In cybersecurity, an exploit is a program or piece of code designed to take advantage of a security flaw or vulnerability in an application or computer system. Exploits can be used for malicious purposes such as installing malware, but they are not malware themselves. Instead, they are a method used by cybercriminals to deliver malware. To be effective, many vulnerabilities require an attacker to initiate a series of suspicious operations to set up an exploit. Typically, a majority of the vulnerabilities are the result of a software or system architecture bug. Attackers write their code to take advantage of these vulnerabilities and inject various types of malware into the system. Exploits can be classified into two types:
-
Local Exploits: These require prior access to the vulnerable system and usually increase the privileges of the person running the exploit past those granted by the system administrator.
-
Client Exploits: These exist against client applications and usually consist of modified servers that send an exploit when accessed with a client application. They may also require interaction from the user and rely on social engineering techniques like phishing or spear phishing to spread or adware.
Exploits are designed to damage the confidentiality, integrity, or availability (CIA triad) of software or a system. Many cybercriminals target multiple attack vectors, first gaining limited access, then using a second vulnerability to escalate privileges until they gain root access.