I was thinking that. Thought I would try it using a free hosting account but try finding one these day's with register_globals and register_array_long both enabled in php.ini...

I need some help here. I am trying to use one of the exploits that comes with Metasploit to see if I can re-create an event that happened.

I am running Backtrack4 R2 in Oracle VM and have osCommerce set up on my main machine using the WAMP package.

The version of osCommerce is osCommerce 2.2-MS2.

No matter what I try I can not seem to be able to exploit my machine. As a payload I am using generic/shell_reverse_tcp.

This is the Metasploit page on the exploit: http://www.metasploit.com/modules/exploit/unix/webapp/oscommerce_filemanager.

I have set all the options and tried both IP addresses as VHOST as I thought that might be the problem but it was not.

The Virtual Box is set to bridged networking.

Any help on this one would be welcome.

So now we pay $15 per issue???

I remember buying the printed version in the store was cheaper for hakin9...

Could you hit me with a bat? Trying to ping made me remind that I forgot to start my network interface.

I got some issues trying to update the metasploit framework using msfupdate in Backtrack4 R2. When I try to run it I get this error:
I get the same issue when I try to update it by running 'sudo svn update' from /opt/metasploit3/msf3/

Any suggestions what could be wrong and how to fix it?

If I remember right Metasploit has some issues with webcams in general. Why not use one of the built in exploits enough test machines out there?

Beside that did you see that you got the networking configured right in the VM ware (if you are using VM ware now)?

Could also be that the exploit does not work because you are running XP now right?

If you insist on using Metasploit on in a XP environment I suggest you use VM ware to run backtrack and create an other box in VM ware to attack (in that way you leave your bf's computer alone). It is a pain to install Metasploit yourself from what I have heard an even worse to configurate it the right way.

For tutorials I suggest you look at Viveks primer on Metasploit at www.securitytube.net it discusses most of the basic options in Metasploit.

I find it weird that you get such an assignment from your teacher without him teaching you anything about how to set up a lab or how exactly the attack works that you need to preform.

Just so you know Metasploit is not a god in penetration testing. What machine did you get to penetrate from your teacher or did he tell you to penetrate a private persons machine (which I doubt very much)?

Just a wild guess but do you have RubyGems installed?

http://rubygems.org/

Free speech is free speech don, even if it is something people might not agree on. From one side you can be happy because it does not open the door for trails against people that criticize certain subject like is happening in some parts of Europe.

Like a famous comedian once said. Free speech means having the right to say hurtful things. Here in the free west we build a wall around us against those things and if you are not capable of doing that you should move away. Everything a person says can be hurtful to an other.

Just to state I do not support this church just wanted to make a point.