PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2005


TECHKNOWLEDGE Exploit frameworks are the machine guns of automated attacks. Don't get caught on the wrong end of the barrel. The time between discovery of a vulnerability and the appearance of its exploit in the wild is shrinking from months to weeks to days. Soon, it could be a matter of hours. The reason: frameworks that make exploits alarmingly easy to create and launch. Sploits, street lingo for exploits, were once painstakingly difficult to create. Attackers would have to manually craft their scripts to exploit a buffer-overflow vulnerability or format-string flaw, manipulate a machine's memory locations, load their machine language code, and calculate the offsets needed to make the target box execute the code. It was a tedious process that gave software vendors the time to develop patches and workarounds, and enterprises the time to apply fixes. Sloppy coding often produced bug-ridden sploits that were unable to take full advantage of their target's vulnerability. No more. High-quality sploits are much easier to create ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue