Download the tutorial from:
http://www.irongeek.com/i.php?page=videos/metasploit1

This video covers the use of Metasploit, launched from the Auditor Boot CD, to compromise an unpatched Windows XP box by using the RPC DCOM (MS03-026) vulnerability. It then sends back a VNC session to the attacker. This is just one example of the many things Metasploit can do.

Metasploit defines its Framework as “an advanced open-source platform for developing, testing, and using exploit code.” Very true, but it’s also a script kitties wet dream. It’s as close as it comes to having a point, click and exploit interface with four easy steps:
1.Choose a platform/application. 2.Choose an exploit. 3.Choose a shell code. 4.Exploit.
I’ve seen another video on this topic, but this one uses the web interface which makes testing the exploits a breeze and I narrate the entire video.

Metasploit is a very cool package, and a great way to convince your boss that you may need a better patching policy.

http://www.metasploit.com/index.html