Exploit
Exploit is an English word that means exploit or take advantage of, and that in the field of computing is a piece of software, piece of data, or script or action, used to exploit a security vulnerability in an information system to achieve undesired behavior from it.
Its main use is as a vector for the injection of a payload (in English payload) that offers the attacker some type of access and/or control of the compromised computer. A payload can be used by several exploits and the same exploit can use several payloads.
Classification
Depending on how the exploit contacts the vulnerable software:
- Exploit remote. If you use a communications network to contact the victim system. For example, you can use another computer within the same internal network or have access from the Internet itself.
- Exploit local. Yes to execute exploit exploit You need first access to the vulnerable system. For example exploit exploit can increase the privileges of the one who executes it. This type of exploits can also be used by a remote attacker who already has access to the local machine by means of a exploit exploit remote.
- Exploit customer. They take advantage of the vulnerabilities of applications that are typically installed in much of the organizations' work stations. Typical examples of this type of software they are eye applications (e.g. Microsoft Office, Open Office), PDF readers (e.g. Adobe Acrobat Reader), browsers (e.g. Internet Explorer, Firefox, Chrome, Safari), multimedia players (e.g. Windows Media Player, Winamp, iTunes). The exploit exploit it is within files interpreted by this type of applications and that it reaches the target machine by different means (e.g. via an email or a USB stick). The file will be used by the program and if it is not stopped by any other program (e.g. firewalls or antivirus) it will take advantage of the security vulnerability. The peculiarities of this type of attack are:
- They require user intervention on the client side. For example, you need to open a certain file or click on a certain link
- It's an asynchronous attack because the moment it's launched is not the same when it gets executed. exploit exploit (since you need user action).
- It is released blindly, it is not known which applications and versions of this use the real target.
According to the purpose of your attack:
- Curiosity
- Personal situation
- Personal benefit
- Espionage
Exploit frameworks
Working environments or frameworks for exploits are supportive software packages that contain modules that help build exploits. . These frameworks allow code reuse, standardization of exploits, and simplification of the attack process. Examples of this type of frameworks are Metasploit Framework, Core Impact, xploitz or Immunity Canvas .
Exploits in video games
In video games there are vulnerabilities or flaws in the code or in the gameplay that allow players to take advantage of a functionality to obtain benefits exponentially greater than unrealistic points. Such are the cases of obtaining virtually infinite money by repeating an action that, during a normal game, would not be allowed. While in single player games this is normal to see, this is typically punished in multiplayer lobbies given the unfair nature of the phenomenon.
There is controversy about what is or is not an exploit: while in a specific case some players might say that something is being unfairly exploited for immense benefit to a player, others might defend it by arguing that it is part of the gameplay and that, in that case, the programmers are aware of its existence because they have published it that way.
So far one of the most affected Internet games by these malicious commands is Roblox, which is affected on the servers published on the network. A cracker with the help of a special program edits the codes of the active server, causing from the appearance of new elements in the game, to the disconnection of all players and theft of their current information on the site.
Types of exploits
- Duping (duplication): consists of the duplication of an element whose multiplication by non-legitimate means is considered unfair. An example of this is the multiplication of coins in a game where obtaining money is something that carries a moderate effort.
- Lag: the lag or latency is delay between the client and the server of which, among other things, can function as a profitable resource to give unfair advantages to certain players over others. One example of this is the saturation of a multiplayer room so that the other players do not have the response speed they should have, putting them at a disadvantage.
- Geometry: some players can take advantage of the form of a world in a video game to jump physical spaces or access areas that were not designed to be explored or observed. Normally, this shows incomplete sections of the map or areas with loose objects left by developers during game design as evidence.
- Twinking: This can be considered more a social trick than an exploit, and it is to deceive other players that oneself is less skilled than it looks through showing off with equipment and less complex and advanced look than the game offers at those heights. An example of this situation is a high-level player not wearing any armor or carrying weapons, sometimes even acting as if he ignores the performance of the game, only then prove the opposite through his real skills and level.
- Bunny hopping: translated as "cowardly jumps", it is to take advantage of the way a player's movement was programmed to move faster. In most games this is achieved by constantly jumping instead of running the character, and hence the name. This tactic is frequently used during speedruns, where the goal is to end a video game or a segment of it in the shortest time possible.
- Safe areas: it is a segment of the map where a player can attack other entities (IA or other players) without suffering the risk of being attacked back. An example of this is shooting other players from an area where they are forbidden to access.
- Cheesing: It is a way of repeatedly attacking in a way in which the opponent cannot attack by the frequency and speed with which these attacks take place. A clear example of this is attacking an opponent in a game of fighting against the limits of the screen, so that he cannot move or counterattack.
Pivoting
Pivoting refers to a method used by penetration testers that the compromised system uses to attack other systems on the same network to bypass restrictions such as firewall settings, which may prohibit direct access to all machines.
For example, if an attacker compromises a web server on a corporate network, the attacker can use the compromised web server to attack other systems on the network. These types of attacks are often referred to as multi-layered attacks.
Pivot can be further distinguished into proxy pivot and VPN pivot. Proxy pivot generally describes the practice of funneling traffic through a compromised target by using a proxy payload on the machine and launching attacks from the computer. This type of pivot is restricted to certain TCP and UDP ports that are supported by the proxy.
VPN pivot allows the attacker to create an encrypted layer to tunnel into the compromised machine to route any network traffic through that target machine, for example, to run a vulnerability scan on the internal network through from the compromised machine, effectively giving the attacker full network access, as if they were behind the firewall.
Typically, proxy or VPN applications that enable pivoting are executed on the target computer as the payload of an exploit.
Exploit Databases
The main exploit databases are:
- Exploit DB [1]
- Rapid7 [2]
- CXSecurity [3]
- Vulnerability Lab [4]
- 0day [5]
- SecurityFocus [6]
- Packet Storm Security [7]
- Google Hacking Database [8]. It is an Exploit DB project that gets the information using Google (Google Dorks.
Contenido relacionado
Patrick Volkerding
Faraday cage
Javascript