gyoisamurai
commented
5 years ago Hi,
Current Deep Exploit uses default option of exploit module.
When you modify the option values, successful probability of exploitation may be high.
Please look this for you modify options.
- Tips. How to change "Exploit module's option".
https://github.com/13o-bbr-bbq/machine_learning_security/wiki/Usage
I remember seeing something about this from DEFCON 26 this year and finally got around to checking out this tool. took me forever to get it installed properly, had some issues getting it to actually run in training or test mode. had some Errors once I got it running. but once I did everything looked pretty smooth.
ran a few training sessions against a patched windows 7 machine ( figured there wouldn't be too much to discover there) but the machine did have a bunch of extraneous services and applications running.
ran a test against it and it found nothing. So I decided to train/test against an old windows 2000 advanced server that I had hanging around, once again everything looked fine, in training mode, when that completed I ran it in Test mode and I expected it to be able to exploit a few things on that old 2000 server if for no other reason than it was full of holes when it was retired.
so my question is I am not sure how I can tell if this tool is even functioning properly, or if it just didn't find anything or if maybe eevn though I thought it was setup correctly it wasn't anyway great idea in thought but so far I am not able to verify the practice.
thanks!