Exploiting is defined by how a piece of code or command takes advantage of a system and makes it behave in an unintended manner. The main purpose of this exploit is to gain control of a system and use it for unintended purposes such as private information retrieval and etc. Some common forms of exploitation are Privilege Escalation and Denial-of-Service(DDoS or DoS) attacks. Most of these exploits can be defended against once they are detected for the first time through the usage of patches, which means to figure out how the exploit curtails the implemented defense and plugging those holes in the defense.
Types of Exploits
- Memory safety violation
Memory safety is meant to protect the program in question from a variety of bugs and vulnerabilities but due to violations such as buffer overflow and dangling pointers, it fails to do so.
- Input validation errors
Input validation is defined as a protocol that is followed in order to make sure that the data being transmitted or processed at the time is correct and of sound quality. The routine or protocol is sometimes called “validation rules”, “validation constraints” or “check routines”.
- Privilege-confusion bugs
It is a form of confused deputy problem in the sense that a computer program with privilege is tricked or confused intentionally in order to make it perform a task that misuses its authority.
- Privilege escalation
This is done through the exploitation of a bug or a design flaw or an oversight in a system in order to gain elevated access to resources that are normally protected with protocols and firewalls.
- Race conditions
It is described as the way software or electronics track the behavior of itself by timing parts of itself that are uncontrollable.
- Side-channel attack
It’s an attack that uses that information on how a computer system is used instead of what the computer is used for. It uses information such as energy consumed, time of data transfer, etc.
For information on other types of exploits:
https://www.rapid7.com/fundamentals/types-of-attacks/
Digital exploitation is an important concern for the world since all of our lives are one way or another part of the network. Therefore anyway this information is used against us can lead to massive amounts of damage that can be either monetary or physical.