an exploit question
Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: an exploit question

  1. #1
    Senior Member
    Join Date
    Sep 2003
    Posts
    161

    an exploit question

    yesterday i installed 8 virutal machines using VMware, the purpose was just to practice some security, kind of like a wargame. i have winxp, win2kserver, win2kpro, redhat 6.3, slackware, freeBSD, win2003, and conectivia linux.
    my question is how do i use exploits??? i know you use nmap or satan to search for vulnerabilities, but how do you exploit them??
    any tutorials, site, faq???

    btw.. i searched for google for "exploits for begginers", "how to use exploits", "using exploits" with no luck. it just says to run gcc -c exploit.c but there has to be more meat.

    thanks

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    There is no more meat, once you have the exploit coded you compile it and run it against the target. You don't necessarily need an exploit to exploit a system, various holes can also be exploited "by hand" i.e. GET ////////////////////////////////////////////////////... HTTP/1.0 <- old apache buffer overflow.

    Just posted: http://www.antionline.com/showthread...hreadid=251875

    You can find vulnerabilities here: http://www.securityfocus.com/bid
    Also consider subscribing to bugtraq, to keep aware of the latest vulnerabilities...

    Also useful: http://packetstormsecurity.nl/

    Heck there are many out there.
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  3. #3
    If you want to test the insecurity of a system there is nothing more to it.
    Use slack to compile sploitz for the rh 6.3.
    gcc -c blah
    a.out
    If you want to learn how to test the security of a system you first need to learn how to setup a box secure.
    So lock down the BSD box.
    Next learn to read (and modify) C (++) code and try to exploit it.
    There are lots more 'tools' out there besides nmap and satan.
    Congratulations, you have become a script kiddie (<--that was a joke)

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    your question "how do i use exploits?" is like asking how do i use software in that it would help to know which piece of software your talking about. they all 'do' different things. some open ports that give you a shell when you connect. some of these dont give you any kind of echoed output but take commands. some do a reverse connection and you need to have a listener waiting on a certain port.

    Exploit code isn't published so folks with no knowledge can hack. its there to show whats going on.

    read the code and see what each one does
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Mar 2002
    Posts
    166
    Well some of you have right to me. As first of all you need to know the basic of telnet communication, know some prog languages and some things about security. From what i have understood you want to hack, but here we learn the opposite how to defend the hack. We learn the weakness of our systems. And AO is our tool to achive that.

  6. #6
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    From what i have understood you want to hack, but here we learn the opposite how to defend the hack.
    I feel that the best way to defend is to understand how the hacker thinks and then implement protective counter measures. Not all vulnerabilities are determined by running nessus or readin AO posts. You need to think outside the 'white box'
    That which does not kill me makes me stronger -- Friedrich Nietzche

  7. #7
    Senior Member
    Join Date
    Sep 2003
    Posts
    161
    thanks, i will try them out.
    i probably need to know some programming though, so i will read a couple of good c books

  8. #8
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    i will read a couple of good c books
    Lol, one will be enough, the rest you can learn from tutorials on the internet, heck the only book about programming I ever bought was Teach Yourself Java 2 in 21 days.
    I learnt assembly and Python (and some C) only by reading tutorials so...
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  9. #9
    Junior Member
    Join Date
    Dec 2002
    Posts
    27
    a piece of advise on exploits. in this case, if u'r analysing your lan or your stuff, it's okay, but if u plan to go one step further: NEVER USE OTHER'S CODE! it's a security risk 4 u!
    check www.insecure.org -> exploit world, many exploits, if not all, are out of date, but u'll learn a lot! cheers, consoleknight.

  10. #10
    Senior Member
    Join Date
    Jun 2003
    Posts
    134
    I may be wrong, but I think that people always start in the wrong place. I mean wanting to learn how exploits work is all well and good, but how about learning how the operating systems work first. If you just run exploits on stuff then you are basically just a script kiddie. I take it from your post that you have limited experience in this area. I mean a lot of exploits you have to compile before you use them and it seemed like you didn't know how to do that.Take my advice if you really want to learn security stuff then learn the basics first. Know what is in a packet, and how it goes though the networks. For that matter know what a buffer overflow is and how it works first. I think that will make a lot for fruitful experience for you than just compiling some exploits and running them on vmware sessions. Basically all that will teach you is how to run an exploit that someone else wrote. It won't teach you why the exploit worked in the first place. Anyway that is just my 2 cents.
    Sysmin Sys73m47ic
    -The Hacker Pimps
    -Development Team {FuxorWRT}
    http://www.AntiOnline.com/sig.php?imageid=563

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •