1
00:00:00,390 --> 00:00:04,030
Vulnerable to exploitation, using desperate.

2
00:00:05,810 --> 00:00:14,540
Now we'll discover and prove that this discovers probabilities in the previous laps are exploitable

3
00:00:15,710 --> 00:00:22,750
and will exploit multiple types of probabilities to reach the same goal, full control on target machine.

4
00:00:26,860 --> 00:00:28,390
So let's go back to the.

5
00:00:29,920 --> 00:00:31,660
Report generated by NASA's.

6
00:00:34,610 --> 00:00:41,300
And we have here several possibilities.

7
00:00:45,540 --> 00:00:45,990
To.

8
00:00:47,940 --> 00:00:48,690
Let's go.

9
00:00:50,920 --> 00:00:51,520
See?

10
00:00:53,110 --> 00:00:56,320
Which detail, of course, the the report.

11
00:00:57,260 --> 00:01:01,610
So it offers some information, some description about the point where our ability.

12
00:01:03,200 --> 00:01:07,970
And also, sometimes it includes.

13
00:01:11,370 --> 00:01:17,070
And I need that you can research more about on this one with CNN's Juan.

14
00:01:23,010 --> 00:01:24,630
So a veritable.

15
00:01:26,170 --> 00:01:28,290
It gives you more information.

16
00:01:29,420 --> 00:01:36,170
And it also offers KVI number that we already talked about in.

17
00:01:37,110 --> 00:01:38,690
The previous leaders.

18
00:01:39,240 --> 00:01:51,150
So here you can search even more about the probability and you can search for some exploits based on

19
00:01:51,150 --> 00:01:51,820
this idea.

20
00:01:53,470 --> 00:01:56,890
So you can find more information about this.

21
00:01:58,610 --> 00:02:00,550
It says this network exploitable.

22
00:02:02,320 --> 00:02:06,580
You don't require any authentication in order to exploit this.

23
00:02:11,740 --> 00:02:21,580
And so on, and sometimes it offers information if there is an exploit for this or not, and for this

24
00:02:21,580 --> 00:02:22,630
it does.

25
00:02:25,250 --> 00:02:34,870
Let's see it, it's shown here, otherwise we will one only find it so what we need is the vid.

26
00:02:38,320 --> 00:02:41,050
Then we go to exploit de.

27
00:02:42,540 --> 00:02:43,140
Dr. Carl.

28
00:02:46,020 --> 00:02:48,440
And we search.

29
00:02:49,670 --> 00:02:51,530
For the Heidi.

30
00:02:55,550 --> 00:03:01,400
And there is an exploit available, it will be shown here.

31
00:03:08,460 --> 00:03:09,840
Yes, there is.

32
00:03:14,000 --> 00:03:20,210
And here it is, and we have a script that we can use in order to.

33
00:03:21,450 --> 00:03:31,080
To get control over it, and it comes with some information of how to be used and forty six point,

34
00:03:31,080 --> 00:03:33,990
you have to download the SS keys.

35
00:03:35,390 --> 00:03:44,210
And to try them, actually, what this variability means is that that it uses some wiki's.

36
00:03:46,170 --> 00:03:56,460
And this are that you have to download to is actually some charity case that you will try.

37
00:03:58,080 --> 00:04:09,120
Like this, using the script, using the keys that you have downloaded on the target machine, the user

38
00:04:10,740 --> 00:04:12,930
and the port.

39
00:04:14,560 --> 00:04:18,339
In this age range and threats.

40
00:04:20,329 --> 00:04:25,310
OK, this will take a while, so let's go to another.

41
00:04:26,720 --> 00:04:31,040
Winnability you have you can try this one by your own.

42
00:04:34,070 --> 00:04:36,380
Let's go to another of our ability to see.

43
00:04:37,780 --> 00:04:39,900
Watch where I'm with you here.

44
00:04:42,180 --> 00:04:45,960
We actually have a lot of variabilities, but.

45
00:04:53,490 --> 00:04:55,210
Let's choose another one.

46
00:04:58,050 --> 00:05:02,490
I remember that it was on the.

47
00:05:05,010 --> 00:05:09,450
Server discovered, let's go back to Nessus can.

48
00:05:14,970 --> 00:05:15,870
Target.

49
00:05:18,930 --> 00:05:19,820
The.

50
00:05:22,630 --> 00:05:24,790
Science teacher.

51
00:05:25,800 --> 00:05:28,440
So it says, if Tippie.

52
00:05:29,670 --> 00:05:35,160
And it use the machine tools free for.

53
00:05:38,350 --> 00:05:38,850
To.

54
00:05:41,000 --> 00:05:43,210
Let's find a I'm ready for this one.

55
00:05:46,410 --> 00:05:51,060
Can we we we can use Google or we can use.

56
00:05:53,500 --> 00:05:54,790
It's going to be directly.

57
00:05:57,350 --> 00:05:59,590
It's practiced a little bit.

58
00:06:02,380 --> 00:06:05,230
What we already have learned.

59
00:06:07,440 --> 00:06:12,810
And, Paula, there is an exploit for this FTB server.

60
00:06:15,530 --> 00:06:18,200
And actually, there are few.

61
00:06:19,660 --> 00:06:21,060
Let's go with this one.

62
00:06:22,070 --> 00:06:24,930
And let's let's exploit this time.

63
00:06:27,740 --> 00:06:29,120
And see what happens.

64
00:06:32,300 --> 00:06:34,100
OK, this is the.

65
00:06:35,750 --> 00:06:42,480
The true that we will use these can be accessed directly from metastable.

66
00:06:42,660 --> 00:06:43,200
So.

67
00:06:44,770 --> 00:06:55,510
It's clear this and let's open it and use it, as you already know from the previous video.

68
00:07:02,730 --> 00:07:06,150
It will take a little bit to load all the plugins.

69
00:07:11,740 --> 00:07:13,480
You have a step by step.

70
00:07:18,290 --> 00:07:20,870
Description of how to exploit.

71
00:07:22,060 --> 00:07:26,230
The specific probability on a test.

72
00:07:28,750 --> 00:07:33,940
But he can just try to exploit another victim as well as you as you saw.

73
00:07:36,320 --> 00:07:41,600
The one from S.H., OK, it's clear this.

74
00:07:43,230 --> 00:07:50,250
And let's make it a little bigger, so let's search for an exploit.

75
00:07:51,260 --> 00:07:52,140
Or the.

76
00:07:56,200 --> 00:07:58,950
Databases not connected problem.

77
00:08:02,160 --> 00:08:04,620
Do take a little bit longer, but he's all right.

78
00:08:12,810 --> 00:08:13,470
Let's make.

79
00:08:17,720 --> 00:08:20,000
OK, it says it found.

80
00:08:23,390 --> 00:08:24,020
Exploit.

81
00:08:26,520 --> 00:08:36,470
Ford VPP version two point three point four and says better command is exactly what we found on dbu.

82
00:08:38,450 --> 00:08:39,900
So let's use it.

83
00:08:40,340 --> 00:08:41,000
Use.

84
00:08:45,130 --> 00:08:45,670
This one.

85
00:08:48,400 --> 00:08:50,250
Let's show some info.

86
00:08:52,080 --> 00:08:52,380
So.

87
00:08:54,220 --> 00:08:56,400
Options for now.

88
00:09:00,270 --> 00:09:02,250
Let's hit the remote cost.

89
00:09:05,100 --> 00:09:07,860
He's one seven to one.

90
00:09:08,740 --> 00:09:11,830
Six was six on 30.

91
00:09:13,180 --> 00:09:17,940
Then you remember the remote 40 feet, 21.

92
00:09:19,340 --> 00:09:21,410
Now, let's show what Veloz.

93
00:09:22,710 --> 00:09:23,790
Are compatible.

94
00:09:26,550 --> 00:09:30,380
And there is only one so sick payload.

95
00:09:32,320 --> 00:09:33,800
The unique scene there at.

96
00:09:35,930 --> 00:09:39,230
Share options again to see if he's OK.

97
00:09:43,140 --> 00:09:44,130
It won't cost.

98
00:09:48,460 --> 00:09:50,320
Now, let's expert.

99
00:09:54,470 --> 00:09:55,270
Ummed.

100
00:09:58,920 --> 00:10:02,570
Seems we have a shared constitution, one opens.

101
00:10:04,930 --> 00:10:07,210
And it doesn't show anything but.

102
00:10:08,370 --> 00:10:19,470
We can just make those comments, so if, for instance, and we see we are on the target machine and

103
00:10:19,590 --> 00:10:24,960
we are locked down, looked on as a as so very simple because.

104
00:10:25,880 --> 00:10:33,770
It was a public accessible exploit and it worked like nice.

105
00:10:35,020 --> 00:10:38,470
So let's find out more information about this machine.

106
00:10:39,500 --> 00:10:42,080
What version of Linux does it run?

107
00:10:43,780 --> 00:10:48,930
Let's see some friends here, maybe we can see the.

108
00:10:50,670 --> 00:10:51,900
Shardul farms.

109
00:10:53,270 --> 00:10:54,150
Where the.

110
00:10:55,270 --> 00:10:58,080
The password or our store?

111
00:11:00,460 --> 00:11:01,510
Or.

112
00:11:04,760 --> 00:11:14,870
This file can see the users and we can create a new user here.

113
00:11:17,220 --> 00:11:27,060
But it's not very interactive, this this show, so we can just use this to download some Beşiktaş and

114
00:11:27,330 --> 00:11:30,420
use another friend or so to.

115
00:11:33,700 --> 00:11:34,180
Later.

116
00:11:35,880 --> 00:11:39,510
Connect to this target machine, or we can just.

117
00:11:40,860 --> 00:11:43,980
Change the password and into a secich.

118
00:11:45,110 --> 00:11:48,000
But this is enough for for this point.