1
00:00:00,500 --> 00:00:05,420
‫So do you remember what I mentioned before, the first two steps of our scenario are to exploit a system

2
00:00:05,660 --> 00:00:07,700
‫and to gather the password hashes.

3
00:00:08,880 --> 00:00:15,180
‫Now we know that the Windows XP system in our network has Emma zero eight zero six seven vulnerability,

4
00:00:15,180 --> 00:00:16,350
‫and it's exploitable.

5
00:00:16,770 --> 00:00:20,220
‫So let's hack that system and gather the password hashes.

6
00:00:21,480 --> 00:00:27,000
‫OK, so in Cali, let's open a terminal screen and run MSFT console first.

7
00:00:27,870 --> 00:00:33,330
‫While the console is starting, I go to XP VM and look at the IP address again.

8
00:00:36,610 --> 00:00:44,980
‫It's two 07, so back to Cali, MSF console is ready now, since we've already seen these before, I

9
00:00:44,980 --> 00:00:46,810
‫just want to speed through this.

10
00:00:47,260 --> 00:00:54,370
‫I recommend that you perform all these practices each time, so you will be more familiar with the exploitation

11
00:00:54,380 --> 00:00:54,880
‫steps.

12
00:00:56,560 --> 00:01:03,850
‫Search for the MW08 067 seven exploits, use the exploit with the use command, said the appropriate

13
00:01:03,850 --> 00:01:07,330
‫payload and to make password gathering easy.

14
00:01:07,570 --> 00:01:09,190
‫All said a mature operator payload.

15
00:01:10,980 --> 00:01:16,920
‫And show the options, so the required options remote host is XP machine.

16
00:01:21,150 --> 00:01:22,650
‫Local host as Carly.

17
00:01:24,820 --> 00:01:29,470
‫And leave the other options with the default values and run the exploit.

18
00:01:31,540 --> 00:01:35,110
‫OK, so now we have a maturity session on SBY.

19
00:01:36,190 --> 00:01:41,920
‫And as we've seen before, we can use hash dump function to gather the password hashes, and here they

20
00:01:41,920 --> 00:01:42,130
‫are.

21
00:01:43,300 --> 00:01:47,500
‫What I'll do is I'll copy them and paste them into a text file to use later.

22
00:01:48,440 --> 00:01:54,290
‫Now I open a new terminal and use the nano text editor to create a new text file to store my ashes.

23
00:01:55,640 --> 00:02:01,250
‫I create hash export, text file in a desktop folder and paste the hashes into it.

24
00:02:04,450 --> 00:02:05,740
‫Control and exit to exit.

25
00:02:06,040 --> 00:02:11,710
‫Why to save changes and hit enter to save is the same file that we named in the beginning.

26
00:02:12,370 --> 00:02:14,890
‫Now I have the hash file on my desktop.