|
Title: CEH v5 Module 5: System Hacking Post by: don on November 14, 2006, 06:09:46 PM Cracking Passwords
o Password Types o Types of Password Attacks o Passive Online – Wire Sniffing o Passive Online Attacks o Active Online – Password Guessing o Offline Attacks • Dictionary Attack • Hybrid Attack • Brute-force Attack • Pre-computed Hashes o Non-Technical Attacks o Password Mitigation o Permanent Account Lockout – Employee Privilege Abuse o Administrator Password Guessing o Manual Password Cracking Algorithm o Automatic Password Cracking Algorithm o Performing Automated Password Guessing o Tools • NAT • Smbbf (SMB Passive Brute Force Tool) • SmbCrack Tool • Legion • LOphtcrack o Microsoft Authentication - LM, NTLMv1, and NTLMv2 o Kerberos Authentication o What is LAN Manager Hash? o Salting o Tools • PWdump2 and Pwdump3 • Rainbowcrack • KerbCrack • NBTDeputy • NetBIOS DoS Attack • John the Ripper o Password Sniffing o How to Sniff SMB Credentials? o Sniffing Hashes Using LophtCrack o Tools • ScoopLM • SMB Replay Attacks • Replay Attack Tool: SMBProxy • Hacking Tool: SMB Grind • Hacking Tool: SMBDie o SMBRelay Weaknesses & Countermeasures o Password Cracking Countermeasures o LM Hash Backward Compatibility o How to Disable LM HASH? o Tools • Password Brute-Force Estimate Tool • Syskey Utility Escalating Privileges o Privilege Escalation o Cracking NT/2000 Passwords o Active@ Password Changer o Change Recovery Console Password o Privilege Escalation Tool: x.exe Executing applications o Tool: • Psexec • Remoexec • Alchemy Remote Executor • Keystroke Loggers • E-mail Keylogger • Spytector FTP Keylogger • IKS Software Keylogger • Ghost Keylogger • Hardware Keylogger • Keyboard Keylogger: KeyGhost Security Keyboard • USB Keylogger:KeyGhost USB Keylogger o What is Spyware? o Tools • Spyware: Spector • Remote Spy • eBlaster • Stealth Voice Recorder • Stealth Keylogger • Stealth Website Logger • Digi-Watcher Video Surveillance • Desktop Spy Screen Capture Program • Telephone Spy • Print Monitor Spy Tool • Perfect Keylogger • Stealth Email Redirector • Spy Software: Wiretap Professional • Spy Software: FlexiSpy • PC PhoneHome o Keylogger Countermeasures o Anti-Keylogger o PrivacyKeyboard Hiding Files o Hacking Tool: RootKit o Why Rootkits? o Rootkits in Linux o Detecting Rootkits o Rootkit Detection Tools • BlackLight from F-Secure Corp • RootkitRevealer from Sysinternals • Malicious Software Removal Tool from Microsoft Corp o Sony Rootkit Case Study o Planting the NT/2000 Rootkit o Rootkits • Fu • AFX Rootkit 2005 • Nuclear • Vanquish o Rootkit Countermeasures o Patchfinder2.0 o RootkitRevealer o Creating Alternate Data Streams o How to Create NTFS Streams? o NTFS Stream Manipulation o NTFS Streams Countermeasures o NTFS Stream Detectors • ADS Spy • ADS Tools o What is Steganography? o Tools • Merge Streams • Invisible Folders • Invisible Secrets 4 • Image Hide • Stealth Files • Steganography • Masker Steganography Tool • Hermetic Stego • DCPP – Hide an Operating System • Camera/Shy • Mp3Stego • Snow.exe o Video Steganography o Steganography Detection o SIDS ( Stego intrusion detection system ) o High-Level View o Tool : dskprobe.exe Covering tracks o Disabling Auditing o Clearing the Event Log o Tools • elsave.exe • Winzapper • Evidence Eliminator • Traceless • Tracks Eraser Pro • ZeroTracks Source: http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm Don
Powered by SMF 1.1.7 |
SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com |