[x n]

It is completely possible, although it usually involves social engineering (the real kind, not the bullshit in the section here).  You overestimate companies quite a bit too.  You'll also have better luck if you write your own exploits.

This post doesn't make any sense. You write exploits after already finding a vulnerability, I don't see how writing an exploit would better your luck or why you'd need luck after already finding a vulnerability.

The implication was that you also find the vulnerability, although even with existing vulnerabilities, it can be easier to notice if you use a common payload or exploit.

I genuinely have no idea what you just said. All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

[phyrrus9]

I genuinely have no idea what you just said.

I think that says it all.

All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

A useful vulnerability with no payload is pretty useless. If you don't understand your vulnerability very well, and the code that both created it and triggered it, you will have a 0% success rate. Simple as that.

[x n]

It is completely possible, although it usually involves social engineering (the real kind, not the bullshit in the section here).  You overestimate companies quite a bit too.  You'll also have better luck if you write your own exploits.

This post doesn't make any sense. You write exploits after already finding a vulnerability, I don't see how writing an exploit would better your luck or why you'd need luck after already finding a vulnerability.

This isn't necessarily true. Almost every piece of code ever written is vulnerable in some way. In that case, vulnerabilities don't really mean a whole lot, since you can always exploit something. The term itself is really just a buzzword for a bug. All code has bugs, some bugs are more useful than others. You write code or input or etc that leverages a given bug to find out if it is useful. This is called a proof of concept, and although it would be an "exploit", it's usually far from the final package you use.

Nothing about my post was false in any way, you don't write exploits before finding a vulnerability because that contradicts what an exploit needs a vulnerability to exploit. My post was centered around Ender saying that the OP would have better luck if he wrote his own exploits, which again, makes no sense because you don't need luck after you've already found an exploitable vulnerability. It would've made sense however if he told the OP he'd have better luck if he looks for vulnerabilities himself rather than relying on preexisting public vulnerabilities.

[Nytelife26]

This post doesn't make any sense. You write exploits after already finding a vulnerability, I don't see how writing an exploit would better your luck or why you'd need luck after already finding a vulnerability.

The implication was that you also find the vulnerability, although even with existing vulnerabilities, it can be easier to notice if you use a common payload or exploit.

I genuinely have no idea what you just said. All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

Listen closely. Writing your own exploit will make your success rate higher because it will be significantly less common and therefore less noticeable / less likely to have already been patched by the company.

[x n]

I genuinely have no idea what you just said.

I think that says it all.

All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

A useful vulnerability with no payload is pretty useless. If you don't understand your vulnerability very well, and the code that both created it and triggered it, you will have a 0% success rate. Simple as that.

Never mind, I see what he meant now. My apologies to both you and @Ender

[x n]

The implication was that you also find the vulnerability, although even with existing vulnerabilities, it can be easier to notice if you use a common payload or exploit.

I genuinely have no idea what you just said. All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

Listen closely. Writing your own exploit will make your success rate higher because it will be significantly less common and therefore less noticeable / less likely to have already been patched by the company.

You're completely wrong but I already said I understood what Ender meant so I'm not gonna type a lengthy response to this.

[Nytelife26]

I genuinely have no idea what you just said.

I think that says it all.

All I meant was that I don't know how writing your own exploit would make your success rate higher or why you'd need a higher success rate if you've already found an exploitable vulnerability.

A useful vulnerability with no payload is pretty useless. If you don't understand your vulnerability very well, and the code that both created it and triggered it, you will have a 0% success rate. Simple as that.

Never mind, I see what he meant now. My apologies to both you and @Ender

Oh, finally. Well, at least we got there in the end, and you can learn from this.
I'm just glad you're capable of realizing when you're wrong and can apologize lmao (I know it's definitely something I struggle with haha)