|Main Archive Page > Month Archives > metasploit-framework archives|
I'm recently new to the mail group (about 3 weeks probably since I joined).
But since then I've seen a couple of suspicious looking questions being
asked. The other day someone asked about pass the hash attacks with his/her
Metasploit console pasted here. The target IP belonged to a legitimate
corporate which I know of (and thus gave the heads up to the colleagues we
had over there).
This email doesn't feel like it has the best of intentions behind it either.
What's the approach against such questions? I really appreciate the help and
support being given in this community and I didn't mean to derail the topic
but felt somewhat uneasy after seeing that IP address in the "rhost" field
and this mail was like the icing on the cake :)
On 24 October 2011 18:50, Giles Coochey <firstname.lastname@example.org> wrote:
> On Mon, October 24, 2011 17:47, HD Moore wrote:
> > On 10/24/2011 4:34 AM, Debdutta Sinha wrote:
> >> Hi I am Debdutta, recently I have started using Metasploit Framework as
> >> a beginner.
> >> I am not able to exploit a windows xp box having no ports opened.
> > That is expected. To exploit a system, you need a vulnerability.
> If you cannot initiate a network connection to the system, you probably
> need to get the system to initiate a connection to you.
> SET is probably a good tool to start with (http://www.secmaniac.com/)