0x300
EXPLOITATION
Program exploitation is a staple of hacking. As demon-
strated in the previous chapter, a program is made up
of a complex set of rules following a certain execution
flow that ultimately tells the computer what to do.
Exploiting a program is simply a clever way of getting
the computer to do what you want it to do, even if the
currently running program was designed to prevent that action. Since a
program can really only do what it’s designed to do, the security holes are
actually flaws or oversights in the design of the program or the environment
the program is running in. It takes a creative mind to find these holes and
to write programs that compensate for them. Sometimes these holes are
the products of relatively obvious programmer errors, but there are some
less obvious errors that have given birth to more complex exploit techniques
that can be applied in many different places.