Results 1 to 5 of 5

Thread: Finding exploits (Where to start?)

  1. #1
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    6

    Default Finding exploits (Where to start?)

    Heylo... I'm new to to forums and I was wanting to see about finding vulnerabilites in services & what not, then making exploits for them for pen testing.

    I currently have pretty good knowledge/experience in linux, some programming languages, and I'm currently taking Cisco classes so I know a lot about network layer protocols & what not.

    Can anyone point me in the right direction so I can begin to learn how to do this? Like maybe reports how other people have found vulnerable/made exploits? If someone would like to mentor me that would be nice too. ^.^

    Thanks for the help.

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by Aarhem View Post
    Heylo... I'm new to to forums and I was wanting to see about finding vulnerabilites in services & what not, then making exploits for them for pen testing.

    I currently have pretty good knowledge/experience in linux, some programming languages, and I'm currently taking Cisco classes so I know a lot about network layer protocols & what not.

    Can anyone point me in the right direction so I can begin to learn how to do this? Like maybe reports how other people have found vulnerable/made exploits? If someone would like to mentor me that would be nice too. ^.^

    Thanks for the help.
    I'm a little unclear as to what you are asking. If you want to learn to find the actual bugs you need to look into fuzzing. If you want to write exploits from other peoples bugs than normally you would keep a eye on somewhere like bug traq and watch for new vulnerabilities.

  3. #3
    Junior Member
    Join Date
    Sep 2008
    Posts
    85

    Default

    Heorot.net • Index page

    the scenarios here are interesting and show the basics of penetration, not sure if this is what your looking for.
    patience is appreciated =]

  4. #4
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    6

    Default

    Quote Originally Posted by pureh@te View Post
    I'm a little unclear as to what you are asking. If you want to learn to find the actual bugs you need to look into fuzzing. If you want to write exploits from other peoples bugs than normally you would keep a eye on somewhere like bug traq and watch for new vulnerabilities.
    Yeah sorry about not too clear. I've been reading all day so I'm a bit scatter-brained. >.<

    But thanks for your help.

  5. #5
    Junior Member
    Join Date
    Jan 2010
    Location
    Canada
    Posts
    84

    Default

    Generally if im looking for bugs in a program I will do two things.

    For Open Source:
    Fuzz it with Spike (the best fuzzer imo), and Audit the code with Klocwork (the only source code scanner I could get my hands on)

    For Closed Source:
    Fuzz it with Spikee
    Reverse it with either Hexrays or Modelio then audit it with Klocwork,
    Reversng from ASM to C (albeit crappy C) is very easy and for the most part is close enough to the original intent to run it through an auditor.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •