1 00:00:00,120 --> 00:00:05,570 OK, so there's actually another option for searching for exploits and is using a tool that's called 2 00:00:05,570 --> 00:00:12,360 a search play that's already installed on your colonics machine and pretty much it has a list of it 3 00:00:12,360 --> 00:00:18,510 maintains like a database of the different exploits that are available. 4 00:00:18,510 --> 00:00:20,760 And I believe that's updated regularly. 5 00:00:21,600 --> 00:00:26,850 And you can search against them and the list of exploits that have returned from, you know, search 6 00:00:27,140 --> 00:00:27,660 searches. 7 00:00:28,230 --> 00:00:35,280 They have names for the exploits of File Partita Exploit and also a file name that is associated with 8 00:00:35,280 --> 00:00:36,720 each individual exploit. 9 00:00:36,910 --> 00:00:42,920 So the file names are always going to be a number followed by a file extension, which is going to say 10 00:00:42,930 --> 00:00:43,890 what kind of file is. 11 00:00:44,160 --> 00:00:49,800 So, you know, if you see an exploit, as you want to check out like five, three, four to three IPY, 12 00:00:49,950 --> 00:00:55,320 for example, you're going to use the following command and you can actually copy it to your current 13 00:00:55,320 --> 00:00:55,890 directory. 14 00:00:56,070 --> 00:01:00,890 And that's just going to be search for a dash cam and then the file name. 15 00:01:00,930 --> 00:01:01,650 That's how you got to do. 16 00:01:01,650 --> 00:01:05,930 So let's go over the top over to colonics and actually try this out. 17 00:01:05,940 --> 00:01:07,790 So we're back on Colonics machine. 18 00:01:07,800 --> 00:01:11,410 So the first thing that we're going to want to do is just type in search. 19 00:01:11,800 --> 00:01:13,530 That's the command that we're going to be using. 20 00:01:13,650 --> 00:01:17,910 And then whatever we want to search for is like and this is where we're going to search for the same 21 00:01:17,910 --> 00:01:19,620 thing vis FTP. 22 00:01:20,220 --> 00:01:22,980 And let's go ahead and just enter and now is going to search. 23 00:01:22,980 --> 00:01:28,530 And actually you can see that this is very consistent with what we found online previously, an expletive, 24 00:01:29,040 --> 00:01:30,270 because it pulls from there. 25 00:01:30,510 --> 00:01:37,590 So we can see right here, version two point three point four, which is installed on the metastable 26 00:01:38,010 --> 00:01:42,180 host, has that same back to command execution vulnerability. 27 00:01:42,300 --> 00:01:44,000 And it's also a remote execution. 28 00:01:44,010 --> 00:01:45,040 That's very good to know. 29 00:01:45,150 --> 00:01:48,510 So also, when you're looking for exploits, be sure to look at this part right here. 30 00:01:48,630 --> 00:01:52,520 You'll be able to see if if if a axwell is remote or not. 31 00:01:52,530 --> 00:01:58,260 It's important that it's remote, you know, a lot of the time, you know, for working your way in 32 00:01:58,680 --> 00:02:00,150 because a lot of the other exploits. 33 00:02:00,630 --> 00:02:04,410 So there might be some local things that you need to be on the system actually launch you there. 34 00:02:04,590 --> 00:02:09,960 Now that we know that is there, we can actually copy it to our current directory if we wanted to so 35 00:02:09,960 --> 00:02:11,310 we could do a search for. 36 00:02:12,500 --> 00:02:21,680 Dash em and then actually the name of the file, so one seven four nine one R B and then he's in and 37 00:02:21,680 --> 00:02:23,870 it'll copy it to your current directory. 38 00:02:23,880 --> 00:02:30,680 So I have it I already have it in this directory, but it's Preus, so we just copied over it. 39 00:02:30,860 --> 00:02:35,210 But now we know that it's in this directory. 40 00:02:35,210 --> 00:02:39,560 So as you can see, one seven four nine one Darbee. 41 00:02:39,560 --> 00:02:41,220 Now it's in this directory. 42 00:02:42,110 --> 00:02:47,900 So now we can actually go through and actually look at it ourselves, just like we could on the website 43 00:02:48,080 --> 00:02:51,530 and actually be able to give it a little look over, make sure it's safe and every day.