BROADCASTS.com

b"

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 08 today we are going to discuss about Active Interception and Privilege Escalation.What is active interception? Active interception occurs when a computer Is placed between your sending computer and your receiving computer.Because of that position it's able to capture or modify the traffic that's going between the two computers. Now what does that really mean? We'll let's take a field trip. You and I are going to go meet at the local coffee shop. You're going to bring your laptop and I'm going to bring mine. We order a cup of coffee and we sit down at the table and we connect to the wireless network. We think we're connected to Pete's Coffee or Starbucks, or whatever your favorite coffee shop is. But in actuality we're not connected to the coffee shop wifi.Instead, we're connecting to an attacker who's sitting in the back of the room with their laptop. This attacker has set up their laptop and is putting out a signal stronger than the coffee shop's signal. So our machines are connecting to them. Now whenever we're trying to go to the internet we're actually going from our laptops to the hackers laptop and from the hackers laptop out to the internet. To us it still looks like we're connected and we can go online and everything is fine with the world. But because of the placement of the attackers laptop in between us and our final destination they can capture anything that we're doing. They can see the emails that we're sending. They may be able to capture usernames and passwords. They may be able to modify what's coming back to us as well and embed malware into the files that we'd been requesting. That's what active interception is. It's when somebody gets in between you and the destination server and they can modify things based on that position. The second thing I want to cover in this lesson is Privilege Escalation. Now privilege escalation occurs when you're able to exploit a design flaw or a bug in a system to gain access to resources that a normal user isn't able to access. As an attacker, anytime I'm trying to break into a system I'm going to do that in a myriad of different ways. It may involve malware or a phishing attack, or an impersonation. Whatever the method is, most likely, I'm going to get into that system as a user, because I'm going to trick some ang user into doing something for me. When I do that, I now have user level credentials. But that's not going to allow me to do everything on the system that I want to do. My goal is to go from having that user level credential all the way up to administrative or root level credentials. To do that, I'm going to do a privilege escalation. There's a lot of ways to do a privilege escalation. Most of them involve exploiting some sort of bug in the software, the operating system, or the application and that let's me get closer to the kernel and being able to operate as an administrative or root user and stay tune for next episode and thankyou...