1
00:00:01,090 --> 00:00:01,810
Welcome back.

2
00:00:02,380 --> 00:00:08,560
In this video, I want to show you another example of ISIS can show in the previous weekend.

3
00:00:08,770 --> 00:00:15,160
At this point, which is a Linux machine right now, we are going to see what results can we get scanning

4
00:00:15,160 --> 00:00:16,080
a Windows machine.

5
00:00:17,100 --> 00:00:23,130
So I have right here Windows seven virtual machine, and what's special about this machine is that it

6
00:00:23,130 --> 00:00:25,180
hasn't been updated in a year.

7
00:00:25,950 --> 00:00:31,470
And keep in mind, there are a lot of people in the world that don't regularly update their operating

8
00:00:31,470 --> 00:00:31,980
systems.

9
00:00:32,610 --> 00:00:38,070
This machine specifically doesn't have any additional software installed and running on open ports.

10
00:00:38,460 --> 00:00:43,730
The only open ports it has are these ones, and most of them are open by default.

11
00:00:43,740 --> 00:00:50,880
Once you install Windows seven, let us see what our next can will manage to find on an updated Windows

12
00:00:50,880 --> 00:00:51,520
seven machine.

13
00:00:52,170 --> 00:00:54,780
So let's go right here and go on to a scan.

14
00:00:54,780 --> 00:00:59,940
We already know how we can perform this scan, so I will not be explaining the details we navigate to

15
00:00:59,940 --> 00:01:02,030
the basic scan and we can type right here.

16
00:01:02,070 --> 00:01:08,670
Windows seven, the IP address I checked out right here it is 192 to the 168 at Fontanne six.

17
00:01:09,210 --> 00:01:10,770
And if I scan it.

18
00:01:12,910 --> 00:01:20,200
Go to the discovery, we can scan all ports in the assessment we're going to scan for known Web vulnerabilities

19
00:01:20,860 --> 00:01:25,990
in the report, we leave everything default and in the advanced, we'll leave it on default.

20
00:01:26,560 --> 00:01:27,610
I will click on Save.

21
00:01:29,200 --> 00:01:31,150
And just from my skin.

22
00:01:32,300 --> 00:01:37,730
This will start scanning my Windows seven machine, and in a few minutes we will receive the entire

23
00:01:37,730 --> 00:01:42,210
scan and all the vulnerabilities it managed to find for our Windows seven machine.

24
00:01:42,920 --> 00:01:47,240
Once again, keep in mind that it doesn't have any additional software installed.

25
00:01:47,800 --> 00:01:51,900
I just installed an operating system and connected it to my network.

26
00:01:52,610 --> 00:01:57,350
Let's wait for the scan to finish and we're going to see what it will manage to find.

27
00:01:59,210 --> 00:02:03,730
OK, the scan has finished, let us check out the results that NASA's gave us.

28
00:02:04,520 --> 00:02:10,490
If I click on my Windows seven, we will see it managed to find four critical vulnerabilities and to

29
00:02:10,670 --> 00:02:11,810
high vulnerabilities.

30
00:02:12,720 --> 00:02:17,370
And these are the vulnerabilities it found on Windows machine that hasn't been updated, let us check

31
00:02:17,370 --> 00:02:17,790
them out.

32
00:02:18,580 --> 00:02:26,520
If I click on this and click on Microsoft Windows, multiple issues we will see for critical vulnerabilities,

33
00:02:27,210 --> 00:02:29,450
unsupported Windows OS.

34
00:02:30,240 --> 00:02:35,010
This means that the windows has not been updated, as it says right here, he's either meeting a suspect

35
00:02:35,160 --> 00:02:36,810
or is no longer supported.

36
00:02:37,230 --> 00:02:39,900
This simply means it hasn't been updated in a while.

37
00:02:40,710 --> 00:02:43,950
As a result, it is likely to contain security vulnerabilities.

38
00:02:43,960 --> 00:02:44,880
And that is true.

39
00:02:46,260 --> 00:02:52,470
We get the MS 14, which it says right here, vulnerability and channel could allow remote code execution,

40
00:02:52,560 --> 00:02:53,940
uncredentialed check.

41
00:02:54,940 --> 00:03:02,020
And down here, we also get what type of vulnerability it is, so we could just search for that vulnerability,

42
00:03:02,020 --> 00:03:06,010
search for an exploit and gain access to our Windows seven machine.

43
00:03:07,180 --> 00:03:14,650
We also get this our DP, our CEO, or also known as the blue chip attack, and as you can see right

44
00:03:14,650 --> 00:03:17,070
here, this attack is relatively new.

45
00:03:17,380 --> 00:03:19,160
It is from 2019.

46
00:03:19,780 --> 00:03:25,030
So, for example, if there was anyone running Windows seven that hasn't updated their machine since

47
00:03:25,030 --> 00:03:28,720
2019, they are vulnerable to this attack.

48
00:03:29,320 --> 00:03:35,010
This attack exploits remote desktop protocol, which is running over the port three three eight nine.

49
00:03:35,710 --> 00:03:36,030
Cool.

50
00:03:36,040 --> 00:03:36,390
Right.

51
00:03:36,670 --> 00:03:42,160
We manage this cover vulnerabilities and critical vulnerabilities for the Windows seven machine.

52
00:03:43,060 --> 00:03:44,810
This necesito is really amazing.

53
00:03:45,340 --> 00:03:50,260
However, there are also some vulnerabilities that it didn't manage to find.

54
00:03:50,920 --> 00:03:53,980
And I'm talking about really high vulnerabilities.

55
00:03:54,670 --> 00:04:01,150
So it is finally time in the next section we're going to see how we can exploit bunch of these vulnerabilities,

56
00:04:01,300 --> 00:04:05,020
how we can gain access to the target, steal information from the target.

57
00:04:05,300 --> 00:04:10,690
We will see also how we can maintain access on the target and we will see how we can cover our tracks.

58
00:04:11,690 --> 00:04:13,540
You in the exploitation section.