This chapter provided a solid introduction to exploitation. By taking advantage of the Kioptrix which is an intentionally vulnerable Linux distribution we were able to get hands-on practice in locating exploits on Exploit-DB and on BackTrack, and then correcting any errors we found in that code. We looked at the steps necessary to truly understand the penetration testing exploitation phase such as banner grabbing and transferring files to and from an exploited machine.

We looked at password cracking and brute forcing with both John the Ripper and THC Hydra, both of which will need to be understood in depth to prepare for later chapters. Password cracking is not going to go away anytime soon and expertise of this subject can be very beneficial in the long term.

The chapter also covered the steps necessary to transfer files to and from an exploited machine; this included the set up and configuration of the FTP daemon that comes preinstalled with BackTrack 5.

Finally, we wrapped up the...