______________________________________________________________________________________ http://astalavista.com/archive/ --- by the F-o-X ______________________________________________________________________________________ * THIS ARTICLE IS A SIMPLE TEXT FILE, PLEASE MAXIMIZE THE WINDOW FOR BEST QUALITY * о----------------------------------------------------------------------о о How to use use the well-known exploits - short tutorial by the F-o-X о о----------------------------------------------------------------------о Okay, so first of all, let's suppose you were scanning this network "blabla.ac.jp", using "mscan","admscan", or something a little bit more pro like "nessus"\"nmap". let's suppose it told you that the imap deamon is exploitable, so what do you do?? let's go step by step: * Get the exploit * Send it to your shell account\copy it to your linux box * Compile it * Exploit the damn box - Step 1 - Getting the exploit - оооооооооооооооооооооооооооооооо That's easy.. Just look in some h\p\c site or exploit archive sites(bugtraq\packet\rootshell, ect). You need to look for the exact exploit with the version you need. So you're looking for the imap version on "blabla.ac.jp", and you search for it. sites I usually use: http://packetstorm.securify.com http://www.rootshell.com - Step 2 - Sending\Copying it - ооооооооооооооооооооооооооооооо Well, if you don't have a shell, then I'm sure there are articles for you to look into so you'll get yours, anyway , you can always try a free shell account(like cyberspace). So telnet you shell account, and in the same time ftp it, then send the exploit to your home directory. If you own a box then I guess you know how to mount your FAT partition and "cp" the file to you linux native partition(if you don't know then email me or join #linux). sites I know that supply free shell accounts: http://www.shellyeah.org http://www.cyberspace.org http://www.freeshells.net note: If you want a linux for windows(or a little linux dist. like ZipSlack) then try ftping cdrom.com, or surfing into http://www.armed.org. - Step 3 - Compiling the source - ооооооооооооооооооооооооооооооооо Okay, so you got the .c(usually c) source code, all you usually have to do is getting into your shell account and typing "gcc [name of source].c", and then executing "./a.out". if you got problems, then either you are lack of rights in your shell, or maybe you're just lack of .h libraries or anything else. That's for the .c file, if you got a .tgz , then it's a package,just type "tar -xvzf [name of file]".tgz, then "cd" then directory, type(usually) "./configure", then type "make" , then "make install" , that's for packages , if it wont work , then try to look for an "INSTALL" or "README" file(to read it type "pico [file to read",ex-"pico README"). If it's neither .c nor .tgz , then it might be a perl script(.pl) , all you have to do in this case is typing "perl [name of file]", example , if the script name is "imapd.pl", then you ought to write "perl imapd.pl". - Step 4 - Exploiting the box - ооооооооооооооооооооооооооооооооо Well..nothing left to say, now you need to run it, again , "perl .pl file" , "./a.out" , or any other file you need to execute, then I suppose you need to type as a parameter the name of the machine\box(IP ADRESS\HOSTNAME). Good luck, F-o-X. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _______________ ____ ______ / /\ /\ \ / / / / ___________/ / \ \ \ / / / / /___________\/ \ \ \ / / / / / / _________ \ \ \ / / / / / /_______ / _____ /\ \ \ \ / / / /_________/\ / / / / / \ \ / / / _________\/ / / / / / / / \ / / / / /____/ / / / / /\ \ / / / /________/ / / / /\ \ \ / / / \________\/ / / / \ \ \ /___/ / / / / \ \ \ \___\/ \/____/ \_\___\ F-o-X , FoXeS@ThePentagon.Com . -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-