1
00:00:00,870 --> 00:00:04,870
‫So exploits are the most important part of the men's boite framework.

2
00:00:05,730 --> 00:00:11,910
‫They make you take advantage of a flaw within any particular system, an application or a service.

3
00:00:12,870 --> 00:00:19,770
‫So it's by using exploits that you or maybe an attacker can get the results from the developer or the

4
00:00:20,370 --> 00:00:22,800
‫system administrator would never intend for.

5
00:00:23,770 --> 00:00:33,340
‫In boy framework, there are 1824 exploits when I recorded this course, which includes more than 15

6
00:00:33,340 --> 00:00:35,720
‫categories based on the different platforms.

7
00:00:36,280 --> 00:00:41,170
‫And right up here are the various categories of the exploits.

8
00:00:42,350 --> 00:00:49,080
‫Now, I guess you might think about how you're going to find your way among all of the available exploits.

9
00:00:50,240 --> 00:00:52,280
‫So let me quickly show you one.

10
00:00:53,600 --> 00:00:58,750
‫Now, first, I got to mention, you've got to be very careful before using any of these exploits,

11
00:00:59,360 --> 00:01:04,610
‫so let me suggest to you that you make an extensive enumeration on the target that you want to use and

12
00:01:04,610 --> 00:01:12,260
‫exploit on a proper enumeration of the target might give the operating system of the target, including

13
00:01:12,260 --> 00:01:21,770
‫the exact version and architecture open ports on the target, both TCP or UDP services with a version,

14
00:01:21,770 --> 00:01:26,720
‫information and probability of a particular service being vulnerable.

15
00:01:27,700 --> 00:01:28,240
‫So.

16
00:01:29,590 --> 00:01:33,760
‫First, let's have a look at the export modules from the GeoEye.

17
00:01:35,210 --> 00:01:36,350
‫Look into the folder.

18
00:01:37,460 --> 00:01:44,020
‫And here there are over 15 categories, and under each one, you'll find even more categories.

19
00:01:45,400 --> 00:01:46,900
‫Under Eunuch's.

20
00:01:47,850 --> 00:01:48,750
‫FTP.

21
00:01:50,150 --> 00:01:52,400
‫Here is the expert that I want to use.

22
00:01:53,570 --> 00:01:55,190
‫So go back to the terminal.

23
00:01:57,150 --> 00:01:58,500
‫I want to clear the screen.

24
00:02:01,910 --> 00:02:08,210
‫Usage is the same as auxiliaries use and the name of the XPoint.

25
00:02:09,550 --> 00:02:13,330
‫Use exploit Unix FTP.

26
00:02:14,750 --> 00:02:18,290
‫TVs, FTP, the back door.

27
00:02:19,430 --> 00:02:23,900
‫So I'll use this one just as an example, then show you the options of the XPoint.

28
00:02:25,950 --> 00:02:30,000
‫Said our host to your Matus portable to IP address.

29
00:02:31,360 --> 00:02:33,580
‫Default port number is 21.

30
00:02:34,970 --> 00:02:40,280
‫So you don't need to change it unless you find that this version of FTP is running on another port.

31
00:02:41,150 --> 00:02:42,560
‫And I'll show you the options again.

32
00:02:44,150 --> 00:02:45,440
‫OK, so here you go.

33
00:02:46,710 --> 00:02:51,000
‫Type exploit to run the exploit code against the medicine, voidable to.

34
00:02:54,800 --> 00:02:58,970
‫And Tara, you have your first show on the target.

35
00:03:00,290 --> 00:03:06,810
‫As you can see here, Métis Boit warns us about the open shell, so this is not an interactive show.

36
00:03:07,520 --> 00:03:18,020
‫And while you can type some Linux commands directly here, who am I using the shell o route user type

37
00:03:18,020 --> 00:03:20,720
‫I.D. to see the actual user?

38
00:03:21,660 --> 00:03:28,800
‫And yeah, sure enough, it's correct, so you can write here Linux commands, for example, if config.

39
00:03:29,960 --> 00:03:32,900
‫And you see that this is Matus voidable to.