CHAPTER 4 :SYSTEM HACKING

Get Started. It's Free
or sign up with your email address
Rocket clouds
CHAPTER 4 :SYSTEM HACKING by Mind Map: CHAPTER 4 :SYSTEM HACKING

1. PASSWORD CRACKING TECHNIQUE

1.1. Rules of password

1.1.1. Passwords that use only numbers

1.1.2. Passwords that use only letters

1.1.3. Passwords that are all upper- or lowercase

1.1.4. Passwords that use proper names

1.1.5. Passwords that use dictionary words

1.1.6. Short passwords (fewer than eight characters)

1.1.7. Passwords that contain letters, special characters, and numbers: [email protected]

1.1.8. Passwords that contain only numbers: 23698217

1.1.9. Passwords that contain only special characters: &*#@!(%)

1.1.10. Passwords that contain letters and numbers: meetl23

1.1.11. Passwords that contain only letters: POTHMYDE

1.1.12. Passwords that contain only letters and special characters: [email protected]&ba

1.1.13. Passwords that contain only special characters and numbers: [email protected]$4

1.2. Types of password attacks

1.2.1. a. Passive online attacks

1.2.2. b. Active online attacks

1.2.3. c. Offline attacks

1.3. Manual password cracking

1.3.1. Default passwords

1.3.2. Default passwords

1.3.3. Guessing passwords

1.4. Attacks that can be used to gain password

1.4.1. a. Redirecting SMB Logon to attacker

1.4.2. b. SMB relay MITM

1.4.3. c. NetBIOS DOS attack

1.5. Password cracking attacks using tool such as Hydra

1.5.1. Bruteforcing with Hydra Kali Linux

2. Performs privilege escalation

2.1. Privilege escalation.

2.1.1. horizontal

2.1.1.1. peer users

2.1.2. vertical

2.1.2.1. higher privileges

2.2. Rootkits : A root kit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that is not otherwise allowed and often masks its existence or the existence of other software

2.2.1. Several types of rootkits such as:

2.2.1.1. Bootloader rootkit or bootkit

2.2.1.2. Memory rootkit

2.2.2. Rootkits countermeasures.

2.2.2.1. Never use the Internet as Administrator (or any privileged account), run anti-spyware to block suspicious installation activities, and avoid installing software from unknown sources.

2.2.2.2. Choose a rootkit detector and start scanning with it as part of your regularly scheduled security task list.

3. Perform system attack

3.1. Hiding files purpose and the techniques.

3.1.1. Reasons Behind Hiding Data  Personal, Private Data.  Sensitive Data.  Confidential Data, Trade Secrets.  To avoid Misuse of Data.  Unintentional damage to data, human error, accidental deletion.  Monetary, Blackmail Purposes.  Hide Traces of a crime.

3.1.1.1. Hiding Techniques to hide files  Attrib command

3.1.1.2. NTFS file streaming.

3.2. NTFS countermeasures.

3.3. Steganography technologies.

3.3.1. Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video

3.4. Buffer overflow attack.