What is an Exploit?
Well to explain this simply, a Exploit is a program that 'exploits' a bugin a specific software. All exploits are different, they do different thingsexploit different bugs, thats why exploits are allways program specific.Exploits are made to get root on different operating systems. They achive this by exploiting a bug in software when the software is running as root.In UNIX type OS's, software may have to run as root ( or UID 0 ) in order toperform a specific task that cannot be performed as another user. So basicallythe exploit crashes the software while running as root to give you the beautifulroot prompt.
How do I use a exploit?
Since exploits are coded in C 99% of the time, you need a shell on the box you are going to use the exploit on, OR, you need to be running the same OS as the box you are attempting to hack. So basically, you need to put the source code, or the binary in your shell accounts dir, ( you want to use a hacked, or a shell not yours for this :) ) to put it on your shell, you can ftp to your account and upload it that way, or you can use rz if you are using a dialup shell. Either way, i shouldnt have to explain those to things to much, its pretty easy.
Once you have the exploit on the box you just need to compile it. Usually you would compile the exploit like so; blah:~/$gcc exploit.c that should compile your exploit. However, be aware that some exploit coders are sneaky pests, and like to pick on people who dont know C, so they will sometimes insert bugs into the exploit, thus uninabiling it to be compiled. So it does help to know C, when playing with C :)
After the compiling is done, you should beable to just run the exploit and its work will be done when you see the root prompt. however, not all exploits are the same, and might require different commandlines to get them to work.
ليست هناك تعليقات:
إرسال تعليق