K.H.O.

Exploit/vulnerability talk

27 posts in this topic

Since computer hacking is about "exploiting" "vulnerable holes" in computers, I thought I would bring up a topic about Exploits and vulnerabilities

So, I guess talk and post about them, I wanted to talk about Metasploit.

If you don't know what the Metasploit Project is go to http://www.metasploit.com/

I think Metasploit is a great framework, it has a big growing collection of pre written exploits and payloads, and a great way of allowing you to write and configure your own exploits or payloads within the framework. Plus It's for linux and Windows, I don't know about Mac. One last thing about it, just because a n00b can use it doesen't mean it can't be very powerful.

K.H.O.

0

Share this post


Link to post
Share on other sites

How about these new ploits?

- Mozilla Firefox <=3D 1.0.4 "Set As Wallpaper" Code Execution Exploit

http://www.frsirt.com/exploits/20050712.mf...5-47exploit.php

- Mozilla Firefox <=3D 1.0.4 "data:" URLs Remote Script injection Exploit

http://www.frsirt.com/exploits/20050712.mf...5-49exploit.php

- Mozilla Firefox <=3D 1.0.4 "IMG" Elements Code Execution Exploit

http://www.frsirt.com/exploits/20050712.mf...5-55exploit.php

0

Share this post


Link to post
Share on other sites

Thanks for posting man, I'm so suprised that this topic isen't getting tons of feedback.

By the way, interesting browser sploits, yet simple, but effective, haven't seen many mozilla ones. Still I think Mozilla is a lot more secure then Internet Explorer.

K.H.O.

0

Share this post


Link to post
Share on other sites
this is my favorite place to look for exploits they seem to be reasonably on top of the newest ones and have a very extensive backlisting of sploits
0

Share this post


Link to post
Share on other sites
this is my favorite place to look for exploits they seem to be reasonably on top of the newest ones and have a very extensive backlisting of sploits

yea, nice. Usually when I look for exploits I go to www.packetstormsecurity.com, they also have a huge database of old ones from like 1995, plus they get new ones fast too.

K.H.O.

Edited by K.H.O.
0

Share this post


Link to post
Share on other sites

www.securityfocus.com

Tons of proof of concept code. But what I like most about it is the "comentary."

-Dr^ZigMan

0

Share this post


Link to post
Share on other sites

anyone got anything on the new windoze sploit that internet storm center is talking about today?

0

Share this post


Link to post
Share on other sites

CERT is usually a good site to check out if you are interested in security that deals with the exploits you research. One thing to note though, most of these are proof of concept. You say, "yeah so" but that does not really mean that they are severe threat that some "experts" make them out to be. There is some new exploit I heard about, but I cannot remember the name. If you know anything about being a fear based society you will know that a lot of times the threat levels are scare tactics to induce people to make sure they buy the latest and greatest anti-virus. Great for businesses, but bad for consumers. Now that's not to say that there are no legitimate threats from viruses and email worms because there are. But if read a lot of the threats most of them ARE proof of concepts. Then they blame hackers for creating these "super worms" (that was actually mentioned in a story I heard about) that wreak havoc. I really only make this post to make sure that people realize some of these threats are just proof of concept and sometimes nothing more. Believe it or not, there is a lot of propaganda that goes on even with security alerts for home computer users. I have no other useful sites to give except the mentioned above to think about. Good luck in your endeavors.

--covance

0

Share this post


Link to post
Share on other sites

OMFG

I WOULD EXPECT HACKERS WOULD POST THIS POST, I BARELY GOT ANY REPLYS

0

Share this post


Link to post
Share on other sites
OMFG

I WOULD EXPECT HACKERS WOULD POST THIS POST, I BARELY GOT ANY REPLYS

Dude... Why would you expect people to post here .. most of the real hackers are off looking on thier own for a patch, or a vuln after this .. they are not looking to talk about it now .. they are getting things together to find a new hole based on the one they just patched! :grr:

Don't talk about it .. Be about it! :punk:

0

Share this post


Link to post
Share on other sites
most of the real hackers are off looking on thier own for a patch

lololololollolol ya

0

Share this post


Link to post
Share on other sites

I'm not 1337 enough to start writing my own exploits, and i don't use exploits either. I'm just really interested in how they work. :D

0

Share this post


Link to post
Share on other sites

I know this thread is suppose to be about exploits in general. But I was wondering if any one else has read an article about some guy wanting to create a back door that would use a packet sniffer and listen on a commonly open port for specific packets to remotely control of a host. Which would also by pass a regular firewall I assume. Has any one heard or read about such about this? Such a technique seemed very new to me and very creative.

0

Share this post


Link to post
Share on other sites
I know this thread is suppose to be about exploits in general. But I was wondering if any one else has read an article about some guy wanting to create a back door that would use a packet sniffer and listen on a commonly open port for specific packets to remotely control of a host. Which would also by pass a regular firewall I assume. Has any one heard or read about such about this? Such a technique seemed very new to me and very creative.

How about using ping packets with a special data section (or whatever it's called) instead of the default 'abcdefghijk...' to control the backdoor? That is a cool idea.

0

Share this post


Link to post
Share on other sites

hmm hows about that OpenSSL 0.9.7a ..... oh oops thats 0day

I better just shut my mouth now :)

0

Share this post


Link to post
Share on other sites

Favorite exploits?

Stupidity and ignorance :)

Simple, default or in some cases no password.

0

Share this post


Link to post
Share on other sites
How about using ping packets with a special data section (or whatever it's called) instead  of the default 'abcdefghijk...' to control the backdoor? That is a cool idea.

1996 called, and they want their covert channel back.

http://www.phrack.org/phrack/49/P49-06

Edited by tiocsti
0

Share this post


Link to post
Share on other sites
How about using ping packets with a special data section (or whatever it's called) instead  of the default 'abcdefghijk...' to control the backdoor? That is a cool idea.

1996 called, and they want their covert channel back.

http://www.phrack.org/phrack/49/P49-06

LMAO...well if i wasnt such a young noob,this would probably be funny...like really really funny....but even though i am..it still sounded funny.

0

Share this post


Link to post
Share on other sites

Forums aren't really the best way to discuss exploits... To all who claim n00b status and are interested in exploits, vulnerabilities, etc... Get "Hacking: The Art of Exploitation", it teaches the fundamentals and creates a solid foundation for expanding your mind / skills in Exploit R&D.

If you want to know about new vulnerabilities and exploits, learn about vulnerabilities and exploits, then get on mailing lists like bugtraq, full-disclosure, etc...

0

Share this post


Link to post
Share on other sites
OMFG

I WOULD EXPECT HACKERS WOULD POST THIS POST, I BARELY GOT ANY REPLYS

Dude... Why would you expect people to post here .. most of the real hackers are off looking on thier own for a patch, or a vuln after this .. they are not looking to talk about it now .. they are getting things together to find a new hole based on the one they just patched! :grr:

Don't talk about it .. Be about it! :punk:

talking about it helps noobs like me understand more about exploits and vulns

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now