Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this video we begin looking at how exploits are uncovered. Dean provides an example of examining a target running MS Windows. With information gathered in a previous step, he then knows to look for services specific to a Windows host such as MSSQL Server. Some of the exploits targeting MSSQL Server are hash dumps, privilege escalation, and launching an XP command shell. This fits into the strategy of enumerating services on the target and then methodically probing them for vulnerabilities.