R3X, resources and what else?

No explicit questions like "how do I hack xxx.com" please!
Locked
User avatar
etirini18
Newbie
Newbie
Posts: 2
Joined: 15 Jul 2005, 16:00
15

R3X, resources and what else?

Post by etirini18 »

Hello friends, my name is etirini and I wanted to thank for your downloads, these have really helped me when trying to understand some things... but there is something that I still don't know:
I'm using a program called R3X (It scans an IP range to show the PC's which have shared folders) well...I find them and I can use those folders as if those were mine. But the thing I want to know is that if there is another program to find bugs or things to exploit in those computers....
thanks a lot for your answers...
Etirini18

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11566
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Hey etirini...:wink:
A pretty comfy way to scan for vulnerabilities is GFI Languard, the program scans for missing patches too for example. But the success depends on the target computer, a well configured firewall will block all requests, but that´s the same with every scanning program.
You can get it here:
http://www.gfi.com/downloads/downloads. ... NSS&lid=en
key should be no problem.... :wink:

User avatar
etirini18
Newbie
Newbie
Posts: 2
Joined: 15 Jul 2005, 16:00
15

thanks a lot

Post by etirini18 »

well I'v already downloaded the software you posted. Thanks a lot for your help. But I'd be needing one more thing.....do you know where I can find the ways to exploit something (I mean...I find X (any) bug WHAT should I do with this bug HOW do I know how to exploit it...)
Thanks a lot...
etirini18

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11566
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

Exploiting a bug depends on two things: Luck and your knowledge of the programming language, no program will/can do this work for you.
I mean, if a program should be able to find an exploit the security leak must already be documented so it can be identified by the program,right?
So you can only use known exploits with programs like Metasploit or exploit a bug by "simply" testing and trying....

Here´s a funny bug for example:

Code: Select all

<img src="picture.jpg" width="9999999" height="9999999">
Causes a bluescreen on IE,Firefox, Mozilla and Netscape under XP SP2.

What I want you to show with this example is that a bug don´t mean automatically that it can be exploited too... :wink:

Locked