Disaster Recovery Plan
Author: Adam Cotton
The purpose of this document is to give a mid-level view of possible disaster scenarios and how the company will handle them. Specifically, we list possible disaster scenarios; examine them closely and rate the actual possibility of the disaster occurring. We will then rank what kind of impact the disaster would have on our company if it did occur. Lastly, we will examine closely our possible options for mitigation of mission-critical vulnerabilities so we will be better prepared for a disaster.
Metasploit Framework Walkthrough
Author: Jeffrey Hoppe
The Metasploit Framework is a platform for writing, testing, and using exploit code. The primary users of the Framework are professionals performing penetration testing, shellcode development, and vulnerability research.
When using the Framework on the Windows platform, keep in mind that msfgui and msfweb are the only supported user interfaces. While msfcli may appear to work on the command line, it will will run into trouble as soon as more than one active thread is present. This can prevent most exploits, auxiliary modules, and plugins from functioning. This problem does not occur within Cygwin environment. The Windows platform does not support raw IP packet injection, packet injection, wireless driver exploitation, or SMB relaying attacks without specific configuration. In most cases, those features can be accessed by running Metasploit inside of a Linux-based virtual machine.
<end user guide>
This lab is just a simple run through on operating Metasploit from an Ubuntu Linux VM and using it to attack an unpatched Windows 2000 Advanced Server VM.