0x300

EXPLOITATION

Program exploitation is a staple of hacking. As demon-

strated in the previous chapter, a program is made up

of a complex set of rules following a certain execution

flow that ultimately tells the computer what to do.

Exploiting a program is simply a clever way of getting

the computer to do what you want it to do, even if the

currently running program was designed to prevent that action. Since a

program can really only do what it’s designed to do, the security holes are

actually flaws or oversights in the design of the program or the environment

the program is running in. It takes a creative mind to find these holes and

to write programs that compensate for them. Sometimes these holes are

the products of relatively obvious programmer errors, but there are some

less obvious errors that have given birth to more complex exploit techniques

that can be applied in many different places.