Interactive Quiz: 7. System Hacking

What does pivoting on a compromised system get you?

A route to extra networks

You find after you get access to a system that you are the user www-data. What might you try to do very shortly after getting access to the system?

Elevate privileges.

Why would an attacker use an alternate data stream on a Windows system?

For hiding files

What would you use the program rtgen for?

Generating rainbow tables

What is the advantage of using a rootkit?

Hiding processes and files

What could you use to obtain password hashes from a compromised system?

Mimikatz

What are the three date and time stamps stored as part of the file metadata?

Modified, accessed, and created

What is it called when you obtain administrative privileges from a normal user account?

Privilege escalation

Which of these is a reason to use an exploit against a local vulnerability?

Privilege escalation

Which of the following is a method of executing arbitrary code in the address space of a separate live process?

Process injection

Which is a collection of computer software designed to grant an unauthorized user access to a computer or certain programs?

Rootkit

Which of these would be a way to exploit a client-side vulnerability?

Sending a crafted URL

What is the reason for using rainbow tables?

Speed prioritized over disk space

Which of these techniques might be used to maintain access to a system?

The run key in the Windows Registry

What is it called when you manipulate the time stamps on files?

Timestomping

What does John the Ripper's single crack mode, the default mode, do?

Uses known information and mangling rules

What application would be a common target for client-side exploits?

Web browser

Process injection is a method

of executing arbitrary code in the address space of a separate live process. The idea of process injection is to take code the attacker wants to run and then inject it into an existing process.

Manipulating time stamps

on files is called timestomping

Rainbow tables use

pre-computed hashes that are mapped to plaintext passwords to speed up the process of obtaining the passwords from stored hashes. Rainbow tables, though, are very expensive when it comes to disk space.

Rtgen is a program

that is part of the rcrack suite. Rcrack is used to crack passwords with rainbow tables. Rtgen is used to generate the rainbow tables that rcrack will use to crack passwords.