How Hackers access Vulnerabilities in Computer | for Education Purpose onlysteemCreated with Sketch.

in #hacks6 years ago (edited)

hack-like.jpg

#Finding Access Vulnerabilities

What generally happens is that an advanced or elite hacker writes a scanning tool
that looks for well-known vulnerabilities, and the elite hacker makes it available
over the Internet.

Less experienced hackers, commonly called “script kiddies,” then
run the scanning tool 24 x 7, scanning large numbers of systems and finding many
systems that are vulnerable. They typically run the tool against the name-spaces
associated with companies they would like to get into.
The script kiddies use a list of vulnerable IP addresses to launch attacks, based on
the vulnerabilities advertised by a machine, to gain access to systems. Depending on
the vulnerability, an attacker may be able to create either a privileged or nonprivileged
account.

Regardless, the attacker uses this initial entry (also referred to as
a “toe-hold”) in the system to gain additional privileges and exploit the systems the
penetrated system has trust relationships with, shares information with, is on the
same network with, and so on.

Once a toe-hold is established on a system, the attacker can run scanning tools
against all the systems connected to the penetrated system. Depending on the
system compromised, these scans can run inside an organization’s network.

#Finding Operating System Vulnerabilities

As mentioned previously, hackers first look for vulnerabilities to gain access. Then
they look for operating system (OS) vulnerabilities and for scanning tools that report
on those vulnerabilities.

Finding vulnerabilities specific to an OS is as easy as typing in a URL address and
clicking on the appropriate link. There are many organizations that provide “fulldisclosure”
information. Full disclosure is the practice of providing all information
to the public domain so that it isn’t known only to the hacker community.
Mitre, a government think tank, supports the Common Vulnerability and Exposures
(CVE) dictionary.

As stated on their web site (http://cve.mitre.org), the goal is
to provide the following:
A list of standardized names for vulnerabilities and other information security
exposures—CVE aims to standardize the names for all publicly known
vulnerabilities and security exposures.
Other security sites, such as SecurityFocus, CERT, the SANS Institute, and many
others, provide information about how to determine the vulnerabilities an OS has
and how to best exploit them.

#Attacking Solaris OE Vulnerabilities

Let’s use Solaris 2.6 OE as an example. A well-known vulnerability, for which
patches are available, is the sadmind exploit. Hackers frequently use this
vulnerability to gain root access on Solaris 2.6 OE systems.

Using only a search engine and the CVE number, found by searching through the
Mitre site listed previously, it is possible to find the source code and detailed
instructions on how to use it. The entire process takes only a few minutes. The
hacker finds the source code on the SecurityFocus web site and finds detailed
instructions on the SANS site

Sort:  

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
http://www.informit.com/articles/article.aspx?p=28489

This Topic is Very important for Hacker and IT Security Pros.
is this helpful for you?