This presentation focused on abusing design flaws, configuration errors, and information leaks to gain access to typical environments. The open source Metasploit Framework will be used as a demonstration platform to illustrate how low-risk information leaks can be combined to gain administrative access to a target network.