Video Description

In this video we begin looking at how exploits are uncovered. Dean provides an example of examining a target running MS Windows. With information gathered in a previous step, he then knows to look for services specific to a Windows host such as MSSQL Server. Some of the exploits targeting MSSQL Server are hash dumps, privilege escalation, and launching an XP command shell. This fits into the strategy of enumerating services on the target and then methodically probing them for vulnerabilities.

Course Modules