How is it done?
Posted: 07 Oct 2005, 12:42
I don't want a step by step... just theorically, how is getting into a system is done?
I mean, OK you got an ip adress and then the guys has some open port. Then someone google some exploit on these port and then what? I read books and they all skip this part.
I'm not really clear, why when you run an exploit it give you control of the box? As an exemple, how an exploit could give you right to do arbitrary code? How you do arbitrary code?
Is it like:
#include <iostream>
using namespace std;
int main()
{
int pwd;
if ( pwd ==2)
{
cout<< "YAY";
}
return 0;
}
and then the user would type somthing like: ==2)//
// as comment
and then he can do whatever like: ==2){ cout << "I OWN YOU";} return 0;} /*
/* all comments
If you don't get what I mean just tell me and I'll try to be more specific.
I mean, OK you got an ip adress and then the guys has some open port. Then someone google some exploit on these port and then what? I read books and they all skip this part.
I'm not really clear, why when you run an exploit it give you control of the box? As an exemple, how an exploit could give you right to do arbitrary code? How you do arbitrary code?
Is it like:
#include <iostream>
using namespace std;
int main()
{
int pwd;
if ( pwd ==2)
{
cout<< "YAY";
}
return 0;
}
and then the user would type somthing like: ==2)//
// as comment
and then he can do whatever like: ==2){ cout << "I OWN YOU";} return 0;} /*
/* all comments
If you don't get what I mean just tell me and I'll try to be more specific.