3

Do industry pros have VM's or various workstations setup to go through known exploits after they've been patched or is that less beneficial for learning than i'm imagining?

I'm thinking, how can you understand the buffer overflow attack, or another vulnerability, for such and such an application if you've never done it firsthand?

If this isn't the case how is knowledge effectively disseminated or learned?

Furthermore, are there repositories that detail exploits from point A to point B or are we generally expected to fill in the blanks?

inbinder
  • 155
  • 5
  • 2
    Everyone learns differently. Personally I've set up VMs and have exploited them for practice, as well as just other computers I've got laying around the house. Now and then I'll get someone who wants me to test their system and I'll find vulnerabilities there. But as for learning, you've got to find what best suits you. There are documents and free lessons all over the internet for this kind of stuff – xorist Apr 06 '16 at 18:50
  • 1
    "...or is that less beneficial for learning than i'm imagining?" No you're not wrong. There's always a lot to learn from trying out past (though still somewhat relevant) exploits first hand. Quite often, newer exploits are built off of or inspired by older exploits, so learning about how old ones work at both a high level and at a very specific level can be very insightful and useful later on. Similarly, if an exploit so new and different from anything prior, it's important to learn how it works so that future derivatives can be more easily identified and (potentially) more easily mitigated. – WorseDoughnut Apr 06 '16 at 18:54

2 Answers2

1

Yes, and no. Some developers will diff windows patches to find or discover vulnerabilities, or to corroborate public CVE information.

Most people I would imagine follow the "follow exploit tutorials/understand -> recreate exploit without help -> performing fuzzing/exploit dev on their own.

There are popular courses that teach exploit development using public exploits from the ground up.

Robert_Musser
  • 26
  • 1
1

Do industry pros have VM's or various workstations.

Both: VirtualBox lets you install various OS's at various stages of patchiness; otherwise set up a test lab of 2 or more physical, unpatched PC's to implement and analyze patched vulnerabilities. Commercial software is available like Sandboxie.

how can you understand the buffer overflow attack

Check out "Joseph McCray - Exploit Dev Night School Day 2" on YouTube for a detailed walkthrough of a kinda textbook overflow.

how is knowledge effectively disseminated or learned

Talks from DefCon, BlackHat, BSides and many, many more are published on YouTube. Also check Twitter for some really kind & informative people in the InfoSec community.

are there repositories that detail exploits

There are PoC's on Exploit-DB with actual source code and daily updates on SecLists Full Disclosure site. (sorry not hot-linking, just right-click and search)

morbip
  • 11
  • 2