Friday, September 16, 2011

Software Vulnerabilities And Their Exploitation

Some sort of vulnerability is common in any security infrastructure and software is no exception to the same. Software vulnerability may occur due to insufficient testing, lack of audit trail, use of publicly available codes, programming errors, etc. A programmer while making a software may assume that all user input is safe. Programs that do not check user input can allow unintended direct execution of commands or SQL statements like buffer overflows, SQL injection or other non-validated inputs.

Although various set of coding guidelines have been developed and a large number of static code analysers has been used to verify that the code follows the guidelines yet coding errors are common in a majority of software. A coding error gives rise to vulnerability in software that can be exploited by a malicious user.

An exploit may be a piece of software, a chunk of data, or sequence of commands that takes advantage of vulnerability in order to cause unintended or unanticipated behavior to occur on software.

There are several methods of classifying exploits. The most common is by how the exploit contacts the vulnerable software. A “remote exploit” works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A “local exploit” requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.

Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with client application. Exploits against client applications may also require some interaction with the user and thus may be used in combination with social engineering method. This is the hacker way of getting into computers and websites for stealing data.

Often, when an exploit is published, the vulnerability is fixed through a patch and the exploit becomes obsolete for newer versions of the software. This is the reason why some blackhat hackers do not publish their exploits but keep them private to themselves or other hackers. Such exploits are referred to as “zero day exploits”.

As far as legality of exploiting software is considered, it is considered to be a cyber crime or offence in many jurisdictions. Even circumventing an access control mechanism is punishable under laws like digital millennium copyright act (DMCA). However, it is cracking of software that is punishable and not hacking as is popularly misunderstood in the media circles.

Software vulnerability and their exploitation need to be taken care of by a techno legal framework that combines both technological and legal issues. However, this techno legal framework is still missing in most of the jurisdictions of the world.