Throughout this chapter, we saw some exploitations and penetration testing scenarios that have enabled us to test various services, such as databases, VOIP, and SCADA. Throughout this chapter, we learned about SCADA and its fundamentals. We saw how we can gain a variety of information about a database server and how to gain complete control over it. We also saw how we could test VOIP services by scanning the network for VOIP clients and spoofing VOIP calls as well.
You should perform the following exercises before moving on to the next chapter:
- Set up and test MySQL, Oracle, and PostgreSQL using Metasploit, and find and develop the modules for missing modules
- Try automating a SQL injection bug in Metasploit
- If you are interested in SCADA and ICS, try getting your hands on Samurai STFU (http://www.samuraistfu.org/)
- Exploit at least one VOIP software other than the one we...