Types of exploits
- Exploit can be of a single file to run either immediately or pre-compile.
- Exploit can be of a file, usually with the extension. Tar or. Tar.gz, because most of them are written for UNIX systems. In these archives can lay anything:
- The same. Pl files* Script or source code for C, Java? etc* Just a description of "tricky treatment"* Etc
* Scan the host (preferably scan using nmap)* Enjoying the open ports and that they hang* Telnet to open ports and find out the version of demons* Find the leaky demon* We are looking for an exploit* Send it to the shell-account in the linearized* Compile it* Launch Exploit
Search exploit
Suppose that we have learned that some demon leaky. Immediately run into bugtrack's archives and find vulnerabilities and exploit.
Sploit looking for either version of the daemon or by the operating system version.
shell-account
The options are:
1. Do you have a shell (not covered - go to the next heading)2. You do not have a shell, and you want it to fuck
Actions:
- You can use tof shell (but they have many of the right things off )
3. Do you have your own UNIX (Go to next heading)
Compilation :
Suppose we have found the right Exploit for C. Most exploits are written in this language programming.
gcc file.c-o file - compile C code and get a binary file on exit
If you have an archive, disclose: tar-xvzf pack.tgzcd [directory name]. / Configuremakemake install
You may have to read the Readme File before installation, if a specific exploit.
Running exploit
If an exploit in Perl, then use the command to run
perl exploit.pl [parameters | flags]If the exploit is in C, then$. / Sploit [parameters]
Each exploit involves inserting their parameters, the appointment of the most commonly reported himself at startup.
Some explanations:
1. What is a shell?
Shell literally means "shell". This is a program that accepts user commands from the command line, converts them into an understandable form for OSes and displays response OSes in an understandable form for the user . Another name for shell - a shell. Here are some of the most usability shell'ov: bash, sh, csh, tcsh, psh. They are characterized by the fact that each shell a language for writing scripts (in related shells, they are almost the same as in bash and sh).
They also differ in function: allows you to edit some kind of command line. Almost every shell has its own built-in variables. If you do not know what your shell, you enter the command echo $ SHELL. If you want to change your default qualify shell, typing a command chsh.
2. What is a daemon (daemon)?
Daemon is a program that runs in the background (background) and has no controlling terminal. Resident, in short: 0)
________________________________________________________________
We Hope You Learned Something Meaningful From This tutorial,
If You Have any Problem Please Comment Below, And You Need any Requirement Software...
Just...
No comments :
Post a Comment