Saturday, May 18, 2013
Fast look at the process of doing xploits
OK first this is not a total course of writing xploits its more like what i have learn by digging some over google and other, getting some books and some descriptions over the internet so here are my thoughts.
first i have seen that almost all of xploits are totally targeted i mean and xploit its for one exact situation i mean the xploit its for some software that was build with one OS and in one kind of processor so you need to know how the things go deeply inside the computer and basically over the processor this mean
YOU HAVE TO LEARN ASSEMBLER, for this YOU HAVE TO LEARN BASIC FOR THE PROCESSORS FAMILIES so YOU HAVE TO LEARN IA-32 which its the one blue print for Intel and AMD too as they are not related AMD take the INTEL blue print and then produce their own PROCESSOR so its some differences on both by this learning assembler for Intel will not be the same instructions for AMD or any other, the other part its that YOU HAVE TO LEARN OS where u are doing this the same apply its not the same to develop xploits for WINDOWS than doing it for UNIX, Linux or any other so LEARN OPERATIVE SYSTEMS how much THE MORE THE BETTER.
ok at this point u want to continue, well well what can i say u have no life so lets keep moving, one u know what that heck its all of this OS IA-32, ASM, and OS then u have to learn some of debugging and we have a lot of choices around there but there are 4 TOP debuggers first two DBG and OllyDBG are some of the more old ones and there are a lot of information over the internet that will help u to understand the wander full path to the debugging tools and the newest are WinDBG from windows and immunity debugger but of course as there are a lot of people who doesn't have a life there is a lot of info too in learning who to use it, ok so we have the PC architecture, the language, the System and the debugger but guess what its very useful to do some reverse engineering to find out how to debug and what to debug and then u can take a close look at malware analyzes so this can give u a very good idea how can u place your code to work for u and that there are going to be difficult to detect u, and then of course y have to learn the technics that are often used like buffer overflows, heap spray and many other, one last point its that u really need to learn the programming language that the program that u want to xploit was build, how long will all of these take of your time that answer only belongs to u, u are the only one that can answer how much time u have to dedicate to this, and if u are good to do it or just like me an eternal dummy.