CCTC Networking - Network Exploitation (KW) perfect solution latest

rated A+

Lockheed Martin Kill Chain (DCO)

✓ Reconnaissance
2. Weaponization
-----------------------------
3. Delivery
4. Exploitation
5. Installation
6. Command and Control
7. Actions on Objective

Cyber Methodology (OCO)

✓ Target Discovery
2. Fingerprinting / Enumeration
3. Port Scanning
4. Gaining Access
5. Privilege Escalation
6. Post Exploitation

Compromised Asset Characteristics

✓ Information Technology Assets: servers, network components, network diagrams

Critical Information Assets: proprietary information, intellectual property, processes and plans,
credentials, org chart

Access Controls (3 types)

✓ -Behavioral Analysis
-Context Awareness
-Multifactor Authenticaiton

Social Engineering Attack Examples

✓ -Phishing
-Whaling
-Watering hole
-Baiting
-Pretexting

DoS/DDoS Attack Examples

✓ -Ping Flood
-Ping of Death
 -Syn Flood
-Smurf Attack

Injection Attack Examples

✓ -Web-based (SQL, XSS, FI)

-Code (SQL, XSS, OS, DE)
-Process (DLL, PE)

Network Infrastructure Based Attack Examples

✓ -Man in the middle

-Session hijacking
-Spoofing
-Buffer Overflow
-Bluetooth

Internal Exploitation

✓ Less common, more options

Harder to detect
Reaches more assets

External Exploitation

✓ Most common
Easily detected
Often guarded against

Shellcode

✓ a small piece of code used as the payload in the exploitation of a software vulnerability that
when executed spawns a shell. Used in buffer overflow attacks

Payload

✓ the part of the private user text which could also contain malware such as worms or viruses
which performs the malicious action

Buffer Overload

✓ Occurs when more data is put into a fixed-length buffer than the buffer can handle, and the
extra data holds instructions for malicious actions

NOP sled

✓ a hacker sends a large number of NOP instructions into the buffer, appending command code
instruction at the end.
*a string of x90 characters
Privilege Escalation

✓ Vertical or Horizontal
Methods:
-SAM file in windows
-/etc/passwd in linux
-sensitive info in shared folders
-weak permissions on processes

Persistence

✓ Allows for continued and future access to the exploited target by bypassing normal
requirements.

Methods to maintain persistence

✓ -Netcat
-Meterpreter
-Registry

Common protocols used to mask data exfil

✓ -HTTP/HTTPS
-FTP
-DNS