Scribd
Upload
22 views16 pages

Software Exploits

Sec

Uploaded by

22bce363
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
22 views16 pages

Software Exploits

Sec

Uploaded by

22bce363
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Software Exploits

Software exploits are techniques or pieces of code that take advantage of


vulnerabilities in software to cause unintended or malicious behavior.
Exploits can allow attackers to gain unauthorized access, escalate
privileges, steal data, crash systems, or install malware.
Types of Software Exploits
i. Buffer Overflow
ii. SQL Injection
iii. Cross-Site Scripting (XSS)
iv. Cross-Site Request Forgery (CSRF)
v. Privilege Escalation
vi. Remote Code Execution (RCE)
vii. Directory Traversal
viii. Zero-Day Exploits
ix. Heap Exploits
i. Buffer Overflow

Exploit that writes more data to a buffer than it can hold, leading to
memory corruption.

Can be used to execute arbitrary code.

Example: Overwriting return address on the stack.


SQL Injection

Inserting malicious SQL statements into input fields.

Used to access, modify, or delete database contents.


Cross-Site Scripting (XSS)

Injecting malicious scripts into web pages viewed by others.

Can steal cookies or hijack sessions.

Cross-Site Request Forgery (CSRF)


Tricks a user into executing unwanted actions in a web application
where they're authenticated.
Cross-Site Scripting (XSS)
Tricks a user into executing unwanted actions in a web application
where they're authenticated.

Privilege Escalation
Exploiting bugs to gain elevated access to resources.

Two types: Vertical (user → admin), Horizontal (user → another user’s


data).
Remote Code Execution
Allows attacker to run code remotely on a vulnerable system.
Often the result of unchecked input or deserialization flaws.

Directory Traversal

Accessing files/directories outside of the intended root directory


using ../.
Zero-Day Exploits
Exploits for unknown or unpatched vulnerabilities.
Highly dangerous and valuable on black markets.

Heap Exploits
Target dynamic memory allocation.

More complex than stack-based buffer overflows.


Common Exploit Techniques
Return-Oriented Programming (ROP)

Shellcode Injection

DLL Hijacking

Format String Vulnerabilities

Use-After-Free
Defenses Against Exploits
Input validation and sanitization

Proper memory management (e.g., bounds checking)

Keeping software updated (patch management)

Use of modern exploit mitigations:


DEP (Data Execution Prevention)
ASLR (Address Space Layout Randomization)
Stack Canaries
Sandboxing
Tools Used in Exploitation
Metasploit – Exploit development and deployment.

Immunity Debugger / OllyDbg – Reverse engineering/debugging.

Burp Suite – Web app vulnerability testing.

SQLmap – Automated SQL injection.

Exploit DB – Database of public exploits.


Code injection
Code injection is a type of security vulnerability where an attacker inserts
malicious code into a vulnerable application, causing the system to execute
unintended commands. It typically happens when user input is not properly
validated, sanitized, or escaped before being processed.
How Code Injection Works
Input point — The attacker finds a part of the application that takes user input
(e.g., form fields, URL parameters, cookies).

Injection — Malicious code is inserted into the input.

Execution — The application interprets the malicious input as legitimate


code and executes it.

Impact — Can lead to data theft, system compromise, or complete


control over the application.
Common Types of Code Injection
Type Description Example Payload
Injecting SQL commands to
SQL Injection (SQLi) ' OR 1=1 --
manipulate a database
Injecting OS commands into
Command Injection ; rm -rf /
system calls
Injecting malicious
<script>alert('Hacked')</
HTML/JS Injection (XSS) HTML/JavaScript into web
script>
pages
Injecting LDAP statements to
LDAP Injection `*)(
access unauthorized data
Manipulating XML data or
XML Injection <tag>malicious</tag>
queries
Prevention
•Input validation — Only allow expected formats and characters.
•Output encoding/escaping — Escape special characters
before processing.
•Use parameterized queries — Avoid dynamic queries in SQL,
LDAP, etc.
•Least privilege principle — Restrict database and system
permissions.
•Security testing — Regularly test with static and dynamic
analysis tools.

You might also like