June 2019
Beginner to intermediate
660 pages
14h 30m
English
It is possible, in Metasploit, to check for the vulnerable version before exploiting the vulnerable application. This is very important since if the version of the application running at the target is not vulnerable, it may crash the application and the possibility of exploiting the target becomes nil. Let's write an example check code for the application we exploited in the previous section as follows:
def check c = connect_login disconnect if c and banner =~ /220 PCMan's FTP Server 2\.0/ vprint_status("Able to authenticate, and banner shows the vulnerable version") return Exploit::CheckCode::Appears elsif not c and banner =~ /220 PCMan's FTP Server 2\.0/ vprint_status("Unable to authenticate, ...Read now
Unlock full access