Few words of caution after running this many times!

1. It seems to be completely incompatible with all Win2k8R2 servers - it will hang the server and require manual reboot
2. It has picked up...

I think you misunderstand me - here's an example:

Attacker gains meterpreter shell on the Target with whatever method. Evil PDF, bruteforce, Evil Java, etc.

Target gets wind of this, and wants...

Hi

Probably not what you are thinking :-)

I dont think there is, but if you knew you had an active meterpreter session on a target machine, is there a way to reverse the connection back to the...

Just to let you know I found a great tool called Antimeter2 which scans memory and reports back onto if any processes have meterpreter exploited.

Tested in a controlled environment, alongside with...

Hehe - hex and assembly to me might as well be attempting to build a space rocket ;)

Do active meterpreter sessions exhibit any packets which can be identified via wireshark?

I exploited my own PC and captured me opening up a backdoor and getting a meterpreter shell - however to...

Thanks again scott.

So it seems msfconsole automatically starts the db and connects when you launch it.

So say I move to another site, start another scan, how would I then use another database...

Just to add to this, it seems MSF has changed from recently?

I am following the guide here http://www.offensive-security.com/metasploit-unleashed/Working_With_NeXpose

But none of the commands...

I am running my BT installation on a 40GB partition and I've used 15GB, inc nexpose install. It took about 1GB tops from memory!

OK - I will try on a weekly basis and let you know :)

Still interested if anyone else knows of a way though?

Thank you both for your input - it has been invaluable.

We have already started using known good machines only, but I plan to try and dissect the suspects to gather evidence either way.

Hi Tape :)

Do they actually manually analyse the file then if it comes back clean? I imagine they have thousands of files submitted everyday...and its not like I am continually submitting the same...

Huh. I rebooted and immediately ran nsc.sh again, and now it seems to be updating.

A search on rapid7's community suggests they found similar thing for their own Backtrack testing.

Maybe this...

Hi all

Bit confused here, would appreciate if someone can clarify!

I have a installation of BT5R2 x64 on my laptop. I am trying to run nexpose from within msfconsole.

So I fire up msfconsole...

So I have read the guides, done some other research and ended up with an EXE file which passes all 42 vendors tests at Virustotal :)

I'm now trying to piggyback this onto another file type so that...

Thank you!!

Hi all

Been messing with the framework over the past few days.

In all of the tutorials I have found so far (including the one on Offensive Security) people talk about using msfpayload and...

And I even less so!

Thanks Scott.

This should be interesting.

Thanks. We have started to restrict more diligently but I am worried a box has been metasploited with a reverse shell or something.

What is the best way to detect this?

Definately not the IT Dept, 101% positive on that.

There is no IR Team. This is a very sensitive situation with potentially extremely high financial ramifications, so we cant go pointing fingers...

So I have done a little research on Metasploit to gain an overview of how it is laid out and how it works.

All of the guides I have read so far contain information on how to use it to exploit, or...

Hi

I'm running BT5R2x64 on KDE HDD install.

I am trying to install nexpose, and I have tried via the rapid7 website and apt-get - both install but fail to start with the same error:

...

permute.pl and leetify the same thing no?

I am in agreement with you there.

A WPA wireless network with a suitable password, and with no WPS-enabled, is pretty much going to be impossible to hack via the traditional wireless attack...