Privilage Escalation

Last week I just have a class in my university about the PRIVILEGE ESCALATION. What I got from this topic is:

– Authentication can be founded in three things which are something you know, something you have and who you are.

-There are two types of password attack which are offline attack(get the physical access to the machine) and online attack(attack from distance/ remotely)

– offline cracking tools such as rainbow crack, samdump, John The Ripper, Ophcrack(to crack the password), crunch, and wyd.

– online cracking tools such as BruteSSH, Hydra, Dsniff, and wireshark(TCPdump)

– The man in the middle attack which means that we as the attacker disguise our mac address as the gateaway of the network transaction between two or more clients.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s