Im sorry that was really rude of me. It just reminded me of a time I could have asked that same question and I don’t like seeing myself that way.

The majority of sploits are os specific, one made for red hat usually wont work on bsd. Looking for a server to run a sploit on is really a stupid way of doing things. But if you must know :

First you have to scan a whole lot of ip addresses with a scanner that can detect what os is running on it, like Nmap.

Then you have to determine which is the correct version and which is not patched.

Then you have to obtain sufficient rights to compile and run your code. In other words you gotta break into the server.

Now you gotta know that by the time this code gets to a place that anyone on the internet can find it, patches have been released and warnings have been sent out.

So now you have a list of servers that this sploit was made for. You’ve found one that’s vulnerable to your break in techniques, you get root, but now theirs a real good chance that a server set up to be this easy to break into, is a honeypot, and the man is watching your every move.

So how do you cover you tracks….

It would be much easier if you just said what you know, then someone can tell you what you need to learn.