1
00:00:02,380 --> 00:00:06,970
So there are minor differences between Windows and Linux interpretive sessions.

2
00:00:07,510 --> 00:00:10,900
This is why I'd like to show you the interpreter session in both machines.

3
00:00:11,990 --> 00:00:17,000
In our last lecture, we had an interpreter session on meds, bootable Linux machine.

4
00:00:17,480 --> 00:00:20,930
Let's continue to see the basic interpreter commands on that session.

5
00:00:22,680 --> 00:00:28,680
So a good habit to get into is looking at this disinfo, which is the first command that I run when

6
00:00:28,680 --> 00:00:34,350
I interact with an interpreter session, just so I can see which system I am in.

7
00:00:35,570 --> 00:00:36,740
Never hurts to double check.

8
00:00:36,770 --> 00:00:38,000
OK, I'm on meds.

9
00:00:39,200 --> 00:00:45,050
Help is the second command I'd like to show, and not surprisingly, it shows the available commands

10
00:00:45,050 --> 00:00:46,670
in this meditative session.

11
00:00:47,760 --> 00:00:53,790
Commands are grouped and we'll talk about it more in the following lectures about the command names

12
00:00:53,790 --> 00:00:58,310
are at the left hand side in the descriptions of commands are on the right hand side.

13
00:00:59,130 --> 00:01:01,520
And here's another command group anyway.

14
00:01:02,280 --> 00:01:07,080
So first of all, let's see how we can manage interpreters sessions.

15
00:01:08,290 --> 00:01:15,940
If you're in a mature session, you can go back to MSF console with the background command and now we're

16
00:01:15,940 --> 00:01:17,080
on MSF show.

17
00:01:18,190 --> 00:01:25,150
Sessions L is to list the active sessions now the sessions may or may not be interpretor sessions,

18
00:01:25,540 --> 00:01:29,350
but you'll see the session type in the third column of the sessions list.

19
00:01:30,170 --> 00:01:36,230
In fact, the Sessions command with no parameter lists the sessions as well, so you don't need to use

20
00:01:36,530 --> 00:01:37,490
the URL parameter.

21
00:01:38,510 --> 00:01:45,320
The first column of the list shows the ID numbers of the sessions information column shows the user

22
00:01:45,320 --> 00:01:52,340
and the system connected and the connection column shows the attacker and the victim systems IP addresses

23
00:01:52,550 --> 00:01:53,900
and the connected ports.

24
00:01:55,500 --> 00:02:02,790
The Sessions command with the eye parameter to interact with any of these sessions simply give the idea

25
00:02:02,970 --> 00:02:04,740
of the session you want to interact with.

26
00:02:05,890 --> 00:02:09,760
And we're in the Mediterranean recession of the Mideast voidable Linux again.

27
00:02:11,220 --> 00:02:14,280
Now to see our current position in the target system.

28
00:02:15,240 --> 00:02:17,580
We'll use the P WD command.

29
00:02:18,990 --> 00:02:25,200
OK, if you're familiar with the Linux system, you already know that the command is a standard Linux

30
00:02:25,200 --> 00:02:27,240
command to print working directly.

31
00:02:28,100 --> 00:02:29,260
Well, you're wrong.

32
00:02:30,350 --> 00:02:37,100
Here, it's a maternity command and it runs under the other operating system sessions as well, which

33
00:02:37,100 --> 00:02:38,420
I'll show you in a couple of minutes.

34
00:02:39,470 --> 00:02:44,600
The interpreter filesystem commands are mostly similar to the Linux file system command.

35
00:02:46,100 --> 00:02:51,560
We're on the route folder, we can use the Alaska man to see the files in this folder.

36
00:02:52,540 --> 00:02:58,090
The CD command to change or to move to another folder, for example, Etsy.

37
00:02:59,100 --> 00:03:01,740
And now we are in ETSI folk.

38
00:03:03,960 --> 00:03:08,460
So we can use the CD command to go back to the root folder again.

39
00:03:09,820 --> 00:03:12,310
The next command is yet Eweida.

40
00:03:13,250 --> 00:03:18,920
It's used to show which user you are on that system, we are the route user, which is very good for

41
00:03:18,920 --> 00:03:21,020
us, but not for the victim.

42
00:03:21,950 --> 00:03:27,280
Get pide is to see the ID number of the process that we are injected into.

43
00:03:27,290 --> 00:03:31,100
But it seems it's not available on Linux systems.

44
00:03:31,400 --> 00:03:33,600
OK, I'll show it on a Windows system soon.

45
00:03:34,100 --> 00:03:34,760
Stay tuned.

46
00:03:35,760 --> 00:03:39,960
The command is to see the running processes on that system.

47
00:03:44,040 --> 00:03:51,060
So harsh dump is a very useful command for ethical hackers, as you might guess, it lists the hashes

48
00:03:51,060 --> 00:03:52,260
of the user of this system.

49
00:03:52,960 --> 00:03:57,930
But remember, you can access the hash files if you have the route or the admin privileges.

50
00:03:58,230 --> 00:04:01,290
Otherwise, interpreter cannot gather the hashes.

51
00:04:02,780 --> 00:04:07,070
But don't worry, there are a few tricks up our sleeves to escalate the privilege.

52
00:04:08,860 --> 00:04:15,310
Well, now it seems the interpreter does not have the hash don't command for Linux systems, but again,

53
00:04:15,310 --> 00:04:18,840
no worries because we can use a post module to gather hashes.

54
00:04:19,420 --> 00:04:22,660
We'll see that in detail in the post exploitation lecture.

55
00:04:22,690 --> 00:04:29,080
So just to show you that we have alternatives, let's run this post exploitation module.

56
00:04:30,160 --> 00:04:31,060
Run post.

57
00:04:31,980 --> 00:04:36,070
No wind, no, not Windows, it's a Linux system.

58
00:04:36,970 --> 00:04:44,860
Regathered, hash, dump and hit Aitor, remember, Métis Boyd, framework and interpreter have code

59
00:04:44,860 --> 00:04:45,550
completion.

60
00:04:46,460 --> 00:04:52,190
So you can just use the tab key to complete the words, and here are the usernames and the password

61
00:04:52,190 --> 00:04:52,700
hashes.

62
00:04:54,190 --> 00:05:00,010
Now, I don't know if I need to stress to you that this is very important data, so we'll use these

63
00:05:00,010 --> 00:05:03,070
hashes for some of our purposes a little bit later.

64
00:05:04,350 --> 00:05:10,470
But first, let me show you that idle time is another useful interpretive command, which displays the

65
00:05:10,470 --> 00:05:15,480
number of seconds that the user at the remote machine has been idle.

66
00:05:16,600 --> 00:05:19,180
If you'd like to log out the user or restart the.