1
00:00:00,520 --> 00:00:01,580
‫So I'm not going to lie to you.

2
00:00:02,020 --> 00:00:08,950
‫Sometimes you're going to hear words like active exploit or passive exploit, right?

3
00:00:10,030 --> 00:00:17,440
‫Basically exploit in the media exploit framework are divided into two categories, active or passive.

4
00:00:18,210 --> 00:00:20,060
‫So what does that mean to you?

5
00:00:21,520 --> 00:00:28,300
‫Active exploits will exploit a specific host run until completion and then exit.

6
00:00:29,230 --> 00:00:33,700
‫For example, brute force modules will exit immediately when a shell opens.

7
00:00:34,710 --> 00:00:39,000
‫And execution of the model stops if an error occurs.

8
00:00:39,990 --> 00:00:44,910
‫Oh, and by the way, you can force an active exploit to work in the background.

9
00:00:45,940 --> 00:00:49,900
‫By entering Jay into the export command.

10
00:00:51,030 --> 00:00:59,010
‫And of course, on the other hand, passive exploits wait for incoming hosts and then exploit them as

11
00:00:59,010 --> 00:01:06,360
‫they connect, these exploits almost always focus on clients such as Web browsers, FTP clients and

12
00:01:06,360 --> 00:01:09,960
‫all those, and they'll report Schell's as they open.

13
00:01:10,740 --> 00:01:21,030
‫Now, you can list open shelves by entering I with the sessions command also by adding I with a sessions

14
00:01:21,030 --> 00:01:25,170
‫command, you'll be able to interact with the intended show.

15
00:01:28,400 --> 00:01:34,850
‫Métis Boyd framework ranks the exploits to help you find the appropriate exploit.

16
00:01:35,790 --> 00:01:38,400
‫And I'll show you all the ranks and their meanings.

17
00:01:40,790 --> 00:01:41,360
‫Excellent.

18
00:01:42,590 --> 00:01:45,050
‫The exploit will never crash the service.

19
00:01:45,860 --> 00:01:55,670
‫This is a case for escarole injection, ACMD Execution, RFE, Alphie, etc. There's no typical memory

20
00:01:55,670 --> 00:02:02,750
‫corruption exploits should be given this ranking unless unless there are some extraordinary circumstances.

21
00:02:03,820 --> 00:02:04,390
‫Great.

22
00:02:05,680 --> 00:02:16,460
‫Exploit has a default target and either auto detect the appropriate target or uses an application specific

23
00:02:16,460 --> 00:02:19,070
‫return address after a version check.

24
00:02:20,040 --> 00:02:20,580
‫Good.

25
00:02:21,650 --> 00:02:27,890
‫Exploit has a default target, and it is the common case for this type of software.

26
00:02:29,000 --> 00:02:29,660
‫Normal.

27
00:02:30,860 --> 00:02:39,800
‫The exploit is otherwise reliable, but depends on a specific version and can't or doesn't reliably

28
00:02:39,800 --> 00:02:40,880
‫auto detect.

29
00:02:41,770 --> 00:02:42,400
‫Average.

30
00:02:43,410 --> 00:02:47,430
‫The exploit is generally unreliable or difficult to exploit.

31
00:02:48,630 --> 00:02:56,910
‫Low, the exploit is nearly impossible to exploit, or I'd say under 50 percent success rate for common

32
00:02:56,910 --> 00:02:57,570
‫platforms.

33
00:02:58,640 --> 00:02:59,270
‫Manuel.

34
00:03:00,250 --> 00:03:09,370
‫The exploit is unstable or difficult to exploit and is basically a Dossi, so this ranking is also used

35
00:03:09,370 --> 00:03:14,260
‫when the module has no use unless specifically configured by the user.