FANDOM


Web based attackEdit

In a web-based environment the most attacked applications are those having direct or indirect relation to internet.

The list of such applications mostly comprised from PDF readers, digital document processors, media players and web browsers, while in case of web-browsers in addition to its internal vulnerabilities, web- browsers may also suffer from vulnerabilities found in installed plug-ins (like ActiveX or Firefox add-ons).

The examples of known vulnerabilities and their possible exploitation can be foun in CVE - http://cve.mitre.org/index.html

Software vulnerability and exploitationEdit

Software vulnerability is basically an incorrect or invalid handling of input parameters passed to a vulnerable program or simply software bug. A specially crafted input exploiting such vulnerability is called software vulnerability exploit or simply exploit.

If the software vulnerability is unknown to the others or undisclosed to the software manufacturer then the actual code that uses it often called a zero-day exploit or a zero day attack.

A common lifecycle of the zero day exploit is as follows:

1. The software manufacturer releases product containing the vulnerability, usually an unknown one. 2. The attacker finds the vulnerability before software developer does or before he was informed by the users. 3. The attacker creates and distributes an exploit. 4. The manufacturer finds the vulnerability and starting writing the fix.

The most successful exploit kit in 2012Edit

"At the year 2012 approx. 30% of all web threats detected by Sophos and 91% by AVG originated from this exploit kit. Either by direct visiting or re-directions from compromised legitimate websites." , http://www.squidoo.com/blackhole-exploit-kit-the-most-popular-web-threat-this-year.

Russian exploit kit that was oficially the most profitable, undetectable and successful exploit till today. The key features of success are: marketing scheme, SaaS-like distribution, multiple obfuscation layers and e.t.c...

ReferencesEdit

  1. From exploit to a shell-code
  2. Types of applications targeted by attackers
  3. Wikipedia
  4. Archive of exploits detected by Quttera's exploit detection technology
  5. Blackhole exploit kit - the most popular web threat this year

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.