In security, there are many terms used such as Exploit, Vulnerability, PWN, SSH, XSS, Inject …
Today I want to explain the concept of Exploit and Vulnerability.
Many people think they are the same, let us explain each of them and how they differ in this article.
What is a vulnerability?
The concept of vulnerability is very simple and not so complicated. It is just a bug or unexpected reaction in a system, site or device. We can call it a technical fault. Simply, you can consider the vulnerability as a programming error.
Simply, you can consider the vulnerability as a programming error.
For example, You open the calculator in Windows and enter for 5 + 5, you expect that the result will be 10, suddenly, 15 appers .
In this case, the program contains a fault, this is called vulnerability.
Let me tell you a simple example of vulnerability. Have you ever tried to log in to a site and asked you to register? Then you register everything correctly, then click the “Register” button and show you a program error such as Warning (): Mysql error! , this is also a vulnerability.
What is an exploit?
Exploit simply is build after studying and analyzing the vulnerability, so it can be used for a specific goal, and perhaps many hackers go directly to the concept of Exploit without understanding the vulnerability, which means exploitation of the error without knowing the causes.
It is a series of processes that require the first to accomplish the second. You can not reach the gap, the way it is exploited, the way it works, and its experience without passing through the threat factor (vulnerability), for this reason, the software error appeared for a certain reason. The vulnerability emerged as a result of a software error. To deepen our understanding of this error, we have to do several experiments, and several attempts to get to the way of exploiting this error or detecting and correcting it, exploiting the vulnerability in order to reach Exploit.