Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CIT294 Chapter 4
CIT294 Ethical Hacking - Chapter 4 System Hacking Terms
| Question | Answer |
|---|---|
| Passive Online password attack | Eavesdropping on network password exchanges. Passive online attacks include sniffing, man-in-the-middle, and replay attacks. |
| Active Online password attack | Guessing the Administrator password. Active online attacks include automated password guessing. |
| Offline password attack | Dictionary, hybrid, and brute-force attacks. |
| Nonelectronic password attack | Shoulder surfing, keyboard sniffing, and social engineering. |
| MITM | Man-in-the-middle attack |
| hashed | encrypted |
| replay attack | passive online password attack that allows the hacker to capture the password, and use the password authentication packets later to authenticate as the client |
| dictionary attack | type of offline password attack that attempts to use passwords from a list of dictionary words |
| hybrid attack | type of offline password attack that substitutes numbers or symbols for password characters |
| brute-force attack | type of offline password attack that tries all possible combinations of letters, numbers, and special characters |
| examples of nonelectric password attacks | social engineering, shoulder surfing, and dumpster diving |
| NetBIOS DoS Attack | sends NetBIOS Name Release message to the NetBIOS Name Service on a target Windows system and forces the system to place name in conflict so name cannot be used. Blocks NetBIOS client from participating in NetBIOS network. |
| Keylogger | Hardware device or software that allows a hacker to record keystrokes to record login and password information. Can be deployed by Trojans or viruses. |
| Escalating privileges | adding more rights or permissions to a user account preferably the admin account. |
| Buffer Overflow | hacking attempt that exploits a flaw in an application code |
| Rootkits | type of program used to hide utilities on a compromised system. Normally includes a “backdoor” into the system |
| Kernel-Level Rootkit | Add code and/or replace of portion of kernel code with modified code to help hide “backdoor” on the system |
| Library-Level Rootkit | Patch, hook, or replace system calls with versions that hide information that might allow the hacker to be identified. |
| Application-Level Rootkit | May replace regular application binaries with trojanized fakes or modify the behavior of existing applications. |
| Attrib +h | command line command that can be used in a Windows operating system to hide files |
| NTFS Alternate Data Streaming | Windows XP, 2000, and NT vulnerability that allows data to be stored in hidden files linked to a normal visible file |
| NTFS File Streaming | Like Alternate Data Streaming, but allow hidden file to be created with a legitimate file not just linked to it. Hidden file does not appear in directory listing but can be used to store and transmit information. |
| Steganography | Process of hiding data in other types of data such as images or text files |
| Legion | Password cracking tool that automates the password guessing in NetBIOS sessions. Legion scans multiple IP address ranges for Windows shares & also offers a manual dictionary attack tool. |
| NTInfoScan | Password cracking tool that Is a security scanner for NT 4.0. This vulnerability scanner produces an HTML-based report of security issues found on the target system and other information. |
| L0phtCrack | PW cracking tool that Is a password auditing & recovery package ,now owned by Symantec. It performs SMB packet captures on the local network segment & captures individual login sessions. Contains dictionary, brute-force, and hybrid attack capabilitites. |
| LC5 | Is another good password cracking tool. It is a suitable replacement for L0phtCrack |
| John the Ripper | Is a command-line tool designed to crack both Unix and NT passwords. The cracked passwords are case insensitive and may not represent the real mixed case password. |
| KerbCrack (Kerbsniff + Kerbcrack) | Consists of two programs : Kerbsniff & Kerbcrack. The sniffer listens on the network and captures Windows 2000/XP Kerberos logins. The cracker can be used to find the passwords from the capture file using a brute-force attack or a dictionary attack. |
| Win32CreateLocalAdminUser | Is a program that creates a new user with the username & password X and adds the user to the local administrator's group. This action is part of the Metasploit Project and can be launched with the Metasploit framework on Windows |
| Offline NT Password Resetter | Is a method of resetting the password to the administrator's account when the system isn't booted to Windows. The most common method is to boot to a Linux boot CD and then access the NTFS partition, which is no longer protected, and change the password. |
| SMBRelay | An SMB server that captures usernames & passwords hashes from incoming SMB traffic. SMBRelay can also perform man-in-the-middle (MITM) attacks. |
| SMBRelay2 | Similar to SMBRelay but uses NetBIOS names instead of IP addresses to capture usernames and passwords |
| pwdump2 | The program that extracts the password hashes from a SAM file on a Windows system. The extracted password hashes can then be run through L0phtCrack to break the passwords. |
| Samdump | Another program that extracts NTLM hashed passwords from the SAM file |
| C2MYAZZ | A spyware program that makes Windows clients send their passwords as cleartext. It displays usernames and their passwords as users attatch to server resources. |
| SMBGrind | Increases the speed of L0phtCrack sessions on sniffer dumps by removing duplication and providing a way to target specific users without having to edit the dump files manually. |
| SMBDie | This tool crashes computers running Windows 2000, XP, or NT by sending specially crafted SMB requests. |
| NBTdeputy | Can register a NetBIOS computer name on a network and respond to NetBIOS over TCP/IP (NetBT) name -query requests. It simplifies the use of SMBRelay. The relay can be referred to by computer name instead of IP address. |
| Auditpol | Is spyware that records everything a system does on the Internet, It automatically takes hundreds of snapshots every hour of whatever is on the screen and saves these snapshots in a hidden location on the system's hard drive. |
| eBlaster | Internet spy software that captures incoming and outgoing emails and immediately forwards them to another email address. eBlaster can also capture both sides of an Instant Messenger conversation, perform keystroke logging, and record websites visitied. |
| SpyAnywhere | A tool that allows you to view system activity and user actions, shut down/restart, lock down/freeze, and even browse the file system of a remote system. |
| Invisible KeyLogger Stealth (IKS) Software Logger | A high-performance virtual device driver (VxD) that runs silently at the lowest level of the Windows 95, 98, or ME operating system. All keystrokes are recorded in a binary keystroke file. |
| Fearless Key Logger | A Trojan that remains resident in memory to capture all user keystrokes. Captured keystrokes are stored in a log file and can be retrieved by a hacker. |
| eE-mail Keylogger | Logs all emails sent and received on a target system. The emails can be viewed by sender, recipient, subject, and time/date. The email contents and any attachments are also recorded. |
| NBName | Can disable entire LANs and prevent machines from rejoining them. Nodes on a NetBIOS network infected by the tool think that their names are already in use by other machines. |
| VisualLast | Aid a network administrator in deciphering and analyzing the security log files. It is designed to allow network administrators to view and report individual users' login and logoff times. |
| GetAdmin.exe | small program that adds a user to the local administrators group. It uses a low-level NT kernel routine to allowing access to any running process. It is run from the command line or from a browser. It works only with Windows NT 4.0 Service Pack 3. |
| Hk.exe | This utility exposes a local procedure call (LPC) flaw in Windows NT. A nonadministrator user can be escalated to the administrators group using this tol. |
| PsExec | A program that connects to and executes files on remote systems. No software needs to be installed on the remote system. |
| Remoxec | Executes a program using RPC(Task Scheduler) or DCOM (Windows Management Instrumentation) services. Administrators with null/weak passwords may be exploited through Task Scheduler ( 1025/tcp or above) or (DCOM ; default 135/tcp) |
| Tripwire | file system integrity-checking program for Unix/Linux OS. the Tripwire database also contains information that lets you verify access permissions file mode settings,username of file owner, date and time the file was last access, and the last modification |
| makestrm.exe | A utility that moves the data from a file to an alternate data stream linked to the orginal file. |
| lns.exe | Used to detect NTFS streams. LNS reports the existence and location of files that contain alternate data streams. |
| ImageHide | A steganography program that hides large amounts of text in images. Even after adding bytes of data, there is no increase in the image size. The image looks the same in a normal graphics program. |
| Blindside | A steganography application that hides information inside BMP (bitmap) images. It is a command-line utility. |
| MP3Stego | Hides information in MP3 files during the compression process. The data is compressed, encrypted, and then hidden in the MP3 bitstream. |
| Snow | A whitespace steganography program that conceals messages in ASCII text by appending whitespace to the end of lines. If the built-in encryption is used, the message can't be read even if it's detected. |
| CameraShy | Works with Windows and Internet Explorer and lets users share censored or sensitive information stored in an ordinary GIF image. |
| Stealth | A filtering tool for PGP files. It strips off identifying information from the header, after which the file can be used for steganography. |
| Stegdetect | An automated tool for detecting steganographic content in images. It's capable of detecting different steganogrphic methods to embed hidden information in JPEG images. |
| Dskprobe | A tool on the Windows 2000 installation CD. It's a low-level hard-disk scanner that can detect steganography. |
| Auditpol | A tool included in the Windows NT Resource Kit for system administrators. This tool can disable or enable auditing from the Windows command line. It can also be used to determine the level of logging implemented by a system administrator. |
| elslae.exe | A simple utility tool for clearing the event log. It's command line based. |
| Winzapper | A tool that an attacker can use to erase event records selectively from the security log in Windows 2000. It also ensures that no security events are logged while the program is running. |
| Evidence Eliminator | A data-cleansing sysem for Windows PCs. It prevents unwanted data from becoming permanently hidden in the system. Evidence Eliminator can also be used by a hacker to remove evidence from a system after an attack. |
Created by:
Leisac
Popular Computers sets