I have been reading the posts over the past few weeks, and am wondering how the heck you guy discover these vulnerabilities. Granted, I am still very new to the IS world, but I cannot begin to understand how you discover weaknesses. After reading these posts, the explanation always makes since, but are you guys actively seeking weaknesses, or just happen to come across them?
Learn how things are *supposed* to work (for example, write your own webserver in C), then intentionally throw broken requests at it. Eventually you'll find a result you *didn't* expect, and that's what you should investigate. Knowing *what* is broken is never as important as *why*.
As mentioned by another, learning to dream in C, and understanding asm go a *long* way.
Oh .. and one more note .. practice on your own stuff. It's easy to get arrested in the process of learning if you're not careful. When you get good at it, play nice and adhere to the rules of "responsible disclosure" (search the archives for lengthy threads on this seperate issue)
/mike. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/