1
00:00:00,930 --> 00:00:06,960
‫Now, the post modules contain various scripts and utilities that help you to further infiltrate your

2
00:00:06,960 --> 00:00:10,020
‫target system after a successful exploitation.

3
00:00:10,850 --> 00:00:18,230
‫Once you successfully exploit a vulnerability and get into your target system, the post exploitation

4
00:00:18,230 --> 00:00:20,480
‫modules are going to help you in the following ways.

5
00:00:21,580 --> 00:00:23,140
‫Escalate user privileges.

6
00:00:24,560 --> 00:00:33,020
‫OS credentialled, steal cookies and saved passwords, get key logs from the target system, execute

7
00:00:33,020 --> 00:00:37,370
‫power shell scripts and make your access persistent.

8
00:00:38,030 --> 00:00:43,700
‫The Menace Boite Framework has more than 250 such post exploitation, utilities and scripts.

9
00:00:44,790 --> 00:00:51,350
‫So after gaining a shell, you can choose the appropriate post module to gather more information from

10
00:00:51,350 --> 00:00:54,440
‫the target or escalate your privileges.

11
00:00:55,530 --> 00:01:00,170
‫So let's see what a post module's directory looks like.

12
00:01:01,310 --> 00:01:02,180
‫Under module's.

13
00:01:03,070 --> 00:01:03,610
‫Post.

14
00:01:04,790 --> 00:01:11,510
‫And there are the post module directories, so because I have exploited a Linux system, I'll need to

15
00:01:11,510 --> 00:01:14,210
‫use Linux post exploitation modules.

16
00:01:14,730 --> 00:01:17,180
‫So let's go have a look at the Linux folder.

17
00:01:18,190 --> 00:01:21,220
‫And under Linux, there is a gather folder.

18
00:01:22,110 --> 00:01:23,700
‫And what do you have here?

19
00:01:25,030 --> 00:01:29,710
‫The hash dump module, now, it's not only for Linux.

20
00:01:30,810 --> 00:01:34,950
‫If you look over here, you have the same four windows as well.

21
00:01:35,880 --> 00:01:40,860
‫Now, before we go jumping into the command line, I just want you to realize just how meaningful the

22
00:01:40,860 --> 00:01:43,240
‫Métis Bloy directory structure really is.

23
00:01:43,440 --> 00:01:49,410
‫Now, you might ask, can you find your way around only by examining the structure.

24
00:01:50,730 --> 00:01:51,720
‫Let's go back to terminal.

25
00:01:52,670 --> 00:01:56,720
‫So now I'm going to use the VSP exploit again.

26
00:02:00,060 --> 00:02:02,340
‫So use XPoint.

27
00:02:03,890 --> 00:02:06,260
‫Eunuch's, fpp.

28
00:02:07,670 --> 00:02:09,890
‫V.S., F.T. PD.

29
00:02:11,580 --> 00:02:12,600
‫So options.

30
00:02:14,390 --> 00:02:19,370
‫Everything is ready to exploit, then exploit J.

31
00:02:19,850 --> 00:02:26,480
‫So this command will exploit the target and if I get a session, then it will hold that session in the

32
00:02:26,480 --> 00:02:30,950
‫background type sessions to list the available sessions in the background.

33
00:02:31,760 --> 00:02:34,710
‫And there it is in session for.

34
00:02:35,420 --> 00:02:40,080
‫So now is the time to use a post module over this session.

35
00:02:40,640 --> 00:02:48,890
‫Now the usage syntax of a post module is the same type used and then the name of the post module use

36
00:02:48,890 --> 00:02:50,780
‫post Linux.

37
00:02:51,800 --> 00:02:59,520
‫Gather hash dump, now show the options to me only this session variable.

38
00:03:00,230 --> 00:03:05,240
‫So set this variable to the index of this session for.

39
00:03:07,710 --> 00:03:08,850
‫Then exploit.

40
00:03:09,940 --> 00:03:15,760
‫Aha, so here are the password hashes of medicine voidable to users.

41
00:03:18,180 --> 00:03:19,710
‫Now, you don't have to stay with that.

42
00:03:20,950 --> 00:03:22,960
‫You can also use some of the other post modules.