Making a system/program vulnerable to exploits [closed]
https://stackoverflow.com/questions/4899617
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have been looking quite a bit into exploiting recently. I have been googling alot and i managed to find DVL (Damn Vulnerable Linux) and Metasploitable but for some reason the exploits i scan them to have (with Nessus) do not really work. So now i have decided to try on a smaller scale.. I was wondering if anyone knows how to write a vulnerable program for Windows (potentially buffer overflow prone?) in maybe C or even ruby (im not sure about this one since it is an interpreted language) that can be exploited in ruby or python?
Any input would be greatly appreciated regarding this "project" :-)
Thanks in advance,
Phil Baker
Solution
In Ruby an easy way to make a system vulnerable is by running text input from users in an eval.
bad_code = "system('rm -rf /users')"
eval(bad_code)
OTHER TIPS
One that I like alot:
%0|%0
It just hangs up system, and then you need to restart :)
Here you go an Python code bit for it:
os.system('%0|%0')
It also works on linux:
os.system(':(){ :|:& };:')
Oh, also there another alternative, that works on both OS'es:
import os
while True:
os.fork()
