开发者

Making a system/program vulnerable to exploits [closed]

Closed. This question is off-topic. It is not currently accepting answers.

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 12 years ago.

Improve this question 开发者_JAVA百科

I have been looking quite a bit into exploiting recently. I have been googling alot and i managed to find DVL (Damn Vulnerable Linux) and Metasploitable but for some reason the exploits i scan them to have (with Nessus) do not really work. So now i have decided to try on a smaller scale.. I was wondering if anyone knows how to write a vulnerable program for Windows (potentially buffer overflow prone?) in maybe C or even ruby (im not sure about this one since it is an interpreted language) that can be exploited in ruby or python?

Any input would be greatly appreciated regarding this "project" :-)

Thanks in advance,

Phil Baker


In Ruby an easy way to make a system vulnerable is by running text input from users in an eval.

bad_code = "system('rm -rf /users')"
eval(bad_code)


One that I like alot:

%0|%0

It just hangs up system, and then you need to restart :)

Here you go an Python code bit for it:

os.system('%0|%0')

It also works on linux:

os.system(':(){ :|:& };:')

Oh, also there another alternative, that works on both OS'es:

import os

while True:
     os.fork()
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜