Thursday, March 31, 2011

Step 3 - Gaining access to the server/remote host through vurnabilities.

This step involves gaining hidden access to the remote system by exploiting the vurnabilities that are there in various different services of the host .
To gain access using the vulnerabilities found you can use METASPLOIT . This is a popular exploit scanner and execution tool .
Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.
To know more about metasploit you can view the following flash tutorial by"Metasploit at iron geek".
Metasploit can be downloaded from the following link.
 There’s a presentation by HD Moore himself at Cansecwest 2006: csw06-moore.pdf And a couple of videos spawned from that here: Computer defense – TASK Presentation