SYSTEM HACKING

Get Started. It's Free
or sign up with your email address
SYSTEM HACKING by Mind Map: SYSTEM HACKING

1. MANUAL PASSWORD CRACKING

1.1. a. Default passwords Set by the manufacturer when the device or system is built. They are documented and provided to the final consumer of the product and are intended to be changed. However, not all users or businesses get around to taking this step, and hence they leave themselves vulnerable.

1.2. b. Guessing passwords Simply put, an attacker may target a system by doing the following: 1. Locate a valid user. 2. Determine a list of potential passwords. 3. Rank possible passwords from least to most likely. 4. Try passwords until access is gained or the options are exhausted. This process can be automated through the use of scripts created by the attacker, but it still qualifies as a manual attack.

2. PASSWORD CRACKING COUNTERMEASURES

2.1. The first best counter measure against password cracking is using strong password.

2.2. Possible strong password should be implemented to protect you against password cracking.

2.3. Password must be at least 8-12 characters long and should be made of uppercase, lowercase, alphabets as well as numerals and special characters.

2.4. Network administrator should encourage users to change their passwords at regular intervals and ask them to never leave their consoles or desktop unlocked since they can invite troubles like key loggers, spy wares, Trojans and sniffers.

3. PERFORMS PRIVILEGE ESCALATION

3.1. Privilege Escalation

3.1.1. One of the tactics that hackers use to gain unauthorized access to a network is known as privilege escalation.

3.1.2. There are two common types of privilege escalation- horizontal and vertical.

4. PASSWORD CRACKING ATTACKS USING TOOL SUCH AS HYDRA

5. RULES OF PASSWORD

5.1. A password is designed to be something an individual can remember easily but at the same time not something that can be easily guessed or broken.

5.2. Some examples of passwords that lend themselves to cracking: ■ Passwords that use only numbers ■ Passwords that use only letters ■ Passwords that are all upper- or lowercase ■ Passwords that use proper names ■ Passwords that use dictionary words ■ Short passwords (fewer than eight characters)

5.3. The rules for creating a strong password are a good line of defense against the attacks we will explore. Avoid the following: ■ Passwords that contain letters, special characters, and numbers: stud@52 ■ Passwords that contain only numbers: 23698217 ■ Passwords that contain only special characters: &*#@!(%) ■ Passwords that contain letters and numbers: meetl23 ■ Passwords that contain only letters: POTHMYDE ■ Passwords that contain only letters and special characters: rex@&ba ■ Passwords that contain only special characters and numbers: 123@$4

6. TYPES OF PASSWORD ATTACKS

6.1. a.Passive online attacks A passive online attack, the attacker tends to be not engaged or less engaged than they would be during other kinds of attacks.

6.2. b.Active online attacks These attacks use a more aggressive form of penetration that is designed to recover passwords. Examples: Using password guessing, Trojans, Spyware, Hash Injection and Keyloggers

6.3. c. Offline attacks Offline attacks represent yet another form of attack that is very effective and difficult to detect in many cases.

7. ATTACKS THAT CAN BE USED TO GAIN PASSWORD

7.1. a.Redirecting SMB Logon to attacker

7.1.1. SMB stands for Server Message Block, and is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.The vulnerability is that in the case of SMB, these things are done over the network. SMB has been seen used over TCP/IP, NetBEUI and IPX/SPX, NetBIOS etc.The SMB model defines two levels of security: Primarily protection is applied at the share level on a server. Each share can have a password, and a client only needs that password to access all files under that share. This was the first security model that SMB had. The second security level is at the user level. Protection is applied to individual files in each share and is based on user access rights.

7.2. b.SMB relay MITM

7.2.1. SMB stands for Server Message Block, and is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers. SMB is a client server, request-response protocol.The SMB model defines two levels of security: Primarily protection is applied at the share level on a server. Each share can have a password, and a client only needs that password to access all files under that share. This was the first security model that SMB had. The second security level is at the user level. Protection is applied to individual files in each share and is based on user access rights.

7.3. c.NetBIOS DOS attack

7.3.1. NetBIOS is "short for Network Basic Input Output System, an application programming interface (API) that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all LANs for PCs are based on the NetBIOS. NetBIOS relies on a message format called Server Message Block (SMB)."NetBIOS is primarily used for file and printer sharing within Microsoft Windows networks. It can reveal system names and workgroup names within your network, and if you create "open shares" it can leave your data vulnerable to attack.