BackTrack 5 R3 is set up on a virtual machine.
Apache started.
I also downloaded SET(social-engineer toolkit).

First of all, I deactivated all av in the machines in my LAN to perform the test. All of them are running on Windows 7.

1)I launched the first pen-test with the autopwn exploit. It didn't work at all.
2)I set up on SET an attack based on Java. It didn't work at all.
3)I set up a java signed applet on msfconsole. It didn't work at all.

1. it keeps sending data to the victim repeatedly. No shell is returned.

2. It shows up java dialog box repeatedly. I(as victim) click on accept and run. And again it shows up java dialog box. I click on accept and run and the same thing happens again. No shell is returned to my BackTrack on virtual machine.

3. When it doesn't show up java dialog box many times even when I(as victim) click on run, msfconsole on my BackTrack on virtual machine keeps waiting for the user to click on run on java dialog box forever and never returns a shell.

Sorry for my english.


Thanks