Identifying Types of Hacking Technologies

Many methods and tools exist for locating vulnerabilities, running exploits, and compromising systems. Once vulnerabilities are found in a system, a hacker can exploit that vulnerability and install malicious software. Trojans, backdoors, and rootkits are all forms of malicious software, or malware. Malware is installed on a hacked system after a vulnerability has been exploited.
Buffer overflows and SQL injection are two other methods used to gain access into computer systems. Buffer overflows and SQL injection are used primarily against application servers that contain databases of information.
Most hacking tools exploit weaknesses in one of the following four areas:
  • Operating Systems Many system administrators install operating systems with the default settings, resulting in potential vulnerabilities that remain unpatched.
  • Applications Applications usually aren't thoroughly tested for vulnerabilities when developers are writing the code, which can leave many programming flaws that a hacker can exploit. Most application development is "feature-driven," meaning programmers are under a deadline to turn out the most robust application in the shortest amount of time.
  • Shrink-Wrap Code Many off-the-shelf programs come with extra features the common user isn't aware of, and these features can be used to exploit the system. The macros in Microsoft Word, for example, can allow a hacker to execute programs from within the application.
  • Misconfigurations Systems can also be misconfigured or left at the lowest common security settings to increase ease of use for the user; this may result in vulnerability and an attack.

No comments:

Post a Comment

Popular Posts