Attacking a system

Question 1

Where are passwords in Windows and Linux systems found?

Answer 1

c:\windows
\system32\config (you might also be able to pull one from the c:\ windows\repair folder).
Passwords for Linux are found in /etc/shadow.

Question 2

What are the two types of privilege escalation?

Answer 2

Vertical privilege escalation occurs when
a lower-level user executes code at a higher privilege level than they should have access to.
Horizontal privilege escalation isn’t really escalation at all but rather simply executing code at the
same user level but from a location that should be protected from access.

Question 3

What is another term for steganography?

Answer 3

Another term used in regard to steganography is semagram, and there are two
types. A visual semagram uses an everyday object to convey a message. Examples can include
doodling, or the way items are laid out on a desk. A text semagram obscures a message in text by
using things such as font, size, type, or spacing.

Question 4

What are the three (3) types of rootkits?

Answer 4

Application level As the name implies, these rootkits are directed to replace valid
application files with Trojan binaries. These kits work inside an application and can use an
assortment of means to change the application’s behavior, user rights level, and actions.
• Kernel level These rootkits attack the boot sectors and kernel level of the operating systems
themselves, replacing kernel code with backdoor code. These rootkits are by far the most
dangerous and are difficult to detect and remove.
• Library level These rootkits basically use system-level calls to hide their existence.