No announcement yet.

System Hacking - Passive Online Attacks

  • Filter
  • Time
  • Show
Clear All
new posts

  • System Hacking - Passive Online Attacks

    A passive online attack is one in which the attacker tends not to be engaged or to be less engaged that they would be during other kinds of attacks. The effectiveness of this attack tends to rely not only on how weak the password is, but also on how reliable the password-collection mechanism is executed.

    Packet Sniffing
    A sniffer is not the typically preferred tool to use in an attack, due to the way it works and how it processes information. If you use a sniffer without any extra steps, you are limited to a single common broadcast domain, and will not be able to sniff much traffic from hosts that are not connected to the same switch as you. This does not apply to Wi-Fi and SPAN ports.
    Generally a sniffing attack is most effective if it is performed on the same switch as the target(s) of if you have access to set up a SPAN (Switched Port ANalyzer) port in the switch itself.
    (I am sorry EC-Counsil but no one is using hubs and repeaters anymore. Not even in third world countries. And if they do, they will also be running Windows ME, and then no hacking is needed. Get up to date! We do not traceroute using smoke signals either.)

    Man In The Middle
    During this type of attack, two parties are communicating with one another and a hacker inserts himself into the conversation and attempts to alter or eavesdrop on the communications. In order to be fully successful, the attacker must be able to sniff traffic from both parties at the same time. Man In The Middle (MITM) attacks commonly target vulnerable protocols and wireless technologies. Protocols such as Telnet, FTP and HTTP are particularly vulnerable to this type of attack. This kind of attack can be a bit tricky to carry out and if it is not executed correctly, packet loss may occur.

    Replay Attack
    In a replay attack, packets are captured using a packet sniffer such as Wireshark. After the relevant packets are captured, extracted and maybe modified, the packets can be placed back on the network. The intention is to inject the captured information such as hashed passwords, back onto the network and direct it to a resource such as as server or networking device, with the goal of gaining access without knowing the cleartext password. Once replayed, the valid credentials provide access to a system, potentially giving the attacker the ability to change information or obtain confidential information.
    Certified Security Geek