Session 3 handout

● What is Enumeration:
Extracting a system’s valid usernames, machine names, share names, directory names, and other
information.

● Tope 5 password attack:

1. Brute Force Attack

A brute force attack is a type of password crack that uses a computer program to generate and
try every possible combination of characters until it finds the correct password. This attack is
very time-consuming and often requires large amounts of computing power, but it can be
successful if the attacker has enough time and resources.

2. Dictionary Attack

A dictionary attack is a type of password crack that uses a list of words (usually taken from a
dictionary) to generate and try possible password combinations. This attack can be successful if
the password is a common word or phrase, but it is much less likely to succeed if the password
is a random string of characters.

3. Rainbow Table Attack

A rainbow table attack is a type of password crack that uses a pre computed table of all
possible hashes of all possible passwords (or a subset thereof). This attack can be very
effective if the attacker has a copy of the rainbow table, but it is much less likely to
succeed if the password is a random string of characters.

4. Social Engineering Attack

A social engineering attack is a type of password crack that relies on tricking the user
into revealing their password. This attack can be successful if the attacker is skilled at
deception, but it is much less likely to succeed if the user is aware of the risks.

5. Credential Stuffing Attack

A credential stuffing attack is a type of password crack that uses a list of stolen usernames
and passwords (usually obtained from an external data breach) to try and gain access to
other accounts. This attack can be successful if the user re-uses passwords across multiple
accounts, but it is much less likely to succeed if the user has a unique password for each
account.
Tools for password attack online:
● Hash table to know the type of hash
● Crackstation to convert hashes to password
● Hash with salt to conver hashes with salt to password

Tools for password attack kali:

● Hashcat
● Crunch
● John
● Ophcrak
Tool to know if your password is shared
● haveibeenpwned

To Crack Linux password

You need two files(shadow, password)
1- Combine the file
Unshadow passwd shadow> output.txt
2- John output.txt
Video
NMAP Table

Name flag Description

Attempts to determine the version of the services running

-sV

Attempts to determine the version of the services running

-p<x> or -p-

Disable host discovery and scan for open ports

-Pn

Enables OS and version detection, executes in-build scripts for further enumeration
-A

Scan with the default Nmap scripts

-sC

Verbose mode
-v

UDP port scan

-sU

TCP SYN port scan

-sS
Helping tools to solve Linux lab
Stabilize reverce shell

Tools to clear logs:

● Using Metasploit : clearev

● Using tool: clearprog, wintools