Once administrator access has been reached, it's time to start executing applications. In this video, security reasearcher Lisa Bock shows how black-hat hackers may use access to a system to create havoc. Explore system vulnerabilities to better understand the attack vectors of malicious parties, and protect your systems.
- [Voiceover] Once in the system, the ethical hacker will escalate privileges in order to install and execute applications. Keep in mind, it's important not to set off any alarms at this point. If the hacker remains unnoticed, they can continue to achieve the goal of the exercise. They might want to install a rootkit for accessing the system later. They might want to install a keystroke logger in order to gather information. They might install ransomware in order to obtain cache. Or quietly install a botnet.
Botnet can be rented out to the darknet and your system could be part of a criminal network. Now understand this, once a system has been compromised, it's no longer in the administrator's hands. They may feel they're in control, but ultimately the company may suffer loss, system degradation, and possible be involved in a criminal act without their knowledge. If part of botnet, the bot server could signal a launch at any time, and that would send multiple requests to another system and possibly take down that system.
The fact is, there are many people that might involved in a botnet without their knowledge. You can check to see if your network is part of a botnet here. If a company is part of a botnet, to remove the threat, extreme measures may have to be taken to remove any trace of the botnet. So you can see, once in a system, we've escalated privileges, and if we move forward to install and execute applications, the results could be detrimental. So as you can see, if someone is able to get into your system, install and execute applications, the results can be devastating.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks