filmov
tv
Exploit Database - Kali Linux Tutorial
Показать описание
Exploit Database is a free tutorial by Packt Publishing from Kali Linux course
Link to this course(Special Discount):
This is the best Kali Linux Course
Course summary:
Many advanced techniques are addressed within this series, but it is still designed to simultaneously accommodate less experienced viewers. The series provides detailed explanations intended to clearly address the underlying processes involved with all tasks performed.
English [Auto]
Well it is an extremely powerful exploitation too. You don't want it to become a crutch that prevents you from further advancing your skills. It's important to work directly with the exploits so that you can start to develop a better understanding of how they work. The best way to do this and Kaleo Linux is by working in the exploit database so that access and change directory to user slash slash exploit D-B once there is news LS to list the contents of the directory and then here within the platforms subdirectory you'll find a whole bunch of different scripts and also several other subdirectories that are unique to different platforms and within those bunch more scripts that are specific to those platforms. So rather than trying to search through all of these different scripts and trying to find the one that you need that way you can actually search through the files dustiest the file that has information about each of the different exploits within these subdirectories so to do this we can use the grep function. So let's say that I'm familiar with the particular service running on a foreign system that I want to exploit I can use grep then in this case free. SS HD and then the file that I want to perform the grep on. So files Dotsie SD and here we get a list of each of the different exploits with that keyword in it. I can then further narrow my search by piping it over and then using grep function on the output of that result. And here we grep out just the remote exploits and eliminate the denial service exploits that were listed there. So now we're down to only two exploits. And the second one in particular is the version that I need an exploit for. So I want to then browse to that directory so change directory then platforms Windows and remote. And then I'm going to copy that script to a different location with a name that I can actually get or acknowledge what it is. So I'll change it to my root directory and then give it the name free. Ss d exploit. And then we'll change to a root directory and there's our perl script right there. So then we'll use the VM editor to view the script. And if we look through this it's actually not that complicated. What it does looks like it takes input from the user who executes the script on the host port the user and password and the target which will either be XP Service Pack 2 or Windows Vista and then after the buffer overflow it's going to execute this show code which if we browse to the bottom based on the message it returns to the user appears to be a show code that creates a TCAP bind show on the remote system on port 4 4 4 4. Now a lot of these scripts are going to have to be tweaked because of certain things hard in the script. In this case that doesn't seem to be the case. So it seems like we should be able to wash the scripts just as is so execute the script for once without any arguments to see the usage once again. And notice that it does prompt for a username and password so this is a post authentications script. So we're just going to assume that we brute force access to the T-P service will further discuss how to perform brute forcing network services all later video. So then it will last the script with the arguments. So first with the host IP address and then the port that the service is running on and then the user is user password is password and then target is one for XP Service Pack 2 and once the script is done running it tells you that you are now finished and that you can check your show on Court 4 4 4 4. So then we'll go ahead and load up net catch to connect to our remote show that we've now created on that system. So we use in see dash in server Bowse and then connect via IP address specified the IP address the remote machine and then port 4 4 4 4. And there you have it. We now have a show on our remote system so that is how to run an exploit directly from exploit code that you have pulled from the exploit database.
Exploit Database Exploit target systems / use proof-of-concept scripts in the exploit database
Link to this course(Special Discount):
This is the best Kali Linux Course
Course summary:
Many advanced techniques are addressed within this series, but it is still designed to simultaneously accommodate less experienced viewers. The series provides detailed explanations intended to clearly address the underlying processes involved with all tasks performed.
English [Auto]
Well it is an extremely powerful exploitation too. You don't want it to become a crutch that prevents you from further advancing your skills. It's important to work directly with the exploits so that you can start to develop a better understanding of how they work. The best way to do this and Kaleo Linux is by working in the exploit database so that access and change directory to user slash slash exploit D-B once there is news LS to list the contents of the directory and then here within the platforms subdirectory you'll find a whole bunch of different scripts and also several other subdirectories that are unique to different platforms and within those bunch more scripts that are specific to those platforms. So rather than trying to search through all of these different scripts and trying to find the one that you need that way you can actually search through the files dustiest the file that has information about each of the different exploits within these subdirectories so to do this we can use the grep function. So let's say that I'm familiar with the particular service running on a foreign system that I want to exploit I can use grep then in this case free. SS HD and then the file that I want to perform the grep on. So files Dotsie SD and here we get a list of each of the different exploits with that keyword in it. I can then further narrow my search by piping it over and then using grep function on the output of that result. And here we grep out just the remote exploits and eliminate the denial service exploits that were listed there. So now we're down to only two exploits. And the second one in particular is the version that I need an exploit for. So I want to then browse to that directory so change directory then platforms Windows and remote. And then I'm going to copy that script to a different location with a name that I can actually get or acknowledge what it is. So I'll change it to my root directory and then give it the name free. Ss d exploit. And then we'll change to a root directory and there's our perl script right there. So then we'll use the VM editor to view the script. And if we look through this it's actually not that complicated. What it does looks like it takes input from the user who executes the script on the host port the user and password and the target which will either be XP Service Pack 2 or Windows Vista and then after the buffer overflow it's going to execute this show code which if we browse to the bottom based on the message it returns to the user appears to be a show code that creates a TCAP bind show on the remote system on port 4 4 4 4. Now a lot of these scripts are going to have to be tweaked because of certain things hard in the script. In this case that doesn't seem to be the case. So it seems like we should be able to wash the scripts just as is so execute the script for once without any arguments to see the usage once again. And notice that it does prompt for a username and password so this is a post authentications script. So we're just going to assume that we brute force access to the T-P service will further discuss how to perform brute forcing network services all later video. So then it will last the script with the arguments. So first with the host IP address and then the port that the service is running on and then the user is user password is password and then target is one for XP Service Pack 2 and once the script is done running it tells you that you are now finished and that you can check your show on Court 4 4 4 4. So then we'll go ahead and load up net catch to connect to our remote show that we've now created on that system. So we use in see dash in server Bowse and then connect via IP address specified the IP address the remote machine and then port 4 4 4 4. And there you have it. We now have a show on our remote system so that is how to run an exploit directly from exploit code that you have pulled from the exploit database.
Exploit Database Exploit target systems / use proof-of-concept scripts in the exploit database
0:07:36
0:03:59
0:05:30
0:00:30
0:11:05
0:06:09
0:00:47
0:19:29
0:09:20
0:03:18
0:05:58
0:05:36
0:00:36
0:00:39
0:01:01
0:02:55
0:01:35
0:03:24
0:04:00
0:01:15
0:00:31
0:14:49
0:00:16
0:05:30