to hit the plus key to move the CD Rom to the top. You're then going to press the F tenkey and you're going to say yes. And then you're going to see it boot into a damn vulnerable web o say yesSo I'm going to go ahead and get out of here, and I'm going to go ahead and just power this guy off. All right? I'm also going to go ahead and change the name of this to something a little bit more also going to go And we're just about done have one more toinstall and that actually is our Kali ay? And we're And our Kali Linux is this one right here, which just happens to be the easiest one to install. Now, what I'm going to do with this one is actually go out here and say all files go into college Linux, and I'm going to grab and see if it allows me to do this. It might not. Okay? So what I'm going to do right here isn't going to be all in one place. So what I'm going to do is go over to the O drive, because right here it's going to be located underneath that OVF. So I wanted to go ahead and be located underneath the VM. So I'm going to go ahead and click on Cut right here, and then I'm going to go ahead and put that in the VM, and I'm going to make a directory right here. I'll call this Collie Linux, and I'm going to pace that in there, and it looks like we're going to be all set with that. I'm not sure where that thing came from there, but I'm just going to go ahead and get rid of it. Okay folks? And you know what? There you have it, because once the rest of these are installed, we'll have every single one of our VMs installed and ready to go.
10. Tying everying together in our Lab
Let's go ahead and assign that one here to Bridge as well. And you notice this one right here, where it says "Replicate Physical Network Connection." That's more or less for the wireless network. So if the network connection goes up or down, it will go ahead and reconnect. It will connect or reconnect. It's always a good idea to go ahead and click on Advance and generate a new Mac address for these, because you never know. Now if your VM says this, you're going to need to do the following. Okay, so this is what we're going to do to upgrade a virtual machine. We're going to click. Upgrade this virtual machine. We're going to click on Next. We'll go ahead and click on workstation twelve X. Click on "next." We're going to click on and alter this virtual machine. Next. Click on "Finish." Wait a couple of seconds, and click on Close. Okay? So the next thing we're going to do is add another drive to our XP Attacker, and we're going to use this in a later lab. So I'm going to click on Add right here, and I'm going to click on Hard Drive. Click on "next." I'm going to simply choose IDE and create a new virtual hard drive. I'm going to make it one gig in size. I'm going to click on Next. Just click on Finish right here and click okay. I'm going to go out to this XP attacker. I'm going to go ahead and power this on, and I'm going to format the Fat file system. So I'm going to pause this really quick while it boots up. Okay? So I've come across the XP attacker. I'm going to click on Right, click on My Computer, and click on Manage. I'll go down to Disk Management, and the convert disc wizard should appear. I'm going to click on Next. I'm not going to check the second one. I'm going to click on Finish right here. It says "Unallocated." I'm going to right-click on New Partition. Click on "next." I'm going to say Primary Partition, all right? And assign the following drive letter. Okay? And here's the important part. The file system I'm going to use is either Fat or Fat 32. It doesn't really make any difference which one I use. I'm going to go ahead and perform a quick format and go ahead and click on Finish, and you'll see why I'm doing that as we go along. All right? One of the main reasons that we're here in VMware Workstation is the fact that we can create a snapshot and that we can branch to any one of those snapshots. So what I'm going to do is start with this one right here. I'm going to click on VM. I'm going to click on Snapshot. And you'll see under Snapshot Manager that it doesn't have any snapshots. I'm going to click on "take a snapshot" and I'm going to say "initial snapshot." After set up, This way, we can always roll back in case we completely muddle this up. All right? So I'm going to click on Close, and now we absolutely cannot go wrong. We can go back to a pristine state. And what I would do, if I were you, is go ahead and disconnect all of this and then unmount the drive letter O and make a backup copy of that drive letter O. That way, you have everything you need to do another version. So you can have a version at work, a version at home, or whatever you want. And if something goes wrong with one of the hard drives, well, there you have it. You can pick right back up and not have to do anything.
Ethical Hacking Overview
1. Introduction to Pentesting and Ethical Hacking
In this section, we'll discuss the definition of a penetration test. We'll discuss the evolving threat, security, vulnerability, and lifecycle. We'll discuss botnet definitions, defense, in-depth metadata, penetration testing types, types of hackers, common definitions, hacker versus tester, as well as essential terminology and methodology for penetration testing tools versus techniques, calculating the risk, analysing findings, and penetration testing methods. Methodologies.
2. Teaser-How Hackers Obtain Serial Numbers Even VMware Workstation Pro
Okay, folks, I'm going to do a real quick teaser on how hackers get serial numbers. The first way is they use Google, but they use a portion of Google called 9/4 FBR and then put in whatever they are looking for. Let's say, for example, we're looking for Adobe Creative Cloud in, I don't know, 2015, I guess. Now, what you're going to see is a number of different ways that you can get serial number generators. You can get the actual keys, and you could get a whole host of other things. I should mention to you that this is not actually legal. Now, what you do with this information is up to you. But in reality, you have agreed that whatever you use this information for, you're not going to hold me liable for it. Let me show you a couple of other ways. First off, let's talk real quick about why this works. One of the items that I have in the course is called Bonus Google, and it gives you the capability of searching for MP3 games, videos, and ISOs. Now I'm going to show you that later on in the course, but this is the part that I wanted to show you. What we put in was Photoshop, and you can put it in before or after; it doesn't really make any difference. And I put in for FBR. All right, so how does it work? Well, quite simply, nine-four FBR is part of an Office 2000 Pro CD key that was widely distributed as it bypasses the activation requirements of Office Two K Pro. By searching for the product name 94 FBR, you guarantee two things. First off, the pages that are returned are pages dealing specifically with the serial numbers of the product the hacker was actually hunting. And because 94 FBR is part of a serial number and only part of a serial number, you guarantee that any page being returned is a serial number list page. and most people that list serial numbers list them this way. Let's take a look at another way that might be easier. You could simply search for "Serials VMware Workstation 12"; this may or may not give you information. Now one thing that you need to be particularly aware of is that there's no free lunch, folks. If you do decide you're going to use one of these serial numbers and they give you a generator, make sure that you generate that on a machine that's in a virtual machine and that you throw away any changes to that virtual machine because more than likely they're going to infect that and use it as a botnet. So, it's got a number of cracked lists. Well, look here. 1112 Pro serial number key. Let's see what they've got. It looks like everything is okay, so here is a Windows 12 serial number key. All right? And so if you wanted to, you could use that as part of your course. Now, I'm not saying to do that, because that would be illegal. But if a pinch comes to shove and you need it, then plan on buying it later. That's something between you and VMware. Okay? So let's go ahead and look at another one. Let's go ahead and go into a place called "and this one seems to give us all kinds of serial numbers." And so basically, what we're doing is using a site called Paste Bin. And what Paste Bin is is a site that you could take whatever is in your paste buffer and paste it into, but it doesn't divulge who pasted it in. You can also use Google to search for things, and it will return results. So here's a perfect example right here of a number of Windows' twelve serial number keys. So in reality, you would be able to use any of those. Now, this is for information purposes only, so please use that with a grain of salt if you decide to do something like this. Now, if you just grab Justin's key and put it in, you're not going to have to worry about putting things into a virtual machine and throwing the contents away. And we'll talk a lot more about that when we get into our malware.
3. Defintion of a Penetration Test
We'll begin by defining a pen test, also known as a penetration test. Now, a penetration test, or the short form "pentest," is an attack on a computer system with the intention of finding security weaknesses and potentially gaining access to it, its functionality, and its data. The process begins with identifying target systems and the goal, followed by a review of available information and the implementation of available means to attack that goal. A penetration test target may be a "white box" where all background and system information is provided or possibly a "black box" where only basic or no information is provided except for the company name or domain name. Now, a pen test will advise if the system is vulnerable to attack, if the defences were sufficient, and which defences, if any, were defeated in the penetration test. Now, a penetration test could be likened to surveying a rabbit-proof fence, which must be kept whole to keep the rabbits out. In surveying the fence, the penetration tester may identify a single large hole big enough for a rabbit or themselves to move through once the defence has passed. Any further review of that defence may not occur as the penetration tester moves on to the next security control. Now, this means there may be several loopholes or vulnerabilities in the first line of defense, and the penetration tester only identified the first one found as it was successful in producing an exploit. This is where the difference between a vulnerability assessment and a penetration test is actually shown. The vulnerability assessment is everything that you may be susceptible to. The penetration test is based on whether your defence can be defeated. Now, all these penetration tests are typically done from the position of an attacker.
Pay a fraction of the cost to study with Exam-Labs 312-50: CEH Certified Ethical Hacker (312-50v9) certification video training course. Passing the certification exams have never been easier. With the complete self-paced exam prep solution including 312-50: CEH Certified Ethical Hacker (312-50v9) certification video training course, practice test questions and answers, exam practice test questions and study guide, you have nothing to worry about for your next certification exam.