hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Challenge
GovernmentSecurity.org > System Security > Beginners Section
the one
Dec 7 2003, 10:20 PM
I'm new to this so forgive me if it's been done... but i know one problem for me is once i have completed a port scan it takes a while to find the correct exploit and compile it...

So I was thinking... It would be a great idea to add the ability to go to the exploit source relevant to the open port in a port scanner... Anyone up for writing this prog?

One
Hag4r
Dec 7 2003, 11:09 PM
i have seen a program /project like that, but i forgot the name.
And it was only for linux..
but if i remember it, ill let you know smile.gif

but a program like that is really making life easy lol
coder
Dec 7 2003, 11:57 PM
1st off, it would have to be more than a port scanner, something like Banner Grabber would be more like it, and then you would also have to code in each exploit into the prog, as many exploits are written in different languages/structues i see this being a problem. but it wouldn't be hard to code in a banner scanner with several exploits to run if they find certain services on that were vuln.

now, it's almost starting to sound like a worm, in fact the only step now would be for it to download itself and scan more, etc...

basically what i'm saying is that your idea is feasable (and has been done before) but i'm not sure you want to go spreadingf code like that all over the place smile.gif
dissolutions
Dec 8 2003, 02:32 AM
Humans and technology, eventually it'll all catch up and there won't be either biggrin.gif
vnet576
Dec 8 2003, 02:38 AM
Not really hard I should think..kaht 1 and kaht 2 were done...use their infrastructure with other exploits...and you got a program that does that.
Blackknight
Dec 8 2003, 07:05 AM
just think about what ur all saying
nessus, languard etc.. all do this they scan the ports and check there databases for common and not so common exploits and attempt to bypass them.. and give u warnings etc and have built in password crackers how about instead of doing that just use nmap and your brain.. and don't bother even thinking about doing shit like that because you will get busted if thats your mentality ph34r.gif
the one
Dec 8 2003, 04:33 PM
I'm not saying it's possible or easy to do I'm just really thinking out loud... and for this sort of idea to be put into action i needed to think outloud infront of the right people smile.gif
Tx_
Dec 17 2003, 02:03 PM
wink.gif ....
SkyRaVeR
Dec 18 2003, 07:05 AM
Hmm - it's not that easy.. you gotta find recent, working good xploits,,, btw. only attacking win servers suck wink.gif expand your prog with a *nix version biggrin.gif
Anyway.. worms suck! they kill xploits like lovesan killed rpc xploit sad.gif
rastis_monkey
Dec 19 2003, 05:01 AM
ty for info....
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.