home *** CD-ROM | disk | FTP | other *** search
- ############################################################################
- ############################## LEGIONS OF THE UNDERGROUND ##################
- *********************************__ *********************_____ **** ____************
- ********************************/ /*********========***|___ /****/ ___/***********
- *******************************/ /*********/ ___ /******/ /****/ /***************
- ******************************/ /*********/ / / /******/ /****/ /****************
- *****************************/ /*********/ /__/ /******/ /****/ /*****************
- ****************************/ <______** / /******/ <____> /******************
- ***************************<__________| /_______/ *****(________/********************
-
- (http://www.hackersclub.com/lou/)
-
- --- Exploits ---
-
- Alot of people ask me about exploits, what they are, what they do, and how
- they use them. Well, I'm writing this document to explain this for hopefully
- my last time. It's just starting to bother me that I have to explain this
- everytime I'm on irc, so i thought there should be a text explaining them.
- Well, here it is.
-
- - miah
-
- --- What is a ' Exploit ' ? ---
-
- Well to explain this simply, a Exploit is a program that 'exploits' a bug
- in a specific software. All exploits are different, they do different things
- exploit different bugs, thats why exploits are allways program specific.
- Exploits are made to get root on different operating systems. They achive
- this by exploiting a bug in software when the software is running as root.
- In UNIX type OS's, software may have to run as root ( or UID 0 ) in order to
- perform a specific task that cannot be performed as another user. So basically
- the exploit crashes the software while running as root to give you the beautiful
- root prompt.
-
- Well, now that I've answered questions one and two, I'm going to move on to
- question 3.
-
- --- How do I use a exploit? ---
-
- Since exploits are coded in C 99% of the time, you need a shell on the box
- you are going to use the exploit on, OR, you need to be running the same OS as
- the box you are attempting to hack. So basically, you need to put the source
- code, or the binary in your shell accounts dir, ( you want to use a hacked, or
- a shell not yours for this :) ) to put it on your shell, you can ftp to your
- account and upload it that way, or you can use rz if you are using a dialup shell.
- either way, i shouldnt have to explain those to things to much, its pretty easy.
-
- Once you have the exploit on the box you just need to compile it. Usually you
- would compile the exploit like so;
-
- blah:~/$gcc exploit.c
-
- that should compile your exploit. However, be aware that some exploit coders
- are sneaky pests, and like to pick on people who dont know C, so they will
- sometimes insert bugs into the exploit, thus uninabiling it to be compiled. So
- it does help to know C, when playing with C :)
-
- After the compiling is done, you should beable to just run the exploit and its
- work will be done when you see the root prompt. however, not all exploits are
- the same, and might require different commandlines to get them to work.
-
- --- Where can I get some exploits? ---
-
- Well 2 of the best places i have found for exploits are
-
- http://get.your.exploits.com
-
- and
-
- http://www.rootshell.com
-
- they are both great resources of exploits and other information.
-
- --- Conclusion ---
-
- Well, that pretty much explains everything ya need to know about exploits.
- If you think I should include any other information just email me at the
- address provided below.
-
- miah@hackersclub.com
-
-
