Free Training for Metasploit

impelseimpelse Member Posts: 1,236 ■■■■□□□□□□
Guys:

Offensive security release this week a free training using Metasploit 3.

Metasploit Unleashed - Mastering the Framework
Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack.

Comments

  • Paul BozPaul Boz Member Posts: 2,621 ■■■■■■■■□□
    A few of my co workers have taken offensive security courses (like $400 a pop) and they're not pleased that they're giving away this stuff now, haha.

    If anyone needs motivation to take this free course, let me indulge you. today when I was onsite I got into a workstation in my client's organization by using metasploit. The machine was for some reason un-patched and was vulnerable to the always popular MS05-039 "Plug N Play" vulnerability. I hit the box with a reverse meterpreter shell, dumped the PW hashes, ran them through ophcrack with the 8 gig rainbow tables, and had the admin password in under 2 minutes. I then enabled remote desktop via the registry using the meterpreter and was able to remotely administer the box. From there I had the keys to the kingdom because the admin password was the same on all boxes. I leap-frogged all over the network.

    Metasploit is ridiculously easy for what it can do. It's pretty nasty.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    The VOIP/switching story was better IMO.

    That's cool though. I've been wanting to brush up on that, so I guess I know what I'm doing this weekend icon_cool.gif

    Thanks for sharing :D
  • impelseimpelse Member Posts: 1,236 ■■■■□□□□□□
    This is the free version, but there will be the PAID version with videos, they are waiting until Metasploit release the version 3.3 to put the lates videos.

    I did the same the first time, I attack a server windows 2003 with dns service, the server was unpatched and I got command shell in less than 30 seconds. Sure the only thing that I learnt was: this was so easyyyyyyy. That is not a real hack but the tool can help you to identify those errors very fast.

    Right now I complet the heorot.net training (the fundamentals) two times, Online and with the book. I will study the intermediate and later I will go with OSCP. Let's see what happend.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • GAngelGAngel Member Posts: 708
    Stop tempting me. I already don't have enough hours in the day.
  • Paul BozPaul Boz Member Posts: 2,621 ■■■■■■■■□□
    GAngel wrote: »
    Stop tempting me. I already don't have enough hours in the day.

    Most hackers work at night anyway icon_twisted.gificon_twisted.gificon_twisted.gif
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • GAngelGAngel Member Posts: 708
    Paul Boz wrote: »
    Most hackers work at night anyway icon_twisted.gificon_twisted.gificon_twisted.gif

    I've got cissp,heorot,itil and now linux and that's just till the end of oct. Plus a ton of projects and change at work. I am truely f'kd because it''s my gf's birthday in a week as well :D.
  • lumbercislumbercis Member Posts: 27 ■□□□□□□□□□
    Apparently offensive security's website has a virus:

    Threat Name: Unix.Penguin
    Location: http://packetstorm.offensive-security.com/docs/hack/ip-hide-fyi.htm
    don't click on that link obviously

    How embarassing.
Sign In or Register to comment.