EXPLOIT ATTACK

Shaunak Joshi
(Roll No:43162)
Exploit
• A computer exploit, or exploit, is an attack on a computer system, especially
one that takes advantage of a particular vulnerability the system offers to
intruders.

• An exploit takes advantage of a weakness in an operating system, application

or any other software code, including application plug-ins or software libraries.

• Computer exploits can be characterized by the expected result of the attack,

such as denial of service, remote code execution, privilege escalation, malware
delivery or other malicious goals.

• Once an exploit has been used, it often becomes known to the software
developers of the vulnerable system or software, and is often fixed through a
patch and becomes unusable.
Vulnerability
• Bugs in a program or an application aren’t inherently harmful but they can
be used by nefarious actors to their advantage. They are called the
vulnerabilities .
• Vulnerabilities can be leveraged to force software to act in ways it’s not
intended to, such as gleaning information about the current security
defenses in place.
Types of vulnerabilities:
• Known vulnerabilities: Exploits security researchers know about and have
documented. Exploits that target known vulnerabilities are often already
patched but still remain a viable threat because of slow patching.

• Zero-day exploits: Vulnerabilities that have not been reported to the public
or listed on CVE. This means cybercriminals have found the exploit before
developers have been able to issue a patch, in some cases the developer
may not even know of the vulnerability.
Types of exploits
• Hardware: Poor encryption, lack of configuration management or firmware
vulnerability.

• Software: Input validation errors (code injection, cross-site scripting (XSS), email
injection, format string attacks, HTTP header injection , SQL injection).

• Network: Unencrypted communication lines, man-in-the-middle attacks, domain

hijacking, poor network security, lack of authentication or default passwords.

• Personnel: Lack of security awareness training, poor password management or falling

for common social engineering attacks like phishing.
There are several ways exploits occur:

Remote exploits: Works over a network and exploits the vulnerability without prior access
to the vulnerable system.

Local exploits: Requires prior access to the vulnerable system and increases the privilege
of the attacker past those granted by the security administrator.

Client exploits: Exploits against client applications exist and usually consist of modified
servers that send an exploit when accessed with a client application. They may also
require interaction from the user and rely on social engineering techniques like phishing or
spear phishing to spread .

In general, exploits are designed to damage the confidentiality, integrity or availability (CIA
triad) of software or a system.
• REAL LIFE EXAMPLES OF EXPLOIT ATTACKS

Notably, in recent years, there have been numerous organizations who failed to
protect their Amazon S3 storage instance:

• Australian Broadcasting Corporation (Nov 2017) 

 Leakage of hashed passwords, keys and internal resources.

• Accenture (Sept 2017) 
Authentication information, including certificates, keys, plaintext passwords, as
well as sensitive customer information.
• On February 28, 2018, the version control hosting service GitHub was hit with a
massive denial of service attack, with 1.35 TB per second of traffic hitting the
popular site. Although GitHub was only knocked offline intermittently and
managed to beat the attack back entirely after less than 20 minutes, the sheer
scale of the assault was worrying.

• In 2016, Yahoo announced a hack that had occurred years earlier had caused the
data of 1 billion users to be leaked. The attackers gained access to users' email
accounts because the passwords were protected by MD5, which is a weak and
outdated hashing algorithm.