System Hacking

The goal of the system hacking is to be able to authenticate to the remote or targeted host with the highest level of access. There are several ways this can be attempted including buffer overflow, exploiting a vulnerability, sniffing a password, guessing a password, social engineering, etc.

 

Denial of Service

A variation of the SYN attack is a reflective attack. An attacker launches a reflective attack by sending a large number of SYN packets to a web server but alters the source address so it is spoofed to match the address of the victim. The web server responds to the large number of SYN packets by issuing a flood of traffic back to the spoofed victims address. The victim sees the flood of traffic as an attack.


 

Buffer Overflow

Buffer overflows are usually categorized according to the memory region in which the overflow occurs. The stack area of memory serves a variety of purposes, such as passing arguments to functions, storing local variables, and keeping track of where execution should return to when the current function is finished executing.

Example of a Stack Overflow

void func(char *str)

{

        char name[64];

        strcpy(name,str);

        printf("Hello, %s\n",name);

}

 int main(int argc, char **argv)

{

        if(argc < 2)  {

       printf("Usage: %s name\n",argv[0]);

       return –1;

        }

        func(argv[1]);

        return 0;

}

Linux Hacking Links

no eth0 in /dev - LinuxQuestions.org
Controlling your Linux system processes
Linux Demo for Lecture
Securing Linux by breaking it with Damn Vulnerable Linux
Damn Vulnerable Linux - The most vulnerable and exploitable operating system ever
Linux.com | CLI Magic: Trojan Scan
Trojan-Spy.Linux.Logftp
Trojan horses plague open source: ZDNet Australia: News: Business
LRK: Linux Rootkit Information and source code
Hiding code -- details about Linux Rootkits
tornkit: a Linux Rootkit for Red Hat 6 & 7
trapkit.de - Rootkit Profiler LX (RKProfiler LX) -- Versions for Ubuntu and Ubuntu on VMware
Rootkit detector app..? - Ubuntu Forums -- chkrootkit and Rootkit Hunter included in Ubuntu archives
Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability
Easy Rootkit Crontab Exploit Found
Security on Ubuntu
Detecting Rootkits under Linux
debian.org compromise cleanup status -- How the SuckIt Rootkit was used to take over the debian.org main servers in 2003
Suckit Source Code -- a Linux Rootkit
VMware 4.0 and Redhat 9 - How to get ethernet working
Analysis of a Suckit detection and removal
Downloadable Linux Rootkits -- A good list
Tripwire Tutorial
 Linux File Structure
Unix/Linux Command Reference
How to change font colours in Gnome Terminal window
Trojan programs improve attack methods -- the Sheepshank Trojan Explained
The Ultimate Linux Reference Guide for Newbies

Windows Hacking Links

Microsoft Baseline Security Analyzer (MBSA)
Microsoft Baseline Security Analyzer (MBSA)
Winfingerprint.com
CVE - Common Vulnerabilities and Exposures
NetBIOS protocol, netbeui over TCP, server message blocks
NetBIOS - Wikipedia
NetBios NetBEUI NBF Networking Introduction
How To Configure TCP/IP Networking While NetBIOS Is Disabled in Windows 2000 Server
samba without netbios
The SMB Man-In-the-Middle Attack -- Example hashes here
SmbRelay captures NTLM hashes
L0phtCrack - It's over
ettercap - man in the middle attacks on LAN
Irongeek's Wall of Social Science Majors (inspired by the Wall of Shame/Wall of Sheep)
Ettercap tips and tricks
CIFS: A Common Internet File System
CIFS: Common Insecurities Fail Scrutiny
Winsock - Wikipedia
Microsoft Security: IIS Lockdown Tool
Top 10 Vulnerability Scanners
Wall of Sheep - I see stupid people
Wall of Sheep at DEFCON illustrates what not to do
Tripwire Tutorial -- Signature-based intrusion detection
Null session in Windows XP
Null session attacks: Who's still vulnerable?
Copyright © www.knowthetrade.com Home Hacking Certifications Blog Contact Us Terms of use Privacy