Privilage Escalation

Last week I just have a class in my university about the PRIVILEGE ESCALATION. What I got from this topic is:

– Authentication can be founded in three things which are something you know, something you have and who you are.

-There are two types of password attack which are offline attack(get the physical access to the machine) and online attack(attack from distance/ remotely)

– offline cracking tools such as rainbow crack, samdump, John The Ripper, Ophcrack(to crack the password), crunch, and wyd.

– online cracking tools such as BruteSSH, Hydra, Dsniff, and wireshark(TCPdump)

– The man in the middle attack which means that we as the attacker disguise our mac address as the gateaway of the network transaction between two or more clients.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s