When we looked for vulnerabilities in the web application, we found a viable attack vector via SQL injection. In this instance, Fast-Track is our best option for compromising the MS SQL server and gaining access to our target through Meterpreter, because, as you’ll recall from Chapter 11, it attacks Microsoft SQL–based injection vulnerabilities with ease.
After we have a Meterpreter console, we’ll look at how to gain access to the Metasploitable system on the internal network.