Software Exploits

software exploitA software exploit is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur. Software applications and the operating systems on which the run are vastly complex entities. Regardless of how carefully written and thoroughly tested a piece of software is, it typically will contain bugs or vulnerabilities that can be exploited. Such software exploits frequently include things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack.

Types of Software Exploits

Software exploits can be categorized and named according to certain criteria:

  • The type of vulnerability they exploit (software vulnerabilities can arise from either insufficient testing or the lack of an audit trail).
  • Whether they need to be run on the same machine as the program that has the vulnerability (local) or can be run on one machine to attack a program running on another machine (remote).
  • The result of running the exploit.

The most common categorization is by how the exploit contacts the vulnerable software. A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system, whereas a local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator. There are also exploits against client applications. These usually consist of modified servers that send an exploit if accessed with a client application. Such exploits can be considered remote exploits, although they may require some interaction with the user and thus may be used in combination with the social engineering method.

Another classification is by the action against the vulnerable system: unauthorized data access, arbitrary code execution, and denial-of-service are all examples. Many exploits are designed to provide superuser-level access to a computer system. It is also possible to use several exploits first to gain low-level access, then to escalate privileges until one reaches root.

Often, when a software exploit is publicized, the vulnerability is fixed through a patch and the exploit becomes obsolete until newer versions of the software become available. This is the reason why some hackers do not publish their exploits, but keep them private. Such exploits are referred to as zero day exploits. Obtaining access to such exploits is the primary desire of some unskilled hackers.

While it is impossible to completely eliminate the risk of software exploitations, the threat can be greatly reduced by keeping operating systems and applications patched with the latest vendor updates and to develop applications using programming languages such as C# and Java, which provide managed environments that reduce the risk of some exploitations.

External Links:

Software Exploitation, Malicious Code and Social Engineering at Techtopia

© 2013 David Zientara. All rights reserved. Privacy Policy