Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ZSecurity Ethical Hacking: Network Hacking > Network Hacking: Post Connection Attacks > Flashcards

Network Hacking: Post Connection Attacks Flashcards

1
Q

How to change the MAC address on network interface

A

In the terminal:

  1. ifconfig wlan0 down
  2. ifconfig wlan0 hw ether 00:11:22:33:44:55
  3. ifconfig wlan0 up
  4. ifconfig
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How to change wireless adapter to monitor mode

A
  1. ifconfig wlan0 down
  2. airmon-ng check kill
  3. iwconfig wlan0 mode monitor
  4. ifconfig wlan0 up
  5. iwconfig
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How to discover devices connected to a network using netdiscover

A

netdiscover -r 10.0.2.1/24

r = range, which is the starting ip address and the subnet mask

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How to discover devices connected to a network using nmap

A

nmap -sP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When discovering devices on a network, what information should we look for?

A
  1. IP
  2. MAC
  3. OPEN PORTS
  4. OS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How to ssh into a device

A

ssh root@192.168.83.100

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How to check an arp table?

A

arp -a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What makes ARP insecure?

A
  1. Clients accept responses even if they did not send a request
  2. Clients trust responses without any form of verification.

This makes it vulnerable to arp spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Man in the Middle Attack?

A

An attack that uses arp spoofing or poisoning to make the router think that you are at the victims ip, and the victim think that you are at the router mac address. This places you in-between the two devices allowing you to intercept the traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Using arpspoof to poison the arp tables

A
  1. Tell the target you are the router
    arpspoof -i eth0 -t 192.168.83.129 192.168.83.2
  2. Tell the router you are the target
    arpspoof -i eth0 -t 192.168.83.129 192.168.83.2
  3. Set up port forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

HSTS

A

HTTP Strict Transport Security (HSTS) is a simple and widely supported standard to protect visitors by ensuring that their browsers always connect to a website over HTTPS. HSTS exists to remove the need for the common, insecure practice of redirecting users from http:// to https:// URLs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How to deal with HTTPS

A

Downgrade HTTPS to HTTP before the data is sent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How to deal with HTTP HSTS

A

Change the website domain name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is DNS spoofing

A

A way of controlling DNS requests on a network, by providing the ip for a fake website when a DNS request is made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How to start a webserver on linux Kali

A

sudo service apache2 start

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How to setup a fake website on Kali linux

A
  1. Go to the var / www / html folder
  2. Add desired webpages
  3. start server with: sudo service apache2 start
  4. Go to Linux machine Ip in web browser
17
Q
A

ZSecurity Ethical Hacking: Network Hacking (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions