Hacking - Section 8 - Exploitation and Gaining Access. Flashcards
What is exploitation?
Is to use the vulnerabilities found to send a payload (a program) to the target.
What does the payload allows you to do?
Write commands directly into the target machine.
What happens if the target doesn’t have any vulnerabilities?
You need to make them open a payload by themselves, by using emails, files, etc.
What is a vulnerability?
Can be when a code of a software was not well written, which can be exploited by a the use of a bug in order to make it function differently (payload).
What is a CVT and a zero day vulnerability?
CVT + a year / when it first occurred is a bug exploited vulnerability.
zero day is a vulnerab that has not been patched yet (not discovered).
What is a shell?
Explain its two types:
shell = payload
reverse shell - target machine trying to connect back to the kali linux, exploit the target and drop a shell, which will tell the target machine to connect to our port.
bind shell - target machine opens their port for us to connect, but almost never work because firewalls can forbid target machines to open ports.
How to open the metasploitable framkework list?
cd /usr/share/metasploitable-framework/
How to open a metasploitable framkework file to see its code?
nano + name of it.
in the directory that they are
How to open the msfconsole?
msfconsole
How to show any section inside the msfconsole?
show + section you want
How to show a section inside of msfconsole?
type: show + name of the section
ex - show payloads
How to use a module?
use + section name + name of it
ex - use exploit/ + name you’ve copied
After using a module, how can you know more about it?
show info
show options
Inside the ‘show options’ command, if you want to change any info you can type:
set + name of option + new info
ex - set LHOST 192.168.7
Inside the ‘module’, to show the payloads that will work for that command you can type:
And how to set a new payload?
show payloads
copy the one you desire (show payloads) and type:
set payload + its name
show options
How to show the available targets inside the module?
and how to set one?
show targets
set target + number (then use exploit)
How can you use a version explored in the searchsploit on the msfconsole?
If you find a path result with metasploit in it, you can use:
search + name of the version (on the msfconsole)
How to exit the shell?
exit
What is the ‘netcat’ tool and how to use it?
A tool that allows us to to establish a connection with other machines using TCP/UDP.
nc -h
nc + IP + Port Nº
What are some rare exploits that barely happen but are guaranteed to exploy?
Bindshell and Tellnet.
How to exploit a telnet?
telnet + IP
How to run the commands on the msfconsole?
run
How to search for a version of a exploit?
searchsploit + its name
msfconsole
use + the name you saw +/port that u desire
use + same thing as above + /the version u choose from msfconsole
run
ex - use auxiliary/scanner/smb/
use auxiliary/scanner/smb/ + /version u desire
set RGHOST
run
What is a brute force attack?
Is to send information (usernames and passwords) to the target to check if any of those are correct.
