the system. More accu rately defined, an exploit is a way to bypass a security flaw
or circumvent security controls. This process can take many different forms but
for the purpose of this book, the end goal always remains the same:
administrative-level access to the computer. In many ways, exploitation is an
attempt to turn the target machine into a puppet that will execute your com-
mands and do your bidding. Just to be clear, exploitation is the process of
launching an exploit. An exploit is the realization, actualization, or weaponiza-
tion of vulnerability. Exploits are issues or bugs in the software code that give
a hacker or attacker the ability to launch or execute a payload against the target
system. A payload is a way to turn the target machine into a puppet and force it to
do our will. Payloads can alter the original functionality of the software and allow
us to do any number of things like install new software, disable running services,
add new users, open backdoors to the compromised system, and much more.
Of all the steps we cover, exploitation is probably the step in which aspiring
hackers are most interested in. It certainly gets a lot of attention because this
phase involves many of the traditional activities that people associate with
“hacking” and penetration testing. There are volumes of books that are dedi-
cated to the process of exploitation. Unfortunately, there are also volumes of
misinformation regarding step 3. Stories from Hollywood and ur ban legends of
famed hacker exploits have tainted the mind of many newcomers. However, this
does not mean that exploitation is any less exciting or exhilarating. On the
contrary, exploitation is still my favorite step , even if there is a little less “shock
and awe” than portrayed in a typical hacker movie. But when completed
successfully, exploitation rema ins simply breathtaking.
Of all the steps we discuss, exploitation is probably the broadest. The wide range
of activities, tools, and options for completing this process often leads to con-
fusion and chaos. When initially attempting to learn penetration testing and
hacking, the lack of order and structure can create frustration and failure. It is not
uncommon for a novice to read about a new tool, or listen to a speaker talk
about some advanced technique that can be used to gain access to a system, and
want to jump directly to step 3 (exploitation). However, it is important to
remember that penetration testing is more than just exploitation. Fortunately by
following the process identified in this book or by any other solid penetration
testing methodology, you can alleviate many of these issues.
Because this book focuses on the basics, and as a final warning, it is critical to stress
the importance of completing steps 1 and 2 prior to conducting exploitation. It can
be tempting to bypass reconnaissance and scanning and jump directly to
Chapter4. That is ok for now, but if you are ever going to advance your skills beyond
the script kiddie level, you will need to master the other steps as well. The failure to
do so will not only severely limit your ability to mature as a penetration tester but
will also eventually stunt your growth as an exploitation expert. Reconnaissance
and scanning will help to bring order and direction to exploitation.
Ok. Now that the speech is over, let us put away the soapbox and get to the
business at hand: exp loitation. As mentioned earlier, exploitation is one of the
The Basics of Hacking and Penetration Testing
80