All right. So for our next task we're going to do is export
from the necessary tool
and imported into Mattis place. So we can have,
uh, access all this information
exported. Unnecessary format. You see, you've got some other options available.
You also have the necessary data base
format, but we're just gonna put it in
export, or rather, in straight necessary format.
And this should get sent to my
Let's not go downloads L s sellers. Hello, Seller. T. There is my file
back in mass ploy. I'm gonna want to do a D B import.
I can see All I do is give it the foul into the file on it understands all these different file types.
Next post scans X amount. All found stone at you, Net IX and map.
And, of course, Ness's there.
That's Parker Spice works right now.
It's pretty good, huh?
Selection of a lot options there.
So I know my file is in route downloads
and I'll paste that last bit there.
So it was necessary XML and automatically determines the file type
Now, if I want my service is command again.
I do see more things here, uh, than previously
the R. P. C info has been added and a couple other things. The list is a little bit longer, so that's good.
Also, if I look at my vulnerabilities, look at all the stuff that's here. This should be. This should match the 103 109
vulnerabilities that were discovered,
and these all have their
So now, even though I'm still in the man's boyfriend work, I'm I'm able to look at Ness's
pretty, pretty neat.
And this is in my database now as well.
So this is Ah, big improvement over just having,
you know, two separate applications
and trying to merge that information together when you're you're looking for ways to do your next exploit,
you know, loot yet, but we'll see what that looks like. Some point we know we have some credentials
logging that we tried earlier.
You have to do this from within the framework for that to get registered in the database like I did the Tomcat log in. But that was
through the Web browser which is outside the framework, so it doesn't know that I've tried that.
So if I do a quick search for Tomcat,
I probably could find a
I'm Andrew Log in that looks like it.
I could make this window a little bit bigger.
I don't like when my lines wraparound.
It's snowing. Sorry about that.
All right, so we see that I've got a user name and password.
our host is not defined. Probably cause I started,
a different version of framework and didn't save those settings.
There is a safe command within the framework, and I'll run that after I do this.
I'm gonna go ahead and
go ahead and save my configuration. Tells me where it is.
No, I will set my password to Tomcat because we know that's what it was from the previous exploit,
and I'll set user name to Tomcat.
So basically, set passport and use her name.
Now if I show my options again,
I could set blank passwords, too.
True. That might help,
but I might have enough information.
Let's let's do a couple things I set blank
confidence of this Exploit will actually do something.
It says the connection was refused on port, eh?
I think this waas pour it 81 80. So that's the problem is the remote port. Let's change that
now. I will try the exploit.
So I tried a bunch of defaults,
Scared one of one hosts,
I don't see our successful there on a server at the top. I looked right past it,
so log in for Tom Cat Tomcat was successful. Now, if you look back at our options, we can see we've got a password file, a user name and password file. So these were checked
but the one that actually supplied because I knew that information worked.
as you would expect, my credentials portion of the database holds two new credentials. I know I can connect to this host on port 81 80 using ah, user name and password of Tomcat and Tomcat.
Pretty neat. Gotta admit.
Okay, so this wraps up our vulnerability scanning
and what we're gonna, uh
look at a little bit after this is some of what's involved in actually developing developing exploits for menace, Boy. Not gonna go into a tremendous amount of details a little bit beyond the scope of this class.
But what leads Touch on a few topics, and I'll give you some understanding of what's involved.