Call Now

Send Message[email protected]

Our LocationHyderabad, Telangana

SYSTEM HACKING

System Hacking

System hacking is the process of trying to compromise the target system with the help of the information we collect from the pre-attack phases (Footprinting and scanning).

Metasploit

Metasploit is a framework used for developing and executing exploit code against a remote target machine. Metasploit Framework contains the following modules.

·        Exploits ·        Encoders
·        Payloads ·        Post
·        Auxiliary ·        Nop’s

Components of the Metasploit:

  • Msfconsole
  • Msfvenom
  • Armitage

Exploit

            An exploit is the means by which an attacker, or pen tester for that matter, takes advantage of a flaw within a system, an application, or a service. An attacker uses an exploit to attack a system in a way that results in a particular desired outcome that the developer never intended. Common exploits include buffer overflows, web application vulnerabilities (such as SQL injection), and configuration errors.

Exploits can help gain super user-level access to a computer system. Hackers manage to gain low-level access; then they try to escalate privileges to the highest level (root). The exploit becomes unusable; once the vulnerability is fixed through a patch.

Exploits are classified based on how the exploit communicates with the vulnerable software.

  • A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.
  • A local exploit requires prior access to the vulnerable system and escalates the privileges of the person running the exploit.

Payload

A payload is a code that we want the system to execute and that is to be selected and delivered by the framework. For example, a reverse shell is a payload that creates a connection from the target machine back to the attacker as a window command prompt whereas a bind shell is a payload that “binds” a command prompt to a listening port on the target machine, which the attacker can then connect. A payload could also be something as simple as a few commands to be executed on the target operating system.

Types of Payload

The Metasploit framework has three different types of payloads

  1. Singles
  2. Stagers
  3. Stages

Single Payload

Singles are self-contained payloads. They perform a simple task like adding a user to the target computer and running executable files in the victim’s computer. These kinds of payloads can be caught with non-Metasploit handlers such as netcat. These payloads are more stable because they contain everything in one.

Stager payload

Stager payloads are used to set up a network connection between the attacker and victim and provide the remote connection to execute commands. It is difficult to do both of these well, so the result is multiple similar stagers. Metasploit will use the stagers to create the buffer memory in a small portion of memory; these stagers are responsible for downloading a large payload (the stage), injecting it into memory, and passing execution to it.

Stage payload

Stage Payloads are the components of the stagers that are downloaded in the exploited pc by the Stagers. The various payload stages provide advanced features with no size limit such as Meterpreter, VNC injection, etc.

Shellcode

 Shellcode is a set of instructions used as a payload when exploitation occurs. Shellcode is typically written in assembly language. In most cases, a command shell or a Meterpreter shell will be provided after the series of instructions have been performed by the target machine, hence the name.

Module

A module in the context of this book is a piece of software that can be used by the Metasploit Framework. At times, you may require the use of an exploit, module, a software component that conducts the attack. Other times, an auxiliary module may be required to perform an action such as scanning or system enumeration. These interchangeable modules are the core of what make the Framework so powerful.

Listener

A listener is a component within Metasploit that waits for an incoming connection of some sort. For example, after the target machine has been exploited, it may call the attacking machine over the Internet. The listener handles that connection, waiting on the attacking machine to be contacted by the exploited system.

Escalating Privileges

Privilege escalation is a technique to exploit existing vulnerabilities in design, misconfigurations in an operating system or in any installed applications to gain elevated access to resources that are usually protected from an application or user.

Vertical Privilege Escalation

The attacker grants himself higher privileges. Privilege escalation is typically achieved by performing kernel-level operations that allow the attacker to run unauthorized code.

Horizontal Privilege Escalation

Attacker’s use the same level of privileges he already has been granted, but assume the identity of another user with similar privileges.

Password Cracking

In password cracking, hackers use a different kind of attacks to know the target computer login password so that they can gain complete access.

Types of passwords

Passwords with only letters                                                                Ex: admin

Passwords with letters and numbers                                              Ex: admin123

Passwords with letters and special characters                             Ex: [email protected]

Passwords with only numbers                                                          Ex: 6842

Passwords with only special characters                                         Ex: @!#$%%^

Passwords with numbers and special characters                       Ex: [email protected]#$ Passwords

with letters, numbers and special characters                                         Ex: [email protected]

Methods To Crack password

Password Guessing – Not a technique, but usually the first thing that every criminal will try to do.

Brute Force Attack – All possible permutations & combinations of the keyboard are tried as the victim’s password. All passwords have to be some permutation or combination of victim’s keyboard characters.

Dictionary Based Attack – All words in the dictionary are tried as the victim’s password.

Syllable attack – Combination of both, brute force attack and a dictionary attack. This is often used when the password is a nonexistent word.

Default Passwords – Manufacturers configure the hardware or software with default passwords and settings. We can get default passwords online for devices (http://defaultpassword.us/).

Data Sniffing – Data sniffer to record passwords being sent across the LAN network in plaintext format.

Suggestive Measures:

  • Keep Operating system software updated (patched).
  • Use stronger authentication methods.
  • Enable security auditing to help monitor
  • Avoid storing user names/password on
  • Change passwords on a frequent
  • Build user awareness on social engineering