Have you tried a tap?

http://www.flukenetworks.com/enterprise-network/network-monitoring/Tap-Solutions

http://www.network-taps.eu/products/products_networktaps.php

maybe you should take the time to do some research:

http://www.offensive-security.com/metasploit-unleashed/Msfconsole_Search_Command

There's a lot of good resources out there and a great site called Google

Then, just like cd1zz said, use SSL. Encryption will provide you all that.


"security through obscurity" is not advisable at all.


You not being able to see something doesn't mean that it isn't there and somebody can't reach it.

PenTesting is not about being able to run apps, you need to know how things work and what you're doing, then you can use tools.

If you don't manage to make the exploit run, I guess you don't even know how it works and what it does, it sounds like a very bad idea...

If you already have the list of URLs, then it's only matter of comparing your var against a pattern (your regular expression). In Perl the =~ operator is the one you'll use. You can use a capturing group (parentheses operators) to get your number into a var. I hope you're following me

The "best" payload to use will depend on you scenario.

http://www.offensive-security.com/metasploit-unleashed/Payload_Types

I'm not getting exactly what's the problem you're facing. Do you already have the list with URLs but you don't find one that contains the pattern you want?

Certainly you can. Perl is a very powerful language for text processing. If you have your list of URLs in a file, you can load all the contents into an array in a single operation an then traverse the array looking for an array that matches your RE, or you can can read your file line by line and compare it to the RE. You can even extract the specific part you are interested on (the number) from the string when you are comparing against your RE. Be careful how you use the ^ and $.

By "without download each page" you mean not writing to a file on disk the page and instead keep the contents in a variable? Yes you can, the same way you can with wget (you can dump the page to STDOUT). Check the LWP library, maybe there are many more, it's been a while since I used Perl.

The tools you will use will depend on the type of files you're working with and what you want to achieve. The most basic tools are strings, file and hex editors. It's very common to find compressed data, so then you'll have to user some other tools. For a very good example read the next post:

http://www.devttys0.com/2011/05/reverse-engineering-firmware-linksys-wag120n/

RE is a way to get some knowledge about the workings of something, so you can. There are good tools for both platforms.

This is usually true, there are some cases where the network address works as broadcast tough

http://www.whitehats.ca/main/members/Jeff/gcia_assign_2/gcia_assign_2.html

http://www.netbsd.org/docs/guide/en/chap-net-practice.html#chap-net-practice-kernel-options

You should start learning how SNMP works and what MIBs and OIDs are

Saying you want to learn to write exploits is way too generic, even for web based ones. What do you want to focus on? SQLi, XSS, CSRF, RFI/LFI, auth bypass...? You should start by taking a look at OWASP.