00:03
>> The dash t option finished.
00:03
We can see that we've got a lot of modules which may be
00:03
related to doing this testing of the website.
00:03
I've got a web server testing some scares here,
00:03
file and directory testing, unique query testing.
00:03
That gives me some indication that I've
00:03
got a lot of modules that may apply.
00:03
to my help screen for wmap_run -e.
00:03
We'll launch all the profiles against these targets.
00:03
So if I don't give a profile name then it runs
00:03
all enabled modules. That's what I'm going to do.
00:03
I'm going to do wmap_run -e and there should put
00:03
all these modules against all of the content found
00:03
in the root folder of the Metasploit server.
00:03
This will probably take a little while.
00:03
I actually had a run this earlier and
00:03
the wmap_run -e failed
00:03
and it was giving me a memory allocation error.
00:03
You may see this as well.
00:03
So what I did was I shut down my Kali instance,
00:03
and I increased the RAM to two gigabytes.
00:03
It was already at one,
00:03
I figured I'd play it safe and just
00:03
>> add another gigabyte.
00:03
>> Hopefully, that does the trick and the scan actually
00:03
completes without the virtual
00:03
>> machine running out of RAM.
00:03
>> We'll check that again in just a little while and see
00:03
if we can find some vulnerabilities.
00:03
The wmap scan finally finished.
00:03
Wmap_run -e was the command that I ran.
00:03
Now we can look at the wmap_vulns command,
00:03
dash L to list of vulnerabilities.
00:03
That didn't show anything.
00:03
All right, but I did find one when
00:03
>> I go to look at vulns.
00:03
>> Let's go back real quick and look at the help.
00:03
Web vulns table did not
00:03
put the vulnerabilities in a table,
00:03
but at least it did find a vulnerability.
00:03
Linux payload execution.
00:03
I'II give you a nice link to the vulnerability.
00:03
I think we have a Postgres payload module
00:03
that we can try to verify that that
00:03
actually is the unknown weakness.
00:03
Actually, I think what I'm considering is
00:03
the default credentials that we explored earlier,
00:03
but we'll take a look at this a little bit later.
00:03
That's the end of the section for WMAP.
00:03
Now we will move on to trying to use Nessus.
