According to a report 58% of large organization suffers staff security breaches. 60% of small business had a security breach.
System Hacking is a method using which an attacker get access to individual computer system on a network. Ethical hackers learn System hacking for detecting and and prevent from this kind og attacks
There are five steps of System hacking
1. Gaining access : By accessing admin control panel
2. Escalating privilege : To increase your admin privileges to root user
3. Executing application : Install Trojan and virus
4. Hiding files : Hiding malicious code in image.
5. Covering tracks : Clearing logs
- Types of password attack
A. Non Electronic Attacks
Attacker need not possess technical knowledge to crack password, hence known as non-technical attack. These attacks include social engineering or password guessing.
 |
| Social engineering |
B. Active Online Attacks
Attackers performs password cracking by directly communicating with the authorizing party.
- Dictionary Attack-A dictionary file is loaded into the cracking application that runs against user accounts
Dictionary Attack - Brute Forcing Attack- The program tries every combination of character until the password is broken
Brute Forcing Attack - Rule Based Attacks-This attack is used when attackers gets some information about the password
Rule Based Attack - Password Guessing – The attacker creates a list of all possible passwords from the information collected through social engineering or any other way and tries them manually on the victim’s machine to crack the passwords.Here the failure rate is high
Password Guessing - Trojan/spyware/keylogger – Attackers installs Trojan/spyware/keylogger on victim’s machine to collect victim’s user names and passwords.Trojan/spyware/keylogger runs in the background and send back all users credentials to the attacker.
Trojan/ Spyware/ Keylogger - Hash Injection Attack – A hash injection attack allows an attacker to inject a compromised hash into a local session and use the hash to validate to network resources. The attacker finds and tracts a logged on domain admin account hash. The attacker uses the extracted hash to log on to the domain controller
Hash Injection Attack
C. Passive Online Attack
Attackers performs password cracking without communicating with the authorizing party
- Wire sniffing – Attackers run packet sniffer tools on the local area network to access and record the raw network traffic. The captured data may include sensitive information such as password and emails. Sniffed credentials are used to gain unauthorized access to the target system
Wire sniffing - Man in the Middle Attack- In MITM attack, the attacker acquires access to the communication on channels between victim and server to extract the information
Man in the Middle Attack
D. Offline Attacks
Attackers copies the target ;s password file and then tries to crack the password in his own system at different location
- Rainbow Table Attack – A rainbow table is precomputed table which contains word list like dictionary files and brute force list and their hash values. Captured hash of a password are compared with the rainbow table hash table and if a match is found then the password is cracked.
Rainbow Table Atttack - Distributed Network Attack – a distributed network attack technique is used for recovering passwords from hashes or password protected files using the unused processing power of machines across the network to decrypt passwords.
Distributed Network Attack
E. Default Password
A default password is a password supplied by the manufacturer with new equipment e.g: switches, hubs, routers that is password protected.
Attackers use default passwords in the list of words or dictionary that they use to perfume password guessing attack
Some online tools to search default passwords
- Resetting password using command prompt
If a attacker succeeds in gaining administrative privileges, he/she can reset the passwords of any other non-administrative accounts using command prompt.
- Open the command prompt , type net user and press enter. It will list out all the user account on target system.
- Now type net user user_account_name * and press enter. User_account_name is the account name from the list.
- Type the new password to reset the password for specific account.
Command Prompt
- Rootkits
Rootkits are programs that hide their presence as well as attackers’s malicious activities, granting them full access to the server or host at that time and also in future
Rootkits replace certain operating system calls and utilities with its own modified version of those routines that turn undermine the security of the target system causing malicious functions to be executed.
A typical Rootkit compromises backdoor programs, DDos programs, packet sniffers, log-wiping utilities, IRC bots , etc.
 |
| Rootkit |
- Steganography
Steganography is a technique of hiding a secret message within an ordinary message and extracting at the destination to maintain confidentiality of data.
Utilizing a graphic image as a cover is the most popular method to conceal the data in files
Attacker can use Steganography to hide message such as list of compromised servers, source code for the hacking tool, plans for future attacks, etc.
 |
| Steganography |
- Ways to clear online tracks
Remove Most Recently Used (MRU) , delete cookies , clear cache, turn off auto-complete, clear toolbar data fro the browsers.
- Cclearner – Ccleaner is system optimization and cleaning tool. It cleans traces of temporary files, log files, registry files, memory dump, and also your online activities such as your Internet history.
Ccleaner - MRU Blaster – It is an application for windows that allows you to clean the most recently used list stored on your computer. It allows you to clean out your temporary Internet files and cookies.
MRU Blaster
0 Comments