Introduction to information

security

Hacking.
What

is Hacking ?

In computer networking, hacking is any technical effort to

manipulate the normal behavior of network connections
and connected systems.
A hacker is any person engaged in hacking.
The term "hacking" historically referred to constructive,
clever technical work that was not necessarily related to
computer systems. Today, however, hacking and hackers
are most commonly associated with malicious
programming attacks on the Internet and other networks.

Hacking/Computer
Hacking.

HACKING:- Unlike most computer crime / misuse

areas which are clear cut in terms of actions and
legalities , computer hacking is more difficult to
define. There is no exact definition of hacking.
Hacking means finding out weaknesses in an
established system and exploiting them. Computer
hacking always involves some degree of
infringement on the privacy of others or damage
to computer-based property such as files, web
pages or software .

Infringement:etc.; violation.

the action of breaking the terms of a law, agreement,

WHO IS A HACKER?

WHO IS A HACKER?
The term Hacker was initially coined by the Model Railroad club at MIT. It generally
referred to any method or solution that functioned when referring to any type of
electronics or mechanical problems. The term eventually spread to include computer
hobbyists.
Back then, anybody who had an interest in programming or computing was
considered a "hacker". Perhaps a similar work would be "tinkerer" - someone who
liked to tinker with electronics, programming, general computing, etc...
The term was given a derogatory meaning by the media who portrayed criminals who
used similar skill sets as "hackers". Most people who consider themselves to be
Hackers today find this use unacceptable and will argue that the correct term for
these individuals is "Crackers" - people who crack security/software.

On hearing the word HACKER most of the peoples are scared. Most of them think of
hacker as a computer vandals. But hackers are not computer criminals. Traditionally,
hackers were computer geeks who know almost everything about computers both
hardware and software and are widely respected for there knowledge.

Introduction To Ethical
Hacking.
What

is Ethical Hacking?

The term "white hat" in Internet slang refers to

an ethical computer hacker, or a computer
security expert, who specializes in penetration
testing and in other testing methodologies to
ensure the security of an organization's
information systems.

Why Ethical Hacking Is

Performed

Ethical hacking performed to help a company or

individual identify potential threats on the
computer or network.

An ethical hacker attempts to hack their way past

the system security, finding any weak points in
the security that could be exploited by other
hackers.

The organization uses what the ethical hacker

finds to improve the system security, in an effort
to minimize, if not eliminate, any potential hacker
attacks.

Who Is Ethical Hacker?

An ethical hacker is a computer and network expert

who attacks a security system on behalf of its
owners, seeking vulnerabilities that a malicious
hacker could exploit. To test a security system,
ethical hackers use the same methods as their less
principled counterparts, but report problems instead
of taking advantage of them. Ethical hacking is also
known as penetration testing, intrusion testing and
red teaming. An ethical hacker is sometimes called a
white hat, a term that comes from old Western
movies, where the "good guy" wore a white hat and
the "bad guy" wore a black hat.

Who Is Cracker?

A cracker is someone who breaks into someone

else's computer system, often on a network;
bypasses passwords or licenses in computer
programs; or in other ways intentionally breaches
computer security. A cracker can be doing this for
profit, maliciously, for some altruistic purpose or
cause, or because the challenge is there. Some
breaking-and-entering has been done ostensibly
to point out weaknesses in a site's security

What A Cracker Can

Do???

A cracker is the one who does cracking. Cracking

is the act of breaking into a computer system,
often on a network.

A cracker can be doing this for profit, maliciously,

for some altruistic purpose or cause, or because
the challenge is there.

Some breaking-and-entering has been done

ostensibly to point out weaknesses in a site's
security system.

What A Hacker Can Do?

Hacking

is the means of bypassing a security system for the means of accomplishing a task that is prohibited
by the service or a machine.
Examples would be:
Deleting someone else's Facebook/Bebo/Myspace account

Getting

onto someone else xbox live account when the account info has been kept secret (this is only
hacking, if they get into the system themselves such as Xbox.com Admin)

Stealing

Your Bank Details

Stealing

Your Credit Card Details

Provides

Security

Identify

Loop Holes.

Can

Deface Websites.

Can

Inject Websites

Can

Spread Viruses

etc

derstand the difference of hacking and cracki

hical Hacking builds things

Cracking breaks them

Literal Definitions
Hacker :
Someone who uses hacks.
Cracker :
some one who destructs
things.
Hacks :
A different approach with
some significant advantage over the
current approach

Why do people
hack ?
To make security stronger ( Ethical
Hacking )
Just for fun
Show off
Hack other systems secretly
Notify many people their thought
Steal important information
Destroy enemys computer network

Types of Hackers

White-hat Hackers
The

good guys who identify the

security weakness of the system or
network and inform the owner about
them

Black Hat
Hackers
A black hat is the villain or bad

guy, who crash into victims

security to steal information and
destroy the victims security
network.
Also known as cracker.

Grey hat
Hackers
A grey hat, in the hacking

community, refers to a skilled

hacker who is somewhere in
between white and black hat
hackers

Language of
hackers
1 -> i or l
3 -> e
4 -> a
7 -> t
9 -> g
0 -> o
$ -> s
| -> i or l

|\| -> n
|\/| -> m
s -> z
z -> s
f -> ph
ph -> f
x -> ck
ck -> x

Example:
1 d1d n0t h4ck th1s p4g3, 1t w4s
l1k3 th1s wh3|\| 1 h4ck3d 1n

I did not hack this page, it was

like this when I hacked in.

World famous
hackers
Stephen

Wozniac

Tsutomu
Shimomura

 Kevin

Mitnick

Kevin

Poulsen

Female hacker

Random Fact !!!!

The

average age group of

hackers are aged between 14-24
yrs.

Cyber War

Welcomes to cyber
weapons list

Hacktivism

EXAMPLE OF
HACKTIVISM
INDIAN CYBER ARMY

PAKISTAN CYBER ARMY

Hacked by Pakistan
cyber army

HACKED BY INDIAN CYBER

ARMY

Continue..

Cyber Attacks

India and Pakistan

There were two such instances between India and Pakistan that involved
cyberspace conflicts, started in 1990s. Earlier cyber attacks came to known
as early as in 1999. Since then, India and Pakistan were engaged in a longterm dispute over Kashmir which moved into cyberspace. Historical
accounts indicated that each country's hackers have been repeatedly
involved in attacking each other's computing database system. The number
of attacks has grown yearly: 45 in 1999, 133 in 2000, 275 by the end of
August 2001. In 2010, Indian hackers laid a cyber attack at least 36
government database websites going by the name "Indian Cyber Army". In
2013, Indian hackers hacked the official website of Election Commission of
Pakistan in an attempt to retrieve sensitive database information. In
retaliation, Pakistani hackers, calling themselves "True Cyber Army" hacked
and defaced ~1,059 websites of Indian election bodies.
According to the media, Pakistan's has been working on effective
cyber security system, in a program called the "Cyber Secure Pakistan"
(CSP).The program was launched in April 2013 by Pakistan Information
Security Association and the program as expanded to country's universities

Central Bank Of India Hacked

Central Bank Of India Hacked by Pakistan Cyber Army and

Team MaDLeeTs

The official site of "Central Bank Of India" has been defaced

byPakistan Cyber Army and Team MaDLeeTs .

The deface seems to be a retaliation to defaces this morning by

"Indian Cyber Army" on many Pakistani Sites.

he reasons for the Indian attack was that today is the 5th anniversary
of the 26/11 terrorists attacks on Mumbai.

Mirror:-http://www.zone-hack.com/134702.html

Deface Link:-https://www.centralbankofindia.co.in/site/

Picture Used By Pak

Cyber Army

State Bank Of Patiala

Hacked
State

Bank Of Patiale Database +Site

Pictures.

Hindi Site Of State Bank Of

Patiala

Poonam Pandeys websitehacked

Poonam

Pandey said, I was shocked

to know that someone had hacked
my website.

Poonam

Pandey Shouted On Twitter

Heya

heya My Website Got

Hacked ???

Hacker

Posted Free Kashmir Message

Poonam Pandey Reported It

At Cyber Crime Police.

Deface Page Used By

Hacker

Peoples Democratic Party

Website Hacked

Avira, AVG, Alexa and WhatsApp websites hacked by KDMS

Team

The

Pro Hacker Group KDMS Defaced

Top Domains

Facebook Almost Hacked By

Sea
SEA:-Syrian

Electric Army
On the 10th Birthday Of Facebook ,Its
Domain Got Hacked By Pro Hacker
Group Known as Syrian Electric
Army.
Hackers Penetrated Markmonitor and
Hacked Domain Panel Of
Facebook.com.

Picture Send By SEA

40 Sensitive Government Websites of pakistan got

Hacked

Official Website Of Ihgi

Hacked

South African Domain Registrar

Hacked

Anonymous

HACKED BY
ANNONYMOUS

Anonymous Facts..

Ethics of hacking
The

hacker ethic refers to the

feelings of right and wrong, to the
ethical ideas this community of
people hadthat knowledge should
be shared with other people who can
benefit from it, and that important
resources should be utilized rather
than wasted

Question And Answer

Session

SOCIAL ENGINEERING

HISTORY OF SOCIAL
ENGINEERING
the

term social engineer was

introduced in an essay by the Dutch
industrialist J.C. Van Marken in 1894.
The idea was that modern employers
needed the assistance of specialists
"social engineers"in handling the
human problems of the planet, just
as they needed technical expertise
(ordinary engineers) to deal with the
problems of dead matter (materials,

Great social Engineer.

Social Engineering
Toolkit

How to Do Social Engineering?

Question And Answer

Session

Google Hacking

What is Google hacking

It's not hacking into Google servers!
Google hacking is using different
Google operators to effectively
optimize search results
It also involves using Google to
identify vulnerabilities in websites
Results are highly customizable.

Google algorithm

Google Hacking
Operators
Intitle:
Google returns results
with the word/phrase
found within the title
of the page
Intitle:index.of

Inurl:
Finds a specific term
within the URL
Inurl:view/index.shtml

Filetype:
Searches for a
specific filetype
filetype:pdf
filetype:txt

Google
Hackingapgproach
We

use some Google tricks to watch

online cam.

inurl:viewerframe?mode=motion

Did you know ?

Social

networking sites like

FACEBOOK,GMAIL,YAHOO
comprised of 60% of direct or
indirect hacking incidents.

Gmail hacking
Gmail

hacking step
1).Gmail login page
2).webhosting
website
3).hacking script

Most popular
virus
Links

involving private
pictures of celebrities.
Links showing pictures of
famous personalities like
Gaddafis dead body or
videos of Osama Bin Ladens
killing.

Creating virus
Jps

virus maker

Another popular
scam
Facebook lottery scam.

Website hacking
We can bypass website one of the following ways:

#Sql injection

Popular Hacked
sites

www.jntu.ac.in was hacked on 7 Nov 2010.

www.songs.pk was hacked on 15 July 2011.
Songs.pk

JNTU homepage after it

was hacked

Some admin
passwordasswords
some

default admin passwords..

username:root,tiger,unix,admin
Password:toor,scott,linux,passw
ord

Preventive
measures
Install

a strong anti-virus
Always run a anti-virus check before
you download a program or a file
from the internet.
Avoid disclosing personal details like
phone number, credit card details to
strangers.

Phone phreaking
A

phone phreak is someone who loves

exploring the telephone system and
experimenting with it to understand
how it works..

How to become Hacker

The best approach is to gain as
much knowledge about stuff as
you can.
Good command over C / C++ /
Perl will definitely help.
But above all you need a good

carrier in ethical hacking

Entry

Level - IS Executive Manager (Role: to

correlate broad security guidelines of the
organisation with security operations.)
Middle Level IS Manager (Role: Security
program management, data security, ploicy
creation/maintenance, business continuity/
disaster recovery)
Senior & Top Level Chief IS Manager (Role:
Design and development ofinformation
security policy. Regulatory compliance,
information security governance)

Continue
Senior

& Top Level Security Advisors/

Auditors (Role: Advisory services for
information security, policy design, risk
assessment, compliance to global/industry
standards)
Senior & Top Level Chief Information
Officer (Role: Justifying the cost of ongoing
and future investments to mitigate
information risks, aligning business
objectives with a concise security strategy)

According to the Government

ofIndia
According

to the Government
ofIndia, a demand for 4.7 lakh
Cyber Security Professionals is
estimated by2015....Ethical
Hackinghas become the need of
the hour for not only corporate
organizations, but also for
government departments.