October 13th, 2005, 02:55 AM
Metasploit Flash Tutorial
Download the tutorial from:
This video covers the use of Metasploit, launched from the Auditor Boot CD, to compromise an unpatched Windows XP box by using the RPC DCOM (MS03-026) vulnerability. It then sends back a VNC session to the attacker. This is just one example of the many things Metasploit can do.
Metasploit defines its Framework as ďan advanced open-source platform for developing, testing, and using exploit code.Ē Very true, but itís also a script kitties wet dream. Itís as close as it comes to having a point, click and exploit interface with four easy steps:
1.Choose a platform/application. 2.Choose an exploit. 3.Choose a shell code. 4.Exploit.
Iíve seen another video on this topic, but this one uses the web interface which makes testing the exploits a breeze and I narrate the entire video.
Metasploit is a very cool package, and a great way to convince your boss that you may need a better patching policy.