Definitions
(Noun) An exploit is
“ | a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware or something electronic (usually computerised). This frequently includes such actions as gaining control of a computer system, allowing privilege escalation or a denial of service attack. | ” |
“ | [a] technique to breach the security of a network or information system in violation of security policy.[1] | ” |
(Verb) To exploit is to gain access to an adversary's system to collect information or to plant false or misleading information.
Classification
There are several methods of classifying exploits. The most common is by how the exploit contacts the software.
- A "remote exploit" works over a network and exploits the security vulnerability without any prior access to the targeted system.
- A "local exploit" requires prior access to the targeted system and usually increases the privileges of the person running the exploit past those granted by the system administrator.
Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with the client application. Exploits against client applications may also require some interaction with the user and thus may be used in combination with a social engineering method.
Another classification is by the action taken against a vulnerable system: unauthorized data access, arbitrary code execution, or denial of service.
Many exploits are designed to provide superuser-level access to a computer system. However, it is also possible to use several exploits, first to gain low-level access, then to escalate privileges repeatedly until one reaches the root.
Normally a single exploit can only take advantage of a specific software vulnerability. Often, when an exploit is published, the vulnerability is fixed through a patch and the exploit becomes obsolete for newer versions of the software. This is the reason why some blackhat hackers do not publish their exploits but keep them to themselves or other crackers. Such exploits are referred to as zero day exploits. To obtain access to such exploits is the primary desire of many unskilled attackers, often nicknamed script kiddies.
Cyber exploits
- Denial of service — A method of attack from a single source that denies system access to legitimate users by overwhelming the target computer with messages and blocking legitimate traffic. It can prevent a system from being able to exchange data with other systems or use the Internet.
- Distributed denial of service — A variant of the denial of service attack that uses a coordinated attack from a distributed system of computers rather than from a single source. It often makes use of worms to spread to multiple computers that can then attack the target.
- Exploit tools — Publicly available and sophisticated tools that intruders of various skill levels can use to determine vulnerabilities and gain entry into targeted systems.
- Logic bombs — A form of sabotage in which a programmer inserts code that causes the program to perform a destructive action when some triggering event occurs, such as terminating the programmer's employment.
- Phishing — The creation and use of e-mails and Web sites — designed to look like those of well-known legitimate businesses, financial institutions, and government agencies — in order to deceive Internet users into disclosing their personal data, such as bank and financial account information and passwords. The phishers then use that information for criminal purposes, such as identity theft and fraud.
- Resolver exploit — The introduction of forged data to redirect Web and other traffic to false versions of popular websites.
- Sniffer — Synonymous with packet sniffer. A program that intercepts routed data and examines each packet in search of specified information, such as passwords transmitted in clear text.
- Trojan horse — A computer program that conceals harmful code. A Trojan horse usually masquerades as a useful program that a user would wish to execute.
- Virus — A program that infects computer files, usually executable programs, by inserting a copy of itself into the file. These copies are usually executed when the infected file is loaded into memory, allowing the virus to infect other files. Unlike a computer worm, a virus requires human involvement (usually unwitting) to propagate.
- Vishing — A method of phishing based on voice-over-Internet-Protocol technology and open-source call center software that have made it inexpensive for scammers to set up phony call centers and criminals to send e-mail or text messages to potential victims, saying there has been a security problem, and they need to call their bank to reactivate a credit or debit card, or send text messages to cell phones, instructing potential victims to contact fake online banks to renew their accounts.
- War driving — A method of gaining entry into wireless computer networks using a laptop, antennas, and a wireless network adapter that involves patrolling locations to gain unauthorized access.
- Worm — An independent computer program that reproduces by copying itself from one system to another across a network. Unlike computer viruses, worms do not require human involvement to propagate.
- Zero-day exploit — A cyber threat taking advantage of a security vulnerability on the same day that the vulnerability becomes known to the general public and for which there are no available fixes.
References
This page uses Creative Commons Licensed content from Wikipedia (view authors). |