Welcome to Scribd!

Skip carousel

0% found this document useful (0 votes)

2 views

Grandpa

Uploaded by

yiwawax804

walkthrogh

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Learn NodeJS in 1 Day: Complete Node JS Guide with Examples
From Everand
Learn NodeJS in 1 Day: Complete Node JS Guide with Examples
Krishna Rungta
Rating: 3 out of 5 stars
3/5 (3)
C# for Beginners: Learn in 24 Hours
From Everand
C# for Beginners: Learn in 24 Hours
Alex Nordeen
No ratings yet
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Brian Adyatma
100% (1)
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Jangjang Katuhu
No ratings yet
Red Hat System Administration I 3.2 Practice
Document10 pages
Red Hat System Administration I 3.2 Practice
stefygrosu
No ratings yet
Optimum: 3 October 2017 / Document No D17.100.04
Document5 pages
Optimum: 3 October 2017 / Document No D17.100.04
Julio Barrera
No ratings yet
Optimum: 3 October 2017 / Document No D17.100.04
Document5 pages
Optimum: 3 October 2017 / Document No D17.100.04
Julio Barrera
No ratings yet
7-Bastard HTB Official Writeup Tamarisk
Document5 pages
7-Bastard HTB Official Writeup Tamarisk
Karan
No ratings yet
Blocky
Document6 pages
Blocky
Constantino Miguelez Peña
No ratings yet
Blue
Document5 pages
Blue
MK
No ratings yet
Exploit Labs Short
Document17 pages
Exploit Labs Short
Fernando Gebhardt
No ratings yet
Discovering Oracle Accounts With
Document40 pages
Discovering Oracle Accounts With
Steven Conley
No ratings yet
Celestial
Document5 pages
Celestial
yiwawax804
No ratings yet
Holiday
Document8 pages
Holiday
yiwawax804
No ratings yet
Arctic: 16 October 2017 / Document No D17.100.23
Document5 pages
Arctic: 16 October 2017 / Document No D17.100.23
Anindito Setya
No ratings yet
CSW2016 - Getting Physical - Extended Version
Document85 pages
CSW2016 - Getting Physical - Extended Version
bacehew902
No ratings yet
Documentation Audit S2D
Document9 pages
Documentation Audit S2D
César Vieira
No ratings yet
113-Tally HTB Official Writeup Tamarisk
Document10 pages
113-Tally HTB Official Writeup Tamarisk
toni
No ratings yet
Ruby Metasploit Content
Document7 pages
Ruby Metasploit Content
febit57677
No ratings yet
Using Nmap On Windows
Document7 pages
Using Nmap On Windows
Thando Malaza
No ratings yet
Ways To Start An AIX in Maintenance Mode or Single User
Document7 pages
Ways To Start An AIX in Maintenance Mode or Single User
sat
No ratings yet
Awesome Advanced Windows Exploitation References
Document5 pages
Awesome Advanced Windows Exploitation References
ShopnoPathik Aion
No ratings yet
3.2.1. LAB PRACTICE - Zenmap Network Scanning v1
Document11 pages
3.2.1. LAB PRACTICE - Zenmap Network Scanning v1
Victor udorji
No ratings yet
Laboratory Setup: Step 1: Download Metasploitable, Which Is A Linux Machine. It Can Be Downloaded From
Document13 pages
Laboratory Setup: Step 1: Download Metasploitable, Which Is A Linux Machine. It Can Be Downloaded From
Tajria Sultana
No ratings yet
Penetrating Windows 8 With Syringe Utili
Document5 pages
Penetrating Windows 8 With Syringe Utili
AGBADAN Yao Eric
No ratings yet
Minemeld User Guide
Document42 pages
Minemeld User Guide
Akun baru
No ratings yet
Lab - Isolated Compromised Host Using 5-Tuple: Topology
Document19 pages
Lab - Isolated Compromised Host Using 5-Tuple: Topology
Ярослав Костенко
No ratings yet
Lame
Document4 pages
Lame
Tushar Jadhav
No ratings yet
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
N
No ratings yet
Cài đặt phần mềm Nessus trên backtrack
Document8 pages
Cài đặt phần mềm Nessus trên backtrack
thanglx
No ratings yet
Windbg and Dump Analysis: Ahmet Mithat Bostanci Microsoft, GTSC Iis/Web Development Support
Document30 pages
Windbg and Dump Analysis: Ahmet Mithat Bostanci Microsoft, GTSC Iis/Web Development Support
rajivgogoi
100% (1)
Monday, April 01, 2019 5:57 PM: Microsoft-Windows-Security-SPP Microsoft-Windows - Security-Licensing-SLC
Document10 pages
Monday, April 01, 2019 5:57 PM: Microsoft-Windows-Security-SPP Microsoft-Windows - Security-Licensing-SLC
saikumar Muktha
No ratings yet
Windows Crash Dump Analysis
Document11 pages
Windows Crash Dump Analysis
betatest12
No ratings yet
WINTEL L2 or L3 Interview Questions
Document4 pages
WINTEL L2 or L3 Interview Questions
Stephanie Flores
100% (1)
BR Course Info
Document87 pages
BR Course Info
karthick
No ratings yet
Kernel Panics
Document28 pages
Kernel Panics
PSG
No ratings yet
Lab 2.4 - Windows Task Manager
Document12 pages
Lab 2.4 - Windows Task Manager
phuongnamnguyendeptrai2004
No ratings yet
CheatSheets OSCP
Document286 pages
CheatSheets OSCP
namishelex01
No ratings yet
Sense
Document5 pages
Sense
yiwawax804
No ratings yet
Windows Kernel Exploits
Document13 pages
Windows Kernel Exploits
anonimoencubierta
No ratings yet
modifying_meterpreter_for_evasion
Document31 pages
modifying_meterpreter_for_evasion
endoss
No ratings yet
Ethical Hacking Lab 13
Document31 pages
Ethical Hacking Lab 13
Jeanna Taylor
No ratings yet
Dynamips - Dynagen Tutorial
Document20 pages
Dynamips - Dynagen Tutorial
hazardhap
No ratings yet
ManageEngine Deep Exploitation
Document13 pages
ManageEngine Deep Exploitation
jiang hao
No ratings yet
Exploit Spotting Locating Vulnerabilities Out of Vendor Patches Automatically
Document74 pages
Exploit Spotting Locating Vulnerabilities Out of Vendor Patches Automatically
Jeong Wook Oh
No ratings yet
Active Directory
Document10 pages
Active Directory
Kindra
No ratings yet
Lab 5 - Network Scanning Using Various Scanning Tools
Document13 pages
Lab 5 - Network Scanning Using Various Scanning Tools
debbyta
No ratings yet
A Guide For Troubleshooting A Segfault
Document5 pages
A Guide For Troubleshooting A Segfault
Anil Kumar
No ratings yet
Andy Mc's .NET Framework FAQ
Document31 pages
Andy Mc's .NET Framework FAQ
Rajesh Aravapalli
No ratings yet
Lab 8 - Configuring Site-To-Site VPN Using CLI
Document9 pages
Lab 8 - Configuring Site-To-Site VPN Using CLI
lee lee
No ratings yet
4.5.2.10 Lab - Exploring Nmap - OK
Document7 pages
4.5.2.10 Lab - Exploring Nmap - OK
Interesting facts Channel
No ratings yet
Lab 19 Metasploit
Document11 pages
Lab 19 Metasploit
oscar tebar
100% (1)
0xsp - Privilege Escalation Cheatsheet
Document15 pages
0xsp - Privilege Escalation Cheatsheet
Jacobus Booysen
No ratings yet
Metasploit - Evasions
Document1 page
Metasploit - Evasions
ahvillalba
No ratings yet
Au Debugtools PDF
Document10 pages
Au Debugtools PDF
mrcipamochaq
No ratings yet
2.0.1.2 Class Activity - Identify Running Processes
Document4 pages
2.0.1.2 Class Activity - Identify Running Processes
Joan Brea
No ratings yet
WWW - Hackingarticles.in: Page - 1
Document56 pages
WWW - Hackingarticles.in: Page - 1
vybi
No ratings yet
Microsoft Windows Crash Dump Analysis: Mark Russinovich David Solomon
Document51 pages
Microsoft Windows Crash Dump Analysis: Mark Russinovich David Solomon
Glassic12
No ratings yet
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hedaya Alasooly
No ratings yet
Fingerprint
Document40 pages
Fingerprint
yiwawax804
No ratings yet
Cross Fit Two
Document56 pages
Cross Fit Two
yiwawax804
No ratings yet
Vault
Document13 pages
Vault
yiwawax804
No ratings yet
Safe
Document19 pages
Safe
yiwawax804
No ratings yet
Sense
Document5 pages
Sense
yiwawax804
No ratings yet
SwagShop
Document17 pages
SwagShop
yiwawax804
No ratings yet
arvandy_com_oscp_seventh_week_exam
Document13 pages
arvandy_com_oscp_seventh_week_exam
yiwawax804
No ratings yet
Sunday
Document7 pages
Sunday
yiwawax804
No ratings yet
arvandy_com_oscp_first_week
Document10 pages
arvandy_com_oscp_first_week
yiwawax804
No ratings yet
arvandy_com_oscp_second_week
Document7 pages
arvandy_com_oscp_second_week
yiwawax804
No ratings yet
Intentions
Document23 pages
Intentions
yiwawax804
No ratings yet
Busqueda
Document18 pages
Busqueda
yiwawax804
No ratings yet
Red Team Capstone Network - Kesaya Write-Up
Document43 pages
Red Team Capstone Network - Kesaya Write-Up
yiwawax804
No ratings yet

Grandpa

Uploaded by

yiwawax804

0% found this document useful (0 votes)

2 views5 pages

walkthrogh

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

walkthrogh

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

2 views5 pages

Grandpa

Uploaded by

yiwawax804

walkthrogh

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 5

Search inside document

Grandpa

4thth October 2017 / Document No D17.100.05

Prepared By: Alexander Reid (Arrexel)
Machine Author: ch4p
Difficulty: Easy
Classification: Official

Page 1 / 5
SYNOPSIS
Grandpa is one of the simpler machines on Hack The Box, however it covers the widely-exploited
CVE-2017-7269. This vulnerability is trivial to exploit and granted immediate access to thousands
of IIS servers around the globe when it became public knowledge.

Skills Required Skills Learned

● Basic knowledge of Windows ● Identifying known vulnerabilities

● Enumerating ports and services ● Identifying stable processes
● Basic Windows privilege escalation
techniques

Page 2 / 5
Enumeration

Nmap

Nmap reveals just one open service, Microsoft IIS version 6.0. Some searching reveals a remote
code execution vulnerability (CVE-2017-7269). There is a proof of concept that requires some
modification, as well as a Metasploit module.

Proof of concept: https://www.exploit-db.com/exploits/41738/

Page 3 / 5
Exploitation

Executing the Metasploit module iis_webdav_scstoragepathfromurl i mmediately grants a shell.

The target appears to be Windows Server 2003 with x86 architecture.

Page 4 / 5
Privilege Escalation

Running local_exploit_suggester in Metasploit returns several recommendations:

● exploit/windows/local/ms14_058_track_popup_menu
● exploit/windows/local/ms14_070_tcpip_ioctl
● exploit/windows/local/ms15_051_client_copy_image
● … and 3 more …

At this point it is a good idea to migrate to a process running under NT AUTHORITY\NETWORK
SERVICE. In this case davcdata.exe seemed to be the only stable process available.

The correct exploit in this case is ms14_070_tcpip_ioctl, which immediately grants a root shell.
The root flag can be obtained from C:\Documents and Settings\Administrator\Desktop\root.txt

Page 5 / 5

Learn NodeJS in 1 Day: Complete Node JS Guide with Examples
From Everand
Learn NodeJS in 1 Day: Complete Node JS Guide with Examples
Krishna Rungta
Rating: 3 out of 5 stars
3/5 (3)
C# for Beginners: Learn in 24 Hours
From Everand
C# for Beginners: Learn in 24 Hours
Alex Nordeen
No ratings yet
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Brian Adyatma
100% (1)
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Jangjang Katuhu
No ratings yet
Red Hat System Administration I 3.2 Practice
Document10 pages
Red Hat System Administration I 3.2 Practice
stefygrosu
No ratings yet
Optimum: 3 October 2017 / Document No D17.100.04
Document5 pages
Optimum: 3 October 2017 / Document No D17.100.04
Julio Barrera
No ratings yet
Optimum: 3 October 2017 / Document No D17.100.04
Document5 pages
Optimum: 3 October 2017 / Document No D17.100.04
Julio Barrera
No ratings yet
7-Bastard HTB Official Writeup Tamarisk
Document5 pages
7-Bastard HTB Official Writeup Tamarisk
Karan
No ratings yet
Blocky
Document6 pages
Blocky
Constantino Miguelez Peña
No ratings yet
Blue
Document5 pages
Blue
MK
No ratings yet
Exploit Labs Short
Document17 pages
Exploit Labs Short
Fernando Gebhardt
No ratings yet
Discovering Oracle Accounts With
Document40 pages
Discovering Oracle Accounts With
Steven Conley
No ratings yet
Celestial
Document5 pages
Celestial
yiwawax804
No ratings yet
Holiday
Document8 pages
Holiday
yiwawax804
No ratings yet
Arctic: 16 October 2017 / Document No D17.100.23
Document5 pages
Arctic: 16 October 2017 / Document No D17.100.23
Anindito Setya
No ratings yet
CSW2016 - Getting Physical - Extended Version
Document85 pages
CSW2016 - Getting Physical - Extended Version
bacehew902
No ratings yet
Documentation Audit S2D
Document9 pages
Documentation Audit S2D
César Vieira
No ratings yet
113-Tally HTB Official Writeup Tamarisk
Document10 pages
113-Tally HTB Official Writeup Tamarisk
toni
No ratings yet
Ruby Metasploit Content
Document7 pages
Ruby Metasploit Content
febit57677
No ratings yet
Using Nmap On Windows
Document7 pages
Using Nmap On Windows
Thando Malaza
No ratings yet
Ways To Start An AIX in Maintenance Mode or Single User
Document7 pages
Ways To Start An AIX in Maintenance Mode or Single User
sat
No ratings yet
Awesome Advanced Windows Exploitation References
Document5 pages
Awesome Advanced Windows Exploitation References
ShopnoPathik Aion
No ratings yet
3.2.1. LAB PRACTICE - Zenmap Network Scanning v1
Document11 pages
3.2.1. LAB PRACTICE - Zenmap Network Scanning v1
Victor udorji
No ratings yet
Laboratory Setup: Step 1: Download Metasploitable, Which Is A Linux Machine. It Can Be Downloaded From
Document13 pages
Laboratory Setup: Step 1: Download Metasploitable, Which Is A Linux Machine. It Can Be Downloaded From
Tajria Sultana
No ratings yet
Penetrating Windows 8 With Syringe Utili
Document5 pages
Penetrating Windows 8 With Syringe Utili
AGBADAN Yao Eric
No ratings yet
Minemeld User Guide
Document42 pages
Minemeld User Guide
Akun baru
No ratings yet
Lab - Isolated Compromised Host Using 5-Tuple: Topology
Document19 pages
Lab - Isolated Compromised Host Using 5-Tuple: Topology
Ярослав Костенко
No ratings yet
Lame
Document4 pages
Lame
Tushar Jadhav
No ratings yet
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
Document18 pages
12.4.1.2 Lab - Isolate Compromised Host Using 5-Tuple
N
No ratings yet
Cài đặt phần mềm Nessus trên backtrack
Document8 pages
Cài đặt phần mềm Nessus trên backtrack
thanglx
No ratings yet
Windbg and Dump Analysis: Ahmet Mithat Bostanci Microsoft, GTSC Iis/Web Development Support
Document30 pages
Windbg and Dump Analysis: Ahmet Mithat Bostanci Microsoft, GTSC Iis/Web Development Support
rajivgogoi
100% (1)
Monday, April 01, 2019 5:57 PM: Microsoft-Windows-Security-SPP Microsoft-Windows - Security-Licensing-SLC
Document10 pages
Monday, April 01, 2019 5:57 PM: Microsoft-Windows-Security-SPP Microsoft-Windows - Security-Licensing-SLC
saikumar Muktha
No ratings yet
Windows Crash Dump Analysis
Document11 pages
Windows Crash Dump Analysis
betatest12
No ratings yet
WINTEL L2 or L3 Interview Questions
Document4 pages
WINTEL L2 or L3 Interview Questions
Stephanie Flores
100% (1)
BR Course Info
Document87 pages
BR Course Info
karthick
No ratings yet
Kernel Panics
Document28 pages
Kernel Panics
PSG
No ratings yet
Lab 2.4 - Windows Task Manager
Document12 pages
Lab 2.4 - Windows Task Manager
phuongnamnguyendeptrai2004
No ratings yet
CheatSheets OSCP
Document286 pages
CheatSheets OSCP
namishelex01
No ratings yet
Sense
Document5 pages
Sense
yiwawax804
No ratings yet
Windows Kernel Exploits
Document13 pages
Windows Kernel Exploits
anonimoencubierta
No ratings yet
modifying_meterpreter_for_evasion
Document31 pages
modifying_meterpreter_for_evasion
endoss
No ratings yet
Ethical Hacking Lab 13
Document31 pages
Ethical Hacking Lab 13
Jeanna Taylor
No ratings yet
Dynamips - Dynagen Tutorial
Document20 pages
Dynamips - Dynagen Tutorial
hazardhap
No ratings yet
ManageEngine Deep Exploitation
Document13 pages
ManageEngine Deep Exploitation
jiang hao
No ratings yet
Exploit Spotting Locating Vulnerabilities Out of Vendor Patches Automatically
Document74 pages
Exploit Spotting Locating Vulnerabilities Out of Vendor Patches Automatically
Jeong Wook Oh
No ratings yet
Active Directory
Document10 pages
Active Directory
Kindra
No ratings yet
Lab 5 - Network Scanning Using Various Scanning Tools
Document13 pages
Lab 5 - Network Scanning Using Various Scanning Tools
debbyta
No ratings yet
A Guide For Troubleshooting A Segfault
Document5 pages
A Guide For Troubleshooting A Segfault
Anil Kumar
No ratings yet
Andy Mc's .NET Framework FAQ
Document31 pages
Andy Mc's .NET Framework FAQ
Rajesh Aravapalli
No ratings yet
Lab 8 - Configuring Site-To-Site VPN Using CLI
Document9 pages
Lab 8 - Configuring Site-To-Site VPN Using CLI
lee lee
No ratings yet
4.5.2.10 Lab - Exploring Nmap - OK
Document7 pages
4.5.2.10 Lab - Exploring Nmap - OK
Interesting facts Channel
No ratings yet
Lab 19 Metasploit
Document11 pages
Lab 19 Metasploit
oscar tebar
100% (1)
0xsp - Privilege Escalation Cheatsheet
Document15 pages
0xsp - Privilege Escalation Cheatsheet
Jacobus Booysen
No ratings yet
Metasploit - Evasions
Document1 page
Metasploit - Evasions
ahvillalba
No ratings yet
Au Debugtools PDF
Document10 pages
Au Debugtools PDF
mrcipamochaq
No ratings yet
2.0.1.2 Class Activity - Identify Running Processes
Document4 pages
2.0.1.2 Class Activity - Identify Running Processes
Joan Brea
No ratings yet
WWW - Hackingarticles.in: Page - 1
Document56 pages
WWW - Hackingarticles.in: Page - 1
vybi
No ratings yet
Microsoft Windows Crash Dump Analysis: Mark Russinovich David Solomon
Document51 pages
Microsoft Windows Crash Dump Analysis: Mark Russinovich David Solomon
Glassic12
No ratings yet
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hedaya Alasooly
No ratings yet
Fingerprint
Document40 pages
Fingerprint
yiwawax804
No ratings yet
Cross Fit Two
Document56 pages
Cross Fit Two
yiwawax804
No ratings yet
Vault
Document13 pages
Vault
yiwawax804
No ratings yet
Safe
Document19 pages
Safe
yiwawax804
No ratings yet
Sense
Document5 pages
Sense
yiwawax804
No ratings yet
SwagShop
Document17 pages
SwagShop
yiwawax804
No ratings yet
arvandy_com_oscp_seventh_week_exam
Document13 pages
arvandy_com_oscp_seventh_week_exam
yiwawax804
No ratings yet
Sunday
Document7 pages
Sunday
yiwawax804
No ratings yet
arvandy_com_oscp_first_week
Document10 pages
arvandy_com_oscp_first_week
yiwawax804
No ratings yet
arvandy_com_oscp_second_week
Document7 pages
arvandy_com_oscp_second_week
yiwawax804
No ratings yet
Intentions
Document23 pages
Intentions
yiwawax804
No ratings yet
Busqueda
Document18 pages
Busqueda
yiwawax804
No ratings yet
Red Team Capstone Network - Kesaya Write-Up
Document43 pages
Red Team Capstone Network - Kesaya Write-Up
yiwawax804
No ratings yet

Grandpa

Uploaded by

Copyright:

Available Formats

You might also like

Grandpa

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Grandpa

Uploaded by

Copyright:

Available Formats

Grandpa

4thth October 2017 / Document No D17.100.05

Skills Required Skills Learned

● Basic knowledge of Windows ● Identifying known vulnerabilities

Proof of concept: https://www.exploit-db.com/exploits/41738/

Executing the Metasploit module iis_webdav_scstoragepathfromurl i mmediately grants a shell.

Running local_exploit_suggester in Metasploit returns several recommendations:

You might also like

Grandpa

Uploaded by

Copyright:

Available Formats

You might also like

Grandpa

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Grandpa

Uploaded by

Copyright:

Available Formats

Grandpa

4th​th​ October 2017 / Document No D17.100.05

Skills Required Skills Learned

● Basic knowledge of Windows ● Identifying known vulnerabilities

Proof of concept: ​https://www.exploit-db.com/exploits/41738/

Executing the Metasploit module ​iis_webdav_scstoragepathfromurl i​ mmediately grants a shell.

Running ​local_exploit_suggester​ in Metasploit returns several recommendations:

You might also like

4thth October 2017 / Document No D17.100.05

Proof of concept: https://www.exploit-db.com/exploits/41738/

Executing the Metasploit module iis_webdav_scstoragepathfromurl i mmediately grants a shell.

Running local_exploit_suggester in Metasploit returns several recommendations: