an exploit question

[jpr*]

i totally agree sysmin. qod: first of all learn about network protocols and at the same time a language (c for example). i've seen a lot of people pretending to be hackers, or crackers or whatever, that didn't know even the basics about networking. that's not hacking. so, i suggest surfing the internet and reading, a lot, about protocols. exploits will come later on the road (and, when u get there -surelly will- u will be writting your own code).
consoleknight.

[Galdron]

Originally posted here by qod
yesterday i installed 8 virutal machines using VMware, the purpose was just to practice some security, kind of like a wargame. i have winxp, win2kserver, win2kpro, redhat 6.3, slackware, freeBSD, win2003, and conectivia linux.
my question is how do i use exploits??? i know you use nmap or satan to search for vulnerabilities, but how do you exploit them??
any tutorials, site, faq???

btw.. i searched for google for "exploits for begginers", "how to use exploits", "using exploits" with no luck. it just says to run gcc -c exploit.c but there has to be more meat.

thanks

Greetings God. Not often that I respond to posts by the almighty.


From your original post the fact that you have all the OS's on "8", "Vitual" machines, and need a tutorial to exploit them leads me to beleive that you need to become more familiar with the actual workings of at least a few before you start "Testing" them.

Learn the basiscs, and above all do not use lamer progz. like Brutus to Exploit your systems.

Good luck, there are a lot of very bright ppl. here, and given the wording is acceptable you will find the answers to most of your questions. I learn by reading. A lot.




I just read your second post, heheh I guess I overexplained it then. lol P:

[qod]

thanks to all the posts, but my nickname is QOD and no GOD
i know how networks work and how packets work and what is an exploit and buffer overflows are i have read hacking exposed, max security 4th, max security linux, snort 2, ids with snort, linux for win addicts, applied ids, and implementing ids. i just wanted to know how to use an exploit and it seems like i need a good C book, so i picked up today 3 books c for absolute bigginers, absolute biggeners guide to C, and programming with C, i also need to read the antihacker book, hacker's attacks revealed, and couter hack. i got lots of reading and i should be able to crack my systems soon on my own. i do not want to be a script kiddie, just a white hat. yet i want to test how blackhats crack my system.

[GbinaryR]

Originally posted here by qod
thanks, i will try them out.
i probably need to know some programming though, so i will read a couple of good c books

Originally posted here by qod
thanks to all the posts, but my nickname is QOD and no GOD
i know how networks work and how packets work and what is an exploit and buffer overflows are i have read hacking exposed, max security 4th, max security linux, snort 2, ids with snort, linux for win addicts, applied ids, and implementing ids. i just wanted to know how to use an exploit and it seems like i need a good C book, so i picked up today 3 books c for absolute bigginers, absolute biggeners guide to C, and programming with C, i also need to read the antihacker book, hacker's attacks revealed, and couter hack. i got lots of reading and i should be able to crack my systems soon on my own. i do not want to be a script kiddie, just a white hat. yet i want to test how blackhats crack my system.

I wanted max security 4th but i found something more interesting. Hackers blackbook. I'm curious to see what it is in it. I read the review and it says that analyzes the DoS and DDoS attacks many things. I saw it on www.astalavista.com up right.

[Beryllium9]

Perhaps when you compiled and run the exploit source code, it did actually work, but not in the way you intended. Lots of publically available exploits have been deliberately crippled so they don't run without a few slight changes. This is normally done to try and prevent these exploits being used by idiots to attack remote servers.

Another possibility is the exploit isn't really as it was advertised, so to speak. Lots of exploits don't actually do what you think they do, and instead will do nasty things like add extra unpassworded root users to your PC, or format the whole boot drive. Always decode the shellcode portion of any exploit, as it's the easiest place to hide nasty surprises like this, and never run an exploit unless you trust the source.

[Galdron]

Originally posted here by Beryllium9
Perhaps when you compiled and run the exploit source code, it did actually work, but not in the way you intended. Lots of publically available exploits have been deliberately crippled so they don't run without a few slight changes. This is normally done to try and prevent these exploits being used by idiots to attack remote servers.

Another possibility is the exploit isn't really as it was advertised, so to speak. Lots of exploits don't actually do what you think they do, and instead will do nasty things like add extra unpassworded root users to your PC, or format the whole boot drive. Always decode the shellcode portion of any exploit, as it's the easiest place to hide nasty surprises like this, and never run an exploit unless you trust the source.

Good point Bery, in many cases DLL. files are the ones left out. As is my experience.

[qod]

thanks but i did not compile any thing yet, one question though, if i compile a remote exploit how do i attack the remote computer??? should i compile it on my computer and change say the IP address of the code, or just upload it and run it from the remote computer???

btw.. what is the best newbie book on C programming. MsMittens suggested k&R C programming and absolute bigginers guide to C, any other books for basics and advanced C.

thanks

[S3cur|ty4ng31]

There is no golden rule for how all exploits will run. There basically just like any other program that could take command line args, or input or whatever. You really should look at the code of the exploit of the exploit you intend to run.

First look for malicious code, as has already been stated in this thread, then look over the usage. Alot of times it will be comment on how to compile and how to execute. But please dont just read compiling and usage then run, being a script kiddie will get you no where. You should try to understand as much as possible. I do the same thing too I run several vmwares and I exploit them. I also run my IDS of choice while doing it, not only does this help in the understanding process but you can actually verify that your IDS is working in a 'real' type of attack.

[DeadlyHabits]

my question is how do i use exploits???

For **** sake...what kinda stupid question....

[qod]

Originally posted here by S3cur|ty4ng31
There is no golden rule for how all exploits will run. There basically just like any other program that could take command line args, or input or whatever. You really should look at the code of the exploit of the exploit you intend to run.

First look for malicious code, as has already been stated in this thread, then look over the usage. Alot of times it will be comment on how to compile and how to execute. But please dont just read compiling and usage then run, being a script kiddie will get you no where. You should try to understand as much as possible. I do the same thing too I run several vmwares and I exploit them. I also run my IDS of choice while doing it, not only does this help in the understanding process but you can actually verify that your IDS is working in a 'real' type of attack.

thanks will do