Hi

I am a newbie in ethical hacking. I have good understanding of networks sysytems, web applications penetration testing but exploiting us a new era for me.

I am administering a couple of LAN s connected to each other through switches and routers. I had been using windows servers for most of the administering part, bur now i own a new macbook and i am willing to learn more about unix environments.

I ve read your article and i am amazed how easy it is to exploit a windows system. Although it seems easy i could not manage to use the exploit mentioned in your artile.

The exploit you use is "ie_createtextrange" . This exploit is available in .pm ( perl module ) format . In metasploit exploit pages they say all i have to do is to copy this exploit into exploit directory. But all the other exploits ( default ones coming with installation of alpha 3) are in .rb ( ruby ? ) format.

So when i type use ie_createtextrange in msfconsole i get an error. Do i have to compile .pm into .rb , if so how ?

I am sorry if this seems to be a very stupid question but i am really new to perl, ruby, unix darwin enviroments.

Thanks in advance for your response.

Yes but not just that xploit is in .pm format, all others on the site are same .pm not .rb

Very good Article!! I have done some thing similar with a Soekris SBC and Monowall. I have also see people just APR Poison a network (like with Cain & Able) and steel the info and traffic that way. WiFi has a lot of risks to it and when you add Spoofing, Phishing, and Fake AP's it can only confuse normal users.

Slimjim100