This page has been robot translated, sorry for typos if any. Original content here.

What is an exploit and what does it eat with?

Many people are interested in the question: “What is an exploit ?”
In this article I will try to give the most detailed answer to it. So:

Exploit Types
- An exploit can be a single file, which must be either immediately launched or pre-compiled.
- An exploit can be an archive, most often with the extensions .tar or .tar.gz, because most of them are written under UNIX systems. In these archives can be anything:
* same .pl files
* script or source in C, Java? etc
* just a description of "trickery"
* etc

Action algorithm
* Scan the host (preferably scan using nmap)
* We look at open ports and what hangs on them
* Telenet on open ports and find out versions of daemons
* Find a holey demon
* We are looking for an exploit
* Send it to shell-account in line
* Compile it
* Run the exploit

Exploit search
Suppose we find out that some kind of demon is full of holes. We urgently run to bugtrack's and vulnerability archives and find an exploit.
We are looking for a split either by the version of the daemon or by the version of the operating system.

shell-account
Options:
1. You have a shell (not considered - go to the next heading)
2. You do not have a shell and you want to fuck it

Actions:
- You can use a free shell (however, they have disabled many necessary things :) )

3. You have your own UNIX (go to the next header)

Compilation
Suppose we find the one we need in C. The majority of exploits are written in this programming language.

gcc file.c -o file - Compile C code and get file binary on exit
If you have an archive, then expand: tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
tar -xvzf pack.tgz
cd [имя каталога]
./configure
make
make install
may need to read the Readme File before installation if it is a specific exploit.

Exploit launch
If exploited in Perl, then the command is used to start

perl exploit.pl [parameters|flags]
Если эксплоит на C, то
$./sploit [parameters]
perl exploit.pl [parameters|flags]
Если эксплоит на C, то
$./sploit [parameters]
Each exploit involves inserting its own parameters, the purpose of which is usually reported by itself at startup.

Problems on free shells
The following problems are often encountered on free shells:
- not enough rights
- it is not possible to connect .h libraries (which use all exploits)

The appearance of these problems is not surprising. If administrators allowed all the functions of the shell, then it would not be a free service for exploring the UNIX system, but a springboard for massive attacks on servers. I hope that now you will have no problems with this.

A few clarifications:

1. What is a shell?
Literally, a shell translates to "shell." This is a program that takes user commands from the command line, converts them into a form that is understandable for the operating system, and displays the response of the user in a form that is understandable to the user :) . Another name for shell is the shell. Here are some of the most usable shells: bash, sh, csh, tcsh, psh. They differ in that each shell has its own scripting language (in related shells they are almost the same as in bash and sh).
They also differ in functionality: some allow you to edit the appearance of the command line. Almost every shell has its own built-in variables. If you don’t know which shell you have, enter the command echo $ SHELL. If you want to change your default shell, enter the chsh command.

2. What is a daemon?
A daemon is a program that runs in the background and does not have a control terminal. Resident, in short: 0).