Part 8 - Why Sites Get Hacked
Video Activity
The next step in the Hacker Methodology is to gain access to a vulnerable site. In this video we discuss several techniques for gaining access: - Exploit published vulnerabilities about software versions running on the site. - Gain access if a service is using default credentials. - Exploit the weakest link: humans. - Attempt a "Hail Mary" using Ar...
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
The next step in the Hacker Methodology is to gain access to a vulnerable site. In this video we discuss several techniques for gaining access: - Exploit published vulnerabilities about software versions running on the site. - Gain access if a service is using default credentials. - Exploit the weakest link: humans. - Attempt a "Hail Mary" using Armitage
Video Transcription
00:03
>> All right, now that you have the Terrain mapped,
00:03
you know the vulnerabilities.
00:03
It's now time to gain access.
00:03
When it comes to gaining access,
00:03
a few options are available.
00:03
If a version of the piece of
00:03
software has published vulnerabilities,
00:03
it can be used to gain access.
00:03
You can gain access if a service is
00:03
using default username credentials.
00:03
But if no credentials or vulnerabilities are found,
00:03
users can be targeted as well to gain access.
00:03
It's very easy to go around
00:03
organizations parking lot and drop
00:03
a USB or a CD that has a backdoor written on it.
00:03
That soon as they plugin into their machine,
00:03
gets executed, and now you have access.
00:03
A lot of people will see a CD
00:03
with something like music mix 2015,
00:03
or they'll find a thumb drive and they'll say,
00:03
"Hey, what's on this?
00:03
I'm going to plug it in." They'll plug it in,
00:03
you have access to their network.
00:03
It's very easy to use a human element to gain access.
00:03
I've talked about Armitage,
00:03
and I talked about Armitage being able
00:03
to get you some access with a Hail Mary.
00:03
So let's take a look at what the Hail Mary looks like.
00:03
Right here, we are back in our Kali Box.
00:03
We have our target. I haven't
00:03
tried the Hail Mary on this yet,
00:03
so let's give it a shot, see if we get anything.
00:03
We go up here to Attacks,
00:03
and we're going to do a Hail Mary.
00:03
Now what this is doing is running through
00:03
every single exploit and throwing
00:03
every exploit at this machine,
00:03
and this could cause machines to kill over and die,
00:03
or it can give you a backdoor.
00:03
It's dangerous to do again on ICS Systems or
00:03
>> some kind of system that is connected to
00:03
>> something that is life or death,
00:03
such as a hospital,
00:03
so you don't want to do this there.
00:03
But since this is an environment
00:03
that we know is
00:03
something that isn't going to kill somebody,
00:03
let's take a look.
00:03
Throughout all the exploits here,
00:03
and now it's getting
00:03
all the sessions together and it's compiling a list and
00:03
it's going to tell us in
00:03
15 seconds if we successfully exploited the machine.
00:03
We got no sessions,
00:03
unfortunately, it was a good try.
00:03
I can also find attacks against the machine.
00:03
I can also view
00:03
the attacks are available against the machine,
00:03
are going to attack and
00:03
>> seeing possible attacks up here.
00:03
>> Because of view possible attacks by
00:03
right-clicking on the machine and
00:03
going down and viewing
00:03
all these different kinds of attacks here.
00:03
So you can go through and determine whether or
00:03
not you actually want to try some of these and see,
00:03
some of these just have windows that just
00:03
keep going of exploits.
00:03
You know what? For the act of it,
00:03
let's check the exploits.
00:03
Now it's going to run through all those kinds
00:03
of exploits that were there in
00:03
those lists and test to see if it's exploitable.
00:03
There's another way you can perform
00:03
your enumeration as well.
00:03
[BACKGROUND]
00:03
I'm just going to keep going and going through
00:03
that massive list of exploits we saw there.
00:03
As you can see it tells you,
00:03
as it does it,
00:03
whether or not it's actually
00:03
vulnerable to those exploits.
00:03
Soon as you see one of those exploits say,
00:03
"Hey, this is exploitable."
00:03
You've got yourself a winner.
00:03
But I'm going to stop this so we
00:03
can move on to our next portion.
Up Next
Instructed By
Similar Content
