This chapter provided a solid introduction to exploitation. By taking advantage of Kioptrix, which is an intentionally vulnerable Linux distribution, we were able to get hands-on practice in locating exploits on Exploit-DB and on Kali, and then correcting any errors we found in that code. We looked at the steps necessary to truly understand the penetration testing exploitation phase such as banner grabbing and transferring files to and from an exploited machine.
We looked at password cracking and brute forcing with John the Ripper, which needs to be understood in depth to prepare for later chapters. Password cracking is not going to go away anytime soon and expertise on this subject can be very beneficial in the long term.
The chapter also covered the steps necessary to transfer files to and from an exploited machine; this included the setup and configuration of the FTP daemon that comes preinstalled with Kali.
Finally, we wrapped up the chapter with a look at Metasploit and how it...