Traditionally, a key purpose of a penetration test is to exploit a data system and gain the credentials or direct access to the data of interest. It is exploitation that gives penetration testing its meaning. In this chapter, we will examine various means of exploiting systems, including both public exploits and available exploit frameworks. By the end of this chapter, you should be able to understand the following:
- The Metasploit Framework
- The exploitation of targets using Metasploit
- Using one-line commands to take over the victim
- Using public exploits
- Developing sample Windows-specific exploits