Really great video. It is my one struggle when I see a wall of exploits knowing which one to pick. This helped a lot and at least reassured me that I can just fire off a lot of them to see if they stick.
Thank you Andy! What if I load msf and "search blah" and see the rating of the exploit. I'd go for "excellent" first in manual mode where I'd run .rb against the target. Would that work?
Looks cool, and I agree on that part with Metasploit. It truly is a powerful tool, can be used to exploit so much. I soon am going to take a class on ethical hacking, but I also might consider getting this certification. Nice video.
@@andyli you ever hear of the Eternal Blue exploit? It's something from 2017 I believe but some say its still exploitable and it can eventually lead people to having access to your machine.
@@WholesomeContentForYou yes, there is a metasploit module for eternal blue and the vulnerability definitely still exists in the wild. I have seen it before on live environments
Not sure if is allowed or not, in general if it has auto exploit functionalities it is not allowed. Here is the reddit thread I saw a while back discussing Wappalyzer in the OSCP exam www.reddit.com/r/oscp/comments/nhu896/ptk_browser_extension/
I am failed recently. Trust me I have used big,common,directory-med,big all wordlists to enum directories. Nothing came . I really freaked. Nothing found to exploit, believe that?
Really great video. It is my one struggle when I see a wall of exploits knowing which one to pick. This helped a lot and at least reassured me that I can just fire off a lot of them to see if they stick.
It is a lot of trial and error
Great content Andy
cheers!
If the Python Script is written in older version (2.x). How to run in Kali Linux (which runs on Python 3.x) ?
try this docs.python.org/3/library/2to3.html
Thank you Andy! What if I load msf and "search blah" and see the rating of the exploit. I'd go for "excellent" first in manual mode where I'd run .rb against the target. Would that work?
yeah, try the quick low hanging fruit ones first
Looks cool, and I agree on that part with Metasploit. It truly is a powerful tool, can be used to exploit so much. I soon am going to take a class on ethical hacking, but I also might consider getting this certification. Nice video.
Thanks glad it was helpful
@@andyli you ever hear of the Eternal Blue exploit? It's something from 2017 I believe but some say its still exploitable and it can eventually lead people to having access to your machine.
@@WholesomeContentForYou yes, there is a metasploit module for eternal blue and the vulnerability definitely still exists in the wild. I have seen it before on live environments
Thanks man, good hints.
Found this video after spending 5 days on 5 different boxes trying to debug different exploit scripts for hours till I gave up and relied on hints.
it is ok to rely on hints
Def got a sub outta me! Love ur content and the way u teach fr fr
Thanks for the sub!
out of topic question..
can i using screen recorder for documentation the exam ?
or just screenshoot?
you cannot use a screen recorder, only screenshots
Sir can use wappylyzer extension at OSCP exam?
Not sure if is allowed or not, in general if it has auto exploit functionalities it is not allowed. Here is the reddit thread I saw a while back discussing Wappalyzer in the OSCP exam www.reddit.com/r/oscp/comments/nhu896/ptk_browser_extension/
Thanks, your videos are helpful
glad you found it helpful
The kali machine you are running is on VM or physically installed on the laptop / desktop ? It looks super fast.
It's on a VM
@@andyli which software you have used for making this video?
OBS studio
Want more content like this ❤️
👍
I am failed recently. Trust me I have used big,common,directory-med,big all wordlists to enum directories. Nothing came . I really freaked. Nothing found to exploit, believe that?
Don't give up, the exam machines are sometimes weirdly tricky
Did you pass by now?
So good!!!
thanks!
Thank you nice video.
Thanks
Thank you so much, ive been doing it bavkwords, looking for matching or lowr...fml lol
lol more than one way to do it, see what works for you