Most of them are discovered by people playing around with objdump, digging
through the assembly code and looking for oddities, then the exploits are
generally developed with the metasploit library. You really have to be
able to read 64-bit assembly to do this.
If you really want to know how a lot of exploits are found and developed,
there's a great book out there called "hacking the art of exploitation" by
Jon Erikson.
As for why they're coming at us faster, I blame android for making Linux a
more tempting target.
On Thu, Jan 29, 2015 at 7:30 AM, Keith Smith <
techlists@phpcoderusa.com>
wrote:
>
> Seems these vulnerabilities are coming at us at a faster rate... or maybe
> I am just paying more attention. I wonder how they find these.
>
>
>
> On 2015-01-28 09:21, Lyle Tuttle wrote:
>
>> https://gigaom.com/2015/01/28/severe-ghost-flaw-leaves-
>> linux-systems-vulnerable-to-takeover/
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
> --
> Keith Smith
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
--
Todd Millecam
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)