Public Exploit Lab Walkthrough

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
18 hours 43 minutes
Difficulty
Intermediate
CEU/CPE
22
Video Transcription
00:00
Welcome to the public exploit lab walkthrough.
00:06
So let's search and maps can.
00:08
Yeah,
00:13
S. V S C.
00:23
If you realize I make a lot of mistakes with my keyboard, it's because I have a mechanical keyboard here and I don't want to be two Clickety clackety
00:30
when I'm doing these demos. So I'm going off of my
00:34
max uh, keyboard, which I'm not as used to.
00:39
So you'll notice I get I see port 21 21 is open,
00:43
which is our clue. Our first clue.
00:52
So what's port 21
00:55
ftp. Right.
01:00
And you'll notice in these scans there are other ports open and that's to kind of throw you off.
01:08
But you may also see these in the UK labs or whatever. CTF you're doing
01:12
that multiple ports are open and it's a little confusing.
01:26
All right.
01:30
So what's so important 21 21 It's Konica Minolta ftp utility. It was FTp. I should be able to interact with it
01:42
and I did kind of throw this one at you because I changed the port.
01:49
So you'll see that it's on Port 21 21. I can log in trying to log in with anonymous
01:55
and you can see that I don't so I need to figure out how to get on this.
02:00
Well if you google, what's the default
02:02
username and password ftp,
02:06
it's admin,
02:07
pass word
02:10
and you can see you're logged in now. Right,
02:15
So that's our clue there.
02:17
The other clue of course is we have a folder on the desktop that gives us an exploit.
02:23
So Konica Minolta ftp utility 10 is what we're dealing with. Right,
02:29
well let's look at this code here so we know there's MSF venom involved. We know that there's a hard coded I. P. So we of course need to change this
02:40
and I will tell you if you're frustrated in the labs uh and you watch these videos and you're like this takes clint like so it's not it takes them so quickly. So at doing this.
02:53
Well
02:54
the exploitation path when you do it it is quick. It just it takes you hours to figure this out. Sometimes sometimes it doesn't sometimes it takes two minutes.
03:04
So I'm changing this to the I. P. Address of our victim or are other windows box
03:12
And Port 21 21.
03:14
So I need to change this too. Right?
03:16
It's not anonymous.
03:19
It's admin is our user and our password is password.
03:25
Yeah.
03:27
So now what I need to do is take MSF venom.
03:37
Mm.
03:40
You have to love the little
03:44
screen
03:46
from the labs.
03:53
So I'll take this.
03:57
I need to modify this.
04:00
Mhm.
04:00
Yeah.
04:01
Yeah.
04:03
Mhm.
04:04
All right.
04:06
Yeah.
04:08
So we need to make this our box.
04:15
Yeah,
04:15
Listening Ports 4 444.
04:21
Mhm.
04:27
Okay.
04:29
So he grabbed this
04:31
copy it.
04:32
Mhm.
04:36
And what we'll do now is change this.
04:43
Yeah,
04:45
we'll save this.
05:00
Mhm.
05:01
Yeah.
05:09
We need our listener.
05:16
What's your mod plus?
05:19
Mhm.
05:20
X. On exploit.
05:26
And then exploit.
05:28
Doesn't like that.
05:30
Do python two.
05:33
Mhm.
05:35
And there we see we have our show.
05:45
You'll see. I typically run the same command when I'm in a box. Right? Who am I? Or
05:48
I. P.
05:50
Or I'd if I'm on Lennox
05:54
I just want to know who I am and I want to know that I. P. Address to make sure I'm actually on the box that I intended to.
05:59
Sometimes you might find out you're on a different box. So that's always interesting.
06:02
But we know our victim is 1921681175.
06:08
So this can be a short one if people not to modify code and look at it.
06:14
Um or if you're just learning, this could take you a long time to figure out,
06:17
but it's just getting that practice down of looking at that code and modifying it to fit your environment.
06:25
Mhm.
Up Next