1
00:00:00,500 --> 00:00:01,560
So I'm not going to lie to you.

2
00:00:02,000 --> 00:00:08,900
Sometimes you're going to hear words like active exploit or passive exploit, right?

3
00:00:09,980 --> 00:00:17,420
Basically exploit in the media exploit framework are divided into two categories, active or passive.

4
00:00:18,180 --> 00:00:20,050
So what does that mean to you?

5
00:00:21,480 --> 00:00:28,290
Active exploits will exploit a specific host run until completion and then exit.

6
00:00:29,210 --> 00:00:33,680
For example, brute force modules will exit immediately when a shell opens.

7
00:00:34,690 --> 00:00:38,980
And execution of the module stops if an error occurs.

8
00:00:39,970 --> 00:00:44,890
Oh, and by the way, you can force an active exploit to work in the background.

9
00:00:45,920 --> 00:00:49,880
By entering Jay into the export command.

10
00:00:51,010 --> 00:00:58,960
And of course, on the other hand, passive exploits wait for incoming hosts and then exploit them as

11
00:00:58,960 --> 00:01:06,340
they connect, these exploits almost always focus on clients such as Web browsers, FTP clients and

12
00:01:06,340 --> 00:01:09,920
all those, and they'll report Schell's as they open.

13
00:01:10,690 --> 00:01:20,980
Now, you can list open shelves by entering I with the sessions command also by adding I with a sessions

14
00:01:20,980 --> 00:01:25,150
command, you'll be able to interact with the intended show.

15
00:01:28,380 --> 00:01:34,830
Métis Boyd framework ranks the exploits to help you find the appropriate exploit.

16
00:01:35,730 --> 00:01:38,370
And I'll show you all the ranks and their meanings.

17
00:01:40,740 --> 00:01:41,340
Excellent.

18
00:01:42,570 --> 00:01:45,030
The exploit will never crash the service.

19
00:01:45,840 --> 00:01:56,130
This is a case for school injection, ACMD Execution, RFI, Elfy, etc. There's no typical memory corruption

20
00:01:56,130 --> 00:02:02,730
exploits should be given this ranking unless unless there are some extraordinary circumstances.

21
00:02:03,800 --> 00:02:04,370
Great.

22
00:02:05,600 --> 00:02:15,560
The exploit has a default target, and either auto detect the appropriate target or uses an application

23
00:02:15,560 --> 00:02:19,040
specific return address after a version check.

24
00:02:20,020 --> 00:02:20,560
Good.

25
00:02:21,630 --> 00:02:27,840
Exploit has a default target, and it is the common case for this type of software.

26
00:02:28,970 --> 00:02:29,660
Normal.

27
00:02:30,840 --> 00:02:39,780
The exploit is otherwise reliable, but depends on a specific version and can't or doesn't reliably

28
00:02:39,780 --> 00:02:40,860
auto detect.

29
00:02:41,740 --> 00:02:42,400
Average.

30
00:02:43,380 --> 00:02:47,400
The exploit is generally unreliable or difficult to exploit.

31
00:02:48,610 --> 00:02:56,890
Low, the exploit is nearly impossible to exploit, or I'd say under 50 percent success rate for common

32
00:02:56,890 --> 00:02:57,520
platforms.

33
00:02:58,620 --> 00:02:59,250
Manuel.

34
00:03:00,230 --> 00:03:09,350
The exploit is unstable or difficult to exploit and is basically a Dossi, so this ranking is also used

35
00:03:09,350 --> 00:03:14,240
when the module has no use unless specifically configured by the user.