Using Metasploit or Not

00:00

using the displayed in the osc P or not?

00:05

Are learning objective is to determine the pluses and minuses of using medicine flight on the osc P.

00:12

So this is a question everyone has to ask themselves themselves during the osc p. Should I use medicine flight? And there's a lot of factors that go into that and it's probably something you should start to think about before you are in the exam.

00:28

So when you're in the environment, the lab environment for P W. K. And you look at the forum, as many people obviously say, don't use my display, you may see old boxes with exploits like eternal Blue.

00:41

So what I would do is I would find a non medicine plate way to exploit the eternal blue vulnerability

00:49

and, and go from there because again, when you're not relying on medicine ploy, you're reading code and modifying code and having to take additional steps, which I think will translate nicely into. Oh, SCP day when you know when you're trying to find the correct exploit code and you have some comfort in knowing well

01:07

in the labs I've done them without medicine Floyd

01:11

but also do do do them both ways use meta split and don't use medicine plate and I'll use that with things like sequel map.

01:19

I'll use sequel map in labs

01:23

and then I won't and I'll try to determine how much harder it is not using sequel map than when I do use sequel map. Same thing with municipal it. I try to determine okay I can use municipal it but what if I don't and that's why I think you know going through the labs and the examples that I have given

01:38

some medicine modules are very simple. There simply uploading a file with a curl command

01:45

and you could easily do that yourself. So when you have some comfort in looking at exploit code and knowing what an exploit does you understand the complexity? If there's hashing algorithms that go towards it or trying to brute force dates and times and things like that,

02:01

it gets more complex and then you should start thinking, well maybe municipal, it is the right way to go here

02:07

because you know, maybe it's difficult for me to try to figure out all this on my own.

02:13

And again, I think the worst feeling is deciding to use medicine flight and it not working. So I'd say go with your gut and if you think that that exploit is the correct one in medicine Floyd

02:25

and it doesn't work again, change up your payloads, look at the targets, you know, maybe there's something in there maybe didn't configure it correctly. Maybe you didn't set your L hosts or our hosts or

02:36

whatever it may be. Maybe you didn't do that. right? So double triple check whether you did it right or not and maybe you've lost the box somehow and you just need to simply need to reset it.

02:46

Mhm.

02:49

So don't use medicine as a crutch if you go through the P. W. K. Labs and you use medicine Floyd on every box. If you could. In theory, I don't know if you can,

02:59

but if you use menace flood in every box, you're really gonna do yourself a disservice because when it comes time to test day and you can only use it once,

03:07

um you're really not gonna know, you know how to use medicine very well, but you won't know how to look at code, analyze it. And again, that's what differentiates you from a script kiddie, someone who just goes into medicine flight and select the correct module and then just hits exploit or run.

03:23

You know, the the differentiator is the fact that you can look at code and you can become familiar with figure out what it does and of course that takes a lot of googling and a lot of enumeration, figuring it out.

03:35

So like I said, try both ways. Try using medicine. Try not using medicine Floyd and have that comfort and that that self confidence that you're able to do things. Not relying on medicine Floyd.

03:47

Okay.

03:50

But in the end the choice is yours. Um, I think in my oh SCP attempts I use medicine plate.

03:55

I believe I used it every single time,

03:59

but it was typically towards the end of the test. My fear was using medicine play too early

04:04

and then not being able to use it again. So

04:09

weigh the costs,

04:11

the cost benefit analysis. You know, if I'm only two hours into SCP and I think I found a medicine plate module. Should I use it now? Your answer might be yes, your answer might be. I found some exploit. I've tried to find the code. All I can find is a medicine plate module. I don't know how to write ruby and I don't I don't feel comfortable

04:30

doing this on my own. So I'm gonna try medicine right now.

04:32

So it's really a case by case basis. But in my strategy, in my mind, it was always something that I should save for the end. Um when all else failed, I'll just try my display and see if it works.

04:46

And also know that, you know, if if you're thinking of

04:50

offensive security, who makes this,

04:53

do I make a box that is only explicable with medicine plate,

04:57

you know, do do I make somebody who's taking this test have to use it?

05:01

Um So think of it that way as well. I try to put myself in the mind of the test makers.

05:08

Um Just like someone who's taking the test is would they write something? Would they make a box only vulnerable to a meta split module? And are there other ways to exploit as other public exploit code out there available for somebody to find it?

05:23

And maybe there is and maybe it's just a matter of, you know, maybe it's not an exploit DB but it's in GIT hub. Someone else who has the exploit code. Um And you don't need to use medicine flight.

05:33

So that's why we always go back and you always hear enumerate enumerate enumerate. That goes the same for your your google searches or bing searches or whatever search engine you want to use is trying to find that exploit code and not having to go to medicine flight.

05:47

Yeah.

05:48

So here's our quiz which medicinally module can you use on more than one target.

05:54

I said this in the last lesson and you should know it. I preface this by saying

05:59

check the exam guide. You know from the time that this is recorded at the time that you take the Osc. P. Maybe things have changed. So go and check now before you know before this lesson ends. Go and check the the F. A. Q. And see what you're allowed to use and what you're not.

06:16

But the answer to this is going to be

06:19

multi handler which you've seen me use a few times. But again, go to the offensive security website, look at the exam guide and ensure that this information is up to date.

06:30

Yeah.