From: Cleiton Martins (cleiton.martins@gmail.com)
Date: Tue Dec 05 2006 - 07:59:20 EST
Hi,
For that you would need some 0days. But you dont see many of them
around unless you work for an IPS provider or are member of some
vulnerability sharing club. You could try fulldisclosure or an irc
channel if you are feeling brave though ;)
Hope it helps,
Cleiton
On 12/4/06, mifa@stangercorp.com <mifa@stangercorp.com> wrote:
> I have gone through the eh course and I still do not feel like I can really understand how to pen test. None of the exploits or methods seem to work on a updated xp machine. I set up a vm ware network to practice on. I can not seem to make any progress because the information I have is outdated.
>
> Can anyone point me to a resource that would help me gain access to an xp machine that is running automatic updates (my vm). I cant seem to do it one the lan any way other than to use a trojan and what would be to point of pen testing a system if the only way in is via trojan; thats standard seucrity, dont run programs from email, blah blah blah...
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT