system hacking
types of password attacks
non-electronice attacks
active online attacks
passive online attacks
offline attack
====================
active online attacks
trojan/spyware/keylogger/usb drive
dictionary
brute forcing
rule based attack
Hash injection attack
===========================
default passwords
switches routers hubs
online tools to search default passwords
====================
passive online attack: wire sniffing
attackers run packet sniffer tools
MITM and replay attack
=====================
offline attack:
rainbow table attack === rtgen and winrtgen
compare the hashes
easy to recover
offline attack: distrubuted network attack
elcomsoft : distrubuted password recovery
microsoft authentication
SAM
NTLM authentication == NTLM auth process
LM authentication
kerbros authentication
how hash passwords are stored in windows
SAM
C:\windows\sysytem32\config\sam
password salting
pwdump7 and fgdump
password cracking tools
L0phtcrack
ophcrack
cain and abel
rainbow crack
john the ripper
windows password cracker
========================
types of privilege escalation
veritical
horizontal
DLL hijacking
==================
defend against privilege escalation
=================================
restrict the interactive logon privilege
use encryption
run users and applications on the least
privileges
implemention multi factor authentication and
authorization
debugging
patch the system
===============================
executing applications
owing the system
gain unauthorized access == system resources
crack the password
capture the screenshots
install backdoor
key loggers
backdoors
spyware
crackers
==============================
executing applications
remote exec == remotely install applications
scripts, execute programs
modify registry, change, local admin passwords
disable local accounts
copy/update/del the files and folders
=======================
PDQ deploy==
is a software depyment tool that allows
admin to silently install almost any application
or patch
remote appl== dameware
===========================
keyloggers
hardware and software key loggers
hardware key loggers
1.keystorke loggers
2.pc/bios
3.keyboard
4.external
external
1. ps/2
2.
acoustic/cam
bluetooth
wifi
====================
software
1. application
2.kernel
3.hypervisor
4.grabbing based
===============================
========================
spyware == hidden application===its like
throjan
======================
spytech spyagent
usbspy
audiospy == voice recoder and sound recorder
========================
defend
1.popup blocker
2.install anti spyware,antivirus
3.install firewall software and anti keylogger
software
4.recognize phishing emails and delete them
5.change password frequently
6.avoiding opening junk emails
7.dnt click on doudful mail. and sites
8.key stroke interference software
9.scan the files before installing the files
10.use windows on screen keyboard
11. install host based IDS
12.virtual keyborad
13. anti key logger : zemana anti logger
14. check task manager
15. outbond firewall
16.update antivirus definatins
17..super antispyware
18.dnt open public sites
dnt use pop-up blocker
========================
hidding files
rootkits
wrapping it in special package like games
launching zero day atack
types of rootkits
hypervisor level rootkit
hardware/firmware rootkit
kernel level
boot loader level
application level
library level
rootkit == avatar,necurs,azazel,zero access
=======================================
=======================
detecting rootkits
RUN DIR /S/B/AH
DIR /S/B/A-H
BOOT INTO CLEAN
DIR /S /B /AH
DIR /S /B /AH
DIR /S /B/A-H
WINDIFF
check kernal memory dump
=================
ntfs data stream
file integrity checker
stream armor -- applicaion
=====================
steganography
image == quick stego
bit insterion
white space
document,video,audio,deepsoundfolder
spam email
masking and filtering
algorithms and tranformation
==============================
clearing track
non-electronice attacks
active online attacks
passive online attacks
offline attack
====================
active online attacks
trojan/spyware/keylogger/usb drive
dictionary
brute forcing
rule based attack
Hash injection attack
===========================
default passwords
switches routers hubs
online tools to search default passwords
====================
passive online attack: wire sniffing
attackers run packet sniffer tools
MITM and replay attack
=====================
offline attack:
rainbow table attack === rtgen and winrtgen
compare the hashes
easy to recover
offline attack: distrubuted network attack
elcomsoft : distrubuted password recovery
microsoft authentication
SAM
NTLM authentication == NTLM auth process
LM authentication
kerbros authentication
how hash passwords are stored in windows
SAM
C:\windows\sysytem32\config\sam
password salting
pwdump7 and fgdump
password cracking tools
L0phtcrack
ophcrack
cain and abel
rainbow crack
john the ripper
windows password cracker
========================
types of privilege escalation
veritical
horizontal
DLL hijacking
==================
defend against privilege escalation
=================================
restrict the interactive logon privilege
use encryption
run users and applications on the least
privileges
implemention multi factor authentication and
authorization
debugging
patch the system
===============================
executing applications
owing the system
gain unauthorized access == system resources
crack the password
capture the screenshots
install backdoor
key loggers
backdoors
spyware
crackers
==============================
executing applications
remote exec == remotely install applications
scripts, execute programs
modify registry, change, local admin passwords
disable local accounts
copy/update/del the files and folders
=======================
PDQ deploy==
is a software depyment tool that allows
admin to silently install almost any application
or patch
remote appl== dameware
===========================
keyloggers
hardware and software key loggers
hardware key loggers
1.keystorke loggers
2.pc/bios
3.keyboard
4.external
external
1. ps/2
2.
acoustic/cam
bluetooth
wifi
====================
software
1. application
2.kernel
3.hypervisor
4.grabbing based
===============================
========================
spyware == hidden application===its like
throjan
======================
spytech spyagent
usbspy
audiospy == voice recoder and sound recorder
========================
defend
1.popup blocker
2.install anti spyware,antivirus
3.install firewall software and anti keylogger
software
4.recognize phishing emails and delete them
5.change password frequently
6.avoiding opening junk emails
7.dnt click on doudful mail. and sites
8.key stroke interference software
9.scan the files before installing the files
10.use windows on screen keyboard
11. install host based IDS
12.virtual keyborad
13. anti key logger : zemana anti logger
14. check task manager
15. outbond firewall
16.update antivirus definatins
17..super antispyware
18.dnt open public sites
dnt use pop-up blocker
========================
hidding files
rootkits
wrapping it in special package like games
launching zero day atack
types of rootkits
hypervisor level rootkit
hardware/firmware rootkit
kernel level
boot loader level
application level
library level
rootkit == avatar,necurs,azazel,zero access
=======================================
=======================
detecting rootkits
RUN DIR /S/B/AH
DIR /S/B/A-H
BOOT INTO CLEAN
DIR /S /B /AH
DIR /S /B /AH
DIR /S /B/A-H
WINDIFF
check kernal memory dump
=================
ntfs data stream
file integrity checker
stream armor -- applicaion
=====================
steganography
image == quick stego
bit insterion
white space
document,video,audio,deepsoundfolder
spam email
masking and filtering
algorithms and tranformation
==============================
clearing track
Comments
Post a Comment