CAS, profile picture
Uploaded byCAS
PPTX, PDF4,398 views

System hacking

The document outlines the systematic approach to system hacking, detailing stages such as footprinting, scanning, and enumeration to gather information about a target network. It elaborates on various hacking techniques including password cracking, privilege escalation, and hiding files, emphasizing the importance of methodology and the goals behind attacks. Additionally, the document describes the tools and tactics used by attackers to execute malicious actions and cover their tracks.

Embed presentation

Downloaded 122 times
SYSTEM HACKING MR. RAJASEKAR RAMALINGAM FACULTY - DEPARTMENT OF IT COLLEGE OF APPLIED SCIENCES – SUR SULTANATE OF OMAN VRRSEKAR@YAHOO.COM
CONTENT 1. Steps before hacking a System  Footprinting  Scanning  Enumeration 2. System Hacking stage 3. Goals for System Hacking 4. System Hacking Methodology 5. System Hacking Steps 6. Password Cracking 7. Privilege escalation 8. Executing Applications 9. Hiding Files 10. Covering tracks 2 SYSTEMHACKING
1. STEPS BEFORE HACKING A SYSTEM 3 SYSTEM HACKING
1.1 FOOTPRINTING  Process of accumulating data regarding a specific network environment.  Purpose of finding ways to intrude into the network environment.  Can be used to attack a system, and also to protect it.  In the footprinting phase, the attacker creates a profile of the target organization, with the information such as its IP address range, namespace, and employee web usage.  Footprinting improves the ease with which the systems can be exploited by revealing system vulnerabilities.  Determining the objective and location of an intrusion is the primary step involved in footprinting.  Once the objective and location of an intrusion is known, specific information about the organization can be gathered. 4 SYSTEM HACKING
1.2 SCANNING  Procedure for identifying active hosts on a network, either for the purpose of network security assessment or for attacking them.  The attacker finds information about the target assessment through its IP addresses that can be accessed over the Internet.  Scanning is mainly concerned with the identification of systems on a network and the identification of services running on each computer.  Some of the scanning procedures such as port scans and ping sweeps return information about the services offered by the live hosts that are active on the Internet and their IP addresses. 5 SYSTEM HACKING
1.3 ENUMERATION  Enumeration is the method of intrusive probing into the target assessment through which attackers gather information such as network user lists, routing tables, and Simple Network Management Protocol (SNMP) data.  The attacker's objective is to identify valid user accounts or groups where he or she can remain inconspicuous once the system has been compromised.  Enumeration involves making active connections to the target system or subjecting it to direct queries. 6 SYSTEM HACKING
2. SYSTEM HACKING STAGE  Every criminal commits a crime to achieve certain goal.  Likewise, an attacker can also have certain goals behind performing attacks on a system.  The following may be some of the goals of attackers in committing attacks on a system.  The table shows the goal of an attacker at different hacking stages and the technique used to achieve that goal. 7 SYSTEM HACKING
3. GOALS FOR SYSTEM HACKING 8 SYSTEM HACKING
4. SYSTEM HACKING METHODOLOGY  Before hacking a system, an attacker uses footprinting, scanning, and enumeration techniques to detect the target area of the attack and the vulnerabilities that prove to be doorways for the attacker.  Once the attacker gains all the necessary information, he or she starts hacking.  The following diagram depicts the hacking methodology followed by ethical / Unethical hackers: 9 SYSTEM HACKING
System Hacking Methodology…. 10 SYSTEM HACKING
5. SYSTEM HACKING STEPS  System hacking cannot be accomplished at a single go.  Various steps that include  Cracking passwords  Escalating privileges  Executing applications  Hiding files  Covering tracks  Discuss these steps one by one thoroughly, to determine how the attacker hacks the system. 11 SYSTEM HACKING
System Hacking Steps… 12 SYSTEM HACKING
6. PASSWORD CRACKING 13 SYSTEM HACKING
PASSWORD CRACKING …  Process of recovering passwords from the data that has been transmitted by a computer system or stored in it.  Helps a user to recover a forgotten or lost password, as a preventive measure by the system administrators.  Can also be used to gain unauthorized access to a system.  Many hacking attempts start with password cracking attempts.  Most attackers use password cracking techniques to gain unauthorized access to the vulnerable system.  Passwords may be cracked manually or with automated tools.  Programs designed for cracking passwords are the functions of the number of possible passwords per second that can be checked.  Most of the passwords cracking techniques are successful due to weak or easily guessable passwords. 14 SYSTEM HACKING
6.1 PASSWORD CRACKING TECHNIQUES 15 SYSTEM HACKING
6.2 TYPES OF PASSWORD ATTACKS 16 SYSTEM HACKING
6.3 PASSWORD CRACKING TOOLS 17 SYSTEM HACKING
7. PRIVILEGE ESCALATION  An attacker can gain access to the network using a non-admin user account, and the next step would be to gain administrative privileges.  Attacker performs privilege escalation attack which takes advantage of design flaw, programming errors, bugs, and configuration oversights in the OS and software application to gain administrative access to the network and its associated applications.  These privileges allows attacker to view private information , delete files, or install malicious programs such as viruses, Trojans, worms, etc. 18 SYSTEM HACKING
PRIVILEGE ESCALATION… Types of Privilege escalation: 1. Vertical Privilege escalation  Requires granting higher privileges or higher level of access than administrator.  This is accomplished by doing kernel-level operations that permit to run unauthorized code. 2. Horizontal Privilege escalation  Requires using same privileges or higher level of access that already has been granted but assuming the identity of another user with similar privileges. 19 SYSTEM HACKING
7.1 PRIVILEGE ESCALATION TOOLS 20 SYSTEM HACKING
8. EXECUTING APPLICATIONS 21 • Attackers execute malicious applications in this stage. • This is called “Owning” the system. • Executing applications is done after the attacker gains the administrative privileges. • The attacker may try to execute some of his or her own malicious programs remotely on the victim's machine to gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources, crack passwords, capture screenshots, install a backdoor to maintain easy access, etc. SYSTEM HACKING
EXECUTING APPLICATIONS …. 22 SYSTEM HACKING
 The malicious programs that the attacker executes on victim's machine maybe:  Backdoors: Programming designed to deny or disrupt operation, gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources.  Crackers: Piece of software or program designed for the purpose of cracking the code or passwords.  Keyloggers: This can be hardware or a software type. In either case the objective is to record each and every key stroke made on the computer keyboard.  Spyware: Spy software may capture the screen shots and send them to a specified location defined by the hacker. The attacker has to maintain the access to the victim's computer until his or her purpose is fulfilled.  After deriving all the requisite information from the victim’s computer, the attacker installs several back doors to maintain easy access to the victim’s computer in the future. 23 SYSTEM HACKING
9. HIDING FILES  Many proactive applications are capable of preventing or detecting and deleting malicious applications.  In order to avoid malicious applications being detected by protective applications, attackers hide malicious files inside other legitimate files.  Rootkits are programs that hide their presence as well as attacker's malicious activities, granting them full access to the server or host at  that time and also in future.  Rootkits replace certain operating system calls and utilities with its own modified versions o f those routines that in turn undermine the security of the target system causing malicious functions to be executed.  A typical root kit comprises o f backdoor programs, DDOS programs, packet sniffers, log-wiping utilities, IRC bots, etc. 24 SYSTEM HACKING
HIDING FILES…. 25 SYSTEM HACKING
12.9.1 TYPES OF ROOTKIT 26 SYSTEM HACKING
12.10 COVERING TRACKS 27 • Once the attacker breaks into the target network or computer successfully, he tries to hide himself from being detected or traced out. • The attacker tries to cover all the tracks or logs that are generated during his attempts to gain access to the target network. SYSTEM HACKING
12.10.1WHY COVER TRACKS? 28 SYSTEM HACKING

More Related Content

PPTX
Ethical hacking : Its methodologies and tools
bychrizjohn896
 
PPTX
Password Cracking
bySina Manavi
 
PPTX
Ethical Hacking
byAditya Vikram Singhania
 
PPTX
Network scanning
byoceanofwebs
 
PPTX
Inetsecurity.in Ethical Hacking presentation
byJoshua Prince
 
PPTX
Malware analysis
byPrakashchand Suthar
 
PPTX
Ethical Hacking - sniffing
byBhavya Chawla
 
PPT
Module 2 Foot Printing
byleminhvuong
 
Ethical hacking : Its methodologies and tools
bychrizjohn896
 
Password Cracking
bySina Manavi
 
Ethical Hacking
byAditya Vikram Singhania
 
Network scanning
byoceanofwebs
 
Inetsecurity.in Ethical Hacking presentation
byJoshua Prince
 
Malware analysis
byPrakashchand Suthar
 
Ethical Hacking - sniffing
byBhavya Chawla
 
Module 2 Foot Printing
byleminhvuong
 

What's hot

PPTX
Brute force-attack presentation
byMahmoud Ibra
 
PPTX
Ethical hacking - Footprinting.pptx
byNargis Parveen
 
PPSX
Intrusion detection system
bygaurav koriya
 
PPT
Module 8 System Hacking
byleminhvuong
 
PPTX
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
PPTX
Intrusion detection
byCAS
 
PPT
IDS and IPS
bySantosh Khadsare
 
PDF
Malware and security
byGurbakash Phonsa
 
PPT
DES (Data Encryption Standard) pressentation
bysarhadisoftengg
 
PPTX
Malware Static Analysis
byHossein Yavari
 
PPTX
Security vulnerability
byA. Shamel
 
PPTX
Operating system security
byRamesh Ogania
 
PPTX
Penetration testing overview
bySupriya G
 
PPTX
Password Cracking
bySagar Verma
 
PPTX
Firewall in Network Security
bylalithambiga kamaraj
 
PDF
Ethical Hacking Tools
byMultisoft Virtual Academy
 
PPTX
Password craking techniques
byأحلام انصارى
 
PPTX
Web application security
byKapil Sharma
 
PPTX
Cia security model
byImran Ahmed
 
PPT
Web Application Security
byAbdul Wahid
 
Brute force-attack presentation
byMahmoud Ibra
 
Ethical hacking - Footprinting.pptx
byNargis Parveen
 
Intrusion detection system
bygaurav koriya
 
Module 8 System Hacking
byleminhvuong
 
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
Intrusion detection
byCAS
 
IDS and IPS
bySantosh Khadsare
 
Malware and security
byGurbakash Phonsa
 
DES (Data Encryption Standard) pressentation
bysarhadisoftengg
 
Malware Static Analysis
byHossein Yavari
 
Security vulnerability
byA. Shamel
 
Operating system security
byRamesh Ogania
 
Penetration testing overview
bySupriya G
 
Password Cracking
bySagar Verma
 
Firewall in Network Security
bylalithambiga kamaraj
 
Ethical Hacking Tools
byMultisoft Virtual Academy
 
Password craking techniques
byأحلام انصارى
 
Web application security
byKapil Sharma
 
Cia security model
byImran Ahmed
 
Web Application Security
byAbdul Wahid
 

Similar to System hacking

PPTX
Ethical hacking
byRishabha Garg
 
PPT
ETHICAL HACKING
bySweta Leena Panda
 
PPTX
Ethical Hacking Redefined
byPawan Patil
 
PDF
Introduction of hacking and cracking
byHarshil Barot
 
PPTX
Introduction ethical hacking
byVishal Kumar
 
ODP
Ethical hacking ppt
byhimanshujoshi238
 
PPTX
Ethical hacking introduction to ethical hacking
byMissStevenson1
 
PPT
Introduction to ethical hacking
byankit sarode
 
PPTX
Ethical hacking introduction to ethical hacking
bymissstevenson01
 
DOCX
Ethical hacking
byNitheesh Adithyan
 
PPTX
ethical hacking
bysamprada123
 
PPT
Hacking
byblues_mfi
 
PPTX
Ethical hacking
byAKSHAY KHATRI
 
PPT
All about Hacking
byMadhusudhan G
 
PPTX
Ethical Hacking.pptx
byMadhuKumar114889
 
PPTX
Ethical hacking
byPrabhat kumar Suman
 
PDF
Ethical Hacking
bySyed Irshad Ali
 
PPTX
Hacking and Anti Hacking
byInternational Islamic University
 
PPTX
The Basics of Ethical Hacking
byVamshi TG
 
PPTX
Ethical Hacking
byNitheesh Adithyan
 
Ethical hacking
byRishabha Garg
 
ETHICAL HACKING
bySweta Leena Panda
 
Ethical Hacking Redefined
byPawan Patil
 
Introduction of hacking and cracking
byHarshil Barot
 
Introduction ethical hacking
byVishal Kumar
 
Ethical hacking ppt
byhimanshujoshi238
 
Ethical hacking introduction to ethical hacking
byMissStevenson1
 
Introduction to ethical hacking
byankit sarode
 
Ethical hacking introduction to ethical hacking
bymissstevenson01
 
Ethical hacking
byNitheesh Adithyan
 
ethical hacking
bysamprada123
 
Hacking
byblues_mfi
 
Ethical hacking
byAKSHAY KHATRI
 
All about Hacking
byMadhusudhan G
 
Ethical Hacking.pptx
byMadhuKumar114889
 
Ethical hacking
byPrabhat kumar Suman
 
Ethical Hacking
bySyed Irshad Ali
 
Hacking and Anti Hacking
byInternational Islamic University
 
The Basics of Ethical Hacking
byVamshi TG
 
Ethical Hacking
byNitheesh Adithyan
 

More from CAS

PPTX
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
byCAS
 
PPT
RRB JE Stage 2 Computer and Applications Questions Part 5
byCAS
 
PPT
RRB JE Stage 2 Computer and Applications Questions Part 4
byCAS
 
PPT
RRB JE Stage 2 Computer and Applications Questions part 3
byCAS
 
PPT
RRB JE Stage 2 Computer and Applications Questions Part 2
byCAS
 
PPT
RRB JE Stage 2 Computer and Applications Questions Part 1
byCAS
 
PPTX
Introduction to IoT Security
byCAS
 
PPTX
Introduction to research methodology
byCAS
 
PPTX
Can you solve this
byCAS
 
PPTX
Symmetric encryption and message confidentiality
byCAS
 
PPTX
Public key cryptography and message authentication
byCAS
 
PPTX
Malicious software
byCAS
 
PPTX
Legal and ethical aspects
byCAS
 
PPT
IT Security management and risk assessment
byCAS
 
PPTX
It security controls, plans, and procedures
byCAS
 
PPTX
Human resources security
byCAS
 
PPT
Database security
byCAS
 
PPTX
Cryptographic tools
byCAS
 
PPT
Internet security association and key management protocol (isakmp)
byCAS
 
PPT
IP Security Part 2
byCAS
 
CCNA 200-301 IPv6 addressing and subnetting MCQs Collection
byCAS
 
RRB JE Stage 2 Computer and Applications Questions Part 5
byCAS
 
RRB JE Stage 2 Computer and Applications Questions Part 4
byCAS
 
RRB JE Stage 2 Computer and Applications Questions part 3
byCAS
 
RRB JE Stage 2 Computer and Applications Questions Part 2
byCAS
 
RRB JE Stage 2 Computer and Applications Questions Part 1
byCAS
 
Introduction to IoT Security
byCAS
 
Introduction to research methodology
byCAS
 
Can you solve this
byCAS
 
Symmetric encryption and message confidentiality
byCAS
 
Public key cryptography and message authentication
byCAS
 
Malicious software
byCAS
 
Legal and ethical aspects
byCAS
 
IT Security management and risk assessment
byCAS
 
It security controls, plans, and procedures
byCAS
 
Human resources security
byCAS
 
Database security
byCAS
 
Cryptographic tools
byCAS
 
Internet security association and key management protocol (isakmp)
byCAS
 
IP Security Part 2
byCAS
 

Recently uploaded

PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PPTX
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 

System hacking

  • 1.
    SYSTEM HACKING MR. RAJASEKARRAMALINGAM FACULTY - DEPARTMENT OF IT COLLEGE OF APPLIED SCIENCES – SUR SULTANATE OF OMAN VRRSEKAR@YAHOO.COM
  • 2.
    CONTENT 1. Steps beforehacking a System  Footprinting  Scanning  Enumeration 2. System Hacking stage 3. Goals for System Hacking 4. System Hacking Methodology 5. System Hacking Steps 6. Password Cracking 7. Privilege escalation 8. Executing Applications 9. Hiding Files 10. Covering tracks 2 SYSTEMHACKING
  • 3.
    1. STEPS BEFOREHACKING A SYSTEM 3 SYSTEM HACKING
  • 4.
    1.1 FOOTPRINTING  Processof accumulating data regarding a specific network environment.  Purpose of finding ways to intrude into the network environment.  Can be used to attack a system, and also to protect it.  In the footprinting phase, the attacker creates a profile of the target organization, with the information such as its IP address range, namespace, and employee web usage.  Footprinting improves the ease with which the systems can be exploited by revealing system vulnerabilities.  Determining the objective and location of an intrusion is the primary step involved in footprinting.  Once the objective and location of an intrusion is known, specific information about the organization can be gathered. 4 SYSTEM HACKING
  • 5.
    1.2 SCANNING  Procedurefor identifying active hosts on a network, either for the purpose of network security assessment or for attacking them.  The attacker finds information about the target assessment through its IP addresses that can be accessed over the Internet.  Scanning is mainly concerned with the identification of systems on a network and the identification of services running on each computer.  Some of the scanning procedures such as port scans and ping sweeps return information about the services offered by the live hosts that are active on the Internet and their IP addresses. 5 SYSTEM HACKING
  • 6.
    1.3 ENUMERATION  Enumerationis the method of intrusive probing into the target assessment through which attackers gather information such as network user lists, routing tables, and Simple Network Management Protocol (SNMP) data.  The attacker's objective is to identify valid user accounts or groups where he or she can remain inconspicuous once the system has been compromised.  Enumeration involves making active connections to the target system or subjecting it to direct queries. 6 SYSTEM HACKING
  • 7.
    2. SYSTEM HACKINGSTAGE  Every criminal commits a crime to achieve certain goal.  Likewise, an attacker can also have certain goals behind performing attacks on a system.  The following may be some of the goals of attackers in committing attacks on a system.  The table shows the goal of an attacker at different hacking stages and the technique used to achieve that goal. 7 SYSTEM HACKING
  • 8.
    3. GOALS FORSYSTEM HACKING 8 SYSTEM HACKING
  • 9.
    4. SYSTEM HACKINGMETHODOLOGY  Before hacking a system, an attacker uses footprinting, scanning, and enumeration techniques to detect the target area of the attack and the vulnerabilities that prove to be doorways for the attacker.  Once the attacker gains all the necessary information, he or she starts hacking.  The following diagram depicts the hacking methodology followed by ethical / Unethical hackers: 9 SYSTEM HACKING
  • 10.
  • 11.
    5. SYSTEM HACKINGSTEPS  System hacking cannot be accomplished at a single go.  Various steps that include  Cracking passwords  Escalating privileges  Executing applications  Hiding files  Covering tracks  Discuss these steps one by one thoroughly, to determine how the attacker hacks the system. 11 SYSTEM HACKING
  • 12.
  • 13.
  • 14.
    PASSWORD CRACKING … Process of recovering passwords from the data that has been transmitted by a computer system or stored in it.  Helps a user to recover a forgotten or lost password, as a preventive measure by the system administrators.  Can also be used to gain unauthorized access to a system.  Many hacking attempts start with password cracking attempts.  Most attackers use password cracking techniques to gain unauthorized access to the vulnerable system.  Passwords may be cracked manually or with automated tools.  Programs designed for cracking passwords are the functions of the number of possible passwords per second that can be checked.  Most of the passwords cracking techniques are successful due to weak or easily guessable passwords. 14 SYSTEM HACKING
  • 15.
    6.1 PASSWORD CRACKINGTECHNIQUES 15 SYSTEM HACKING
  • 16.
    6.2 TYPES OFPASSWORD ATTACKS 16 SYSTEM HACKING
  • 17.
    6.3 PASSWORD CRACKINGTOOLS 17 SYSTEM HACKING
  • 18.
    7. PRIVILEGE ESCALATION An attacker can gain access to the network using a non-admin user account, and the next step would be to gain administrative privileges.  Attacker performs privilege escalation attack which takes advantage of design flaw, programming errors, bugs, and configuration oversights in the OS and software application to gain administrative access to the network and its associated applications.  These privileges allows attacker to view private information , delete files, or install malicious programs such as viruses, Trojans, worms, etc. 18 SYSTEM HACKING
  • 19.
    PRIVILEGE ESCALATION… Types ofPrivilege escalation: 1. Vertical Privilege escalation  Requires granting higher privileges or higher level of access than administrator.  This is accomplished by doing kernel-level operations that permit to run unauthorized code. 2. Horizontal Privilege escalation  Requires using same privileges or higher level of access that already has been granted but assuming the identity of another user with similar privileges. 19 SYSTEM HACKING
  • 20.
    7.1 PRIVILEGE ESCALATIONTOOLS 20 SYSTEM HACKING
  • 21.
    8. EXECUTING APPLICATIONS 21 •Attackers execute malicious applications in this stage. • This is called “Owning” the system. • Executing applications is done after the attacker gains the administrative privileges. • The attacker may try to execute some of his or her own malicious programs remotely on the victim's machine to gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources, crack passwords, capture screenshots, install a backdoor to maintain easy access, etc. SYSTEM HACKING
  • 22.
  • 23.
     The maliciousprograms that the attacker executes on victim's machine maybe:  Backdoors: Programming designed to deny or disrupt operation, gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources.  Crackers: Piece of software or program designed for the purpose of cracking the code or passwords.  Keyloggers: This can be hardware or a software type. In either case the objective is to record each and every key stroke made on the computer keyboard.  Spyware: Spy software may capture the screen shots and send them to a specified location defined by the hacker. The attacker has to maintain the access to the victim's computer until his or her purpose is fulfilled.  After deriving all the requisite information from the victim’s computer, the attacker installs several back doors to maintain easy access to the victim’s computer in the future. 23 SYSTEM HACKING
  • 24.
    9. HIDING FILES Many proactive applications are capable of preventing or detecting and deleting malicious applications.  In order to avoid malicious applications being detected by protective applications, attackers hide malicious files inside other legitimate files.  Rootkits are programs that hide their presence as well as attacker's malicious activities, granting them full access to the server or host at  that time and also in future.  Rootkits replace certain operating system calls and utilities with its own modified versions o f those routines that in turn undermine the security of the target system causing malicious functions to be executed.  A typical root kit comprises o f backdoor programs, DDOS programs, packet sniffers, log-wiping utilities, IRC bots, etc. 24 SYSTEM HACKING
  • 25.
  • 26.
    12.9.1 TYPES OFROOTKIT 26 SYSTEM HACKING
  • 27.
    12.10 COVERING TRACKS 27 •Once the attacker breaks into the target network or computer successfully, he tries to hide himself from being detected or traced out. • The attacker tries to cover all the tracks or logs that are generated during his attempts to gain access to the target network. SYSTEM HACKING
  • 28.