In this lesson I’ll talk about exploitation exploitation is using a threat to take advantage of a vulnerability it’s gonna be a very small part of the actual pen testing methodology if we’ve done our homework and research exploitation maybe a streamlined process now from the previous lesson we talked about vulnerabilities and vulnerability scanning we’re going to take those vulnerabilities.
And identify how we can exploit those to our advantage to actually compromise a system exploitation allows us to reduce or eliminate false positives from our vulnerability scanning vulnerability scanning is just looking for vulnerabilities it’s.
Not actually attacking or trying to compromise the system so we don’t know in vulnerability scanning if it actually works if the system can actually be exploited exploitation also helps us understand risk so if we’re able to compromise a system how easy it is how difficult it is maybe we can’t even get into the system which lowers our risk significantly exploitation also allows us to pivot to other.
Parts of the network which may have other vulnerabilities because vulnerability scanning only scans the systems that we tell.
It to when we’re exploiting systems it may allow us to jump to other parts of the network that we didn’t scan during our vulnerability.
Scanning process however there are risks to vulnerability scanning system crashes service crashes accessing content that you didn’t mean to and exposure sensitive information are all risks that we have when we are exploiting systems one common risk that we have is accessing content that we didn’t mean to so if we’re able to pivot from system desist maybe we actually maybe we.
Accidentally touch a system that is not part of our penetration testing plan there are many different resources available for pen testing there are many websites out there such as offensive security exploit DB comm which is a great website to look at actual code and actually processes services and applications that are vulnerable showdown allows us.
To see websites that could be vulnerable perhaps our own actually there are distributions out there I’ve been working off of Kali Linux for many years it used to be called backtrack back box and parrot security and samurais samurais a.
Web application vulnerability testing distribution these are all distributions or Linux distributions that allow us to compromise systems or.
Exploit systems there are also Suites of hacking tools and exploitation tools out there burp suite focuses on web applications Metasploit focuses on nearly all kinds of vulnerabilities core impact is around the same as Metasploit but it is a paid for professional piece of software of crack or John the Ripper focuses on password exploitation w3 AF and nikto.
Focus also on web application exploitation one thing that isn’t covered very often is physical exploitation and this is something that I always cover in any of my courses because people forget this if your systems are not locked down.
In locked offices in somewhere where they’re going to be protected it’s game over if they’re not encrypted and that’s what I want to show you today as a demonstration is systems that are unencrypted are very vulnerable let’s switch over.