From the course: Practical Cybersecurity for IT Professionals
Join today to access over 24,800 courses taught by industry experts.
Running an exploit
From the course: Practical Cybersecurity for IT Professionals
Running an exploit
- [Narrator] We found a pseudo vulnerability on Scorpio, so let's see how an attacker would exploit it. If we investigate the CVE, we find there's a proof of concept exploit available from the GitHub site shown. I've downloaded the exploit zip file so we can build the exploit by typing, make. And we can see there's now an executable called exploit. Before we run this, let's try to list the root folder, ls /root. And we can't, we don't have permission. Let's now run the exploit we've built, ./ exploit. And we get a root command prompt. Who am I? I'm now root. And of course, if we try and list the root folder, now we can. We've not only detected a vulnerability, but we've proved that it can be exploited.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.