1
00:00:00,390 --> 00:00:02,790
Let's perform another vulnerability scan.

2
00:00:04,340 --> 00:00:08,990
I want to perform an aggressive scan to find as many vulnerabilities as possible.

3
00:00:10,270 --> 00:00:14,500
Go to college and start the Nessa's demon if it's not already started.

4
00:00:16,059 --> 00:00:19,000
You service an SSD status to learn if it's running.

5
00:00:19,920 --> 00:00:25,860
OK, so it's inactive, so I use service necessity, start to start Nessa's service.

6
00:00:27,470 --> 00:00:30,750
Now go to your browser and connect to the Nessus interface.

7
00:00:31,580 --> 00:00:41,240
It is a HTP service is running on the same machine, so I'll use one two seven zero zero one lookback

8
00:00:41,240 --> 00:00:44,120
IP address referred to as localhost.

9
00:00:44,960 --> 00:00:48,410
And the port of the Nessa's service is N3 for.

10
00:00:50,270 --> 00:00:51,770
Sign in using your credential.

11
00:00:54,830 --> 00:00:56,430
Click the new scan button.

12
00:00:57,290 --> 00:00:59,990
Now let's choose advanced scan for this scan.

13
00:01:00,950 --> 00:01:03,920
Will be more aggressive than a basic network scan.

14
00:01:04,849 --> 00:01:10,310
So enter the basic info, give the scan and name and enter description if you want.

15
00:01:11,620 --> 00:01:13,240
And the targets.

16
00:01:14,250 --> 00:01:20,970
Here I have a Windows XP with an IP address of two zero seven and Métis voidable to Linux system with

17
00:01:20,970 --> 00:01:22,920
an IP address of two zero six.

18
00:01:23,820 --> 00:01:29,580
Here I have a third system, an up to date Windows eight, and it's IP addresses two to three.

19
00:01:31,140 --> 00:01:37,680
Right, so back to Cali and enter the IP addresses of the target systems to zero six four meters, voidable

20
00:01:38,070 --> 00:01:42,570
to zero seven for Windows XP and two to three for Windows eight.

21
00:01:44,060 --> 00:01:47,510
Now click discovery and the list of the left.

22
00:01:48,730 --> 00:01:54,310
So we're simply going to accept the default on this page, so let's click on Assessment over to the

23
00:01:54,310 --> 00:01:54,580
left.

24
00:01:56,160 --> 00:02:01,680
And on this page, we want to check perform thorough tests, so check the box.

25
00:02:02,790 --> 00:02:08,970
Then move to the report section in the options on the left, you can override the normal verbosity,

26
00:02:09,180 --> 00:02:11,390
make it report as much info as possible.

27
00:02:12,390 --> 00:02:18,060
So next click, the advanced option in the left to the left, the only thing we're going to do here

28
00:02:18,060 --> 00:02:20,640
is uncheck, enable safe checks.

29
00:02:21,730 --> 00:02:27,130
Now, on a normal production network, you would leave this box checked, you don't want to take down

30
00:02:27,130 --> 00:02:33,370
production systems when scanning, but for our purposes here, we want to gather as much information

31
00:02:33,370 --> 00:02:34,120
as possible.

32
00:02:34,120 --> 00:02:35,530
So we're going to want to check it.

33
00:02:36,720 --> 00:02:38,550
Now click on the credentials tab.

34
00:02:39,630 --> 00:02:41,520
Select the S.H. option.

35
00:02:42,440 --> 00:02:43,520
In the list on the left.

36
00:02:44,750 --> 00:02:50,510
Now, since we know the username and password for the portable to machine, we're going to put those

37
00:02:50,510 --> 00:02:51,700
credentials in here.

38
00:02:52,700 --> 00:02:55,610
Remember the username and password of both MSF admin?

39
00:02:56,760 --> 00:03:02,310
James, the authentication method to password and put it in the username and password below.

40
00:03:03,780 --> 00:03:05,280
Now in the plug ins tab.

41
00:03:06,170 --> 00:03:12,050
We only need to activate the plug ins that have to do with what might be running on a Linux system so

42
00:03:12,050 --> 00:03:13,520
we can disable a few things here.

43
00:03:22,810 --> 00:03:28,950
OK, I paused demo here, I've got to make an apology, it's a late update while capturing the demo,

44
00:03:29,350 --> 00:03:33,780
I forgot that I have Windows targets and disable the windows plug ins.

45
00:03:34,130 --> 00:03:35,050
It's a mistake.

46
00:03:35,050 --> 00:03:41,260
And I just wanted to show you that what we do here is if there's a problem, there's always a solution.

47
00:03:41,830 --> 00:03:46,480
So if you have Windows targets, please do not disable the windows plug ins.

48
00:03:47,580 --> 00:03:48,570
All right, let's move on.

49
00:03:49,080 --> 00:03:51,490
We can finally click save at the bottom.

50
00:03:52,350 --> 00:03:54,750
So here's the scan and we're ready to run it.

51
00:03:55,290 --> 00:03:59,880
Simply click the great triangle at the far right of our skin, which stands for launching the scan.

52
00:04:02,070 --> 00:04:07,890
And yes, the scan is started now, you can pause or stop the scan any time you want.

53
00:04:08,750 --> 00:04:12,110
So click the scan and we see the results in real time.

54
00:04:13,560 --> 00:04:18,420
OK, boy, that's going to take a while to run, so it's probably a good time to check your e-mail.

55
00:04:18,630 --> 00:04:22,730
Grab a cup of coffee maybe, but just make sure you come back to review the results.