Since no one has really given you a technical hacking response yet, [here is one example of a vulnerability that can be found called a stack overflow error. ](https://www.rapid7.com/blog/post/2019/02/19/stack-based-buffer-overflow-attacks-what-you-need-to-know/) The linked article goes into the actual depth required to understand this type of vulnerability and how to exploit it so I recommend reading it, but I’ll do my best to give you a *very* high-level explanation.

For computer programs to work, they need to allocate chunks of memory in the computer to store variables. The code that allocates this memory can do so in a bunch of different ways. For example, in the C coding language, you can call a function named “malloc” or “realloc” to get some chunk of memory. The “malloc” or “memory allocation” method in C is used to dynamically allocate a single large block of memory with a specified size. When you call that function, the function returns a “pointer”, which is a variable that essentially tells you where in the overall memory your little chunk lives.

Here’s the thing though (and this is where my explanation becomes so high level it’s essentially incorrect), once I know where a chunk of memory exists, I can kind of figure out a way to make the computer program read memory outside of that chunk. Say a program allocated blocks 40-45 of a 100 block stack. If I can put some variables in to blocks 50-60 and get that program to use those blocks of memory instead, I can tell the computer to do something entirely different. For example, maybe block 45 pointed to a function the computer was supposed to execute. If I have it point to block fifty, I can have it point to a different function to run. How do you figure out what to do to get it to point to block 50? There are a lot of different ways and the example I linked above explains some of those ways.

Again, I’m oversimplifying here, but this is the gist. I did this in grad school and had the new program be a rootkit, which is essentially a program that installs itself into the operating system and then hides itself so that it can look at different files without being seen.

This at least used to be a more common vulnerability, but it’s only one type of vulnerability among many. As others have mentioned, most are actually social hacks. For countless examples of this, look up Rachel Tobac of SocialProof Security on YouTube and elsewhere. I grew up with her and her husband (who is a more technical security researcher) and she has a bunch of good examples on this front.