Assignment: System Hacking Techniques | Ethical Hacking using Kali Linux (in English) - Software Development PDF Download

Multiple Choice Questions (MCQs)

Q1: What is the first step in system hacking?
(a) Covering tracks
(b) Gaining access
(c) Maintaining access
(d) Cracking passwords
Ans: (b) Gaining access

Q2: Which tool is commonly used for privilege escalation?
(a) john
(b) meterpreter
(c) netstat
(d) whois
Ans: (b) meterpreter

Q3: What is the purpose of the passwd command in Linux?
(a) List all users
(b) Change a user’s password
(c) Display system logs
(d) Terminate processes
Ans: (b) Change a user’s password

Q4: Which tool is used for offline password cracking?
(a) hydra
(b) john the ripper
(c) tcpdump
(d) nmap
Ans: (b) john the ripper

Q5: Which command can be used to check for open ports and active connections on a system?
(a) netstat -an
(b) whoami
(c) ls -la
(d) ping -t
Ans: (a) netstat -an

Q6: What is a common method for hiding malicious processes on a system?
(a) Rootkits
(b) Firewalls
(c) Antivirus software
(d) SSH tunnels
Ans: (a) Rootkits

Q7: Which attack involves injecting malicious code into a system’s memory?
(a) Phishing
(b) Buffer overflow
(c) SQL injection
(d) Brute force attack
Ans: (b) Buffer overflow

Q8: What is the main purpose of a keylogger?
(a) Encrypt user data
(b) Record keystrokes
(c) Perform network scanning
(d) Hide processes
Ans: (b) Record keystrokes

Q9: How can a hacker maintain access to a compromised system?
(a) Changing the victim’s wallpaper
(b) Installing a backdoor
(c) Clearing browser history
(d) Running a virus scan
Ans: (b) Installing a backdoor

Q10: Which tool is used to exploit known vulnerabilities in systems?
(a) wireshark
(b) metasploit
(c) aircrack-ng
(d) snort
Ans: (b) metasploit

Clear all your Software Development doubts with EduRev Join for Free

Join for Free

Fill in the Blanks

Q1: The ________ tool is used to crack password hashes offline.
Ans: john the ripper

Q2: ________ is used to escalate privileges on a compromised system.
Ans: meterpreter

Q3: The command ________ is used to list active network connections.
Ans: netstat -an

Q4: Rootkits are used to ________ malicious activities on a system.
Ans: hide

Q5: A ________ is a tool that records every keystroke entered on a system.
Ans: keylogger

True/False

1. Buffer overflow exploits can allow attackers to execute arbitrary code.
Ans: True

2. A keylogger is used to protect systems from unauthorized access.
Ans: False

3. Netstat can display all open ports on a system.
Ans: True

4. Privilege escalation allows attackers to gain higher-level access to a system.
Ans: True

5. Metasploit is mainly used for scanning network traffic.
Ans: False

Download the notes Assignment: System Hacking Techniques

Download as PDF

Download as PDF

HOTS (Higher Order Thinking Skills) Questions

Q1: You are testing the security of a client’s system and need to check if it is vulnerable to privilege escalation. How would you proceed?
Ans: Use whoami to check the current user, then sudo -l (Linux) or whoami /priv (Windows) to check available privileges. Attempt known exploits using meterpreter.

Q2: A company suspects an unauthorized process is running on its system. How would you investigate and detect hidden processes?
Ans: Use ps aux (Linux) or tasklist /v (Windows) to list all processes, then compare with known system processes. Use rkhunter to check for rootkits.

Q3: You have successfully gained low-level access to a system. What are some ways to escalate privileges?
Ans: Exploit misconfigured SUID binaries, use kernel vulnerabilities (dirtycow), search for stored credentials, or use privilege escalation scripts like LinPEAS.

Q4: Your team discovers a system infected with a keylogger. What steps should you take to remove it and secure the system?
Ans: Identify the malicious process (tasklist, ps aux), terminate it, delete associated files, check startup entries, and scan with antivirus software.

Q5: During a penetration test, you find an open port running an outdated service. How would you exploit this vulnerability?
Ans: Use nmap -sV to identify the service and version, search for exploits using searchsploit or Metasploit, and attempt to exploit using a tested payload.

Take a Practice Test Test yourself on topics from Software Development exam

Practice Now

Practice Now

Hands-on Coding Questions

Q1. Write a Python script to check for open ports on a target system.
Ans: 
import socket
target = "192.168.1.10"
ports = [21, 22, 80, 443, 445, 3389]

for port in ports:
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.settimeout(1)
    result = sock.connect_ex((target, port))
    if result == 0:
        print(f"Port {port} is open")
    sock.close()

Q2: Create a Bash script to monitor running processes and detect unauthorized ones.
Ans:
 #!/bin/bash
echo "Checking for suspicious processes..."
ps aux | grep -E "(nc|netcat|ncat|bash -i|sh -i)"