Update 06_System_Hacking.md #8
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
g0rbe
reviewed
Nov 19, 2020
|
|
||
| ##### Dictionary Attack | ||
|
|
||
| A password cracking application is used along with with a dictionary file. | ||
| This dictionary file contains entire dictionary or a list of known and common words. | ||
| A password-cracking application is used along with a dictionary file. |
There was a problem hiding this comment.
Pasword cracking is without dash. See: https://en.wikipedia.org/wiki/Password_cracking
| Domain controller responds to a challenge known as **nonce** to be encrypted by the password's hash. | ||
| This challenge is a 16 byte random number generated ny the domain controller. | ||
| By comparing the challenge with the database, domain controller permit or deny the login. | ||
| This challenge is a 16-byte random number generated by the domain controller. |
| @@ -368,17 +368,17 @@ Features: | |||
|
|
|||
| ### Rootkits | |||
|
|
|||
| Rootkit is a software designed to provide privileged access to a remote user over a system, creates a backdoor. | |||
| Deployed after attacker gain high-level access to a system. | |||
| A rootkit is software designed to provide privileged access to a remote user over a system, creates a backdoor. | |||
There was a problem hiding this comment.
"A rootkit is a software ..." maybe.
| Rootkits often mask their existence to avoid detection. | ||
|
|
||
| #### Types | ||
|
|
||
| - **Application level rootkit**: perform manipulation of standard application file with an injection of codes. | ||
| - **Application-level rootkit**: perform manipulation of standard application file with an injection of codes. |
There was a problem hiding this comment.
Dash! 😃
See: https://www.omnisecu.com/security/rootkits.php
| Rootkits often mask their existence to avoid detection. | ||
|
|
||
| #### Types | ||
|
|
||
| - **Application level rootkit**: perform manipulation of standard application file with an injection of codes. | ||
| - **Application-level rootkit**: perform manipulation of standard application file with an injection of codes. | ||
| - **Kernel-level rootkit**: inject malicious code to the kernel |
There was a problem hiding this comment.
Mine is wrong too. It should be "Kernel level rootkit".
|
|
||
| #### Offline Attack | ||
|
|
||
| ##### Pre-computed hashes and Rainbow table | ||
|
|
||
| Comparing a password using a rainbow table. | ||
| Rainbow Table is the pregenerated hashes of the words in a dictionary or the combination of characters. | ||
| The advantage of Rainbow Table is the speed, because it takes less time to compare the hashes. | ||
| Rainbow Table is the pre-generated hashes of the words in a dictionary or the combination of characters. |
There was a problem hiding this comment.
Pregenerate is without dash. See: https://en.wiktionary.org/wiki/pregenerate
|
|
||
| #### Password Guessing | ||
|
|
||
| The attacker uses the information extracted by initial phases and guess the password. | ||
| Not common method and the rate of failure is high. | ||
| Not a common method and the rate of success is low. |
|
|
||
| ### Privilege Escalation using DLL Hijacking | ||
|
|
||
| Applications need Dynamic Link Libraries (DLL) to run. | ||
| In Windows, most of the application search for DLL in directories, instead of using the full qualified path. | ||
| The Attacker replace the DLL to a malicious one. | ||
| In Windows, most of the application search for DLL in directories, instead of using the full, qualified path. |
There was a problem hiding this comment.
Both wrong (mine and yours). The correct would be "fully qualified path". See: https://en.wikipedia.org/wiki/Fully_qualified_name#Path_names
|
I'm-just-glad-how-both-of-us-are-wrong-at-so-many-places-lol |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.