..but , I want to understand what I do , why I do it , how they did it and why I get so easly the root .

As I said it , finding a vulnerable system is easy , compiling and use the exploit is easy too.. But finding the vulnerability and writing exploit , here is the real interessant part (for me) .

So , my request is simple : Can you give me your best links to learn how to write an exploit ? I want to find THE tuts for the very very new beginner , with good explication and example . I need too your best recommandations .

My skills are very low : for developpement , I know littlely perl , just begun with C++ , good competence with PHP/Sql . I know too linux (debian actually) , know how to managing and administrating correctly and securely most server (apache , ftp , ssh etc..) .

Marve

ps:sorry for my poor poor english .

http://www.justfuckinggoogleit.com/

there are also many links on the board...
first of all it depends on which kind of vulnerability you want to exploit. the easiest (and most common) are buffer overflows. "smashing the stack for fun and profit" is of course one of the standard papers which gives you an idea of what happens when u exploit a buffer overflow.
or did you mean some other kind of vulnerability? ^^

Here is a nice little shellcode writing tutorial I came across one day whilst browsing the net.

http://www.safemode.org/files/zillion/shel..._shellcode.html

phrack.org has also very good and easy tuts

On astalavista.org are some vidz how a buffer overflow works. They show you how the exploit.. maybe usefull?

I know that we can find a lot of things on google , and I know too they're a lot of link on this boards (that why I register on it..) , but what I want is going where I want exactly , no waste of time .
So , that's why I just asked you what is (for you) the best papers for beginners (with my skills) .

I found a lot of papers wich are speaking about BoF with PoC in C.. but , If I don't know C or C++ (I am learning c++) , it's not easy for me..

So in a first time , I search papers for writing exploits with Perl and PHP .

But , btw , thanks for you answers

/edit : And want too (it's very important) know how to find the vulnerabilities..'coz without that , I can't write the exploit

http://www.governmentsecurity.org/forum/in...showtopic=13846

There are a lot of answers if you check out this thread

I have attached a tutorial wich explains the STEP-BY-STEP writing (from beginning until end) of the WarFTPD Deamon exploit (stack based) so have fun with it !!

Win32 Exploit (Warftpd Deamon) Tutorial

Greets Presnus

Indeed thats a very nice tutorial about writing exploit.

indeed this war-ftp tut is very nice. perfect start for a newbie in exploiting bofs. if u don't understand sth just ask and i will help

Thank for your help everybody

A

B

C

D



in order to construct the roof you must have a home