Interactive Quiz: 7. System Hacking
What does pivoting on a compromised system get you?
A route to extra networks
You find after you get access to a system that you are the user www-data. What might you try to do very shortly after getting access to the system?
Elevate privileges.
Why would an attacker use an alternate data stream on a Windows system?
For hiding files
What would you use the program rtgen for?
Generating rainbow tables
What is the advantage of using a rootkit?
Hiding processes and files
What could you use to obtain password hashes from a compromised system?
Mimikatz
What are the three date and time stamps stored as part of the file metadata?
Modified, accessed, and created
What is it called when you obtain administrative privileges from a normal user account?
Privilege escalation
Which of these is a reason to use an exploit against a local vulnerability?
Privilege escalation
Which of the following is a method of executing arbitrary code in the address space of a separate live process?
Process injection
Which is a collection of computer software designed to grant an unauthorized user access to a computer or certain programs?
Rootkit
Which of these would be a way to exploit a client-side vulnerability?
Sending a crafted URL
What is the reason for using rainbow tables?
Speed prioritized over disk space
Which of these techniques might be used to maintain access to a system?
The run key in the Windows Registry
What is it called when you manipulate the time stamps on files?
Timestomping
What does John the Ripper's single crack mode, the default mode, do?
Uses known information and mangling rules
What application would be a common target for client-side exploits?
Web browser
Process injection is a method
of executing arbitrary code in the address space of a separate live process. The idea of process injection is to take code the attacker wants to run and then inject it into an existing process.
Manipulating time stamps
on files is called timestomping
Rainbow tables use
pre-computed hashes that are mapped to plaintext passwords to speed up the process of obtaining the passwords from stored hashes. Rainbow tables, though, are very expensive when it comes to disk space.
Rtgen is a program
that is part of the rcrack suite. Rcrack is used to crack passwords with rainbow tables. Rtgen is used to generate the rainbow tables that rcrack will use to crack passwords.