1
00:00:00,850 --> 00:00:04,850
So exploits are the most important part of the mayor's Boyte framework.

2
00:00:05,710 --> 00:00:11,890
They make you take advantage of a flaw within any particular system, an application or a service.

3
00:00:12,850 --> 00:00:19,750
So it's by using exploits that you or maybe an attacker can get the results from the developer or the

4
00:00:20,350 --> 00:00:22,780
system administrator would never intend for.

5
00:00:23,750 --> 00:00:33,320
In boy framework, there are 1824 exploits when I recorded this course, which includes more than 15

6
00:00:33,320 --> 00:00:35,670
categories based on the different platforms.

7
00:00:36,260 --> 00:00:41,150
And right up here are the various categories of the exploits.

8
00:00:42,290 --> 00:00:48,980
Now, I guess you might think about how you're going to find your way among all of the available exploits.

9
00:00:50,240 --> 00:00:52,250
So let me quickly show you one.

10
00:00:53,590 --> 00:00:58,740
Now, first, I got to mention, you've got to be very careful before using any of these exploits,

11
00:00:59,350 --> 00:01:04,570
so let me suggest to you that you make an extensive enumeration on the target that you want to use and

12
00:01:04,570 --> 00:01:12,250
exploit on proper enumeration of the target might give the operating system of the target, including

13
00:01:12,250 --> 00:01:21,730
the exact version and architecture open ports on the target, both TCP or UDP services with a version,

14
00:01:21,730 --> 00:01:26,710
information and probability of a particular service being vulnerable.

15
00:01:27,690 --> 00:01:28,230
So.

16
00:01:29,570 --> 00:01:33,740
First, let's have a look at the export modules from the GeoEye.

17
00:01:35,190 --> 00:01:36,330
Look into the folder.

18
00:01:37,440 --> 00:01:44,000
And here there are over 15 categories, and under each one, you'll find even more categories.

19
00:01:45,380 --> 00:01:46,880
Under Eunuch's.

20
00:01:47,830 --> 00:01:48,720
FTP.

21
00:01:50,130 --> 00:01:52,380
Here is the expert that I want to use.

22
00:01:53,550 --> 00:01:55,140
So go back to the terminal.

23
00:01:57,090 --> 00:01:58,470
I want to clear the screen.

24
00:02:01,890 --> 00:02:08,190
Usage is the same as auxiliaries use and the name of the XPoint.

25
00:02:09,520 --> 00:02:13,300
Use exploit Unix FTP.

26
00:02:14,730 --> 00:02:18,270
Voice, FTD, back door.

27
00:02:19,410 --> 00:02:23,880
So I'll use this one just as an example, then show you the options of the XPoint.

28
00:02:25,920 --> 00:02:30,000
Said our host to your Matus portable to IP address.

29
00:02:31,330 --> 00:02:33,550
Default port number is 21.

30
00:02:34,950 --> 00:02:40,260
So you don't need to change it unless you find that this version of FTP is running on another port.

31
00:02:41,130 --> 00:02:42,540
And I'll show you the options again.

32
00:02:44,130 --> 00:02:45,420
OK, so here you go.

33
00:02:46,690 --> 00:02:50,980
Type exploit to run the exploit code against the medicine, voidable to.

34
00:02:54,730 --> 00:02:58,960
And Tara, you have your first show on the target.

35
00:03:00,260 --> 00:03:06,770
As you can see here, Métis Boit warns us about the open shell, so this is not an interactive show.

36
00:03:07,490 --> 00:03:11,300
And while you can type some Linux commands directly here.

37
00:03:12,230 --> 00:03:14,330
Who am I using the show?

38
00:03:15,120 --> 00:03:20,690
Oh, route user type I.D. to see the actual user.

39
00:03:21,640 --> 00:03:23,580
And yeah, sure enough, it's correct.

40
00:03:24,740 --> 00:03:28,760
So you can write here Linux commands, for example, if config.

41
00:03:29,940 --> 00:03:32,880
And you see that this is voidable to.