MetaSploit redux

By Rory2 on April 27, 2004 8:23 PM

Well I had a chance to download and have a quick test of the metasploit framework which I talked about earlier.

It definately does what it says on the tin! I downloaded it, ran the web server version (one command), fired up a known vulnerable Virtual machine, and very soon had a remote administrator exploit against IIS5 launched.

I think it could be very useful in the securtiy industry from the point of view of convincing companies that level of technical knowledge required to hack into their systems is not high.... This is needed as a common reason given by management in companies for not doing things like patch management of internal servers is that "well no-one would know how to do that" with the thought that hacking a server requires a high level of technical expertise...

Categories:

Categories

Monthly Archives

About this Entry

This page contains a single entry by Rory2 published on April 27, 2004 8:23 PM.

Prelude IDS was the previous entry in this blog.

Article or Troll? Securing the 'Net is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

Powered by Movable Type 4.37

Search

About this Entry

This page contains a single entry by Rory2 published on April 27, 2004 8:23 PM.

Prelude IDS was the previous entry in this blog.

Article or Troll? Securing the 'Net is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.