Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Win XP SP2 Pentest

from [krymson] Network Security [Permanent Link]
Subject: Re: Win XP SP2 Pentest
Date: 29 Nov 2006 15:29:08 -0000 
Both of those vulnerabilities (MSO4-011 and MS03-026) were patched by the time 
SP2 was released. You'll need to pick a more recent vulnerability.

Of note, XP SP2 was released in Q3 2004. Microsoft security bulletins are named 
by their year. MS04-011 was the 11th bulletin of 2004, and so on. That can give 
you a quick clue on whether they're likely to be patched or not (MS06 is 2006).

If you have access to the system, especially if you can scan it using an admin 
account, I recommend using MBSA or Nessus to evaluate whether the system is 
lacking some patches or has some open vulns that match exploits in Metasploit's 
list. Always be careful running Nessus against live, production servers, 
however. It can lock up the system or services.




Hi all,
I have been trying to conduct a pentest against WinXP pro SP2 hosts
using Metaspoit 2.7
Unfortunately none of the exploits would work
(msrpc_dcom_ms03_026,Microsoft LSASS MSO4-011 Overflow) 
I have disable the firewall as well.
Would be grateful for any pointers.
Thanks
Suranjith
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Detecting Spoofed MAC, MARTIN Benoni
Next by Date:  Re: Home PC Networking, krymson
Previous by Thread:  Win XP SP2 Pentest, pentestpro
Next by Thread:  Re: Win XP SP2 Pentest, null
Indexes:  [Date] [Thread] [Top] [All Lists]