Krissie's Blog

A DoS attack is usually a last resort attack because it is considered unsophisticated. This type of attack doesn’t give the hacker any information or benefits but instead annoys the target and interrupts their service. DDoS attacks are an advanced version of a DoS attacked in a much larger scale. DDoS attacks are coordinated and strategized to flood the victim target’s system

There are specific types of modules in the framework which are used for many different purposes

Metasploit Framework is a Ruby based penetration testing platform that enables you to write, test, and execute exploit code. The Metasploit framework contains a whole toolkit that you can use to test vulnerabilities, enumerate networks, execute attacks, and evade detection.

Attacking Passwords
•Password is used as one of the authentication
factor
•Authentication can be based on the following
factor:
• Something you know
• Something you have
•Who you are

Type of password attacks
•Offline attack
•You need physical access to the machine to be able
to perform this attack
•Online attack
•Attack from remote location

Offline Cracking Tool
•Rainbowcrack
•Samdump2
•John The Ripper
•Ophcrack
•Crunch
•Wyd

A firewall is a security measure used to protect ports that are unused and open by filtering them to hosts with permissions. Some firewalls provide stateful packet inspection, which means they check addresses and ports and look inside the IP and TCP or UDP header to verify that it is an acceptable packet. Firewalls are meant for protection and detection. Most scans that aren’t stealthy will be picked up by firewalls and be alerted to the hosts and admins.

the attack process of a social engineering is to :

• gather intelligence information
• Identifying vulnerable points
• Planning the Attack
• Execution

There are various ways of which one can execute a social engineering attack such as:

• Impersonation- pretending to be someone else
• Reciprocation- The art of exchanging favors in terms of getting mutual advantage
• Influential Authority
• Scarcity
• Social Relationship
• Social Engineering Toolkit (SET)

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

The information is then used to access important accounts and can result in identity theft and financial loss. These are the attributes of a phishing website.

CEWL – is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper, Hydra, etc. Basically you can make your own personalized dictionaries from a given target’s website.

Hydra– is a parallelized network login cracker built in various operating systems like Kali Linux, Parrot and other major penetration testing environments. Hydra works by using different approaches to perform brute-force attacks in order to find the right username and password combination

Implementation- Once you have generated a list of passwords with CEWL or wherever source you choose from, you can start using Hydra. It is important to note a username needs to be provided also and is usually much easier to get than the password as it can be visible most of the times to outsiders and can also be the email associated to the username. These can all be found by the enumeration steps we covered previously.

Enumerating Target
• A brief background concept describing port scanning and various port scanning types supported by the port
scanning tools
• The tools that can be used to carry out network scanning task
• The tools that can be used to do SMB enumeration on the Windows environment
• The tools that can be used to do SNMP enumeration
• The tool that can be used to enumerate the IPsec VPN server

In this weeks class we discussed target discovery, which states that :

• A description of the target discovery process
• The method used to identify target machines using the tools in Kali Linux
• The steps required to find the operating systems of the target machines (operating system fingerprinting)

Enumerating Target
• A brief background concept describing port scanning and various port scanning types supported by the port
scanning tools
• The tools that can be used to carry out network scanning task
• The tools that can be used to do SMB enumeration on the Windows environment
• The tools that can be used to do SNMP enumeration
• The tool that can be used to enumerate the IPsec VPN server

Utilizing search engines can help us gather more information about the target and there are various methods that we can use such as :

1. Shodan- which is a search engine that lets the user find specific types of computers connected to the internet using a variety of filters.
2. TheHarvester – gathers email accounts usernames and host addresses
3. Maltego – It is an open-source intelligence and forensics application and shows how information is connected to each other.