Metasploit mailing list archives
Info...
From: troy at alvaka.net (Troy Fletcher)
Date: Tue, 26 Sep 2006 10:38:51 -0700
For improving your knowledge of the security field, there's nothing better than reading. Read everything you can get your hands on. Note that you can easily spend hundreds (if not thousands) of dollars on security books if you're not careful, I'd recommend heading to a Barnes and Nobel (or other book store that allows you to sit and read) with a notebook, and start reading and writing down whatever is interesting. Then go home, and research your notes for more information. Don't be afraid to learn the low level stuff, it will give you an understanding to HOW the exploits work, as opposed to simply knowing how to work the exploits (this is often the difference between a true hacker, and a script kiddie). Once you have an intermediate level of understanding, I'd recommend doing some more pointed research on the internet; being somewhat knowledgeable will allow you to truly understand internet posts that might not be as clear as the books you cut your teeth on. Remember that asking people to do work for you can be dangerous if you don't know what you're doing. Someone may give you bad code, or worse, code that does something illegal. Not to say that the metasploit framework does any of that, but we all review and understand code before we run it (I hope :| ). If you get a response separate of the list telling you how to do something illegal you should not do it. (well, you shouldn't do anything illegal anyways! :) With hacking or any other kind of illegal activity, it's really easy to jeopardize your freedom by making a mistake, it's even easier when you don't fully understand the crime and the many ways you can be caught doing it. You probably don't want to get caught, so you should learn all you can about network security so you can be knowledgeable. Maybe after you do, you'll realize that with skills like those you will have more fun working in an industry that needs more people like you, rather than attacking some website on the internet. Also, admitting on a public list that you wish to attack a certain website pretty much guarantees that you'll never be able to in the future. Read all you can, maybe after you've developed your skills, you'll realize that there are more important things to do with your time than hacking some website. -Troy -----Original Message----- From: mmiller at hick.org [mailto:mmiller at hick.org] Sent: Tuesday, September 26, 2006 1:56 AM To: framework at metasploit.com Subject: Re: [framework] Info... On Tue, Sep 26, 2006 at 09:25:44AM +0100, Karan Ahluwalia wrote:
Hello... All those great people out their . I m new to Metasploit Framework. Please suggest me some references to improve my knowledge in the
security field. First, I'd recommend that you focus less (far less) on the element of hacking and more on understanding the basics. You can't build a tree without a trunk, let alone a system of roots. Start by reading books and articles on programming, systems architecture, and so on. These will provide you with the fundamental basis that you need.
Also , I searched for exploit of PureFTPD in metasploit ...But
unable to find it. Metasploit is a BYOE (Bring Your Own Exploits) framework. If you don't find an exploit you're looking for you can write it, and send it back for us, and chances are we'll integrate into the framework. When we have time, we (mostly HD) also write exploits ourselves, but the keyword is when :)
To be Honest , I want to hack a website called www.hackingmobilephones.com
I'm afraid we can't (and won't) help you there. I'd encourage you to find a better way to spend your time. This message has been scanned by Alvaka Network's MailWorX service.