By Luke Willadsen
What is an Exploitation, Anyway?
If we leave it up to Merriam Webster an ‘exploitation’ is “an act of instance of exploiting.” Because that doesn’t quite clear things up, we’ll take it one step further: “to make use of meanly or unfairly for one’s own advantage.” When it comes to cybersecurity, and in keeping things ethical, exploitation is the execution of any method or technique that can be used to accomplish one of the following:
With a working definition that’s more in-line with the intention of this blog, let’s explore how one can ethically exploit something or someone.
Why Do We Exploit?
When it comes to exploitation as it relates to cybersecurity, there are two camps: white hat hackers, or ethical hackers, and malicious actors. Each of these two camps have very different motivations for performing exploitations on a network, system, or person.
White hat hackers conduct penetration tests, or pentests, in which exploitation is performed in order to uncover existing and/ or potential security holes so they can be fixed before malicious actors find them. This is ethical hacking. The ethical hacker conducting the pentest reports on the vulnerabilities they discover, including the path(s) they used to exploit the vulnerabilities, with the sole purpose of empowering the organization to work to resolve them.
Malicious actors, or cyber criminals, attempt to exploit networks, systems, and people with the intent to cause harm. This is non-ethical hacking. The cyber criminals conducting these actions do so to gain access to unauthorized or confidential data and use it against the victim, or to interrupt or disable access to information or systems in hopes of collecting a ransom payment before the victimized organization is able to return to normal business operations.
Penetration Testing: How One Ethically Exploits Something or Someone
Exploitation requires there to be flaws, otherwise known as vulnerabilities. Vulnerabilities can be just about anything, from highly technical flaws (i.e. how a computer program receives and processes tasks, a network protocol that has unused, legacy flags within it that the developers forgot existed, or the way a web application passes requests to its backend database) to human behavior (i.e. that super gullible Dave in Accounting or the security guard that’s a sucker for a nice smile and some donuts).
Individuals conducting pentests have to think outside the box. Once a vulnerability has been identified, and subsequently exploited, the compromised network, system, or person can be leveraged to deliver harm. For example, the aforementioned flaw in a web application may allow for a specially crafted HTTP GET request to be sent that then makes the database spit out all its dirty secrets. Or if a nice, personalized email is sent to Dave he may be inclined to click on the link so that he can save a puppy’s life.
Evolution of Exploitation
In part 2 of this series we explore how vulnerability exploitation has evolved over the early 2010's.
About the Author: Luke Willadsen, Technical Services Lead, EmberSec, is an InfoSec professional and white hat hacker. After getting his start with the Dept. of Defense in 2010, Luke leveraged his specialization in offensive security and eventually turned to private and public sector consulting. Mr. Willadsen has a bachelor’s degree in cybersecurity, a master’s degree in technology studies, an OSCP certification, and a CISSP certification. Outside of his professional life, Luke is a husband, an animal lover, a fitness enthusiast and a passable guitar player, plays a bard in Dungeons and Dragons, and enjoys playing a few rounds of Battlefield on my PS4 a night or two a week.
About EmberSec: EmberSec, a Division of By Light, serves as a provider of advanced, technical cybersecurity services and solutions. Whether that's testing the maturity and efficiency of your security program through technical assessments, integrating highly customized Managed Detection & Response capabilities, or aligning your infrastructure and security practices around industry frameworks, EmberSec understands the complexities involved in establishing a truly secure enterprise.
The EmberSec team is comprised of senior security researchers, operators, and intelligence professionals, and specializes in the following domains: