How a cracker can run malicious code on the user’s computer.

How a cracker can run malicious code on the user’s computer.
Who is Participating?
Rich RumbleSecurity SamuraiCommented:
There are numerous vectors, phishing and malicious site's are popping up more and more, and using ActiveX controls, or image processing exploits for example a "cracker" may obtain information without having to do much at all except trick you into visiting their web-site
Phishers use URL spoofing, like the IDN spoofs (mozilla/firefox test)
or simple html "misdirection" <a href=>Http://<./a> If you make your website look like the site the user thinks they are going to you may trick them into giving you their bank account username password, for just about anything...

Then there was the M$ WMF image exploit, that affected all M$ OS's, even Vista (their most secure OS?)
I'm actually surprized that this one hasn't happened yet, erasing your HD through an activeX control in IE:

There are other ways, such as email attachments, or even preview pane (in outlook) execution (like the wmf images) exploits. Typically best practices will mitigate what a virus or malicious program can do:
However in the WMF case the code executes as SYSTEM, no matter what security group the user belongs to.

Not limited to "evil" hackers...
You could also be like sony, and assume (correctly) that 95% of windows users don't follow best practices, and run as admin for day to day activites, and as such, sony put a rootkit on a few cd's that tried to keep you from making unauthorized copies of those CD's. The rootkit did not work on anyother OS, but there was another rootkit that did sort of work on MAC's.

Then there are the old stand-by's, exloiting a poorly secured install of IIS, or a user having open ports and file shares...
mmm, this is a question that does not really have a short answer. It really depends on so many things, like the Operating system that the attacking machine is running, the hardware that the target machine is running (sometimes) and the additional applications that are installed.

The simplified answer is...

Remote code execution is possible due to bugs in software, the more software installed, the more possiblity of bugs existing and therefore the more chance of running code on a users machine. Code can also be run on a users machine by them simply excpeting a file and running it!

Simple precautions can be taken to reduce the chance of malicious code being run, but it is nearly never possible to make it impossible.

Can you be more specific about your question? Then I can be more specific with the answer. Are you concerned about your security? On a home machine, or a web server etc?

Usually this is accomplished by buffer overflow. Like expert-ad said, this is usually only doable in poorly written software. Basically, a program tries to put more information into the buffer than there is actual memory. The information that overflows ends up into the memory locations next to it, creating the intrusion method. From there, the attacker may use that buffer for just about anything, though its usually malicious code in the form of a backdoor or virus/spyware.

Buffer overflows may cause a process to crash or produce incorrect results. They can be triggered by inputs specifically designed to execute malicious code or to make the program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form the basis of many exploits. Sufficient bounds checking by either the programmer or the compiler can prevent buffer overflows.

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Keith AlabasterEnterprise ArchitectCommented:
Dvation gives a good account here.

Open up a few different file systems and make them available to anyone unsecured (eg the microsoft way). Advertise as desired. Don't use a firewall or update any product, and ensure you've loaded up, stocked up well on microsoft products.

Sit back, wait and watch, and welcome the crackers who'll compete with each other for your system
er, we cannot go and teach you how to be a cracker yourself, not at any price (or amount of points)
Take a look at and click on "Vulnerabilities". You can see a lot of ways crackers/hackers/etc can get into a system.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.