I'm doing an academic work where I have to find vulnerabilities in CentOS and show how to take advantage of those same vulnerabilities.
I'm no hacker and I'm finding this task to be of great difficulty, that is, I see all the security alerts and their descriptions but no explanation of how to take advantage.
Maybe I'm being a little naive but all I want to know is if there is any tool I can use to show that CentOS 5.0 vulnerability XPTO exists and to show it "working".
If possible something like CVE-2007-0001 exploit tool, CVE-2007-0002 payload and so on.
Thanks.
script kiddies swear by metasploit
For locating vulnerabilities, I tend to prefer the more classic approach by default. Bugtraq and announcement lists for the particular software. Change logs, et cetera. Scanners such as OpenVAS can be used for automated verification and testing.
With verifying the scope of impact, it depends on the vulnerability. When attempting to verify scope of impact, often I seek out the initial release and any vendor specific releases for the vulnerability in question. At that point, depending upon the nature of the vulnerability, I would be able to verify by manual action or writing my own script.
If full disclosure, sometimes proof of concept code is provided with the initial report. If not, I would search the Internet and common resources such as Bugtraq and Packet Storm Security.
You are going to find it difficult to find professionals to walk you through exploiting a vulnerability due to the dubious nature of the request. Most vulnerabilities do not require a high level of technical skill to take advantage of.