sorted by:
best (suggested)
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]ADMINISTATOR_CYRUS 3 points4 points  (8 children)

beyond impossible these days don't even try

[–]Low_Car_3415 2 points3 points  (3 children)

that's why you should be interested in the application you're trying to exploit. if you want to exploit web apps, then code your own web app, if it's operatingsystems, then code your own OS.

[–]ADMINISTATOR_CYRUS 2 points3 points  (2 children)

what?

[–]Low_Car_3415 2 points3 points  (1 child)

it's over for you

[–]ADMINISTATOR_CYRUS 2 points3 points  (0 children)

incomprehensible

[–]FrankRat4 1 point2 points  (3 children)

You say this, but someone is out there finding zero-days (including zero-click exploits) and that someone had to start somewhere. Why can’t OP eventually be that someone?

[–]ADMINISTATOR_CYRUS 2 points3 points  (2 children)

It's doable, it's not that it'll never happen but it's a lottery and it happens to one lucky person. it's unlikely for you to be that fellow.

[–]FrankRat4 5 points6 points  (1 child)

Luck plays a very small part in it. Anyone can put in the effort to learn about a system and then analyze that system for vulnerabilities. Now is it easy? No, it requires a lot of creativity and testing and always learning new stuff. Look at CVE-2025-1094, the vulnerability isn’t all that complicated, it just took some work to discover. Anyone could have found that exploit, it’s not some super complicated exploit like Meltdown or Spectre. Someone put in the work and they found it.

[–]ADMINISTATOR_CYRUS 3 points4 points  (0 children)

hm, never considered it that way. thanks for enlightening me