This page has been robot translated, sorry for typos if any. Original content here.

What is an exploit and what does it eat?

Many people are interested in the question: “What is an exploit ?”
In this article I will try to give the most detailed answer to it. So:

Types of exploits
- An exploit may be a single file, which must be either immediately launched or pre-compiled.
- An exploit can be an archive, often with the extensions .tar or .tar.gz, because most of them are written under UNIX systems. In these archives can be anything:
* same .pl files
* script or source code in C, Java? etc
* just a description of the "trick"
* etc

Action algorithm
* Scan the host (preferably scan using nmap)
* We look at open ports and what is hanging on them
* Telnet to open ports and find out the versions of demons
* Find a leaky demon
* We are looking for an exploit
* We send it to the shell account in line
* Compile it
* Run the exploit

Exploit search
Suppose we have learned that some kind of demon is full of holes. Urgently run into bugtrack's and vulnerability archives and find an exploit.
We are looking for either in the version of the daemon or in the version of the operating system.

shell-account
Options:
1. You have a shell (not considered - go to the next heading)
2. You do not have a shell and you want to fuck it

Actions:
- You can use the free shell (but they have disabled many of the necessary things :) )

3. You have your own UNIX (go to the next heading)

Compilation
Suppose we have found the necessary sploit on C. Most exploits are written in this programming language.

gcc file.c -o file - Compile the C code and get the binary file on exit.
If you have an archive, then open: tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
may have to read the Readme File before installation if this is a specific exploit.

Launch exploit
If an exploit on Perl, then to run the command is used

perl exploit.pl [parameters|flags]
Если эксплоит на C, то
$./sploit [parameters]
perl exploit.pl [parameters|flags]
Если эксплоит на C, то
$./sploit [parameters]
Each exploit implies the insertion of its own parameters, the purpose of which is usually reported by the perl exploit.pl [parameters|flags]
Если эксплоит на C, то
$./sploit [parameters]
at launch.

Problem on free shells
The following problems are often found on free shells:
- not enough rights
- it is not possible to connect .h libraries (which use all exploits)

The appearance of these problems is not surprising. If the administrators allowed all the functions of the shell, then it would not be a free service for exploring the UNIX system but a springboard for massive attacks on the servers. I hope now you will have no problems with this.

A few explanations:

1. What is a shell?
Literally, the shell translates as "shell". This is a program that accepts user commands from the command line, converts them into a form that is understandable for the operating system, and displays the answer of the operating system in a form that the user can understand. :) . Another name for the shell is the command interpreter. Here are some of the most usable shells: bash, sh, csh, tcsh, psh. They differ in that each shell has its own language for writing scripts (for related shells they are almost the same, like in bash and sh).
They also differ in functionality: some allow you to edit the appearance of the command line. Almost every shell has its own built-in variables. If you don't know what your shell is, enter the echo $ SHELL command. If you want to change your default shell, enter the chsh command.

2. What is a daemon?
A daemon is a program that runs in the background (background) and does not have a control terminal. Resident, in short: 0).