An exploit is the specific code, technique, or sequence of steps that takes advantage of a vulnerability to cause unintended behaviour in a target system. A vulnerability is the weakness; an exploit is the means of using that weakness to gain access, escalate privilege, leak data, or disrupt service.
Types of exploit
Remote exploits work across a network without prior access (an unauthenticated remote code execution on a public-facing web service is the classic example).
Local exploits require some form of prior access, typically a low-privileged shell, and aim to escalate to administrator or root.
Client-side exploits target the software users run on their own machines (browsers, document viewers, email clients) and depend on the victim being lured into opening a file or visiting a page.
Physical and side-channel exploits require proximity or specialised equipment and target hardware behaviour such as electromagnetic emanations or timing variations.
Public versus private exploits
Public exploits are published as proof-of-concept code, often in research write-ups or in the Exploit-DB database, and are quickly integrated into frameworks such as Metasploit. Private exploits are held back, traded in commercial brokers, or used in targeted attacks. A “zero-day” is an exploit that works against a vulnerability not yet known to the vendor; the disclosure clock starts only when the vendor learns of the issue.
Exploit lifecycle
From the defender’s view, an exploit moves through discovery (private), disclosure (to the vendor), patch availability, public release, mass exploitation, and eventual decay as systems are patched. The window between public release and widespread patching is the highest-risk period; effective vulnerability management is built around shortening that window.
Defences
Patch quickly for known issues. Reduce attack surface so that unpatched components are not reachable from untrusted networks. Use exploit-mitigation features (ASLR, DEP, control-flow integrity, sandboxing) so that exploitation is harder even where vulnerabilities exist. Monitor for indicators of exploitation through endpoint detection and well-tuned logging.
Related terms
See also: vulnerability, Metasploit, and penetration testing.
Leave a Reply