Lisa lays out the goals of system hacking. She explores how malicious parties obtain a password. Once a password is obtained, hackers maintain access and continually attempt to escalate their privileges until they have reached administrator access. Once admin access has been obtained, black hat hackers can install spyware and open back doors in a target.
- [Voiceover] After scanning the network,…and obtaining a blueprint, gaining access is next.…In order to gain access to a system,…we'll most likely need a password.…Obtaining the password can be an active online attack…with methods such as dictionary, brute force,…or keylogger attack.…Or it can be a passive online attack that includes…packet sniffing, man in the middle, and replay attacks.…If a password list is obtained,…we may have to do an offline evaluation,…such as a rainbow attack.…
Once in the system, the key is to maintain access,…and continually escalate until you reach…the administrator level.…The key is to be careful in this phase,…as the longer access is maintained,…the better chance of getting caught.…The next step is escalating privilege in order to achieve…access to resources normally restricted from…an end-user or application.…Look around and see if there are any unmounted file systems…or development tools available.…
With the knowledge of the vulnerabilities,…and what is available on the system,…
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks