MetaSploit Framework & Brute Force Testing

[bytesabit at gmail.com (bytes abit)]

I have VMWare with Backtrack and some favorable OS setups such as XP SP1,
SP2, Server 2k3, etc...

I'm testing a variety of things to get a better understanding of exactly
what is happening out there on the Internet.

I successfully pwned my WinXP SP1 and SP2 box, then shared the process with
my NetAdmin friend (we are working together on this) and tried it the next
day.  Unfortunately for some reason the next day I was not able to get the
exploits that worked the day before to work again, rebooted,
shutdown/restart... nothing.



Here are my questions:

1.  Why would an exploit work one day and not another with no changes made?



2. Can db_autopwn effect the functionality of an exploit (ie: Friend used
db_autopwn and did it manually and an exploit worked manually but not
automatically)
        My guess is that it causes a type of DoS to the system and just
simply doesn't execute properly, if so, are there timing options to slow the
execution of exploits on top of each other (run them in series instead of
parallel)


3.  Trying to test my Lab Network passwords to automated brute force
programs I need the following information:

         What are good brute for apps to use?  Can I use MetaSploit for most
brute forcing?

                  I currently use Brutus & tsgrinder but both seem flaky in
functionality.


I probably have more questions, but will keep reading away and checking
things out while I see where this brings me...



I appreciate any help provided,


~Bytesabit~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100513/a8ee48b5/attachment.htm