Rooting a box

[b0whunter]

I have to agree with the others about your big knowledge in C and Linux and I don't mean any disrespect. Can you build or modify a linux kernel? Do you know assembly? To fully make use of C, you need to understand what happens at the lower level as well.

I suggest you start with "professional assembly language" by R. Blum. Then start over "The C language" by k&R. Then you will have a good base for books like "the art of exploitation". Although I didn't really like it, the Shellcoder's handbook is much better IMHO.

Then you will not need to ask general questions like this.. HTH and dont rush through the books! Its a common mistake.

[youpi]

I'm not getting flamed and I think you're quite right in what you say


I already built my own linux kernels on gentoo and at some point I was writing some easy kernel modules, done some unix programming with threads/semaphores/dbus interaction.
Kernighan & Richtie's book is the first on I read in fact.


I came across some good sites in the past few days, mainly corelan.be, krebsonsecurity and pentesteracademy (I follow the plan of their course but learn from different websites) and I now realise mass exploitation of servers can't be done anymore. Or will at least be different than what I'd have thought.
It used to be a time where you could just google d0rk and easily find targets to root or hundreds of easy SQL injections to upload your shell but those times are over as it seems.


For the moment I'm reading [size=78%]https://docs.google.com/file/d/0B-F3NpsEIXCYcDZaUXhfdXlFM1k/edit[/size] "Python - A cookbook for pentesters, hackers and forensic analysts" which is quite good.
I also know that I'll _for sure_ need to learn assembly but I really can't be arsed at the moment I'll just begin with simpler / high level things such as SQLi injection, Javascript, Python, using Nmap / Metasploit correctly and stuff.

[bluechill]

I'm not getting flamed and I think you're quite right in what you say


I already built my own linux kernels on gentoo and at some point I was writing some easy kernel modules, done some unix programming with threads/semaphores/dbus interaction.
Kernighan & Richtie's book is the first on I read in fact.


I came across some good sites in the past few days, mainly corelan.be, krebsonsecurity and pentesteracademy (I follow the plan of their course but learn from different websites) and I now realise mass exploitation of servers can't be done anymore. Or will at least be different than what I'd have thought.
It used to be a time where you could just google d0rk and easily find targets to root or hundreds of easy SQL injections to upload your shell but those times are over as it seems.


For the moment I'm reading [size=78%]https://docs.google.com/file/d/0B-F3NpsEIXCYcDZaUXhfdXlFM1k/edit[/size] "Python - A cookbook for pentesters, hackers and forensic analysts" which is quite good.
I also know that I'll _for sure_ need to learn assembly but I really can't be arsed at the moment I'll just begin with simpler / high level things such as SQLi injection, Javascript, Python, using Nmap / Metasploit correctly and stuff.

1) You still can root hundreds upon thousands of servers it's just harder.  How do you think botnets still exist?
2) You can still find hundreds of easy SQL injections you just have to be crafty in how you.... craft your google queries.

Also don't use NMap or Metasploit! Make your own versions so you truly understand what you are doing when you use those tools, once you've done that, then you'll no longer be considered a script kiddie.

[Recon]

Also don't use NMap or Metasploit! Make your own versions so you truly understand what you are doing when you use those tools, once you've done that, then you'll no longer be considered a script kiddie.

Have a cookie, bluechill. Well said.

[b0whunter]

I really enjoyed Violent python , great way to learn the language, by making tools rather than boring games lol


But I will still say this, do yourself a favor and start with assembly! I wish I did. And remember when you know how something was built, its always faster to tear it down than build it, no matter how many new security features are implemented.


Start by loading up some old OSs on virtualbox, look for some vulnerabilities online, without checking the exploit codes, so you have a starting point but not the complete answer.


[Edit]
Check out this book, an easy introduction to assembly, makes it look easier than learnin Basic on Dos: http://www.amazon.ca/Professional-Assembly-Language-Richard-Blum/dp/0764579010
[/Edit]