This quick guide will help you get started with Exploit Pack. Enjoy the journey and Happy Hacking!
One of the first things to set up before starting will be to configure your preferences. In the menu, go to "Edit" and "Preferences"
A new window will appear. For the tool to work correctly, Interpreter path and Nmap path must be set properly.
Interpreter path: This is the default interpreter you use. If the exploit itself does not specify one, it will be selected by the tool. In case that you are unsure about which one to choose we highly recommend Python but you can also try with Ruby, Perl, Bash, Powershell, Exploit Pack will select the appropriate one from the env set on your exploit directly.
Nmap path: Here you configure the full path used by Nmap and the desired options you wish to use within Exploit Pack ( these options will be used when you launch the Auxiliary module "Scanner" ).
In both cases, it should be pretty straight forward: just click on "Browse" and navigate until you find the needed binary, click on "Check" to verify that it is configured properly. After this step you will need to restart Exploit Pack for the changes to take effect.
Nmap options: The default options are -sV (Probe open ports to determine service/version info) and -A (Enable OS detection, version detection, script scanning, and traceroute) If you would like to change them, you can check this Nmap options summary.
Now you should have Exploit Pack running and properly configured in the system, before executing a module let's get more familiar with the tool.
Let's start by checking the basic features:
The Exploits tab and the Module search ( Left part of the screen ) This tab helps you choose the exploit you need. All the exploits (except for the 0 days) are divided by platform. Just press the black arrow next to the platform's name and a list of exploits will expand.
Use the search box to filter by name, platform, service, cve or any other available data in the exploit module properties. There is also a filter with some basic conditions.
Once you have selected an Exploit Module you can see its code and it's description (right side of the screen)
Target Properties ( Top-Middle side of the screen ) These are the properties you need to configure in order to successfully launch the selected exploit module. Some of them will get auto completed, but you can also change them for the ones you require. Once you think the options are set, press the button "Execute Exploit".
You can also change the current exploit's details further (even the description) from the "Module Wizard" window. Click on "Edit" to open it.