- Get link
- Other Apps
In the footprinting phase we are able to pick the leakage points such as os version, Service version of the targeted system which will help the attacker to know the security posture and Vulnerability of the remote system and now in gaining Access it’s time for trying to access them. This phase is where an attacker breaks into the system/network using various tools or methods. After entering into a system, he has to increase his privilege to the administrator level so he can install an application he needs or modify data or hide data.
Password Cracking -
There are few basic methods of password cracking-
• Bruteforce- trying all possible combinations until the password is cracked
• Dictionary Attack- This is a compiled list of meaningful words, compared against the password field till a match is found.
• Rule Based Attack- If some details about the target are known, we can create rules based on the information we know.
• Rainbow Table- Instead of comparing the passwords directly, taking the hash value of the password, comparing them with a list of precomputed hash values until a match is found.
Types of Password Attacks
Passive Attacks -
A passive attack is an attack on a system that does not result in a change to the system in any way. The attack is to purely monitor or record data.
• Wire Sniffing
• Man in the middle
• Replay attack
Active Attack -
An active online attack is the easiest way to gain unauthorized administrator- level access to the system
• Password guessing
• Trojan/spyware/keyloggers
• Hash injection
• Phishing
Offline Attacks -
Offline attacks occur when the intruder checks the validity of the passwords. offline attacks are often time to consume.
• Pre-computed hashes
• Distributed Network
• Rainbow
Non-Electronic Attacks -
Non-electronic attacks are also known as non-technical attacks. This kind of attack doesn’t require any technical knowledge about the methods of intruding into another system.
• Social engineering
• Shoulder surfing
• Dumpster Diving
Comments
Post a Comment