Professional Documents
Culture Documents
C ONTENT S BEHC: Introduction to Born Ethical Hackers Club ...................................................3 Hack! What the hell it is?? ...................................................................................3 Hacking: What is it?? ...........................................................................................5 Most Important terms ..........................................................................................6 Can Hacking be Ethical? If yes, then How and what is Ethical? ...............................7 Difference between Hackers and Crackers.............................................................7 What you will learn with BEHC? ............................................................................8 Security and its three basic pillars (C.I.A) .............................................................9 How hackers perform their hack attacks? ............................................................11 Phase 1: Information gathering and Reconnaissance ........................................11 Phase 2: Scanning the target ..........................................................................12 Phase 3: Breaking the system and Gaining the Access......................................12 Phase 4: Maintaining the access without getting acknowledged .........................13 Phase 5: Removing and covering traces ...........................................................13
The above explained procedure is normal way that users use to change windows administrator or users password. But we all know that there are several uncommon ways of changing windows administrator or users password. These ways is what we call HACK. Now in above explained procedure wont work if I dont have administrator rights or I forgot the administrator password. Now how I will change the administrator password or unlock system. Here the term Hack and Hacker will come into picture. Now we have to use uncommon ways to achieve the target as normal procedure is no longer working in our situation. We can do above tasks by several methods according to levels of Hackers. Novice Users: They will format the windows operating system or will take experts help. Script Kiddies (beginner level hackers): They will use Linux live disks or Emergency rescue disks to reset the password. Medium Level Hackers (who have good knowledge of system and hacking tools): They will use advance Hacking tools like OPHCrack or Backtrack OS to retrieve the password. Elite Hackers (expert level hackers): Why to use any third party tool (know how to do with third party tools) when I can do this manually by breaking into system root and reset it. I will explain all the above methods in forthcoming classes but I want to tell the elite ones procedure to give you an idea about up to what level we will learn things. So below is the procedure how Elite Hackers will do: Elite Hackers do things based on situations say how I will do if its my own system and if its somebody elses system (i.e. I want to break into his/her system without getting tracked). If its my own system, I have two choices: First, I can reset the password and Second, I can retrieve the password.
If its somebody elses system, I am left with only one choice i.e. I need to retrieve the password because if I reset it then victim will know that somebodys has broken into his/her system and you cannot call yourself elite if you can be tracked. So as a elite hacker I will try to retrieve the administrator password without getting tracked or caught and its simplest way is using OPHCrack Live CD because this is the only possible way to retrieve the existing password without resetting it. All other methods reset the windows password. Alternatively, I will insert windows operating system CD/DVD and try to retrieve the windows password encrypted file and then decrypt it at my own system. I will share the exact methods in later classes.
Because when i frankly asked people, why you want to learn Hacking? This is the reply what I got: 1. 2. 3. 4. 5. 6. I want I want I want I want I want I want to to to to to to hack my friends emails and Facebook 40% have fun 30% become security professional or Ethical Hacker 15% see what my girlfriend is doing 11% take revenge 3% learn cool stuff 1%
See only 16% people (15% Ethical hackers + 1% learn cool stuff) want to learn ethical hacking for good reasons. I will teach you everything but its solely your decision whats your reason to learn Hacking.
We cannot make a system which is completely unhackable; we can only make system harden so that it cannot be hacked.
dite workings of any computer system or networking system. Most often, hackers are the expert programmers. These are also called Ethical Hackers or white hat hackers. And the technique or hacking they perform is called ethical hacking. Ethical Hacking Means you think like Hackers that is first you Hack the System s and find out the loop holes and then try to correct those Loop Holes. These types of hackers protect the cyber world from every possible threat and fix the future coming security loop holes. These peoples are also called as "GURU's" of Computer Security. Crackers: Crackers or Black Hat hackers or cheaters or simply criminals, they are called criminals because they are having the mindset of causing harm to security and they steals very useful data and use it in wrong ways. Phishers also come in this category who steals account info and steal your credit card nos. and money over the Net.
Unicode Encoding Session Based Attacks: Man-in-the-browser attack Man-in-the-middle attack Repudiation Attack Session fixation Session hijacking attack Session Prediction Page Hijacking Forced browsing One-Click Attack Click jacking Denial of service Attacks: Denial of Service Asymmetric resource consumption (amplification) Buffer overflow attack Traffic flood Regular expression Denial of Service ReDoS Overflow Binary Resource File
Cash Overflow HTTP Based Attacks: HTTP Request Smuggling HTTP Response Splitting Brute force attack Cache Poisoning Parameter Delimiter Web Parameter Tampering Format string attack Mobile Based Attacks: Mobile code: invoking untrusted mobile code Mobile code: non-final public field Mobile code: object hijack Others: Account lockout attack Spyware Setting Manipulation Trojan horse Windows: DATA alternate data stream
transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system holds. Integrity: Integrity refers to the trustworthiness of information resources. It includes the concept of "data integrity" -- namely, that data have not been changed inappropriately, whether by accident or deliberately malign activity. It also includes "origin" or "source integrity" -- that is, that the data actually came from the person or entity you think it did, rather than an imposter. Integrity can even include the notion that the person or entity in question entered the right information -- that is, that the information reflected the actual circumstances (in statistics, this is the concept of "validity") and that under the same circumstances would generate identical data (what statisticians call "reliability"). On a more restrictive view, however, integrity of an information system includes only preservation without corruption of whatever was transmitted or entered into the system, right or wrong. Availability: For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disru ptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks. Almost all modern organizations are highly dependent on functioning info rmation systems. Many literally could not operate without them. Availability, like other aspects of security, may be affected by purely technical issues (e.g., a malfunctioning part of a computer or communications device), natural phenomena (e.g., wind or water), or human causes (accidental or deliberate). While the relative risks associated with these categories depend on the particular context, the general rule is that humans are the weakest link. (That's why each user's ability and willingness to use a data system securely are critical.)
PERFORM
THEIR
HACK
There are several ways using which Hackers perform Hack attacks. I have broken a complete Hacking attempt into several phases (generally). How a hacker performs hacking attempt is solely dependent on Hacker but we can tell the fundamentals of doing it because fundamentals are always same. Most hackers architect their hacking attempt before performing a hacking attempt to understand what he is going to do and how he is going to perform it and how he will prevent himself from being caught. Hackers who hack without thinking anything prior are considered as novice hackers and they can be easily tracked or caught during the process because each step is damn important. Also chances of success increases when we follow some procedure rather than following nothing. I have divided any hacking attempt into 5 different phases mentioned below: Phase 1: Information Gathering and Reconnaissance Phase 2: Scanning the target Phase 3: Breaking the system and Gaining the Access Phase 4: Maintaining the access without getting acknowledged Phase 5: Removing and covering traces This is how a hacking attempt is launched o r performed. Now lets learn these phases in detail to get a clear view.
Consider an example: I want to hack somebodys Facebook account. Now what exactly we are looking in Information Gathering Phase; First whose Facebook account I want to hack, name of the user, his date of birth, his email address, his phone numbers(current and previous one if possible), his/her fianc/spouse details, his city of birth, his education background, his favorite things, passions, hobbies etc. We all know that we can extract above mentioned things quite easily. Now how this can be useful. First we can use above information for launching Social Eng ineering attack (according to latest research 80% people use passwords that are related to above details). Secondly we can use these details to retrieve accounts or recover passwords. Thirdly, we can use his/her favorites/hobbies/passions to create a phishing/Key logging trap. We can do much more these are just examples. I hope this clears why this is so much important step or phase.
Is there any assurance that hacking attempt is successful, if hackers followed above phases? Young generation want to become Ethical Hacker or just want to limit itself to Girlfriends email and Facebook? Excited to learn further! Wait for next issue.
PHASE 4: MAINTAIN ING THE AC C ESS WITHOUT G ETTING AC KNOWLEDGED In this phase Hacker tries to maintain his ownership inside the victim s system or web server. By ownership, I meant that we can upload, download, configure or manipulate the data whenever we want. Maintaining access depends upon the host system. For Example, if we have hacked into victims computer system, we will install keyloggers, backdoors or spy rootkits so that we can remain inside the victims system. Now if we have hacked into some website, then we will create one more admin user inside the database or change the file permissions or simply enable the anonymous login so that whenever we want, we can hack into website again. Hence the tools like keyloggers, Rats, Trojans, spywares are general tools to maintain access into the system.
to jail or need to pay defamation charges. Hence its always mandatory to cover your tracks to avoid legal action against you.
If a Hacker wants to get into your system then he will, what all you can do is that make his entry harder.