Lernkarten

Karten 17 Karten
Lernende 0 Lernende
Sprache English
Stufe Universität
Erstellt / Aktualisiert 21.06.2019 / 21.06.2019
Lizenzierung Keine Angabe
Weblink
Einbinden
0 Exakte Antworten 17 Text Antworten 0 Multiple Choice Antworten
Fenster schliessen

What is a picture, how is it displayed and what allows us to exploit it?

Lizenzierung: Keine Angabe

A picture is:

  • Data for the computer
  • When interpreted correctly, the image is displayed
  • When interpreted wrongly, displays garbage / crashes
  • When interpreted wrongly in the right way, lets us hack a computer
Fenster schliessen

What is the difference between data and code?

There is no difference between data and code.

Fenster schliessen

Is possible to create an image which executes code? When is it a bug, when is it feature, and how can it be done?

It is possible to create an image which executes code:

  • If this is intentional, it's a feature
  • If this is not intentional, the picture is an exploit (exploiting a bug/vulnerability)

How:

  • M ake the orignal program (code) execute our (the attackers) own code (data) by writing into memory locations at runtime which influence where code is being read from.
Fenster schliessen

Name some vulnerability types.

Vulnerability types:

  • Memory corruption
  • Authentication
  • Authorization
  • Configuration error
  • Input validation
  • Logic error
  • Sensitive data protection
  • Session management
  • Encoding Error
  • Cryptographic Errors
  • Permission Problems
  • ...
Fenster schliessen

What is a memory corrution and when does it occur?

Memory corruption occours in a computer program when the contents of a memory location are unintentionally modified due to programming errors; this is termed violation memory safety. When the corrupted memoryn contents are used later in that program, it lead either to a program crash or th strange and bizarre program behavior.

Fenster schliessen

What is an exploit?

Simple definition of exploit:

  • to get value or use from (something)
  • to us (someone or something) in a way that helps you unfairly

Full definition of exploit

  • to make productive use of : utilize
    • <exploiting your talents><exploit your opponent's weakness>
  • to make use of meanly or unfairly for one's own advantage
    • <exploiting migrant farm workers>
Fenster schliessen

What is an exploit in relation to hacking?

  • to exploit (verb): To take advantage of a vulnerability so that the target system reacts in a manner other than which the designer intended.
  • the exploit (noun): the tool, set of instructions, or code that is used to take advantage of a vulnerability.
Fenster schliessen

Name 3 different types of exploits?

  • Local 
  • Server-side
  • Client-side
  • Remote