The text explains one of the tools from the “experimental” portion of the class, “MS06040Scanner”:
The working principle of MS06040Scanner is to first obtain the operating system type and open ports through port scanning and operating system scanning. If it is a windows2000 system, TCP 139 or TCP 445 port is opened, and the returned data packet matches the definition in the vulnerability library. It means that the host may have MS06040 vulnerabilities, we can use MS06040 exploit programs to carry out remote overflow attacks on it
The second slide demonstrates the “X-Scan” tool which would be used to find vulnerabilities allowing data exfiltration.
The Attacks
Source link
