> Guide to (mostly) Harmless Hacking
> Vol. 5 Programmers' Series
> No. 4: How to Program in C, part 2

> programs on your target computer.  For example, in Leshka's sendmail
> exploit, the sendmail program is assumed to exist in /usr/sbin/sendmail.
> This works fine for a Linux computer.  However, on the Sun OS computer I

From Leshka's sendmail 8.7-8.8.2 exploit: "for FreeBSD, Linux and maybe
other platforms". *MAYBE* other platforms.

> 	His exploit also assumes the command to run the C compiler is "cc".
> However, your victim computer may have the GNU C compiler, and it may
> require that you give the command "gcc" instead of "cc".

A fairly safe assumption since many systems (especially linux) symlink
'cc' to 'gcc'

> 	Another problem is that sometimes hackers purposely cripple their exploit
> code in order to keep total idiots from running them.  For example, the syn
> flood exploit program written by Daemon9 and released in the fall, 1996
> issue of Phrack had a crucial line of code commented out. 

As Daemon9 told you in email (CCd to me) on 

"No, you lackwit, I told you STRAIGHT OUT that the code was:
	1) Disabled.  It has the sendto() call commented out.
	2) Crippled.  It is a weakened version of the real program.
	3) Required a hacked raw sockets interface to run."

> 	Better yet, don't write buffer overflow exploits. As my secret super hacker
> friend says, "Overflows have become annoying. Since the screen exploit for
> Linux (almost 3 years ago) that's most of what's been coming out.  It's

Since the 'splitvt' exploit for Linux you mean...

Super hacker friend not been around much?

> You can go to jail warning:  It is illegal to break into a computer even if
> you do no harm.  The only Uberhackers I know of are so talented, and also so
> careful to do no harm, that only another Uberhacker would ever know one had
> broken into a computer.  But if you are reading this to find out how to

Hypocrisy Alert! What did she say?!