On Sep 2, 2008, at 12:34 PM, Yanyan Wang wrote: > Sometimes at work I have to prove that a risk is actually > vulnerable (don't ask me why I don't have proper training if it's > for work, because the massive budget cut...). So, I have been > searching on internet, and the result has not been so great, plus > I'm not sure if I should try everything pops out. My question is, > could someone point me to a correction and safe direction to learn > exploitations? Thanks.
I think the process depends in large part on the particular vulnerabilities you're trying to exploit. If they're issues that Nessus itself is flagging, you could look into the plugins themselves to see if they exploit the issue (as opposed to checking a version or looking for a side-effect of the fix) or include a link to an advisory that offers exploitation details. Or if an associated vulnerability database id such as OSVDB or CVE offers any specifics. In addition, Milw0rm (www.milw0rm.com) is a great source for exploits, especially those affecting web applications, ActiveX controls, and things like that. Metasploit (www.metasploit.com) is another. George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
