There’s a certain feeling of satisfaction when you can manually work your way through exploiting a box.  Not only that, you’ll have a better understanding of what’s really going on under the hood.  You don’t really get that when you’re using automated tools.  Not that I don’t use what’s in the toolbox but given the choice, I will try the manual route first.

I've not seen much of Drupal from either side but I found myself staring at a 7.31 installation and after some quick searches, I realized it was vulnerable to SQL injection.

I have a wordlist I created from a collection of wordlists I've acquired.  It's not the end-all, be-all wordlist but it's a big and if you have a weak password, it's in this list.  In fact, if you have a decent password, it's in the list.

It's a good list for banging against passwords to see if they are reasonably secure.  When I attempt to crack a passwords, I go to the top 10 most used, the top 500 most used, and then 'the' list.  Beyond that, I'm probably going to stop unless I have a different motivation.

I needed to quickly gather the version of Microsoft Office in a mixed version environment.  Simple enough, let's grab the version of Word:

reg query "HKEY_CLASSES_ROOT\Word.Application\CurVer"