Documente Academic
Documente Profesional
Documente Cultură
WinPassword
John the Ripper
PasswordsPro
Password Unlocker Bundle
Password Cracker
Cloud Cracker
etc
Privilege Escalation
(hackers use to gain unauthorized access to a network)
Successful privilege escalation attacks grant hackers privileges that normal users
don't have. There are two common types of privilege escalation — horizontal and
vertical.
Privileges are a security feature of most programs and operating systems. they
limit the access that different kinds of users have to files and codes. The more
privileges a user has, the more he or she can modify or interact with a system or
application.
When a hacker wants greater privileges than the typical user, he or she has to find
a way around this security feature, which can result in a privilege escalation
attack.
Vertical Privileges
Attacker grants himself privileges usually reserved for higher-access users.
In most privilege escalation attacks, the hacker first logs in with a low-end user
account. Then he can search for exploitable flaws in the system that can be used
to elevate his privileges. If the hacker successfully exploits such flaws, he may
be able to authorize network activity, create new system users, access files or
change the system settings. Such an attack can result in the theft of sensitive
data or the hijacking of an entire network.
Example: vertical privilege escalation attacks are lock screen bypasses on many
of today's popular smartphones. Android and iOS have both been affected by
such vulnerabilities, which allow an unauthorized user to gain access to
someone else's contacts and apps just by performing a simple hack.
Preventions
Vertical privilege escalation attacks are difficult, but not
impossible, to prevent. The easiest way to keep such
attacks at bay is to keep antivirus software up to date and
install new patches and software fixes as soon as they
become available.
The more secure your system, the less likely a hacker is to
find an exploitable hole. Employing data execution
prevention (DEP) is another way to avoid these kinds of
attacks.
Horizontal Privileges
The attacker is a normal, low-end user who accesses the information of other
normal users. In other words, the attacker doesn't gain any advanced
privileges; he simply assumes someone else's identity to gain access he would
not otherwise have.
Example, if a hacker logs into her own online bank account and then, by
some flaw in the banking application, is able to also gain access to another
user's account, she has just pulled off a horizontal privilege escalation attack.
The term rootkit is a concatenation of "root" (the traditional name of the privileged
account on Unix-like operating systems) and the word "kit" (which refers to the
software components that implement the tool).
Example: rootkit keyloggers are designed to record words the victim types
without his knowledge. It has plenty of time to steal sensitive information given
If we split a computer system into three basic layers, they are
hardware,
kernel,
and operating system level.
Steganography is data hidden within data. Steganography is an encryption technique that can be used
along with cryptography as an extra-secure method in which to protect data. Ideally, anyone scanning
your data will fail to know it contains encrypted data.
In modern digital steganography, data is first encrypted by the usual means and then inserted, using a
special algorithm, into redundant (that is, provided but unneeded) data that is part of a particular file
format such as a JPEG image.. A trademark or other identifying symbol hidden in software code is
sometimes known as a watermark.
Stegware
Stegware is the use of steganography by malware to avoid detection. It can be used to penetrate a
system, to leak sensitive information and to run a command and control channel without detection.
Stegware cannot be stopped by defences based on detection, but can be defeated by Content Threat
Removal (business information is retrieved and other data is discarded), as this eliminates the
redundancy used by steganography to hide information.
It means a cyber attack can operate without detection, bypassing all defences that are based on
detection or analysis.
is an unauthorized transfer of data from a
computer system or IT servers to an
external system or device. It can be
carried out manually (similar to a ‘copy-
paste’ command) or automatically via
malware spread across a network.
via direct electronic means
Or physical media, such as downloading data to a USB drive or stealing a
laptop
Using web protocols, tunneling protocols, email or file transfers. While
the file transfer protocol (FTP) is regarded as a standard network
protocol whose purpose is to transfer file.
Other protocols and techniques are applicable as well, for instance, routing
control packets, secure shell, peer-to-peer, instant messaging, Windows
Management Instrumentation, hiding data within video or images, and
VoIP. Webcams, microphones, and similar peripheral devices may be
rigged to monitor the target’s activities.
Pentester can also make use of HTTP file transfers or the Tor
anonymity network as a means to mask location and traffic.
Common traffic channels are a preferable route for smuggling data out
of the targeted system since the extraction will blend in with the noise of
the network.
is a software platform for developing,
testing, and executing exploits
It is one of the most popular penetration testing
tools
performs a very good vulnerability assessment in
network and web applications.
It has inbuilt plug-ins for some famous
vulnerability scanners, such as Nessus,
Nexpose, Open VAS, and WMAP.
Metasploit is a ruby driven environment.
It allows us to develop exploits in ruby
language and integrate them with existing
repositories.
Ruby language also allows us to use the
existing exploits within its file system to
carry out an attack.