So-- I understand the 10,000 foot view of how exploits work. Someone discovers a vulnerability, and then someone attempts to create an exploit which subverts normal security via the said vulnerability. This usually done by making some pointer in the code point to another location where it shouldn't be pointing to (jmp's, buffer overflows, etc) ... namely evil code and then it gets executed and viola, instant magic.
But seriously... how does one get from point A to point B? A one Joshua Drake painstakingly blogs about researching a specific vulnerability (regarding DNS resolution) and trying to figure out how to exploit it. Now I am going to readily admit this is way over my head; machine language and debugging was never my thing. However you have to admire these guys who spend countless hours writing and testing and perfecting code (and sometimes with no luck) so others can use it for penetration testing.
This article made me think a few things: The first being how I have such a long way to go in the world of computer security, two how maybe its a good thing not all vulnerabilities are exploitable (as if baddies and researchers do not have fodder), and three wow I have such a long way to go....
So the next time you whip out metasploit and think how bad-ass you are... think about all the work involved in that exploit you are using, and begin to appreciate all the work that goes into such a product. It's a humbling experience.
So here's to you, vulnerability researcher -- I hope I never piss one of you off :)
BTW- you can still participate in Metasploit's Exploit Bounty until July 20th
No comments:
Post a Comment