Im starting to fall in love with The Ethical Hacker Network! 
Okay here is my set up:

Host Operating system: Windows XP Sp3
Vmware Guest: Windows Xp Sp3
Vmware Guest: Backtrack 3

First, a question that is far over my head, im not sure if you can classify this as a question but here goes 

When your trying to find vulnerabilitys, do you find them for the opearating system (sp3) or the programs that the OS is running? For instance, Would i try to exploit Windows or A program that is running? So if you cant exploit the operating system it self, you wouldnt be able to exploit a "Out of the box SP3?"

You may be wondering why im asking this question;
Well i really like to explore things, i love hacking, programming etc,
BUT im very determined to be ethical, (Truthfully is scares me to even test my own virtual machines)  And i cant seem to hack anything on Sp3, so i tried finding a Windows 2000 ISO, turned out unsuccessful 
Does anyone know were i can find one?   I have serached forever 

=) Thanks in advance please feel free to ask any questions

Okay, so were searching for both types of vunerabilitys,
I know metasploit isnt going to have every single exploit know to man,
So were would i find exploits?
 
Thanks don

I'd highly recommend subscribing to the bugtraq mailing list - this is where a lot of new vulnerabilities get posted, and you'll see vulnerabilities that you may not understand - you can then go off and try to understand them by downloading a copy of the software in question and experimenting yourself.

But seeing as you're new, I'd strongly recommend following a tutorial or finding a program with an existing vulnerability and using it to understand what's going.

try this example of a buffer overflow vulnerability using a similar setup to what you have (I think I've linked to this one before in your previous thread - yes, I am Madirish.net fanboy).

It's a very easy to read tutorial for exploiting a known bug in an old version of an FTP server. 

You shouldn't be worried about attacking your own virtual machine - to start with you should be choosing your exploits for the sole purpose of understanding the process and the vulnerability - knowledge and discovery is the goal, not trashing your box.  and even if you do end up trashing it, just rebuild the VMware image.

If you want a learning path, try what I'm doing:  I've taken the course outline for the offensive security 101 course found here and am working through each module teaching myself as much as I can about different vulnerabilities and attack vectors. 

Don't forget, there's also non-network related attacks such as XSS and SQL injection that you can play arround with also - download a copy of SQL server and build yourself a simple ASP or php website and hack it!

As for other exploits, try:

Packetstormsecurity
w3af
Inguma

The latter two are great open-source frameworks, w3af for web apps (now windows installer), inguma (both os but easier to install on Linux) has a lot of oracle but also some general exploit stuff.

Hope this helps

Togg

Don't feel too bad with having problems getting in to XP Sp3, we're having problems with a clean NT box. Try any and all of the above. The first thing though is to identify even possible vulnerabilities. Once you wind them, start looking for one that will give you access to the root of the machine or other juicy pieces of info like a DB admin log-in. Have fun.

Further to ChrisG posts, slap a user on their with a profile not completely tied down and give them unfettered internet access. 

In my experience users are the worst applications you can ever install on a machine