Introduction to exploits

July 15, 2005

1- What is an exploit?

An exploit is a way to gain a higher access into a system.It can be either from non-authorized
to simple user or from simple user to administrator level.It also includes crashing servers
because this might be part of an exploit.

2- What is a local exploit?

A local exploit is a way to gain a higher access into a targeted system when someone already
have a physical access to a terminal of the network or when there is a similar point of entry
available for the attacker i.e. a trojaned computer on a network.
Useful when you are a simple worker and you want to have admin rights.

3- What is a remote exploit?

A remote exploit is a way to gain a higher access into a computer from a distant location.It’s
the kind of exploits you’re looking for when hacking on the web.

4- What is the cgi exploit, the NT exploit … ?

This kind of question reveal a deep misunderstanding of exploits. There are already 100’s of cgi
exploits as well as over 600 known/published exploits for Windows NT. Many exploits exists for
all Operating Systems although the Unix-like (BSD) family seems to be much harder to compromise.

5- Where can I learn those wonderful exploits then?

There are sites that have huge database of exploits.Take a look at:

http://www.attrition.org

http://www.rootshell.com

http://www.bugtraq.org

……

6- O.K., I went to these sites and I don’t understand anything.Any tips?

Exploits are presented this way:

-an introduction showing a description of the security hole and the system affected.
-the how to or the program in source code
-a way to prevent it if it exists.

*Note: DON’T BE A LAMER. The author usually leaves his mail addy for comments. It’s for people
that have something to add to the discussion, not for people who don’t understand how it works.*

7- What should I do with these codes?

Basically, you have to compile the source into a binary executable.They are almost all in C so
you must have the C compiler at hand.Fortunately, Linux comes with a C compiler. (in fact you
have to compile all programs on Linux, there’s no easy setup.exe , you start to understand now
why Linux is mandatary for hacking? )

8- But I still don’t understand, what should I do?

First, install Linux on your computer and play with it for a while.
You can install Redhat 6.2 Version or Mandrake 7.1, both are good for newbies, easy to install
and user friendly. You can find a little “How to install”
here: http://newdata.box.sk/raven/linux.txt.
Then, read a lot on TCP/IP and learn some basic stuff.
You can find a tutorial here: http://www.fortunecity.com/roswell/elm/279/work/tcpindex.html.
An introduction to programming is highly recommended, above all something on C and Pearl
Language
You can find basic manuals around, you know how to search.

9- Is there any proggies out there that can help me?

As you should have noted,the exploits are listed under their Operating Systems so the first
thing you have to do is find the target O/S . A very good scanner named NMAP is a must.The 7th
sphere port scanner is also a nice one (it’s for wind0ze).Voidexe scanner is a potent one for
cgi scans (wind0ze too).

Good luck guyz , Just1ce & Jobbe.

Posted in WhitePapers