Professional Documents
Culture Documents
NWHK CHAP5-Network Hacking - System Hacking v.1
NWHK CHAP5-Network Hacking - System Hacking v.1
Network Hacking
(System Hacking)
OBJECTIVES
▪ Hacking Methodology
▪ Explain the techniques to Gain Access to a
target system
▪ Explain Privilege Escalation
Vulnerability
▪ A Security Vulnerability is a weakness, flaw,
or error found within a security system that
has the potential to be leveraged by a threat
agent in order to compromise a secure
network.
https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/
Exploit
▪ A program, or piece of code, designed to find
and take advantage of a security flaw or
vulnerability in an application or computer
system.
https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-
exploit.html
Payload
▪ Software components that inject the malicious
software into systems or networks
https://turingpoint.de/en/blog/malware-what-is-a-payload/
Exploit-Db
▪ Online resources
▪ Exploit Database (https://exploit-db.com)
▪ Example: Search for exploits to eternal blue
Metasploit
Metasploit Meterpreter
meterpreter is a shell like cmd prompt
Harvesting Passwords
Hashdump
Mimikatz
▪ Password harvesting using mimikatz
▪ Load mimikatz module in meterpreter
session.
▪ Execute creds_msv module to gather
passwords
Password Cracking
▪ Hashcat
Rainbow Tables
rtgen
▪ a package to generate rainbow table for
cracking
▪ Provides specification of constrains to
generate rainbow table
rtgen
▪ Using rtgen to generate a rainbow table for
ntlm
Kerberos
Kerberoasting
Kerberos Attack*
https://michelepariani.com/2020/12/14/outline-of-an-attack-to-active-directory/
Client-Side Vulnerabilities
▪ Web browsers make convenient client side
attack
▪ One of the most commonly used applications
▪ Browsers based applications are used for
many common applications
▪ Limited types of browsers
▪ IE/Edge
▪ Safari
▪ Chrome
▪ Etc
ET0741 Network Hacking
Official (Open)
Other Terminologies
▪ Living Off the Land
▪ Using tools that are already available on the
target system
▪ PowerShell - Windows
▪ Bash Shell – Linux
▪ Etc.
▪ Fuzzing
▪ The process of sending unexpected or
malformed data to an application to see how
that it handles
▪ Possible DoS
ET0741 Network Hacking
Official (Open)
Post Exploitation
Privilege Escalation
Privilege Escalation
Pivoting
Persistence
Persistence
▪ several techniques
▪ Secure Shell (SSH)
▪ remote desktop on Windows
▪ create a new user
▪ change compromised user’s password
▪ install software that will connect to the
attacker’s system.
Covering Tracks
Rootkits
Rootkits
Rootkits
Process Injection
Log Manipulation
Hiding Data
Summary
▪ Search exploits
▪ Cracking password hashes
▪ John the Ripper
▪ Lophcrack
▪ Pivoting, privilege escalation
▪ Cover your tracks to avoid detection