You may be thinking that exploits requiring authentication are also
bad. They are bad, but in a different way. If someone has to present
credentials, meaning they are authenticated, in order to exploit a
vulnerability, it means one of two things: either an insider attack or
compromised credentials. An insider attach is a different situation
because if you can already authenticate and you want to cause a
problem, you probably don’t need to use a vulnerability. If you
instead have compromised credentials, this should be addressed in
other ways as well. If I can get access to your system without any
authentication, though, that’s really bad because it means anyone
can do it.
Network devices like switches and routers are also prone to vulnerabilities. If one of
these devices were to be compromised, it could be devastating to the availability or
even confidentiality of the network. Someone who has access to a switch or a router
can potentially redirect traffic to devices that shouldn’t otherwise have it. Kali comes
with tools that can be used to test for vulnerabilities on network devices. As Cisco is a
prominent vendor, it’s not surprising that a majority of tools focused on vulnerabili‐
ties in network devices are focused on Cisco.
Vulnerability Types
The
Open Web Application Security Project (OWASP)
maintains a list of common
vulnerability categories. Each year, OWASP issues a list of top 10 application security
risks. Software is released and updated each year, and every piece of software has bugs
in it. When it comes to security-related bugs that create vulnerabilities, some com‐
mon ones should be considered. Before we get into how to search for these vulnera‐
bilities, you should understand a little bit about what each of these vulnerabilities is.
Buffer Overflow
Buffer overflow
is a common vulnerability and has been for decades. Although some
languages perform a lot of checking on the data being entered into the program as
well as data that is being passed around in the program, not all languages do that. It is
sometimes up to the language and how it creates the executable to perform these
sorts of checks. However, some languages perform no such checks. Checking data
automatically creates overhead, and not all languages want to force that sort of over‐
head on programmers and programs.
A buffer overflow takes advantage of the way data is structured in memory. Each pro‐
gram gets a chunk of memory. Some of that memory is allocated for the code, and
some is allocated for the data the code is meant to act on. Part of that memory is a
data structure called a
stack
. Think about going through a cafeteria line or even a buf‐
fet. The plates or trays are in a stack. Someone coming through pulls from the top of
