CISC 7050 Lecture Notes - Lecture 6: Arbitrary Code Execution, Privilege Escalation, Machine Code

Exploit: exploit: piece of code/data/technique that takes advance of weakness/vulnerability in. Os/app: creates unintentional effect different to original purpose of function, exploit-db. com is a repo of exploits, trying to achieve arbitrary code execution. Exploitation risks: exploitation is dangerous & can have severe & permanent impact to system even if careful, danger zone: crashing system/service, making system unstable, & becoming privy to sensitive data. Vulnerability/exploit types: arbitrary code execution is most serious exploit & essentially exposes shell to. Internet: privilege escalation often leads to root privilege, total info leakage, & total control fo server processes, dos causes app/server to run slowly/crash. Zero days exploits: zero day vulnerabilities: unpublished vulnerabilities for systems/hardware. Assembly language: assembly language: low-level programming language for computer/other programmable device specific to particular computer architecture in contrast to most high-level programming languages, which are generally portable across multiple systems.