http://www.smashthestack.org Smash The Stack en http://backend.userland.com/rss http://www.smashthestack.org/viewtopic.php?pid=1307#1307 1307@http://www.smashthestack.org Topic: ScreenCasts Message: Hey s0ttle, I've made a screencast on doing a basic buffer overflow with Blowfish.bound to be some wrong info there and cock-ups as I am still crap :pbut I guess we all start somewhere!Hope this helps someone :D Tue, 07 Sep 2010 10:25:42 -0400 http://www.smashthestack.org/viewtopic.php?pid=1306#1306 1306@http://www.smashthestack.org Topic: Tools for finding kernel version? Message: have a doubt ,how can i grab kernel version of a linux server?what tool and methods i should use to grab the kernel version of the linux server?If u know any thing about grabbing kernel methods based on errors and tools,please feel free to help me...NOTE:please don't say nmap,i already tried it tons of time,it is giving me inaccurate results,i am looking for a tool to provide me some kind of accurate results... Tue, 07 Sep 2010 10:08:22 -0400 http://www.smashthestack.org/viewtopic.php?pid=1304#1304 1304@http://www.smashthestack.org Topic: level3 password expired? Message: I am the getting the same message on mostly all the levels. The only levels that still accept their passwords are levels 2, 8, and 10. I tried everything up through level 12 and they just say the password has expired. Mon, 06 Sep 2010 11:46:13 -0400 http://www.smashthestack.org/viewtopic.php?pid=1303#1303 1303@http://www.smashthestack.org Topic: enumerating services on filtered ports? Message: I just port scanned some targets with nmap ,but i seen many ports are filtered,on some targets nmap finds and tell me the services on filtered ports,but on some secured targets it cant find the services running on filtered ports,what should i do to find the services running on filtered ports?also will the exploits works through filtered ports?will it cause any problems?Looking for some ideas... Sun, 05 Sep 2010 09:15:58 -0400 http://www.smashthestack.org/viewtopic.php?pid=1302#1302 1302@http://www.smashthestack.org Topic: How to recognize a honey-pot ? Message: this is for sure a fake information,linux never use the 3389 tcp-port. Sat, 04 Sep 2010 23:07:11 -0400 http://www.smashthestack.org/viewtopic.php?pid=1301#1301 1301@http://www.smashthestack.org Topic: How to recognize a honey-pot ? Message: I have been studying about a target,I am suspecting they may have honey-pots,How can i confirm my traget is running a specific O/S?I Already did nmap scans and got an result for O/S finger printing and got some services on the open portsbut here are my questions1)I have found some list of services being running on the web-server,before proceeding to next step i want to confirm the services are really running on them,because I have heared that honey-pots can be configured to give fake finger printing and services result..So how can i confirm the service is really running on the specified port?'2)Nmap scans says me it is running linux server,but i found these services running on their server,which looks suspicious for me.. Code:139/tcp filtered netbios-ssn 1025/tcp open NFS-or-IIS 3389/tcp open ms-term-serv Does a normal linux web-server run the above services?Because it looks suspicious to me,If i am wrong please correct meSo can any 1 tell me how can i over come this?looking for some advice to recognize the server has honey-pot or not...?'hope i will find some help here... Sat, 04 Sep 2010 07:59:06 -0400 http://www.smashthestack.org/viewtopic.php?pid=1300#1300 1300@http://www.smashthestack.org Topic: level3 password expired? Message: While logging to level3, I get the following message : Code:WARNING: Your password has expired. You must change your password now and login again! passwd: Permission denied Connection to blowfish.smashthestack.org closed. Fri, 03 Sep 2010 14:26:03 -0400 http://www.smashthestack.org/viewtopic.php?pid=1299#1299 1299@http://www.smashthestack.org Topic: writing exploits in C Message: hi fellows,i would like to play the IO, BlowFish, Tux challenges and i know those challenges need a good understanding of C programming language.but, i'm lost in what resource to use to be a professional in C especially when it comes in writing exploits.so is The C programming language by kernighan enough and sufficient to acheive this goal?or i should use another book/website beside it !!thanks in advance, Thu, 26 Aug 2010 07:45:29 -0400 http://www.smashthestack.org/viewtopic.php?pid=1298#1298 1298@http://www.smashthestack.org Topic: writing exploits in C Message: shellcode? shellcode just an asm code which used as a string in the C code?my concern is in C and not related to shellcode/payload Mon, 23 Aug 2010 21:56:56 -0400 http://www.smashthestack.org/viewtopic.php?pid=1297#1297 1297@http://www.smashthestack.org Topic: writing exploits in C Message: Try searching shellcode. I'm not sure but I don't think you write exploits explicitly in C or maybe its more common to use a combination of shellcode and C. The syngress book Buffer Overflow Attacks Detect Exploit Prevent is helpful too. You can find free downloads easily. Mon, 23 Aug 2010 09:34:48 -0400 http://www.smashthestack.org/viewtopic.php?pid=1296#1296 1296@http://www.smashthestack.org Topic: writing exploits in C Message: it help you in learning C basics?but have you ever write exploits in C using only Beej Guide? Mon, 23 Aug 2010 08:08:25 -0400 http://www.smashthestack.org/viewtopic.php?pid=1295#1295 1295@http://www.smashthestack.org Topic: writing exploits in C Message: http://beej.us/guide/bgc/That site helped me. Mon, 23 Aug 2010 06:06:58 -0400 http://www.smashthestack.org/viewtopic.php?pid=1294#1294 1294@http://www.smashthestack.org Topic: Method Not Implemented Message: I don`t have it, I also wait fot it. And my authorities of Transcription Companies also is waiting. Sun, 22 Aug 2010 16:15:13 -0400 http://www.smashthestack.org/viewtopic.php?pid=1293#1293 1293@http://www.smashthestack.org Topic: Asus EEE Message: My mother has ASUS, but she uses it mainly for the work on research papers, and you don`t  need much power for it. But she likes it. Sun, 22 Aug 2010 16:13:00 -0400 http://www.smashthestack.org/viewtopic.php?pid=1292#1292 1292@http://www.smashthestack.org Topic: Hmm, a bit on STS's History? Message: Thank you for the interesting information, goos base for my research paper on history! Sun, 22 Aug 2010 16:10:16 -0400