Once a hacker has gained access to a system, they may be stuck, if their credentials don't have administrator access. In this video, Lisa Bock explores way to escalate the privileges of a user to gain additional access to a system. Understand some of the tools hackers use, to better protect your own systems. Explore commands to turn a normal user, into an administrator.
- View Offline
- [Voiceover] When conducting penetration testing,…the ethical hacker will most likely obtain a password…from a less-defended account.…At this point, you'll need administrator privileges…in order to do any real modification to the system.…We'll most likely take advantage of a vulnerability.…Then, once accomplished, gain full local access…and take a look around and see what services are running.…Once I get in, I want to take a look…and see if I can modify the integrity of the system.…
I'll look for weak passwords on the system.…I'll also take a look at the password files.…In Windows, I'll try to access the SAM file…and obtain the LAN Management hashes.…On Linux, I'll access the etc/passwd file.…There are also some software tools available out there.…I'm at password-changer.com,…and here we can see Active@ Password Changer.…This is a password-resetting tool.…And we can get in and change passwords easily…for local administrators and users on Windows.…
This is, at it says, in case Administrator's password…is forgotten or lost.…
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks