Here is the scenario – you are working on a pen test, and the assigned “flag” is gaining access to a laptop from someone on the organization’s security team. You get access to the internal network through some silly file inclusion or SQL injection vulnerability. You find your target box….but alas, it has has a firewall in place. Not a single port is open. Do you hang your head in shame? No. There are still plenty options. This quick tutorial will look at how to use Ettercap to get someone to open up a server running Metasploit’s browser_autopwn (without even knowing it).

(A PDF VERSION CAN BE DOWNLOADED HERE) Intro: The goal of this paper is to help explain and demonstrate some of the dangers of SQL injection. It is in no way complete, and it is far from comprehensive. If you have any comments, suggestions, corrections, etc…please send them to Trenton@HackYeah.com I have always believed that [...]