Exploit code

Started by syklops, March 29, 2006, 07:34:39 AM

Previous topic - Next topic
March 29, 2006, 07:34:39 AM Last Edit: March 29, 2006, 07:35:11 AM by syklops
In the past few weeks I have been playing with some of the famous exploits, but as I tend to only download the source, it has amazed me how many are posted wrong. With some its because they used a certain editor, and when they converted it to HTML, the lines got truncated causing syntax errors. One example was the jill source code for exploiting the printer overflow in IIS5. I spent hours reformatting it, moving function positioning, etc to get it to compile. I dont know is this on purpose by the author to prevent any scr1pt kidd13 from using it, or just a mistake. I am now endeavouring to pick some of the sploits that the code does not work for, fix it, and post it here. If anyone has source code that is not working, written in c, give me a shout.

You have to remember those sites that post code are not always the author.

Out of curiosity, would you post an example site you got the code from so I can see what you mean ? I was under the impression that that kind of thing is rarely hard to fix ...

I do believe some authors put mistakes in (something tells me that daemon9 put mistakes into the syn flood code he released in phrack), as an example of the other possibility you mentioned (which is a good thing in my opinion, since too many assholes would be tempted to use it otherwise).

"My Terminal is my Soul"

http://personal.telefonica.terra.es/web/alexb/e/jill.c

it probably wasnt difficult to fix but as you will read from one of my other posts, im just barely finished hello world in c. I have had some success fixing code for people. In c, and other languages. Including PHP which I dont even know. I seem to have a knack for it.

ANd i really like doing it.

No worries, was just curious :)

It's probably a good exercise anyway, and you can learn about how the specific code/exploit works.

I'll check the link out later if I can get a chance. I know I know that exploit from somewhere... but I can't remember what it is or why.
"My Terminal is my Soul"

SMF spam blocked by CleanTalk