Software Exploitation

The term software exploitation refers to attacks launched against applications and higher-level services. They include gaining access to data using weaknesses in the data access objects of a database or a flaw in a service. This section briefly outlines some common exploitations that have been successful in the past. The following exploitations can be introduced using viruses, as in the case of the Klez32 virus, or by using access attacks described earlier in this chapter:

Database Exploitation Many database products allow very sophisticated access queries to be made in the client/server environment. If a client session can be hijacked or spoofed, the attacker can formulate queries against the database that disclose unauthorized information. For this attack to be successful, the attacker must first gain access to the environment through one of the attacks outlined previously.

Application Exploitation The Macro virus is another example of software exploitation. The Macro virus is a set of programming instructions in languages, such as VBscript, that command an application to perform illicit instructions. Users want more powerful tools, and manufacturers want to sell them what they want. The Macro virus takes advantage of the power offered by word processors, spreadsheets, or any other applications. This exploitation is inherent in the product, and all users are susceptible to it.

Email Exploitation Hardly a day goes by without another e-mail virus being reported. This is a result of a weakness in many common e-mail clients. Modern e-mail clients offer a great deal of shortcuts, lists, and other capabilities to meet user demands. A popular exploitation of e-mail clients involves accessing the client address book and propagating viruses. There is virtually nothing a client user can do about these exploitations; the software manufacturer must fix the weaknesses. This type of weakness is not actually a bug in many cases, but a feature that users wanted.