Guide to compile Exploits

An exploit is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized).This frequently includes such things as violently gaining control of a   computer system or allowing privilege escalation or a denial of service attack.A ' remote exploit ' works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A ' local exploit ' requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.Exploit is a code built in C, VB or other language etc that takes advantage of an open port or a vulnerability.This guide will teach you how to compile an exploit in cygwin.
In the following steps I will show you how to compile an exploit using a port 5000 exploit, but you can do the same for other ports just download their exploit from:
  • Google.com
  • Securiteam.com
  • K-otik.com
  • Astalavista.box.sk
  • Coromputer.net
  • Securityfocus.com
(Search the exploit as: \"Exploit for PORT NUMBER\")
Step 1
Download port 5000 exploit, usually the exploits come as .txt and you need to change them to .c
Download: http://planet.nana.co.il/progroup/exploits/5000e.zip
After downloading and extracting the port 5000 Exploit we need to compile it (covert it to .exe), In order to compile the exploit we need the \"Cygwin\" program.
Download: http://sources.redhat.com/cygwin/setup.exe
Step 2
Open the Cygwin setup.exe and install it by the following pictures:
How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN

How to compile Exploits using CYGWIN
Step 3
After installing the program we need to compile the exploit, place the 5000.c exploit in C:\\cygwin\\bin then run the command line from
Start -> Run -> cmd
in the command prompt type:
CD c:\\cygwin\\bin
gcc 5000.c -o 5000.exe
(CD = Open)
Or follow the picture:
How to compile Exploits using CYGWIN
Step 4
After we finshed to compiled the exploit we can use it! =) . In order to connect the the victims computer that has port 5000 open in this case..
Open the command line by
Start –> Run
then type:
CD c:\\cygwin\\bin
5000.exe XXX.XXX.XXX.XXX –e
(XXX.XXX.XXX.XXX = Victim\'s IP address)
Or follow by the picture:
How to compile Exploits using CYGWIN
and congrats..You are connected !!!

NOTE -
  • For C and C++ under windows use Bloodshed or another windows compiler.
  • For C under linux use gcc. gcc -o exploit.c exploit
  • For perl for windows go download active perl and usage is: perl exploit.pl
  • For perl under linux use: perl exploit.pl
  • For .sh under linux use: source exploit.sh

WARNING / DISCLAIMER / Whatever You think -
Compromising security and hacking are illegal in many countries.Use the above knowledge at your on risk.In short,keep it low.
Or you can read this article - Things you should not do - (Saving ur Ass from FBI)

Cheers and Keep Learning.

Posted by XERO . DARKTRX .ALL RIGHTS RESERVED .

2 comments:

  1. Every time I try to connect to an IP it waits a few seconds and then it says the connection has timed out. How do I fix this?

    ReplyDelete
  2. Hi, please upload the 5000.c file to mediafire or something , tnx.

    ReplyDelete

Need to say something ? Spell it out :)