Beware of insecure web servers!  This video starts by using the well known MS08-067 vulnerability to gain initial access into a web server that is discovered via an NMAP network scan.  Using the Meterpreter Reverse_TCP payload, a new "index.html" file is updated to the server.  In addition, deeper penetration occurs by extracting the MySQL and XAMPP application passwords.