Exploit, Exploit is a code that specifically attack security computer. Exploit penentrais widely used for both legal and illegal to look for weaknesses (Vulnerability) on the destination computer. It could also be said that attacking a software security vulnerability (security vulnerability) are specific but not always intended to launch an unwanted action. Many computer security researcher using the exploit to demonstrate that a system has a vulnerability.There is a body of researchers who work with the software manufacturer. Researchers were tasked with finding the fragility of a software and if they do, they report the findings to the manufacturer so the manufacturer can take action. However, the exploit is sometimes a part of a malware attack in charge of security vulnerability.
ClassificationThere are several methods for classifying exploits. The most common is to see how to exploit to make contact with the vulnerable software. Remote exploit (remote exploit) works through a network and exploit vulnerabilities in the absence of prior access to the victim system. Local exploit (local exploits) requires prior access to a vulnerable system and usually increases the flexibility of people who run exploit beyond that provided by the system administrator. Exploit the attacking client applications are also available, usually consisting of modified servers that send an exploit if accessed by client applications. Exploits that attack the client application may also require some interaction with the user, thus can be used in combination with the methods of social engineering. This is how hackers break into computers and web sites to steal data.Another classification is by action on the affected system: unauthorized access to data, arbitrary code execution, denial of service.Many exploits are designed to provide'' superuser-level access'' to the computer system. But, but may also use some exploits, to gain access to low-level first, then increase the permissions again and again until it reaches the root.Normally a single exploit can only take advantage of a specific software vulnerabilities. Often times, after the exploit was published, improved system security gaps through patches that exploit no longer apply to the latest version of the software. This is the reason why some blackhat hackers do not publish their exploits but keep it to yourself or other hackers. Exploit the so-called 'zero day exploits' and to gain access to the exploit is the main desire of the amateur attackers, often nicknamed script kiddieTypeExploit generally categorized and named according to the following criteria:
Types of vulnerabilities they exploitDo they need to be run on the same machine with a program that has a slit (local) or can be run on a different machine to attack the program running on another computer (remote).The results of running the exploit (EOP, DoS, Spoofing, etc.)
PivotingPivoting refers to the methods used by penetration testers to use a system that has been mastered to attack other systems on the same network to avoid the ban as a firewall configuration, which can prohibit direct access to all machines. For example, an attacker controlled web server on a corporate network, the attacker can then use the web server that has been mastered to attack other systems on the network. This type of attack is often called a multi-layered attack. Pivoting also known as island hopping.Pivoting can be divided into proxy and VPN pivoting pivoting:
Proxy pivoting is generally described as an act of tracing a path through the target payload controlled using a proxy on the machine and launch attacks from this computer. Type of pivoting is limited to specific TCP and UDP are supported by the proxy.
VPN pivoting allows the attacker to make the layer-2 tunnel is encrypted into a machine-controlled to drive traffic to any network through the target machine, for example, to run a vulnerability scan on the internal network via the machine-ruled, effectively giving full access to the network attackers as if they are behind a firewall.
Typically, an application proxy or VPN which allows pivoting, running on the target computer as the payload (software) of the exploit.
No comments:
Post a Comment