Exploits-Security-Attacks

Exploits


An "exploit" is a computer program that "exploits" a vulnerability, whether or not it is published. Each exploit is specific to a version of an application as it exploits flaws in that version. There are various types of exploits:
  • Privilege escalation. The most formidable exploits make it possible to take control of executed programs with administrator privileges (root privileges on UNIX type systems);
  • Generation of a system error. The goal of some exploits is to flood a computer program to make it "crash".



Most of the time, exploits are written in C language or Perl. They may however be written in any language for which there is an interpreter on the target machine. The hacker who uses an exploit therefore needs to have minimum knowledge of the target system and programming bases to achieve his goals. 


To be able to use it, the hacker usually needs to compile it on the target machine. If the execution is a success, the hacker can, depending on the role of the exploit, obtain access to the remote machine's command interpreter (shell).

Counter-measures


To not fall victim to this type of program, a system's administrator needs to keep informed of vulnerabilities relating to the applications and operating systems he manages by regularly visiting websites that index flaws and by subscribing to specialized distribution lists.
Here are a few sites that index flaws along with their exploits and patches:

For unlimited offline reading, you can download this article for free in PDF format:
Exploits.pdf

Comments

Post a Comment

Popular posts from this blog

Robotics and Artficiial intelligence

Image
Artificial intelligence (AI) is arguably the most exciting field in robotics. It's certainly the most controversial: Everybody agrees that a robot can work in an assembly line, but there's no consensus on whether a robot can ever be intelligent. Like the term "robot" itself, artificial intelligence is hard to define. Ultimate AI would be a recreation of the human thought process -- a man-made machine with our intellectual abilities. This would include the ability to learn just about anything, the ability to reason, the ability to use language and the ability to formulate original ideas. Roboticists are nowhere near achieving this level of artificial intelligence, but they have made a lot of progress with more limited AI. Today's AI machines can replicate some specific elements of intellectual ability. Computers can already solve problems in limited realms. The basic idea of AI problem-solving is very simple, though its execution is complicated. First, the AI ...
Read more

3D Animation & Rendering Engines

3D rendering engines    Here is a list of 3D rendering engines to create awesome graphics. Some are free, while others are paid software (offering a a limited trial period). Some of the rendering engines are capable of importing various 3D formats or integrate them directly into modelers. Free/Open Source Here's our selection of free or open source softwares: RenderMan Pixar studios is now offering a non commercial version of RenderMan for free. RenderMan is the famous rendering software Pixar has been using since the 80s for its creation. This is a 3D rendering engine that allows you yo create photorealistic results. The software is not necessarily easy to handle as it was primarily designed for professionals. A discussion forum is available for RenderMan users: https://renderman.pixar.com/forum/ Link to website: http://renderman.pixar.com/view/non-commercial-renderman Available for Windows 7 and 8, Mac OS, and Linux...
Read more