1
00:00:00,360 --> 00:00:06,960
‫OK, everybody, I admitted I made a mistake in a previous scan and I disable the Windows plug ins,

2
00:00:06,990 --> 00:00:10,650
‫although two of my three targets are windows.

3
00:00:11,190 --> 00:00:16,920
‫It's just a really big mistake that affects the results, so that clearly shows that we should be very

4
00:00:16,920 --> 00:00:20,880
‫careful while configuring the tools such as a vulnerability scanner.

5
00:00:22,260 --> 00:00:28,290
‫Now I scanned the target machines once again and I didn't disable the Windows Plugins this time.

6
00:00:29,240 --> 00:00:35,450
‫So these are the result, two 07 is Windows XP and 2.3 three is Windows eight.

7
00:00:36,470 --> 00:00:39,110
‫I click on the Windows XP to see the vulnerabilities.

8
00:00:39,630 --> 00:00:43,430
‫As you see, there are a lot of critical vulnerabilities.

9
00:00:44,450 --> 00:00:46,640
‫I'll click on one of them just to see its details.

10
00:00:47,630 --> 00:00:53,060
‫So here is the name in the description about the vulnerability and scrolling down.

11
00:00:53,570 --> 00:00:53,990
‫Yes.

12
00:00:54,320 --> 00:00:57,830
‫It says a vulnerability is exploitable with Metasploit.

13
00:00:59,390 --> 00:01:00,980
‫So let's go back to vulnerabilities.

14
00:01:01,370 --> 00:01:04,310
‫I want to show you another vulnerability for XP system.

15
00:01:05,570 --> 00:01:12,560
‫This is the vulnerability RMS zero eight zero six seven, which has a very stable exploit.

16
00:01:14,100 --> 00:01:20,970
‫Rolling down a bit and missus says we can exploit this vulnerability using Metasploit, so let's do

17
00:01:20,970 --> 00:01:21,090
‫it.

18
00:01:21,660 --> 00:01:26,850
‫I think it's an invitation to open a terminal screen and start massive console.

19
00:01:31,820 --> 00:01:33,950
‫Search for the vulnerability, Ms.

20
00:01:34,280 --> 00:01:36,620
‫Zero eight, Dash zero, six seven.

21
00:01:39,000 --> 00:01:39,900
‫Here is the exploit.

22
00:01:40,740 --> 00:01:41,460
‫Let's use it.

23
00:01:46,630 --> 00:01:49,540
‫Look for the available payloads using show payloads.

24
00:01:59,220 --> 00:02:03,300
‫I want to use shell payload with mine TCP Stager for this time.

25
00:02:04,560 --> 00:02:05,370
‫Joe Options.

26
00:02:08,110 --> 00:02:09,250
‫Said the remote host.

27
00:02:09,460 --> 00:02:10,150
‫That was.

28
00:02:12,910 --> 00:02:14,920
‫Well, let me look at the Nessus page again.

29
00:02:17,170 --> 00:02:19,000
‫Yes, two of 07.

30
00:02:26,620 --> 00:02:30,400
‫And the port is for four or five, the default value is correct.

31
00:02:31,270 --> 00:02:34,420
‫Show the options again and we're ready to run the exploit.

32
00:02:39,380 --> 00:02:44,240
‫Here is the shell of the target system, exploitation is successful once again.