Index

A

• -A parameter / How it works...
• ACK scan [-sA] / How to do it...
• add branch option / How it works...
• add note option / How it works...
• Adobe Reader
  • util.printf() buffer overflow / Adobe Reader util.printf() buffer overflow, How to do it...
• antiparser fuzzing framework
  • about / Antiparser fuzzing framework
  • downloading / Antiparser fuzzing framework
• antivirus programs
  • disabling, killav.rbscript used / Using the killav.rb script to disable antivirus programs, Getting ready, How to do it...
• antivirus services
  • killing, from command line / Killing antivirus services from the command line, How to do it...
• Armitage
  • about / Introduction
  • starting with / Getting started with Armitage
  • setting up, in BackTrack / How to do it...
  • working / How it works...
  • setting up, on Linux / Setting up Armitage on Linux
  • post-exploitation / Post-exploitation with Armitage, How to do it..., How it works...
  • client-side exploitation / Client-side exploitation with Armitage, How to do it..., How it works...
• Attacks option / How to do it...
• Attacks | Find Attacks | By port or by vulnerability / How to do it...
• Aurora memory corruption
  • in Internet Explorer / Internet Explorer Aurora memory corruption
• AUTO_DETECT flag / How to do it...
• auxiliary admin modules
  • working with / Working with auxiliary admin modules, How to do it..., How it works...
  • about / Working with auxiliary admin modules
• auxiliary modules
  • activating / Getting ready, How it works...
  • specifications, setting / Getting ready, How it works...
  • module, running / Getting ready, How it works...
  • exploring, for scanning / How to do it...
  • threads, managing / Managing the threads
  • target service, scanning / Target service scanning with auxiliary modules

B

• -b parameter / How it works...
• BackTrack 5
  • integrating, with Metasploit / Metasploit with BackTrack 5 – the ultimate combination, How to do it...
• BASENAME parameter / How to do it...

C

• -c parameter / How to do it...
• channel -l command / How to do it...
• client-side antivirus protection
  • bypassing, msfencode used / Bypassing client-side antivirus protection using msfencode, Getting ready, How to do it...
• client-side attack vector / Introduction
• client-side exploitation
  • Armitage / Client-side exploitation with Armitage, How to do it..., How it works...
• connect_login function / How it works...
• Console tab / How to do it...
• Console window / How it works...
• create_payload() function / How it works...
• crunch
  • using, for password generation / Generating passwords using "Crunch"
  • min-len parameter / Generating passwords using "Crunch"
  • max-len parameter / Generating passwords using "Crunch"
  • charset parameter / Generating passwords using "Crunch"
  • -b parameter / Generating passwords using "Crunch"
  • -f parameter / Generating passwords using "Crunch"
  • -o parameter / Generating passwords using "Crunch"
  • -t parameter / Generating passwords using "Crunch"
• CSS recursive call memory corruption
  • in Internet Explorer / Internet Explorer CSS recursive call memory corruption, How to do it...
  • working / How it works...
  • .NET CLR 2.0.50727 missing error / Missing .NET CLR 2.0.50727
• CYCLIC option / How to do it...

D

• -D operator / Increasing anonymity
• database
  • setting up, in Metasploit / Setting up the database in Metasploit
  • using, for penetration testing results storage / Using the database to store penetration testing results
  • stored results, analyzing / Analyzing the stored results of the database
• database setup, Metasploit
  • about / Setting up the database in Metasploit, Getting ready
  • steps / How to do it...
  • working / How it works...
  • errors / Getting an error while connecting the database
  • created database, deleting / Deleting the database
• db_connect command / Getting an error while connecting the database
• db_import command / Importing the scan results
• db_nmap command / How it works...
• DCOM / How it works...
• Decoy [-D] / Increasing anonymity
• delete command / How to do it...
• dig query / How it works...
• DLL / How it works...
• DllHijackAudit kit / The DllHijackAudit kit by H. D. Moore
• DOS / How to do it...
• DOS attack modules
  • about / SQL injection and DOS attack modules, How to do it...
  • working / How it works...
• Dradis framework
  • information, sharing / Sharing information with the Dradis framework, How to do it...
  • features / Sharing information with the Dradis framework
  • working / How it works...

E

• ENDSIZE option / How to do it...
• enumdesktops command / How to do it...
• ERROR option / How to do it...
• ever-exploitation technique / Setting up a persistent connection with backdoors
• execute -h command / Getting ready
• existing meterpreter script
  • analyzing / Analyzing an existing meterpreter script, How it works...
• existing module
  • about / Analyzing an existing module
  • analyzing / Getting ready, How to do it...
  • working / How it works...
• Exploit / Introduction
  • usage tips / Exploit usage quick tips, How it works...
  • commands / How to do it...
  • about / Introduction
  • converting, to Metasploit module / Converting exploit to a Metasploit module, How to do it...
• exploit() function / How to do it...
• exploit mixins
  • about / Common exploit mixins
  • Exploit**Remote**TCP / How to do it...
  • Exploit**Remote**UDP / How to do it...
  • Exploit**Remote**DCERPC / How to do it...
  • Exploit**Remote**SMB / How to do it...
  • Exploit**BruteTargets / How to do it...
  • Exploit**Remote**Ftp / How to do it...
  • Exploit**Remote**MSSQL / How to do it...
  • Exploit**Capture / How to do it...
  • working / How it works...
  • fileformat / Some more mixins
  • imap / Some more mixins
  • java / Some more mixins
  • smtp / Some more mixins
  • she / Some more mixins
• export option / How it works...
• EXTRALINE option / How to do it...

F

• -f parameter / How to do it...
• file attributes
  • modifying, timestomp used / Changing file attributes using timestomp, Getting ready, How it works...
• filesystem commands, meterpreter
  • about / Meterpreter filesystem commands, How to do it...
  • working / How it works...
• FUZZCMDS option / How to do it...
• fuzzers, Metasploit
  • Packet header / How it works...
  • Packet checksum / How it works...
  • Packet size / How it works...

G

• gateway / Getting ready
• getdesktop
  • about / The getdesktop and keystroke sniffing, How to do it...
  • working / How it works...
• getdesktop command / How it works...
• getsystem command / How it works...
• getuid command / How to do it...
• Google dorks technique / How to do it..., Fun with dorks

H

• half-open scanning / How it works...
• hash
  • passing / Passing the hash, How to do it...
  • dump, trying / How it works..., There's more...
  • online password decryption / Online password decryption
• Hello World, Metasploit
  • about / Beginning with the interfaces – the "Hello World" of Metasploit, Getting ready
  • msfconsole, launching / How to do it...
  • working / How it works...
  • msf > ls command / Some commands to try out and get started
  • msf > help command / Some commands to try out and get started
  • msf > msfupdate command / Some commands to try out and get started
• help command / Getting ready
• href tag / How it works...

I

• -i operator / How it works...
• Impersonation / How it works...
• Import from file option / How it works...
• infectious media generator
  • about / Infectious media generator, How to do it...
  • working / How it works...
• information
  • gathering / Scanning and information gathering, How to do it..., How it works...
  • scanning / Scanning and information gathering, How to do it..., How it works...
• information gathering
  • about / Introduction
  • passive information gathering / Introduction
  • active information gathering / Introduction
  • social engineering / Introduction
  • paasive method / Passive information gathering 1.0 – the traditional way, How to do it...
  • pasive method / How it works...
• initialize() function / How it works...
• initialize function / How to do it..., How to do it...
• Internet Explorer
  • unsafe scripting misconfiguration vulnerability / Internet Explorer unsafe scripting misconfiguration vulnerability, Getting ready, How to do it...
  • Aurora memory corruption / Internet Explorer Aurora memory corruption
  • CSS recursive call memory corruption / Internet Explorer CSS recursive call memory corruption, How to do it...
• ipconfig command / How to do it...

K

• keyscan_dump command / How to do it..., How it works...
• keystroke sniffing
  • about / The getdesktop and keystroke sniffing, How to do it...
• killav.rbscript
  • using, for antivirus program disabling / Using the killav.rb script to disable antivirus programs, Getting ready, How to do it...
  • working / How it works...
  • about / A deeper look into the killav.rb script
  • using / Getting ready, How to do it..., How it works...

L

• -l / How it works...
• Launch button / How it works...
• Linux (Ubuntu) machine
  • exploiting / Exploiting a Linux (Ubuntu) machine, Getting ready, How to do it...
  • working / How it works..., There's more...
  • relevant exploit modules / Other relevant exploit modules for Linux
  • Samba chain_reply Memory Corruption / Other relevant exploit modules for Linux
  • Samba trans2open Overflow / Other relevant exploit modules for Linux
• loadlibrary() function / How it works...

M

• MACE / Changing file attributes using timestomp
• Metasploit
  • about / Introduction, Introduction
  • configuring, on Windows / How to do it...
  • configuring, on Ubuntu / Configuring Metasploit on Ubuntu
  • integrating, with BackTrack 5 / Metasploit with BackTrack 5 – the ultimate combination, How to do it...
  • setting up, SSH connectivity used / Setting up Metasploit on a virtual machine with SSH connectivity, How to do it...
  • Hello World / Beginning with the interfaces – the "Hello World" of Metasploit, Getting ready
  • database, setting up / Setting up the database in Metasploit, How to do it...
  • penetration process, breaking down / Introduction
  • framework basics / Introduction
  • SQL injection / SQL injection and DOS attack modules
  • fuzzing with / Fuzzing with Metasploit, Getting ready, How to do it...
  • CYCLIC option / How to do it...
  • ENDSIZE option / How to do it...
  • ERROR option / How to do it...
  • EXTRALINE option / How to do it...
  • FUZZCMDS option / How to do it...
  • SRVHOST option / How to do it...
  • SRVPORT option / How to do it...
  • STARTSIZE option / How to do it...
  • STEPSIZE option / How to do it...
  • fuzzers, working / How it works...
• Metasploit configuration, on Ubuntu
  • about / Configuring Metasploit on Ubuntu
  • full installaer, using / How to do it...
  • minimal installer, using / How to do it...
  • installation process, working / How it works...
  • installation error / Error during installation
• Metasploit configuration, on Windows
  • about / How to do it...
  • working / How it works...
  • database error, during installation / Database error during installation
  • PostgreSQL server configuration, error causes / Database error during installation
• Metasploit framework / Introduction
  • about / Introduction
  • modular architecture / Introduction
  • architecture diagram / Introduction
• Metasploit module
  • exploit, converting to / Converting exploit to a Metasploit module, How to do it...
  • working / How it works...
• Metasploit setup, SSH connectivity used
  • on virtual machine / Setting up Metasploit on a virtual machine with SSH connectivity, How to do it...
  • working / How it works...
• meterpreter / Introduction
  • about / Introduction
  • features / Introduction
  • functioning / Introduction
  • loading representation diagram / Introduction
  • system commands, analyzing / Analyzing meterpreter system commands
  • filesystem commands / Meterpreter filesystem commands, How to do it...
  • networking commands, using / Using meterpreter networking commands
  • pivoting / Pivoting with meterpreter, Getting ready, How it works...
  • port forwarding / Port forwarding with meterpreter, Getting ready, How to do it..., How it works...
  • script, functioning / Meterpreter API and mixins, How to do it...
  • API / Getting ready
  • irb command, using / How to do it...
  • mixins / Meterpreter mixins
• meterpreter API
  • about / Getting ready
  • working / How it works...
• meterpreter mixins
  • cmd_exec(cmd) / Meterpreter mixins
  • eventlog_list() / Meterpreter mixins
  • file_local_write(file2wrt, data2wrt) / Meterpreter mixins
  • is_admin?() / Meterpreter mixins
  • is_uac_enabled?() / Meterpreter mixins
  • registry_createkey(key) / Meterpreter mixins
  • registry_deleteval(key,valname) / Meterpreter mixins
  • registry_delkey(key) / Meterpreter mixins
  • registry_enumkeys(key) / Meterpreter mixins
  • registry_enumvals(key) / Meterpreter mixins
  • registry_getvaldata(key,valname) / Meterpreter mixins
  • service_delete(name) / Meterpreter mixins
  • service_info(name) / Meterpreter mixins
  • service_list() / Meterpreter mixins
  • service_stop(name) / Meterpreter mixins
• Microsoft Word
  • RTF stack buffer overflow / Microsoft Word RTF stack buffer overflow, How to do it...
  • RTF stack buffer overflow, working / How it works...
• migrate -f command / How to do it...
• mixins
  • about / Common exploit mixins
• Module / Introduction
• module building
  • about / Understanding the basics of module building
  • starting with / Getting ready
  • working / How it works...
• modules
  • scanner auxiliary modules / Working with scanner auxiliary modules
  • auxiliary admin modules / Working with auxiliary admin modules
  • DOS attack modules / SQL injection and DOS attack modules
  • post exploitation modules / Post-exploitation modules
  • building / Understanding the basics of module building
  • existing module, analyzing / Analyzing an existing module
  • own post exploitation module, building / Building your own post-exploitation module
• modules/exploits/windows/browser directory / How to do it...
• module structure
  • about / Exploiting the module structure
  • exploiting / Getting ready
  • working / How it works...
• msf > db_autopwn command / How to do it...
• msf > help command / Some commands to try out and get started
• msf > hosts command / How to do it...
• msf > ls command / Some commands to try out and get started
• msf > msfupdate command / Some commands to try out and get started
• msf > search exploit / How to do it...
• msf > services command / How to do it...
• msf > show exploits / How to do it...
• msf > show payloads / How to do it...
• msf > use exploit / How to do it...
• msf > vulns command / How to do it...
• msfconsole screen / How to do it...
• msfencode
  • using, for client-side antivirus protection bypass / Bypassing client-side antivirus protection using msfencode, Getting ready, How to do it...
  • working / How it works...
  • multiple scanning, VirusTotal used / Quick multiple scanning with VirusTotal
  • quick multiple scanning, VirusTotal used / Quick multiple scanning with VirusTotal
• msfpayload
  • about / Generating binary and shellcode from msfpayload
  • drawback / Generating binary and shellcode from msfpayload
  • shellcode, generating / Getting ready, How to do it...
  • binary, generating / Getting ready, How to do it...
  • working / How it works...
• msfpayload -l command / Getting ready
• msfpayload command / Getting ready
• msfvenom
  • about / Working with msfvenom
  • working / How to do it..., How it works...
• msfvenom -h command / Getting ready
• multi-attack web method
  • about / Multi-attack web method, How to do it...
  • working / How it works...
• multiple communication channels
  • setting, with target / Setting up multiple communication channels with the target, Getting ready, How to do it...
  • working / How it works...
• multiple targets
  • handling, tab switch used / Handling multiple targets using the tab switch, How to do it..., How it works...
• mysql_enum module / Getting ready

N

• .NET 2.0 mscorie.dll module / How it works...
• named pipe / How it works...
• Named Pipe Impersonation / How it works...
• Nessus
  • about / Vulnerability scanning with Nessus
  • using, for vulnerability scanning / Getting ready, How to do it..., How it works..., Sharing information with the Dradis framework
  • working / How it works...
  • working, in web browsers / Working with Nessus in the web browser
• netmask / Getting ready
• networking commands, meterpreter
  • about / Using meterpreter networking commands
  • Subnetwork / Getting ready
  • subnet / Getting ready
  • netmask / Getting ready
  • gateway / Getting ready
  • using / How to do it...
  • working / How it works...
• new exploit module
  • about / Porting and testing the new exploit module
  • testing / Getting ready, How to do it...
  • porting / Getting ready, How to do it...
  • working / How it works...
• NeXpose
  • about / Scanning with NeXpose
  • scanning / Getting ready, How it works...
  • scan results, importing / Importing the scan results
• NLST command / How to do it...
• Nmap / Port scanning – the Nmap way
• note categories option / How it works...
• NTLM (NT LAN Manager) / Getting ready

O

• -oX parameter / How to do it...
• OleFlushClipboard() function / How to do it...
• operating system identification [-O] / Operating system and version detection
• Oracle DBMS_METADATA XML vulnerability / How to do it...
• own post exploitation module
  • about / Building your own post-exploitation module
  • building / How to do it...
  • working / How it works...

P

• -p / How it works..., How it works...
• passive information gathering
  • about / Passive information gathering 1.0 – the traditional way, How to do it...
  • level 1 / Passive information gathering 1.0 – the traditional way, How to do it...
  • working / How it works...
  • third-party websites, using / Using third-party websites
  • level 2 / Passive information gathering 2.0 – the next level, Getting ready, How to do it..., How it works...
• passive information gathering 1.0
  • about / Passive information gathering 1.0 – the traditional way, How to do it...
  • working / How it works...
• passive information gathering 2
  • about / Passive information gathering 2.0 – the next level
  • techniques / Getting ready
  • Zone Transfer technique / How to do it...
  • SMTP header technique / How to do it...
  • Google dorks technique / How to do it...
  • working / How it works...
• Payload / Introduction
• paylods
  • disadvantage / Introduction
• penetration testing
  • performing, on Windows XP SP2 machine / Penetration testing on a Windows XP SP2 machine, Getting ready, How to do it..., How it works...
  • performing, on Windows 2003 Server / Penetration testing on the Windows 2003 Server, How to do it..., How to do it...
• penetration testing lab
  • setting up, on single machine / Setting up the penetration testing lab on a single machine, Getting ready, How it works...
  • working / How it works...
  • firewall, disabling / Disabling the firewall and antivirus protection
  • antivirus protection, disabling / Disabling the firewall and antivirus protection
  • virtual box guest additions, installing / Installing virtual box guest additions
• penetration testing results
  • storing, database used / Using the database to store penetration testing results, How to do it...
  • db_nmap command, storing / How it works...
• persistent connection
  • setting up, backdoors used / Setting up a persistent connection with backdoors, How to do it..., How it works...
• pivoting
  • meterpreter, using / Pivoting with meterpreter, Getting ready, How it works...
• port forwarding / How to do it...
  • meterpreter, using / Port forwarding with meterpreter, Getting ready, How to do it..., How it works...
• port scanning
  • about / Port scanning – the Nmap way
  • steps / How to do it...
  • TCP connect [-sT] scan / How to do it...
  • SYN scan [-sS] scan / How to do it...
  • UDP scan [-sU] / How to do it...
  • ACK scan [-sA] / How to do it...
  • working / How it works...
  • operating system identification [-O] / Operating system and version detection
  • version detection [-sV] / Operating system and version detection
• post-exploitation
  • Armitage, using / Post-exploitation with Armitage, How to do it..., How it works...
• post exploitation modules
  • about / Post-exploitation modules, How to do it...
  • working / How it works...
• print API calls
  • print_line( / How to do it...
  • print_status( / How to do it...
  • print_good( / How to do it...
  • print_error( / How to do it...
• privilege escalation / Privilege escalation and process migration, How to do it..., How it works..., How to do it...
  • working / How it works...
• process.kill function / How it works...
• process ID (PID) / How it works...
• process migration / Privilege escalation and process migration, How to do it..., How it works...
  • working / How it works...
• pwd command / How to do it...

R

• -r / How it works...
• Railgun
  • about / Railgun – converting Ruby into a weapon
  • using / Getting ready, How to do it...
  • working / How it works...
  • definitions / Railgun definitions and documentation
  • function definitions, adding / Adding DLL and function definition to Railgun, How to do it..., How it works...
  • DLL, adding / Adding DLL and function definition to Railgun, How to do it..., How it works...
• read command / How to do it...
• Refresh button / How it works...
• route command / Getting ready, How to do it...
• RTF stack buffer overflow
  • in Microsoft Word / Microsoft Word RTF stack buffer overflow, How to do it...
  • in Microsoft Word, working / How it works...
  • Microsoft Excel 2007 buffer overflow / Microsoft Excel 2007 buffer overflow
• Ruby Extension (Rex) library / Introduction
• run command / How it works...
• run scraper -h command / Getting ready

S

• -S operator / How it works...
• -sS parameter / How to do it...
• scanner auxiliary modules
  • about / Working with scanner auxiliary modules
  • working / Getting ready, How it works...
  • password generating, crunch used / Generating passwords using "Crunch"
• scanning
  • auxiliary modules, exploring / Exploring auxiliary modules for scanning
• scraper meterpreter script
  • about / Using a scraper meterpreter script
  • using / Getting ready, How to do it...
  • working / How it works..., There's more...
  • winenum.rb, using / Using winenum.rb
• screenshot / How to do it...
• sendmail server / How to do it...
• Services option / How to do it...
• SET
  • about / Introduction, Getting ready
  • getting started / Getting started with Social Engineer Toolkit (SET)
  • working / How it works...
• set command / How to do it..., How to do it...
• SET config file
  • working with / Working with the SET config file, How to do it...
  • working / Spear-phishing attack vector
• setdesktop command / How it works...
• set USER commands / How to do it...
• shell, binding to target
  • about / Binding a shell to the target for remote access
  • steps / How to do it...
  • dcom exploit, working / How it works...
  • target, controlling / Gaining complete control of the target
• show options / How to do it...
• show options command / How to do it..., How to do it..., How to do it...
• show targets command / How to do it..., How to do it...
• simple FileZilla FTP fuzzer
  • writing / Writing a simple FileZilla FTP fuzzer, How to do it...
  • working / How it works...
  • antiparser fuzzing framework / Antiparser fuzzing framework
• SMTP header technique / How to do it...
• social engineering / Introduction
• Spear-phishing attack vector
  • about / Getting ready
  • web-based content type / Getting ready
  • payload based content type / Getting ready
  • attack vectors, analyzing / How to do it...
  • working / How it works...
• SPF / How it works...
• SQL injection
  • about / SQL injection and DOS attack modules, How to do it...
  • working / How it works...
• SRVHOST option / How to do it...
• SRVPORT option / How to do it...
• STARTSIZE option / How to do it...
• Start | Programs | Metasploit framework | Framework Update / How to do it...
• STEPSIZE option / How to do it...
• stored results, database
  • analyzing / Analyzing the stored results of the database, How to do it..., How it works...
• store_loot function / How to do it...
• subnetwork/subnet / Getting ready
• svn update command / How to do it...
• SYN scan [-sS] scan / How to do it...
• system commands, meterpreter
  • analyzing / Analyzing meterpreter system commands
  • background / How to do it...
  • getuid / How to do it...
  • getpid / How to do it...
  • ps / How to do it...
  • sysinfo / How to do it...
  • shell / How to do it...
  • exit / How to do it...
  • working / How it works...

T

• tab switch
  • using, for multiple targets handling / Handling multiple targets using the tab switch, How to do it..., How it works...
• targets
  • attacking / Finding vulnerabilities and attacking targets, How it works...
• target service
  • scanning, auxiliary modules used / Getting ready, How to do it...
  • working / How it works...
• Targets_exec() function / How it works...
• taskkill command / Some services did not kill—what next?
• tasklist command / How to do it...
• TCP connect [-sT] scan / How to do it...
• TEB / How it works...
• timestomp -h command / Getting ready
• timestomp command
  • using, for file attribute modification / Changing file attributes using timestomp, Getting ready, How it works...
  • working / How it works...
• TLV / Setting up multiple communication channels with the target

U

• -U operator / How it works...
• UAC / Meterpreter mixins
• UDP scan [-sU] / How to do it...
• udp_sock_sendto function / How to do it...
• unsafe scripting misconfiguration vulnerability
  • in Internet Explorer / Internet Explorer unsafe scripting misconfiguration vulnerability, Getting ready, How to do it...
  • working process / How it works...
• use command / How to do it...
• User Interface (UI) / Introduction
• util.printf() buffer overflow
  • in Adobe Reader / Adobe Reader util.printf() buffer overflow, How to do it...
  • working / How it works...

V

• version detection [-sV] / Operating system and version detection
• View | Console / How to do it...
• virtual machine (VM) / How to do it...
• VirusTotal / Quick multiple scanning with VirusTotal
• vulnerabilities
  • finding / Finding vulnerabilities and attacking targets, How it works...
• vulnerability / Introduction
• vulnerability scanning
  • about / Vulnerability scanning with Nessus
  • Nessus, using / How to do it..., How it works..., Sharing information with the Dradis framework

W

• Watch button / How it works...
• WEBATTACK_SSL setting / How to do it...
• website attack vectors
  • about / Website attack vectors, Getting ready, How to do it...
  • working / How it works...
• Windows 7/Server 2008 R2 SMB client infinite loop
  • about / Windows 7/Server 2008 R2 SMB client infinite loop, Getting ready
  • steps / How to do it...
  • working / How it works...
• Windows 2003 Server
  • penetration testing, performing / Penetration testing on the Windows 2003 Server, How to do it..., How to do it...
  • analyzing / How to do it...
  • working / How it works..., There's more...
• Windows ASLR / How it works...
• Windows DLL injection flaws
  • about / Understanding the Windows DLL injection flaws
• Windows Firewall De-activator
  • about / Building a "Windows Firewall De-activator" meterpreter script
  • writing, guidelines / Getting ready
  • building / How to do it...
  • working / How it works...
  • code, re-using / Code re-use
• Windows XP SP2 machine
  • penetration testing, performing / Penetration testing on a Windows XP SP2 machine, Getting ready, How to do it..., How it works...
• winenum.rb / Using winenum.rb
• write command / How to do it...
• write_check variable / How it works...

Z

• Zone Transfer technique / How to do it...