In fishing, if you want to catch the prize winner, it helps to have the right bait. In phishing, if you want that elevated user’s credentials, you also need the right bait. Using Metasploit and VM tools for live bait and a minimum amount of schmooze to chum the waters, we will land us elevated user credentials by exploiting the trust people have for their own networks. After all, if you can’t trust your own server, who can you trust?