Software Exploitation
Filed Under (All, Hacking, Software) by Ph4][)HL1 R4Ph1Q1 on 05-07-2008
Tagged Under : Access Queries, Access To Data, Array, Attacker, Client Address, Client Server Environment, Client Session, Data Access Objects, Database Products, E Mail, Macro Virus, Mail Client, Mail Clients, Mail Virus, Malware, Powerful Tools, Programming Instructions, Service Database, Spreadsheets, Term Software, Word Processors
Well, this is just a quick article that I wrote so that you can understand software exploitation a bit better. There are 5 types of software exploitation which I will cover in this article namely:
- Database Exploitation
- Application Exploitation
- E-mail Exploitation
- Spyware
- Rootkits
The term software exploitation refers to attacks launched against applications and higher level services. They include gaining access to data using weaknesses in a data access objects of a database or a flaw in a service.
Database Exploitation - Many database products allow sophisticated access queries to be made in the client/server environment. If a client session can be hijacked or spoofed, the attacker can formulate queries against the database that disclosed unauthorized information. For this attack to be successful the attacker must first gain access to the environment through one of the attacks I described in my other articles.
Application Exploitation - A macro virus is another example of software exploitation. A macro virus is a set of programming instructions in a language such as VBScript that commands an application to perform illicit instructions. Users want more powerful tools, and manufacturers want to sell users what they want. The macro virus takes advantage of the power offered by word processors, spreadsheets, or other applications.
E-mail Exploitation - Hardly a day goes by without another e-mail virus being reported. This is a result of weakness in many e-mail clients. Modern e-mail clients offer many shortcuts, lists, and other capabilities to meet user demands. A popular exploitation of e-mail clients involves accessing the client address book and propagating viruses. There is virtually nothing a client user can do about these exploitations, although antivirus software that integrates with your e-mail client does offer some protection.
Spyware - Spyware differs from other malware in that it works - often actively - on behalf of a third party. Rather than self-replicating like viruses and worms, spyware is spread to machines by users who inadvertently ask for it. The users often do not know that they have asked for it, but have done so by downloading other programs, visiting infected sites and so on. The spyware programs monitors the user activity and responds to them by offering unsolicited pop-up advertisements (Sometimes known as adware), gathers information about them to pass on to marketers, or intercepts personal data such as credit card numbers. One thing separating spyware from most other malware is that it almost always exists to provide commercial gain.
Rootkits - Recently, rootkits have become the software exploitation program du jour. Rootkits are software programs that have the ability to hide certain things from the operating system. with n rootkit, there may be a number of running processes that do not show up in Task Manager, or connections established or available that do not appear in a netstat display - The rootkit masks the presence of these items. The rootkit is able to do this by manipulating function call to the operating system and filtering out information that would normally appear. Unfortunately, many rootkits are written to get around antivirus and antispyware programs that are not kept up to date. The best thing you can do is to monitor what your system is doing and then catch the rootkit in the process of installation.
There you have it, the brief explanation of exploitation. Enjoy.
hmm! I choose to apply http://www.search-and-destroy.com. for the spotting, prevention, and removal of most forms of malware and virus.