Finding exploits (Where to start?)
Heylo... I'm new to to forums and I was wanting to see about finding vulnerabilites in services & what not, then making exploits for them for pen testing.
I currently have pretty good knowledge/experience in linux, some programming languages, and I'm currently taking Cisco classes so I know a lot about network layer protocols & what not.
Can anyone point me in the right direction so I can begin to learn how to do this? Like maybe reports how other people have found vulnerable/made exploits? If someone would like to mentor me that would be nice too. ^.^
Thanks for the help.
I'm a little unclear as to what you are asking. If you want to learn to find the actual bugs you need to look into fuzzing. If you want to write exploits from other peoples bugs than normally you would keep a eye on somewhere like bug traq and watch for new vulnerabilities.Originally Posted by Aarhem
Heorot.net • Index page
the scenarios here are interesting and show the basics of penetration, not sure if this is what your looking for.
patience is appreciated =]
Yeah sorry about not too clear. I've been reading all day so I'm a bit scatter-brained. >.<
But thanks for your help.
Generally if im looking for bugs in a program I will do two things.
For Open Source:
Fuzz it with Spike (the best fuzzer imo), and Audit the code with Klocwork (the only source code scanner I could get my hands on)
For Closed Source:
Fuzz it with Spikee
Reverse it with either Hexrays or Modelio then audit it with Klocwork,
Reversng from ASM to C (albeit crappy C) is very easy and for the most part is close enough to the original intent to run it through an auditor.
Posting Permissions
