Introduction
In this post, you will learn the three most common ways to compromise a device and also I will share the ways to compromise OS and web applications.
The three ways to compromise?
I have mentioned the three most common ways to compromise but this ideology will change according to the attack method. All these attacks are done by the red team. So, If you would like to be a pentester or hacker. Then you must read the post.
Here I would like to mention the core points to compromise one could customize according to needs!!!
- Deploy the payloads
- Compromises the operations system
- Compromises the web-based system
Also Read: What is SQL attack
Deploy the payload – compromise
When I say to deploy the payload, which means the information of the target is already gathered. Once the information is gathered the attacker can do exploit using Nessus or Metasploit. As I said before which is best suited for the environment and the place one could go with that tool.
Anyone who could find vulnerability using Nikto, once the vulnerability is found should do deep research about the vulnerability in the NDV and also the CVE and even the DB-exploit.
Compromising the operating system – Deploy the payload – compromise
This is the second way of compromising, this method is very effective because we are compromising the os. This means the target full control will be in the attacker’s hand even the attacker could do a backdoor attack once successful succeed the OS.
There are three ways to compromises OS they are;
Also Read: What is Hiren’s boot cd
Compromising web-based system
This section has fewer ways to compromise and the ways are too traditional and let me mention the four ways to compromise a web-based system. When I say web-based system it includes the cloud also.
- SQL injection
- Cross-site scripting
- DDoS attacks
- Broken Authentication
Conculusion
Finally, I have already written a blog post on the ways to compromise and I have provided the inbound link also just click and learn.
Also Read: What is on-boot?
Also Read: How does IoT involve in cyberattacks