Ethical Hacking 8.3.7
Which of the following is malware that works by stealth to capture information and then sends it to a hacker to gain remote access? answer Crackers ERD Commander Spyware Writable services
Spyware
Hackers can maintain access to a system in several ways. Which of the following best describes the unsecure file and folder method? answer Services with weak permissions allow anyone to alter the execution of the service. The hacker will have rights to do whatever the admin account can do. This can lead to DLL hijacking and malicious file installations on a non-admin targeted user. There is no problem if the path is written within quotation marks and has no spaces.
This can lead to DLL hijacking and malicious file installations on a non-admin targeted user.
Which of the following do hackers install in systems to allow them to have continued admittance, gather sensitive information, or establish access to resources and operations within the system? answer cPassword Crackers Backdoors Kerberos
Backdoors
A hacker finds a system that has a poorly design and unpatched program installed. He wants to create a backdoor for himself. Which of the following tools could he use to establish a backdoor? answer CCleaner Timestomp AuditPol Metasploit
Metasploit
Which of the following system exploitation methods happens by adding a malicious file to a file path that is missing quotation marks and has spaces in it? answer Unsecure file and folder permissions Writable services Spyware Path interception
Path interception In path interception, a hacker uses the way services normally operate to cause an unintended program to run. When a service is started, it looks for a path to the file that runs the service. There is no problem if the path is written within quotation marks and has no spaces. But if it doesn't have quotation marks around it and it has spaces in the code, there is an opportunity for a hacker to add a malicious file name to the path and reroute it to the malicious file. If the service runs with admin or system rights, the hacker can gain escalated privileges as soon as the system restarts. Older versions of Windows allow administrators to access any non-admin user's files and folders, which can lead to DLL hijacking and malicious file installations on a non-admin targeted user. Writable services are services with weak permissions that allow anyone to alter the execution of the service. Spyware is malware that stealthily captures information and sends it to a hacker.
