What is exploit?
An exploit is a kind of malicious software causing failures in the computer system functionality. It is a computer program, a command sequence or a code fragment using software vulnerabilities for attack.
There is no a generally accepted definition of exploit notion. All definitions in fact have the same meaning – a hidden installation of malware or automatic infecting.
An exploit may have two aims. It cripples the system functionality or gains control over it.
Exploits can be written in any programming language. Most frequently such languages as PHP, C/C++, HTML+ JavaScript and Perl are used.
They are spread as: - Verbal description of usage - Executive modules - Source text
Types
Depending on a system the exploit attacks this software can be divided in several types:
1. Site exploit
2. Internet products exploit
3. Software exploit
4. Browser exploit
5. OS exploit
6. Other types of exploits
Depending on the way how exploit gets access to vulnerable software all exploits are divided into local and remote ones. What is the difference between them?
A local exploit requires a prior access to the vulnerable system it is to run in. As a rule hackers use it to gain access to the super user rights (performing all operations without any exceptions).
A remote exploit functions via the network without the prior access to the system.
How does exploit attack?
Exploit attack aims at various system components like server applications, system modules or client applications. In order to use server vulnerability exploit just sends a request containing a malicious code. If the exploit wants to take advantage of client vulnerability the situation is more complicated. First of all it has to convince the user of the necessity of connecting to the bogus server or following the link (if a browser is this vulnerable client).
As soon as fraudsters find out any system vulnerabilities they start writing an exploit to make use of these vulnerabilities. The exploit is masking so that a user visiting a site got infected automatically.
Several approaches are used to attract users to such sites:
- Spam.
- Making several infecting sites with names resembling those of rather popular web resources (like Microsoft.com).
- Implementing malicious code on the sites of well-known companies before they block the penetration.
- False links to files in social networks. These links leads to a code using vulnerabilities of modules necessary for its operation.
How can you fight with it?
There are some steps for users to take to protect their system from exploits:
1. Regular system updates
2. Using the most recent browser version
3. Disabling unnecessary functions on sites or using then only on proved web sites
4. Ignoring unknown and potentially dangerous sites
5. Using programs that check site contents and estimate their reputation before a user starts working with them
6. Using Firewall, which ensures protection against any threats and blocks unauthorized program activities.