lkok Posted November 8, 2010 Share Posted November 8, 2010 (edited) As most people get kinda offensive when i ask around for help with metasploit ( since everyone who uses it has hacking intentions ) i'm turning to the always helpfull hak5 community. I like messing around with it, and i happen to have 2 linux computers here. I was wondering if anyone had any suggestions on what services to install so i can exploit them with my other pc. Both running Ubuntu. For educational and amusement purposes, Honestly :/ Edited November 8, 2010 by lkok Quote Link to comment Share on other sites More sharing options...
digininja Posted November 8, 2010 Share Posted November 8, 2010 Google for Metasploit Unleashed, it is a full tutorial on how to use Metasploit with instructions on how to download and setup a special vulnerable version of XP. After that go to exploit-db.com and find exploits that have the vulnerable files also available for download, drop a few of them on and exploit them. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 9, 2010 Share Posted November 9, 2010 You could try exploiting these services and applications. Apache, Adobe, IIS, FTP, Firefox and IE. And can also use Nessus to run a vulnerability check on the target machine. Quote Link to comment Share on other sites More sharing options...
lkok Posted November 9, 2010 Author Share Posted November 9, 2010 (edited) Whenever i try to install an application that is old and exploitable, i cant install it because it misses some dependencies ( which are impossible to get ) and the compiler returns errors. I have this nearly everytime when i download an app from exploit-db, it doesnt work on my laptop. Suggestions for some specific app's/exploits that are known to work without too many dependencies? Edited November 9, 2010 by lkok Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 10, 2010 Share Posted November 10, 2010 Whenever i try to install an application that is old and exploitable, i cant install it because it misses some dependencies ( which are impossible to get ) and the compiler returns errors. I have this nearly everytime when i download an app from exploit-db, it doesnt work on my laptop. Suggestions for some specific app's/exploits that are known to work without too many dependencies? why don't you create a virtual machine and install windows xp from scratch and then install some buggy applications, instead of installing on your computer. Quote Link to comment Share on other sites More sharing options...
digininja Posted November 10, 2010 Share Posted November 10, 2010 Whenever i try to install an application that is old and exploitable, i cant install it because it misses some dependencies ( which are impossible to get ) and the compiler returns errors. I have this nearly everytime when i download an app from exploit-db, it doesnt work on my laptop. Suggestions for some specific app's/exploits that are known to work without too many dependencies? I think you are probably looking at it the wrong way around. The apps in exploit-db are usually apps not source, you are probably looking at the actual exploit code. Have another look and you'll find ones with attached apps, usually ftp and http servers are good ones to look at. Then check metasploit to see if it has an exploit for those apps.# I think you'd definitely be better going down the Metasploit Unleashed route as that takes you from step 0 all the way through. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 11, 2010 Share Posted November 11, 2010 there are two websites you can use to download exploits from http://www.exploit-db.com/ http://www.packetstormsecurity.org/ However if you don't want to compile exploits, just head over to http://www.metasploit.com/ and download the metasploit framework, that should get you started with pen-testing. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.