In this episode, we search for exploits in Metasploit. Damien covers the search command, CVE’s, Microsoft security bulletins and more. Find the exploit code for WannaCry / WannaCrypt by searching for the CVE, or Microsoft Security Bulletin. Understanding CVE’s and other vulnerability information is a big part of security. This information can help you secure systems and better protect your organization.
Searching for exploits in Metasploit
- nvd.nist.gov – National Vulnerability Database
- us-cert.gov – United States Computer Emergency Readiness Team
- CVE-2017-0145 – One of the CVE’s about the SMB vulnerability
- MS17-010 – Microsoft security bulletin about the SMB vulnerability
- DBPOWER U818A WFI Quadcopter drone allows full filesystem permissions to anonymous FTP
- Space Coast Credit Union SCCU Mobile for Android and Iphone fails to properly validate SSL certificates