With some of the basics behind us and an understanding of how to set variables within msfconsole, let’s exploit our first machine. To do so, fire up your Windows XP Service Pack 2 and Ubuntu 9.04 virtual machines. We’ll use Metasploit from within Back|Track.

If you used the vulnerability scanners discussed in Chapter 4 against your virtual Windows XP SP2 machine, you will have encountered the vulnerability we’ll exploit in this chapter: the MS08-067 exploit. We’ll begin by finding this vulnerability on our own.

As your skills as a penetration tester improve, the discovery of certain open ports will trigger ideas about how you might exploit a particular service. One of the best ways to conduct this check is by using ...