SYSTEM HACKING

1. MANUAL PASSWORD CRACKING

1.1. Default password ~ password yg di set oleh manufacturer

1.1.1. redirecting SMB logon to attacker ~ the hacker must sniff the NTLM responses from the authentication server and trick the victim into attempting Windows authentication with the attacker's computer. ~ send the victim an email message with an embedded link to a fraudulent SMB server. When the link is clicked, the user unwittingly sends their credentials over the network.

1.2. Guessing password

2. ATTACK THAT CAN BE USED TO GAIN PASSWORD

2.1. a. Redirecting SMB Logon to attacker b. SMB relay MITM c. NetBIOS DOS attack

2.1.1. SMB relay MITM ~

3. efdqewfwqg

3.1. Victim Machine

3.1.1. Local Switch or Access Point

3.1.1.1. Internet

3.1.1.1.1. Target data system

4. Malicious Attacker

5. HIDING FILES PURPOSE AND THE TECHNIQUES

5.1. ~ hides files ~use NTFS to hide files

5.1.1. counter measure to NTFS use tools : lsns.exe

5.2. buffer overflow

5.2.1. counter measure to buffer overflow ~ disable un use service

6. RULES OF PASSWORD

6.1. ~ Designed to be something an individual can remember easily ~Not something that can be easily guessed or broken.

6.2. type of strong password uppercase, lowercase, number special character

7. TYPES OF PASSWORD ATTACK

7.1. Passive online attack ~ Attacker tends to be not engaged ~ Attack tends to rely not only on how weak the password system is

7.2. Active online attacks ~ aggressive form of penetration

7.3. Offline attacks ~ melihat apa kawan type di keyboard ~mcm bunyi keypad

8. PRIVILEGE ESCALATION

8.1. tactic yg digunakan oleh hackers to gain unauthorized accss

8.2. Ada 2, horizontal, vertical

9. ROOTKIT COUNTERMEASURE

9.1. ~origin from unix. ~able to enter a computer and software ~can avoiid detection ~source code rootkit are accesible on the internet ~ windows users use the administrator acc - guna la user acc ~ selalunya di install oleh hackers. ~

9.2. types of rootkit ~ firmware kernel application