Hello everyone,
I thought about how some people may not know what a exploit really is, and that they may benefit from having a thread dedicated to a discussion about Exploits to learn about what they are and how they work.
First up, I will explain what a Exploit is:
An Exploit is when a vulnerability is used to perform an action. In this case, we can use the example of malware and how it may try to use a vulnerability in the Operating System software to perform malicious tasks (such as; execute a dropped executable with administrative priveleges bypassing the User Account Control alert (consent.exe), and basically anything else that malware may be able to do with a vulnerability from within the system. I am sure other members reading this would be able to expand on this (about what malware may do based on the vulnerabilities discovered and provided to the malware writers).
In other words which is easier to be understood by some who did not understand the original explanation I made: it's when a vulnerability is used in the system.
Before anyone asks, yes, there have been exploits in the past which have done things such as allowing programs to run with Administrative priveleges without the UAC alert (whilst UAC has been enabled).
And, after a program is running with Administrative priveleges it can also access the protected registry key for UAC and have UAC disabled. Which is another issue altogether.
Even though we have not actually taken a look at a exploit in this thread, I put (Malware Analysis) in the thread title so the user would be aware that this is all linked to the Malware Analysis area on this forum.
Got something to add to help people reading this? Comment it below. I am sure people who read this thread will be sure to check the comments.
Cheers.
I thought about how some people may not know what a exploit really is, and that they may benefit from having a thread dedicated to a discussion about Exploits to learn about what they are and how they work.
First up, I will explain what a Exploit is:
An Exploit is when a vulnerability is used to perform an action. In this case, we can use the example of malware and how it may try to use a vulnerability in the Operating System software to perform malicious tasks (such as; execute a dropped executable with administrative priveleges bypassing the User Account Control alert (consent.exe), and basically anything else that malware may be able to do with a vulnerability from within the system. I am sure other members reading this would be able to expand on this (about what malware may do based on the vulnerabilities discovered and provided to the malware writers).
In other words which is easier to be understood by some who did not understand the original explanation I made: it's when a vulnerability is used in the system.
Before anyone asks, yes, there have been exploits in the past which have done things such as allowing programs to run with Administrative priveleges without the UAC alert (whilst UAC has been enabled).
And, after a program is running with Administrative priveleges it can also access the protected registry key for UAC and have UAC disabled. Which is another issue altogether.
My UAC example is one of my favourites, so I used it in this thread. Many people here have read a post from me referring it in the past on the forums.
Even though we have not actually taken a look at a exploit in this thread, I put (Malware Analysis) in the thread title so the user would be aware that this is all linked to the Malware Analysis area on this forum.
Got something to add to help people reading this? Comment it below. I am sure people who read this thread will be sure to check the comments.
Cheers.
