Penetration Test Report Demo

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

21 hours 43 minutes
Video Transcription
So I want to do a demo describing a bit more on what a Cbe is. A C W E N C V S S a lot of season there. But let's break this down a bit more. I love this website. Cbe details. It provides a whole lot of information you can see off the bat if we're looking for a particular vulnerability in this case CBE 2000 and nine
30 23, which came out in the year 2009.
We can already see there's two public exploits available for this in one Medicine flight module. I'll go into that a little bit later,
But descriptions here that it's a buffer overflow in Fasp and Microsoft is versions 5.0 through 6.0.
And if you look down here at the CVSs score, it's a 9.3, the highest being a 10. So this is a pretty severe vulnerability.
Now, I also spoke about C W E s. This is a CV here describing a specific type of software and a specific type of vulnerability. If we look at the C W E,
we can see attached to c W 1 19 failure constraint operations within the bounds of memory buffer. This is more of a general description of what the vulnerability class is rather than a specific vulnerability for that software. So I think it's good to know what a C. W is. Um you have a C W E. That's more of a general vulnerability
and then a more specific CBE for that piece of software or service.
Now, if we go down here, we'll see that there's references to the exploit. It's nice. It's in red right here. So we can actually go to exploit DB, which we'll do later in our labs and we can then go to exploit DB and look at this particular exploit and then modify it for our environment and then hope that it works.
The other thing is we have a medicine flight module attached to it. So you can use medicine plate once in. Oh, SCP. And if we wanted to use it, if we found this particular vulnerability, we could then then we know based on this website that there is a medicine flight module that we could use to exploit that vulnerability.
The other thing I want to delve into a bit more CVS s score. So if we have a custom application that doesn't have a CBE attached to it, we could use CVS s to score or rank how severe that vulnerability is. For example, let's let's think that we found a stored cross site scripting vulnerability
in an application. A custom application will go into this more in the web attack section of this course. But let's say anyone on the internet can reach this website, which will be network attack complexity is low. You just have to use some javascript for to execute the cross site scripting exploit.
There are no privileges required. Anybody on the internet can access the website, there's no authentication, user interactions required. Someone actually has to go to that website, you have to entice them to go there or maybe they unwittingly going to that website scope is unchanged. It simply affects that specific website or domain
confidentiality is high because as an attacker, I could craft my exploits so that I could steal somebody's cookie or read sensitive information integrity is high because maybe I can redirect them to a fishing page that looks exactly like a legitimate page and they could uh,
give me some sensitive information there.
And availability is high because I could again redirect somebody. So there's no ability for them to actually reach that domain,
which all this calculated. And I wouldn't worry about these other scores down here temporal, our environmental, let's just stick to the base score comes out to be a high. So when you write your report, you can put the numerical score, you could say it's an eight point, it's a high and then read. So they typically will have different colours associated with different vulnerabilities.
So let's say attack complexities high
and we modify these scores here. It changes it to a medium, it goes from a red to an orange there.
So hopefully that makes sense or more sense. As far as the CBE is a c w E and c b s s scoring.
Up Next
Offensive Penetration Testing

The Offensive Penetration Testing course opens the doors to those wanting to begin a penetration testing career. This course will prepare learners to begin their pentesting career journey by understanding what tools, techniques, and resources are available for someone starting out in offensive penetration testing.

Instructed By