RE: Win XP SP2 Pentest
- From: "Roger A. Grimes" <roger@xxxxxxxxxxxxxx>
- Date: Wed, 29 Nov 2006 12:57:58 -0500
Welcome to learning that Windows isn't quite as vulnerable as many
popular opinions would have you believe.
Windows XP Pro SP2 fully patched is hard to break into, especially using
an external attack. Your best luck is a social engineering attack or a
client-side attack (which Metasploit can help you create and perform).
There are other types of attacks you can try, such as password guessing
or cracking, if you have the right conditions.
Buy one of Foundstone's excellent Hacking Exposed books, as a good
starting point for other types of manual attacks.
The truth is that any popular OS properly patched (both OS and apps)
isn't easy to break into.
Roger
*****************************************************************
*Roger A. Grimes, InfoWorld, Security Columnist
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger_grimes@xxxxxxxxxxxxx or roger@xxxxxxxxxxxxxx
*Author of Professional Windows Desktop and Server Hardening (Wrox)
*http://www.amazon.com/gp/product/0764599909
*****************************************************************
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of pentestpro@xxxxxxxxx
Sent: Tuesday, November 28, 2006 8:52 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Win XP SP2 Pentest
Hi all,
I have been trying to conduct a pentest against WinXP pro SP2 hosts
using Metaspoit 2.7 Unfortunately none of the exploits would work
(msrpc_dcom_ms03_026,Microsoft LSASS MSO4-011 Overflow) I have disable
the firewall as well.
Would be grateful for any pointers.
Thanks
Suranjith
- Prev by Date: Re: Home PC Networking
- Next by Date: Re: Memory dump
- Previous by thread: Re: Win XP SP2 Pentest
- Next by thread: Re: Win XP SP2 Pentest
- Index(es):
Relevant Pages
|
