To start using BackTrack, either download a VM image or downlaod the ISO and configure a brand new virtual image (or your computer):
BackTrack login/password is: root/toor. Start X by typing startx
.
To experiment with Metasploit, you can use the Armitage GUI: Applications > Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > armitage
I suggest that you read some chapters in the Metasploit documentation. Quite interesting to see how the framework works.
To patch a Rails application and some other good reading:
- Multiple vulnerabilities in parameter parsing in Action Pack (CVE-2013-0156)
- Use Metasploit to Verify Rails is Secured from CVE-2013-0156
- Critical Ruby On Rails Issue Threatens 240,000 Websites
- Update Ruby now before it goes off the Rails
If you want me to do the demo at your company, contact me.