Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Is it outdated? "Metasploit - the penetration tester's guide"

  1. #1
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Is it outdated? "Metasploit - the penetration tester's guide"

    Hi

    Recently I purchased this book (Metasploit - the penetration tester's guide) and i am only on chapter 3. I am using Backtrack 5r2 64bit and i tried to run the command:

    # /etc/init.d/postgresql-8.3 start

    and the command was not found, so i looked in the init.d directory in case the version number was different and there is no sign of postgresql at all.

    this part seems fundamental for the success of the book because it opens the "msf>".

    Can i have some of your input please of a reference for a place to learn with up to date material?

    Thanks

    Deviney

  2. #2
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    This is an old command. Metasploit is changing almost everyday. But don't let this discourage you from finishing the book, there is a lot of good material in there. You should be able to just continue without starting that sql server. Or another option would be to use the version of Backtrack that was used in the book.

    Good Luck.

  3. #3
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    Unfortunately the book does not tell me what version of backtrack they used when the book was made. If metasploit is changing all the time how do you guys keep up-to-date with the new techniques?

    p.s thanks
    Last edited by deviney; 05-16-2012 at 06:44 PM.

  4. #4
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    I haven't read the book myself, but the MSF now starts & runs a Postgresql instance when you run msfconsole. My guess is that the book was written prior to the 4.x releases of Metasploit.

    But to answer your question, I read a lot
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  5. #5
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    Quote Originally Posted by scottm99 View Post
    I haven't read the book myself, but the MSF now starts & runs a Postgresql instance when you run msfconsole. My guess is that the book was written prior to the 4.x releases of Metasploit.

    But to answer your question, I read a lot
    good to know am not the only one then. Maybe you could help me with another question then because i did take 'hhmatt's' advise an kept reading but the bad part is now i am on vulnerability scanning chapter an notice they all use the following command to inport there results into metasploit

    #db_connect postgres:toor@127.0.0.1/msf3
    #load nessus

    how would i inport the results into the new version? if you could ansrew me this i would be really grateful because it would mean i could learn and practise at the same time.

  6. #6
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    5

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    From a (very) quick look on Google I'd say that now that Postgres is automatically loaded at msfconsole startup, you should be able to just type "load nessus"

    This might help you: http://www.ehacking.net/2011/06/inte...etasploit.html

  7. #7
    Member
    Join Date
    Jan 2010
    Posts
    54

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    I did try google with the code old code but i didnt think of using nessus and metasploit as keywords but thanks this helped alot .

    On a note that has nothing to do with this, i spent 20 minutes trying to use nessus on BT5 R2... didnt know it didnt come installed :/ hahahaha. I know, proper noob!

  8. #8
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    5

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    Glad it helped. And don't worry, I was frantically searching for Nessus as well, thinking I was going mad. Not sure why it doesn't come pre-installed any more tbh!

  9. #9
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    deviney, be sure to check out the metasploit mailing list. That has been a big help to me in the past. You can find signup info on metasploit's website.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  10. #10
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    8

    Default Re: Is it outdated? "Metasploit - the penetration tester's guide"

    I too am going through the book and discovering that things have changed, sometimes significantly. For instance, the chapter on anti-virus evasion is outdated, so don't expect anything there to work in the real world. You'll also find the authors assume a certain level of expertise, and don't spell things out as much as I think they should have, so expect to hit some road bumps along the way. Lots of them. (Hint, I've posted a solution to one problem in these forums. Also check the errata and corrections site for the book. Depending on which printing you have, it could save you lots of frustration.)

    That said, I think the book is still worth going through. Just keep in mind that, from what I've learned/realized so far (I'm working through chapter 9), IMHO, it is more about teaching you how exploits and attacks work rather than being a tool to do it in the real world.

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 03-03-2012, 07:57 PM
  2. Replies: 0
    Last Post: 09-22-2011, 08:56 PM
  3. Replies: 4
    Last Post: 02-24-2011, 04:52 PM
  4. Video of a "real-life" penetration
    By imported_Deathray in forum OLD General IT Discussion
    Replies: 6
    Last Post: 11-16-2008, 08:57 AM
  5. Replies: 17
    Last Post: 10-04-2007, 03:54 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •