____________________________________________________________
GUIDE TO (mostly) HARMLESS HACKING
Beginners' Series Number 7
The Exploit Files
____________________________________________________________
by keydet89@yahoo.com and Carolyn Meinel
How many times have you read hacker newsgroups or email lists
and seen posts that begged "teach me to hack," or asked
"how do I hack this"? It often
looks as though the person asking the question just doesn't understand
the
basics of vulnerabilities and their exploits. The purpose of
this Guide is
to explain what vulnerabilities and exploits are, and how they
relate to
computer security.
Let's start with an example. Suppose that you are trying to
sell something
by phone. So you start by calling phone numbers, and you keep
calling until
you get someone to answer, not an answering machine, but a real
live person.
Then if the person who answers the phone speaks the same language
as you and can understand you, you try to sell your product. Lots
of people will hang
up on you, but eventually, someone will buy something...bang! You've
scored!
*****************************************************************
In this Guide you will learn:
* What is a vulnerability
* What is an exploit
* How to look for vulnerabilities
*****************************************************************
So what does this have to do with 'hacking'? Look at
your dialing of phone
numbers as port scanning IP (Internet protocol) addresses on
the Internet.
Some Internet host computers won't answer. Maybe a firewall is
blocking the
ports that you're scanning. Some hosts will answer, and
at that point
maybe, just maybe, you've found a vulnerable computer.
********************************************************************
Newbie note: What are these 'ports' we are talking about? This
kind of
'port' is a number used to identify a service on an Internet
host. For
this reason they are often called 'TCP/IP' (transfer control
protocol/Internet protocol) ports, to distinguish them from other
kinds of
computer ports such as modems, ports to printers, etc. Each host
computer
connected to the Internet is identified by an IP address such
as
'victim.fooisp.com.' Since each host may have many services
running, each
service uses a different port. To contact any of these ports
across the
Internet, you use the host's IP address and port number -- it's
kind of like
dialing a phone number.
********************************************************************
Now maybe you have connected to telnet, port 23. You
get a login prompt,
but you don't know any valid username/password combinations. So
the host
"hangs up" on you. After many hours of trying,
you connect to a host on the
right port, and Shazam!! You're greeted with a login prompt,
and you quickly
guess a valid username and password combination. The next
thing you know,
you have a command prompt. You have discovered a vulnerability
-- an easily
guessed password! So being the 'white hat hacker' that you are,
you send an
email to the sysadmin of the site and leave quietly.
*****************************************************************
Newbie note: A 'host' is a computer connected to the Internet.
A 'service'
is a program that is running on a port of an Internet host. Each
service is
a program that will respond to certain commands. If you give
it the right
command, you will get it to do something for you.
More exploit files-->>
