Introduction to System Hacking

Questions and Answers

PDF Questions PDF Answers

What is the primary goal of system hacking?

To analyze software code for vulnerabilities

To create new applications

To gain access to a target system using previously obtained information (correct)

To improve system performance

What does the attack surface of a software product include?

Control and data entry and exit points (correct)

A measure of hardware components

Only the user interface

Only the database interface

How can an organization measure its attack surface effectively?

By ignoring changes in network configuration

By providing users with complex passwords only

By establishing a baseline and monitoring changes regularly (correct)

By reducing the number of software applications installed

What is one recommended best practice for attack surface reduction?

Start only necessary applications when needed

What role does the Microsoft Attack Surface Analyzer serve?

To evaluate and analyze a software product's attack surface

Which of the following is NOT a component of attack surface evaluation?

Performing random connectivity tests

Why is it important to monitor changes to the attack surface regularly?

To determine if the attack surface has increased and if it can be reduced

What types of attacks are included in the study of password attacks?

Attack techniques and existing cracking tools

What does the damage potential of a method depend on?

The method’s privilege

Which factor is NOT considered in estimating a channel’s damage potential?

Method’s Privilege

How is a persistent data item’s damage potential evaluated?

By its type

Which of the following is essential for an attacker to gain a method’s privilege?

Utilizing the method in an attack

What contributes to a resource’s overall attack surface?

Both damage potential and access effort

What is the primary function of the Microsoft Attack Surface Analyzer 2.0?

To highlight security issues in an application

What is a significant step involved before checking a target app using the Microsoft Attack Surface Analyzer?

Run a baseline scan of the platform

In the password system outlined, what is the role of the salt when hashing a password?

To randomize the hashed value of the password

How does the password comparison process work in the outlined system?

The hashed password is compared to the stored salted hash

What is generated to show the changes in the attack surface after installing a new app?

A scan report

What technique is used to protect stored passwords in the password system?

Hashing with salt

What is the primary characteristic of LM and NTLM hashed passwords?

They are unsalted and susceptible to attack.

Why should the Microsoft Attack Surface Analyzer be repeated after a new app is installed?

To assess the new app's impact on security

What is the bit-length of a SHA-1 hash?

160-bit

What happens if the hashed password matches the stored hashed password during login?

The user is allowed access

Which hashing algorithm superseded LM and NTLM?

MD5

Which of the following is considered a common password guessing technique?

Using dictionary words spelled backwards

What does SHA-n refer to?

A class of hashing algorithms with varying output lengths

What is a major risk associated with the use of default or weak passwords?

They can be easily recognized by attackers.

Which SHA version is the most popular variant that produces a 256-bit hash?

SHA-2

Which technique would NOT typically be categorized as a password guessing strategy?

Examining DNS records for user information

Which of the following types of hashes does John the Ripper support for user passwords?

MD5

Which type of traffic can John the Ripper analyze?

Network traffic captures

Which of the following filesystems can John the Ripper handle?

macOS .dmg files

What method does Ophcrack use for password recovery?

Rainbow tables

What is the primary function of THC Hydra?

Parallelized network login cracking

Which operating systems are compatible with Ophcrack?

Windows, Mac OSX, and Unix

What is a necessary step before loading 'pass.txt' in Ophcrack?

Install rainbow tables

What file format does John the Ripper require for analyzing DES-encrypted content?

.txt

Study Notes

Introduction to System Hacking

• Gaining access to a target system using previously obtained information
• Attack surface: all points of entry and exit for a system (e.g., user interface, database interface, network interface)
• Ease of access depends on the target's attack surface

Attack Surface Evaluation

• What is a software product’s attack surface? Where are the control and data entry and exit points?
• How to measure it? Define a baseline and regularly measure and monitor changes.

Microsoft Attack Surface Analyzer

• Free tool for highlighting security issues in an application.
• Scans for open files, active apps, and Windows services.
• Compares scans against baselines to highlight potential vulnerabilities.

Password Attacks

• Password cracking techniques launched to crack encoded passwords.
• Password Salting adds randomness to passwords before hashing, making them harder to crack.
• Password Guessing Techniques include using dictionaries, names, addresses, and other personal information.

Password Security Risks

• Default or weak passwords are easily cracked, and often include easily guessed information like "admin".
• John the Ripper is a password cracking tool that supports many hashing algorithms and can crack various types of encrypted data.
• Ophcrack uses rainbow tables to crack passwords.
• THC Hydra is a fast password cracking tool that parallelizes network logins.

Description

This quiz covers essential concepts in system hacking, including attack surfaces, their evaluation, and tools like Microsoft Attack Surface Analyzer. It also touches on password attacks, such as salting and cracking techniques, providing a comprehensive overview of system vulnerabilities.