Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: learn about exploits

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Posts
    121

    learn about exploits

    Ok here is the deal...all these months i have been rtfming a lot..i am really interested in security of networks but so far i never tried to do sth more than reading and...scanning a couple of ip's...i think i should learn more things concerning the use of exploits and other ways to bypass systems not for playing or revenging but in order to learn more about security.. i constantly patch my linux box,i use firewall but i know nothing practical about the bypassing of firewalls so that i am able to take countermeasures..hope you get me...i have an old pentium I and a new pentium IV.. should i use them for experimenting ? and how exactly shall i do that (this is not a lame questino just a question of smb that tries to put into practise things he learnt without doing sth illegal)... and also how could i experiment on taking action remotely (bypassing firewalls.footprinting) without doing anything illegal? I hope you help me....
    PS: i am not a scriptkiddie,haxxor,etc...see my posts
    PS2:
    PS3:i repeat it:i just want to learn in order to become better..i dont have other intentions
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  2. #2
    check these links for more info:
    http://neworder.box.sk/
    http://www.packetstormsecurity.org/

    there are dozens more, but these will have something interesting for you, i think...

  3. #3
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    Do you know c?

    A common exploit found are buffer overflows, if you have a grasp of c and computer architecture you could actually practice this. Im not sure how much of a value it would be to you. Its not like you can go thourgh your system find out all the process running, look at all there source codes, and determine if your system is safe. The only real value is if you are a coder and you want to make safe and secure programs, you will learn what not to do. Or if your a code auditor.

    If your just wanted to know what the best way to protect you really need to understand the complete architecture of your network. Start with the firewall. You need to know this one like the back of your hand as it is usually the first line of defense.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  4. #4
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    Foa thanks...ok i just started learning c..concerning buffer overflows...i only know theoretically things...is there any good tute about how they specifically work?
    PS:i checked the pages..a lot of stuff to read!thanks...
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  5. #5
    Senior Member
    Join Date
    Jun 2003
    Posts
    236
    GOOGLE -> "Smashing the stack for fun and profit"
    GOOGLE -> "core-sec abo paper"

    The first one is a really good paper that walks you through exploiting a simple buffer overflow, the second one goes into more advanced techniques.
    That which does not kill me makes me stronger -- Friedrich Nietzche

  6. #6
    Member
    Join Date
    Nov 2003
    Posts
    88
    I recommend you surfing around on www.phrack.org a bit. There they have articles (such as the Smashing the stack for fun and profit).
    Its also a good place to learn the theory behind things as opposed to just downloading script kiddie tools from random h4x0r sites.
    -HDD

  7. #7
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    thanks for links i just read them....now getting a bit more indepth....can i ask also sth else? I read about a new vulnerability in linux kernel concerning also my box...is thre anything i can do generally but waiting for suse to make a patch????thanks again for replies...
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  8. #8
    I would advise you to learn a programing language as well.
    Perlscript/Perl/C/c++/Vb/Delphi/Cgi/Etc.
    There are alot of exploits, That I have wrote utilizing "cgi".
    There alot of tools for implenmenting expliots as well.
    \"If knowledge is power. Why doesn\'t everybody read?\"

  9. #9
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    I learn programming that is not the deal...what i needed was to see some source codes and how they work...now things are better i think...
    PS:could you PM your exploit in cgi????That would be of great assistance....
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  10. #10
    Senior Member
    Join Date
    Feb 2004
    Posts
    620
    http://www.securiteam.com/exploits/archive.html
    http://www.hoobie.net/security/exploits/
    http://www.k-otik.com/exploits/
    http://www.netsys.com/cgi-bin/listfiles.cgi?c=3
    http://www.outpost9.com/exploits/
    http://www.phreak.org/html/exploits.shtml
    http://www.linux-sec.net/Exploits/ (links to various exploit sites)

    That is only a small fraction produced from a simple Google search of "exploits"

    You could even refine the search to get results more specific to what you want to find.

    Google is your best friend.

    There are TONS of exploits there, all with source code (most of them anyways).

    Have fun

    Remember to keep it legal.

    Later,

    mjk

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •