Pages

compile exploits using cygwin

How to compile exploits using cygwin


|| Guide: How to compile Exploits ||

Exploit is a code built in C, VB etc.. that takes advantage of an open port.
This guide will teach you how to compile an exploit in cygwin.

In the following steps i'll show you how to compile an exploit using a port 5000 exploit, but you can do the same for other ports just download their exploit from:

- Google.com
- Securiteam.com
- K-otik.com
- Astalavista.box.sk
- Coromputer.net
- Securityfocus.com

(Search the exploit as: "Exploit for PORT NUMBER")

STEP 1: Download port 5000 exploit, usually the exploits come as .txt and you need to change them to .c

Download: http://planet.nana.co.il/progroup/exploits/5000e.zip

After downloading and extracting the port 5000 Exploit we need to compile it (covert it to .exe), In order to compile the exploit we need the "Cygwin" program.

Download: http://sources.redhat.com/cygwin/setup.exe

STEP 2: Open the Cygwin setup.exe and install it by the following pictures:

(IMG:http://planet.nana.co.il/progroup/pictures/p1_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p2_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p3_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p4_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p5_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p6_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p7_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p8_g3.JPG)

(IMG:http://planet.nana.co.il/progroup/pictures/p9_g3.JPG)

STEP 3: After installing the program we need to compile the exploit, place the 5000.c exploit in C:\cygwin\bin
then run the command line from - Start - Run - cmd/command
in the command window type:

CD c:\cygwin\bin
gcc 5000.c -o 5000.exe

(CD = Open)

Or follow by the picture:

(IMG:http://planet.nana.co.il/progroup/pictures/p10_g3.JPG)

STEP 4: After we finshed to compiled the exploit we can use it! =)
in order to connect the the victims computer that has port 5000 open in this case..
Open the command line by - Start - Run
then type:

CD c:\cygwin\bin
5000.exe XXX.XXX.XXX.XXX -e

(XXX.XXX.XXX.XXX = Victim's IP address)

Or follow by the picture:

(IMG:http://planet.nana.co.il/progroup/pictures/p11_g3.JPG)

and WALLA! your connected..


Code:
For C and C++ under windows use Bloodshed or another windows compiler. For C under linux use gcc. gcc -o exploit.c exploit For perl for windows go download active perl and usage is: perl exploit.pl For perl under linux use: perl exploit.pl For .sh under linux use: source exploit.sh

0 comments:

Blog Archive