|
-
March 3rd, 2004, 08:47 PM
#1
Senior Member
learn about exploits
Ok here is the deal...all these months i have been rtfming a lot..i am really interested in security of networks but so far i never tried to do sth more than reading and...scanning a couple of ip's...i think i should learn more things concerning the use of exploits and other ways to bypass systems not for playing or revenging but in order to learn more about security.. i constantly patch my linux box,i use firewall but i know nothing practical about the bypassing of firewalls so that i am able to take countermeasures..hope you get me...i have an old pentium I and a new pentium IV.. should i use them for experimenting ? and how exactly shall i do that (this is not a lame questino just a question of smb that tries to put into practise things he learnt without doing sth illegal)... and also how could i experiment on taking action remotely (bypassing firewalls.footprinting) without doing anything illegal? I hope you help me....
PS: i am not a scriptkiddie,haxxor,etc...see my posts
PS2: 
PS3:i repeat it:i just want to learn in order to become better..i dont have other intentions 
Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
Screw you guys I am going home!-Kartman
-
March 3rd, 2004, 09:45 PM
#2
check these links for more info:
http://neworder.box.sk/
http://www.packetstormsecurity.org/
there are dozens more, but these will have something interesting for you, i think...
-
March 3rd, 2004, 11:58 PM
#3
Do you know c?
A common exploit found are buffer overflows, if you have a grasp of c and computer architecture you could actually practice this. Im not sure how much of a value it would be to you. Its not like you can go thourgh your system find out all the process running, look at all there source codes, and determine if your system is safe. The only real value is if you are a coder and you want to make safe and secure programs, you will learn what not to do. Or if your a code auditor.
If your just wanted to know what the best way to protect you really need to understand the complete architecture of your network. Start with the firewall. You need to know this one like the back of your hand as it is usually the first line of defense.
That which does not kill me makes me stronger -- Friedrich Nietzche
-
March 4th, 2004, 01:11 PM
#4
Senior Member
Foa thanks...ok i just started learning c..concerning buffer overflows...i only know theoretically things...is there any good tute about how they specifically work?
PS:i checked the pages..a lot of stuff to read!thanks...
Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
Screw you guys I am going home!-Kartman
-
March 4th, 2004, 06:22 PM
#5
GOOGLE -> "Smashing the stack for fun and profit"
GOOGLE -> "core-sec abo paper"
The first one is a really good paper that walks you through exploiting a simple buffer overflow, the second one goes into more advanced techniques.
That which does not kill me makes me stronger -- Friedrich Nietzche
-
March 4th, 2004, 06:41 PM
#6
Member
I recommend you surfing around on www.phrack.org a bit. There they have articles (such as the Smashing the stack for fun and profit).
Its also a good place to learn the theory behind things as opposed to just downloading script kiddie tools from random h4x0r sites.
-
March 5th, 2004, 05:44 PM
#7
Senior Member
thanks for links i just read them....now getting a bit more indepth....can i ask also sth else? I read about a new vulnerability in linux kernel concerning also my box...is thre anything i can do generally but waiting for suse to make a patch????thanks again for replies...
Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
Screw you guys I am going home!-Kartman
-
March 13th, 2004, 11:17 PM
#8
Member
I would advise you to learn a programing language as well.
Perlscript/Perl/C/c++/Vb/Delphi/Cgi/Etc.
There are alot of exploits, That I have wrote utilizing "cgi".
There alot of tools for implenmenting expliots as well.
\"If knowledge is power. Why doesn\'t everybody read?\"
-
March 15th, 2004, 03:16 AM
#9
Senior Member
I learn programming that is not the deal...what i needed was to see some source codes and how they work...now things are better i think...
PS:could you PM your exploit in cgi????That would be of great assistance....
Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
Screw you guys I am going home!-Kartman
-
March 15th, 2004, 05:03 AM
#10
http://www.securiteam.com/exploits/archive.html
http://www.hoobie.net/security/exploits/
http://www.k-otik.com/exploits/
http://www.netsys.com/cgi-bin/listfiles.cgi?c=3
http://www.outpost9.com/exploits/
http://www.phreak.org/html/exploits.shtml
http://www.linux-sec.net/Exploits/ (links to various exploit sites)
That is only a small fraction produced from a simple Google search of "exploits"
You could even refine the search to get results more specific to what you want to find.
Google is your best friend.
There are TONS of exploits there, all with source code (most of them anyways).
Have fun 
Remember to keep it legal.
Later,
mjk
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote