Content deleted Content added
MartinSpamer (talk | contribs) mNo edit summary |
Guninvalid (talk | contribs) m Reverted 1 edit by 103.143.243.26 (talk) to last revision by Mindmatrix |
||
| (48 intermediate revisions by 35 users not shown) | |||
Line 1:
{{WikiProject banner shell|class=Start|
{{WikiProject Computing|importance=mid|security=yes|security-importance=Top}}
}}
== Extend privileges ==
An exploit may or may not 'extend privileges'. It could cicumvent access control, or entend it to
:there are always such misfeatures, bugs, holes, whatever you wanna call 'em. It's best not to distinguish but imagine software itself as swiss cheese that one grabs onto by fumbling fingers in the dark, some of which give access to the center and let you grab the whole cheese, take it out of the dark, adn eat it. --[[Special:Contributions/142.177.104.164|142.177.104.164]] 18:10, 27 January 2003 (UTC)
This is supposed to be an encyclopedia, its whole premises is centered on completeness and accuracy. --[[:User:MartinSpamer|MartinSpamer]] 17:21, 2 February 2003 (UTC)
== This is not computer science ==
The term "exploit" as defined here is not a [[computer science]] term. It is a term from computer security operations. I propose that this article be moved to ''[[Exploit (computer security)]]''. Any objections? --[[User:Fubar Obfusco|FOo]] 14:29, 18 August 2004 (UTC)
:Well, nobody objected in a few months, so moved it is. --[[User:Fubar Obfusco|FOo]] 04:24, 4 February 2005 (UTC)
== Numerious problems ==
I really feel that this article could be brought up to the level of wikipedia's other computer related articles, but as I am not a hacker or person skilled in computer security, I do not feel comfortable attempting to do this myself. A number of problems that concerned me about this article follow. I have restrained myself to improving the initial definition to be a bit more broad and complete.
The first problem is the distinction between a remote and local exploit. While these are terms that should be discussed, as they are in common usage, not all exploits will fall into one of these two catagories and is therefore not a universal classification.
I feel that a more general description of an exploit should include that an exploit is something that "exploits" a programming bug, setup bug, or abuses a feature. Does anyone have any comments on this? Immediately talking about common types of exploits misses that these are all types of bugs, and that exploit finding is really a subset of bug finding.
It's pedantic of me to point this out, but the term super-user is unix/linux/bsd/*nix specific. Going back to my broader definition, I would like to use a hypothetical example. Many (all?) elevators in the United States have telephones in them for communication with the elevator's users durring an emergency. An unintended or incidental behavor exists however, in that in some elevators it is possible, given the correct phone number, to call the phone inside the elevator and listen to people inside. I would consider this an unintended use of an elevator feature, and therefore an exploit. This does not include getting extra access to a computer, any of the vulnerablity types mentioned, and appears to be outside the current stated scope of the article. Would this be considered an exploit?
I really think that this article could be brought up to the level of one of wikipedia's computer science articles, include broad examples, and include a holistic aproach to viewing exploits as a subset of bug finding.
Lastly, return to libc is not an attack, it is a technique used when control of a return address on the stack has been obtained. Please correct me if I am wrong about this.
-- Unfortunetly not anonymous user, November 7, 2006
=== Comments on numerous problems ===
The typical problem with any computer/information security discussion on wikipedia is nobody agrees on (and fewer people have a correct understanding of the nomenclature). This article confuses exploits, vulnerabilities and threats. I'd suggest dropping all the unsourced statements and start again. <small>—Preceding [[Wikipedia:Signatures|unsigned]] comment added by [[Special:Contributions/142.46.212.114|142.46.212.114]] ([[User talk:142.46.212.114|talk]]) 19:55, 23 October 2007 (UTC)</small><!-- Template:UnsignedIP --> <!--Autosigned by SineBot-->
== Requested move 25 March 2018 ==
<div class="boilerplate" style="background-color: #efe; margin: 2em 0 0 0; padding: 0 10px 0 10px; border: 1px dotted #aaa;"><!-- Template:RM top -->
:''The following is a closed discussion of a [[WP:requested moves|requested move]]. <span style="color:red">'''Please do not modify it.'''</span> Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a [[Wikipedia:move review|move review]]. No further edits should be made to this section. ''
The result of the move request was: '''consensus not to move''' the pages at this time, per the discussion below. [[User:Dekimasu|Dekimasu]]<small>[[User talk:Dekimasu|よ!]]</small> 18:33, 31 March 2018 (UTC)
----
* [[:Exploit (computer security)]] → {{no redirect|Exploit}}
* [[:Exploit]] → {{no redirect|Exploit (disambiguation)}}
– This article makes sense as the [[WP:PRIMARYTOPIC]]. It gets 290 views daily with the video game article only getting 33 views daily, and while [[Exploitation of natural resources]] gets a lot of views, nobody would type in "Exploit" to look up that article, they would more likely type [[Exploitation]]. As the clear winner in terms of pageviews and precedence for the term "Exploit", it should be primary. <!-- [[User:DoNotArchiveUntil]] 12:54, 8 April 2018 (UTC) -->{{User:ClueBot III/DoNotArchiveUntil|1523192042}} <sub><small>[[User:Zxcvbnm|ZXCVBNM]] ([[User Talk:Zxcvbnm|TALK]])</small></sub> 12:54, 25 March 2018 (UTC)
* '''Oppose''' Per [[WP:PTOPIC]]: "no single criterion for defining a primary topic, two major aspects that are commonly considered are [usage] and [long-term significance]"..."''consensus'' may be useful in determining which topic, if any, is the primary topic." My input is it remain how it is, the term "exploit" has been used to describe labor and resources far longer than video games and computers. Also note PTOPIC's mention of [[Apple]] vs Apple Inc. Internet clicks is irrelevant, it doesn't give the whole picture. Having the disambiguation as the primary is a fair compromise already. [[User:DA1|DA1]] ([[User talk:DA1|talk]]) 17:09, 25 March 2018 (UTC)
**You are talking about the word "exploitation". "Exploit" on its own is not used to describe labor and resources, hence why it's called "labor exploitation" and not "labor exploits". There is a difference, which is why this should point to the subject that uses "Exploit". A hatnote can clear up any confusion.<sub><small>[[User:Zxcvbnm|ZXCVBNM]] ([[User Talk:Zxcvbnm|TALK]])</small></sub> 20:25, 25 March 2018 (UTC)
*'''Oppose''' exploit is a common noun, and verb. This obscure computer security use would be [[WP:ASTONISH]]ing. So far from a [[WP:PT]] surprised to see an RM [[User:In ictu oculi|In ictu oculi]] ([[User talk:In ictu oculi|talk]]) 08:36, 26 March 2018 (UTC)
*'''Oppose''' – does ''not'' make sense as primarytopic. [[User:Dicklyon|Dicklyon]] ([[User talk:Dicklyon|talk]]) 02:52, 27 March 2018 (UTC)
*'''Oppose'''. Oh please! Clearly no primary topic for this common English word. -- [[User:Necrothesp|Necrothesp]] ([[User talk:Necrothesp|talk]]) 13:31, 28 March 2018 (UTC)
----
:''The above discussion is preserved as an archive of a [[Wikipedia:Requested moves|requested move]]. <span style="color:red">'''Please do not modify it.'''</span> Subsequent comments should be made in a new section on this talk page or in a [[Wikipedia:Move review|move review]]. No further edits should be made to this section.''</div><!-- Template:RM bottom -->
== Pivoting is a follow-on to an exploit ==
It seems that pivoting is not an exploit by itself, but a technique used as a follow-on to an exploit. It doesn't really fit with the article. If it did, then all the follow-on things because of the exploit's success would fit also. Check out the section itself: the VPN application enabling the pivoting is a ''payload'' of an exploit. That's the only mention of the word "exploit" in this section.
So,
# Move to [[Pivoting]]
# Fix the disambiguation page [[Pivoting]] too --[[User:Tikmok|Tikmok]] ([[User talk:Tikmok|talk]]) 12:21, 13 August 2024 (UTC)
| |||