Hey guys, Is there anyway (besides looking over the db_autopwn output, which isnt pretty ;) )to determine which of the exploits gained the session which is displayed via sessions -l? Thanks, nnp -- http://www.smashthestack.org http://www.mastersofthewang.com