Time
4 hours 20 minutes
Difficulty
Intermediate
CEU/CPE
5

Video Description

The next step in the Hacker Methodology is to gain access to a vulnerable site. In this video we discuss several techniques for gaining access: - Exploit published vulnerabilities about software versions running on the site. - Gain access if a service is using default credentials. - Exploit the weakest link: humans. - Attempt a "Hail Mary" using Armitage

Video Transcription

00:04
all right. Now you have the terrain map.
00:07
You know the vulnerabilities. It's not time to get access. When it comes to gaining access, A few options are available.
00:13
The version of the piece of software has published vulnerabilities. This could be used to gain access
00:18
gain access if a service is using default, usually my credentials.
00:23
But if no credentials or vulnerabilities have found,
00:26
users can be targeted as well to gain access. It's very easy to G O around an organization's parking lot and drop a USB or a CD that has a
00:38
backdoor written on it, that
00:42
there's a plug it into their machine
00:46
gets executed and now you have access.
00:49
A lot of people will see a CD with
00:52
something like, uh, music Next 2015 or they'll find a thug driving. They'll say, Hey, what's on this? I'm gonna plug it in, plug it in. Boom! You have access to their network very, very easy to use the human element to gain access. But I talked about Ama Taj, and I talked about our montage being ableto
01:11
get you some access with a Hail Mary.
01:15
Let's take a look at what the hell Mary looks like.
01:23
All right, here we are, back in our Callie box.
01:26
We have our target.
01:27
No, I haven't tried to hail Mary on this yet. So let's give it a shot, See if we get anything.
01:37
So the guy who appear to attacks
01:40
and we're gonna do a Hail Mary.
01:47
Now, what this is doing is running every single, exploiting, throwing every exploit. This machine it was, could cause machine that keel over and die,
01:55
Or it can give you a back door.
01:57
So it's kind of dangerous to do again on,
02:00
like, I c s systems or some kind of
02:04
system that is, ah,
02:07
connected to something
02:08
that
02:09
his life or death such as? Ah, hospital. So you won't want to do this there. But since this is an environment that
02:19
we know is something that
02:22
isn't gonna kill somebody, that's
02:23
let's take a look.
02:35
All right, throughout all of the ah
02:38
exploits here
02:39
and now it's
02:42
getting all the sessions together, and it's compiling the lesson that's going to tell us.
02:46
And 15 seconds if we
02:50
successfully exploit the machine.
02:57
Oh, and we got no sessions. Unfortunately,
03:00
no, it was a good try
03:06
because I find attacks against the machine.
03:20
They also view the attacks are available against machine. I go to attack
03:24
and seeing possible attacks up here
04:10
because of you possible attacks by
04:14
light clicking on the machine
04:15
and going down and
04:18
viewing
04:20
all these different kinds of attacks here
04:24
So you can go through and, you know, determine whether or not
04:28
you actually went to
04:30
try some of these and see some of these just have windows that just keep going and going of exploits.
04:35
You know what? For that of it, let's check the exploits.
04:42
I was gonna run through all those kinds of exploits that were there in those lists and
04:47
tested. See if it's exploitable.
04:53
There's another way you can perform your enumeration as well.
05:25
I was gonna keep going and going and going through that massive list of exports we saw there. So,
05:31
as you can see, it tells you
05:34
as it does it, whether or not it's actually vulnerable to those exploits. So soon as you see, one of those exploits say Hey
05:43
is explainable.
05:46
You know, you've got yourself a winner,
05:47
but I'm going to stop this so we can move on to our next portion

Up Next

Web Application Penetration Testing

In this web application penetration testing course, SME, Raymond Evans, takes you on a wild and fascinating journey into the cyber security discipline of web application pentesting. This is a very hands-on course that will require you to set up your own pentesting environment.

Instructed By

Instructor Profile Image
Raymond Evans
Instructor