Re: Wake up call for friends and family using SET

[amdinside () gmail com]

Brian,
I share your frustration but be careful with hacking without
permission even if it is family.  You may think you are doing them a
favor but could actually be breaking the law in some areas.

Meterpreter will be gone after a reboot unless you make it persistent.
 It goes straight to memory so nothing get dropped on the file system.
 What you choose to do with it is a different story.

Ben

On Tue, Nov 30, 2010 at 7:27 PM, Brian Schultz <theconqueror () gmail com> wrote:
> I'm tired of explaining to my family the reasons for not opening e-mails or
> attachments from unknown sources and then having them forward me some
> sketchy e-mail saying "this is so funny, check it out". I'm sure there are
> plenty of you out there in the corporate world that can relate with your
> users.
>
> I figure it's time for me to arrange a wake up call and perform my own
> pentest against friends and family. I figure it would be easy enough to use
> SET to create a "malicious" website that will change their wallpaper and
> blast an e-mail out to everyone. My only concerns are...how do I go about
> getting Meterpreter off of their machine? The last thing I want to do is
> screw up everyone's computer.
>
> Sorry if this comes across as a dumb question, I haven't played around with
> SET or metasploit before. I'll probably figure this out as soon as I click
> send but it would be nice to hear from someone else or at least a point in
> the right direction. Thanks
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com