exploit
exploit : invalid inputexploit code : program to input invalid value
exploit-db.com : a web page which has many exploit codes
port scan
send TCP SYN packetresponse SYN/ACK → open
response RST or no reaction → close
Get version information
/* Open SSH */ $ telnet 127.0.0.1 22 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1 /* Apache */ $telnet 127.0.0.1 80
nmap comand
sudo nmap -sSVC -0 127.0.0.1-sS : SYN scan
-sV : Research service and version
-sC: Research detail info with service
Use custom script (LUA)
-O: Assume OS