Exploitation basics in Cybersecurity - Time & Space Complexity

When studying exploitation basics, it is important to understand how the time needed to find and use a vulnerability grows as the target system or input size increases.

We want to know how the effort changes when the system or data gets bigger or more complex.

Analyze the time complexity of the following simplified exploitation process.

for input in input_list:
    if input triggers vulnerability:
        exploit(input)
        break
    else:
        continue
    

This code tries inputs one by one to find one that triggers a vulnerability and then exploits it immediately.

Identify the loops, recursion, array traversals that repeat.

• Primary operation: Checking each input to see if it triggers the vulnerability.
• How many times: Up to all inputs in the list, until a vulnerable input is found.

As the number of inputs grows, the time to find a vulnerable input grows roughly in direct proportion.

Input Size (n)	Approx. Operations
10	Up to 10 checks
100	Up to 100 checks
1000	Up to 1000 checks

Pattern observation: The effort grows steadily as the input list grows, roughly one check per input.

Time Complexity: O(n)

This means the time to find and exploit a vulnerability grows linearly with the number of inputs tested.

[X] Wrong: "The exploit will always be found quickly regardless of input size."

[OK] Correct: Sometimes the vulnerable input is near the end or not present, so time grows with how many inputs are checked.

Understanding how effort grows with input size helps you explain how attackers might spend more time testing many inputs before success, showing your grasp of practical exploitation challenges.

"What if the code tried multiple exploits per input instead of stopping at the first success? How would the time complexity change?"