Title
-----------------
Video On How To Hack A PC
Hacking Video - Education Or Marketing Tool?
-----------------
I sat in my office for about thirty minutes trying to decide if I was going to write this article. I finally came to the conclusion that I would since this information is already freely available on the Internet, and in fact, was posted as part of a government article.
(
http://www.demosondemand.com/clients/fiberlink/002/page/in This video dex_new.asp), part of a sales and marketing strategy (Or, maybe just public awareness and education) to sell a product called Fiberlink Extend360, literally walks you through the steps you need to take to hack a PC on a wireless network. Not only is it demonstrated in video, it is fully narrated.
Connecting To The Target PC
-----------------
The video shows you what tools to use to scan a wireless network, determine the user accounts, determine if account lockout is on or off, how to attach to the PC using the null session attachment, and how to use a compiled exploit tool to gain command access to the target PC.
Shutting Down Anti-Virus Software
-----------------
At this point, they go on to explain how to shut down the target PC's anti-virus software, all along referencing their product (although to be fair they also mention patches and other basic security measures), and how if you had it, this attack would not be possible. They then create a folder on the compromised PC and share it.
Then, they connect to the shared folder from the source machine an go on to explain how to get all the user ID's and passwords. They use pwdump to dump the entire SAM (where the user accounts and hashed passwords are stored). They also show you how to copy off a CISCO VPN configuration file and explain how to use it.
Cracking Account Passwords
-----------------
They then show you how to crack one of the user passwords using a tool I have written about previously, called CAIN. Next, they install a Trojan (subeven) on the system that will allow them to perform key logging, and since the anti-virus software is disabled, it won't be noticed. They install the Trojan and connect to the machine. They then make sure to tell you that the Trojan will alert them when the target machine comes online so they can go back and hack it some more. However, if you were using their product, this would not be possible.
Capturing Data Using A Sniffer
--------
---------
After the Video on how to hack into a wireless PC, another one of the companies CISSP's shows you everything you need to know about finding usernames, passwords, PIN's, and other information by analyzing a set of sniffer output.
Conclusion
-----------------
I must say that this video instruction on how to hack a PC is very well done. The video and narration is visually and audibly perfect and the detail and steps to hack the computer are accurate. They do explain that most of these hacking procedures can be thwarted by measures other than using their product / solution. However, the presentation is clearly a sales and marketing tool.
I'm not sure if making a video presentation on how to hack a PC is the right or wrong thing to do. I myself write articles that provide similar, if less detailed information. One could say that this is just another way of promoting public awareness. It's true, hacking into a PC or network can be just this simple. However, making a video on how simple it is might be taking it a little to far (Maybe this should be a question on the CISSP exam). I'll leave it up to you to decide.
You may reprint or publish this article free of charge as long as the bylines are included.
Original URL (The Web version of the article)
---------------------
http://www.defendingthenet.com/newsletters/VideoOnHowToHackAPC.htmArticles Source - Free Articles
