Video: Exploring Metasploit 3 and the New and Improved Web Interface – Part 1

| April 28, 2007

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:Gates}

metasploit_banner

Overview of Video

In this video we explore the revised MSFWeb interface for the Metasploit Framework 3.0. We specifically take a look at running auxiliary modules against a server running MSSQL, and then we’ll take a look at using the MSFweb GUI to run the idq exploit with the meterpreter payload. What is unique about the idq bug is that it will NOT give you administrator or system on the box, but you can use the rev2self command in meterpreter to elevate your privileges from IUSR_MACHINENAME to SYSTEM. While we’re at it, we also dump the hashes using hashdump for a little extra fun.

Editor’s Note: Check your volume as the music may be a little loud. Chris is a wee bit of a headbanger! An "alternative" headbanger, but a headbanger nonetheless. Cool

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.

Thanks,
Chris Gates

Metasploit ® is a registered trademark of Metasploit LLC

Category: Gates

Comments are closed.