Need help with Metasploit

[dimaglez]

Hi forum.

I downloaded the BT3 final version few days ago and started to study it.
I have used Linux before but I've never used any hack-tool before. Most of them are quite easy so I dont have problems with them. Now I am trying to get involved with Metasploit but I dont get to understand fully how it works. I mean I have an idea of what is an exploit and how it works (at least i think so ), but I dont have any idea of what are payloads and which of them I must use in what cases. Could someone tell me please where I can get the info about them because I am stucked!. Thanks

P.S : Sorry for my English, I am from Ukraine and never studied it.

[ʞɔɐɹʇ|ʞɔɐq]

Open the METASPLOIT Web GUI in the browser, payloads, exploits and such are all in there, its pretty self explanitory.. Just as an example, you get access to a network, under SAMBA shares all the NetBIOS enabled machines will show up, first thing, run NMAP and take a good look at what services they have running on the entire network, scan the entire IP range, if you see a Windows XP Box running SP2, then you can inject that machine with an exploit which will drop you into the windows 32 command shell. From there you can do what you like, disable something important like their anti-virus and upload a remote back-door for example.

Or you could do the nice thing, look but don't touch, but where's the fun in that!?

I once got onto a network with 245 networked windows machines.. it was exploit heaven!!!

Here's a great site with stuff you can upload remotely into their Start up folder... The flasher one with a picture of Goatse.cx loaded into it never gets old...

**********************8

[imported_=Tron=]

Or you could do the nice thing, look but don't touch, but where's the fun in that!?

I once got onto a network with 245 networked windows machines.. it was exploit heaven!!!

Hmm... Please tell us more.

[killadaninja]

Open the METASPLOIT Web GUI in the browser, payloads, exploits and such are all in there, its pretty self explanitory.. Just as an example, you get access to a network, under SAMBA shares all the NetBIOS enabled machines will show up, first thing, run NMAP and take a good look at what services they have running on the entire network, scan the entire IP range, if you see a Windows XP Box running SP2, then you can inject that machine with an exploit which will drop you into the windows 32 command shell. From there you can do what you like, disable something important like their anti-virus and upload a remote back-door for example.

Or you could do the nice thing, look but don't touch, but where's the fun in that!?

I once got onto a network with 245 networked windows machines.. it was exploit heaven!!!

Here's a great site with stuff you can upload remotely into their Start up folder... The flasher one with a picture of Goatse.cx loaded into it never gets old...
**********

I think youll recieve a warning for this post

[ʞɔɐɹʇ|ʞɔɐq]

Hmm... Please tell us more.

Well I did the nice thing, I looked but didn't touch, once I'm in I am afraid to say I loose interest pretty quick, for me its the thrill of the chase..

[ʞɔɐɹʇ|ʞɔɐq]

I think youll recieve a warning for this post

Cant see why, he asked, I answered.. Maybe I shouldn't have given him such a blunt answer but that's just me.

[imported_=Tron=]

Well I did the nice thing, I looked but didn't touch, once I'm in I am afraid to say I loose interest pretty quick, for me its the thrill of the chase..

Well to be fair, you went way past doing the nice/legal thing at the point you attempted to break into the network.