AutoPwn

How to use AutoPwn in Exploit Pack

Exploit Pack has a feature called AutoPwn that can be used to automagically select the exploit needed, like it name claims "Pwn" the target. While we always recommend to use a more manual approach sometimes it becomes useful if you want to quickly try a few exploits, for instance. Always be aware of the risks of automated attacks.

Also, have in mind that the filter to iterate over the XML files to select the exploits is pre-configured by ports, references or services running and it will first launch Nmap against the target to obtain these values. You must configure Nmap properly first, otherwise AutoPwn will not work.

In this example we are running AutoPwn against our local environment:

Once you set up the properties for AutoPwn you can go ahead and click on "Execute", this will activate the whole process. First it will launch Nmap against the selected target. After that, it will iterate over your exploit-tree searching for a match for the attack-type selected. If there is one, it will automatically launch it against the target, as shown in the following screenshot:

‚Äč