Get Started. It's Free
or sign up with your email address
Rocket clouds

1. Attacks that can be used to gain password

1.1. redirecting SMB logon to attacker

1.1.1. Eavesdropping on LM responses becomes much easier if the attacker can trick the victim to attempt Windows authentication of the attacker's choice.

1.1.2. Basic trick is to send an email message to the victim with an embedded hyperlink to a fraudulent SMB server.

1.2. SMB relay MITM

1.2.1. attack that involves intercepting SMB traffic and relaying the NTLM authentication handshakes to a target host.

1.3. NETBIOS DOS attack

1.3.1. This attack could pose a moderate security threat. It does not require immediate action.

2. Types of Privilige Escalation

2.1. Horizontal

2.1.1. escalation requires the attacker to use the same level of privileges he already has been granted, but assume the identity of another user with similar privileges.

2.1.2. For example, someone gaining access to another person's online banking account would constitute horizontal privilege escalation.

2.2. vertical

2.2.1. escalation requires the attacker to grant himself higher privileges

2.2.2. This is typically achieved by performing kernel-level operations that allow the attacker to run unauthorized code.

3. How to countermeasure rootkit

3.1. Protect those machines

3.2. If you have been infected, the first thing you should do is shut that machine off! Then, remove the drive

4. Buffer overflow attack

4.1. what ?

4.1.1. occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold

4.2. can occur inadvertently, but it can also be caused by a malicious actor sending carefully crafted input to a program that then attempts to store the input in a buffer that isn't large enough for that input