ethical hacking
TRANSCRIPT
“It's actually a smarter crime because imagine if you rob a
bank, or you're dealing drugs. If you get caught you're going to spend a lot of time in custody.
But with hacking, it's much
easier to commit the crime and the risk of punishment is slim to
none.
”
Submitted toMr Purushottam Das
Presented ByPunit GoswamiCSE 3rd Sem
Ethical Hacking
Offense as the best defense
What is hacking ?
A little clarification…
▪ Hacking is any curiosity driven approach to finding weakness in a system.
▪ Exploiting these weaknesses depends on the purpose of breaching.
▪ Commonly misunderstood as a cracker.
▪ Cracker is somebody who uses the breaches and exploits in a system only for malicious usage.
▪ Hacking is about making things do what they were not made to do.
▪ A person who uses breaches and exploits for increasing knowledge or breaches them for security auditing is a Hacker.
Kinds of hackers…
Because hackers too occur of kinds…
Hackers too come in types…▪ Script Kiddie:
Knows how to use tools or methods made by experienced hackers.
Does not necessarily know or understand the background working of the tools or methods.
Is just curious or wants to show off.
Hackers too come in types…▪ White Hat Hackers:
Do hacking for research and defensive purposes.
Try to improve the robustness of a system by finding flaws in a security system and fixing them.
Mostly work for or in an organization or individually.
Hackers too come in types…▪ Black Hat Hacker:
Hackers with malicious intents while breaking into a system.
Cyber criminals who steal money, passwords, infect systems.
Practically everything that media shows about hacking and its illegal strings.
Hackers too come in types…▪ Grey Hat Hackers:
Are neither purely malicious nor completely defensive.
Their nature depends on the situation.
May not have malicious intents but would still like to break into the systems that they are not authorized to.
Hackers too come in types…▪ Hacktivist:
A new genre of hackers.
Use their collective knowledge and potential to protest against politically or religiously sensitive issues.
Have become the most popular category of hackers being talked about nowadays.
The C-I-A Triad
Basic security concepts…
Basic Security Concepts▪ Confidentiality
When information is compromised by someone not authorized to do so it is a loss of confidentiality.
Is an important attribute.
Requires internal cohesiveness of set of data.
Research papers
Insurance records
New product Specifications
Private Information of People
Basic Security Concepts▪ Integrity
For an information which is very sensitive, its corruption can be disastrous.
If this information is kept on an unsecured network, chances of it being corrupted, modified or changed increases.
This loss of integrity indicates that unauthorised changes have been made to the information.
Electronics fund transfer, Air traffic controlling, Financial accounting
Basic Security Concepts▪ Availability
This is often the most important criteria in service oriented businesses.
When information is erased or becomes inaccessible to an authorised entity, it is loss of availability.
Phases of Hacking
o Information
Gathering
oScanning
oGaining Access
oReporting
Vulnerability
oMaintaining Access
oCovering Tracks
Information Gathering
Scanning
Gaining Access
Reporting Vulnerability
Maintaining Access
Covering Tracks
History of Hacking
Tracing the roots…
▪ Early 1970s: John Draper made a long distance call
for free by blowing a precise tone into a telephone
that told the phone system to open the line.
▪ Early 1980s: Milwaukee based 414s charged of 60
computer break-ins from Memorial Sloan Kettering
Cancer Centre to the Los Alamos National
Laboratory.
▪ Late 1980s: 25 year old Kevin Mitnick secretly
monitors the emails of MCI and Digital Equipment
security officials.
▪ Early 1990s: AT&T long distance service made to crash on Martin Luther King Jr. Day.
Security breach into Griffith Air Force Base Station, pewit computers at NASA and the Korean Atomic Research Institute.
▪ Michael Shim
E-bay
Amazon
and Yahoo.
15 years old.
Methods to Hacking
The different ways and paths taken during a hacking process…
System Hacking
oPassword Cracking Use probabilities of password guesses to match with the original passwords.Brute Forcing Matching all possible key combinations.Dictionary Attacks Using dictionary words to crack passwords.Key logging Tracking and spying on the inputs done on a system through the keyboard.
System Hacking
oRootkits and RATs Use malwares or spywares to observe and steal files containing passwords or their hashes.
1. Application Level Rootkits
2. Kernel Level Rootkits
3. Hardware Level Rootkits
4. Boot loader Level Rootkits
SQL Injection
oSimple SQL Injection Practical approach of bypassing login form using malicious SQL entries. Example:
If you put ‘or’1’=‘1 in both username and password fields of a login form vulnerable to SQL injection, then it bypasses the login form.
SQL Injection
oUnion SQL Injection The union operation of the SQL databases is used to find the vulnerable column of entries.This vulnerable column can be further used to rig out meta data about the database.
SQL Injection
oBlind SQL Injection It asks the database “True OR False” based questions and determines the answer based on the applications response.
SQL Injection
oAdvanced SQL Injection Error messages are used to extract information. Example:Warning: mysql_fetch_array():supplied argument is not valid MySQL result resource in D:\Inetpub\vhosts\kpccvicharvibhag.org\httpdocs\admin\classes\clsCollection.php on line 124
Above is a generic error message through which we can extract a lot of information about the database.
SQL Injection
oAdvanced SQL Injection1. Message says that the back-end is
running on MySQl2. Path stated starts with D:\inetpub\
vhosts… this means the Operating System is Windows based and the web server being used is IIS.