Ethical Hacking

Common types of vulnerabilities and exploits that we can found in software products...


Listen Later

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 44 today we are discussing about Software vulnerabilities and exploits. Now that we've covered how software should be securely coded,let's cover a few of the exploits that are used against improperly coded programs.First, we have backdoors. Backdoors consist of software code that's been placed in a computer programs to bypass on normal authentication and other securing mechanisms. These are often created by developers themselves in order to make it easier for them to update custom programs in the future. But, this is a horrible practice in terms of security.All secure coding and program methodologies consider backdoors a poor coding practice and they state that it should never be utilized by programmers.Because of this, most developers have phased out the use of backdoors. But some backdoors can be created in our systems by attackers, too.For example, if a system is infected with a remote access Trojan,this is also considered a backdoor into that system.The next type of exploit that we hav is what's called a directory traversal,which is going to exploit insecurely coded web applications and servers.A directory traversal is a method of accessing unauthorized directories by moving through the directory structure on a remote server.Let's pretend, for example, that my website Diontraining.com was poorly coded and was subject to this type of an exploit. Of course, we've gone ahead and secured our website against this type of vulnerability, so this is just going to be a theoretical discussion to explain the context of a directory traversal. Normally, you could access our website by going to www.kicktraveller.weebly.com Or, you might access it by going to a dynamic sub-page like diontraining.com/menus,or something like that.If you wanted to attempt a directory traversal,you're going to have to add something to the directory path that has an input variable inside the URL.Something like menu=../../../../etc/password.This attempts to move up four levels through the directory structure from the web server's public folder into it's root folder and then back down into the etc folder and then attempts to access the password file.If this was successful, the text based password file would be displayed inside your web browser.anytime you see that there's a series of ../ in them,you know that this is most likely a directory traversal and it's being used as part of an exploit.Often, a directory traversal is used as a way to access a file on a web server and sometimes you can even use it to conduct an arbitrary code execution on that server.Arbitrary code execution occurs when an attackeris able to execute or run commands on a victim computer. This might occur if someonewalks by your desk at work,sees you're logged into the computer,but you're away from your desk.They start running a program on your computer.This would be classified as an arbitrary code execution.This is pretty bad for security, as you can imagine.But, what's even worst, is a specialized type of arbitrary code execution called an RCE or remote code execution.A remote code execution occurs when the attacker is able to execute or run commands on a remote computer.Notice the key difference here between an arbitrary and a remote code execution.With a remote code execution,the attacker can run the commands remotely;such as through an interactive shell session or some other kind of attack.

...more
View all episodesView all episodes
Download on the App Store

Ethical HackingBy vijaykumar Devireddy


More shows like Ethical Hacking

View all
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners