(1) First you need to download Metasploit. The most up-to-date version is FREE at metasploit.com.
(2) You need PostgrSQL for your database. Download here:
Make sure you use all the defaults or Metasploit woun’t work!
(3) Now lets get down to buisness… After installing both tools, open up the PostgrSQL admin gui (start -> all programs -> PostgreSQL 9.0 -> pgAdmin III). Then right-click on your server (in the left hand box) and click connect. Remember to keep this window open the whole time. You will also need the pass you chose to use in step 5…
(4) Time for some hacking! Go to start -> all programs -> Metasploit Framework, and then open the Metasploit gui. Let it load untill it look like this:
(5)Now, in the window type:
The first time you do this you will see lots of text flash buy. Don’t wory, this is normal.
Type db_host to make sure you are connected correctally.
(6)Now type this:
Make sure you put the ip of the computer you are trying to hack in the place of 000.000.000.000…
(7) Now we get to the fun part; the automatic exploitation. Just type db_autopwn -t -p -e -s -b , watch the auto-exploitation start, go play Halo for a while, and then come back…
(8) After the exploitation is done, type sessions -l to see what the scanner found. If all went well, you should see a list of exploits.
(9) Now we get to use the exploits to hack the computer! If you will notice, all of the exploits are numbered, and they all have obvious names (i. e., reverseScreen_tcp). In order to use an exploit, type this:
sessions -i ExploitNumber