Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: metasploit question

  1. #1
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default metasploit question

    hey guys i have been using metaspoilt or trying to, now i have watched and downloaded many tutorials how to use this.
    I run nmap or nessus first and check vuln or what exploits to use sometimes there is and sometimes there isnt and then i import them into metasploit but everytime i have done this, there is never a active shell or any vulns, I have updated so i have all current exploits, now i have tried this on many computers also tried autopwn and client side attack and i never get a active shell.

    Are all the computers to well patched or am i doing something wrong ?

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Quote Originally Posted by apprentice View Post
    Are all the computers to well patched or am i doing something wrong ?
    You might of answered your own question, which computers are you trying to use the exploits on?

  3. #3
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default

    thanks for your reply Lincoln
    well it depends on different senarios, well mainly nmap says windows xp or vista or should i be targetting router ?
    it also tells me difficulty of the attack, is the higher number the harder to get in?? on the tutorials it is shown thats its easy and straight forward i guess it isnt. Maybe i need to do a bit more reading

  4. #4
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Aha I know what's going on here. You have much to learn before you can start exploiting systems.

    What nmap is showing you is the difficulty for IP prediction attacks, an almost useless and lost art nowdays.

    Some suggested reading (googledork keywords, not links):

    Linux Command Line Basics
    TCP/IP Illustrated
    packet filtering basics
    smashing the stack for fun and profit
    the art of exploitation
    eric steven raymond - how to be a hacker

    That should be enough to get you started. A more refined answer is to search the forums for something along the lines of "fun with ms08_067"
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  5. #5
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default

    thanks for your reply Gitsnik
    i thought proberly to easy , thanks for the extra eductional reads, go back to the drawing board.

  6. #6
    Member floyd's Avatar
    Join Date
    Mar 2009
    Posts
    231

    Default

    Quote Originally Posted by Gitsnik View Post
    the art of exploitation
    Please do me a favour and never recommend that one again. It's horrible. Don't read it.
    Auswaertsspiel

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by floyd View Post
    Please do me a favour and never recommend that one again. It's horrible. Don't read it.
    As in "Hacking: The Art of Exploitation"? Actually, I quite liked it. The reviews on Amazon for the second edition of the book (the one I have) are also quite positive.

    Amazon.com: Hacking: The Art of Exploitation, 2nd Edition (9781593271442): Jon Erickson: Books
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by lupin View Post
    As in "Hacking: The Art of Exploitation"? Actually, I quite liked it. The reviews on Amazon for the second edition of the book (the one I have) are also quite positive.

    Amazon.com: Hacking: The Art of Exploitation, 2nd Edition (9781593271442): Jon Erickson: Books
    I've found it to be a bit like Pulp Fiction... you either love it or hate it.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  9. #9
    Member floyd's Avatar
    Join Date
    Mar 2009
    Posts
    231

    Default

    Oh sorry, my fault
    I had the mitnick book in mind... Never read that one, but sounds cool
    Auswaertsspiel

  10. #10
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by Gitsnik View Post
    I've found it to be a bit like Pulp Fiction... you either love it or hate it.
    I thought it was a great book.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •